skills/mukul975/anthropic-cybersecurity-skills/conducting-external-reconnaissance-with-osint/Gen Agent Trust Hub
conducting-external-reconnaissance-with-osint
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The script
scripts/agent.pyingests data from external sources viaenumerate_subdomains_crtsh,enumerate_dns_records,shodan_org_search,check_web_technologies, andsearch_github_leaks. - Boundary markers: No delimiters or explicit instructions are provided to the agent to ignore or isolate potential malicious instructions embedded in the gathered OSINT data.
- Capability inventory: The skill possesses network request capabilities and filesystem write access.
- Sanitization: No sanitization or validation of the data retrieved from external APIs or target headers is performed before output generation.
- [COMMAND_EXECUTION]: The
SKILL.mdworkflow documentation provides the agent with several shell commands for external tools likeamass,subfinder,dig, andwafw00f. While these are standard security tools, their execution involves interacting with external environments based on target-provided strings. - [SAFE]: The skill interacts with well-known and reputable services including Google DNS, GitHub, Shodan, and crt.sh for legitimate information gathering purposes.
- [SAFE]: The
check_web_technologiesfunction inscripts/agent.pydisables SSL verification (verify=False). This is a documented best-practice violation but is common in security reconnaissance tools to maintain compatibility with varied target configurations.
Audit Metadata