exploiting-ipv6-vulnerabilities
Warn
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions to execute high-privilege offensive tools using sudo, including mitm6 for DNS spoofing and impacket-ntlmrelayx for capturing and relaying NTLM authentication credentials.
- [COMMAND_EXECUTION]: The script scripts/agent.py utilizes the subprocess.run module to execute the ip6tables system command, enabling the agent to inspect or modify the host's IPv6 firewall configuration.
- [COMMAND_EXECUTION]: Functional Python code snippets are provided in the SKILL.md documentation to perform active network attacks, such as injecting rogue Router Advertisements and spoofing Neighbor Advertisements using the Scapy library.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists where the agent processes untrusted network traffic data that could influence its behavior.
- Ingestion points: The scripts/agent.py script captures and parses live network packets using scapy.sniff.
- Boundary markers: Absent; there are no delimiters separating data from instructions.
- Capability inventory: The scripts/agent.py script has the ability to execute system commands via subprocess.run.
- Sanitization: Absent; the script extracts fields from network packets and incorporates them into reports and logs without validation or escaping.
Audit Metadata