The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill includes Python examples that demonstrate how to fetch JWKS and OpenID configurations from target API endpoints for vulnerability research.
[COMMAND_EXECUTION]: The 'agent.py' script performs local file operations to read RSA public keys and write analysis reports, which is consistent with its role as a security testing utility.
[SAFE]: Comprehensive analysis of all skill files revealed no evidence of prompt injection, data exfiltration, or unauthorized persistence mechanisms.

exploiting-jwt-algorithm-confusion-attack