The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions describe using automated exploitation tools like sqlmap to perform high-privilege operations, such as obtaining an operating system shell via the --os-shell command on the target database server.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection. \n
Ingestion points: The scripts/agent.py script makes HTTP requests to user-provided URLs and retrieves their content for analysis. \n
Boundary markers: The agent does not use any delimiters or specific instructions to treat target response data as untrusted or separate from its internal logic. \n
Capability inventory: The script uses the requests library for network access and the json library to write report data to the local filesystem. \n
Sanitization: External data from the target website is processed directly using regular expressions and length comparisons to identify vulnerabilities, without any prior validation or sanitization of the content itself.
[SAFE]: The Python script scripts/agent.py disables SSL/TLS certificate verification using verify=False in its network requests. While this is a poor security practice that exposes the session to man-in-the-middle attacks, it is often seen in penetration testing tools and does not constitute a malicious agent behavior toward the user.

exploiting-sql-injection-vulnerabilities