The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references external tools including websocat (installed via Cargo), wscat (installed via NPM), and the websockets library (installed via pip).
[COMMAND_EXECUTION]: The skill provides a Python scanner (agent.py) and CLI workflows that execute network probes and send security testing payloads (SQLi, XSS, Command Injection) to user-specified targets.
[PROMPT_INJECTION]: The agent.py script ingests data from external WebSocket servers (via ws.recv), creating an attack surface for indirect prompt injection. 1. Ingestion points: agent.py (lines 103, 127) reads messages from remote servers. 2. Boundary markers: Absent. 3. Capability inventory: Network requests (requests/websockets) and local file write for report generation. 4. Sanitization: Keyword-based detection is used for identifying vulnerabilities, but the received content is not escaped or sanitized before processing or storage.
[DATA_EXFILTRATION]: Documentation includes a proof-of-concept for Cross-Site WebSocket Hijacking (CSWSH) that demonstrates the exfiltration of sensitive data from a victim session to an attacker-controlled server.
[SAFE]: The Python agent script uses verify=False in requests.get calls, which disables SSL certificate verification. While this is a security risk (susceptible to MITM), it is a common configuration in penetration testing tools for interacting with internal or self-signed targets.

exploiting-websocket-vulnerabilities