skills/mukul975/anthropic-cybersecurity-skills/performing-web-application-firewall-bypass/Gen Agent Trust Hub
performing-web-application-firewall-bypass
Warn
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Python script (scripts/agent.py) and a collection of shell command examples in SKILL.md (using curl, nc, sqlmap, and wafw00f) designed to automate the delivery of security attack payloads such as SQL injection, XSS, and path traversal to target web applications.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as the agent processes untrusted response data from external servers during WAF testing.\n
- Ingestion points: The WAFBypassAgent class in scripts/agent.py reads the text content and status codes from remote HTTP responses (resp.text and resp.status_code).\n
- Boundary markers: The script does not implement delimiters or explicit instructions to the agent to ignore embedded commands when processing or reporting these responses.\n
- Capability inventory: The script performs automated network operations using the requests library, allowing it to send arbitrary payloads via GET, POST, and other HTTP methods.\n
- Sanitization: No sanitization, validation, or filtering of the remote response content is performed before the data is included in the findings report.
Audit Metadata