The Agent Skills Directory

[SAFE]: The skill functions as a standard cybersecurity utility. Its operations, including network communication and data ingestion, are directly related to its stated purpose of API security testing.
[DATA_EXFILTRATION]: The script performs network requests to target URLs defined by the user. It transmits user-supplied authorization tokens to these targets to perform authenticated tests. This is required functionality for the tool's primary use case.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes data returned from external API endpoints.
Ingestion points: JSON responses from target endpoints in scripts/agent.py.
Boundary markers: Not utilized; the tool directly evaluates response fields.
Capability inventory: Outbound network access and filesystem write access for report generation in scripts/agent.py.
Sanitization: Relies on standard JSON library parsing; no additional filtering or sanitization of external data is performed before processing.

testing-api-for-mass-assignment-vulnerability