skills/mukul975/anthropic-cybersecurity-skills/testing-for-broken-access-control/Gen Agent Trust Hub
testing-for-broken-access-control
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill is a standard framework for performing security audits on web application authorization mechanisms. All provided content is consistent with its stated professional purpose.
- [COMMAND_EXECUTION]: The documentation includes bash command examples for 'curl' and 'ffuf', which are routine tools for security testing. These commands are intended for manual execution against targets where the user has explicit authorization.
- [EXTERNAL_DOWNLOADS]: The 'scripts/agent.py' script utilizes the widely-used 'requests' library for HTTP communication. It includes a practice of disabling SSL warnings and certificate verification ('verify=False'), which, while not recommended for production code, is a standard convenience in penetration testing for internal environments.
- [SAFE]: A minor inconsistency exists between the author name 'mahipal' in the metadata and 'mukul975' in the license. This is considered a template or documentation error and does not represent a malicious threat vector.
Audit Metadata