aircrack-ng
Fail
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
airmon-ng check kill, a command that terminates essential system networking processes such as NetworkManager and wpa_supplicant. This results in the disruption of the host machine's internet connectivity and network management. - [COMMAND_EXECUTION]: Includes instructions for
aireplay-ngto perform deauthentication attacks. This involves sending malicious frames to force wireless clients to disconnect from their access point, which is an active denial-of-service attack. - [EXTERNAL_DOWNLOADS]: Recommends the installation of the
aircrack-ngsuite via Homebrew or APT. While these are trusted package managers, the software grants the agent low-level control over network hardware and system services. - [PROMPT_INJECTION]: Exposed to indirect prompt injection through
airodump-ngoutput. Ingestion points: The agent reads untrusted wireless network metadata like SSIDs during scanning. Boundary markers: None specified to separate network data from instructions. Capability inventory: Access to shell execution and network disruption tools. Sanitization: No explicit validation or escaping of SSIDs which could contain malicious control sequences targeting the agent.
Recommendations
- AI detected serious security threats
Audit Metadata