Skills
skills/patrykquantumnomad/networking-tools/ffuf/Gen Agent Trust Hub

ffuf

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Shell commands are used to check for the ffuf binary and its version on the system.
  • [COMMAND_EXECUTION]: The skill executes the ffuf binary and local bash scripts provided by the author (PatrykQuantumNomad) to perform fuzzing operations.
  • [EXTERNAL_DOWNLOADS]: The skill references installation of ffuf and cloning of SecLists from their official, well-known GitHub repositories.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists through the ingestion of external web responses. 1. Ingestion: HTTP response data (headers, bodies) from fuzzing targets. 2. Boundaries: No explicit delimiters are specified for tool output. 3. Capabilities: System command execution and local script invocation. 4. Sanitization: Target validation is performed against a scope configuration file via a pre-tool execution hook.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:16 PM