metasploit
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the direct execution of high-privilege penetration testing tools including
msfconsoleandmsfvenomon the host system. - [COMMAND_EXECUTION]: User-provided variables such as
<target>,<LHOST>, and<LPORT>are interpolated directly into shell commands, which poses a command injection risk if the inputs are not properly sanitized. - [COMMAND_EXECUTION]: The skill's primary purpose involves the generation of malicious binary and script payloads (e.g., ELF, EXE, PHP, and Python reverse shells) for remote access.
- [EXTERNAL_DOWNLOADS]: It references official installation resources from Metasploit's documentation at
docs.metasploit.com(a well-known security service) to assist with environment setup.
Audit Metadata