nikto
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands to check tool status and execute the 'nikto' binary alongside several local bash scripts (e.g., 'scripts/nikto/scan-specific-vulnerabilities.sh'). This functionality relies on the agent's ability to perform command-line operations, which can be exploited if input parameters like '' are not strictly validated or sanitized by the platform.
- [CREDENTIALS_UNSAFE]: The skill explicitly suggests patterns for authenticated scanning using HTTP Basic Auth credentials ('-id user:pass') and session cookies ('-C'). Transmitting credentials as command-line arguments is insecure because they can be captured in process lists, shell history, and system logs.
- [DATA_EXFILTRATION]: While designed for security auditing, the tool's ability to probe network targets and save detailed vulnerability reports to the local file system (e.g., 'report.html', 'report.csv') could be leveraged to extract information about the environment.
- [PROMPT_INJECTION]: The skill processes output from external web servers which are untrusted sources. This creates a surface for indirect prompt injection. 1. Ingestion points: Results from 'nikto' scans are ingested into the agent's context. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided. 3. Capability inventory: The skill has access to shell execution via 'bash' and 'nikto'. 4. Sanitization: No evidence of sanitization or validation of the scanned server's output is present in the skill definition.
Audit Metadata