ctf-recon
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes the Bash tool to execute standard reconnaissance utilities such as nmap, ffuf, and gobuster. These actions are aligned with the stated primary purpose of CTF reconnaissance.
- DATA_EXFILTRATION (SAFE): The network operations (curl, nmap) are directed at the reconnaissance target to retrieve information as requested by the user. There is no evidence of exfiltrating the agent's environment secrets or sensitive local files to an unauthorized third party.
- PROMPT_INJECTION (SAFE): Indirect Prompt Injection surface detected. 1. Ingestion points: Output from curl, nmap, and git-dumper is processed by the agent. 2. Boundary markers: None present in the command templates. 3. Capability inventory: Access to Bash, Read, Write, and Edit tools allows for significant downstream actions. 4. Sanitization: No explicit sanitization of remote data is implemented. The risk is inherent to the primary reconnaissance purpose and is mitigated by the intended CTF context.
Audit Metadata