ctf-web
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Remote Code Execution] (SAFE): The skill provides numerous RCE payloads for various languages and frameworks (e.g., Jinja2, EJS, Node.js VM escapes). These are documented as informational templates for CTF challenges and are not executed by the skill's internal logic.
- [Data Exfiltration] (SAFE): Includes examples of XSS exfiltration payloads using fetch to log cookies to external domains, which are intended as proof-of-concept templates for security challenges.
- [Indirect Prompt Injection] (LOW): The skill is designed to analyze potentially malicious data from CTF challenges, creating a surface for indirect prompt injection. 1. Ingestion points: Analyzing source code or traffic from CTF challenges. 2. Boundary markers: Absent in provided documentation. 3. Capability inventory: Snippets for shell execution, file reading, and network requests across multiple files. 4. Sanitization: Absent. This is considered a low-severity risk due to the skill's specialized use case.
Audit Metadata