api-fuzzing-bug-bounty
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run local reconnaissance tools such as Kiterunner (kr) and Python scripts (json2paths.py) to perform API discovery.
- [COMMAND_EXECUTION]: Provides high-risk payloads for testing target APIs, including remote command injection strings such as ';ls /' and '|ls'.
- [DATA_EXFILTRATION]: Documents payloads for Local File Inclusion (LFI) and path traversal aimed at accessing sensitive system files such as /etc/passwd and Windows web.config.
- [EXTERNAL_DOWNLOADS]: References a comprehensive list of external community tools and GitHub repositories for API fuzzing and exploitation which are unverified third-party sources.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted data during the testing workflow.
- Ingestion points: Processes external files like swagger.json and openapi.json in SKILL.md, and parses dynamic API responses from REST and GraphQL endpoints.
- Boundary markers: No delimiters or safety instructions are present in the skill to separate agent instructions from the external data being analyzed.
- Capability inventory: The skill utilizes subprocesses for reconnaissance tools and curl for network interaction, providing a significant impact surface if injected.
- Sanitization: Lacks any evidence of sanitization, escaping, or validation for content retrieved from external API documentation or responses.
Audit Metadata