broken-authentication
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection as it requires the agent to parse and analyze potentially untrusted data from external target web applications.\n
- Ingestion points: The agent ingests HTTP response bodies, headers, and cookie values from external URLs during session and MFA testing phases (e.g., Phase 6 and Phase 9).\n
- Boundary markers: The instructions lack explicit boundary markers or warnings to disregard instructions that might be embedded in the target's HTTP responses.\n
- Capability inventory: The agent is provided with the capability to execute shell commands (via Hydra) and Python scripts (via requests and hashlib).\n
- Sanitization: No data sanitization or validation protocols are defined for handling the output from analyzed authentication endpoints.\n- [COMMAND_EXECUTION]: The skill contains predefined command-line templates for executing the Hydra brute-force tool and instructions for running Python scripts to perform statistical analysis on session tokens.\n- [DATA_EXFILTRATION]: The workflow utilizes the Python requests library and various CLI tools to perform network requests to target application URLs, which facilitates the transfer of authentication-related data to external systems.\n- [EXTERNAL_DOWNLOADS]: References external security datasets and wordlists, such as SecLists and the rockyou.txt repository, for use in credential testing and brute-force scenarios.
Audit Metadata