Skills
skills/sickn33/antigravity-awesome-skills/ffuf-web-fuzzing/Gen Agent Trust Hub

ffuf-web-fuzzing

Warn

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documentation includes multiple examples for executing a Python script named 'ffuf_helper.py' (e.g., 'python3 ffuf_helper.py analyze results.json'). Since this script's content is not present in the provided skill files, its operations on the local file system or potential for malicious behavior cannot be audited.
  • [EXTERNAL_DOWNLOADS]: The installation section provides instructions to download and install 'ffuf' via 'go install' or direct binary downloads from GitHub. While 'ffuf' is a standard utility, these directives involve the execution of code retrieved from external sources.
  • [PROMPT_INJECTION]: The 'Notes for Claude' section contains explicit directives intended to influence the agent's behavior and command generation logic, such as the requirement to 'ALWAYS include -ac' in all suggested commands.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 15, 2026, 08:58 AM