Red Team Tools and Methodology
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill is primarily composed of shell command templates for security reconnaissance. While these involve executing numerous third-party binaries (Amass, Nuclei, Ffuf, etc.), this is the stated primary purpose of the skill for security research and methodology. The risk is minimized as the commands are instructional templates rather than automated scripts executing on hidden inputs.
- INDIRECT_PROMPT_INJECTION (LOW): The workflow involves ingesting data from external sources such as historical URL archives (Wayback Machine) and live web responses via tools like
waybackurls,gau, andcurl. - Ingestion points:
SKILL.md(sections 5, 7, and 10) uses outputs from external URL miners. - Boundary markers: Absent; data is piped directly into other tools.
- Capability inventory: Subprocess calls to a wide variety of CLI tools for network scanning and fuzzing.
- Sanitization: Not present in the provided bash snippets; tools like
qsreplaceanddalfoxare used to process and test the untrusted data directly. - EXTERNAL_DOWNLOADS (SAFE): The documentation refers to various third-party security tools hosted on GitHub. While it encourages their installation and use, it does not include malicious one-liner install scripts or remote code execution patterns.
Audit Metadata