red-team-tools
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes numerous security-focused CLI tools, such as amass, subfinder, httpx, and nuclei, to automate reconnaissance and vulnerability scanning tasks.
- [EXTERNAL_DOWNLOADS]: The workflow relies on retrieving data from multiple external sources, including bgp.he.net and the Wayback Machine, to identify target assets and historical endpoint data.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its reliance on untrusted external data. Ingestion points: Untrusted URL and subdomain data are ingested from sources like waybackurls and gau. Boundary markers: There are no boundary markers or instructions to prevent the agent from being influenced by malicious content within the ingested data. Capability inventory: The skill allows the agent to execute system commands and perform network operations using the ingested data. Sanitization: External inputs are passed to subsequent tools without validation, which could be exploited if a source returns a maliciously crafted payload.
Audit Metadata