scanning-tools
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires administrative privileges to function, allowing the agent to execute powerful system commands.
- The skill makes extensive use of sudo for tools such as nmap, airmon-ng, airodump-ng, lynis, and gvm-setup.
- It includes commands for the Metasploit Framework (msfconsole), which can be used for vulnerability validation and exploitation.
- [EXTERNAL_DOWNLOADS]: The skill triggers the installation of external software during runtime.
- It includes pip install commands for prowler and scoutsuite, which are well-known security assessment tools.
- It references Docker images from the official OWASP repository (owasp/zap2docker-stable).
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing external network data.
- Ingestion points: The agent is instructed to read and process outputs from tools like nmap (XML), nessuscli, and nikto.
- Boundary markers: There are no instructions or delimiters defined to prevent the agent from being influenced by malicious content embedded in scan results (e.g., a service banner containing instructions).
- Capability inventory: The skill has broad capabilities, including system-level command execution via sudo and the ability to write files to the local system.
- Sanitization: There is no evidence of sanitization or filtering of the external data before it is ingested into the agent's context.
Audit Metadata