ssh-penetration-testing
Fail
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill includes a hardcoded SSH public key placeholder ('ssh-rsa AAAAB3...') intended for use in establishing persistence on target systems.
- [DATA_EXFILTRATION]: Provides instructions to search for, read, and exfiltrate sensitive files such as private SSH keys (id_rsa, id_dsa, etc.) and shell history. It explicitly details using 'curl' to download private keys from remote web servers.
- [COMMAND_EXECUTION]: Implements a high volume of shell commands for scanning and brute-forcing using tools like Hydra, Medusa, Nmap, and Metasploit.
- [REMOTE_CODE_EXECUTION]: Includes a Python implementation using the Paramiko library that utilizes 'exec_command' to run arbitrary shell commands on remote systems after establishing a connection.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted target information and wordlists without sanitization.
- Ingestion points: Target host IP/hostname variables, username and password wordlists (e.g., users.txt, passwords.txt).
- Boundary markers: None provided to distinguish between data and instructions.
- Capability inventory: Subprocess execution of nmap, hydra, medusa, and metasploit; Python Paramiko 'exec_command'.
- Sanitization: No validation or escaping of external inputs before interpolation into commands.
Recommendations
- AI detected serious security threats
Audit Metadata