Probe
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the Nuclei security scanner from ProjectDiscovery's official GitHub repository (
github.com/projectdiscovery/nuclei). As an established security tool from a well-known vendor, this is documented neutrally as an intended dependency. - [COMMAND_EXECUTION]: The skill is designed to execute and coordinate security testing tools such as OWASP ZAP, Burp Suite, and Nuclei to perform authorized vulnerability assessments.
- [PROMPT_INJECTION]: The skill processes untrusted data from external targets during security scans, presenting an indirect prompt injection surface. This is addressed by the following evidence chain:
- Ingestion points: Target web applications, GraphQL endpoints, and REST APIs during scanning (referenced in
SKILL.mdandreferences/zap-scanning-guide.md). - Boundary markers: Defined in the 'Core Contract' and 'Boundaries' sections of
SKILL.md, establishing strict scope and authorization rules. - Capability inventory: Execution of DAST tools (ZAP, Nuclei), raw HTTP request construction, and SARIF report generation (
SKILL.md,references/sarif-integration.md). - Sanitization: Implementation of 'Proof-Based Scanning' and safe payload families to ensure only non-destructive, verifiable evidence is used (
references/dast-anti-patterns.md,references/vulnerability-testing-patterns.md).
Audit Metadata