security-scanning-security-hardening
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to utilize powerful security tools, including Metasploit, Burp Suite, and 'custom exploits' for penetration testing. While appropriate for the skill's stated purpose, these represent a significant capability surface that could be dangerous if misdirected.
- [REMOTE_CODE_EXECUTION]: The assessment phase involves the execution of external security scanning tools like Semgrep, Snyk, and OWASP ZAP. These operations involve executing code or binaries on the target environment to identify vulnerabilities.
- [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection by accepting arbitrary input in the $ARGUMENTS parameter and interpolating it directly into instructions for subagents.
- Ingestion points: The $ARGUMENTS parameter used throughout Phase 1 to Phase 4 in SKILL.md.
- Boundary markers: Absent; there are no delimiters or instructions to ignore instructions found within the input arguments.
- Capability inventory: The skill can execute system commands, write code patches, modify cloud infrastructure (WAF, IAM), and access secrets managers.
- Sanitization: There is no evidence of input validation or sanitization before passing data to subagents.
Audit Metadata