SQL Injection Testing
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill provides specific SQL payloads designed to exfiltrate database information to external, potentially malicious domains such as attacker.com and attacker-server.com.
- [COMMAND_EXECUTION]: It mandates and guides the use of automated exploitation tools, specifically SQLMap, for identifying and exploiting database vulnerabilities.
- [REMOTE_CODE_EXECUTION]: The skill includes payloads for performing out-of-band network operations from a target server (e.g., DNS exfiltration via LOAD_FILE or HTTP requests via UTL_HTTP), which constitutes remote command execution on the target database environment.
- [CREDENTIALS_UNSAFE]: It provides actionable techniques and payloads for bypassing login authentication and extracting sensitive credentials from database tables like 'admin_users' and 'users'.
Recommendations
- AI detected serious security threats
Audit Metadata