Skills
NYC
skills/smithery/ai/Offensive Security Skill/Gen Agent Trust Hub

Offensive Security Skill

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: CRITICALCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (CRITICAL): The skill uses the Bash tool to execute Metasploit modules and manage C2 frameworks. This allows for arbitrary command execution under the guise of security testing.
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The skill is explicitly designed to 'Generate Cobalt Strike payloads' and 'Create custom implants'. This involves the creation and deployment of executable malicious code.
  • [DATA_EXFILTRATION] (HIGH): The 'credential harvesting' capability, combined with file read/write permissions, indicates a high risk of sensitive data being accessed and potentially moved off-system.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on external offensive dependencies like Sliver C2 and Havoc C2 which would require untrusted downloads to be functional.
  • [PRIVILEGE_ESCALATION] (HIGH): Capabilities like 'lateral movement' and 'credential harvesting' are direct indicators of intent to escalate privileges within a compromised environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 16, 2026, 08:35 AM