amass
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the Amass binary archive from its official GitHub releases page.
- [REMOTE_CODE_EXECUTION]: Instructs the agent to install the tool directly from a remote source using the Go compiler.
- [PRIVILEGE_ESCALATION]: Uses sudo commands to move downloaded binaries into system directories during installation.
- [COMMAND_EXECUTION]: The skill utilizes the amass CLI and provides a Python script that executes shell commands via the subprocess module.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from certificate transparency logs, DNS datasets, and third-party APIs which could contain malicious content designed to influence the agent.
- Ingestion points: Amass JSON results files containing external data.
- Boundary markers: None implemented in instructions or scripts.
- Capability inventory: Subprocess execution, file system writes, and network reconnaissance.
- Sanitization: No validation of the domain input or sanitization of parsed JSON output is present.
Audit Metadata