ffuf-web-fuzzing
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill involves the agent reading and analyzing JSON output generated by the ffuf tool. While this data originates from external targets and could theoretically contain malicious content designed to influence the agent (indirect prompt injection), this functionality is essential for the skill's primary purpose.
- Ingestion point: The agent reads the results.json file produced by ffuf as described in the Analyzing Results section.
- Boundary markers: The instructions do not specify explicit delimiters or warnings to ignore embedded instructions in the tool output.
- Capability inventory: The skill has access to tools like Bash, Read, Write, and Edit.
- Sanitization: No specific sanitization or validation of the external tool output is mentioned before processing.
- [EXTERNAL_DOWNLOADS]: The skill identifies the ffuf tool as a prerequisite, with installation instructions pointing to its official GitHub repository. As ffuf is a well-known security tool and the download source is standard, this is documented as safe.
- [COMMAND_EXECUTION]: The skill makes extensive use of Bash to run ffuf commands. These patterns follow security best practices, including mandatory auto-calibration and rate limiting for production environments.
Audit Metadata