Skills
skills/transilienceai/communitytools/cdn-waf-fingerprinter/Gen Agent Trust Hub

cdn-waf-fingerprinter

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines a PostToolUse hook that executes a local script post_output_validation_hook.sh. This represents internal validation logic rather than a security risk.- [PROMPT_INJECTION]: The skill processes untrusted data from external websites (headers, cookies, DNS records), creating a surface for indirect prompt injection.
  • Ingestion points: External data is ingested through the http_signals, dns_signals, and tls_signals structures.
  • Boundary markers: No explicit markers are present to delimit untrusted content from system instructions.
  • Capability inventory: The agent has access to Read, Grep, and shell command execution.
  • Sanitization: There is no documented validation or sanitization of the input signals prior to processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:36 PM