domain-assessment
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Detected an indirect prompt injection surface (Category 8) due to the processing of untrusted external data. \n
- Ingestion points: The skill ingests target domain names, lists of subdomains, and specific port ranges through the
{domain},{list}, and{specific_subdomain}placeholders in its coordination prompts. \n - Boundary markers: Absent. The prompts do not utilize delimiters or specific instructions to the agent to disregard instructions embedded within the domain names or tool outputs. \n
- Capability inventory: The skill is designed to spawn subagents that have the capability to execute network tools (nmap, masscan, subfinder, amass) and write files to the local inventory and analysis directories. \n
- Sanitization: Absent. There is no evidence of validation or sanitization of the input domain strings before they are interpolated into instructions for the subagents.
Audit Metadata