infrastructure
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill contains numerous command-line templates for network scanning and exploitation tools like nmap, bettercap, and responder. These are central to the skill's stated purpose of infrastructure testing.
- [REMOTE_CODE_EXECUTION]: The skill documents methods for achieving remote code execution on target systems, such as deploying JSP webshells via Tomcat's manager API and exploiting server-side template injection (SSTI) in Cobbler. These are provided as offensive knowledge for use during authorized testing.
- [DATA_EXFILTRATION]: Instructions are provided for capturing NTLMv2 hashes from targets using malicious SCF and URL files uploaded to Windows shares. This is presented as a credential harvesting technique for penetration testing.
- [PROMPT_INJECTION]: The skill implements a feedback loop where results from network scans are logged to markdown files and subsequently read by the agent. This ingestion of untrusted data from target systems (e.g., service banners or DNS records) into the agent's context creates an indirect prompt injection attack surface.
- Ingestion points: Markdown log files in the reference/ directory.
- Boundary markers: Absent.
- Capability inventory: High (extensive shell and networking tool access).
- Sanitization: No explicit sanitization or validation of external tool output is provided.
- [EXTERNAL_DOWNLOADS]: The skill references standard APIs for IP reputation (AbuseIPDB, VirusTotal, SecurityTrails) and official package registries for dependencies like pymodbus and scapy. These are well-known services and standard practices.
Audit Metadata