reconnaissance
Warn
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides an executable shell script template for virtual host enumeration using a curl-based loop.
- [COMMAND_EXECUTION]: Instructions direct the agent to modify the system's /etc/hosts file to record and resolve discovered infrastructure components.
- [EXTERNAL_DOWNLOADS]: The skill's workflow depends on the presence of multiple external security tools, including nmap, ffuf, gobuster, subfinder, amass, masscan, nikto, and ZAP.
- [DATA_EXFILTRATION]: Conducts active network scanning and data retrieval from arbitrary external domains and IP addresses as part of the reconnaissance process.
- [PROMPT_INJECTION]: Potential surface for indirect prompt injection. The skill ingests and processes data from external web servers, including HTTP response headers and page content, which could contain adversarial instructions targeting the agent.
- Ingestion points: External web response data (headers and HTML bodies) and security tool outputs.
- Boundary markers: None; the skill does not define markers to isolate or sanitize ingested content from agent instructions.
- Capability inventory: Shell access, system file modification (/etc/hosts), and unrestricted network access.
- Sanitization: None; external data is used directly to inform subsequent agent actions.
Audit Metadata