web-application-mapping
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (MEDIUM): The skill is designed to coordinate the execution of active scanning tools such as
ffuf,gobuster,nikto, andZAP spider. While these are legitimate tools for its stated purpose of web mapping and reconnaissance, they represent high-risk command execution capabilities. The severity is set to MEDIUM as this behavior is central to the skill's primary purpose. - [Indirect Prompt Injection] (LOW): The skill is highly susceptible to indirect prompt injection because its core function is to ingest and analyze untrusted content from external web applications.
- Ingestion points: Target application source code (HTML/JavaScript), API documentation (Swagger/OpenAPI), and server-returned directory listings.
- Boundary markers: Absent. There are no instructions provided to the subagents to treat external content as untrusted or to ignore embedded instructions.
- Capability inventory: The skill possesses the ability to spawn subagents and trigger the execution of command-line utilities.
- Sanitization: No sanitization or validation logic is specified for the data retrieved from the target applications.
- [External Downloads] (LOW): The reconnaissance workflow involves downloading and analyzing JavaScript files and other assets from remote, untrusted web servers.
Audit Metadata