request-smuggling
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a technical playbook for HTTP Request Smuggling security testing. It contains educational content and attack templates used for identifying desynchronization vulnerabilities in web infrastructure.
- [EXTERNAL_DOWNLOADS]: The skill references several third-party security tools hosted on GitHub (e.g., 'defparam/smuggler' and 'dhmosfunk/simple-http-smuggler-generator') for automated testing. These are documented as recommended tools and are not automatically downloaded or executed by the skill itself.
- [COMMAND_EXECUTION]: Includes HTTP request templates and a JavaScript 'fetch' code snippet used as Proof-of-Concept (PoC) examples. These templates are intended to be used by security professionals in authorized testing environments and do not perform unauthorized command execution.
Audit Metadata