Red Team Tools and Methodology
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill instructs the user or agent to use a large suite of third-party tools (e.g., subfinder, nuclei, dalfox) and custom scripts (paramspider.py) without specifying versions or verifying their integrity, creating a supply chain risk.
- [Indirect Prompt Injection] (LOW): The skill facilitates processing of untrusted external web data which may contain malicious instructions.
- Ingestion points: Output from tools like waybackurls, gau, and httpx in sections 5, 7, and 10.
- Boundary markers: Absent; data is directly piped into subsequent commands.
- Capability inventory: Significant network (curl, nuclei, ffuf) and file system (mkdir, redirection) capabilities.
- Sanitization: None provided for external data before it is used in further commands.
- [Dynamic Execution] (LOW): The skill provides a template for a bash script (recon.sh) that is generated and executed at runtime, which is a common pattern for automating security tasks but grants significant host access.
Audit Metadata