Quick Pentest Reference
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (HIGH): The skill provides numerous commands for aggressive network scanning and password brute-forcing using tools such as Hydra, Nmap, and arp-scan. These commands carry a significant risk of unauthorized system access or network disruption if used maliciously or without oversight.
- [Unverifiable Dependencies & Remote Code Execution] (HIGH): The skill references post-exploitation activities and tools like Mimikatz and LinPEAS. These tools are often downloaded from external, unverified sources and involve running arbitrary code with high privileges to dump credentials or escalate access.
- [Indirect Prompt Injection] (HIGH): The skill possesses a high risk of indirect prompt injection as it workflow involves processing external content. (1) Ingestion points: Data from DNS queries, HTTP response bodies (via Nikto/FFUF), and certificate transparency logs (crt.sh). (2) Boundary markers: Absent. (3) Capability inventory: High (the ability to run scanning, brute-force, and exploitation tools). (4) Sanitization: Absent. Malicious instructions hidden in these external sources could influence the agent's behavior during a pentest engagement.
- [Privilege Escalation] (HIGH): Multiple instructions require the use of 'sudo', including tool installation and low-level network operations like ARP scanning and OS detection, which grants the skill elevated permissions over the host system.
Recommendations
- AI detected serious security threats
Audit Metadata