Skills
skills/zebbern/secops-cli-guides/Red Team Tools and Methodology/Gen Agent Trust Hub

Red Team Tools and Methodology

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill provides complex bash one-liners and a standalone shell script (recon.sh) that execute multiple third-party security tools (Amass, Subfinder, Nuclei, ffuf, etc.). This gives the agent direct control over the underlying system's shell.
  • DATA_EXFILTRATION (LOW): While intended for reconnaissance, the workflow is designed to extract information about target infrastructure and potentially transmit data to external endpoints via tools like curl and various scanners.
  • EXTERNAL_DOWNLOADS (LOW): The skill fetches data from external, untrusted sources such as bgp.he.net, waybackurls, and gau. This content is directly processed by further tools in the pipeline.
  • Indirect Prompt Injection (LOW): The skill possesses a high vulnerability surface for indirect injection.
  • Ingestion points: Output from waybackurls, gau, and subfinder (found in sections 5, 7, and 10).
  • Boundary markers: Absent; data is handled as raw strings in shell pipes.
  • Capability inventory: bash subprocess execution, curl network requests, and nuclei vulnerability scanning.
  • Sanitization: None; the scripts pipe external data directly into powerful command-line tools without escaping or validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:38 PM