UhdyIndy/ai-threat-testing
skills/ai-threat-testing/SKILL.md
Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.
development
Updated Apr 23, 2026
$ install --global
skillsauthnpx skillsauth add UhdyIndy/antigravity-awesome-skills ai-threat-testingInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 10:37 PM38.5s12 files scanned
SKILL.md
- name:
- ai-threat-testing
- description:
- Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.
AI Threat Testing
Test LLM applications for OWASP LLM Top 10 vulnerabilities using 10 specialized agents. Use for authorized AI security assessments.
Quick Start
1. Specify target (LLM app URL, API endpoint, or local model)
2. Select scope: Full OWASP Top 10 | Specific vulnerability | Supply chain
3. Agents deploy, test, capture evidence
4. Professional report with PoCs generated
Primary Agents
Each agent targets one OWASP LLM vulnerability:
- Prompt Injection (LLM01): Direct/indirect injection, system prompt extraction
- Output Handling (LLM02): Code/XSS injection, unsafe deserialization
- Training Poisoning (LLM03): Membership inference, backdoors, data extraction
- Resource Exhaustion (LLM04): Token flooding, DoS, cost impact
- Supply Chain (LLM05): Dependency scanning, plugin security
- Excessive Agency (LLM06): Privilege escalation, unauthorized actions
- Model Extraction (LLM07): Query-based theft, data reconstruction
- Vector Poisoning (LLM08): RAG injection, retrieval manipulation
- Overreliance (LLM09): Hallucination testing, confidence manipulation
- Logging Bypass (LLM10): Monitoring evasion, forensic gaps
See reference/llm0X-*.md for attack playbooks.
Workflows
Full Assessment (4-8 hours):
- [ ] Reconnaissance
- [ ] Deploy all 10 agents
- [ ] Execute exploits
- [ ] Capture evidence
- [ ] Generate report
Focused Testing (1-3 hours):
- [ ] Select vulnerability (LLM01-10)
- [ ] Deploy agent
- [ ] Execute techniques
- [ ] Document findings
Supply Chain Audit (2-4 hours):
- [ ] Inventory dependencies
- [ ] Scan CVEs
- [ ] Test plugins/APIs
- [ ] Verify model provenance
Integration
Enhances /pentest with AI-specific testing:
- Traditional pentesting + AI threat testing = complete security assessment
- Chain vulnerabilities across traditional and AI vectors
- Unified reporting with CVSS scores
Key Techniques
Prompt Injection: Instruction override, system prompt extraction, filter evasion Model Extraction: Query sampling, token analysis, membership inference Data Poisoning: Behavioral anomalies, backdoor triggers, bias analysis DoS: Token flooding, recursive expansion, context exhaustion Supply Chain: CVE scanning, plugin audit, model verification
Evidence Capture
All agents collect: screenshots, network logs, API responses, errors, console output, execution metrics.
Reporting
Automated reports include: executive summary, detailed findings (CVSS scores), PoC scripts, evidence, remediation guidance.
Critical Rules
- Written authorization REQUIRED before testing
- Never exceed defined scope
- Test in isolated environments when possible
- Document all findings with reproducible PoCs
- Follow responsible disclosure practices
Integration
- Integrates with
/pentestskill for comprehensive security testing - AI-specific vulnerability knowledge in
/AGENTS.md - Attack playbooks in
reference/llm0X-*.md
Related Skills
UhdyIndy/azure-keyvault-keys-rust
tools
VerifiedTrustedCommunity
Azure Key Vault Keys SDK for Rust. Use for creating, managing, and using cryptographic keys. Triggers: "keyvault keys rust", "KeyClient rust", "create key rust", "encrypt rust", "sign rust".
SKILL.mdUpdated Apr 24, 2026
UhdyIndy/azure-keyvault-certificates-rust
development
VerifiedTrustedCommunity
Azure Key Vault Certificates SDK for Rust. Use for creating, importing, and managing certificates.
SKILL.mdUpdated Apr 24, 2026
UhdyIndy/azure-identity-ts
devops
VerifiedTrustedCommunity
Authenticate to Azure services with various credential types.
SKILL.mdUpdated Apr 24, 2026
UhdyIndy/azure-identity-rust
tools
VerifiedTrustedCommunity
Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication.
SKILL.mdUpdated Apr 24, 2026