agent-exploit-paths
Prove and rank the attacker-data → privileged-action exploit paths through an LLM/agent — the source→model→sink reachability and blast-radius audit that security-sweep's request→row model structurally can't see. Taints every untrusted ingress (RAG chunks, tool results, fetched pages, emails, parsed files, memory, peer-agent messages) through prompt assembly to every sink (tool dispatch, DB write, outbound send, render, exec), reports ONLY paths where a trust boundary is provably absent, and proves each with a live behavioral oracle (canary crossed a boundary / forbidden tool fired). Use when "prompt injection audit", "agent security", "is my AI app safe", "LLM security", "tool-call authz", "exploit paths", lethal-trifecta / excessive- agency review, or when bug-zero / project-autopilot route the AI/agent-security class here (security-sweep owns the SaaS infra boundary; this owns the agent one).
Preview
Point it at an LLM app or agent and it proves the paths that turn attacker-authored data into a privileged action — a poisoned RAG chunk that fires a tool, a fetched web page that exfiltrates a secret, a peer-agent message that escalates a…
The complete agent-exploit-paths skill — every rule, prompt, and supporting file — installs with the pack. One purchase unlocks all 23 skills in every Claude Code project.
One-time purchase. Instant download as a Claude Code skill pack. Lifetime updates.