Skills
skills/aiskillstore/marketplace/crack-hashcat/Gen Agent Trust Hub

crack-hashcat

Warn

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill provides instructions for the extraction of sensitive credential material from system-level files, specifically the Linux password shadow file (/etc/shadow) and the Windows NTDS.dit database.
  • [COMMAND_EXECUTION]: Several workflows include commands that utilize sudo to obtain the administrative privileges required to access restricted system paths and extract password hashes.
  • [EXTERNAL_DOWNLOADS]: The CI/CD configuration template includes a step that fetches and executes an installation script from the official Aqua Security GitHub repository via a pipe-to-shell pattern.
  • [COMMAND_EXECUTION]: The skill provides logic to dynamically generate and execute local shell scripts for password analysis and reporting using here-document redirection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 24, 2026, 12:58 AM
Security Audit — agent-trust-hub — crack-hashcat