packet-capture-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted network capture data (pcap/pcapng), representing an indirect prompt injection surface. This is an inherent risk of the skill's primary purpose of packet analysis. (1) Ingestion points: pcap and pcapng files. (2) Boundary markers: Absent. (3) Capability inventory: tshark, capinfos, gnuplot, and scapy. (4) Sanitization: Absent.
- [DATA_EXFILTRATION]: The skill performs network lookups to external RDAP and DNS services (e.g., ARIN, ICANN) for IP address labeling, which is consistent with its stated methodology for triage.
- [COMMAND_EXECUTION]: The skill utilizes system CLI tools such as tshark, capinfos, and gnuplot to extract protocol statistics and generate network visualizations.
Audit Metadata