ida-no-mcp-decompiler-exporter
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python code snippets intended for execution within the IDA Pro environment to automate data extraction. It also suggests running external scripts using the
execfilefunction. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It extracts untrusted data from binaries (such as strings, function names, and comments) and presents them to an AI model. This data could contain malicious instructions designed to override agent behavior during analysis.
- Ingestion points: Untrusted data enters the agent context via binary strings, function names, and decompiled code exported by the script snippets in
SKILL.md. - Boundary markers: None provided in the export templates to distinguish binary data from instructions.
- Capability inventory: The skill facilitates filesystem write operations (
open,write) across all export functions inSKILL.md. - Sanitization: Filename sanitization is present (replacing special characters with underscores), but no sanitization or escaping is performed on the content of the exported strings or code.
- [DATA_EXFILTRATION]: While it does not perform network operations, the skill is designed to perform bulk extraction of sensitive binary information, including memory segments and decompiled source code, to the local filesystem.
Audit Metadata