headless-ghidra-batch-decompile
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill implements a restrictive security posture by confining all file operations to a specific 'artifacts' directory and explicitly prohibiting the creation or execution of new scripts without user consent.
- [COMMAND_EXECUTION]: The skill uses the 'ghidra-agent-cli' to perform its tasks. These commands are limited to a specific subset of operations (apply-renames, decompile, etc.) that are consistent with its stated purpose of binary reverse engineering.
- [PROMPT_INJECTION]: No evidence of prompt injection, role-play overrides, or instructions to bypass safety filters was found in the instructions or metadata.
- [DATA_EXFILTRATION]: No network-based data exfiltration patterns or attempts to access sensitive system files (e.g., credentials, SSH keys, environment variables) were detected. All input/output operations are local and project-specific.
Audit Metadata