pyghidra-scripting

Fail

Audited by Snyk on Jun 14, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). The skill explicitly exposes an interface that runs arbitrary Python (PyGhidra) inside the host Ghidra session, can write/edit persistent scripts, and returns captured stdout (including base64-encoded data), which together create high-risk vectors for remote code execution, data exfiltration, and persistence if abused.

Issues (1)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 14, 2026, 04:17 PM
Issues
1
Security Audit — snyk — pyghidra-scripting