iblai-security-disk-forensics

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides detailed, standard instructions for digital forensic analysis. It correctly identifies tools like Sleuth Kit (mmls, fls, icat), binwalk, and exiftool for evidence recovery. All procedures prioritize evidence integrity and read-only access, aligning with forensic best practices.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute various forensic utilities. All commands are standard for the described purpose (e.g., fdisk, sha256sum, mount). No arbitrary or dangerous command execution was found.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external data (disk images and file systems).
  • Ingestion points: Files processed via strings, icat, or exiftool in SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: Subprocess execution via Bash tool.
  • Sanitization: None specified for file content analysis.
  • Risk: While the agent might encounter malicious instructions inside analyzed files, the workflow is guided and restricted to forensic tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 03:47 PM
Security Audit — agent-trust-hub — iblai-security-disk-forensics