skills/mukul975/anthropic-cybersecurity-skills/analyzing-macro-malware-in-office-documents/Gen Agent Trust Hub
analyzing-macro-malware-in-office-documents
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a well-structured resource for malware analysis, adhering to best practices such as recommending the use of isolated virtual machines for handling suspicious documents.
- [EXTERNAL_DOWNLOADS]: The instructions recommend installing well-known security libraries (oletools, xlmdeobfuscator) and provide a link to the official blog of Didier Stevens, a recognized security researcher, for downloading oledump.py.
- [COMMAND_EXECUTION]: Provides various command-line examples for using static analysis tools to inspect OLE streams and VBA macros. These tools are used for forensic analysis and do not execute the analyzed malware.
- [DYNAMIC_EXECUTION]: Includes Python logic for deobfuscating VBA code. This is implemented safely using regular expressions and string operations to resolve common obfuscation techniques (like Chr() calls and string concatenation) without executing the code itself.
Audit Metadata