skills/mukul975/anthropic-cybersecurity-skills/analyzing-packed-malware-with-upx-unpacker/Gen Agent Trust Hub
analyzing-packed-malware-with-upx-unpacker
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The scripts/agent.py script executes the upx system command using subprocess.run. The command is constructed using a list of arguments rather than a raw shell string, which is a secure practice that prevents shell injection.
- [EXTERNAL_DOWNLOADS]: Instructions include installation of the pefile library via pip and the upx-ucl utility via apt. These are standard, well-known tools for malware analysis and do not pose a risk in this context.
- [SAFE]: The skill provides a robust framework for repairing modified UPX headers using Python's pefile and struct modules. This functionality is consistent with its stated purpose of assisting in malware reverse engineering.
- [SAFE]: Documentation correctly identifies the risk of analyzing malware and mandates the use of an isolated analysis environment.
Audit Metadata