skills/mukul975/anthropic-cybersecurity-skills/analyzing-windows-prefetch-with-python/Gen Agent Trust Hub
analyzing-windows-prefetch-with-python
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation and scripts reference the
windowsprefetchPython library. This is a well-known, specialized library for digital forensics and is a standard dependency for this type of analysis. - [DATA_EXPOSURE_AND_EXFILTRATION]: The script reads Windows Prefetch (.pf) files, which contain sensitive metadata about program execution. However, this access is restricted to local processing for forensic reporting, and no network operations or exfiltration patterns were found in the code.
- [COMMAND_EXECUTION]: No usage of
subprocess,os.system, or other shell command execution patterns were identified. The tool operates strictly as a file parser. - [DYNAMIC_EXECUTION]: The script does not utilize dynamic execution functions like
eval()orexec(). Logic is based on static parsing of file structures. - [PROMPT_INJECTION]: The instructions provided in the markdown files are purely descriptive and procedural, with no attempts to override agent behavior or bypass safety filters.
Audit Metadata