Skills
skills/mukul975/anthropic-cybersecurity-skills/building-c2-infrastructure-with-sliver-framework/Gen Agent Trust Hub

building-c2-infrastructure-with-sliver-framework

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to download and execute an installation script from https://sliver.sh/install in SKILL.md. This is the official installation source for the Sliver C2 framework provided by BishopFox.
  • [REMOTE_CODE_EXECUTION]: The deployment workflow includes a command that pipes a remote script into a shell with elevated privileges (curl https://sliver.sh/install | sudo bash). While this is a common installation pattern for this framework, it involves executing remote code with root access.
  • [COMMAND_EXECUTION]: Several scripts included in the skill perform command execution:
  • scripts/agent.py uses subprocess.run to interact with the sliver-client binary to automate implant generation and session management.
  • scripts/process.py uses subprocess.run to execute the nslookup utility for DNS health checks.
  • These implementations use argument lists (not shell strings) and do not use shell=True, which is consistent with secure coding practices for subprocess management.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 12:27 PM
Security Audit — agent-trust-hub — building-c2-infrastructure-with-sliver-framework