skills/mukul975/anthropic-cybersecurity-skills/building-c2-redirector-infrastructure/Gen Agent Trust Hub
building-c2-redirector-infrastructure
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone the
cs2modrewriterepository fromhttps://github.com/threatexpress/cs2modrewriteand references other tools likeRedWardenandredifrom GitHub. These sources are not included in the trusted vendor list.\n- [COMMAND_EXECUTION]: The skill requires administrative privileges to install packages (apt install), enable web server modules (a2enmod), and reload services (systemctl reload). It also usessudofor firewall configuration (ufw).\n- [DATA_EXFILTRATION]: Thescripts/agent.pyscript performs network probes to validate redirector functionality. It disables SSL certificate verification (verify=False), exposing the communication to potential man-in-the-middle attacks. Additionally, the script allows writing generated configuration data to arbitrary local file paths via the--outputargument.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface in the configuration generation logic ofscripts/agent.py.\n - Ingestion points: User-supplied strings via
--uriand--user-agentcommand-line arguments.\n - Boundary markers: Absent; inputs are directly interpolated into an nginx configuration template.\n
- Capability inventory: The script has the capability to write files to the local file system and perform network requests.\n
- Sanitization: Minimal; the script perform basic whitespace stripping and removal of leading slashes from URI patterns but lacks robust validation or escaping.
Audit Metadata