skills/mukul975/anthropic-cybersecurity-skills/coercing-authentication-with-coercer-petitpotam/Gen Agent Trust Hub
coercing-authentication-with-coercer-petitpotam
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/agent.pyacts as a wrapper for external CLI tools (coercerandPetitPotam.py). It utilizessubprocess.runwith a list of arguments, which is a secure practice that prevents shell injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The
SKILL.mdandreferences/api-reference.mdfiles provide instructions for downloading security tools from reputable GitHub repositories (e.g.,p0dalirius/Coercer,topotam/PetitPotam,fortra/impacket). These references are documented neutrally for the purpose of setting up the testing environment. - [CODE_QUALITY]: The orchestrator script includes basic environment checks using
shutil.whichto ensure required tools are present before attempting execution, improving reliability and preventing unexpected failures.
Audit Metadata