skills/mukul975/anthropic-cybersecurity-skills/designing-adversary-engagement-with-mitre-engage/Gen Agent Trust Hub
designing-adversary-engagement-with-mitre-engage
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a planning framework for cybersecurity deception operations. It uses standard markdown documentation and a Python script for data processing.
- [COMMAND_EXECUTION]: The included script
scripts/process.pyis a safe local utility. It performs basic file operations (reading a JSON threat model and writing a markdown plan skeleton) using standard Python libraries (json,argparse). It does not use dangerous functions likeeval(),exec(), orsubprocessto execute arbitrary shell commands. - [EXTERNAL_DOWNLOADS]: The skill references authoritative external resources from MITRE (engage.mitre.org, attack.mitre.org, d3fend.mitre.org). These are well-known, trusted industry-standard repositories for cybersecurity frameworks. No automated downloads or remote code execution patterns were detected.
- [DATA_EXFILTRATION]: There are no network operations or exfiltration patterns. The script operates entirely on local files provided via command-line arguments.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or sensitive file access patterns were found. The skill instructions properly advise users to document legal sign-off and gating criteria as a security best practice for deception operations.
Audit Metadata