detecting-secure-boot-bypass
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/agent.pyscript andSKILL.mdinstructions utilize system commands to audit firmware state. - Evidence: Use of
subprocess.runinscripts/agent.pyto executemokutil,dbxtool, andchipsec_main. - Context: These commands are used to query Secure Boot status, revocation lists (dbx), and EFI variables, which is the stated purpose of the skill.
- [EXTERNAL_DOWNLOADS]: The skill references downloading resources from established hardware security sources.
- Evidence: Instructions to download
DBXUpdate.binfromuefi.org/revocationlistfileand installchipsecviapip. - Context: These are well-known services and trusted tools within the cybersecurity domain for firmware validation.
Audit Metadata