detecting-secure-boot-bypass

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/agent.py script and SKILL.md instructions utilize system commands to audit firmware state.
  • Evidence: Use of subprocess.run in scripts/agent.py to execute mokutil, dbxtool, and chipsec_main.
  • Context: These commands are used to query Secure Boot status, revocation lists (dbx), and EFI variables, which is the stated purpose of the skill.
  • [EXTERNAL_DOWNLOADS]: The skill references downloading resources from established hardware security sources.
  • Evidence: Instructions to download DBXUpdate.bin from uefi.org/revocationlistfile and install chipsec via pip.
  • Context: These are well-known services and trusted tools within the cybersecurity domain for firmware validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 02:09 PM
Security Audit — agent-trust-hub — detecting-secure-boot-bypass