skills/mukul975/anthropic-cybersecurity-skills/implementing-zero-standing-privilege-with-cyberark/Gen Agent Trust Hub
implementing-zero-standing-privilege-with-cyberark
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECREDENTIALS_UNSAFE
Full Analysis
- [SAFE]: The core functionality of the skill is centered on security auditing and migration to a zero-trust architecture, with scripts performing legitimate API calls to AWS and CyberArk.
- [CREDENTIALS_UNSAFE]: The
scripts/agent.pyscript takes sensitive credentials (username and password) via command-line arguments. This is an insecure practice as it can lead to credential exposure in process listings and shell history. - [SAFE]: The
scripts/agent.pyscript bypasses SSL certificate verification and suppresses warnings usingurllib3.disable_warnings. While this facilitates operation in environments with internal certificates, it is a deviation from standard transport security practices. - [SAFE]: The skill utilizes standard, reputable libraries including
boto3andrequestsfor cloud resource auditing and HTTP communications.
Audit Metadata