Skills
skills/mukul975/anthropic-cybersecurity-skills/performing-purple-team-exercise/Gen Agent Trust Hub

performing-purple-team-exercise

Fail

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the install-atomicredteam.ps1 script from the Red Canary GitHub repository. This is an industry-standard framework used for adversary emulation and detection validation.
  • [COMMAND_EXECUTION]: The documentation includes various PowerShell and shell command examples intended for authorized security testing. These commands execute local simulation tests and query SIEM logs (Splunk) to verify alert triggers.
  • [DATA_EXFILTRATION]: Analysis of the Python reporting script shows it aggregates exercise metadata and test results into local JSON files. There is no evidence of unauthorized network transmission of sensitive information.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe secret management patterns were identified. The skill correctly references environment-specific identifiers and standard security tools.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 7, 2026, 12:58 PM