Skills
skills/mukul975/anthropic-cybersecurity-skills/performing-vlan-hopping-attack/Gen Agent Trust Hub

performing-vlan-hopping-attack

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses system commands to configure network interfaces and manage kernel modules.
  • Evidence: In scripts/agent.py, the create_vlan_interface and cleanup_vlan_interfaces functions use subprocess.run to call modprobe 8021q and ip link for interface creation and deletion.
  • [EXTERNAL_DOWNLOADS]: The skill requires and references well-known external networking libraries and tools.
  • Evidence: The script scripts/agent.py depends on the scapy library. The documentation in SKILL.md identifies Yersinia and frogger as prerequisites for the assessment workflow.
  • [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection by ingesting data from the local network environment.
  • Ingestion points: The listen_for_dtp and listen_for_cdp_lldp functions in scripts/agent.py capture network packets using scapy.sniff().
  • Boundary markers: Absent. Captured data from packet headers is extracted and included directly in the report objects without delimiters or warnings.
  • Capability inventory: The script has capabilities for raw packet crafting, interface manipulation, and executing system commands via subprocess.run across multiple functions.
  • Sanitization: Absent. There is no validation or escaping of the data captured from the network before it is processed and displayed in the final assessment report.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 01:02 PM