Skills
skills/theneoai/awesome-skills/crowdstrike-security/Gen Agent Trust Hub

crowdstrike-security

Fail

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The file references/workflows.md contains a reference to https://malicious-site.com/payload.exe, which has been identified as a phishing URL by automated scanners. This URL points to a remote executable file, posing a risk of malicious software acquisition.\n- [PROMPT_INJECTION]: The skill package includes a file named EVALUATION_REPORT.md which uses a self-referential injection pattern to claim a security score of 9.66/10 and a 'SAFE' verdict. This is an attempt to establish false authority and bias independent security assessments.\n
  • Ingestion points: Skill documentation and evaluation files (EVALUATION_REPORT.md).\n
  • Boundary markers: Absent; the report is presented as an objective, authoritative fact within the skill context.\n
  • Capability inventory: The skill references powerful host-level interaction capabilities including process termination (kill), file deletion (rm), and memory collection (memdump) via CrowdStrike Falcon RTR commands.\n
  • Sanitization: None; the skill does not contain instructions to validate its own claims or ignore documentation-based evaluations.\n- [COMMAND_EXECUTION]: The skill provides templates and workflows for high-privilege shell and Real Time Response (RTR) commands, which involve direct manipulation of processes and the file system on the host endpoint.
Recommendations
  • CRITICAL: 1 infected file(s) detected - DO NOT USE
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 18, 2026, 01:56 AM