Skills
skills/trailofbits/skills/dwarf-expert/Gen Agent Trust Hub

dwarf-expert

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to use the Bash tool to execute binary analysis utilities such as dwarfdump, llvm-dwarfdump, and readelf. This involves executing shell commands on binary files that may originate from untrusted sources.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection. It ingests and parses DWARF/ELF binary data, which could contain attacker-controlled strings (e.g., in debug symbols or string tables) designed to manipulate the agent's logic when it processes the tool output.
  • Ingestion points: Binary files (ELF/DWARF) parsed via dwarfdump, readelf, and custom scripts.
  • Boundary markers: Absent; there are no instructions to the agent to ignore or delimit potentially malicious instructions found within the binary metadata.
  • Capability inventory: The agent has access to Bash for command execution and the ability to write and run Python scripts.
  • Sanitization: No sanitization or validation of the binary content or the resulting tool output is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 01:45 PM