ctf-malware
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted data (malware samples, PCAP logs) which could contain indirect prompt injections (Category 8).
- Ingestion points: The skill facilitates reading malware binaries, scripts, and network captures through analysis tools and scripts (e.g., as described in
references/scripts-and-obfuscation.md). - Boundary markers: No explicit delimiters or system instructions are provided to the agent to ignore potentially malicious instructions embedded within the analyzed samples.
- Capability inventory: The skill utilizes powerful system capabilities including shell command execution (
tshark,vol3,peframe), filesystem access, and the ability to run external binaries with elevated privileges (sudo tcpdump). - Sanitization: There is no explicit sanitization or validation of the data extracted from analyzed samples before it is processed by the agent or presented to the user.
- [COMMAND_EXECUTION]: The skill includes instructions and Python code snippets for executing and monitoring potentially malicious files using tools like
strace,ltrace, andsudo tcpdump. While these are high-risk operations, they are directly related to the skill's primary purpose of malware analysis. - [EXTERNAL_DOWNLOADS]: The skill references external, third-party tools hosted on GitHub (e.g.,
PyArmor-Unpacker) for specific malware analysis tasks.
Audit Metadata