Skills
skills/allthingsida/idasql-skills/disassembly/Gen Agent Trust Hub

disassembly

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes potentially untrusted data from binaries, such as function names, strings, and disassembly comments, which could contain malicious instructions designed to influence the agent's behavior.\n
  • Ingestion points: Data is ingested through tables like funcs, names, and instructions as defined in SKILL.md.\n
  • Boundary markers: The provided SQL examples and handoff patterns do not implement delimiters or warnings to ignore embedded instructions in the binary data.\n
  • Capability inventory: The skill has significant capabilities including Bash tool access, binary patching through the bytes table in SKILL.md, and file writing via gen_listing and gen_cfg_dot_file found in references/disassembly-tables.md.\n
  • Sanitization: There is no evidence of string sanitization or validation before presenting binary-derived text to the agent.\n- [COMMAND_EXECUTION]: The skill configuration allows the use of the Bash tool, which permits the execution of arbitrary shell commands within the agent's environment.\n- [DATA_EXFILTRATION]: The skill includes functions gen_listing and gen_cfg_dot_file that can write data to arbitrary paths on the filesystem, which could be used to write sensitive information to accessible locations or overwrite system files if not properly restricted.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 05:25 AM