binary-triage
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill identifies an attack surface by processing untrusted binary data, which is inherent to its primary purpose.
- Ingestion points: Untrusted content is ingested via
get-strings,get-symbols, andget-decompilationtools. - Boundary markers: While the workflow is structured, it does not explicitly use delimiters or instructions to prevent the agent from obeying strings found inside the binary.
- Capability inventory: The skill possesses the ability to read binary metadata and write a prioritized task list using
TodoWrite. - Sanitization: No explicit sanitization or filtering of the binary data (e.g., escaping control characters in strings) is performed before presentation.
- Conclusion: As this is a specialized security triage tool, the processing of untrusted data is the intended function. The risk of the agent being influenced by instructions embedded in the binary is a known trade-off of LLM-based reverse engineering.
Audit Metadata