networking
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill contains numerous examples of command-line tools for network analysis (e.g.,
tshark,nmap,tcpdump,tcpflow). While these tools involve executing system commands, their usage is restricted to local packet capture files (.pcap) and standard network auditing tasks. No evidence of malicious command chaining or arbitrary execution from untrusted sources was found. - [EXTERNAL_DOWNLOADS] (SAFE): References to package installation (e.g.,
brew install nmap,pip install scapy) are directed at standard, trusted package managers and official repositories. No downloads from unknown or risky third-party websites are present. - [DATA_EXFILTRATION] (SAFE): The skill describes techniques for detecting data exfiltration (e.g., DNS and ICMP tunneling detection). While it includes tools that could be used for exfiltration (like
curl), the context provided in theSKILL.mdand reference files is strictly forensic and investigative.
Audit Metadata