ctf-malware
Warn
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and run scripts such as pyinstxtractor.py and PyArmor-Unpacker from unverified third-party GitHub repositories.\n- [COMMAND_EXECUTION]: The skill uses various system tools (tshark, peframe, wrestool, monodis) to analyze external files and provides instructions for executing parts of deobfuscated code (e.g., using console.log or echo).\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the analysis of untrusted content.\n
- Ingestion points: Malware binaries, network captures (PCAPs), and obfuscated scripts (JS, PowerShell).\n
- Boundary markers: None; the skill does not suggest using delimiters when processing external content.\n
- Capability inventory: Subprocess calls to binary analysis tools and network access via the Python requests library.\n
- Sanitization: No sanitization or validation of external inputs is performed before analysis or execution.
Audit Metadata