skills/mukul975/anthropic-cybersecurity-skills/analyzing-cobalt-strike-malleable-profiles/Gen Agent Trust Hub
analyzing-cobalt-strike-malleable-profiles
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/agent.pyusessubprocess.runto execute an external Python script for JARM scanning. The path to this script is configurable via an environment variable, which could be redirected to an unintended executable. - Evidence:
scripts/agent.pylines 78-80:jarm_script = os.getenv("JARM_SCRIPT", "jarm.py")used insubprocess.run(["python3", jarm_script, ...]). - [EXTERNAL_DOWNLOADS]: The skill requires external dependencies including the
pyMalleableC2library and thejarm.pyscanner script. - Evidence:
SKILL.mdandscripts/agent.pyreferences to these external tools. - [PROMPT_INJECTION]: The skill processes potentially untrusted malleable C2 profiles provided by the user, which could contain malicious content designed to influence the agent's analysis or output.
- Ingestion points:
extract_profile_indicatorsinscripts/agent.pyreads user-supplied file paths. - Boundary markers: None identified in the script logic.
- Capability inventory: Network scanning via subprocess execution and report generation via file writing.
- Sanitization: No input validation or sanitization is performed on the profile content before parsing.
Audit Metadata