skills/mukul975/anthropic-cybersecurity-skills/analyzing-macro-malware-in-office-documents/Gen Agent Trust Hub
analyzing-macro-malware-in-office-documents
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Attack Surface
- Ingestion points: The skill accepts untrusted Office documents (e.g.,
.docm,.xlsm) as input via thetargetparameter inscripts/agent.pyand the manual workflows described inSKILL.md. - Boundary markers: The skill's output (reports and extracted code) does not implement delimiters or explicit 'ignore instructions' markers when presenting extracted macro content to the AI agent.
- Capability inventory: The skill performs VBA extraction, deobfuscation, and metadata analysis across
scripts/agent.pyandSKILL.md. - Sanitization: There is no evidence of sanitization or escaping of the extracted VBA code or document metadata, which may contain malicious instructions targeting the AI model.
- [EXTERNAL_DOWNLOADS]: Installation of Third-Party Dependencies
- The skill requires several external Python packages including
oletoolsandxlmdeobfuscator, as noted inSKILL.mdandreferences/api-reference.md. These are widely recognized industry-standard tools for malware analysis. - References a download for
oledump.pyfrom Didier Stevens' well-known security blog. - [COMMAND_EXECUTION]: Shell Command Execution for Malware Analysis
SKILL.mdandreferences/api-reference.mdprovide numerous examples of shell commands (e.g.,olevba,oledump.py,xlmdeobfuscator) intended for use in an analysis environment. While these are legitimate tools, executing them on untrusted files carries inherent risks if the analysis environment is not properly isolated.
Audit Metadata