skills/mukul975/anthropic-cybersecurity-skills/analyzing-network-traffic-of-malware/Gen Agent Trust Hub
analyzing-network-traffic-of-malware
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious behaviors, obfuscation techniques, or hidden payloads were identified in the skill scripts or documentation. Inconsistencies in author names between the skill metadata and license files (mahipal vs mukul975) do not appear to be deceptive.\n- [COMMAND_EXECUTION]: The skill uses subprocess calls and CLI commands to invoke external network analysis utilities necessary for its function.\n
- Evidence: SKILL.md and scripts/agent.py use tools such as tshark, capinfos, and suricata to analyze packet capture (PCAP) files.\n- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it processes untrusted network traffic data that could influence an agent.\n
- Ingestion points: scripts/agent.py and the workflows described in SKILL.md read and parse external PCAP files.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the processing logic for packet data.\n
- Capability inventory: The skill performs local file operations and executes various command-line network forensics tools.\n
- Sanitization: No sanitization of the packet-derived strings is performed before they are presented to the agent.
Audit Metadata