skills/mukul975/anthropic-cybersecurity-skills/analyzing-powershell-script-block-logging/Gen Agent Trust Hub
analyzing-powershell-script-block-logging
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is security auditing and incident response. The code is transparent and follows its stated objective without hidden malicious functionality.
- [COMMAND_EXECUTION]: The script is a standalone Python utility that processes local files. It does not invoke shell commands, spawn subprocesses, or execute dynamically generated code.
- [EXTERNAL_DOWNLOADS]: The skill requires standard, well-known Python libraries (
python-evtx,lxml) for processing EVTX and XML data. These are fetched from official package registries and are appropriate for the task. - [DATA_EXFILTRATION]: While the script processes sensitive system logs, it only performs local analysis and writes results to a local file. There are no network operations, API calls, or data transmission mechanisms present in the code.
- [PROMPT_INJECTION]: The skill does not interact with LLM prompts or incorporate untrusted data into instructions that could lead to prompt injection attacks.
Audit Metadata