skills/mukul975/anthropic-cybersecurity-skills/analyzing-ransomware-leak-site-intelligence/Gen Agent Trust Hub
analyzing-ransomware-leak-site-intelligence
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted data from external ransomware tracking APIs.
- Ingestion points: Victim data is fetched from external ransomware tracking APIs in
scripts/agent.pyandSKILL.md. - Boundary markers: The skill does not use specific delimiters or instructions to ignore potential instructions embedded in the external data.
- Capability inventory: The script includes file-write capabilities for report generation and network GET requests for data collection.
- Sanitization: No sanitization or escaping of external fields is performed before they are incorporated into the final intelligence report.
- [DATA_EXFILTRATION]: The skill performs network GET requests to fetch data from
raw.githubusercontent.com,api.ransomware.live, andransomlook.io. These are recognized community resources for threat intelligence and the operations are consistent with the skill's primary purpose.
Audit Metadata