Skills
skills/mukul975/anthropic-cybersecurity-skills/analyzing-slack-space-and-file-system-artifacts/Gen Agent Trust Hub

analyzing-slack-space-and-file-system-artifacts

Fail

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: CRITICAL
Full Analysis
  • [SAFE]: The skill is designed for digital forensics and demonstrates no malicious intent or behavior.
  • [COMMAND_EXECUTION]: The script scripts/agent.py executes forensic utilities such as blkls, fls, and icat. These calls use subprocess.run with list-based arguments, which is a secure practice to prevent shell injection.
  • [EXTERNAL_DOWNLOADS]: The skill references well-known forensic Python libraries (analyzeMFT, pyusn) and standard toolkit utilities (The Sleuth Kit). These are industry-standard tools for the described forensic tasks.
  • [DATA_EXFILTRATION]: While the skill includes logic to search for sensitive patterns (e.g., credit cards, passwords) within forensic images, this is a core function of its stated purpose. Analysis is conducted locally, and the script lacks any network capabilities to exfiltrate discovered data.
  • [PROMPT_INJECTION]: The URLs https://malicious-site.com/payload.exe and https://cdn.malicious-site.com/payload.exe are documented as examples of metadata that may be found in Zone.Identifier Alternate Data Streams. They are not called, downloaded, or executed by the skill's code.
Recommendations
  • Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 15, 2026, 03:56 PM