Skills
skills/mukul975/anthropic-cybersecurity-skills/analyzing-windows-shellbag-artifacts/Gen Agent Trust Hub

analyzing-windows-shellbag-artifacts

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides scripts for parsing registry artifacts (scripts/agent.py) and processing forensic tool output (scripts/process.py) using standard forensic libraries.
  • [EXTERNAL_DOWNLOADS]: The documentation references industry-standard forensic tools (SBECmd, ShellBags Explorer) from reputable community sources.
  • [SAFE]: No malicious obfuscation, credential exfiltration, or unauthorized network operations were identified. The skill correctly handles binary registry parsing and local file output as part of its forensic analysis function.
  • [SAFE]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from registry hives and CSV files, but lacks dangerous capabilities like network exfiltration or command execution, maintaining a safe profile.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 06:12 AM