Skills
skills/mukul975/anthropic-cybersecurity-skills/configuring-hsm-for-key-storage/Gen Agent Trust Hub

configuring-hsm-for-key-storage

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The utility scripts/process.py uses the subprocess module to call the softhsm2-util command-line tool. This is used to initialize cryptographic tokens as part of the intended HSM management functionality. It should be noted that the script passes PINs via command-line arguments, which may be visible in system process listings.
  • [EXTERNAL_DOWNLOADS]: The skill documentation and scripts reference official cryptographic libraries and service documentation from well-known and trusted sources, including AWS (CloudHSM), NIST (FIPS standards), and OpenDNSSEC (SoftHSM2).
  • [SAFE]: The AWS auditing agent in scripts/agent.py uses the official boto3 SDK to discover and report on the status of Hardware Security Modules and KMS keys. The script performs legitimate discovery operations within the scope of the user's AWS account with no evidence of unauthorized data transfer.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 07:56 AM