skills/mukul975/anthropic-cybersecurity-skills/detecting-api-enumeration-attacks/Gen Agent Trust Hub
detecting-api-enumeration-attacks
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The core functionality of the skill, including the Python script
scripts/agent.pyand the SIEM detection rules inSKILL.md, is legitimate and aligns with the stated purpose of API security monitoring. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection due to its processing of untrusted log data.
- Ingestion points:
scripts/agent.pyand the script inSKILL.mdingest external web server access logs. - Boundary markers: The scripts do not implement boundary markers or instructions to isolate log content from system prompts.
- Capability inventory: The agent in
scripts/agent.pyhas the capability to perform outbound network requests using therequestslibrary. - Sanitization: Log content is parsed using regular expressions but is not sanitized for potential malicious instructions before being reported or processed.
Audit Metadata