skills/mukul975/anthropic-cybersecurity-skills/detecting-credential-dumping-techniques/Gen Agent Trust Hub
detecting-credential-dumping-techniques
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements legitimate defensive security analysis logic without malicious intent.
- [DATA_EXFILTRATION]: The Python script scripts/agent.py operates locally on user-provided XML data and does not contain network request functionality or access to sensitive system directories.
- [REMOTE_CODE_EXECUTION]: No remote code execution or untrusted package installation patterns were detected. The skill relies on standard Python libraries for processing.
- [PROMPT_INJECTION]: The skill includes an ingestion point for untrusted data in scripts/agent.py which parses user-provided XML files. While it lacks explicit sanitization, the script's functionality is limited to data extraction and JSON reporting, posing no risk of behavioral override or privilege escalation to the agent.
Audit Metadata