skills/mukul975/anthropic-cybersecurity-skills/detecting-fileless-attacks-on-endpoints/Gen Agent Trust Hub
detecting-fileless-attacks-on-endpoints
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation (SKILL.md) provides PowerShell instructions to modify system registry keys under 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell' to enable Script Block and Module Logging. These operations require administrative privileges and modify the host's security telemetry configuration.
- [EXTERNAL_DOWNLOADS]: The 'scripts/agent.py' script relies on the 'python-evtx' library for parsing Windows Event Log files, which must be installed from an external repository.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external data.
- Ingestion points: The 'scripts/agent.py' and 'scripts/process.py' scripts ingest data from EVTX and CSV log files provided via CLI arguments.
- Boundary markers: No boundary markers are present in the scripts to isolate log content or prevent the agent from interpreting instructions embedded in the logs.
- Capability inventory: The skill reads local files and uses regular expressions to extract content, which is then outputted as JSON or displayed to the agent.
- Sanitization: Log content extracted by the scripts is not sanitized, although 'scripts/agent.py' truncates script excerpts to 300 characters.
Audit Metadata