skills/mukul975/anthropic-cybersecurity-skills/detecting-rdp-brute-force-attacks/Gen Agent Trust Hub
detecting-rdp-brute-force-attacks
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes standard libraries and documentation.
- Fetches the
python-evtxandlxmlpackages from the Python Package Index (PyPI) for processing Windows Event Logs. - References official Microsoft security documentation and reputable open-source tools like LogonTracer.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface.
- Ingestion points: The
scripts/agent.pyscript parses external Windows Event Log (.evtx) files provided by the user. - Boundary markers: Absent. The logic does not include delimiters or instructions to ignore instructions embedded in log data.
- Capability inventory: The script can read log files and write the resulting analysis to a JSON report on the local file system.
- Sanitization: Absent. Data fields extracted from logs, such as usernames, are included in the final report without sanitization, allowing potentially malicious log content to persist in the output.
Audit Metadata