skills/mukul975/anthropic-cybersecurity-skills/performing-cloud-native-forensics-with-falco/Gen Agent Trust Hub
performing-cloud-native-forensics-with-falco
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is security monitoring and forensics, with all included code and instructions aligning with this goal.
- [EXTERNAL_DOWNLOADS]: References and deployment commands point to official Falco documentation and Helm repositories managed by the Falcosecurity community, which are well-known and reputable sources for cloud-native security tools.
- [DATA_EXFILTRATION]: The included Python agent performs network requests to check the health and version of a Falco API. These operations are limited to a local or user-specified endpoint and do not involve the transmission of sensitive data.
- [COMMAND_EXECUTION]: Documentation provides standard shell commands for operating Falco and processing alert data. These commands are routine for the intended use case and do not involve malicious patterns.
- [PROMPT_INJECTION]: The skill does not contain instructions that attempt to override agent behavior or bypass safety guidelines. Instructions are focused on technical task execution.
Audit Metadata