skills/mukul975/anthropic-cybersecurity-skills/performing-plc-firmware-security-analysis/Gen Agent Trust Hub
performing-plc-firmware-security-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/agent.pyscript utilizessubprocess.runto call the externalbinwalkutility for firmware extraction. This operation is performed using a static command list, which is a secure method for executing system tools. - [COMMAND_EXECUTION]: The
SKILL.mddocumentation provides guidance on using Ghidra's headless analyzer. These commands are intended for manual execution by a security researcher in a controlled environment. - [SAFE]: The
PLCFirmwareAcquisitionclass inSKILL.mdperforms firmware integrity verification using cryptographic hashes (SHA-256, MD5). This is a defensive feature used to detect unauthorized modifications to industrial control system software. - [SAFE]: The protocol testing logic in
ModbusSecurityTesteruses the standardsocketlibrary to interact with PLC devices. The tool is designed for vulnerability assessment and does not contain hardcoded credentials or unauthorized data exfiltration routines.
Audit Metadata