Skills
skills/mukul975/anthropic-cybersecurity-skills/performing-ssl-stripping-attack/Gen Agent Trust Hub

performing-ssl-stripping-attack

Fail

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses sudo to perform high-privilege system modifications, including enabling IP forwarding (sysctl -w net.ipv4.ip_forward=1) and configuring network address translation rules (iptables -t nat -A PREROUTING).
  • [COMMAND_EXECUTION]: The skill instructions involve executing powerful network manipulation and interception tools with root privileges, specifically bettercap, arpspoof, and sslstrip2.
  • [EXTERNAL_DOWNLOADS]: The skill and the included scripts/agent.py script interact with the external service hstspreload.org to check domain status. While this is a well-known service for HSTS validation, it involves sending domain information to an external API.
  • [COMMAND_EXECUTION]: The scripts/agent.py utility uses subprocess.run() to invoke curl for fetching HTTP headers and page content. While it correctly uses argument lists to mitigate common shell injection, the targets are derived from user-supplied input.
Recommendations
  • HIGH: Downloads and executes remote code from: https://hstspreload.org/api/v2/status?domain=example.com - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 7, 2026, 01:00 PM