skills/mukul975/anthropic-cybersecurity-skills/performing-threat-emulation-with-atomic-red-team/Gen Agent Trust Hub
performing-threat-emulation-with-atomic-red-team
Fail
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script scripts/agent.py executes arbitrary shell commands using subprocess.run(shell=True) in the execute_atomic_manual and run_cleanup functions. These commands are parsed from YAML test definitions.
- [REMOTE_CODE_EXECUTION]: The skill workflow fetches test definitions from the redcanaryco/atomic-red-team GitHub repository and executes commands defined within them locally.
- [EXTERNAL_DOWNLOADS]: Documentation in SKILL.md and references/api-reference.md directs users to download the atomic-operator library and clone the atomic-red-team repository.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of external test definitions. Ingestion points: scripts/agent.py (load_atomic_tests function). Boundary markers: Absent. Capability inventory: subprocess.run(shell=True) in scripts/agent.py. Sanitization: Absent; the script performs string replacement for arguments without escaping shell characters.
Recommendations
- AI detected serious security threats
Audit Metadata