binary-analysis-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill documentation includes a 'Memory Protocol' section that mandates the agent read from and write to specific local paths (e.g.,
C:\dev\projects\agent-studio\.claude\context\memory\learnings.md). This is a behavioral override designed to enforce a persistent state across sessions. - [COMMAND_EXECUTION]: The skill enables powerful tools such as
Bash,Write, andEdit. These tools are necessary for the 'Memory Protocol' to function, allowing the agent to modify local files based on its analysis of potentially untrusted executable data. - [PROMPT_INJECTION]: The skill uses authoritative language such as 'Iron Laws' and 'MANDATORY' to constrain the agent's reasoning process, which is a form of instructional forcing.
- [PROMPT_INJECTION]: An indirect prompt injection surface is created because the skill processes untrusted binary data (executables) and provides a mechanism (the Memory Protocol) to persist information derived from that data into files the agent is instructed to trust in future turns.
- Ingestion points: The agent is intended to process user-provided binaries or assembly code.
- Boundary markers: There are no explicit instructions to sanitize or delimit untrusted strings extracted from binaries before writing them to the memory files.
- Capability inventory: The skill uses
Bash,Read,Write, andEdittools via thefrontmatterconfiguration. - Sanitization: No sanitization logic is provided for the persistence of extracted data.
Audit Metadata