reverse-engineering
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several third-party reverse engineering tools and MCP servers hosted on GitHub, such as
ida-pro-mcp,GhidraMCP, and various GDB plugins. These are documented as external dependencies to be installed by the user via standard methods likegit cloneorpip installfrom well-known repositories. - [COMMAND_EXECUTION]: The skill makes extensive use of standard security and analysis CLI tools including
nm,strings,gdb,frida, andadb. These tools are employed correctly within the context of binary analysis and debugging workflows. - [DATA_EXFILTRATION]: No unauthorized data transmission or exfiltration patterns were found. Network-related instructions are focused on local analysis (e.g., localhost MCP endpoints), network protocol reverse engineering (using Wireshark/mitmproxy), or legitimate CTF environment connections.
- [PROMPT_INJECTION]: The skill documents the analysis of untrusted binaries and malware, which creates a surface for indirect prompt injection if malicious strings are present in the analyzed data. However, the skill does not contain any instructions that attempt to override the agent's own safety constraints or system prompts.
- Ingestion points: Reads external binary data and decompiled code using various analysis utilities.
- Boundary markers: Uses standard technical context for analysis, though does not implement specific delimiters for all external data sources.
- Capability inventory: Has shell access to run debuggers, decompilers, and system utilities as required for the RE task.
- Sanitization: Relies on the user's local environment and the security boundaries of the individual analysis tools.
Audit Metadata