malware-analyst
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to ingest and analyze untrusted data from potentially malicious files (e.g., using
strings -a sample.exeorFLOSS). This introduces a surface for indirect prompt injection, where an attacker could embed malicious instructions within a binary file's strings or metadata to subvert the agent's behavior when it processes the tool output. - Ingestion points: Output from command-line tools such as
strings,file,rabin2, and disassemblers (IDA Pro, Ghidra) in Phase 2 and 3. - Boundary markers: The skill does not provide specific delimiters or instructions to the agent on how to distinguish between the analysis tool's output and its own system instructions.
- Capability inventory: The agent is expected to execute system commands (via shell tools) and process file content.
- Sanitization: There is no mention of sanitizing or escaping the output of the analysis tools before it is interpreted by the LLM.
Audit Metadata