protocol-reverse-engineering
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: A detailed security audit of the skill instructions and resources confirms that all content is focused on legitimate security research and network debugging practices. No malicious code or deceptive instructions were identified.\n- [COMMAND_EXECUTION]: The implementation playbook includes command-line examples for well-known network analysis tools such as
wireshark,tcpdump,tshark, andmitmproxy. These tools are utilized appropriately for capturing and inspecting network traffic.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion and processing of untrusted network capture data.\n - Ingestion points: Protocol capture files are read using
scapy.all.rdpcapand analyzed via command-line utilities inresources/implementation-playbook.md.\n - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within captured data are provided.\n
- Capability inventory: The skill demonstrates the ability to send network packets using
scapyand execute various CLI analysis tools.\n - Sanitization: There is no evidence of sanitization or validation of the data extracted from network packets before it is presented to the user or processed further.
Audit Metadata