Skills
skills/trailofbits/skills/crypto-protocol-diagram/Gen Agent Trust Hub

crypto-protocol-diagram

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes search commands using the rg (ripgrep) utility to identify cryptographic functions and protocol-related code patterns within a local directory.
  • [EXTERNAL_DOWNLOADS]: The skill uses WebFetch to download protocol specification documents, such as RFCs and academic papers, from external URLs for analysis.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from source code and specifications (Step 0, Step S1) to perform extraction for diagramming purposes.
  • Ingestion points: Source code files and specification documents (RFCs, .pv, .spthy) are read using the Read and WebFetch tools.
  • Boundary markers: The instructions do not specify the use of delimiters for the ingested content when the agent processes the file text.
  • Capability inventory: The skill uses Read, Write, Grep, Bash, and WebFetch across its workflow to parse files and generate diagrams.
  • Sanitization: There are no explicit instructions for sanitizing or escaping the content of the ingested files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:42 PM