dwarf-expert
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to parse DWARF debug information from arbitrary binaries. Maliciously crafted binaries could contain embedded strings (e.g., in function names, source paths, or attributes) designed to influence or manipulate the agent's behavior during analysis.\n
- Ingestion points: Reading and parsing of DWARF data from binary files via dwarfdump, readelf, and pyelftools (identified in SKILL.md, dwarfdump.md).\n
- Boundary markers: No explicit delimiters or instructions are provided to help the agent distinguish between DWARF data and potential instructions.\n
- Capability inventory: The skill has access to Bash, Read, Glob, and WebSearch tools.\n
- Sanitization: No sanitization or escaping of the parsed binary content is described.\n- [Dynamic Execution] (LOW): The skill recommends that the agent generate and execute Python scripts using the pyelftools library for complex DWARF searches (identified in coding.md, dwarfdump.md). While this is a standard and effective pattern for this domain, it involves runtime code generation based on potentially untrusted input.
Audit Metadata