Skills
skills/transilienceai/communitytools/ip-attribution/Gen Agent Trust Hub

ip-attribution

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell commands including dig, whois, and grep via the Bash tool to perform network reconnaissance and IP attribution.
  • [EXTERNAL_DOWNLOADS]: Downloads IP range data from well-known and trusted technology services including Amazon Web Services, Google Cloud Platform, Microsoft, and Cloudflare to perform cloud provider matching.
  • [PROMPT_INJECTION]: Exhibits a surface for indirect prompt injection by processing untrusted external data (domains and IP addresses) through shell-based tools.
  • Ingestion points: Accepts external data via {domain} and {ip_address} parameters in SKILL.md.
  • Boundary markers: No explicit delimiters or guardrails are defined in the command templates to prevent command chaining or argument injection.
  • Capability inventory: Utilizes the Bash tool for shell command execution across multiple operations in SKILL.md.
  • Sanitization: The skill description does not specify input validation or sanitization routines for the interpolated parameters.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:36 PM