Binary Triage

What it does

The binary-triage skill enables AI agents to analyze raw binary files and categorize them based on their structure, signatures, and content. It helps distinguish between executable code, data archives, encrypted blobs, or malformed files without requiring manual inspection.

When to use it

• Security Analysis: Quickly identify potential malware samples by classifying unknown file types before deep scanning.
• Data Cleanup: Sort mixed binary datasets in a repository to separate valid executables from corrupted or irrelevant data.
• Reverse Engineering Prep: Determine if a dumped memory image is an ELF, PE, or Mach-O format before attempting disassembly.
• Malware Hunting: Filter large collections of suspicious files to isolate those with specific binary characteristics.

Key capabilities

• Analyzes raw binary content for structural patterns and magic numbers.
• Classifies file types including executables, libraries, archives, and encrypted data.
• Detects malformed or truncated binary structures.
• Provides confidence scores for classification accuracy.

Example prompts

• "Run binary-triage on this suspicious file dump to determine if it is a valid ELF executable."
• "Categorize these 50 unknown binary files and list any that appear to be encrypted archives."
• "Analyze the provided memory dump and identify the underlying process format (PE vs. Mach-O)."

Tips & gotchas

Ensure the binary file is not actively malicious or contains sensitive data before passing it to an agent for analysis. This skill relies on static signatures; it may misclassify obfuscated or heavily packed binaries without additional context.