# Analyze Firmware Dumps with CHIPSEC

Firmware security reviews are difficult when teams only have offline BIOS or UEFI dump files. This skill gives Claude, Codex, and Claude Code a structured CHIPSEC workflow for threat scans, inventories, comparisons, and reporting.

## Install

```bash
npx skillstore add brownfinesecurity/chipsec
```

## Metadata

- - Slug: brownfinesecurity-chipsec
- - Version: 1.0.0
- - Author: BrownFineSecurity
- - GitHub username: BrownFineSecurity
- - License: MIT
- - Repository: https://github.com/BrownFineSecurity/iothackbot/tree/master/skills/chipsec
- - Ref: master
- - Supported tools: Claude, Codex, Claude Code
- - Risk level: medium
- - Risk factors: external\_commands, filesystem
- - Quality score: 72
- - Public page: https://skillstore.pages.dev/skills/brownfinesecurity-chipsec
- - Manifest: https://skillstore.pages.dev/api/skills/brownfinesecurity-chipsec/manifest

## Capabilities

- Guides offline CHIPSEC scans for known UEFI threats and vulnerable modules.
- Generates EFI executable inventory workflows with hashes for baseline comparison.
- Explains how to decode firmware structure and review extracted volumes and files.
- Shows how to locate NVRAM variables produced by static firmware decoding.
- Supports before-and-after firmware update comparison workflows.
- Documents common CHIPSEC errors and practical troubleshooting steps.

## Use Cases

- Review a Vendor Firmware Image: Run a repeatable offline workflow to scan a BIOS or UEFI image, produce an EFI inventory, and document findings.
- Compare Firmware Before and After an Update: Create baselines from known images and compare updated firmware for changed modules, missing entries, or unexpected additions.
- Triage Suspected Firmware Compromise: Scan a suspect dump for known UEFI threats, decode its structure, and collect hashes for deeper investigation.

## Prompt Templates

### Start a Basic Firmware Scan

```
Use the chipsec skill to plan a safe offline scan for firmware.bin. Include the main CHIPSEC commands, expected outputs, and what I should save.
```

### Build an EFI Inventory Workflow

```
Use the chipsec skill to create an EFI inventory workflow for my firmware image. Explain how to name the outputs and how to use the inventory later.
```

### Compare Two Firmware Images

```
Use the chipsec skill to compare original_firmware.bin and updated_firmware.bin. Focus on baseline generation, CHIPSEC checks, and findings I should report.
```

### Prepare Incident Response Evidence

```
Use the chipsec skill to design an incident response workflow for a suspect UEFI dump. Include threat scanning, decoding, NVRAM review, hash collection, and reporting priorities.
```

## Limitations

- Requires CHIPSEC and supporting command-line tools to be installed separately.
- Does not perform live hardware checks or kernel-driver-based CHIPSEC modules.
- Cannot prove firmware is safe when blocklist scans return no matches.
- Some examples recommend broad permissions and should be reviewed before use.

## Best Practices

- Run analysis only on firmware you own or are authorized to review.
- Keep original firmware dumps read-only and store generated outputs in a separate analysis directory.
- Review privileged setup commands before running them and prefer least-privilege permissions.

## Anti Patterns

- Do not run live CHIPSEC modules when the goal is offline dump analysis.
- Do not treat a clean blocklist scan as proof that firmware is trustworthy.
- Do not apply world-writable permissions to system directories without a security review.

## Security Audit

- - Safe to publish: true
- - Audited at: 2026-06-28T17:59:08.433\+00:00
- - Summary: Static analysis found many command, malware-keyword, weak-hash, and filesystem alerts, but most are Markdown examples for defensive offline firmware analysis. The confirmed concern is repeated guidance to run sudo chmod 777 on a Python site-packages logs directory, which is unsafe documentation for users. No prompt injection attempt, credential exfiltration, or malicious automation was found in the reviewed files.

## Stats

- - Views: 374
- - Downloads: 6
- - Favorites: 0
- - Popularity score: 0