The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides tools for arbitrary code execution within the host system and target processes, including execute_code for shellcode, inject_dll for library injection, and auto_assemble for script execution via Cheat Engine.
[COMMAND_EXECUTION]: The create_process tool allows the AI agent to launch arbitrary executables on the system.
[DATA_EXFILTRATION]: High-risk memory reading tools such as read_memory, read_pointer_chain, and dissect_structure allow access to the entire memory space of target processes, potentially exposing sensitive information like session tokens, keys, or personal data.
[PRIVILEGE_ESCALATION]: The skill encourages the use of DBVM, a Ring -1 kernel hypervisor, for 'invisible debugging' and memory access, which grants the agent extremely high-level system privileges.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8). An attacker can place malicious instructions in the memory of a process being analyzed (e.g., in a string field). When the agent reads this memory using read_string or disassemble, it could ingest instructions that trigger its RCE capabilities (inject_dll, execute_code).
Ingestion points: read_string, read_memory, disassemble, get_rtti_classname in SKILL.md.
Boundary markers: None specified in instructions.
Capability inventory: execute_code, inject_dll, auto_assemble, write_memory (defined as MCP tools).
Sanitization: No sanitization or validation of memory content is described before processing by the agent.
[EXTERNAL_DOWNLOADS]: Installation instructions include standard Python dependencies mcp and pywin32 from public registries.
[SAFE]: The use of Windows Named Pipes for local inter-process communication between the Python MCP server and the Cheat Engine Lua bridge is a standard and expected mechanism for this type of integration.

cheatengine-mcp-bridge