The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructions suggest the installation of 'cobalt-strike-parser' for configuration extraction and provide functions to query well-known threat intelligence services such as Shodan and VirusTotal.
[COMMAND_EXECUTION]: The skill provides Python scripts and shell commands for analyzing network traffic captures (PCAPs) and generating Suricata IDS rules based on identified traffic patterns.
[SAFE]: All external domains and IPs mentioned in the documentation (e.g., malicious.com) are explicitly labeled as placeholders or indicators for analysis purposes, consistent with the skill's defensive intent.

analyzing-command-and-control-communication