The Agent Skills Directory

[SAFE]: The skill's scripts (agent.py and process.py) perform legitimate forensic parsing of file system metadata. No malicious functionality, exfiltration, or unauthorized operations were detected.
[COMMAND_EXECUTION]: The documentation provides example commands for well-known forensic tools. These are intended for manual execution and do not represent a security risk.
[PROMPT_INJECTION]: The skill ingests data from external forensic artifacts which may contain untrusted strings. While this is a known surface for indirect prompt injection, it is managed by the scripts' use of structured data formats for analysis output.
Ingestion points: binary $MFT files and MFTECmd-generated CSV files.
Boundary markers: None explicitly used to isolate external content.
Capability inventory: The skill is limited to local file reading and report generation.
Sanitization: Employs standard parsing libraries and generates structured JSON output.

analyzing-mft-for-deleted-file-recovery