The Agent Skills Directory

[COMMAND_EXECUTION]: The provided script scripts/agent.py utilizes the subprocess.run method to call external command-line tools like pdf-parser. This behavior is the intended primary function of the skill for malware analysis and does not involve the use of shell=True or arbitrary user-supplied command strings.
[PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from PDF files, which introduces a potential surface for indirect prompt injection. A maliciously crafted PDF could contain text or metadata intended to influence the agent's analysis or subsequent instructions.
Ingestion points: The skill reads content from external PDF documents through scripts/agent.py and the tools documented in SKILL.md.
Boundary markers: There are no specific boundary markers or instructions to the agent to treat the extracted content as untrusted data, although the report generation is structured.
Capability inventory: The agent has the ability to read files and execute specific local analysis processes.
Sanitization: The Python agent uses latin-1 decoding with errors="replace" to prevent binary parsing errors, but it does not perform semantic sanitization of the extracted text before presenting it to the agent.

analyzing-pdf-malware-with-pdfid