The Agent Skills Directory

[SAFE]: The skill's primary purpose is legitimate forensic artifact analysis. All provided scripts and command examples align with standard digital forensics and incident response (DFIR) practices.
[EXTERNAL_DOWNLOADS]: The skill utilizes the 'LnkParse3' Python package, which is a well-known and documented library for parsing Shell Link binary files. The workflow involves standard installation via pip.
[COMMAND_EXECUTION]: The provided workflow includes shell commands for mounting forensic images and copying system artifacts. These operations are performed on specific paths defined by the user and do not exhibit signs of arbitrary or malicious command injection.

analyzing-windows-lnk-files-for-artifacts