The Agent Skills Directory

[COMMAND_EXECUTION]: The skill contains Python scripts (scripts/agent.py and scripts/process.py) that execute system-level Windows commands such as auditpol, wevtutil, and powershell. These commands are used strictly for auditing the local security configuration and are executed using safe subprocess patterns that avoid shell interpretation.- [SAFE]: All external URLs and project references provided in the documentation link to reputable and well-known cybersecurity resources, including Microsoft Learn, the SANS Institute, and trusted GitHub repositories from organizations like Palantir and SwiftOnSecurity.- [DATA_EXPOSURE]: The tool retrieves configuration data from the Windows Registry and audit subsystem. This access is necessary for its stated auditing purpose and is limited to system metadata; the skill does not interact with sensitive user files, personal data, or stored credentials.

configuring-windows-event-logging-for-detection