The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py performs active network port scanning of common ICS protocols (Modbus, S7comm, DNP3, etc.) to verify segmentation between IT and OT networks.
[COMMAND_EXECUTION]: The skill utilizes the pymodbus library to interact with SCADA devices, performing read operations on holding registers and device identification.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the well-known pymodbus and requests Python libraries for its core communication functions.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through the ingestion of untrusted network traffic summaries and process historian data.
Ingestion points: agent.py processes PCAP summaries and historian API responses; SKILL.md includes examples of PCAP record processing.
Boundary markers: There are no explicit delimiters or instructions to the agent to ignore embedded commands within the processed data.
Capability inventory: The skill can perform active network scanning, execute industrial protocol commands, and write data to local JSON files.
Sanitization: The skill does not perform validation or sanitization on the external data ingested from network sources or APIs.
[SAFE]: There is a minor metadata inconsistency where the author is listed as 'mahipal' in SKILL.md but identified as 'mukul975' in the LICENSE and provided context.

detecting-anomalies-in-industrial-control-systems