The Agent Skills Directory

[COMMAND_EXECUTION]: The Python scripts scripts/agent.py and scripts/process.py utilize the subprocess module to execute system commands including falco, systemctl, and kubectl. These operations are essential for the skill's purpose of managing runtime security rules and checking deployment health. Arguments are passed as lists to mitigate shell injection risks.
[EXTERNAL_DOWNLOADS]: The SKILL.md file contains instructions for installing Falco and its Helm charts. These downloads target official and well-known sources such as falco.org and falcosecurity.github.io, following standard procedure for the deployment of this security software.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its log parsing functionality.
Ingestion points: The parse_falco_alerts functions in both scripts/agent.py and scripts/process.py read JSON event data from Falco logs.
Boundary markers: There are no boundary markers or explicit 'ignore instructions' delimiters applied to the output of these parsing scripts.
Capability inventory: The skill possesses capabilities to execute shell commands and interact with Kubernetes clusters via kubectl and falco binaries.
Sanitization: The scripts perform JSON decoding but do not sanitize the content of alert fields (such as process command lines or container names), which could contain malicious instructions injected by an attacker to influence an AI agent reading the script output.

detecting-container-escape-with-falco-rules