The Agent Skills Directory

[SAFE]: No malicious patterns or attack vectors were identified in the skill instructions or scripts. The tool performs legitimate security auditing tasks as described in its documentation.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data (audit logs) from external sources.
Ingestion points: The scripts/agent.py script loads data from a file path provided via the --input CLI argument.
Boundary markers: Absent. The script extracts values directly from the input JSON into the output report strings.
Capability inventory: The skill is capable of reading local files and writing analysis reports to the file system.
Sanitization: Absent. Values from the audit logs (e.g., user agents, rule names) are processed as raw strings for comparison and reporting. However, the risk is mitigated by the fact that the script uses deterministic logic rather than passing data to an LLM prompt within its own execution.- [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted libraries (msal, requests) in its prerequisites. These are standard for interacting with the Microsoft Graph API and do not pose a security risk.

detecting-email-account-compromise