The Agent Skills Directory

[SAFE]: The skill provides comprehensive instructions and tools for network threat detection using industry-standard platforms like Zeek, Splunk, and Elastic.\n- [COMMAND_EXECUTION]: The workflow involves administrative commands (e.g., sudo zeekctl, iptables, wecutil) necessary for configuring network security monitoring and implementing containment measures. These actions align with the stated purpose of the skill.\n- [EXTERNAL_DOWNLOADS]: The documentation references the installation of sigma-cli and python-evtx via pip. Both are well-known, legitimate open-source tools within the cybersecurity ecosystem for processing Sigma rules and Windows Event Logs.\n- [DATA_EXPOSURE]: While the skill processes sensitive authentication and network logs, this is its primary function. No logic was found that exfiltrates this data to unauthorized external destinations or exposes credentials inappropriately.

detecting-lateral-movement-in-network