The Agent Skills Directory

[SAFE]: The skill is a legitimate forensic analysis tool that operates as documented. It utilizes only Python standard libraries and performs analysis on local Zeek log files to identify security indicators.
[SAFE]: The skill accesses local network logs which is the intended behavior for cybersecurity investigation. No unauthorized data access, hardcoded credential exposure, or network exfiltration was detected during analysis.
[COMMAND_EXECUTION]: The provided Python scripts and command examples are used for parsing log data. No arbitrary command execution, privilege escalation, or persistence mechanisms are present in the provided scripts.
[PROMPT_INJECTION]: The skill processes log data that may contain untrusted strings such as hostnames or usernames. While this represents a surface for indirect prompt injection common to forensic tools, it is considered safe within this context. Ingestion points: multiple Zeek logs read in scripts/agent.py and scripts/process.py. Boundary markers: None explicitly used. Capability inventory: Limited to reading local files and printing findings to the console. Sanitization: Log data is displayed as-is for investigation purposes.

detecting-lateral-movement-with-zeek