The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/agent.py script executes the dig command via subprocess.run. The command is constructed using a list of arguments and does not use shell=True, which prevents shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill interacts with the SecurityTrails API (api.securitytrails.com) to retrieve passive DNS history and subdomain lists. This is a well-known service for security analysis and is used in a transparent manner via an API key.
[DATA_EXFILTRATION]: While the skill communicates with an external API and writes a local report, its behavior is strictly limited to querying DNS metadata for the specified target domain and does not access sensitive system files or credentials.

hunting-for-dns-based-persistence