The Agent Skills Directory

[SAFE]: The skill's primary function is to provide legitimate threat hunting capabilities. All scripts and documentation are consistent with the stated purpose of analyzing network security logs.
[COMMAND_EXECUTION]: The provided Python scripts (scripts/agent.py and scripts/process.py) are designed to be run as command-line utilities. They interact with the local file system to read log files and write analysis reports to user-specified paths. This is standard and necessary functionality for log processing tools.
[EXTERNAL_DOWNLOADS]: The documentation references well-known security tools such as Zeek and RITA, and mentions libraries like dpkt and dnslib, but the skill does not contain any code to automatically download or install external software. No remote network operations were detected in the scripts.

hunting-for-dns-tunneling-with-zeek