The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.run to interact with the Windows schtasks utility for task enumeration and configuration export. This execution is limited to specific administrative commands necessary for the skill's forensic functionality and does not involve arbitrary shell execution.- [EXTERNAL_DOWNLOADS]: The skill documentation identifies python-evtx as a dependency for parsing Windows Event Log (EVTX) files. This is a well-established library for forensic analysis and is used legitimately within the context of the skill.- [PROMPT_INJECTION]: The skill's data processing pipeline creates a surface for indirect prompt injection as it ingests untrusted system data. 1. Ingestion points: scripts/agent.py reads data from schtasks output and EVTX files; scripts/process.py reads local JSON and CSV log files. 2. Boundary markers: No delimiters or explicit warnings are used to wrap ingested content. 3. Capability inventory: The skill has limited command execution via schtasks and local file write permissions for outputting findings. 4. Sanitization: The scripts use regular expressions for detection but do not sanitize ingested strings to prevent potential prompt escapes before presenting results to the agent context.

hunting-for-scheduled-task-persistence