The Agent Skills Directory

[SAFE]: The skill documentation and provided scripts align with the stated purpose of implementing and monitoring DLP controls. All code operations are transparent and restricted to local file system scanning and log analysis.
[COMMAND_EXECUTION]: The skill includes Python scripts (scripts/agent.py and scripts/process.py) that perform automated file system traversal and regex-based content scanning. These scripts use standard library modules and do not involve shell injection or execution of arbitrary user-supplied commands.
[DATA_EXFILTRATION]: Although the skill reads sensitive files to identify potential data loss, there are no network operations in the executable scripts that exfiltrate this data. Communication with Microsoft Graph and CrowdStrike APIs mentioned in documentation is standard for DLP policy management and follows best practices for using placeholders for credentials.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted data from local files and log exports.
Ingestion points: scripts/agent.py (line 33) reads file content; scripts/process.py (line 11) reads CSV rows.
Boundary markers: None present; content is processed directly for pattern matching.
Capability inventory: Local file-read and file-write (report generation) capabilities across both script files.
Sanitization: None; however, content is processed as raw data for regex matching and is not interpreted as instructions by the scripts.

implementing-endpoint-dlp-controls