The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/agent.py script utilizes the subprocess module to execute nmap for network discovery and identifying exposed industrial protocols (e.g., Modbus, EtherNet/IP). This is an expected and legitimate function for an OT security auditing tool.
[SAFE]: The skill processes user-supplied configuration files and network scan results to generate security reports. This activity creates an indirect prompt injection surface; however, the impact is minimized by the skill's specific use case and lack of combined dangerous capabilities.
Ingestion points: Processes baseline.json (in SKILL.md script) for segmentation design and audits --firewall-config, --zone-config, and raw nmap output (in scripts/agent.py) for compliance checking.
Boundary markers: No specific delimiters or instructions are used to separate untrusted data from agent instructions.
Capability inventory: Includes file system write access for exporting designs/reports and execution of system commands (nmap) via subprocess.run.
Sanitization: Data is processed via standard JSON parsing and regular expressions without specific sanitization for LLM contexts.
[SAFE]: No signs of obfuscation, hardcoded credentials, or unauthorized network communication were found. All external references point to reputable industrial security standards (ISA, NIST, CISA).

implementing-network-segmentation-for-ot