The Agent Skills Directory

[SAFE]: The skill's primary logic in SKILL.md and scripts/agent.py focuses on data processing and risk assessment for industrial security management. No network operations or suspicious command executions are performed.
[EXTERNAL_DOWNLOADS]: The documentation in references/api-reference.md includes example commands that fetch vulnerability information from well-known official sources, such as CISA and the NIST National Vulnerability Database.
[DATA_EXFILTRATION]: No data exfiltration patterns were detected. The Python scripts operate on local JSON data provided via command-line arguments and produce a local report file.
[PROMPT_INJECTION]: No prompt injection or instructions to bypass safety filters were found in the markdown or code content.
[SAFE]: The scripts ingest external JSON data for assets and patches via command-line arguments. This data is used strictly for risk calculation and reporting without being executed or interpolated into sensitive prompt contexts. Ingestion points: JSON data files read via --assets and --patches arguments in scripts/agent.py. Boundary markers: Absent as data is processed programmatically. Capability inventory: Local file write for report generation; no network or subprocess capabilities. Sanitization: Uses standard JSON parsing.

implementing-patch-management-for-ot-systems