The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/agent.py script executes system commands to audit patch compliance using subprocess.run to call package managers (apt, dnf, yum) and PowerShell. These operations are core to the skill's functionality and use argument lists to mitigate injection risks.\n- [EXTERNAL_DOWNLOADS]: The agent script retrieves the Known Exploited Vulnerabilities catalog from the official CISA website (cisa.gov). This is a well-known and trusted source for cybersecurity metadata used to prioritize patching.\n- [COMMAND_EXECUTION]: Documentation in references/api-reference.md includes a code example for remote execution that interpolates a server name into a PowerShell command. This represents a potential command injection surface if implemented with untrusted inputs, requiring validation and sanitization by the end user.

implementing-patch-management-workflow