The Agent Skills Directory

[SAFE]: The Python scripts (agent.py, process.py) use the standard sqlite3 library to query databases. They correctly implement read-only access using URI parameters (mode=ro), which is a standard forensic requirement to avoid altering evidence.
[COMMAND_EXECUTION]: The scripts perform local file operations and binary parsing using the struct module. There are no instances of arbitrary command execution or shell injection vulnerabilities.
[DATA_EXFILTRATION]: The skill does not contain any network-related code or evidence of data being sent to external servers. All forensic findings and extracted pages are saved to a local output directory provided by the user.
[EXTERNAL_DOWNLOADS]: The skill references well-known forensic resources and tools (e.g., SQLite.org, Belkasoft, NIST) for educational purposes, but does not perform any automated downloads of external code or binary executables.

performing-sqlite-database-forensics