The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires industry-standard libraries including yara-python and pefile for rule compilation and binary analysis.
[COMMAND_EXECUTION]: The provided scripts (agent.py and process.py) perform local file system operations to read binary samples and write generated YARA rules, which is consistent with the skill's stated purpose.
[SAFE]: The skill's logic is transparent and focuses on static analysis of binary files. While it processes untrusted data, the impact is confined to the generation of detection rules without granting the skill any network or system-level privileges.
Ingestion points: Binary data is ingested from user-specified file paths in scripts/agent.py (line 123) and scripts/process.py (line 211).
Boundary markers: The scripts extract strings from raw binary data without using explicit boundary markers or delimiters to ignore embedded instructions.
Capability inventory: The skill's capabilities are limited to reading local files for analysis, compiling YARA rules via the yara library, and writing resulting rule files to the local disk.
Sanitization: scripts/process.py includes basic sanitization by escaping quotes in extracted strings to ensure the integrity of generated YARA rule syntax, while scripts/agent.py performs direct interpolation.

performing-yara-rule-development-for-detection