The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent on using network analysis and scanning tools such as nmap, arp-scan, tcpdump, and tshark, which typically require sudo or elevated privileges.
[COMMAND_EXECUTION]: Includes instructions for setting up bettercap for ARP spoofing on owned networks to intercept local traffic.
[EXTERNAL_DOWNLOADS]: Recommends the installation of numerous third-party tools from standard registries (npm, PyPI) and GitHub, including mitmproxy, webcrack, apktool, and frida. These are standard tools for the task and are contextually appropriate.
[COMMAND_EXECUTION]: Provides procedures for modifying system certificate trust stores to enable HTTPS interception, a privileged operation involving tools like security (macOS) or certutil (Windows).
[PROMPT_INJECTION]: Features a dedicated authorization section that mandates verification of ownership/consent and explicitly forbids use for fraud, account takeover, or malicious scraping.
[INDIRECT_PROMPT_INJECTION]: The skill involves processing untrusted data (external API traffic and third-party code bundles) to generate analysis.
Ingestion points: HAR files, proxy capture logs, and JS/Android/iOS application bundles referenced in references/capture.md and references/bundle.md.
Boundary markers: None explicitly defined in the instructions for the processed data.
Capability inventory: Significant capability to run network tools, file extraction commands, and code deobfuscators via the agent.
Sanitization: Relies on the user to manually scrub HAR files of sensitive data before processing as advised in references/capture.md.

decompose