The Agent Skills Directory

[SAFE]: The skill serves its stated purpose of providing tools and documentation for analyzing Cobalt Strike beacons. It operates entirely on local files provided by the user and does not exhibit any network communication or unauthorized data access.
[EXTERNAL_DOWNLOADS]: The skill documentation correctly identifies dependencies on established security libraries such as "dissect.cobaltstrike", "pefile", and "yara-python". These are standard tools in the threat intelligence and incident response communities.
[COMMAND_EXECUTION]: The Python scripts ("agent.py" and "process.py") are command-line utilities that process files based on user input. They perform safe binary parsing and do not execute the content of the files being analyzed.

analyzing-cobalt-strike-beacon-configuration