The Agent Skills Directory

[SAFE]: The primary function of the skill is malware analysis and defensive signature generation, which is performed locally without suspicious operations.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of legitimate security libraries dissect.cobaltstrike and pyMalleableC2 for parsing Cobalt Strike configurations.
[SAFE]: The skill processes external C2 profiles to extract indicators; while these files are untrusted, the analysis script handles them using regex and established libraries without executing the profile content or providing a path for system compromise.

analyzing-cobaltstrike-malleable-c2-profiles