The Agent Skills Directory

[PROMPT_INJECTION]: The skill decodes and processes untrusted network traffic data from PCAP files, creating a surface for indirect prompt injection.
Ingestion points: The extract_http_requests function in scripts/agent.py and code snippets in SKILL.md decode Base64-encoded HTTP bodies and display their content to the agent.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when outputting decoded data.
Capability inventory: The skill generates Suricata detection rules and outputs metadata to the console based on analyzed traffic.
Sanitization: The code uses string slicing and UTF-8 error replacement but lacks sanitization for prompt injection patterns or instructions.
[EXTERNAL_DOWNLOADS]: The skill utilizes well-known security services and libraries for its primary function.
Dependencies: It references standard security community packages including scapy, dpkt, and cobalt-strike-parser.
API References: Connects to Shodan and VirusTotal for infrastructure enrichment. These are recognized as well-known technology services and are documented neutrally.

analyzing-command-and-control-communication