The Agent Skills Directory

[COMMAND_EXECUTION]: The dns_lookup function in scripts/agent.py is vulnerable to shell command injection. It constructs commands using string interpolation of variables (domain and record_type) and executes them via subprocess.run with shell=True. Since these inputs can be derived from malicious email headers being analyzed, an attacker could execute arbitrary system commands.\n- [PROMPT_INJECTION]: The skill demonstrates a vulnerability to indirect prompt injection by processing untrusted external data (phishing emails).\n
Ingestion points: scripts/agent.py reads and parses EML files, extracting header fields such as From, Subject, and Received.\n
Boundary markers (present/absent): Absent. No isolation or boundary markers are used to separate untrusted data from instructions.\n
Capability inventory: The script possesses the capability to execute shell commands through the dns_lookup function in scripts/agent.py.\n
Sanitization (present/absent): Absent. No sanitization or validation is applied to extracted headers before they are used in system calls or displayed.

analyzing-email-headers-for-phishing-investigation