The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core function involves extracting raw strings and function names from untrusted malware binaries. If this extracted data is subsequently analyzed by an AI agent, malicious instructions embedded within the malware's strings could influence the agent's behavior.
Ingestion points: The scripts scripts/agent.py and scripts/process.py, as well as the script in SKILL.md, read and parse user-provided binary files which are assumed to be malicious.
Boundary markers: The current implementation does not utilize delimiters or specific instructions to warn a consuming agent to ignore instructions embedded within the extracted data.
Capability inventory: The analysis scripts are limited to local file reading and regex extraction; they do not perform network operations or execute the analyzed code.
Sanitization: No sanitization or escaping is performed on the data extracted from the malware binaries before it is output in reports.
[EXTERNAL_DOWNLOADS]: The documentation provides references to external tools and repositories for enhanced malware analysis capabilities.
The references/api-reference.md file suggests using GoResolver from Volexity's GitHub repository. Volexity is a recognized and trusted service in the cybersecurity industry, and this download is appropriate for the skill's stated purpose.

analyzing-golang-malware-with-ghidra