The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py utilizes subprocess.run to call forensic utilities including strings, readelf, and upx. These executions use argument lists rather than shell strings, which prevents shell-based command injection from malicious filenames.\n- [PROMPT_INJECTION]: The skill features an indirect prompt injection surface in scripts/agent.py through the extract_strings function. This function parses strings from untrusted binary files and injects them into the agent's context. This is a common surface for security tools, as a malicious ELF could contain instructions aimed at influencing an LLM's logic if the output is processed as instructions without sanitization.\n- [DATA_EXFILTRATION]: Analysis of scripts/agent.py confirms that while it reads local binary files for metadata and indicator extraction, it does not implement any network communication capabilities, preventing the exfiltration of analyzed data.

analyzing-linux-elf-malware