The Agent Skills Directory

[COMMAND_EXECUTION]: The Python script provided in the SKILL.md file executes the 'autorunsc64.exe' system utility via the subprocess.run method to perform local persistence scans. This is a legitimate and necessary operation for the skill's primary purpose of security auditing and malware analysis.- [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected. The skill uses standard Windows system utilities and follows common security analysis workflows. Administrative privileges and system access mentioned in the prerequisites are consistent with the requirements of the Sysinternals Autoruns tool.

analyzing-malware-persistence-with-autoruns