The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py executes Volatility 3 plugins using subprocess.run with list-based arguments.
It employs shlex.split for argument parsing, which is a standard security practice to mitigate shell injection risks.
[DATA_EXFILTRATION]: The skill is intended to extract sensitive forensic artifacts, including password hashes and LSA secrets from Windows memory dumps.
Evidence: Use of plugins windows.hashdump, windows.cachedump, and windows.lsadump in agent.py and SKILL.md workflows.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8).
Ingestion points: The agent ingests and analyzes text output from Volatility commands (e.g., pslist, cmdline, yarascan) which contain data from potentially malicious memory dumps.
Boundary markers: Absent; there are no specific markers used to distinguish between forensic tool output and agent instructions.
Capability inventory: The agent can execute shell commands via the Volatility wrapper in agent.py and has broad read access to the filesystem to process memory dumps.
Sanitization: No sanitization is applied to the forensic output before processing, allowing malicious strings embedded in memory (e.g., in process names) to potentially influence the AI agent's reasoning.
[EXTERNAL_DOWNLOADS]: SKILL.md identifies the Volatility Foundation's official download site as a source for symbol tables.
Evidence: Documentation directs the user to fetch symbol packs from https://downloads.volatilityfoundation.org/volatility3/symbols/, which is a recognized and legitimate resource for memory forensics.

analyzing-memory-dumps-with-volatility