The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py utilizes subprocess.run(shell=True) to execute Volatility 3 plugins. String interpolation is used to construct the command line, specifically with the extra_args, yara_rule, and pid parameters. This configuration is vulnerable to command injection if malicious strings containing shell metacharacters (e.g., ;, &&, |) are passed to these functions.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Because it is designed to take parameters like YARA rules or extra arguments which might be generated based on untrusted external data or malicious user prompts, the lack of sanitization combined with shell execution creates a path for an attacker to execute arbitrary commands on the agent's host environment.

analyzing-memory-dumps-with-volatility