The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The SKILL.md file directs users to download forensic tools from the official site of Eric Zimmerman, a well-known community source.
[COMMAND_EXECUTION]: The scripts/agent.py file contains a function run_pecmd that utilizes subprocess.run with shell=True and string interpolation, creating a risk for command injection if malicious file paths are processed.
[COMMAND_EXECUTION]: The skill documentation includes instructions for high-privilege operations such as mounting forensic disk images.
[PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection (Category 8).
Ingestion points: The scripts/agent.py script and embedded documentation scripts ingest filenames and binary metadata from untrusted Windows Prefetch (.pf) files.
Boundary markers: No isolation or delimitation techniques are present to prevent forensic data from being interpreted as instructions by the agent.
Capability inventory: The skill possesses capabilities for filesystem interaction and subprocess execution.
Sanitization: There is no evidence of sanitization or input validation for the data extracted from forensic artifacts.

analyzing-prefetch-files-for-execution-history