The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to analyze untrusted third-party artifacts such as PE binaries and package manifests for malware indicators. This ingestion of untrusted data constitutes an indirect prompt injection surface where malicious content within the analyzed files could attempt to influence the agent's behavior.\n
Ingestion points: The PE comparison script in SKILL.md and the auditing functions in scripts/agent.py read content from files like package.json and setup.py.\n
Boundary markers: No delimiters or specific instructions are implemented to isolate the analyzed content from the agent's processing logic.\n
Capability inventory: The skill performs file reading, hash calculation, string pattern matching, and queries to public software registries (npm, PyPI).\n
Sanitization: There is no sanitization or escaping of the content read from untrusted files before it is processed or reported.\n- [EXTERNAL_DOWNLOADS]: The scripts/agent.py utility fetches package metadata from official software registries to verify package information and maintainer details.\n
Evidence: Network requests are made to registry.npmjs.org and pypi.org to check the status of specific packages.

analyzing-supply-chain-malware-artifacts