The Agent Skills Directory

[SAFE]: The skill performs legitimate digital forensics and incident response (DFIR) tasks. The analysis of Amcache artifacts is a standard procedure for identifying execution evidence on Windows systems.- [EXTERNAL_DOWNLOADS]: The skill references and imports the 'regipy' Python library. This is a well-established open-source tool for registry hive parsing and is considered a safe dependency.- [DATA_EXFILTRATION]: Although the skill accesses sensitive forensic data within the registry, it does not contain any code for network transmission or external data exfiltration. All processing is performed locally.

analyzing-windows-amcache-artifacts