The Agent Skills Directory

[SAFE]: The skill provides structured guidance and automation for incident response planning based on authoritative sources like the CISA StopRansomware Guide and NIST CSF. No malicious overrides or instructions were found in the prompts. No dangerous tool usage or network operations were identified in the script or instructions.\n- [PROMPT_INJECTION]: The scripts/agent.py script contains a minor vulnerability surface for indirect prompt injection via the assess command.\n
Ingestion points: The script reads user-supplied JSON data from a file path provided as a command-line argument (sys.argv[2]).\n
Boundary markers: No boundary markers or delimiters are used to wrap the untrusted input data within the output templates.\n
Capability inventory: The script's capabilities are limited to console output for the assessment function and local file writing for the playbook generation function.\n
Sanitization: The input is parsed via json.load(), but no content validation or output escaping is performed before printing results to the console.

building-ransomware-playbook-with-cisa-framework