The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py executes the Volatility 3 framework using subprocess.run. The command is constructed as a list, which is a secure implementation that avoids shell injection vulnerabilities.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to process data from potentially compromised memory dumps. \n- Ingestion points: The memory dump file provided via the --memory-file argument in scripts/agent.py. \n- Boundary markers: No explicit delimiters or instructions are used to separate the analyzed data from agent instructions. \n- Capability inventory: The skill can execute local shell commands via Volatility plugins. \n- Sanitization: No specific sanitization of extracted memory strings is performed. \n- Context: This risk is inherent to the primary purpose of a forensic tool and is considered acceptable given its intended use in incident response.
[EXTERNAL_DOWNLOADS]: The documentation references official memory acquisition tools and the Volatility 3 framework. No unauthorized remote code downloads or executions are performed by the skill's scripts.

conducting-memory-forensics-with-volatility