The Agent Skills Directory

[COMMAND_EXECUTION]: The skill documentation and implementation rely heavily on administrative commands via sudo. This includes package installation (apt), kernel repository management (add-apt-repository), network interface configuration (ethtool, ip link), and service management (systemctl). While these are necessary for deploying a network security tool, they grant the skill significant control over the host system.
[EXTERNAL_DOWNLOADS]: The workflow involves downloading Suricata source code from the official Open Information Security Foundation (OISF) GitHub repository and fetching security rules from Emerging Threats and other repositories using the suricata-update tool. These are well-known and reputable sources within the cybersecurity community.
[PROMPT_INJECTION]: The scripts/agent.py component parses network logs (eve.json) which contain untrusted data from the network (e.g., DNS queries, TLS SNI values, and HTTP headers). This represents an indirect prompt injection surface.
Ingestion points: scripts/agent.py reads and parses eve.json in functions parse_eve_alerts, parse_eve_dns, and parse_eve_tls.
Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands when processing the log data.
Capability inventory: scripts/agent.py has the capability to execute system commands using subprocess.run (e.g., suricata, suricata-update).
Sanitization: No sanitization or filtering is applied to the extracted fields before they are returned as part of the report. An attacker could potentially embed malicious instructions in network traffic that, when logged and subsequently processed by an AI agent, might influence the agent's reasoning.

configuring-suricata-for-network-monitoring