The Agent Skills Directory

[COMMAND_EXECUTION]: The skill implements dynamic analysis by writing modified PowerShell scripts to temporary files and executing them using the subprocess module. This is used in SKILL.md to iteratively deobfuscate code by replacing execution commands with output commands, though it involves running potentially malicious logic on the host system with the -ExecutionPolicy Bypass flag.
[EXTERNAL_DOWNLOADS]: The skill documentation and references recommend the installation of several third-party security tools and libraries, including the PSDecode PowerShell module, the pySigma Python library, and various malware analysis projects hosted on GitHub.
[PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external PowerShell scripts, creating an attack surface for indirect prompt injection. Because the skill possesses the capability to execute analyzed content, a malicious script could potentially bypass the simple regex-based keyword replacements to execute unauthorized commands.
Ingestion points: PowerShell script content read from user-provided file paths in scripts/agent.py, scripts/process.py, and SKILL.md.
Boundary markers: The skill does not use specific markers to delimit or isolate the untrusted content before it is processed or executed.
Capability inventory: The skill has the ability to write to the file system and execute system commands via subprocess.run.
Sanitization: Sanitization is limited to basic regex-based substitution of specific execution keywords, which may not account for all obfuscation techniques or execution vectors.

deobfuscating-powershell-obfuscated-malware