The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script 'scripts/agent.py' requires the installation of standard third-party libraries including 'watchdog' for filesystem events, 'requests' for webhook integration, and 'psutil' for process monitoring. These are well-known libraries and do not contribute to a high severity verdict.
[DATA_EXFILTRATION]: The monitoring agent in 'scripts/agent.py' collects sensitive system information, specifically process IDs, names, usernames, and full command-line arguments, via the 'psutil' library. This data is transmitted to user-configured Slack webhooks, SMTP servers, or syslog targets to provide context for security incidents. While sensitive, the collection is directly tied to the primary security purpose of the skill.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8). 1. Ingestion points: The agent monitors and processes filenames of newly created or modified files in protected directories. 2. Boundary markers: None; filenames are included directly in alert payloads. 3. Capability inventory: The agent can send network requests (HTTP POST, SMTP, UDP) and write to local log files. 4. Sanitization: Absent; the agent does not sanitize or escape filenames before interpolating them into alert messages, potentially allowing an attacker to influence downstream systems or agents that consume these notifications.

deploying-ransomware-canary-files