The Agent Skills Directory

[COMMAND_EXECUTION]: The skill performs network port scanning and HTTP API queries against specified historian servers to detect unauthorized access or data integrity issues.
[EXTERNAL_DOWNLOADS]: The skill requires the standard 'requests' Python library for network communication.
[SAFE]: The agent disables SSL certificate validation ('verify=False') in its API requests, a common practice in OT environments that increases susceptibility to person-in-the-middle attacks.
[CREDENTIALS_UNSAFE]: Hardcoded placeholder strings are used for API credentials in example blocks; these are correctly identified as non-sensitive placeholders.
[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8). 1. Ingestion points: Historian API response data processed in 'SKILL.md' and 'scripts/agent.py'. 2. Boundary markers: Absent. 3. Capability inventory: Network requests and report file writing in 'scripts/agent.py'. 4. Sanitization: No escaping or validation is performed on retrieved data before it is included in the output report.

detecting-attacks-on-historian-servers