The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions to execute administrative commands using sudo for deploying Zeek configurations, managing system services, and implementing network containment via iptables. These actions are directly related to the skill's primary purpose of network security and incident response.
[EXTERNAL_DOWNLOADS]: The workflow includes the installation of the sigma-cli tool using pip3 to convert vendor-neutral detection rules into specific SIEM formats. It also references the python-evtx library for parsing Windows event log files.
[SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration were detected. The skill's functionality aligns with its stated goal of providing threat detection and hunting capabilities for enterprise network environments.

detecting-lateral-movement-in-network