The Agent Skills Directory

[COMMAND_EXECUTION]: The Python script modbus_detector.py embedded in SKILL.md uses the scapy library's sniff function to monitor network traffic. In many environments, network sniffing requires elevated system privileges to access raw network sockets.
[EXTERNAL_DOWNLOADS]: The skill identifies the scapy Python library as a dependency and mentions its installation via pip. Scapy is a standard and well-known open-source tool for packet manipulation and network analysis.
[SAFE]: The primary functionality of the skill involves analyzing industrial protocol fields (such as Modbus function codes and register addresses) to identify unauthorized operations, which is consistent with its stated purpose of ICS security monitoring.

detecting-modbus-command-injection-attacks