The Agent Skills Directory

[COMMAND_EXECUTION]: The Python scripts scripts/agent.py and scripts/process.py utilize the subprocess module to execute external binaries like nmap. These scripts pass user-provided network targets directly as command-line arguments.
[REMOTE_CODE_EXECUTION]: The skill contains exhaustive technical workflows for exploiting the MS17-010 vulnerability, including specific Metasploit module configurations (e.g., exploit/windows/smb/ms17_010_eternalblue) designed to achieve remote command execution on vulnerable servers.
[EXTERNAL_DOWNLOADS]: The scripts/process.py script requires external Python dependencies, specifically the impacket and rich libraries, to facilitate its network communication and report formatting tasks.
[DATA_EXFILTRATION]: The documentation in references/workflows.md provides explicit commands and procedures for extracting sensitive system credentials (e.g., using hashdump and load kiwi) once a target system is compromised.
[REMOTE_CODE_EXECUTION]: The skill provides detailed instructions for maintaining long-term access to compromised systems through the use of automated persistence mechanisms within the Meterpreter framework.
[COMMAND_EXECUTION]: The skill exhibits an attack surface for indirect prompt injection:
Ingestion points: Network targets and IP addresses provided via CLI arguments and processed by the scanning scripts.
Boundary markers: None; target data is directly interpolated into command strings.
Capability inventory: Execution of external binaries through subprocess and raw SMB protocol negotiation.
Sanitization: Partial; the scripts perform basic IP/CIDR validation but do not fully sanitize target strings before they are passed to system commands.

exploiting-ms17-010-eternalblue-vulnerability