The Agent Skills Directory

[SAFE]: The skill contains Python scripts designed for legitimate malware analysis. The scripts extract strings, compute file hashes (MD5, SHA1, SHA256), and identify configuration indicators (SMTP, FTP, Telegram, Discord) from .NET-based malware samples.
[SAFE]: No malicious patterns, such as prompt injection, credential exfiltration, or persistence mechanisms, were detected. The scripts operate locally on files provided by the user and output analysis results to the console or a JSON file.
[SAFE]: The provided documentation includes standard analysis workflows, report templates, and YARA rules which are best practices in the cybersecurity industry.
[PROMPT_INJECTION]: The skill is designed to process untrusted binary files (malware samples), which inherently presents a surface for indirect prompt injection if the agent interprets the analysis output as instructions. However, the scripts use safe decoding methods (errors='replace') and focus on extraction rather than execution, mitigating risk.

extracting-config-from-agent-tesla-rat