The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py and the instructions in SKILL.md use subprocess.run to execute external forensic tools such as vol (Volatility 3) and pypykatz. These commands are used for legitimate process analysis and credential extraction within a forensic workflow and are implemented using secure coding practices (argument lists).
[EXTERNAL_DOWNLOADS]: The skill instructs the user to install well-known cybersecurity packages (volatility3, pypykatz) via pip. These tools are recognized in the incident response industry and are fetched from standard package registries.
[PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection as it parses untrusted data from memory dumps (e.g., usernames, domain names, and strings) and incorporates them into its report. However, this is inherent to forensics tools.
Ingestion points: Raw memory dump files (memory.raw) and extracted LSASS memory maps processed in scripts/agent.py.
Boundary markers: Absent; extracted forensic data is printed directly to stdout and saved to JSON without specific LLM-targeted delimiters.
Capability inventory: The script has subprocess.run capabilities to invoke system tools.
Sanitization: Extracted credential fragments are truncated to 30-60 characters in scripts/agent.py before being added to reports, which serves as a basic filter for large-scale injection payloads.
[DATA_EXFILTRATION]: The skill extracts and aggregates sensitive authentication data (NTLM hashes, Kerberos tickets, API keys) into a local file (credential_report.json). This behavior is the core intended functionality of the tool for forensic analysis. No network operations or external data transfer mechanisms were detected in the scripts.

extracting-credentials-from-memory-dump