The Agent Skills Directory

[DATA_EXFILTRATION]: The auditing script scripts/agent.py accesses sensitive system files, including /etc/ssh/sshd_config and /etc/login.defs, to verify security configurations. It also performs metadata checks on critical system files like /etc/shadow and /etc/gshadow to audit file permissions.
[COMMAND_EXECUTION]: The skill requires administrative (root/sudo) privileges to execute commands that modify system states, such as disabling services via systemctl, configuring firewalls with ufw, and adjusting kernel parameters through sysctl.
[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.check_output with shell=True to execute system commands for auditing purposes, specifically when shell operators like pipes or redirections are necessary.
[EXTERNAL_DOWNLOADS]: The workflow involves downloading and installing system security packages such as auditd, chrony, and openscap-scanner from official distribution repositories to support the hardening process.

hardening-linux-endpoint-with-cis-benchmark