The Agent Skills Directory

[SAFE]: The skill is a legitimate cybersecurity toolkit designed for proactive threat hunting. All operations are transparent and align with the described purpose.
[COMMAND_EXECUTION]: The scripts/agent.py script executes built-in Windows utilities (reg query, schtasks, wmic) via subprocess.run to gather system information.
These operations are used for legitimate diagnostic purposes.
The commands and their parameters are hardcoded within the script, preventing command injection from external sources.
[EXTERNAL_DOWNLOADS]: No external network operations or package downloads were identified. The scripts depend solely on the Python standard library and local system binaries.
[DATA_EXFILTRATION]: There is no evidence of data being sent to external servers. The scripts output findings to the local console or save reports to a user-specified local directory.

hunting-for-persistence-mechanisms-in-windows