The Agent Skills Directory

[SAFE]: The skill provides functional scripts and documentation for cybersecurity threat hunting, specifically targeting the detection of shadow copy deletion (MITRE T1490). \n- [SAFE]: File system interactions in scripts/agent.py and scripts/process.py are consistent with the skill's purpose, involving reading logs and writing findings. \n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its handling of untrusted log data. \n- Ingestion points: Log files (EVTX, JSON, CSV) parsed in scripts/agent.py and scripts/process.py. \n- Boundary markers: Absent; raw log data is included in reports without delimiters. \n- Capability inventory: File-read and file-write capabilities are present in the analysis scripts. \n- Sanitization: Absent; the scripts do not sanitize command-line strings extracted from logs.

hunting-for-shadow-copy-deletion