The Agent Skills Directory

[SAFE]: The Python scripts (scripts/agent.py and scripts/process.py) perform local analysis of user-provided log files using standard libraries. They do not initiate network connections, exfiltrate data, or perform unauthorized file system modifications.
[SAFE]: No hardcoded credentials, sensitive file access (e.g., SSH keys, AWS config), or privilege escalation commands were detected.
[SAFE]: The skill instructions and documentation contain no evidence of prompt injection or attempts to override agent behavior or safety filters.
[SAFE]: The skill processes untrusted log data (email bodies, URLs, process command lines) to generate hunt reports. While this provides a surface for indirect prompt injection if an LLM interprets the resulting reports, the scripts themselves handle the data as plain text, apply truncation to strings, and do not execute any ingested content. (Ingestion: scripts/agent.py, scripts/process.py; Boundaries: Absent; Capability Inventory: Local file write; Sanitization: Truncation of command lines and URLs).

hunting-for-spearphishing-indicators