The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill communicates with Canarytokens.org and Thinkst Canary enterprise APIs to create and retrieve security tokens. These interactions are legitimate uses of well-known services for network security and intrusion detection.
[COMMAND_EXECUTION]: Provides a management script (agent.py) that acts as a command-line interface for planning deployments, automating token creation, and monitoring triggered alerts.
[DATA_EXFILTRATION]: Alert data is forwarded to user-specified webhook URLs (e.g., Slack or Microsoft Teams) and external security monitoring services. This telemetry is the intended mechanism for notification and does not involve unauthorized data movement.
[SAFE]: The skill includes functionality to write to sensitive file paths such as .aws/credentials, /etc/hosts, and .env files. These actions are performed specifically to plant honeytokens (bait) for deception purposes, consistent with the skill's stated defensive objective.

implementing-canary-tokens-for-network-intrusion