The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses subprocess.run to execute various PowerShell and Registry commands. These commands are used to audit security features like Credential Guard, BitLocker, and AppLocker. This behavior is consistent with the skill's stated purpose of performing security assessments.
[DATA_EXPOSURE]: The tool accesses sensitive system configuration data, including local administrator names and installed software lists. This information is processed locally to generate a compliance report and is not sent to any external server.
[EXTERNAL_DOWNLOADS]: The script performs a network connectivity test using Test-NetConnection to google.com on port 80. This is used solely to verify if the workstation's internet access is restricted as required by PAW guidelines and does not involve downloading or executing remote code.

implementing-privileged-access-workstation