The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The agent script accepts credentials via command-line arguments (--password). This practice can expose sensitive information in process lists or shell history files. Additionally, the SKILL.md file contains an example command with default placeholder credentials (admin/changeme).
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from a remote Splunk instance. * Ingestion points: scripts/agent.py retrieves search results and metadata via the Splunk REST API. * Boundary markers: No delimiters or instructions to ignore embedded commands are present in the processing logic. * Capability inventory: The script has the ability to write files to the local system (--output and --sigma-export). * Sanitization: Data retrieved from the SIEM is written to files without prior sanitization or validation.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of well-known third-party packages (requests, pyyaml, sigma-cli) from standard repositories.
[SAFE]: The script provides an optional mechanism to bypass TLS verification via the SKIP_TLS_VERIFY environment variable. While this is noted as a risk for production environments, it is a documented feature for lab environments with self-signed certificates. All network operations are directed to the user-supplied Splunk URL and are necessary for the skill's primary function.

implementing-siem-correlation-rules-for-apt