The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes SSH (via paramiko) and WinRM (via pywinrm) to execute remote enumeration commands such as 'dpkg-query', 'rpm', and 'Get-HotFix' to collect system inventory and vulnerability data. The implementation includes standard scanning practices such as the use of AutoAddPolicy for SSH and certificate validation suppression for WinRM to facilitate discovery across unmanaged internal assets.\n- [EXTERNAL_DOWNLOADS]: The skill references and provides configuration for well-known cybersecurity tools and services, including AWS Inspector2, the open-source Vuls scanner, and commercial platforms like Tenable, Wiz, and Datadog. All referenced URLs target official documentation or established security organizations.\n- [CREDENTIALS_UNSAFE]: The scanning workflow manages sensitive authentication materials including SSH private keys and WinRM credentials. The skill instructions and associated Python scripts correctly implement these as user-provided arguments and configuration parameters rather than hardcoding secrets, following secure development practices.

performing-agentless-vulnerability-scanning