The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides instructions to install the GDB Enhanced Features (GEF) plugin using the command bash -c "$(curl -fsSL https://gef.blah.cat/sh)". Piping a remote script directly to a shell is a dangerous pattern that can lead to arbitrary code execution if the source is compromised. While GEF is a known tool, the domain blah.cat is an external third-party source.
[EXTERNAL_DOWNLOADS]: The skill requires downloading and installing numerous external dependencies and tools, including pwntools, ROPgadget, and the pwndbg plugin from GitHub (https://github.com/pwndbg/pwndbg). These tools are fetched from third-party repositories outside of the established trusted vendor list.
[COMMAND_EXECUTION]: The scripts/agent.py script uses subprocess.run to execute checksec and ROPgadget on binary files provided by the user. This involves executing external binaries with parameters derived from user input.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted binary files and displays metadata such as function names and symbol information. A specially crafted binary could contain malicious instructions embedded in its symbol table or section names that could influence the agent's behavior when it interprets the analysis report.
Ingestion points: scripts/agent.py parses user-provided ELF binaries in the analyze_binary function.
Boundary markers: Absent. Extracted binary strings are included in the JSON report and console output without specific delimiters or instructions to ignore embedded content.
Capability inventory: The agent has access to subprocess.run across several functions in scripts/agent.py to execute system tools.
Sanitization: No sanitization of strings extracted from binary metadata is performed before they are incorporated into the output.

performing-binary-exploitation-analysis