The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches vulnerability intelligence data from official and trusted repositories. It retrieves the Known Exploited Vulnerabilities catalog from CISA's official domain and Exploit Prediction Scoring System scores from the FIRST.org API.
[COMMAND_EXECUTION]: The skill provides instructions for the agent to execute standard administrative PowerShell commands. These include service management (e.g., stopping the Print Spooler), registry configuration (e.g., disabling SMBv1), and the installation of official Windows updates via the PSWindowsUpdate module.
[INDIRECT_PROMPT_INJECTION]: The skill processes external vulnerability scan data from CSV reports.
Ingestion points: scripts/agent.py and scripts/process.py ingest user-supplied CSV files.
Boundary markers: The scripts use standard CSV parsing; remediation actions are recommended based on severity logic.
Capability inventory: The skill facilitates system administrative changes and software deployment.
Sanitization: Input data is parsed for remediation metrics; no evidence of untrusted input being used to dynamically construct executable code was found.

performing-endpoint-vulnerability-remediation