The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/agent.py script executes system utilities including binwalk and file to automate the extraction and identification of firmware components. These calls are implemented using argument lists rather than shell strings, effectively preventing command injection vulnerabilities even when processing files with unusual names.
[EXTERNAL_DOWNLOADS]: The skill references and guides the user to install well-known security tools such as binwalk, UEFITool, and chipsec. These tools originate from established, trusted open-source repositories (e.g., ReFirmLabs, Intel) and are standard requirements for the stated task of firmware analysis.
[DATA_EXFILTRATION]: While the skill explicitly searches for sensitive information such as hardcoded credentials and password hashes (/etc/shadow), this behavior is confined to the target firmware image being analyzed. The script generates a local report and does not contain any network operations or mechanisms to exfiltrate discovered data to external servers.
[PROMPT_INJECTION]: The skill involves reading and reporting on content from untrusted firmware images, which represents a potential surface for indirect prompt injection. However, the script primarily uses regex for IOC extraction rather than passing raw file content to the LLM for direct interpretation, mitigating the risk of instructions embedded in the firmware influencing agent behavior.

performing-firmware-malware-analysis