The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The SKILL.md file contains a payload template for a USB Rubber Ducky that uses PowerShell to download and execute a script from an external URL (https://c2.redteam.com/stager.ps1). This represents a standard remote code execution (RCE) pattern used in penetration testing contexts.
[COMMAND_EXECUTION]: The skill includes technical instructions and specific command-line snippets for operating physical security testing hardware, including Proxmark3 for RFID badge cloning and Flipper Zero for RF analysis and emulation.
[DATA_EXFILTRATION]: The documentation describes techniques for deploying rogue network implants (such as the LAN Turtle) to create reverse SSH tunnels back to a command-and-control server, which is a common vector for data exfiltration during physical assessments.
[PROMPT_INJECTION]: The assessment scripts (scripts/agent.py and scripts/process.py) ingest data from external CSV files. These scripts lack boundary markers to delimit untrusted data and do not perform sanitization on findings or check descriptions. This provides an attack surface for indirect prompt injection if the assessment results are subsequently processed by an LLM.
Ingestion points: scripts/agent.py (via --csv argument) and scripts/process.py.
Boundary markers: None present.
Capability inventory: Report generation and scoring; no subprocess or network capabilities detected in the scripts.
Sanitization: None; the scripts use standard CSV parsing without validation or escaping of field content.

performing-physical-intrusion-assessment