The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py executes network requests to arbitrary URLs and protocols based on user-provided input. It facilitates the execution of requests to sensitive internal IP addresses (169.254.169.254) and local loopback addresses (127.0.0.1) to probe for open ports and services.
[DATA_EXFILTRATION]: The skill is explicitly designed to retrieve and store sensitive data, including AWS IAM security credentials, GCP service account tokens, and Azure identity tokens. It also attempts to read local system files using the file:// protocol (e.g., /etc/passwd), aggregating this information into a JSON report.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the requests Python library from an external package registry to perform its network operations.

performing-ssrf-vulnerability-exploitation