The Agent Skills Directory

[COMMAND_EXECUTION]: The documentation in SKILL.md includes instructions to execute high-privilege commands using sudo. These are required for managing wireless interfaces (e.g., sudo iw dev wlan0 set type monitor) and starting the Kismet service (sudo kismet -c wlan0).
[CREDENTIALS_UNSAFE]: Both the documentation in SKILL.md and the Python agent in scripts/agent.py utilize hardcoded default credentials (kismet/kismet) for authenticating with the Kismet REST API. While standard for the tool, these should be modified in operational environments.
[PROMPT_INJECTION]: The skill processes untrusted external data such as SSIDs and device names, which creates a surface for indirect prompt injection.
Ingestion points: Data is collected from the Kismet API in scripts/agent.py and from SQLite databases in SKILL.md.
Boundary markers: No delimiters or specialized instructions are used to separate external data from the agent's logic.
Capability inventory: The skill performs system-level network configuration via sudo and uses the requests library for network communication.
Sanitization: There is no evidence of validation or sanitization of wireless metadata before it is printed or processed by the analysis scripts.

performing-wireless-security-assessment-with-kismet