The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes a PowerShell script within SKILL.md for hardening OSIsoft PI Servers. This script executes high-privilege commands to modify system security posture, including 'New-NetFirewallRule' to block or allow traffic on specific ports and 'auditpol' to enable success and failure logging for various system events.
[DATA_EXFILTRATION]: Both the tool in SKILL.md and the script in agent.py implement network scanning capabilities. They use the 'socket' library to probe the status of numerous TCP ports on target historian servers to identify exposed services. This functionality performs internal network reconnaissance, which is a common stage in data exfiltration and lateral movement, although here it is presented as a security audit step.

securing-historian-server-in-ot-environment