dig

The skill aligns with its stated DNS querying and zone transfer testing purpose. It uses standard tooling (dig) and optionally wrapper scripts to produce structured JSON outputs. The primary security considerations are input handling to prevent command injection, the potential disclosure of zone data via AXFR against misconfigured servers, and the exposure of DNS-related data through record queries. Overall, the footprint is coherent with a legitimate DNS tooling capability and does not rely on unverifiable binaries or credential access. Treat AXFR attempts with explicit authorization and ensure strict target scope to maintain security posture.