The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides a comprehensive list of bash commands for interacting with network services and remote hosts using tools like nmap, masscan, and various web scanners.\n- [PRIVILEGE_ESCALATION]: Multiple commands in SKILL.md (e.g., sudo nmap, sudo masscan, sudo netdiscover) explicitly require root privileges to perform raw network socket operations and system-level discovery.\n- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill references numerous external security tools and scripts (e.g., Sublist3r, Amass, ParamSpider) and directs users to public GitHub repositories for wordlists and additional resources. While standard in professional security contexts, these represent external dependencies that are executed locally.\n- [INDIRECT_PROMPT_INJECTION]: The skill functions by interpolating user-supplied domains or IP addresses into bash command templates.\n- Ingestion points: Target domain and IP address variables provided as arguments in shell commands throughout the file.\n- Boundary markers: Absent; commands are constructed directly with target variables.\n- Capability inventory: Extensive subprocess execution via shell commands, network requests (curl, dig), and local file writing (nmap output flags).\n- Sanitization: No explicit input validation, escaping, or filtering of user-supplied arguments is described in the skill instructions.

performing-reconnaissance