The Agent Skills Directory

[SAFE]: The skill's logic is transparent and focuses on automating the retrieval and visualization of public threat intelligence data. No malicious intent or obfuscation was found in the documentation or the script.
[EXTERNAL_DOWNLOADS]: The skill utilizes the attackcti and stix2 libraries to query MITRE's official STIX/TAXII data. These are standard industry tools for programmatically accessing ATT&CK data and are used here as intended.
[COMMAND_EXECUTION]: The CLI script scripts/agent.py implements safe input handling via the argparse module. It performs local data processing and file writing (JSON layers) without invoking shell commands or dynamic code execution.
[DATA_EXFILTRATION]: Analysis of the Python script shows no access to sensitive system directories (e.g., .ssh, .aws) or hardcoded credentials. Network activity is limited to fetching data from MITRE's repositories.

analyzing-threat-actor-ttps-with-mitre-navigator