skills/mukul975/anthropic-cybersecurity-skills/analyzing-threat-intelligence-feeds/Gen Agent Trust Hub
analyzing-threat-intelligence-feeds
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The
scripts/agent.pyscript is designed to send credentials (TAXII_USERandTAXII_PASSWORD) to a user-provided TAXII server URL. This behavior is a standard part of the protocol's operation but is noted as a data flow involving sensitive information.\n- [PROMPT_INJECTION]: The skill's ingestion of external threat feeds presents an indirect prompt injection attack surface.\n - Ingestion points: External data is ingested through TAXII server connections and local files via the
fetch_indicatorsfunction and--ioc-fileargument inscripts/agent.py.\n - Boundary markers: There are no explicit markers or instructions within the processing logic to distinguish between data and potential instructions embedded in the feed content.\n
- Capability inventory: The agent can perform network requests and write files to the system.\n
- Sanitization: Ingested content is processed using regular expressions and the
stix2library, providing basic structure validation but not full content sanitization.
Audit Metadata