skills/mukul975/anthropic-cybersecurity-skills/analyzing-threat-landscape-with-misp/Gen Agent Trust Hub
analyzing-threat-landscape-with-misp
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
pymisplibrary, which is the official Python client for interacting with MISP instances.\n- [COMMAND_EXECUTION]: The scriptscripts/agent.pyis executed via the command line to process threat intelligence data. It accepts configuration parameters such as the MISP URL and API key as arguments.\n- [DATA_EXFILTRATION]: The skill performs network requests to a user-specified MISP instance to retrieve event data. This data is processed locally to generate a JSON report. No data is sent to unauthorized external domains.\n- [PROMPT_INJECTION]: The skill processes external threat intelligence data (tags, attributes, event descriptions) which could theoretically contain malicious instructions. However, the script performs structured data extraction and statistical analysis rather than directly interpolating untrusted text into a prompt for execution.\n - Ingestion points: Data is fetched from the MISP API in
scripts/agent.pyvia themisp.search()method.\n - Boundary markers: None identified in the script's output processing.\n
- Capability inventory: The script has file-write capabilities (
json.dumpto a local file) and network access to the MISP API.\n - Sanitization: The script extracts specific metadata fields (tags, levels, types) and aggregates them, which limits the risk of direct instruction injection.
Audit Metadata