building-ioc-defanging-and-sharing-pipeline

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes examples that place API keys and passwords directly into request headers and function calls (e.g., misp_key in Authorization header and TAXII username/password), which requires the LLM to handle or output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill clearly ingests and acts on untrusted external content: scripts/agent.py extracts IOCs from an arbitrary input file, enrich_ioc fetches data from public APIs (VirusTotal and AbuseIPDB), and SKILL.md Step 4 shows pushing STIX bundles to external MISP/TAXII servers — all of which are third‑party sources whose responses are parsed and used to create/distribute indicators.