The Agent Skills Directory

[SAFE]: The skill fetches the MITRE ATT&CK enterprise dataset from its official GitHub repository (raw.githubusercontent.com/mitre/cti) to populate technique metadata and data source mappings. This is a trusted source and a standard practice in cybersecurity tooling.
[SAFE]: The log processing script (scripts/process.py) is designed to ingest external data for security analysis. While this represents a surface for indirect prompt injection, the script implements static regex-based pattern matching for detection and does not execute or evaluate the content of the logs in an unsafe manner.
[SAFE]: The skill provides templates and documentation for structured threat hunting workflows, including Splunk and KQL query examples, which align with industry best practices for proactive security monitoring.

building-threat-hunt-hypothesis-framework