building-threat-intelligence-feed-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed API keys, usernames/passwords, and bearer tokens directly into code and request headers (e.g., OTXv2("YOUR_OTX_API_KEY"), Server(... user="your_username", password="your_password"), Authorization: f"Bearer {splunk_token}"), which instructs an agent to place secret values verbatim into outputs/commands and therefore creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests untrusted, public third‑party feeds (e.g., URLhaus at https://urlhaus-api.abuse.ch/v1/urls/recent/ and Feodo Tracker at https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.json in SKILL.md Step 3 and scripts/agent.py ingest_urlhaus_feed/ingest_feodotracker, plus configurable TAXII endpoints in ingest_taxii_feed), and those external indicators are parsed and used to drive downstream actions (normalization, deduplication, and pushes to SIEM), so external content can materially influence agent behavior.