skills/mukul975/anthropic-cybersecurity-skills/evaluating-threat-intelligence-platforms/Gen Agent Trust Hub
evaluating-threat-intelligence-platforms
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script scripts/agent.py performs network requests using the urllib.request module to communicate with external TIP platforms based on user-provided URL parameters.
- [DATA_EXFILTRATION]: The connectivity testing functions in scripts/agent.py transmit sensitive API keys in HTTP headers to user-defined URLs, creating a risk of credential exfiltration if the agent is directed to an untrusted server.
- [COMMAND_EXECUTION]: The evaluation script provides an option to disable SSL certificate verification by setting the SSL context to ssl.CERT_NONE, which increases vulnerability to Man-in-the-Middle (MitM) attacks.
- [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface by ingesting and parsing JSON data from external API endpoints in scripts/agent.py. Evidence: Ingestion points include the responses from MISP and OpenCTI endpoints; boundary markers are absent; capability inventory includes network communication via urllib; sanitization of the external data is not performed before processing.
Audit Metadata