The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill retrieves threat intelligence data from established sources including the Have I Been Pwned API and the Ransomwatch repository on GitHub. These operations are aligned with the skill's primary function and focus on data collection for security analysis.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: External data is fetched from the HIBP, URLhaus, and Ransomwatch APIs into the agent context via scripts/agent.py and scripts/process.py. Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the fetched data as untrusted content. Capability inventory: The skill can perform network operations and write findings to the local file system. Sanitization: The ingested data is processed as JSON but lacks textual sanitization or escaping before inclusion in the reports generated for the user.

performing-dark-web-monitoring-for-threats