The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes attack narratives generated by the platform's Attack Discovery feature. These narratives are derived from security alerts which could be influenced by malicious activity, presenting a potential surface for indirect injection.
Ingestion points: Tool output from triage-attack-discoveries contains LLM-generated summaries and attack stories in SKILL.md.
Boundary markers: The skill explicitly instructs the agent to treat narrative output as a hypothesis and base confidence on structured signals (alert diversity, rule frequency, entity risk) rather than the descriptive language.
Capability inventory: Includes manage-cases for writing/persistence and threat-hunt for querying data.
Sanitization: The instructions in references/confidence-scoring.md provide a specific scoring framework to validate findings before taking action.
[SAFE]: The skill uses vendor-specific tools (triage-attack-discoveries, manage-cases, threat-hunt) that are consistent with its stated purpose as an Elastic Security SOC analyst assistant. No suspicious network activity, obfuscation, or unauthorized access patterns were detected.

attack-discovery-triage