The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes standard threat intelligence libraries including attackcti, stix2, and networkx. These are well-known packages in the cybersecurity community and do not pose a risk.
[EXTERNAL_DOWNLOADS]: Documentation includes examples for interacting with reputable third-party services such as VirusTotal and PassiveTotal. These are documented neutrally for infrastructure analysis purposes.
[COMMAND_EXECUTION]: Provides a functional CLI script (scripts/process.py) to automate the processing of structured evidence files and generate attribution reports. The script uses standard argument parsing and performs no dangerous system-level operations.
[DATA_EXPOSURE]: No hardcoded credentials or sensitive file access patterns were found. API examples correctly use placeholders for keys and tokens.
[SAFE]: The code and documentation align perfectly with the stated purpose of threat intelligence analysis. No obfuscation, persistence mechanisms, or privilege escalation patterns are present.

analyzing-campaign-attribution-evidence