skills/mukul975/anthropic-cybersecurity-skills/analyzing-threat-intelligence-feeds/Gen Agent Trust Hub
analyzing-threat-intelligence-feeds
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from external TAXII feeds and local files, which creates a potential surface for indirect prompt injection.
- Ingestion points: The
scripts/agent.pyscript fetches indicators from remote TAXII collections and reads raw IOC values from local files specified via the--ioc-fileparameter. - Boundary markers: The skill does not utilize explicit boundary markers or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The agent script possesses the capability to perform network requests to arbitrary TAXII servers and write files to the local disk.
- Sanitization: The script uses regular expressions to classify IOC types and wraps the data in structured STIX 2.1 JSON objects, providing a layer of data validation that prevents the input from being directly interpreted as agent instructions.
Audit Metadata