The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches domain, IP, and certificate transparency data from reputable security services including SecurityTrails, crt.sh, URLhaus, and ThreatFox to map threat actor networks.- [PROMPT_INJECTION]: The skill ingests and processes untrusted data from external security APIs based on user-supplied indicators, creating an indirect prompt injection surface.
Ingestion points: The scripts/agent.py script and SKILL.md code snippets ingest data from crt.sh, URLhaus, ThreatFox, and SecurityTrails APIs.
Boundary markers: There are no specific delimiters or instructions to ignore potential commands embedded within the external API responses.
Capability inventory: The skill possesses the capability to perform network requests (requests) and write data to local JSON and Markdown files.
Sanitization: External content is parsed as JSON and included in generated reports without explicit validation or escaping.

building-adversary-infrastructure-tracking-system