The Agent Skills Directory

[PROMPT_INJECTION]: The skill implements an automated response workflow that is vulnerable to indirect prompt injection (Tool Output Poisoning).
Ingestion points: The pipeline ingests analysis reports from sandbox environments (Cuckoo/Joe Sandbox) in SKILL.md and scripts/agent.py. These reports are generated by executing untrusted malware samples.
Boundary markers: Absent. There are no delimiters or instructions to ignore malicious content within the sandbox reports.
Capability inventory: The push_iocs_to_blocklist function in SKILL.md performs requests.post operations to a firewall API to block IPs and domains.
Sanitization: Absent. Extracted IOCs are sent directly to the blocking API without validation against a whitelist of known-good resources. An attacker could craft a sample that, when analyzed, generates a report containing legitimate IP addresses, leading to an automated denial of service.
[DATA_EXFILTRATION]: The skill disables SSL certificate verification when sending telemetry to Splunk.
Evidence: verify=False is used in requests.post calls in both SKILL.md and scripts/agent.py. This exposes sensitive analysis data and API tokens to potential Man-in-the-Middle interception.
[SAFE]: The provided Python agent script correctly uses environment variables for sensitive API keys and connection strings, adhering to security best practices for credential management.

building-automated-malware-submission-pipeline