The Agent Skills Directory

[SAFE]: The skill implements a legitimate cybersecurity workflow for threat intelligence enrichment using the official OpenCTI Python client (pycti).
[EXTERNAL_DOWNLOADS]: The scripts interact with established and well-known threat intelligence services, including VirusTotal, Shodan, AbuseIPDB, GreyNoise, and SecurityTrails. These network operations are strictly limited to fetching metadata for IOCs and are consistent with the documented purpose of the skill.
[DATA_EXFILTRATION]: Analysis of the Python scripts confirms that no sensitive local data (such as SSH keys or environment secrets) is accessed or transmitted to external servers. API keys are handled securely via environment variable retrieval.
[COMMAND_EXECUTION]: No dangerous system command execution, subprocess spawning, or dynamic code evaluation (eval/exec) patterns were detected within the provided scripts.

building-ioc-enrichment-pipeline-with-opencti