building-threat-feed-aggregation-with-misp

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds plaintext credentials and API keys in config and code examples (docker-compose passwords, "YOUR_MISP_API_KEY", and HEC token placed directly in an Authorization header), which requires the agent to accept and include secret values verbatim in outputs/requests, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly configures and fetches remote OSINT feeds (e.g., abuse.ch, PhishTank) in SKILL.md and in the runtime code (PyMISP examples and scripts/agent.py calls to fetch/cache feeds and restSearch), so untrusted public feed content is ingested and used for searches, correlation, exports, and automated outputs.