The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The Docker Compose configuration in SKILL.md includes default credentials.
Evidence: APP__ADMIN__PASSWORD=TIPAdminPassword and APP__ADMIN__TOKEN=tip-opencti-token-uuid are hardcoded in the YAML service definition for OpenCTI.
Context: These are provided as setup defaults and should be replaced by users in production environments.
[PROMPT_INJECTION]: The skill processes untrusted data from external threat intelligence feeds, creating a vulnerability surface for indirect prompt injection.
Ingestion points: The skill ingests OSINT feeds via MISP and OpenCTI connectors as defined in scripts/process.py and SKILL.md.
Boundary markers: The processing scripts do not implement clear delimiters or instructions to the model to ignore potential commands embedded within indicator data.
Capability inventory: The skill has the capability to perform API operations (network requests) against MISP, OpenCTI, and Cortex, and to write files to the local disk (scripts/process.py).
Sanitization: Indicators such as URLs and email addresses are processed with minimal validation (prefix checks), lacking robust sanitization to prevent the inclusion of malicious LLM instructions.

building-threat-intelligence-platform