building-threat-intelligence-platform

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt contains plaintext credentials in the Docker Compose (e.g., APP__ADMIN__PASSWORD, APP__ADMIN__TOKEN) and shows building Authorization headers from secret tokens/keys, which requires embedding secret values verbatim and therefore poses an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly configures and fetches public OSINT feeds (e.g., CIRCL, Botvrij.eu, abuse.ch) via the configure_osint_feeds function in SKILL.md and the configure_feeds method in scripts/process.py, ingesting untrusted third‑party content into MISP/OpenCTI that is then used in enrichment, alerting, and automated platform actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Docker Compose references external container images that are pulled and run during deployment (e.g., docker.elastic.co/elasticsearch/elasticsearch:8.12.0 and ghcr.io/misp/misp-docker/misp-core:latest), which are fetched at runtime, execute remote code, and are required components for the skill.