collecting-threat-intelligence-with-misp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public community threat feeds (e.g., CIRCL OSINT, Botvrij.eu, abuse.ch URLhaus at https://urlhaus.abuse.ch/downloads/csv_recent/) via MISP feed configuration and PyMISP calls (seen in SKILL.md, references/workflows.md, and scripts/process.py/agent.py), meaning untrusted, user-generated third-party content is parsed and used to create events, attributes, and exports that can materially change tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's deployment instructions explicitly run remote code by cloning and launching the misp-docker repository (git clone https://github.com/MISP/misp-docker.git followed by docker compose up -d), which fetches external code and executes it as part of setup/runtime, so this URL is a runtime external dependency that can execute remote code.