correlating-threat-campaigns
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from external sources.\n
- Ingestion points: External threat intelligence data is fetched from MISP APIs in scripts/agent.py (attributes, tags, and event information).\n
- Boundary markers: No specific boundary markers or instructions to ignore potential commands within the data are used.\n
- Capability inventory: The skill's capabilities are restricted to data processing and reporting; it lacks dangerous operations such as arbitrary command execution or file system writes.\n
- Sanitization: No explicit sanitization or filtering is applied to the values retrieved from external API responses before they are returned to the agent.\n- [DATA_EXFILTRATION]: The script scripts/agent.py initiates network requests to external MISP servers to fetch attribute and event data. While this is functional behavior, it involves transmitting API keys to non-whitelisted domains. The script also includes functionality to disable SSL certificate verification (verify_ssl=False), which is a security best practice violation that increases the risk of man-in-the-middle attacks during data retrieval.
Audit Metadata