The Agent Skills Directory

[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface during the report generation phase.
Ingestion points: The scripts/agent.py script processes untrusted external content loaded from a JSON file via the --data argument.
Boundary markers: The Jinja2 templates lack delimiters or instructions to treat interpolated variables as data rather than instructions, potentially leading to obedience if the resulting report is processed by another LLM.
Capability inventory: The script performs file writing operations to the local file system (scripts/agent.py).
Sanitization: There is no sanitization or validation logic to filter out instruction-like strings from the JSON input fields before they are rendered into the final Markdown output.
[EXTERNAL_DOWNLOADS]: The skill depends on the jinja2 Python library (version >=3.1), which is a trusted and standard package for template processing.
[COMMAND_EXECUTION]: The Python script scripts/agent.py is executed via the CLI and manages file-based I/O for reading data and writing the generated intelligence reports.

generating-threat-intelligence-reports