The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references the download of framework data from MITRE's official GitHub repository in references/api-reference.md. This is a neutral, legitimate operation targeting a trusted organization.
[SAFE]: The Python analysis scripts rely on standard library modules to process local JSON rule files. No evidence of obfuscation, data exfiltration, or malicious persistence was found.
[COMMAND_EXECUTION]: The skill includes Splunk (SPL) and Azure Sentinel (KQL) query examples. These are documentation templates for manual rule export and do not represent a security risk.

implementing-mitre-attack-coverage-mapping