The Agent Skills Directory

[SAFE]: The skill is designed for Security Operations Center (SOC) workflows, specifically for investigating phishing incidents. It uses standard Python libraries like email and hashlib to process incident data.
[EXTERNAL_DOWNLOADS]: Queries well-known security services including VirusTotal, URLScan.io, and MalwareBazaar to gather reputation data on URLs and file hashes. These are established services in the cybersecurity industry and their use is consistent with the skill's purpose.
[CREDENTIALS_SAFE]: API keys are managed through environment variables or clear placeholders, ensuring sensitive credentials are not hardcoded in the script or instructions.

investigating-phishing-email-incident