The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The implementation in scripts/agent.py accepts API keys as command-line arguments via sys.argv. This is a common best practice violation in simple CLI tools, as arguments may be visible to other users on the system through process monitoring commands like ps.
[DATA_EXFILTRATION]: The skill initiates network requests to reputable external security services including VirusTotal, AbuseIPDB, Shodan, GreyNoise, and URLScan.io. These connections are necessary for fetching the reputation data described in the skill's purpose and do not represent a malicious exfiltration pattern.
[PROMPT_INJECTION]: The skill processes untrusted data from external security APIs, which creates an attack surface for indirect prompt injection if malicious content is returned by a source.
Ingestion points: API response bodies and extracted fields like last_analysis_stats and threat_label in scripts/agent.py and SKILL.md snippets.
Boundary markers: No specific boundary markers or delimiters are used in the prompt logic to isolate external data from the agent's instructions.
Capability inventory: The skill is capable of performing network requests via the requests library and generating structured JSON reports; it does not exhibit file system write or shell execution capabilities.
Sanitization: The data is parsed as JSON, but no content-level sanitization or filtering is applied to the string values before they are passed to the agent's context.

performing-ioc-enrichment-automation