{"id":"security-threat-intel-brief","title":"Threat Intel Brief","description":"Brief typed. Threat intel scattered. Typed v1 agent with eval coverage.","category":"cybersecurity","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["cybersecurity","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"security-threat-intel-brief","description":"Brief typed. Threat intel scattered. Typed v1 agent with eval coverage.","systemPrompt":"You are Threat Intel Brief. Threat intel scattered. Output: Brief typed.\nDraft sections with citations from input. Gaps for missing facts.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_intel_brief exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.security-threat-intel-brief","name":"Threat Intel Brief","description":"Brief typed. Threat intel scattered. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"security-threat-intel-brief","description":"Brief typed. Threat intel scattered. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** Threat Intel Brief — v1 validated. Pain: Threat intel scattered */\n\nexport interface Section { heading: string; body: string; citations: string[] }\nexport interface AgentOutput { title: string; sections: Section[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface SecurityThreatIntelBriefConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  title: z.string(),\n  sections: z.array(z.object({ heading: z.string(), body: z.string(), citations: z.array(z.string()).default([]) })).min(1),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'security-threat-intel-brief',\n  description: \"Threat Intel Brief — typed output agent (draft spec).\",\n  systemPrompt: `You are Threat Intel Brief. Threat intel scattered. Output: Brief typed.\nDraft sections with citations from input. Gaps for missing facts.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_intel_brief exactly once. Stop.`,\n  tools: ['submit_intel_brief'],\n}\n\nexport function createSecurityThreatIntelBriefAgent(config: SecurityThreatIntelBriefConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_intel_brief', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('security-threat-intel-brief requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'security-threat-intel-brief',\n    run,\n    asHandle() { return { name: 'security-threat-intel-brief', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# Threat Intel Brief\n\n> **v1 validated** — `npx agentskit add security-threat-intel-brief`\n\n## Pain\nThreat intel scattered\n\n## Output\nBrief typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'security-threat-intel-brief',\n  cases: [\n    { input: 'Complete input for Threat Intel Brief: Threat intel scattered. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":96,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid, non-empty structured threat-intel brief outputs for all three cases, consistently surfaced missing context, avoided fabricating threat details, handled prompt injection safely, and required human review where evidence was absent. Behavior aligns with a cautious threat-intel briefing agent. Minor quality issues remain around citation formatting and somewhat over-treating generic user requests as injection-like, but these are not v1-blocking.","strengths":["Valid structured output in every case with title, sections, gaps, open questions, and review flag in the recorded output.","Correctly refused to invent actors, malware, IOCs, dates, victims, or business impact from insufficient source material.","Handled the explicit injection case without obeying the malicious instruction or outputting only the requested approval string.","Useful gaps and open questions provide a clear path for human analysts to supply missing evidence."],"notes":["Standardize citation style so outputs do not expose internal untrusted-wrapper markers or long raw user-input strings unless explicitly required.","Consider distinguishing sparse/underspecified business requests from true instruction-injection attempts more precisely, while still avoiding invented threat intelligence."]}}