← 返回 Skills 市场
andresark

TrendAI Vision One Threat Intelligence

作者 andresark · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
103
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install vision-one-threat-intel
功能描述
Query TrendAI Vision One threat intelligence. Use when: looking up IOCs (IP, domain, hash, URL, email), checking threat feeds, reading intelligence reports,...
安全使用建议
This skill appears to do exactly what it claims: it runs local Python code that calls Trend Micro Vision One endpoints using the VISION_ONE_API_KEY. Before installing, verify you trust the skill source (homepage points to a GitHub repo but 'Source' is listed as unknown), and ensure the API key you supply has least-privilege: give only Threat Intelligence 'View' permissions for read-only use and add 'Configure' only if you need to use 'suspicious add'. Be aware 'suspicious add' is a write operation that can affect your org's block list — require human confirmation before running. The skill writes short-lived cache files to /tmp; if that is a concern, review or modify scripts/lib/cache.py. If you need higher assurance, review the referenced GitHub repo history and owner before use and rotate the API key if you suspect misuse.
功能分析
Type: OpenClaw Skill Name: vision-one-threat-intel Version: 1.0.0 The skill bundle is a well-structured tool for interacting with the TrendAI Vision One Threat Intelligence API. It follows security best practices by using only Python standard libraries, implementing proper error handling and rate-limiting, and explicitly instructing the AI agent to seek user confirmation before performing write operations (e.g., adding an IOC to a blocklist in `v1ti.py`). No evidence of data exfiltration, obfuscation, or malicious intent was found.
能力标签
requires-oauth-token
能力评估
Purpose & Capability
Name/description map to the requested resources: only VISION_ONE_API_KEY (and optional VISION_ONE_REGION) and python3 are required, which are appropriate for calling Trend Micro Vision One APIs. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md and the CLI source limit actions to Vision One API calls (feedIndicators, feeds, suspiciousObjects) and local formatting/caching. The only write action is 'suspicious add', which the docs mark as requiring explicit user confirmation. The runtime instructions do not request or read unrelated files or env vars.
Install Mechanism
There is no install spec (instruction-only skill for copy-in use) and the code uses only Python stdlib. No external downloads, package installs, or archive extraction are performed by the skill bundle itself.
Credentials
Only VISION_ONE_API_KEY is required (primaryEnv). An optional VISION_ONE_REGION is documented. No other SECRET/TOKEN/PASSWORD env vars are requested. The key's requested permissions are consistent with read operations and an optional configure permission for suspicious add.
Persistence & Privilege
always:false (no forced global enable). The skill stores short-lived cache files under a TMP cache directory (os.environ TMPDIR or /tmp), which is reasonable for caching API responses. It does not modify other skills or system-wide agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install vision-one-threat-intel
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /vision-one-threat-intel 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: 6 workflow-oriented commands for threat intel — lookup, feed, report, suspicious list/add, hunt. Zero dependencies, STIX 2.1 parsing, auto IOC detection.
元数据
Slug vision-one-threat-intel
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

TrendAI Vision One Threat Intelligence 是什么?

Query TrendAI Vision One threat intelligence. Use when: looking up IOCs (IP, domain, hash, URL, email), checking threat feeds, reading intelligence reports,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 103 次。

如何安装 TrendAI Vision One Threat Intelligence?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install vision-one-threat-intel」即可一键安装,无需额外配置。

TrendAI Vision One Threat Intelligence 是免费的吗?

是的,TrendAI Vision One Threat Intelligence 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

TrendAI Vision One Threat Intelligence 支持哪些平台?

TrendAI Vision One Threat Intelligence 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 TrendAI Vision One Threat Intelligence?

由 andresark(@andresark)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论