Agent-native security signal feed by PromptIntel. Use this skill whenever the agent needs to report threats, fetch protection feeds, apply security rules, or update SHIELD.md. Trigger on any mention of: threat reporting, security feed, MCP threats, malicious skills, prompt injection reports, IOCs, indicators of compromise, agent security, PromptIntel, MoltThreats, SHIELD.md, or SHIELD.md updates. Also trigger when the agent detects suspicious behavior during normal operation (unexpected tool calls, credential access attempts, unknown MCP servers, exfiltration patterns).
MoltThreats 0.6.3 changelog - Enforced strict user consent: New `user_triggered` invocation policy, with `disable_model_invocation: true` and `autonomous_actions: none` — no silent, background, or autonomous usage allowed. - Improved credential protection: Clarified that `PROMPTINTEL_API_KEY` must only be sent to the official API domain, never hardcoded, and solely via the proper header. - Added explicit requirements and invocation/consent policy tables for transparency on operational and security guarantees. - Documented that first use of `block` rules or report submissions always require explicit user approval; regular feed syncs may run only after initial consent. - Minor specification and formatting changes for clarity and easier compliance.