Sangfor XDR Security Operations

The skill's actions (scraping an XDR web UI via a browser session and sending summaries to a hard-coded enterprise WeChat webhook) are mostly coherent with its purpose, but the inclusion of a baked-in external webhook and implicit use of the agent's browser session create a clear risk of unintended data disclosure and inconsistent credential handling.

Before installing or using this skill: (1) Do not rely on the included default webhook — replace it with a webhook you control or disable webhook notifications; the default key in the SKILL.md likely forwards SOC data to an unknown recipient. (2) Confirm how and where the skill will save configuration locally (location and file protections). (3) Be aware the skill uses the agent's browser profile/session to access XDR UI — only use it from a session you are willing to let the skill read. (4) Test in a non-production/staging environment first and review any outgoing network activity (webhook calls). (5) If you need stronger guarantees, prefer an integration that uses a managed API credential you control rather than UI scraping and embedded webhooks.