Ioc Patrol Report

Key things to consider before installing or running this skill: - Do NOT run the packaged code as-is. The repo contains a config.yaml with plaintext credentials for host hightop.xin (port 55432) and database 'sunway'. If you run the skill without editing the config, it will attempt to connect to that external database instead of your own. - Treat the embedded credentials as a red flag: remove or overwrite config.yaml, or replace it with a template that contains no real credentials. Prefer using environment variables (DB_HOST, DB_NAME, DB_USER, DB_PASSWORD) as suggested in SKILL.md. - Inspect scripts/generate_report.py yourself (or run in an isolated/sandboxed environment) before giving it network access. Note the script issues many SELECT queries (including personnel/access tables) which may expose sensitive data if pointed at your DB. - If you need to use this skill, create and point it at a dedicated, access-controlled database or a read-only user with minimal privileges. Verify queries and limit table access to only the columns required for reporting. - The code has small bugs/rough edges (duplicate except blocks; an except path calls a non-existent get_mock_data()), which suggests the package was not carefully audited — treat it as untrusted sample code until cleaned up. If you want, I can: (1) show the exact lines in config.yaml and generate_report.py that are most concerning, (2) produce a safe config template you can drop in place, or (3) advise how to run it in an isolated container with no network access.