Install
openclaw skills install cyber-threat-briefCyber Threat Brief
Get a concise daily cybersecurity threat intelligence briefing. Summarizes the latest CVEs, threat actor activity, and security advisories from public feeds. Use when you want a quick security overview, emerging threat roundup, or need to check if a specific CVE or threat group has recent activity. No API key needed.
Cyber Threat Brief
Get a concise, actionable cybersecurity threat intelligence summary on demand.
When to Use
- "What are the latest CVEs?"
- "Any new threat actor activity?"
- "Give me a threat brief"
- "What's trending in cybersecurity today?"
- "Check CVE-2026-XXXXX"
How It Works
Fetches the latest data from public threat intelligence feeds and summarizes:
- Critical CVEs — New and trending vulnerabilities from NIST NVD
- Threat Actor Activity — Recent campaigns from public threat reports
- Security Advisories — Vendor patches and advisories
Commands
Quick Threat Brief
curl -s "https://services.nvd.nist.gov/rest/json/cves/2.0?resultsPerPage=5" | head -c 4000
Check Specific CVE
curl -s "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-XXXXX"
CISA Known Exploited Vulnerabilities
curl -s "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json" | head -c 4000
Important
Before generating a threat brief, always read the operational guidelines in references/threat-sources.md for the full list of sources and formatting rules.
Output Format
Present the briefing as a structured report:
- Date/Time
- Critical CVEs (severity, affected products, patch status)
- Active Threats (actor, campaign, targets, TTPs)
- Advisories (vendor, product, action required)
- Analyst Notes (trends, recommendations)
Notes
- All data from public, free sources (no API key required)
- Rate-limited feeds; don't spam requests
- Intelligence is best-effort; verify critical items against primary sources