KB Content Discovery skill

[stikman28]

Concept

Agent that finds and evaluates individual documents/reports for knowledge base ingestion. Distinct from Source Monitor Scout (#19) — this evaluates specific content items rather than source feeds.

Workflow:

1. Content identification — Search for: SEC filings, vendor reports, CVE advisories, regulatory updates, industry analysis
2. Relevance scoring — Score against configurable industry/company risk profile
3. Content extraction — Extract key findings, MITRE ATT&CK mappings, affected technologies, timeline
4. Ingestion recommendation — Produce structured metadata: title, source, date, tags, summary, confidence
5. Batch submission — Submit batch of recommendations for human review

Output format (per item):

- title: "Example Vendor Threat Report 2026"
  source_url: "https://..."
  publication_date: "2026-02-15"
  content_type: vendor_report
  relevance_score: 92
  tags: [ransomware, credential_theft]
  mitre_techniques: [T1566, T1078, T1486]
  summary: "Annual threat report covering..."
  recommendation: ingest
  rationale: "Directly relevant to target industry exposure..."

Enterprise use cases:

• Weekly scan for new SEC 10-K/10-Q filings mentioning cyber risk
• Monitor vendor research for industry-specific threat reports
• Track regulatory updates (NIST, SEC cyber rules, EU DORA)
• Discover new MITRE ATT&CK techniques relevant to target industry

New file

.agents/skills/kb-content-discovery/SKILL.md

Phase

Phase 4: Use Case Skills

Depends on

#14-#16 (skills framework), #19 (shares source scanning patterns)