The CSA, SANS, and OWASP GenAI just told CISOs to become Mythos-ready. Their brief is the best strategy document the industry has produced on the post-Mythos threat environment. It focuses on the code and vulnerability side. The artifact side -- skills, MCP servers, rule files -- is the adjacent surface that needs the same treatment.
The detection pipeline end to end -- signatures, heuristics, sandboxed execution, cross-ecosystem dedupe, and scoring. What runs where, and why.
The OWASP LLM Top 10 is a runtime framework. It does not cover the persistent artifacts that ship capability to agents. Here is the map between the two and where each one's responsibility ends.
Notes on a cross-registry audit of Anthropic Skills. Credential exfiltration, tool-call smuggling, and silent network calls are the dominant issue classes. Here is the taxonomy.
Skills, MCP servers, .cursorrules, and agents.md are the new untrusted dependencies. Treat them like npm circa 2018: untrusted by default, scanned on ingest, pinned on use.
