'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
tessl/pypi-pymisp
tessl install tessl/pypi-pymisp@2.5.0Python API for MISP threat intelligence platform enabling programmatic access to MISP instances.
Agent Success
Agent success rate when using this tile
96%
Improvement
Agent success rate improvement when using this tile compared to baseline
1.25x
Baseline
Agent success rate without this tile
77%
rubric.jsonevals/scenario-6/
{
"context": "This criteria evaluates how well the engineer uses PyMISP's external service integration capabilities, specifically for enriching MISP events with VirusTotal reputation data. The focus is on proper usage of PyMISP's connection management, event retrieval, VirusTotal integration methods, and enrichment record creation.",
"type": "weighted_checklist",
"checklist": [
{
"name": "MISP Connection Setup",
"description": "Uses PyMISP's connection class (PyMISP or ExpandedPyMISP) with proper initialization parameters (URL and API key). Should instantiate the connection object correctly to establish authenticated communication with the MISP instance.",
"max_score": 15
},
{
"name": "Event Retrieval",
"description": "Uses PyMISP's get_event() method or similar event retrieval function to fetch the event by ID. Should properly handle the event object and access its attributes.",
"max_score": 15
},
{
"name": "Attribute Extraction",
"description": "Correctly accesses and filters attributes from the retrieved event to identify IOCs that need enrichment (file hashes and URLs). Should iterate through event.Attribute or event.attributes to extract relevant indicators based on their type.",
"max_score": 15
},
{
"name": "VirusTotal Integration",
"description": "Uses PyMISP's VirusTotal integration functionality (methods like get_virustotal() or virustotal methods on the PyMISP object) to query VirusTotal for IOC reputation data. Should pass the appropriate parameters (IOC value and API key) to the VirusTotal query methods.",
"max_score": 25
},
{
"name": "Enrichment Record Creation",
"description": "Creates enrichment records or sightings in MISP using appropriate PyMISP methods (such as add_sighting(), add_attribute(), or object creation methods) to link the VirusTotal reputation data back to the original attributes. Should properly structure the enrichment data including detection ratios and service information.",
"max_score": 20
},
{
"name": "Error Handling",
"description": "Implements proper error handling for PyMISP operations including checking for PyMISP exceptions, handling API errors, validating event existence, and managing VirusTotal API failures using PyMISP's error response patterns.",
"max_score": 10
}
]
}