---

name: AnnualReports description: Annual security report aggregation and analysis. USE WHEN annual reports, security reports, threat reports, industry reports, update reports, analyze reports, vendor reports, threat landscape.

Customization

Before executing, check for user customizations at: ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/AnnualReports/

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.

🚨 MANDATORY: Voice Notification (REQUIRED BEFORE ANY ACTION)

You MUST send this notification BEFORE doing anything else when this skill is invoked.

1. Send voice notification:

   curl -s -X POST http://localhost:8888/notify \
     -H "Content-Type: application/json" \
     -d '{"message": "Running the WORKFLOWNAME workflow in the AnnualReports skill to ACTION"}' \
     > /dev/null 2>&1 &
   

2. Output text notification:

   Running the **WorkflowName** workflow in the **AnnualReports** skill to ACTION...
   

This is not optional. Execute this curl command immediately upon skill invocation.

AnnualReports - Security Report Aggregation

Aggregates and analyzes annual security reports from 570+ sources across the cybersecurity industry.

Source: awesome-annual-security-reports

Workflow Routing

• UPDATE - Fetch latest report sources from GitHub → Workflows/Update.md
• ANALYZE - Analyze reports for trends and insights → Workflows/Analyze.md
• FETCH - Download specific reports → Workflows/Fetch.md

Quick Reference

# Update sources from GitHub
bun run ~/.claude/skills/AnnualReports/Tools/UpdateSources.ts

# List all sources
bun run ~/.claude/skills/AnnualReports/Tools/ListSources.ts [category]

# Fetch a specific report
bun run ~/.claude/skills/AnnualReports/Tools/FetchReport.ts <vendor> <report-name>

Categories

Analysis Reports

• Global Threat Intelligence (56 reports) - CrowdStrike, Microsoft, IBM, Mandiant, etc.
• Regional Assessments (11 reports) - FBI, CISA, Europol, NCSC, etc.
• Sector Specific Intelligence (13 reports) - Healthcare, Finance, Energy, Transport
• Application Security (21 reports) - OWASP, Veracode, Snyk, GitGuardian
• Cloud Security (11 reports) - Google Cloud, AWS, Wiz, Datadog
• Vulnerabilities (14 reports) - Rapid7, VulnCheck, Edgescan
• Ransomware (9 reports) - Veeam, Zscaler, Palo Alto
• Data Breaches (6 reports) - Verizon DBIR, IBM Cost of Breach
• Physical Security (6 reports) - Dragos, Nozomi, Waterfall
• AI and Emerging Technologies (11 reports) - Anthropic, Google, Zimperium

Survey Reports

• Industry Trends (68 reports) - WEF, ISACA, Splunk, Gartner
• Executive Perspectives (7 reports) - CISO reports, Deloitte, Proofpoint
• Workforce and Culture (5 reports) - ISC2, KnowBe4, CompTIA
• Market and Investment Research (5 reports) - IT Harvest, Recorded Future
• Application Security (9 reports) - Checkmarx, Snyk, Traceable
• Cloud Security (7 reports) - Palo Alto, ISC2, Fortinet
• Identity Security (19 reports) - CyberArk, Okta, SailPoint
• Penetration Testing (5 reports) - HackerOne, Cobalt, Bugcrowd
• Privacy and Data Protection (8 reports) - Cisco, Proofpoint, Drata
• Ransomware (6 reports) - Sophos, Delinea, Semperis
• AI and Emerging Technologies (12 reports) - Darktrace, Wiz, HiddenLayer

Data Files

• Data/sources.json - All report sources with metadata
• Reports/ - Downloaded report files (PDFs, markdown)

Examples

Example 1: Update sources from upstream

User: "Update the annual reports"
→ Invokes UPDATE workflow
→ Fetches latest README from GitHub
→ Parses and updates sources.json
→ Reports new/changed entries

Example 2: Find threat intelligence reports

User: "What threat reports are available?"
→ Lists Global Threat Intelligence category
→ Shows 56 reports from major vendors
→ Provides direct URLs

Example 3: Analyze ransomware trends

User: "Analyze ransomware reports"
→ Invokes ANALYZE workflow
→ Fetches relevant reports
→ Synthesizes findings across vendors
→ Produces trend analysis