---
name: AnnualReports
description: Annual security report aggregation and analysis. USE WHEN annual reports, security reports, threat reports, industry reports, update reports, analyze reports, vendor reports, threat landscape.
---

## Customization

**Before executing, check for user customizations at:**
`~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/AnnualReports/`

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.

# AnnualReports - Security Report Aggregation

Aggregates and analyzes annual security reports from 570+ sources across the cybersecurity industry.

**Source:** [awesome-annual-security-reports](https://github.com/jacobdjwilson/awesome-annual-security-reports)

## Workflow Routing

- **UPDATE** - Fetch latest report sources from GitHub -> `Workflows/Update.md`
- **ANALYZE** - Analyze reports for trends and insights -> `Workflows/Analyze.md`
- **FETCH** - Download specific reports -> `Workflows/Fetch.md`

## Quick Reference

```bash
# Update sources from GitHub
bun run ~/.claude/skills/AnnualReports/Tools/UpdateSources.ts

# List all sources
bun run ~/.claude/skills/AnnualReports/Tools/ListSources.ts [category]

# Fetch a specific report
bun run ~/.claude/skills/AnnualReports/Tools/FetchReport.ts <vendor> <report-name>
```

## Categories

### Analysis Reports
- **Global Threat Intelligence** (56 reports) - CrowdStrike, Microsoft, IBM, Mandiant, etc.
- **Regional Assessments** (11 reports) - FBI, CISA, Europol, NCSC, etc.
- **Sector Specific Intelligence** (13 reports) - Healthcare, Finance, Energy, Transport
- **Application Security** (21 reports) - OWASP, Veracode, Snyk, GitGuardian
- **Cloud Security** (11 reports) - Google Cloud, AWS, Wiz, Datadog
- **Vulnerabilities** (14 reports) - Rapid7, VulnCheck, Edgescan
- **Ransomware** (9 reports) - Veeam, Zscaler, Palo Alto
- **Data Breaches** (6 reports) - Verizon DBIR, IBM Cost of Breach
- **Physical Security** (6 reports) - Dragos, Nozomi, Waterfall
- **AI and Emerging Technologies** (11 reports) - Anthropic, Google, Zimperium

### Survey Reports
- **Industry Trends** (68 reports) - WEF, ISACA, Splunk, Gartner
- **Executive Perspectives** (7 reports) - CISO reports, Deloitte, Proofpoint
- **Workforce and Culture** (5 reports) - ISC2, KnowBe4, CompTIA
- **Market and Investment Research** (5 reports) - IT Harvest, Recorded Future
- **Application Security** (9 reports) - Checkmarx, Snyk, Traceable
- **Cloud Security** (7 reports) - Palo Alto, ISC2, Fortinet
- **Identity Security** (19 reports) - CyberArk, Okta, SailPoint
- **Penetration Testing** (5 reports) - HackerOne, Cobalt, Bugcrowd
- **Privacy and Data Protection** (8 reports) - Cisco, Proofpoint, Drata
- **Ransomware** (6 reports) - Sophos, Delinea, Semperis
- **AI and Emerging Technologies** (12 reports) - Darktrace, Wiz, HiddenLayer

## Data Files

- `Data/sources.json` - All report sources with metadata
- `Reports/` - Downloaded report files (PDFs, markdown)

## Examples

**Example 1: Update sources from upstream**
```
User: "Update the annual reports"
-> Invokes UPDATE workflow
-> Fetches latest README from GitHub
-> Parses and updates sources.json
-> Reports new/changed entries
```

**Example 2: Find threat intelligence reports**
```
User: "What threat reports are available?"
-> Lists Global Threat Intelligence category
-> Shows 56 reports from major vendors
-> Provides direct URLs
```

**Example 3: Analyze ransomware trends**
```
User: "Analyze ransomware reports"
-> Invokes ANALYZE workflow
-> Fetches relevant reports
-> Synthesizes findings across vendors
-> Produces trend analysis
```