# OpenSourceMalware Docs > Learn how to use our community-driven threat intel feed for malicious open source assets. ## Docs - [AGENTS](https://docs.opensourcemalware.com/AGENTS.md) - [API authentication with Bearer tokens (osm_ prefix)](https://docs.opensourcemalware.com/api/authentication.md): Learn how to generate an OSM API token from your profile settings and pass it correctly in the Authorization header for every API request. - [Find out if an asset is malicious](https://docs.opensourcemalware.com/api/check-malicious.md): Use the free Check Malicious endpoint to query packages, repositories, URLs, and domains for malicious content. - [Modify a threat report](https://docs.opensourcemalware.com/api/modify-threat.md): Make changes to an existing threat report via API - [Automate threat intel and contributions via API](https://docs.opensourcemalware.com/api/overview.md): Integrate threat intelligence into your security workflows with our RESTful API. - [Query latest threats by ecosystem](https://docs.opensourcemalware.com/api/query-latest.md): Retrieve the 100 most recent verified threat reports from any supported ecosystem or threat category. - [Use STIX to retrieve most recent threat reports](https://docs.opensourcemalware.com/api/query-latest-stix.md): Retrieve the 100 most recent verified threat reports from any supported ecosystem or threat category - via STIX format. - [Pull all threats links to a specific username](https://docs.opensourcemalware.com/api/query-username.md): Find all verified threats associated with a specific publisher or username in a given ecosystem. - [API rate limits](https://docs.opensourcemalware.com/api/rate-limits.md): Per-token, per-minute request limits for Standard and Pro accounts, what happens when you hit your quota, and best practices for handling 429 responses. - [Ingest Threat Intel into Anomali ThreatStream](https://docs.opensourcemalware.com/api/stix-anomali.md): Retrieve a rolling-window STIX 2.1 bundle purpose-built for Anomali ThreatStream. - [Report a malicious asset via API](https://docs.opensourcemalware.com/api/submit-threat.md): Automate submission of threat reports from your own tooling instead of the web UI. - [Retrieve detailed threat metadata including IOCs](https://docs.opensourcemalware.com/api/threat-data.md): Reference for GET /threat-feed — retrieve verified threats in bulk from the OSM database to keep blocklists current and power automated alerting pipelines. - [Threat feed: query the latest verified OSM threats](https://docs.opensourcemalware.com/api/threat-feed.md): Poll for verified threat reports added within a time window. - [The threats we track](https://docs.opensourcemalware.com/asset-types.md): The broadest coverage for malicious open source. - [Our guidelines, values, and Code of Conduct](https://docs.opensourcemalware.com/community/community-guidelines.md): Standards for contributing to OpenSourceMalware: expected behavior, prohibited actions, responsible disclosure, and how violations are enforced. - [How to get on the Security Researcher Leaderboard](https://docs.opensourcemalware.com/community/points-reputation.md): How we track contribution quality through points and reputation scores, what affects your standing, and how top contributors advance to reviewer roles. - [Scale impact through the Research Partner Program](https://docs.opensourcemalware.com/community/research-partners.md): How to become a Research Partner and the benefits you and your company can receive. - [About OpenSourceMalware](https://docs.opensourcemalware.com/index.md) - [Make your first API threat check call](https://docs.opensourcemalware.com/quickstart.md): Sign up, generate an API token, and query the OpenSourceMalware check-malicious API to find out whether an asset is malicious. - [What we look for in a threat report](https://docs.opensourcemalware.com/reporting/guidelines.md): Best practices for verifying malicious intent, gathering evidence, writing clear descriptions, and meeting OpenSourceMalware's report quality standards before you submit. - [How to report threats](https://docs.opensourcemalware.com/reporting/overview.md): Learn what threat reporting is, who can submit reports, what resource types are covered, and what information to include in a submission. - [How we verify threat reports](https://docs.opensourcemalware.com/reporting/verification-process.md): A walkthrough of the four-stage review pipeline, review criteria, possible outcomes, expected timelines, and how to become a reviewer yourself. - [Make your first API threat check call](https://docs.opensourcemalware.com/threat-alerts.md): Get email alerts about new threats. - [Browse for verified threats](https://docs.opensourcemalware.com/using-the-web-ui.md): Using the web UI to find threats in the via search, filters, and sort options ## OpenAPI Specs - [openapi](https://docs.opensourcemalware.com/api-reference/openapi.json)