SKILL.md packages that extend Claude Code, Cursor, Copilot, and other AI agents.
Tags

agent-canvas
Create and manipulate TLDraw whiteboard shapes, diagrams, and visual playbooks from the CLI to help agents visually communicate designs, incident timelines, and

rekal
Operational decision tree and rules for using Rekal memory tools and associated MCP memory helpers during sessions and onboarding.

paperclip
Run a product-focused forensic investigation on stalled or looping issue trees, produce a root-cause write-up and an approval-gated remediation plan without shi

openai
Diagnostic coordinator skill that triages stuck, hung, or broken systems by checking logs, workflows, browser state, and deployment/environment in a strict, rep

biblioteca
Operational diagnostics for WhatsApp: inspect message delivery, webhook deliveries/retries, triage API errors, and run phone-number health checks.

netclaw
ITSM-guided network change lifecycle: create and gate Change Requests, run pre-checks, execute via pyats-config-mgmt, verify post-change, record audit trail.

Astronomer Agents
Structured root-cause diagnosis for failed Airflow DAGs with actionable fixes, impact assessment, and prevention recommendations.

mitre-attack-agent-skills
Defensive analysis and guidance for MITRE ATT&CK technique T1098 (Account Manipulation): detection, triage, hunting, and mitigation planning for enterprise envi

openclaw-security-monitor
Proactive security monitoring, threat scanning and automated remediation for OpenClaw deployments.

mitre-attack-agent-skills
Defensive analysis skill for MITRE ATT&CK T1557.001: helps triage, detection engineering, hunting, and incident response for name-resolution poisoning and SMB r

Build With Claude
Prioritises operational work across fires, unread comms, ready-to-merge PRs, sprint issues, and revenue-impact GSD tasks to recommend the next action.

agent-skills
Analyze pcap/pcapng captures to produce protocol summaries, evidence-backed IP labeling, PNG visualizations and a structured Markdown report.

mitre-attack-agent-skills
Defensive analysis skill for MITRE ATT&CK T1560.003: helps map observations, produce detection ideas, and create triage and mitigation briefs for custom archive

mitre-attack-agent-skills
Defensive analysis skill for MITRE ATT&CK T1569.001 (Launchctl): detection, triage, and mitigation guidance for macOS adversary activity.

biblioteca
Operational diagnostics for WhatsApp in Kapso: debug message delivery, inspect webhook deliveries and retries, triage API errors, and run phone-number health ch

claude-skill-registry
Guided procedures and tool-aware workflows for proactive threat hunting (IOCs, TTPs, SIEM queries) and producing triage reports.

skills
Generate CVE request packages and disclosure artifacts (MITRE form data, GitHub advisory draft, full vulnerability report, and vendor notification templates) fr

Arcanum Tabletop Exercises
Design and generate CISA-aligned cybersecurity tabletop exercises, facilitator guides, participant materials, technical atomics, and SOP gap analyses for incide

netclaw
Search the NVD for CVEs by ID or keyword, retrieve CVSS scores, CWE info, affected configurations and remediation references to support audits, incident respons

Anthropic Cybersecurity Skills
Collect and analyze ransomware data-leak site (DLS) postings to extract victim, group, sector, and timeline intelligence for threat hunting and risk assessment.

asi
Collect and analyze ransomware data-leak site (DLS) posts to extract victim, group, sector and geographic trends for threat intelligence and proactive defense.

opencode-skills-collection
Practical guidance and commands for acquiring, analyzing, and extracting artifacts from memory dumps using tools like Volatility3 and common acquisition methods

application-skills
Integrate with FireEye via the Membrane CLI to discover alerts, events, hosts, malware details and run actions using pre-built connectors. Use when you need pro

lingxling
Guidance and practical commands for acquiring, analyzing, and extracting artifacts from volatile memory dumps for incident response and malware analysis.

lingxling
Procedural guidance and tool-focused workflows for acquiring, analyzing, and extracting artifacts from RAM dumps for incident response and malware analysis.

ai-runbooks
Find potentially duplicate or similar cases before deep analysis by running a similarity check against existing cases and returning matching case IDs.

agent-skills
Structured, blameless incident post-mortem template that produces an executive summary, timeline, root cause analysis, and actionable remediation items.

cti-expert
Comprehensive CTI/OSINT analyst skill that turns an agent into a multi-technique investigator for domain, email, username, phone, and image forensics without pa

Anthropic Cybersecurity Skills
Guides procurement, evaluation, and proof-of-concept testing for Threat Intelligence Platforms (MISP, OpenCTI, ThreatConnect, Anomali, EclecticIQ) based on inte

wizards-of-the-ghosts
Emergency containment skill: guidance and guarded procedure for immediate hard termination of processes, services, or accounts when graceful options are unavail