secops-investigate
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- Security Operations Framework: The skill defines clear, multi-step procedures for common security tasks like malware triage and lateral movement detection. This structured approach helps ensure thorough and consistent investigations.
- Tool Selection Logic: It implements logic to select the appropriate tools (Remote vs. Local) based on the environment, ensuring the agent remains functional and uses the most relevant interfaces for SIEM and SOAR operations.
- Data Privacy Considerations: The 'Create Investigation Report' procedure explicitly includes a critical step for the agent to confirm that no sensitive PII or secrets are included in the final report, demonstrating a design focused on data safety.
- File Management: The skill utilizes the 'write_file' capability to save consolidated findings into reports. This is a standard and expected behavior for an incident response persona.
Audit Metadata