Skills
skills/mukul975/anthropic-cybersecurity-skills/triaging-security-incident-with-ir-playbook/Gen Agent Trust Hub

triaging-security-incident-with-ir-playbook

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: Provides command templates for querying SIEM logs, updating case management systems, and paging on-call responders via Splunk, TheHive, and PagerDuty.
  • [EXTERNAL_DOWNLOADS]: Automates the retrieval of enrichment data from established security services including VirusTotal and AbuseIPDB.
  • [DATA_EXFILTRATION]: Forwards incident indicators like IP addresses, domains, and file hashes to external intelligence providers for reputation analysis as part of the intended triage process.
  • [CREDENTIALS_UNSAFE]: Follows industry best practices for secret management by utilizing environment variables for API authentication keys instead of hardcoding sensitive tokens.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 02:28 PM