mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-16 04:35:18 +03:00
fix: replace word-split tags with domain-specific cybersecurity tags
Three SKILL.md files had tags that were simply words split from the skill name (e.g., "analyzing", "block", "with", "logs") rather than meaningful discovery keywords. Replace with domain-specific terms that agents and search tools can actually use for routing. - analyzing-powershell-script-block-logging: [powershell, script-block-logging, event-id-4104, obfuscation-detection, windows-forensics, endpoint-security] - analyzing-azure-activity-logs-for-threats: [azure, cloud-security, azure-monitor, kql, threat-hunting, activity-logs] - analyzing-memory-forensics-with-lime-and-volatility: [memory-forensics, linux-forensics, lime, volatility, incident-response, kernel-modules] Co-Authored-By: Claude Code <noreply@anthropic.com>
This commit is contained in:
@@ -8,10 +8,12 @@ description: 'Queries Azure Monitor activity logs and sign-in logs via azure-mon
|
|||||||
domain: cybersecurity
|
domain: cybersecurity
|
||||||
subdomain: security-operations
|
subdomain: security-operations
|
||||||
tags:
|
tags:
|
||||||
- analyzing
|
|
||||||
- azure
|
- azure
|
||||||
- activity
|
- cloud-security
|
||||||
- logs
|
- azure-monitor
|
||||||
|
- kql
|
||||||
|
- threat-hunting
|
||||||
|
- activity-logs
|
||||||
version: '1.0'
|
version: '1.0'
|
||||||
author: mahipal
|
author: mahipal
|
||||||
license: Apache-2.0
|
license: Apache-2.0
|
||||||
|
|||||||
@@ -8,10 +8,12 @@ description: 'Performs Linux memory acquisition using LiME (Linux Memory Extract
|
|||||||
domain: cybersecurity
|
domain: cybersecurity
|
||||||
subdomain: security-operations
|
subdomain: security-operations
|
||||||
tags:
|
tags:
|
||||||
- analyzing
|
- memory-forensics
|
||||||
- memory
|
- linux-forensics
|
||||||
- forensics
|
- lime
|
||||||
- with
|
- volatility
|
||||||
|
- incident-response
|
||||||
|
- kernel-modules
|
||||||
version: '1.0'
|
version: '1.0'
|
||||||
author: mahipal
|
author: mahipal
|
||||||
license: Apache-2.0
|
license: Apache-2.0
|
||||||
|
|||||||
@@ -6,10 +6,12 @@ description: Parse Windows PowerShell Script Block Logs (Event ID 4104) from EVT
|
|||||||
domain: cybersecurity
|
domain: cybersecurity
|
||||||
subdomain: security-operations
|
subdomain: security-operations
|
||||||
tags:
|
tags:
|
||||||
- analyzing
|
|
||||||
- powershell
|
- powershell
|
||||||
- script
|
- script-block-logging
|
||||||
- block
|
- event-id-4104
|
||||||
|
- obfuscation-detection
|
||||||
|
- windows-forensics
|
||||||
|
- endpoint-security
|
||||||
version: '1.0'
|
version: '1.0'
|
||||||
author: mahipal
|
author: mahipal
|
||||||
license: Apache-2.0
|
license: Apache-2.0
|
||||||
|
|||||||
Reference in New Issue
Block a user