{"name":"willwebster5-willwebster5-agent-skills","owner":{"name":"ClaudePluginHub"},"plugins":[{"name":"willwebster5-crowdstrike-soc-plugins-crowdstrike-soc","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Unified SOC analyst workflow for CrowdStrike NGSIEM — triage alerts, investigate security events, hunt threats, tune detections, and manage cases through a phased lifecycle.","version":"0.1.0","strict":true,"keywords":["crowdstrike","soc","ngsiem","triage","alerts","hunting","security"],"category":"productivity"},{"name":"willwebster5-crowdstrike-soc-agents-plugins-crowdstrike-soc-agents","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Agent-delegated SOC workflow for CrowdStrike NGSIEM — distributes triage, investigation, and evidence collection across specialized sub-agents (Haiku for mechanical, Sonnet for substantive, Opus for judgment).","version":"0.1.0","strict":true,"keywords":["crowdstrike","soc","ngsiem","agents","triage","security"],"category":"productivity"},{"name":"willwebster5-crowdstrike-logscale-security-queries-plugins-crowdstrike-logscale-security-queries","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Develop, optimize, and troubleshoot CrowdStrike LogScale security detection queries using CQL — includes case statements, multi-event correlation, investigation playbooks, and hunting rules.","version":"0.1.0","strict":true,"keywords":["crowdstrike","logscale","cql","detections","hunting","security"],"category":"development"},{"name":"willwebster5-crowdstrike-detection-tuning-plugins-crowdstrike-detection-tuning","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Analyze and tune CrowdStrike NGSIEM detections for false positive reduction using 38 enrichment functions across AWS, EntraID, GitHub, and network data sources.","version":"0.1.0","strict":true,"keywords":["crowdstrike","ngsiem","detections","tuning","false-positives","security"],"category":"security"},{"name":"willwebster5-crowdstrike-behavioral-detections-plugins-crowdstrike-behavioral-detections","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Design multi-event behavioral detection rules using CrowdStrike NG-SIEM correlate() function for attack chain detections across AWS, EntraID, and CrowdStrike data sources.","version":"0.1.0","strict":true,"keywords":["crowdstrike","ngsiem","detections","behavioral","correlate","security"],"category":"security"},{"name":"willwebster5-crowdstrike-cql-patterns-plugins-crowdstrike-cql-patterns","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Curated CQL detection engineering pattern catalog for CrowdStrike NG-SIEM — correlation, enrichment, aggregation, scoring, baselining, and more.","version":"0.1.0","strict":true,"keywords":["crowdstrike","ngsiem","cql","detections","patterns","security"],"category":"security"},{"name":"willwebster5-crowdstrike-fusion-workflows-plugins-crowdstrike-fusion-workflows","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Build CrowdStrike Falcon Fusion SOAR workflows — discover actions via live API, author YAML, validate locally, and deploy automation playbooks.","version":"0.1.0","strict":true,"keywords":["crowdstrike","fusion","soar","workflows","automation","security"],"category":"productivity"},{"name":"willwebster5-crowdstrike-response-playbooks-plugins-crowdstrike-response-playbooks","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Detection-to-response mapping and SOAR playbook design — analyzes detections, recommends tiered response actions, and produces handoff docs for Falcon Fusion workflow generation.","version":"0.1.0","strict":true,"keywords":["crowdstrike","response","soar","playbooks","automation","security"],"category":"productivity"},{"name":"willwebster5-crowdstrike-source-threat-modeling-plugins-crowdstrike-source-threat-modeling","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Threat-model-first detection planning for data sources without OOTB coverage — analyzes threats, validates against live log data, and produces prioritized detection backlogs.","version":"0.1.0","strict":true,"keywords":["crowdstrike","threat-modeling","detections","data-sources","security"],"category":"security"},{"name":"willwebster5-crowdstrike-threat-hunting-plugins-crowdstrike-threat-hunting","source":{"source":"github","repo":"willwebster5/agent-skills"},"description":"Autonomous threat hunting using the PEAK framework — hypothesis-driven, intelligence-driven, and baseline hunts against CrowdStrike NG-SIEM with hunt reports and detection backlogs.","version":"0.1.0","strict":true,"keywords":["crowdstrike","threat-hunting","peak","ngsiem","security"],"category":"security"}]}