Skills and plugins to accelerate security workflows with the Orca Cloud Platform
Analyzes Orca Security alerts with timeline visualization, risk assessment, and progressive disclosure. Use when user asks to triage, analyze, explain, summarize, investigate, or check an Orca alert by ID (e.g., "triage orca-3636513", "what is alert orca-3548863", "check orca-3636513").
Full 360° security profile of any cloud asset — alerts, attack paths, compliance, permissions, exposure, sensitive data, and CDR activity in one view. Use when user asks about an asset's security posture or profile (e.g., "asset profile for web-bastion-host", "tell me about WEB-PRD", "security posture of", "show me everything about").
Cloud cost optimization analysis using Orca Security asset data. Discovers all cloud assets (AWS, GCP, Azure) through Orca MCP tools, compares current configurations against cheaper alternatives using live public pricing, and produces a prioritized cost reduction report with exact asset evidence. Use when the user asks about cloud cost optimization, reducing cloud spend, rightsizing instances, saving money on cloud infrastructure, cost reduction opportunities, unused resources, oversized VMs, reserved instances, storage tiering, or wants to know what changes would lower their cloud bill.
Deep-dive compliance gap analysis for any framework — failing controls ranked by impact, quick wins, account breakdown, and remediation plan. Use when user asks about compliance gaps, failures, or status (e.g., "compliance gaps", "PCI DSS status", "where are we failing", "SOC 2 compliance", "quick wins").
Traces any Orca alert back to who deployed it, what tool was used, what introduced the issue, and a full timeline of events. Use when user asks about origin, deployment, or ownership of an alert (e.g., "who created this", "where did this come from", "trace back orca-3380725", "who deployed", "what tool was used").
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
| Skill | Question It Answers |
|---|---|
orca-alert-triage | "What is this alert and should I care?" |
orca-impact-analysis | "If I fix this, what else closes — and what breaks?" |
orca-config-origin | "Who did this, how was it deployed, and what introduced the issue?" |
orca-morning-briefing | "What happened while I was away, and what needs my attention?" |
orca-asset-profile | "Tell me everything about this asset in one place." |
orca-compliance-gap | "Where are we failing, what's the fastest path to improve?" |
orca-data-exposure | "Where is our sensitive data, is it protected, and what's at risk?" |
orca-exposure-map | "What can an attacker see from outside?" |
orca-identity-review | "Is this identity overprivileged, and what's the blast radius?" |
orca-investigate | "What happened, who did it, and how far did they get?" |
orca-cloud-cost-optimizer | "Where are we overspending and what should we fix first?" |
Daily ops: Morning briefing → Triage → Asset profile → Impact analysis → Config origin → Fix
Proactive posture: Compliance gaps → Exposure map → Data exposure → Identity review
Incident response: Investigate → Identity review → Asset profile → Contain and remediate
/plugin marketplace add orcasecurity/orca-skills
Next step: Configure the Orca Security MCP server (see MCP Configuration below).
Add the marketplace to your Claude Desktop configuration, then install skills from the marketplace UI.
# Clone the repository
git clone https://github.com/orcasecurity/orca-skills.git
cd orca-skills
# Copy skills to your skills directory
cp -r skills/* ~/.claude/skills/
Required: These skills need the Orca Security MCP server to access your environment data.
Add to your .mcp.json (in project root or ~/.claude/.mcp.json):
Uses OAuth2 for authentication
{
"mcpServers": {
"orca-security": {
"type": "http",
"url": "https://mcp.orcasecurity.io"
}
}
}
For token based authentication (For services and automations)
{
"mcpServers": {
"orca-security": {
"type": "http",
"url": "https://api.orcasecurity.io/mcp",
"headers": {
"Authorization": "Token YOUR_ORCA_API_TOKEN"
}
}
}
}
Get your API token: Orca API Authentication Guide
MCP Integration Docs: Orca MCP Setup
npx claudepluginhub sauravhiremath/orca-skills --plugin orca-skillsHarness-native ECC operator layer - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, selective install profiles, and production-ready workflows for Claude Code, Codex, OpenCode, Cursor, and related agent harnesses
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
A growing collection of Claude-compatible academic workflow bundles. Covers scientific figures, manuscript writing and polishing, reviewer assessment, citation retrieval, data availability, paper reading, literature search, response letters, paper-to-PPTX conversion, and evidence-grounded Chinese invention patent drafting. Rules are organized as reusable skill folders with explicit workflows and quality checks.
Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques
Plugin-safe Claude Code distribution of Agentic Awesome Skills with 1,913 supported skills.
This skill should be used when users need to generate ideas, explore creative solutions, or systematically brainstorm approaches to problems. Use when users request help with ideation, content planning, product features, marketing campaigns, strategic planning, creative writing, or any task requiring structured idea generation. The skill provides 30+ research-validated prompt patterns across 14 categories with exact templates, success metrics, and domain-specific applications.