Stats
Actions
Available In
Tags
Help us improve
Share bugs, ideas, or general feedback.
Plugin
crowdstrike-cql-patterns
Curated CQL detection engineering pattern catalog for CrowdStrike NG-SIEM — correlation, enrichment, aggregation, scoring, baselining, and more.
$
npx claudepluginhub willwebster5/agent-skills --plugin crowdstrike-cql-patternsPopularity
Stars
Med: 1·Avg: 289
Installs
Med: 0·Avg: 1
Forks
Med: 0·Avg: 38
Health & Quality
Maintenance
Fair5.0/10
Med: 7/10·Avg: 7.4/10
Community
Med: 42%·Avg: 41.4%
Confidence
37/100
PromisingAdoption0
Popularity37
Maintenance70
Documentation
What's Inside
README
agent-skills
A Claude Code plugin marketplace — a collection of CrowdStrike security skills and plugins.
Installation
Add this marketplace to your Claude Code setup:
/plugin marketplace add willwebster5/agent-skills
Then browse and install available plugins:
/plugin search
Available Plugins
SOC Operations
| Plugin | Description |
|---|---|
crowdstrike-soc | Unified SOC analyst workflow — triage alerts, investigate, hunt threats, tune detections, manage cases |
crowdstrike-soc-agents | Agent-delegated SOC workflow — distributes triage and investigation across specialized sub-agents |
Detection Engineering
| Plugin | Description |
|---|---|
crowdstrike-logscale-security-queries | Develop and troubleshoot CQL security detection queries for LogScale |
crowdstrike-detection-tuning | Tune NGSIEM detections for false positive reduction with 38 enrichment functions |
crowdstrike-behavioral-detections | Design multi-event behavioral detection rules using correlate() |
crowdstrike-cql-patterns | Curated CQL detection engineering pattern catalog for NG-SIEM |
Threat Intelligence & Hunting
| Plugin | Description |
|---|---|
crowdstrike-threat-hunting | Autonomous PEAK-framework threat hunting against NG-SIEM — hypothesis, intelligence, and baseline hunts |
crowdstrike-source-threat-modeling | Threat-model-first detection planning for data sources without OOTB coverage |
Automation & Response
| Plugin | Description |
|---|---|
crowdstrike-fusion-workflows | Build Falcon Fusion SOAR workflows — discover actions, author YAML, validate |
crowdstrike-response-playbooks | Detection-to-response mapping and SOAR playbook design with tiered response actions |
License
MIT
Stats
Version0.1.0
LanguagePython
Stars11
Forks2
MaintenanceFair
LicenseMIT
Last Commit
Added
Available In
Tags
Categories
Help us improve
Share bugs, ideas, or general feedback.
