Manage Proofpoint Email Protection workflows: query TAP threats and click activity, search/release quarantines, decode rewritten URLs, generate VAP reports on high-risk users, investigate campaigns and forensics, and access threat intelligence using API skills, commands, and remote MCP endpoint.
npx claudepluginhub wyre-technology/msp-claude-plugins --plugin proofpointView recent TAP threat events including blocked messages, delivered threats, and click activity
Decode a Proofpoint URL Defense rewritten URL back to the original URL
Deep-dive threat investigation with forensics, campaign context, and remediation options
Release one or more quarantined messages to their intended recipients
Search quarantined messages in Proofpoint by sender, recipient, subject, or reason
Get the Very Attacked People (VAP) report showing the most targeted users
Use this skill when working with the Proofpoint API - authentication using HTTP Basic Auth with service principal and secret, base URLs, rate limits, pagination, error codes, and common integration patterns. Covers TAP SIEM API, quarantine API, people API, and URL Defense API authentication and usage patterns.
Use this skill when working with Proofpoint forensics and threat response - auto-pull, search and destroy, message trace, evidence collection, and remediation workflows. Covers post-delivery remediation, message investigation, and incident response procedures for email-borne threats.
Use this skill when working with Proofpoint people-centric security - Very Attacked People (VAP) reports, top clickers, user risk scoring, attack index, and user-level threat analytics. Covers identifying high-risk users, measuring user susceptibility, and implementing targeted security controls for the most attacked people.
Use this skill when working with Proofpoint email quarantine - listing, searching, releasing, and deleting quarantined messages. Covers quarantine reasons, sender and recipient filtering, bulk operations, quarantine folders, and message preview. Essential for MSP help desk teams managing quarantined email for clients.
Use this skill when working with Proofpoint Targeted Attack Protection (TAP) - retrieving threat events, click tracking, message delivery and blocking data, SIEM integration feeds, and threat type analysis. Covers URL threats, attachment threats, message-level threats, permitted and blocked clicks, and campaign correlation. Essential for MSP security analysts monitoring email threat activity.
Use this skill when working with Proofpoint threat intelligence - campaign tracking, threat families, indicators of compromise (IOCs), forensic evidence, and threat landscape analysis. Covers campaign details, actor attribution, threat indicators, and how to investigate and track threat campaigns across the organization.
Use this skill when working with Proofpoint URL Defense - URL rewriting, URL decoding, real-time URL analysis, click-time protection, and URL investigation. Covers how Proofpoint rewrites URLs, how to decode rewritten URLs back to originals, and how click-time analysis works to protect users.
Comprehensive UI/UX design plugin for mobile (iOS, Android, React Native) and web applications with design systems, accessibility, and modern patterns
External network access
Connects to servers outside your machine
Search and retrieve documents from local markdown files.
Streamline people operations — recruiting, onboarding, performance reviews, compensation analysis, and policy guidance. Maintain compliance and keep your team running smoothly.
Prospect, craft outreach, and build deal strategy faster. Prep for calls, manage your pipeline, and write personalized messaging that moves deals forward.
Qiushi Skill: methodology skills for AI agents guided by seeking truth from facts, with Claude Code, Cursor, OpenClaw, Codex, OpenCode, and Hermes guidance.