Endpoint visibility, digital forensics, and incident response using Velociraptor Query Language (VQL) for evidence collection and threat hunting at scale. Use when: (1) Conducting forensic investigations across multiple endpoints, (2) Hunting for indicators of compromise or suspicious activities, (3) Collecting endpoint telemetry and artifacts for incident analysis, (4) Performing live response and evidence preservation, (5) Monitoring endpoints for security events, (6) Creating custom forensic artifacts for specific threat scenarios.
/plugin marketplace add AgentSecOps/SecOpsAgentKit/plugin install appsec-skills@agent-sec-ops-kit-skillsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/artifact-template.yamlassets/ci-config-template.ymlassets/hunt-template.yamlassets/offline-collector-config.yamlassets/rule-template.yamlreferences/EXAMPLE.mdreferences/WORKFLOW_CHECKLIST.mdreferences/artifact-development.mdreferences/deployment-guide.mdreferences/mitre-attack-mapping.mdreferences/vql-patterns.mdBuild robust backtesting systems for trading strategies with proper handling of look-ahead bias, survivorship bias, and transaction costs. Use when developing trading algorithms, validating strategies, or building backtesting infrastructure.