Interpret CrowdStrike Falcon findings for sensor coverage, policy visibility, and host group scoping.
How this skill is triggered — by the user, by Claude, or both
Slash command
/crowdstrike-inspector:crowdstrike-inspector-expertThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Use this skill when reviewing `crowdstrike-inspector` output.
Use this skill when reviewing crowdstrike-inspector output.
Findings are written to ~/.cache/claude-grc/findings/crowdstrike-inspector/<run_id>.json.
Key SCF mappings:
END-03: endpoint sensor coverageCFG-02: prevention policy visibilityMON-01.2: detection policy visibilityAST-02: host-group scoping visibilityTreat inconclusive as an API permission or plan coverage gap, not a pass.
Guides collaborative design exploration before implementation: explores context, asks clarifying questions, proposes approaches, and writes a design doc for user approval.
Creates structured, bite-sized implementation plans from specs or requirements before writing code. Useful for breaking down multi-step tasks into testable steps with file structure and task boundaries.
Synthesizes the current conversation into a structured spec (PRD) and publishes it to the project issue tracker with a ready-for-agent label, without interviewing the user.
4plugins reuse this skill
First indexed Jul 18, 2026
npx claudepluginhub vantainc/claude-grc-engineering --plugin crowdstrike-inspector