Purple team automation skill that links offensive emulation (Atomic Red Team, Caldera, Stratus Red Team, Leonidas) with detection validation, telemetry-gap analysis, and continuous control testing. Use to design adversary emulation plans tied to MITRE ATT&CK, execute safe tests in lab or controlled environments, and produce evidence-backed detection coverage reports.
Installation
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Purple team automation skill that links offensive emulation (Atomic Red Team, Caldera, Stratus Red Team, Leonidas) with detection validation, telemetry-gap analysis, and continuous control testing. Use to design adversary emulation plans tied to MITRE ATT&CK, execute safe tests in lab or controlled environments, and produce evidence-backed detection coverage reports.
Purple Team Automation
Authorization Boundary
Run only in environments with written approval, change windows, and rollback owners.
Tag every test with a unique campaign-id for cleanup and timeline reconstruction.
No data destruction, no real credential theft, no third-party services targeted.
Campaign Workflow
Pick an adversary or technique set with business relevance; cite ATT&CK IDs and known intrusion sets.