Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic
Dépôt GitHub

analysi-app

analysi-app contient 43 skills collectées depuis open-analysi, avec une couverture métier par dépôt et des pages de détail sur le site.

skills collectés
43
Stars
1
mis à jour
2026-04-26
Forks
0
Couverture métier
4 catégories métier · 98% classifié
explorateur de dépôts

Skills dans ce dépôt

abuseipdb-integration
Analystes en sécurité de l'information

AbuseIPDB IP reputation lookups for SOC alert triage via Analysi. Use when checking IP abuse confidence scores, investigating brute force or scanning activity, or enriching alerts with crowd-sourced threat intelligence.

2026-04-26
ad-ldap-integration
Analystes en sécurité de l'information

Active Directory LDAP user attribute lookups and identity context queries during SOC alert triage. Use when investigating user accounts, group memberships, authentication anomalies, lockouts, privileged access, or correlating alerts with AD data via Analysi.

2026-04-26
cy-language-programming
Développeurs de logiciels

Write and debug Cy language scripts for automation and workflow composition. Use when working with .cy files, Security Tasks, writing Cy programs, or debugging Cy syntax errors.

2026-04-26
cybersecurity-analyst
Analystes en sécurité de l'information

Investigate security alerts, analyze IOCs, triage incidents, and perform threat analysis. Covers SIEM alerts, SOC workflows, malware, phishing, brute force, web attacks, network traffic, and log analysis. Use when building cybersecurity Tasks/Workflows or performing incident response.

2026-04-26
echo-edr-integration
Analystes en sécurité de l'information

Echo EDR endpoint detection and response for SOC alert triage. Use when investigating endpoint threats, checking process activity, retrieving host attributes, analyzing behavioral indicators, or correlating endpoint telemetry with alert data via Analysi.

2026-04-26
global-dns-integration
Analystes en sécurité de l'information

DNS resolution, reverse lookups, and mail/TXT/NS/SOA queries via Analysi's Global DNS for SOC triage. Use when investigating suspicious domains, resolving IPs to hostnames, checking SPF/DKIM/DMARC in phishing analysis, or correlating network indicators with domain infrastructure.

2026-04-26
hypothesis-building-task
Analystes en sécurité de l'information

Build hypothesis generation tasks for security investigation workflows. Use when creating tasks that form investigation hypotheses from runbooks. These tasks combine static hypotheses (baked in at Kea-time) with dynamic LLM augmentation (at runtime).

2026-04-26
mac-vendors-integration
Analystes en sécurité de l'information

MAC address OUI vendor lookup via Analysi mac_vendors integration for device identification during SOC investigations. Use when triaging alerts involving MAC addresses, identifying device manufacturers, detecting rogue/unauthorized hardware, or enriching network-layer IOCs with vendor context.

2026-04-26
nistnvd-integration
Analystes en sécurité de l'information

NIST NVD CVE lookups via Analysi for SOC alert triage. Use when investigating vulnerability-related alerts, checking CVE severity and CVSS scores, correlating exploit attempts with known vulnerabilities, assessing patch urgency, or enriching alerts with affected product details and CISA KEV status.

2026-04-26
ocsf-detection-finding
Analystes en sécurité de l'information

Parse, validate, and map OCSF Detection Finding events. Use when normalizing security alerts to OCSF, building detection-as-code pipelines, mapping vendor alerts to MITRE ATT&CK, extracting observables, or working with finding_info structures and severity/status enums.

2026-04-26
qrcode-integration
Analystes en sécurité de l'information

Decode QR codes from images during quishing and phishing investigations using the Analysi QR Code integration. Use when triaging phishing alerts with QR codes, extracting URLs from embedded images, or building quishing investigation workflows.

2026-04-26
runbook-to-workflow
Administrateurs de réseaux et de systèmes informatiques

Convert standardized runbook.md files into executable Tasks and Workflows. Use when transforming investigation runbooks into automated alert processing workflows. (project, gitignored)

2026-04-26
runbooks-manager
Analystes en sécurité de l'information

Build, match, and manage security investigation runbooks. Create from analyst investigations or SOAR playbooks, match alerts to existing runbooks, or compose new ones from patterns. Self-contained skill for all runbook operations.

2026-04-26
slack-integration
Analystes en sécurité de l'information

Slack integration for Analysi SOC investigations — alert notifications, user resolution, interactive triage questions, and incident-room coordination. Use when triaging alerts needing analyst communication, HITL decisions, or SOC notification workflows.

2026-04-26
splunk-skill
Administrateurs de réseaux et de systèmes informatiques

Use this skill when working with Splunk queries, Search Processing Language (SPL), building Splunk searches, creating dashboards, or analyzing log data. This skill provides comprehensive reference material for SPL commands, eval functions, stats functions, regex patterns, and query optimization techniques.

2026-04-26
task-builder
Développeurs de logiciels

Use when creating or modifying Analysi Security Tasks (analyst automation components that accept OCSF alerts, query integrations, and use LLM reasoning). Also use when understanding Task patterns, validation requirements, or troubleshooting task creation. Requires Cy language proficiency (reference cy-language-programming skill first).

2026-04-26
task-naming
Analystes en sécurité de l'information

Naming conventions for Analysi Security Tasks. Use when creating or proposing new tasks to ensure consistent, descriptive names. Covers human-readable names and auto-generated cy_names.

2026-04-26
tor-integration
Analystes en sécurité de l'information

Tor exit node lookups for SOC investigations via Analysi. Use when triaging alerts involving suspicious IPs, anonymous access, credential stuffing, or brute-force attacks to determine if source IPs are Tor exit nodes.

2026-04-26
unshortenme-integration
Analystes en sécurité de l'information

Expand shortened URLs via unshorten.me during phishing triage and URL-based alert investigations. Use when investigating suspicious links, bit.ly/tinyurl/t.co URLs in alerts, or building URL expansion workflows in Cy.

2026-04-26
virustotal-integration
Analystes en sécurité de l'information

VirusTotal threat intelligence lookups for SOC alert triage via Analysi. Use when checking IP, domain, URL, or file hash reputation, investigating malware indicators, correlating threat data across detection engines, or enriching alerts with crowd-sourced detection results.

2026-04-26
whois-rdap-integration
Analystes en sécurité de l'information

WHOIS RDAP lookups for IP ownership, ASN, and netblock attribution during SOC investigations. Use when triaging alerts involving external IPs to identify registrant organizations, autonomous systems, hosting context, or abuse contacts via RDAP query.

2026-04-26
workflow-builder
Analystes en sécurité de l'information

Build and manage Analysi Security Workflows using DAG-based composition. Use when creating workflow pipelines, chaining tasks together, orchestrating security operations, or building alert processing workflows. Requires familiarity with the task-builder skill for task creation.

2026-04-26
integrations-developer
Développeurs de logiciels

Build new third-party integrations for the Naxos framework. Use when adding connectors to external tools (SIEM, EDR, threat intel, ticketing), writing IntegrationAction subclasses, creating manifest.json files, or understanding the archetype system. NOT for using integrations from Cy scripts (use task-builder for that).

2026-04-26
test-writer-fixer
Analystes en assurance qualité des logiciels et testeurs

Write and fix fast, reliable tests for this Python/FastAPI/PostgreSQL project. Use when writing new unit/integration tests, fixing slow tests (>0.1s), or debugging flaky tests. Includes patterns from 83% test suite speedup (77s to 13s).

2026-04-26
abuseipdb-integration
Analystes en sécurité de l'information

AbuseIPDB IP reputation lookups for SOC alert triage via Analysi. Use when checking IP abuse confidence scores, investigating brute force or scanning activity, or enriching alerts with crowd-sourced threat intelligence.

2026-04-26
ad-ldap-integration
Analystes en sécurité de l'information

Active Directory LDAP user attribute lookups and identity context queries during SOC alert triage. Use when investigating user accounts, group memberships, authentication anomalies, lockouts, privileged access, or correlating alerts with AD data via Analysi.

2026-04-26
echo-edr-integration
Analystes en sécurité de l'information

Echo EDR endpoint detection and response for SOC alert triage. Use when investigating endpoint threats, checking process activity, retrieving host attributes, analyzing behavioral indicators, or correlating endpoint telemetry with alert data via Analysi.

2026-04-26
global-dns-integration
Analystes en sécurité de l'information

DNS resolution, reverse lookups, and mail/TXT/NS/SOA queries via Analysi's Global DNS for SOC triage. Use when investigating suspicious domains, resolving IPs to hostnames, checking SPF/DKIM/DMARC in phishing analysis, or correlating network indicators with domain infrastructure.

2026-04-26
hypothesis-building-task
Analystes en sécurité de l'information

Build hypothesis generation tasks for security investigation workflows. Use when creating tasks that form investigation hypotheses from runbooks. These tasks combine static hypotheses (baked in at Kea-time) with dynamic LLM augmentation (at runtime).

2026-04-26
mac-vendors-integration
Analystes en sécurité de l'information

MAC address OUI vendor lookup via Analysi mac_vendors integration for device identification during SOC investigations. Use when triaging alerts involving MAC addresses, identifying device manufacturers, detecting rogue/unauthorized hardware, or enriching network-layer IOCs with vendor context.

2026-04-26
nistnvd-integration
Analystes en sécurité de l'information

NIST NVD CVE lookups via Analysi for SOC alert triage. Use when investigating vulnerability-related alerts, checking CVE severity and CVSS scores, correlating exploit attempts with known vulnerabilities, assessing patch urgency, or enriching alerts with affected product details and CISA KEV status.

2026-04-26
ocsf-detection-finding
non classé

Parse, validate, and map OCSF Detection Finding events. Use when normalizing security alerts to OCSF, building detection-as-code pipelines, mapping vendor alerts to MITRE ATT&CK, extracting observables, or working with finding_info structures and severity/status enums.

2026-04-26
qrcode-integration
Analystes en sécurité de l'information

Decode QR codes from images during quishing and phishing investigations using the Analysi QR Code integration. Use when triaging phishing alerts with QR codes, extracting URLs from embedded images, or building quishing investigation workflows.

2026-04-26
runbook-to-workflow
Développeurs de logiciels

Convert standardized runbook.md files into executable Tasks and Workflows. Use when transforming investigation runbooks into automated alert processing workflows. (project, gitignored)

2026-04-26
runbooks-manager
Analystes en sécurité de l'information

Build, match, and manage security investigation runbooks. Create from analyst investigations or SOAR playbooks, match alerts to existing runbooks, or compose new ones from patterns. Self-contained skill for all runbook operations.

2026-04-26
slack-integration
Analystes en sécurité de l'information

Slack integration for Analysi SOC investigations — alert notifications, user resolution, interactive triage questions, and incident-room coordination. Use when triaging alerts needing analyst communication, HITL decisions, or SOC notification workflows.

2026-04-26
task-builder
Développeurs de logiciels

Use when creating or modifying Analysi Security Tasks (analyst automation components that accept OCSF alerts, query integrations, and use LLM reasoning). Also use when understanding Task patterns, validation requirements, or troubleshooting task creation. Requires Cy language proficiency (reference cy-language-programming skill first).

2026-04-26
task-naming
Analystes en sécurité de l'information

Naming conventions for Analysi Security Tasks. Use when creating or proposing new tasks to ensure consistent, descriptive names. Covers human-readable names and auto-generated cy_names.

2026-04-26
tor-integration
Analystes en sécurité de l'information

Tor exit node lookups for SOC investigations via Analysi. Use when triaging alerts involving suspicious IPs, anonymous access, credential stuffing, or brute-force attacks to determine if source IPs are Tor exit nodes.

2026-04-26
unshortenme-integration
Analystes en sécurité de l'information

Expand shortened URLs via unshorten.me during phishing triage and URL-based alert investigations. Use when investigating suspicious links, bit.ly/tinyurl/t.co URLs in alerts, or building URL expansion workflows in Cy.

2026-04-26
Affichage des 40 principaux skills collectés sur 43 dans ce dépôt.