Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

analysi-app

analysi-app 收录了来自 open-analysi 的 43 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
43
Stars
1
更新
2026-04-26
Forks
0
职业覆盖
4 个职业分类 · 已分类 98%
仓库浏览

这个仓库中的 skills

abuseipdb-integration
信息安全分析师

AbuseIPDB IP reputation lookups for SOC alert triage via Analysi. Use when checking IP abuse confidence scores, investigating brute force or scanning activity, or enriching alerts with crowd-sourced threat intelligence.

2026-04-26
ad-ldap-integration
信息安全分析师

Active Directory LDAP user attribute lookups and identity context queries during SOC alert triage. Use when investigating user accounts, group memberships, authentication anomalies, lockouts, privileged access, or correlating alerts with AD data via Analysi.

2026-04-26
cy-language-programming
软件开发工程师

Write and debug Cy language scripts for automation and workflow composition. Use when working with .cy files, Security Tasks, writing Cy programs, or debugging Cy syntax errors.

2026-04-26
cybersecurity-analyst
信息安全分析师

Investigate security alerts, analyze IOCs, triage incidents, and perform threat analysis. Covers SIEM alerts, SOC workflows, malware, phishing, brute force, web attacks, network traffic, and log analysis. Use when building cybersecurity Tasks/Workflows or performing incident response.

2026-04-26
echo-edr-integration
信息安全分析师

Echo EDR endpoint detection and response for SOC alert triage. Use when investigating endpoint threats, checking process activity, retrieving host attributes, analyzing behavioral indicators, or correlating endpoint telemetry with alert data via Analysi.

2026-04-26
global-dns-integration
信息安全分析师

DNS resolution, reverse lookups, and mail/TXT/NS/SOA queries via Analysi's Global DNS for SOC triage. Use when investigating suspicious domains, resolving IPs to hostnames, checking SPF/DKIM/DMARC in phishing analysis, or correlating network indicators with domain infrastructure.

2026-04-26
hypothesis-building-task
信息安全分析师

Build hypothesis generation tasks for security investigation workflows. Use when creating tasks that form investigation hypotheses from runbooks. These tasks combine static hypotheses (baked in at Kea-time) with dynamic LLM augmentation (at runtime).

2026-04-26
mac-vendors-integration
信息安全分析师

MAC address OUI vendor lookup via Analysi mac_vendors integration for device identification during SOC investigations. Use when triaging alerts involving MAC addresses, identifying device manufacturers, detecting rogue/unauthorized hardware, or enriching network-layer IOCs with vendor context.

2026-04-26
nistnvd-integration
信息安全分析师

NIST NVD CVE lookups via Analysi for SOC alert triage. Use when investigating vulnerability-related alerts, checking CVE severity and CVSS scores, correlating exploit attempts with known vulnerabilities, assessing patch urgency, or enriching alerts with affected product details and CISA KEV status.

2026-04-26
ocsf-detection-finding
信息安全分析师

Parse, validate, and map OCSF Detection Finding events. Use when normalizing security alerts to OCSF, building detection-as-code pipelines, mapping vendor alerts to MITRE ATT&CK, extracting observables, or working with finding_info structures and severity/status enums.

2026-04-26
qrcode-integration
信息安全分析师

Decode QR codes from images during quishing and phishing investigations using the Analysi QR Code integration. Use when triaging phishing alerts with QR codes, extracting URLs from embedded images, or building quishing investigation workflows.

2026-04-26
runbook-to-workflow
网络与计算机系统管理员

Convert standardized runbook.md files into executable Tasks and Workflows. Use when transforming investigation runbooks into automated alert processing workflows. (project, gitignored)

2026-04-26
runbooks-manager
信息安全分析师

Build, match, and manage security investigation runbooks. Create from analyst investigations or SOAR playbooks, match alerts to existing runbooks, or compose new ones from patterns. Self-contained skill for all runbook operations.

2026-04-26
slack-integration
信息安全分析师

Slack integration for Analysi SOC investigations — alert notifications, user resolution, interactive triage questions, and incident-room coordination. Use when triaging alerts needing analyst communication, HITL decisions, or SOC notification workflows.

2026-04-26
splunk-skill
网络与计算机系统管理员

Use this skill when working with Splunk queries, Search Processing Language (SPL), building Splunk searches, creating dashboards, or analyzing log data. This skill provides comprehensive reference material for SPL commands, eval functions, stats functions, regex patterns, and query optimization techniques.

2026-04-26
task-builder
软件开发工程师

Use when creating or modifying Analysi Security Tasks (analyst automation components that accept OCSF alerts, query integrations, and use LLM reasoning). Also use when understanding Task patterns, validation requirements, or troubleshooting task creation. Requires Cy language proficiency (reference cy-language-programming skill first).

2026-04-26
task-naming
信息安全分析师

Naming conventions for Analysi Security Tasks. Use when creating or proposing new tasks to ensure consistent, descriptive names. Covers human-readable names and auto-generated cy_names.

2026-04-26
tor-integration
信息安全分析师

Tor exit node lookups for SOC investigations via Analysi. Use when triaging alerts involving suspicious IPs, anonymous access, credential stuffing, or brute-force attacks to determine if source IPs are Tor exit nodes.

2026-04-26
unshortenme-integration
信息安全分析师

Expand shortened URLs via unshorten.me during phishing triage and URL-based alert investigations. Use when investigating suspicious links, bit.ly/tinyurl/t.co URLs in alerts, or building URL expansion workflows in Cy.

2026-04-26
virustotal-integration
信息安全分析师

VirusTotal threat intelligence lookups for SOC alert triage via Analysi. Use when checking IP, domain, URL, or file hash reputation, investigating malware indicators, correlating threat data across detection engines, or enriching alerts with crowd-sourced detection results.

2026-04-26
whois-rdap-integration
信息安全分析师

WHOIS RDAP lookups for IP ownership, ASN, and netblock attribution during SOC investigations. Use when triaging alerts involving external IPs to identify registrant organizations, autonomous systems, hosting context, or abuse contacts via RDAP query.

2026-04-26
workflow-builder
信息安全分析师

Build and manage Analysi Security Workflows using DAG-based composition. Use when creating workflow pipelines, chaining tasks together, orchestrating security operations, or building alert processing workflows. Requires familiarity with the task-builder skill for task creation.

2026-04-26
integrations-developer
软件开发工程师

Build new third-party integrations for the Naxos framework. Use when adding connectors to external tools (SIEM, EDR, threat intel, ticketing), writing IntegrationAction subclasses, creating manifest.json files, or understanding the archetype system. NOT for using integrations from Cy scripts (use task-builder for that).

2026-04-26
test-writer-fixer
软件质量保证分析师与测试员

Write and fix fast, reliable tests for this Python/FastAPI/PostgreSQL project. Use when writing new unit/integration tests, fixing slow tests (>0.1s), or debugging flaky tests. Includes patterns from 83% test suite speedup (77s to 13s).

2026-04-26
abuseipdb-integration
信息安全分析师

AbuseIPDB IP reputation lookups for SOC alert triage via Analysi. Use when checking IP abuse confidence scores, investigating brute force or scanning activity, or enriching alerts with crowd-sourced threat intelligence.

2026-04-26
ad-ldap-integration
信息安全分析师

Active Directory LDAP user attribute lookups and identity context queries during SOC alert triage. Use when investigating user accounts, group memberships, authentication anomalies, lockouts, privileged access, or correlating alerts with AD data via Analysi.

2026-04-26
echo-edr-integration
信息安全分析师

Echo EDR endpoint detection and response for SOC alert triage. Use when investigating endpoint threats, checking process activity, retrieving host attributes, analyzing behavioral indicators, or correlating endpoint telemetry with alert data via Analysi.

2026-04-26
global-dns-integration
信息安全分析师

DNS resolution, reverse lookups, and mail/TXT/NS/SOA queries via Analysi's Global DNS for SOC triage. Use when investigating suspicious domains, resolving IPs to hostnames, checking SPF/DKIM/DMARC in phishing analysis, or correlating network indicators with domain infrastructure.

2026-04-26
hypothesis-building-task
信息安全分析师

Build hypothesis generation tasks for security investigation workflows. Use when creating tasks that form investigation hypotheses from runbooks. These tasks combine static hypotheses (baked in at Kea-time) with dynamic LLM augmentation (at runtime).

2026-04-26
mac-vendors-integration
信息安全分析师

MAC address OUI vendor lookup via Analysi mac_vendors integration for device identification during SOC investigations. Use when triaging alerts involving MAC addresses, identifying device manufacturers, detecting rogue/unauthorized hardware, or enriching network-layer IOCs with vendor context.

2026-04-26
nistnvd-integration
信息安全分析师

NIST NVD CVE lookups via Analysi for SOC alert triage. Use when investigating vulnerability-related alerts, checking CVE severity and CVSS scores, correlating exploit attempts with known vulnerabilities, assessing patch urgency, or enriching alerts with affected product details and CISA KEV status.

2026-04-26
ocsf-detection-finding
未分类

Parse, validate, and map OCSF Detection Finding events. Use when normalizing security alerts to OCSF, building detection-as-code pipelines, mapping vendor alerts to MITRE ATT&CK, extracting observables, or working with finding_info structures and severity/status enums.

2026-04-26
qrcode-integration
信息安全分析师

Decode QR codes from images during quishing and phishing investigations using the Analysi QR Code integration. Use when triaging phishing alerts with QR codes, extracting URLs from embedded images, or building quishing investigation workflows.

2026-04-26
runbook-to-workflow
软件开发工程师

Convert standardized runbook.md files into executable Tasks and Workflows. Use when transforming investigation runbooks into automated alert processing workflows. (project, gitignored)

2026-04-26
runbooks-manager
信息安全分析师

Build, match, and manage security investigation runbooks. Create from analyst investigations or SOAR playbooks, match alerts to existing runbooks, or compose new ones from patterns. Self-contained skill for all runbook operations.

2026-04-26
slack-integration
信息安全分析师

Slack integration for Analysi SOC investigations — alert notifications, user resolution, interactive triage questions, and incident-room coordination. Use when triaging alerts needing analyst communication, HITL decisions, or SOC notification workflows.

2026-04-26
task-builder
软件开发工程师

Use when creating or modifying Analysi Security Tasks (analyst automation components that accept OCSF alerts, query integrations, and use LLM reasoning). Also use when understanding Task patterns, validation requirements, or troubleshooting task creation. Requires Cy language proficiency (reference cy-language-programming skill first).

2026-04-26
task-naming
信息安全分析师

Naming conventions for Analysi Security Tasks. Use when creating or proposing new tasks to ensure consistent, descriptive names. Covers human-readable names and auto-generated cy_names.

2026-04-26
tor-integration
信息安全分析师

Tor exit node lookups for SOC investigations via Analysi. Use when triaging alerts involving suspicious IPs, anonymous access, credential stuffing, or brute-force attacks to determine if source IPs are Tor exit nodes.

2026-04-26
unshortenme-integration
信息安全分析师

Expand shortened URLs via unshorten.me during phishing triage and URL-based alert investigations. Use when investigating suspicious links, bit.ly/tinyurl/t.co URLs in alerts, or building URL expansion workflows in Cy.

2026-04-26
当前展示该仓库 Top 40 / 43 个已收集 skills。