This skill should be used when the user asks to "analyze logs for threats", "detect suspicious activity", "scan for brute force attempts", "identify injection attacks", or "audit access patterns for anomalies".
This skill does not declare a tool allowlist. The agent host applies whatever default tools are available at runtime.
SKILL.md / Manifest
https://raw.githubusercontent.com/borghei/claude-skills/main/engineering/threat-detection/SKILL.mdRegistry
github (via claudemarketplaces.com)