Triage Elastic Security alerts — gather context, classify threats, create cases, and acknowledge. Use when triaging alerts, performing SOC analysis, or investigating detections.
This skill does not declare a tool allowlist. The agent host applies whatever default tools are available at runtime.
SKILL.md / Manifest
https://raw.githubusercontent.com/elastic/agent-skills/main/plugins/security/skills/alert-triage/SKILL.mdRegistry
github (via claudemarketplaces.com)