Create, tune, and manage Elastic Security detection rules (SIEM and Endpoint). Use for false positives, exceptions, new coverage, noisy rules, or rule management via Kibana API.
This skill does not declare a tool allowlist. The agent host applies whatever default tools are available at runtime.
SKILL.md / Manifest
https://raw.githubusercontent.com/elastic/agent-skills/main/plugins/security/skills/detection-rule-management/SKILL.mdRegistry
github (via claudemarketplaces.com)