ueba AI Agent Skills

Browse 8 skills related to ueba

zero-script-qa

315
popup-studio-aipopup-studio-ai

Zero Script QA - Testing methodology without test scripts. Uses structured JSON logging and real-time Docker monitoring for verification. Use proactively when user needs to verify features through log analysis instead of test scripts. Triggers: zero script qa, log-based testing, docker logs, 제로 스크립트 QA, ゼロスクリプトQA, 零脚本QA, QA sin scripts, pruebas basadas en logs, registros de docker, QA sans script, tests basés sur les logs, journaux docker, skriptloses QA, log-basiertes Testen, Docker-Logs, QA senza script, test basati sui log, log docker Do NOT use for: unit testing, static analysis, or projects without Docker setup.

132 days ago

performing-user-behavior-analytics

2
mukul975mukul975

Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based behavioral baselines and statistical analysis. Use when SOC teams need to identify compromised accounts or insider threats through deviation from established behavioral norms.

socuebauser-behavior+4
132 days ago

detecting-insider-threat-behaviors

2
mukul975mukul975

Detect insider threat behavioral indicators including unusual data access, off-hours activity, mass file downloads, privilege abuse, and resignation-correlated data theft.

threat-huntingmitre-attackinsider-threat+3
132 days ago

hunting-advanced-persistent-threats

2
mukul975mukul975

Proactively hunts for Advanced Persistent Threat (APT) activity within enterprise environments using hypothesis-driven searches across endpoint telemetry, network logs, and memory artifacts. Use when conducting scheduled threat hunting cycles, investigating anomalous behavior flagged by UEBA, or validating that known APT TTPs are not present in the environment. Activates for requests involving MITRE ATT&CK, Velociraptor, osquery, Zeek, or threat hunting playbooks.

MITRE-ATT&CKthreat-huntingAPT+6
132 days ago

investigating-insider-threat-indicators

2
mukul975mukul975

Investigates insider threat indicators including data exfiltration attempts, unauthorized access patterns, policy violations, and pre-departure behaviors using SIEM analytics, DLP alerts, and HR data correlation. Use when SOC teams receive insider threat referrals from HR, detect anomalous data movement by employees, or need to build investigation timelines for potential insider threats.

socinsider-threatdata-exfiltration+4
132 days ago

detecting-anomalous-authentication-patterns

2
mukul975mukul975

Detects anomalous authentication patterns using UEBA analytics, statistical baselines, and machine learning models to identify impossible travel, credential stuffing, brute force, password spraying, and compromised account behaviors across authentication logs. Activates for requests involving authentication anomaly detection, login behavior analysis, UEBA implementation, or suspicious sign-in investigation.

UEBAauthentication-anomalyimpossible-travel+3
132 days ago

e2e-qa-tester

AgustinAlbonicoAgustinAlbonico

Ejecuta pruebas E2E y QA manual usando Playwright MCP para verificar la ultima tarea completada en la conversacion. Usar cuando se necesite: (1) Probar un flujo recien implementado, (2) Verificar que una funcionalidad funciona correctamente, (3) Hacer QA manual de una nueva feature, (4) Testear formularios, flujos de autenticacion, o cualquier interaccion de usuario. El skill busca credenciales en CREDENTIALS.md, intenta conectar al puerto 5173 por defecto, y pide confirmacion antes de ejecutar las pruebas.

132 days ago

qa

AgustinAlbonicoAgustinAlbonico

Alias corto para ejecutar pruebas E2E y QA manual. Usar cuando quieras probar la ultima funcionalidad implementada con /qa.

132 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network