Skip to main content

triaging-security-incident-with-ir-playbook

This skill helps classify and prioritize security incidents using structured IR playbooks for effective incident response.

Install this skill

or
39/100

Security score

The triaging-security-incident-with-ir-playbook skill was audited on Jun 4, 2026 and we found 21 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 62

Curl to non-GitHub URL

SourceSKILL.md
62curl -X POST "https://splunk.local:8089/services/notable_update" \
medium line 70

Curl to non-GitHub URL

SourceSKILL.md
70curl -s "https://www.virustotal.com/api/v3/ip_addresses/$SRC_IP" \
medium line 74

Curl to non-GitHub URL

SourceSKILL.md
74curl -s "https://api.abuseipdb.com/api/v2/check?ipAddress=$SRC_IP&maxAgeInDays=90" \
medium line 78

Curl to non-GitHub URL

SourceSKILL.md
78curl -s "https://www.virustotal.com/api/v3/files/$FILE_HASH" \
medium line 82

Curl to non-GitHub URL

SourceSKILL.md
82curl -s "https://cmdb.local/api/assets?ip=$DEST_IP" \
medium line 96

Curl to non-GitHub URL

SourceSKILL.md
96curl -s "https://attack.mitre.org/api/techniques/$TECHNIQUE_ID" | jq '.name, .tactic'
medium line 136

Curl to non-GitHub URL

SourceSKILL.md
136curl -X POST "https://thehive.local/api/v1/case" \
medium line 156

Curl to non-GitHub URL

SourceSKILL.md
156curl -s "https://pagerduty.com/api/v2/oncalls?schedule_ids[]=$SCHEDULE_ID" \
medium line 165

Curl to non-GitHub URL

SourceSKILL.md
165curl -X POST "https://events.pagerduty.com/v2/enqueue" \
medium line 182

Curl to non-GitHub URL

SourceSKILL.md
182curl -X PATCH "https://thehive.local/api/v1/case/$CASE_ID" \
low line 57

External URL reference

SourceSKILL.md
57"https://thehive.local/api/v1/query?name=list-alerts" \
low line 62

External URL reference

SourceSKILL.md
62curl -X POST "https://splunk.local:8089/services/notable_update" \
low line 70

External URL reference

SourceSKILL.md
70curl -s "https://www.virustotal.com/api/v3/ip_addresses/$SRC_IP" \
low line 74

External URL reference

SourceSKILL.md
74curl -s "https://api.abuseipdb.com/api/v2/check?ipAddress=$SRC_IP&maxAgeInDays=90" \
low line 78

External URL reference

SourceSKILL.md
78curl -s "https://www.virustotal.com/api/v3/files/$FILE_HASH" \
low line 82

External URL reference

SourceSKILL.md
82curl -s "https://cmdb.local/api/assets?ip=$DEST_IP" \
low line 96

External URL reference

SourceSKILL.md
96curl -s "https://attack.mitre.org/api/techniques/$TECHNIQUE_ID" | jq '.name, .tactic'
low line 136

External URL reference

SourceSKILL.md
136curl -X POST "https://thehive.local/api/v1/case" \
low line 156

External URL reference

SourceSKILL.md
156curl -s "https://pagerduty.com/api/v2/oncalls?schedule_ids[]=$SCHEDULE_ID" \
low line 165

External URL reference

SourceSKILL.md
165curl -X POST "https://events.pagerduty.com/v2/enqueue" \
low line 182

External URL reference

SourceSKILL.md
182curl -X PATCH "https://thehive.local/api/v1/case/$CASE_ID" \
Scanned on Jun 4, 2026
View Security Dashboard
Installation guide →
GitHub Stars 14.7K
Rate this skill
Categorydevelopment
UpdatedJune 10, 2026
openclawapisecurity-engineerdata-analystjiradevelopmentdata analytics
mukul975/Anthropic-Cybersecurity-Skills