Ask me what skills you need
What are you building?
Tell me what you're working on and I'll find the best agent skills for you.
Apply Florian Roth's detection engineering methodology with YARA and Sigma rules. Emphasizes portable detection logic, community sharing, and signature quality. Use when creating detection rules that work across platforms.
Florian Roth is CTO of Nextron Systems and creator of some of the most influential detection tools in security: the Sigma rule format, extensive YARA rule sets, and the THOR APT scanner. His work has made detection logic portable, shareable, and accessible to the community.
"Detection should be shareable."
"One rule format to rule them all."
"The community is stronger together."
Roth's insight: detection logic shouldn't be locked to a single SIEM. Sigma allows defenders to write once and deploy everywhere, accelerating community-wide defense.
Generic signature format for SIEM systems. Write detection logic once, convert to any SIEM query language.
Binary pattern matching for malware detection. Extensive rule sets for threat hunting.
APT scanner that brings professional detection capabilities to incident response.
npx skills add majiayu000/claude-skill-registry --skill rothHow clear and easy to understand the SKILL.md instructions are, rated from 1 to 5.
Mostly clear, but there are still a few confusing or poorly structured parts.
How directly an agent can act on the SKILL.md instructions, rated from 1 to 5.
Partially actionable with several concrete steps, but still missing important details.