Skill Detail
Collect Unix-like incident-response artifacts into one portable evidence bundle with UAC
Capture volatile and persistent Unix-like system artifacts quickly before evidence disappears or responders start changing the host.
Security & VerificationMulti-Framework
Security & Verification
Multi-Framework
Security Reviewed
⭐ 1.3k GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill collect-unix-like-incident-response-artifacts-into-one-portable-evidence-bundle-with-uac
Works best when you want a reusable capability, not another fragile one-off prompt.
At a glance
Tools required
Shell access to the target Unix-like host, UAC runtime, sufficient privileges for artifact collection, storage location for the output bundle
Install & setup
Install UAC from the upstream repository or release assets, review the available artifact profiles and collection modules, then run the documented collector against the target host and preserve the generated bundle for analysis.
Author
tclahr
Publisher
Individual
Last updated
Apr 19, 2026
Quick brief
Use UAC when an agent or responder needs to collect a broad incident-response artifact set from a Unix-like host for later forensic review, not when the user is simply administering the system normally. The workflow is explicit: choose or tune a collection profile, gather volatile and persistent artifacts, and hand off one portable bundle for downstream analysis. That scope boundary, evidence collection and preservation for incident response, keeps this skill-shaped instead of reading like a generic security tool listing.