Skill Detail
Triage active security incidents with AI-augmented workflows in Valhuntir CLI
Guide live digital-forensics and incident-response work with human approval gates when the job is evidence review and triage, not general MCP setup.
Runbooks & DiagnosticsMulti-Framework
Runbooks & Diagnostics
Multi-Framework
Security Reviewed
β 40 GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill triage-active-security-incidents-with-ai-augmented-workflows-in-valhuntir-cli
Works best when you want a reusable capability, not another fragile one-off prompt.
At a glance
Tools required
Valhuntir CLI and gateway components, forensic artifacts, and an MCP-compatible local client under human analyst control
Install & setup
Follow the upstream Valhuntir setup to install the CLI and supporting components, connect a supported local MCP-compatible client, and run investigations with the documented approval and evidence-review controls.
Author
AppliedIR
Publisher
GitHub Repository
Last updated
Apr 16, 2026
Quick brief
Use Valhuntir when the work is a live incident-response investigation that needs guided evidence analysis, human approvals, and a repeatable CLI-centered workflow. The skill boundary is the investigation loop itself: ingest forensic artifacts, let the system assist with analysis, and keep the examiner in control of findings and next actions. That is meaningfully narrower than listing an MCP gateway or generic security platform. Users invoke it for active IR triage, not simply to stand up another client integration stack.