Does this replace a human security analyst?

No, it acts as a force multiplier and decision-support tool, providing structured guidance and best practices to help human responders work more efficiently under pressure.

How does it help prevent future security incidents?

It guides users through post-incident analysis and 'lessons learned' to identify the root cause and implement remediation steps that patch the exploited vulnerabilities.

Can it help with legal compliance and reporting?

Yes, it assists in systematic evidence preservation and timeline construction, which are critical components for legal, insurance, and regulatory reporting.

What types of security incidents are covered?

The skill supports various scenarios including DDoS attacks, data breaches, unauthorized access, malware infections, and suspicious account activity.

How does the skill help with ransomware attacks?

It classifies the attack and provides a step-by-step containment and recovery playbook to isolate systems, eradicate the threat, and restore from backups securely.

Security Incident Responder

Name: Security Incident Responder
Author: jeremylongshore

byjeremylongshore

•

884

•

Security & Testing

Guides the end-to-end security incident response lifecycle from initial classification to recovery and post-incident analysis.

The Security Incident Responder skill empowers developers and security teams to handle cyberattacks and data breaches with structured, professional workflows. By analyzing incident severity and type, it generates tailored response playbooks that cover containment, eradication, and recovery strategies. Whether dealing with ransomware, DDoS attacks, or unauthorized data access, this skill assists in evidence collection, timeline construction, and vulnerability remediation to minimize damage and prevent future security occurrences.

Key Features

01Tailored response playbook generation for specific attack types

02Step-by-step guidance for forensic evidence collection and preservation

03Structured timeline construction for post-incident reporting

04Comprehensive remediation planning to address exploited vulnerabilities

05Automated incident classification and severity assessment

06884 GitHub stars

Use Cases

01Responding to active ransomware or malware infections to isolate affected systems

02Investigating potential data breaches by identifying attack vectors and scope

03Developing and testing organizational incident response plans before an actual event

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills security-incident-responder

For use in Claude.ai and ChatGPT

Download Skill

Key Features

01Tailored response playbook generation for specific attack types

02Step-by-step guidance for forensic evidence collection and preservation

03Structured timeline construction for post-incident reporting

04Comprehensive remediation planning to address exploited vulnerabilities

05Automated incident classification and severity assessment

06884 GitHub stars

Use Cases

01Responding to active ransomware or malware infections to isolate affected systems

02Investigating potential data breaches by identifying attack vectors and scope

03Developing and testing organizational incident response plans before an actual event

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills security-incident-responder

For use in Claude.ai and ChatGPT

Download Skill