Skills
.Work. You
Rest

investigation-creation

Official

Holistic investigations and documentation

Data & Analytics#investigation#detection#LCQL#threat hunting#SOC
AuthorrefractionPOINT
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This skill creates comprehensive investigations from security events, detections, or LCQL queries, capturing host context, lateral movement, and organizational scope to produce SOC-friendly reports.

Core Features & Use Cases

  • HOLISTIC investigations: initial access, host context, scope, and lateral movement
  • Builds Investigation Hive records with findings, events, detections, and analyst notes
  • Useful for incident response, threat hunting, alert triage, and SOC reporting

Quick Start

Start an investigation by feeding a security event or LCQL query, then let the skill build a full Investigation Hive record.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: investigation-creation
Download link: https://github.com/refractionPOINT/lc-ai/archive/main.zip#investigation-creation

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.