siem-rule-generator

Siem Rule Generator - Auto-activating skill for Security Advanced. Triggers on: siem rule generator, siem rule generator Part of the Security Advanced skill category.

1.01x

Quality

Does it follow best practices?

Impact

99%

1.01x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/04-security-advanced/siem-rule-generator/SKILL.md

Evaluation results

100%

Active Directory Credential Theft Detection

Production-ready SIEM rule generation

Criteria

Without context

With context

Complete YAML structure

100%

Rule metadata present

100%

MITRE ATT&CK tags

100%

Logsource specificity

100%

Detection keywords/fields

100%

False positives section

100%

Rule status appropriate

100%

Severity/level assigned

100%

Validation documented

100%

Multiple rules generated

100%

No pseudocode

100%

Without context: $0.4087 · 2m 13s · 21 turns · 22 in / 6,880 out tokens

With context: $0.5284 · 2m 40s · 26 turns · 106 in / 7,982 out tokens

98%

E-Commerce Platform Threat Detection Coverage

Threat modeling to detection rules

Criteria

Without context

With context

Step-by-step process documented

86%

93%

Threat-to-rule mapping

91%

100%

Complete rule files produced

100%

Rules target specific log sources

100%

Detection logic specificity

100%

90%

Priority/severity assignment

100%

False positive considerations

100%

Enterprise context applied

90%

100%

Standards reference

100%

Tuning guidance

100%

Without context: $0.5353 · 3m 20s · 21 turns · 22 in / 10,238 out tokens

With context: $0.6503 · 3m 27s · 28 turns · 60 in / 10,726 out tokens

100%

Compliance Monitoring Detection Rules for SaaS Platform

Compliance framework SIEM rules

Criteria

Without context

With context

SOC2 control reference

100%

GDPR article reference

100%

Complete deployable rules

100%

Access monitoring coverage

100%

Data handling coverage

100%

Rule metadata complete

100%

Compliance mapping document

100%

Severity/level assigned

100%

Audit evidence guidance

100%

False positives addressed

100%

Without context: $0.5036 · 3m 7s · 19 turns · 19 in / 9,802 out tokens

With context: $0.5770 · 2m 46s · 27 turns · 26 in / 9,236 out tokens

Repository: jeremylongshore/claude-code-plugins-plus-skills
Commit: 994edc4

Evaluated: 18 days ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

Active Directory Credential Theft Detection E-Commerce Platform Threat Detection Coverage Compliance Monitoring Detection Rules for SaaS Platform

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.