{"name":"thomaspark20-actioner","owner":{"name":"ClaudePluginHub"},"plugins":[{"name":"thomaspark20-actioner","source":{"source":"github","repo":"thomaspark20/actioner"},"description":"Threat-intelligence detection engineering in Claude Code. On-demand: research a threat and generate Sigma/YARA/Snort/Suricata rules (PoC/advisory-specific by default, opt-in behavioral TTP), each labeled compile-status × confidence and written to convert to Splunk/CrowdStrike, gated by a critic before delivery. Autonomous: a daily routine scans your CTI feeds and auto-generates committed detections for items that warrant one.","version":"0.1.0","strict":true,"keywords":["threat-intelligence","detection-engineering","sigma","yara","cti","security"],"category":"deployment"}]}