Stats
Actions
Tags
From milo-activity
Audit a specific user's recent actions across all resources. Use when the user asks about what someone did, requests a user activity report, or needs to review actions for security or compliance purposes.
How this skill is triggered — by the user, by Claude, or both
Slash command
/milo-activity:audit-userThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Audit the activity of the following user:
Audit the activity of the following user:
$ARGUMENTS
Call get_user_activity_summary with includeDetails: true for this user
to get an overview and recent activities.
Call find_failed_operations filtered to this user to identify any
permission issues or errors they encountered.
Call get_activity_facets for Activity resource fields spec.resource.kind
and spec.resource.namespace filtered to this user to understand their
scope of changes.
Present a structured report:
npx claudepluginhub datum-cloud/claude-code-plugins --plugin milo-activityTraces actor activity through cloud audit logs, builds session timelines, maps actions to MITRE ATT&CK techniques, and assesses blast radius. Use for incident investigation or tracing suspicious activity.
Lists Blumira users with blumira_users_list API, retrieves UUIDs for finding assignments, filters by email/role, and audits organization access.
Query Alibaba Cloud ActionTrail API call history, build governance audit reports, create SLS-based compliance evidence trails, and detect anomalous admin activity.