Skills Meet Osquery: Introducing Osquery-helper
Skills are folders of instructions, scripts, and resources that agents like Claude load dynamically to improve performance on specialized tasks. Skills teach agents how to complete specific tasks in a repeatable way.
After trying several skills from the awesome-dfir-skills project, created by Kostas and Thomas Roccia with contributions from other members of the DFIR Community, I was really impressed by the capabilities and simplicity that each skill had. So I decided to build my first skill.
I named my skill osquery-helper. For anyone unfamiliar with osquery, it is an open-source tool that enables operating systems to be queried like a database. It’s widely used in threat detection and DFIR, but in my opinion it comes with a steep learning curve — especially for junior analysts.