synthesis_skill
- JavaScript
30
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill 2389-research/claude-plugins --skill synthesis- SKILL.md9.6 KB
Overview
This skill compiles binary analysis findings into structured, traceable reports suitable for handoff, archival, or stakeholder briefings. It correlates facts from triage, static, and dynamic phases, validates hypotheses against evidence, and produces clear capabilities, behavioral summaries, and recommendations. Use it to finalize analysis with auditable evidence chains.
How this skill works
The skill ingests collected facts (architecture, imports, strings, syscalls, network/file activity), hypotheses, and open questions, then runs a validation pass to mark hypotheses as confirmed, uncertain, refuted, or unvalidated. It correlates cross-phase artifacts (e.g., static call sites with runtime connections), maps capabilities, and generates a templated report in human- and machine-friendly formats with an evidence log and confidence calibration. The output includes recommendations, unresolved questions, and a quality checklist.
When to use it
- When triage, static, and dynamic phases have produced sufficient facts
- Before handing off analysis or archiving results
- When stakeholders require a concise, evidence-backed summary
- Prior to closing an investigation or issuing mitigation steps
- When converting analyst notes into a formal report
Best practices
- Collect and attach raw evidence IDs for every conclusion
- Classify each hypothesis as confirmed/uncertain/refuted/unvalidated with rationale
- Use consistent confidence levels (High/Medium/Low/Speculative) and justify them
- Document remaining unknowns and explicit next steps for follow-up
- Run correlation between static and dynamic artifacts to avoid speculation
Example use cases
- Generate an executive summary and technical appendix after full analysis
- Produce a capabilities matrix (network, filesystem, crypto) for a security review
- Create a checklist-driven report for incident response handoff
- Export structured JSON for tool ingestion or threat intelligence sharing
- Document unresolved questions and recommended next analysis steps
FAQ
Sufficient facts from triage, static, and dynamic analysis plus any formed hypotheses and observed contradictions. The synthesis assumes evidence is recorded and traceable.
How are confidence levels determined?
Confidence is calibrated by evidence quantity and independence: High requires multiple independent sources, Medium is likely with some support, Low is possible with limited evidence, Speculative is pattern-based without direct proof.