synthesis_skill

This skill compiles binary analysis findings into structured reports, validating hypotheses and producing documented evidence for handoff and archival.
  • JavaScript

30

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill 2389-research/claude-plugins --skill synthesis

  • SKILL.md9.6 KB

Overview

This skill compiles binary analysis findings into structured, traceable reports suitable for handoff, archival, or stakeholder briefings. It correlates facts from triage, static, and dynamic phases, validates hypotheses against evidence, and produces clear capabilities, behavioral summaries, and recommendations. Use it to finalize analysis with auditable evidence chains.

How this skill works

The skill ingests collected facts (architecture, imports, strings, syscalls, network/file activity), hypotheses, and open questions, then runs a validation pass to mark hypotheses as confirmed, uncertain, refuted, or unvalidated. It correlates cross-phase artifacts (e.g., static call sites with runtime connections), maps capabilities, and generates a templated report in human- and machine-friendly formats with an evidence log and confidence calibration. The output includes recommendations, unresolved questions, and a quality checklist.

When to use it

  • When triage, static, and dynamic phases have produced sufficient facts
  • Before handing off analysis or archiving results
  • When stakeholders require a concise, evidence-backed summary
  • Prior to closing an investigation or issuing mitigation steps
  • When converting analyst notes into a formal report

Best practices

  • Collect and attach raw evidence IDs for every conclusion
  • Classify each hypothesis as confirmed/uncertain/refuted/unvalidated with rationale
  • Use consistent confidence levels (High/Medium/Low/Speculative) and justify them
  • Document remaining unknowns and explicit next steps for follow-up
  • Run correlation between static and dynamic artifacts to avoid speculation

Example use cases

  • Generate an executive summary and technical appendix after full analysis
  • Produce a capabilities matrix (network, filesystem, crypto) for a security review
  • Create a checklist-driven report for incident response handoff
  • Export structured JSON for tool ingestion or threat intelligence sharing
  • Document unresolved questions and recommended next analysis steps

FAQ

Sufficient facts from triage, static, and dynamic analysis plus any formed hypotheses and observed contradictions. The synthesis assumes evidence is recorded and traceable.

How are confidence levels determined?

Confidence is calibrated by evidence quantity and independence: High requires multiple independent sources, Medium is likely with some support, Low is possible with limited evidence, Speculative is pattern-based without direct proof.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational