Works with the AI tools you already use
Attack Pattern Library Builder
by LocoLoboZ
Transform CTI reports into structured attack pattern libraries mapped to MITRE ATT&CK for threat-informed defense.
$15
· or 75 creditsSecure checkout via Stripe
About this skill
Transform Threat Intelligence into Actionable Defense
The Attack Pattern Library Builder is a specialized skill for security engineers and CTI analysts who need to bridge the gap between raw threat reports and defensive posture. It automates the tedious process of parsing cyber threat intelligence (CTI) to extract specific adversary behaviors, ensuring your defense remains threat-informed and evidence-based.
What it does
- Behavior Extraction: Pulls evidenced procedures from incident reports, advisories, and malware write-ups.
- ATT&CK Mapping: Maps behaviors to specific MITRE ATT&CK techniques with high-fidelity source provenance.
- STIX Structuring: Generates STIX 2.1-inspired attack pattern records for use in TIPs or internal databases.
- Detection Engineering: Translates attacker TTPs into telemetry requirements and detection opportunities.
Why use this skill?
While generic AI might summarize a report, this skill follows strict defensive quality gates. It refuses to "invent" mappings, ensures every technique is tied to a source sentence, and separates tools from procedures. It prevents "hallucinated" security coverage by requiring specific evidence before marking a technique as detected. The result is a professional-grade library that is ready for ingestion into SIEMs, EDRs, or GRC platforms.
Supported Outputs
Produces structured JSON (STIX-style), markdown tables, detection backlogs, and Navigator-compatible layers.
Details
How to install
Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.
Security Scanned
Passed automated security review
Permissions
Creator
I design and publish skills built from real professional practice across three areas: cyber security consulting, business operations, and AI workflow engineering. My cyber security skills draw on active advisory work spanning governance, risk, compliance, assurance, and executive reporting. They are built for practitioners who need structured, defensible outputs - not generic templates. My business operations skills cover the day-to-day work of running a consulting practice: bookkeeping, financial tracking, expense reconciliation, and marketing content - designed to reduce repetitive overhead and keep outputs consistent. My AI platform and workflow skills are built for people who want to get more out of Claude and similar platforms - covering prompt engineering, skill architecture, automation pipelines, and agent enhancement. Every skill I publish has been tested in production use before it reaches the marketplace. If it is here, it works.
Frequently Asked Questions
More Premium Skills
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.

Business Strategist
A framework-driven consultant for business diagnosis, market mapping, and pricing strategy.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.

Cinematic Landing Page Builder
Turn any business URL into a high-end animated landing page with 4K AI assets and GSAP animations via Cloudflare.