{
  "slug": "google/cloud/detection-engineering-coverage-evaluation",
  "name": "detection-engineering-coverage-evaluation",
  "description": "Automates the end-to-end detection engineering workflow in Google SecOps using MCP tools. Use when fetching threat intelligence from blogs, generating Threat Detection Opportunities (TDOs), simulating attacker behavior with synthetic UDM events, evaluating rule coverage, and generating new YARA-L 2.0 rules to close coverage gaps. Don't use when asked to perform threat hunting actions, and SOC investigative actions.",
  "category": "Google / Cloud",
  "skill": "/api/skills/google/cloud/detection-engineering-coverage-evaluation/SKILL.md"
}
