yara-authoring

Expert YARA-X detection rule authoring skill adapted from Trail of Bits security research methodology. Guides authoring of high-quality YARA-X rules for malware detection, threat hunting, and IOC identification. Emphasizes expert judgment, atom efficiency analysis, linting, and the YARA-X Rust-based toolchain.

This skill implements Trail of Bits' YARA authoring methodology for the agent-studio framework. YARA-X is the Rust-based successor to legacy YARA, offering improved performance, safety, and new features. This skill teaches you to think and act like an expert YARA author, producing detection rules that are precise, efficient, and maintainable.

Source repository: https://github.com/trailofbits/skills License: CC-BY-SA-4.0 Target: YARA-X (with legacy YARA compatibility guidance)

تأليف قاعدة اكتشاف YARA-X مع حكم الخبراء والفحص والتحليل الذري وأفضل الممارسات. يعلم كيفية التفكير كمؤلف خبير في YARA لاكتشاف البرامج الضارة، وصيد التهديدات، وتحديد مؤشر الاختراق باستخدام YARA-X (الخليفة القائم على Rust لـ YARA القديمة). المصدر: oimiragieo/agent-studio.