703 B
703 B
summarize_case_skill
Purpose
Summarize one normalized SOC case into a high-quality Obsidian case note that can be reviewed and maintained by analysts.
Inputs
- A normalized case JSON document
- Optional output directory for Obsidian notes
Outputs
- One markdown case note per case
- Stable structure aligned with the vault template
Guardrails
- Do not dump raw logs or full tool traces
- Keep only reusable evidence, conclusions, and response guidance
- Prefer linked references to playbooks, KBs, and related cases
- Preserve case identifiers and observable values exactly
Current implementation
Use generate_case_note.py to render a local markdown note from a normalized case.