Analyst & Cloud Suite

Make the picture make sense.

Report craft and confidence language, biometrics and recognition tech (face, voice, gait, LPR), deep social-media tradecraft, commercial OSINT platforms (Maltego, Shodan, Recorded Future, et al.), cloud-platform investigation (AWS / Azure / GCP / M365 / Workspace / Slack / Teams / Zoom / Okta), conflict-zone and regional OSINT, forensic linguistics, influence-ops attribution — plus investigative-journalism craft (fact-checking, leak vetting, source protection, pre-publication review).

Skills

188

What this bundle gives the agent that ChatGPT alone won't.

Prompt

> Pull the M365 audit logs for this user's last 30 days of activity.

Vanilla LLM

PowerShell snippet, no methodology

Returns a Get-AuditLogQuery cmdlet. Doesn't address scoping, retention windows, role requirements, or chain of custody.

×No role-prerequisite check

×No retention-window caveat

×No chain-of-custody hashing

×No Purview-vs-UAL distinction

With OSINT Tradecraft

Cloud-evidence-grade extraction

Runs m365-purview-and-uac-investigation → cloud-evidence-preservation → log-correlation-multi-source → evidence-citation-format. Outputs a hashed CSV, custody log entry, and a Purview compliance note.

✓Role prerequisites checked

✓Retention windows surfaced

✓Hash-on-export performed

✓Purview compliance noted

§ CThe manifest

Every skill in this bundle.

All 188 skills, grouped by category. Every skill ships as a full folder — SKILL.md plus runnable scripts, legal references, and field checklists.

Report writing

10 skills

133Investigative Report Structure
134Executive Summary Craft
135Evidence Citation Format
136Timeline Presentation in Reports
137Witness Statement Format
138Due Diligence Report Template
139Background Check Report Template
140Threat Assessment Report
141Intelligence Product Typology
142Confidence and Uncertainty Language

Research craft

6 skills

143Source Evaluation Craap
144Primary Secondary Tertiary Sources
145Citation Management Investigators
146Archival Research Workflow
147Newspaper Archive Search
148Specialty Database Discovery

Biometrics & recognition tech

10 skills

161Facial Recognition Investigative Use
162Facial Recognition Results Validation
163License Plate Recognition ALPR Investigations
164License Plate Investigative Lookups
165Voice and Speaker Recognition Basics
166Gait Recognition From Cctv
167Tattoo Recognition and Cataloging
168Fingerprint Comparison ACEFV Method
169DNA Familial and Genealogy Search Protocols
170Iris Recognition Context and Limits

Social media — deeper

15 skills

171Boolean Search Syntax by Platform
172Cross Platform Persona Linking
173Social Media Evidence Preservation
174Closed Group Investigation Lawful Access
175Sock Puppet Account Maintenance Lawful
176Snapchat Ephemeral Content Strategy
177Nextdoor and Neighborhood App Investigation
178Strava and Fitness App Investigation
179Twitch and Livestream Archive
180Adult Platform Investigation Lawful
181Bereal and Ephemeral Platform Investigations
182Bot Network and Cib Detection
183Misinformation and Disinformation Tracing
184Doxxing Pattern Analysis and Counter
185Online Harassment and Stalking Investigation

Public records — deeper

7 skills

297State Sunshine Law Quickref
298FOIA Appeal Strategy
299Pacer and Federal Court Search
300State Court Records by Jurisdiction
301DMV and Motor Vehicle Records by State
302Restricted Records Driver Privacy Protection Act
303Historical Records and RG Discovery At Nara

Vehicle investigation

6 skills

312VIN Tracing and History
313Auto Theft Investigation
314Hit and Run Reconstruction Basics
315Commercial Vehicle Eld Investigation
316Vehicle Event Data Recorder EDR Extraction
317Vehicle Cloning and Title Fraud

Analytical tradecraft

9 skills

353Link Analysis Charting Discipline
354Pattern of Life Analysis
355Timeline Analysis Software Workflow
356Geospatial Pattern Analysis
357Analytic Confidence Language ICD203
358Analysis of Competing Hypotheses ACH
359Red Team Analysis for Investigations
360Structured Brainstorming for Leads
651Entity Resolution and Deduplication

OSINT — commercial platforms

23 skills

378Maltego Investigation Workflow
379Spiderfoot and Spiderfoot Hx Workflow
380Recon Ng Workflow
381Theharvester Workflow
382Hunchly Case Capture
383Shodan Investigative Queries
384Censys Investigative Queries
385Binaryedge and Zoomeye Queries
386FOFA Queries
387Securitytrails and Domaintools Iris
388Farsight DNSDB and Passivetotal
389Intelx Workflow
390Constella Intelligence Workflow
391Babel X and Dataminr Workflow
392Recorded Future Workflow
393Flashpoint Workflow
394Zerofox and Brand Protection Platforms
395Darkowl and Searchlight Workflow
396Skopenow and Equivalents Workflow
397Pipl and People Aggregator Workflow
398Accurint Lexisnexis Investigative Workflow
399Tlo and Irbsearch Workflow
400Tracers and Clear Investigative Workflow

OSINT — facial & image

8 skills

905Found Camera Owner Identification
401Pimeyes Facial Search Workflow
402Facecheck ID Workflow
403Search4faces Workflow
404TINEYE Reverse Image Workflow
405YANDEX Reverse Image Workflow
406Google Lens Investigative Use
407Clearview Context and Policy

OSINT — breach & credential data

8 skills

408HIBP and Account Breach Mapping
409Dehashed Investigative Queries
410Snusbase and Leakcheck Workflow
411Breach Data Ethics and Legal Use
412Credential Stuffing Traceback
413Infostealer Log Investigation
414Paste and Leak Monitoring Pipeline
415Darknet Marketplace Monitoring

OSINT — geospatial & imagery

15 skills

416Google Earth Pro Investigative Use
417Bing Maps Birds Eye Investigative Use
418Mapillary Investigative Canvass
419Kartaview and Streetside Canvass
420Suncalc and Shadow Corroboration
421Peakvisor and Skyline Corroboration
422Sentinel Hub Satellite Tasking
423Planet Labs Satellite Tasking
424Usgs Earth Explorer Archival Imagery
425LIDAR and Elevation Data Analysis
426Wigle WIFI and BT Geolocation
427Cell Tower Database Lookups
428Flight Tracking Adsbexchange Investigative Use
429AIS and Dark Vessel Investigation
430Acoustic Geolocation From Background Sound

OSINT — cyber/tech infrastructure

12 skills

431Nmap Investigative Recon
432Virustotal Pivoting
433Urlscan Io Investigative Use
434Hybrid Analysis and Any Run Triage
435Joesandbox Investigative Use
436Malwarebazaar and Malshare Pivoting
437Abuseipdb and Greynoise Attribution
438VALIDIN and Passive DNS Pivoting
439Riskiq Passivetotal Deep Pivot
440Wayback Cdx Api Bulk Recovery
441Common Crawl Investigative Queries
442Crt Sh and Certificate Transparency Pivoting

OSINT — analyst suites

7 skills

443I2 Analyst Notebook Charting
444Sentinel Visualizer Charting
445Palantir Gotham Workflow LE Context
446Aleph OCCRP Workflow
447Opencorporates Investigative Queries
448ICIJ Offshore Leaks and Followthemoney
449Littlesis and Power Mapping

OSINT — regional / language

8 skills

458Russian Language OSINT
459Chinese Language OSINT Weibo Wechat Baidu
460Arabic Language OSINT
461Persian Farsi OSINT
462Spanish Latam OSINT
463Script Identification and Romanization
464Chat Slang and Imageboard Jargon Translation
465Regional Platform Discovery Russia Iran China

Conflict-zone & military OSINT

8 skills

466Bellingcat Verification Methodology
467Weapon System Visual Identification
468Military Uniform and Unit Identification
469Battle Damage Assessment From Imagery
470Conflict Zone Geolocation
471Sanctions Busting Investigation
472Dark Fleet and Shadow Tanker Investigation
473Dual Use Procurement Network Mapping

Forensic linguistics & document analysis

8 skills

506Forensic Linguistics Overview
507Stylometry and Authorship Attribution
508Threat Letter Analysis
509Ransom Note and Extortion Analysis
510Scan Statement Analysis and Its Critiques
511Handwriting Comparison Context and Limits
512Questioned Document Examination Overview
513Ink Paper and Printing Process Analysis

Influence ops / disinfo

10 skills

549Election Interference Investigation
550Foreign Influence On Social Media
551Astroturfing Detection
552Paid Troll and Bot Farm Investigation
553Narrative Laundering Tracing
554Deepfake Political Content Attribution
555Coordinated Amplification Detection
556Media Cloning and Fake Outlet Detection
643Social Media Bot Detection
644Psyop and Influence Operations Analysis

Cloud-platform investigations

9 skills

557AWS Evidence Collection and Cloudtrail Analysis
558Azure Evidence Collection and Audit Log Analysis
559GCP Evidence Collection and Cloud Logging
560M365 Purview and UAC Investigation
561Google Workspace Investigation
562Slack Discovery and Investigation
563Microsoft Teams Investigation
564Zoom Recording and Meeting Investigation
565Okta and IDP Investigation

Investigative journalism craft

9 skills

634Fact Checking Workflow
635Numerical Claim Verification
636Document Leak Vetting
637Newsroom Pre Publication Legal Review
638Source Protection Securedrop Signal
639Coordinated Investigation Publishing
640Database Journalism Investigation
641Document Centric Story Structure
642Series Investigation Structure

Optional add-ons · stack with this bundle

$10/mo · updates as we ship them

Skills that stay current.

Buy Analyst & Cloud Suite once to own it, frozen at this edition. Add the Update Subscription ($10/mo) and every revision to everything you own lands on your machine as we ship it — new case law, new platforms, new tactics. Cancel anytime; downloads stay yours.

How it works

$149 one-time · tool access

Give the agent real tools.

36 pre-vetted MCP servers (Maigret, Shodan, Wayback, EdgarTools, Etherscan, Volatility, +30 more) wired into Claude Code / Desktop / Cursor / Windsurf so your agent actually runs the tools — not just suggests them.

What's in the toolkit

$100 on its own · multi-agent

Run agents in parallel.

Orchestrator.md — one file that makes an advanced LLM automatically spin up multiple agents at once (people, businesses, case-facts review, report writing) and merge them into one case file. Free with the all-bundle package, or $100 on its own.

See the example

Ready

Give your agent the Analyst & Cloud Suite skill set.

Buy Analyst & Cloud Suite Compare bundles