Handles case management for Elastic Security through the Kibana Cases API. You can create, update, and track SOC cases that automatically scope to the securitySolution space. Cases link directly to alerts, can be assigned to analysts, and push to external ticketing systems via connectors. It's part of the broader elastic/agent-skills collection, which makes sense since case management is usually just one piece of a security workflow. Worth noting you'll need to install dependencies from the skills/security directory and set up environment variables before it works. If you're already running Elastic Security and want programmatic case handling instead of clicking through Kibana, this gets you there.
npx skills add https://github.com/elastic/agent-skills --skill security-case-management