c0urag1/break-risk-intel-skill — explained in plain English
Analysis updated 2026-05-18
Classify a suspected grey-market case using BREAK risk codes.
Generate an investigation plan and governance recommendations for a fraud case.
Look up methodology guides for account risk, payment risk, or content spam.
| c0urag1/break-risk-intel-skill | nickalaslight/fable-sonnet-orchestrator-kit | pnwcomputers/jwrapper-screenconnect-rat-remediation-toolkit | |
|---|---|---|---|
| Stars | 1 | 1 | 1 |
| Language | PowerShell | PowerShell | PowerShell |
| Setup difficulty | easy | moderate | moderate |
| Complexity | 2/5 | 3/5 | 3/5 |
| Audience | ops devops | developer | ops devops |
Figures from each repo's GitHub metadata at analysis time.
break-risk-intel-skill is an agent skill for Claude Code and Codex CLI that helps risk control, anti-fraud, Trust and Safety, and business security teams analyse cases involving grey-market or fraudulent activity. It is built on top of JDArmy/BREAK, an open-source knowledge framework that enumerates and categorises business risk scenarios and evasion techniques. The skill gives the agent structured vocabulary from the BREAK framework, so it can output a specific risk classification, BREAK risk codes, a hypothetical chain of how a grey-market operation likely worked, observable detection signals, an investigation plan, and governance recommendations, rather than a vague "there might be some risk" response. The repository includes a references/ directory with BREAK risk entries and a threat actor and attack tool index, a knowledge/ directory with methodology guides covering areas such as marketing abuse, account risk, merchant fraud, content spam, and payment risk, a scenes/ directory with 15 BREAK business scenario playbooks, an examples/ directory with eight sample case walkthroughs covering coupon abuse, account farming, fake transactions, credential stuffing, proxy and device evasion, refund abuse, and payment cashout, and a templates/ directory with formats for risk matrices, investigation plans, and executive review summaries. The skill does not provide real-time intelligence feeds, crawl external forums, or supply operational steps for conducting the abusive activities it documents. It is intended for authorised risk analysis and business security scenarios only. Both this project and the upstream JDArmy/BREAK framework are licensed under Apache License 2.0.
An agent skill for Claude Code and Codex CLI that helps risk and fraud teams analyze grey-market and fraud cases using a structured risk framework.
Mainly PowerShell.
Use freely for any purpose, including commercial use, as long as you keep the copyright notice (Apache License 2.0).
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.