Back to Skills

limacharlie-iac

verified

Manage LimaCharlie Infrastructure as Code using ext-git-sync compatible repository structure. Initialize IaC repos, add/remove tenants, manage global and tenant-specific configurations (D&R rules, outputs, FIM, extensions, etc.), and coordinate with ext-git-sync for deployment. Supports importing existing rules from tenants and promoting tenant rules to global. Use when setting up multi-tenant config management, adding orgs to IaC, or managing detection rules across organizations via git.

View on GitHub

Marketplace

lc-marketplace

refractionPOINT/lc-ai

Plugin

lc-essentials

Repository

refractionPOINT/lc-ai
5stars

marketplace/plugins/lc-essentials/skills/limacharlie-iac/SKILL.md

Last Verified

January 23, 2026

Install Skill

Select agents to install to:

Scope:
npx add-skill https://github.com/refractionPOINT/lc-ai/blob/main/marketplace/plugins/lc-essentials/skills/limacharlie-iac/SKILL.md -a claude-code --skill limacharlie-iac

Installation paths:

Claude
.claude/skills/limacharlie-iac/
Powered by add-skill CLI

Instructions

# LimaCharlie Infrastructure as Code Manager

Manage multi-tenant LimaCharlie configurations using git-based Infrastructure as Code, compatible with the `ext-git-sync` extension.

---

## LimaCharlie Integration

> **Prerequisites**: Run `/init-lc` to initialize LimaCharlie context.

### API Access Pattern

All LimaCharlie API calls go through the `limacharlie-api-executor` sub-agent:

```
Task(
  subagent_type="lc-essentials:limacharlie-api-executor",
  model="sonnet",
  prompt="Execute LimaCharlie API call:
    - Function: <function-name>
    - Parameters: {<params>}
    - Return: RAW | <extraction instructions>
    - Script path: {skill_base_directory}/../../scripts/analyze-lc-result.sh"
)
```

### Critical Rules

| Rule | Wrong | Right |
|------|-------|-------|
| **MCP Access** | Call `mcp__*` directly | Use `limacharlie-api-executor` sub-agent |
| **D&R Rules** | Write YAML manually | Use `generate_dr_rule_*()` + `validate_dr_rule_components()` |
| **OID** | Use org name | Use UUID (call `list_user_orgs` if needed) |

---

## Overview

This skill helps you manage LimaCharlie organizations using Infrastructure as Code:

```
┌─────────────────────────────────────────────────────────────────┐
│  IaC REPOSITORY (ext-git-sync compatible)                       │
│                                                                 │
│  org-manifest.yaml        ← Friendly name → OID mapping         │
│                                                                 │
│  hives/                   ← GLOBAL configs (all tenants)        │
│  ├── dr-general.yaml         D&R rules                          │
│  ├── fp.yaml                 False positives                    │
│  ├── outputs.yaml            Output destinations                │
│  ├── extensions.yaml         Extensions to enable               │
│  ├── integrity.yaml          FIM rules                          │
│  └── ...                                                        │
│

Validation Details

Front Matter
Required Fields
Valid Name Format
Valid Description
Has Sections
Allowed Tools
Instruction Length:
20669 chars