Awesome-omni-skill check-duplicates
Check for duplicate or similar cases. Use before deep analysis to avoid investigating the same incident twice. Takes a CASE_ID and returns list of similar cases.
install
source · Clone the upstream repo
git clone https://github.com/diegosouzapw/awesome-omni-skill
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/diegosouzapw/awesome-omni-skill "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/tools/check-duplicates-majiayu000" ~/.claude/skills/diegosouzapw-awesome-omni-skill-check-duplicates && rm -rf "$T"
manifest:
skills/tools/check-duplicates-majiayu000/SKILL.mdsource content
Check Duplicates Skill
Identify potentially duplicate or similar existing cases before starting deep analysis.
Inputs
- The ID of the current case to checkCASE_ID
- Alert group identifiers for the caseALERT_GROUP_IDENTIFIERS- (Optional)
- How many days to search back (default: 7)DAYS_BACK - (Optional)
- Include open cases (default: true)INCLUDE_OPEN - (Optional)
- Include closed cases (default: false)INCLUDE_CLOSED
Workflow
Step 1: Execute Similarity Check
secops-soar.siemplify_get_similar_cases( case_id=CASE_ID, alert_group_identifiers=ALERT_GROUP_IDENTIFIERS, days_back=DAYS_BACK, include_open_cases=INCLUDE_OPEN, include_closed_cases=INCLUDE_CLOSED )
Step 2: Process Results
Extract the list of similar case IDs from the response.
Outputs
| Output | Description |
|---|---|
| List of case IDs identified as potentially similar/duplicate |
| Success/failure status of the check |
Usage Pattern
1. Check duplicates BEFORE enrichment 2. If duplicates found: - Review similar case(s) - If confirmed duplicate: close as duplicate - If related but distinct: note correlation, continue 3. If no duplicates: proceed with analysis
When Duplicates Are Found
If
SIMILAR_CASE_IDS- Document: "Closing as duplicate of [Similar Case ID]"
- Close with:
- Reason:
NOT_MALICIOUS - Root cause:
Similar case is already under investigation
- Reason: