blackpoint-multi-tenant-operationslisted

Use this skill when operating Blackpoint Cyber (CompassOne) at the MSP partner level — enumerating customer tenants, sweeping detections and vulnerabilities across all of them, spotting volume anomalies, and building per-tenant scorecards.
wyre-technology/msp-claude-plugins · ★ 26 · Web & Frontend · score 82

Install: claude install-skill wyre-technology/msp-claude-plugins

# Blackpoint Multi-Tenant Operations The CompassOne partner account sees every customer tenant. This skill covers the partner-level operating loop: enumerate tenants, sweep across them, and roll up into a portfolio view. ## The Partner-Tenant Model ``` Partner (the MSP) └── Tenant (customer) ← blackpoint_tenants_list / _get └── Asset └── Detections / Vulnerabilities ``` Every partner-level operation starts the same way: enumerate tenants, then iterate. Never present partner output without tenant attribution on every row. ## API Tools | Tool | Purpose | |------|---------| | `blackpoint_tenants_list` | Enumerate customer tenants (filter by account, status, name search) | | `blackpoint_tenants_get` | Detail for one tenant | | `blackpoint_detections_list` | Detections — call once per tenant with `tenant_id` | | `blackpoint_vulnerabilities_list` | Vulnerabilities — call once per tenant | | `blackpoint_vulnerabilities_external_list` | External exposures per tenant | | `blackpoint_vulnerabilities_darkweb_list` | Dark-web exposures per tenant | ## Common Workflows ### Multi-tenant detection sweep 1. `blackpoint_tenants_list` — enumerate all customers. 2. For each tenant, `blackpoint_detections_list` filtered to a recent window and `status` in {`new`, `investigating`}. 3. Roll up: detections per tenant, severity distribution, top detection types. 4. Flag tenants with abnormal volume — a tenant well above its apparent baseline is itself