Cloud & DevOps

Audit deployed Vercel apps for cost and performance issues using metrics, project config, code scans, and version-aware recommendations.

Conduct comprehensive security assessments of cloud infrastructure across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

Autonomous DevSecOps & FinOps Guardrails. Orchestrates Gemini 3 Flash to audit Linux Kernel patches, Terraform cost drifts, and K8s compliance.

Create Railway projects, services, and databases with proper configuration. Use when user says "setup", "deploy to railway", "initialize", "create project", "create service", or wants to deploy from GitHub. Handles initial setup AND adding services to existing projects. For databases, use railway-railway-database skill instead.

Query, stage, and apply configuration changes for Railway environments. Use for ANY variable or env var operations, service configuration (source, build settings, deploy settings), lifecycle (delete service), and applying changes. Prefer over railway-status skill for any configuration or variable queries.

Automates SOC 2 Type II audit preparation including gap assessment against AICPA Trust Services Criteria (CC1-CC9), evidence collection from cloud providers and identity systems, control testing validation, remediation tracking, and continuous compliance monitoring. Covers all five TSC categories (Security, Availability, Processing Integrity, Confidentiality, Privacy) with automated evidence gathering from AWS, Azure, GCP, Okta, GitHub, and Jira. Use when preparing for or maintaining SOC 2 Type II certification.

Hunt for threats in AWS environments using Detective behavior graphs, entity investigation timelines, GuardDuty finding correlation, and automated entity profiling across IAM users, EC2 instances, and IP addresses.

Provides a GitHub pull request dashboard directly in the terminal. Use when the user wants to view PR status, check CI/CD progress, review bot comments, or merge pull requests without leaving Claude Code. Trigger with phrases like "show PR dashboard", "PR status", "check CI progress", "merge this PR", or "review pull request".

Use when running GitHub Actions locally, creating task runner recipes, generating changelogs from git history, managing GitHub PRs/issues/releases programmatically, or creating encrypted backups

Reviews AI/ML model supply chains for security risks including model provenance verification, training data lineage, fine-tuning pipeline integrity, inference dependency review, and backdoor detection. Auto-invoked when reviewing systems that download pre-trained models, fine-tune foundation models, or deploy models from third-party sources. Produces a structured assessment mapped to OWASP LLM03:2025, SLSA v1.0 supply chain levels, and MITRE ATLAS poisoning and supply chain techniques.

Ultimate AI agent memory system for Cursor, Claude, ChatGPT & Copilot. WAL protocol + vector search + git-notes + cloud backup. Never lose context again. Vibe-coding ready.

The first Zoom CLI that joins your local desktop app, your on-disk recordings, and your cloud account into one... Trigger phrases: `join the zoom meeting`, `start my zoom`, `mute zoom`, `what zoom meetings do i have today`, `find that quote from last week's zoom`, `what's in my documents/zoom folder`, `schedule a zoom meeting`, `search my zoom recordings`, `use zoom`, `run zoom`, `extract todos from my zoom notes`, `search my zoom notes`, `ingest zoom notes pdf`, `open zoom notes`.

Inspect, audit, and right-size your Azure Functions from the terminal — cold-start trends, config drift Trigger phrases: `check my azure functions`, `are my functions cold-starting`, `should I move off the consumption plan`, `audit my function app settings`, `find unused azure functions`, `use azure-functions-admin`, `run azure-functions-admin`.

Printing Press CLI for Cf Domain. Agent-native CLI for Cloudflare Registrar domain search, check, and registration.

Generates DrawIO XML diagrams for Amazon Web Services architectures from text descriptions or images. Analyzes existing .drawio files to extract AWS components. Use for AWS architecture diagrams, cloud infrastructure documentation, or when converting AWS diagram images to editable DrawIO format.

Generates DrawIO XML diagrams for Google Cloud Platform architectures from text descriptions or images. Analyzes existing .drawio files to extract GCP components. Use for GCP architecture diagrams, cloud infrastructure documentation, or when converting GCP diagram images to editable DrawIO format.

Cloudflare CLI - manage DNS records, purge cache, and control Workers routes.

Manage persistent VMs on exe.dev. Create VMs, configure HTTP proxies, share access, and set up custom domains. Use when working with exe.dev VMs for hosting, development, or running persistent services.

Terraform infrastructure as code best practices

Use when setting up CI/CD, implementing versioning, optimizing workflows, or managing releases with monorepo development workflows including version management, publishing, and team collaboration practices.

Automate GitHub repository setup with CI/CD workflows, issue templates, Dependabot, and CodeQL security scanning. Includes 12 production-tested workflows and prevents 18 errors: YAML syntax, action pinning, and configuration. Use when: setting up GitHub Actions CI/CD, creating issue/PR templates, enabling Dependabot or CodeQL scanning, deploying to Cloudflare Workers, implementing matrix testing, or troubleshooting YAML indentation, action version pinning, secrets syntax, runner versions, or CodeQL configuration. Keywords: github actions, github workflow, ci/cd, issue templates, pull request templates, dependabot, codeql, security scanning, yaml syntax, github automation, repository setup, workflow templates, github actions matrix, secrets management, branch protection, codeowners, github projects, continuous integration, continuous deployment, workflow syntax error, action version pinning, runner version, github context, yaml indentation error

PokeClaw (PocketClaw) — on-device Android AI phone agent using Gemma 4 via LiteRT-LM with tool calling, accessibility automation, and optional cloud models.

Create, implement, deploy, and debug Adobe Runtime actions with consistent layout, validation, and error handling. Use this skill whenever the user needs to add actions to an App Builder project, understand action structure (params, response format, web/raw actions), configure actions in the manifest, use App Builder SDKs (State, Files, Events, database), deploy and invoke actions via CLI, debug action issues, or implement patterns such as webhook receivers, custom event providers, journaling consumers, large payload redirects, action sequence pipelines, and Asset Compute workers. Also trigger when users mention serverless functions in Adobe context, action logging, IMS authentication for actions, or cron-style scheduled actions.

Salesforce Data Cloud product orchestrator for connect→prepare→harmonize→segment→act workflows. Use this skill when the user needs a multi-step Data Cloud pipeline, cross-phase troubleshooting, or data space and data kit management. TRIGGER when: user needs a multi-step Data Cloud pipeline, asks to set up or troubleshoot Data Cloud across phases, manages data spaces or data kits, or wants a cross-phase sf data360 workflow. DO NOT TRIGGER when: work is isolated to a single phase (use the matching phase-specific skill), the task is STDM/session tracing/parquet telemetry (use observing-agentforce), standard CRM SOQL (use querying-soql), or Apex implementation (use generating-apex).

Salesforce Data Cloud product orchestrator for connect→prepare→harmonize→segment→act workflows. TRIGGER when: user needs a multi-step Data Cloud pipeline, asks to set up or troubleshoot Data Cloud across phases, manages data spaces or data kits, or wants a cross-phase `sf data360` workflow. DO NOT TRIGGER when: work is isolated to a single phase (use the matching sf-datacloud-* skill), the task is STDM/session tracing/parquet telemetry (use sf-ai-agentforce-observability), standard CRM SOQL (use sf-soql), or Apex implementation (use sf-apex).

Interprets Culture Index (CI) surveys, behavioral profiles, and personality assessment data. Supports individual profile interpretation, team composition analysis (gas/brake/glue), burnout detection, profile comparison, hiring profiles, manager coaching, interview transcript analysis for trait prediction, candidate debrief, onboarding planning, and conflict mediation. Accepts extracted JSON or PDF input via OpenCV extraction script.

Lark/Feishu CLI skills: lark-cli operations for docs, markdown, sheets, base, calendar, im, mail, task, okr, drive, wiki, slides, whiteboard, apps, approval, attendance, contact, vc, minutes, event. Use when the user needs to operate Lark/Feishu resources via lark-cli, send messages, manage documents, spreadsheets, calendars, tasks, OKRs, deploy web pages, or any Feishu/Lark workspace operations.

Generate Excalidraw diagrams from natural language descriptions. Outputs .excalidraw JSON files openable in Excalidraw. Use when asked to "create a diagram", "make a flowchart", "visualize a process", "draw a system architecture", "create a mind map", "generate an Excalidraw file", "draw an ER diagram", "create a sequence diagram", or "make a class diagram". Supports flowcharts, relationship diagrams, mind maps, architecture, DFD, swimlane, class, sequence, and ER diagrams. Can use icon libraries (AWS, GCP, etc.) when set up. Do NOT use for code architecture analysis (use the architecture skills), Mermaid diagram rendering (use mermaid-studio), or non-visual documentation (use docs-writer).

Audit and validate Flux CD GitOps repositories by scanning local repo files (not live clusters) — runs Kubernetes schema validation, detects deprecated Flux APIs, reviews RBAC/multi-tenancy/secrets management, and produces a prioritized GitOps report. Use when users ask to audit, analyze, validate, review, or security-check a GitOps repo.

Perform security audits on code changes, diffs, or branches to find high-confidence exploitable vulnerabilities. Use when asked to "audit security", "review for vulnerabilities", "security scan", "check for security issues", "audit this PR", "review these changes for security", or "find vulnerabilities in diff". Distinct from security-review (which provides secure coding patterns/checklists) — this skill actively audits code changes using a structured methodology with false positive filtering. Includes Python scripts for GitHub Action CI integration and PR evaluation.

Use when deploying, managing, or troubleshooting Dokploy instances via the CLI (https://github.com/Dokploy/cli). Triggers: "dokploy deploy", "manage dokploy", "dokploy app", "dokploy database", "push to dokploy", "dokploy CI/CD", "dokploy authentication", "zero-downtime deployment", "dokploy docker-compose", "dokploy environment variables", "dokploy health checks". Provides comprehensive workflows for authentication, project/app/database management, environment variable sync, and production-ready CI/CD patterns with GitHub Actions.

Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/deployment-plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new application — use azure-prepare instead. This skill runs azd up, azd deploy, terraform apply, and az deployment commands with built-in error recovery. Requires .azure/deployment-plan.md from azure-prepare and validated status from azure-validate. WHEN: "run azd up", "run azd deploy", "execute deployment", "push to production", "push to cloud", "go live", "ship it", "bicep deploy", "terraform apply", "publish to Azure", "launch on Azure". DO NOT USE WHEN: "create and deploy", "build and deploy", "create a new app", "set up infrastructure", "create and deploy to Azure using Terraform" — use azure-prepare for these.

Use when setting up TYPO3 extension test infrastructure, writing unit/functional/E2E tests, configuring PHPUnit 11/12/13, mutation testing, mocking final classes (v14), CI/CD matrix across TYPO3 12/13/14.3 LTS, dev-dependency consolidation via typo3-ci-workflows meta-package, or debugging CI failures. Also triggers on: testing-framework setup, ensure proper testing, test matrix, integration testing, e2e testing, coverage, test generation.

AWS Bedrock AgentCore comprehensive expert for deploying and managing AI agents at scale. Use when working with any AgentCore service including Gateway, Runtime, Memory, Identity, Code Interpreter, Browser, Observability, Agent Registry, or Evaluations. Covers agent deployment, MCP tool integration, credential management, agent discovery, governance workflows, and automated quality assessment. Essential when user mentions AgentCore, agent runtime, agent registry, agent evaluation, MCP gateway, deploy agent, register MCP server, discover agents, evaluate agent quality, agent credentials, or wants to build, deploy, catalog, or monitor AI agents on AWS.

Use this skill when the user asks for financial data ("price of BTC", "P/E ratio of NVDA"), market analysis, stock or crypto research, quant strategies, backtesting ("backtest a momentum strategy"), tracking assets or portfolios, or help turning investing ideas into live playbooks, dashboards, and analytics on Alva. Powered by 250+ financial data sources across crypto, equities, macro, on-chain, and social data, along with cloud-side analytics and backtesting. Also use when the user asks about Alva platform capabilities.

Expert skill for OpenClaw (v2026.2.19) — self-hosted AI gateway connecting chat apps (WhatsApp, Telegram, Discord, Slack, iMessage, Signal, LINE, Matrix, Teams, Google Chat) to AI agents. Use when user asks about: installing/configuring/updating OpenClaw, setting up or troubleshooting chat channels, security hardening and auditing, inspecting openclaw.json config or prompts (SOUL.md/AGENTS.md), multi-agent routing and session management, cloud deployment (AWS/GCP/Fly.io/Docker), upgrading versions, or discovering ClawHub skills. Includes bundled scripts for security audit, config inspection, and session scanning. Triggers on: "openclaw", "openclaw.json", "~/.openclaw", gateway config. Not for: general chatbot frameworks, non-OpenClaw gateways, or unrelated Docker questions.

GitOps deployment workflows with ArgoCD and Flux. Use this skill whenever the user mentions GitOps, ArgoCD, Flux, Flagger, Argo Rollouts, or continuous deployment to Kubernetes. Triggers include setting up ArgoCD or Flux from scratch, designing Git repository structures (monorepo vs polyrepo, app-of-apps), deploying to multiple clusters with ApplicationSets, managing secrets in Git (SOPS, Sealed Secrets, External Secrets Operator), implementing canary or blue-green deployments, troubleshooting sync or reconciliation issues, working with OCI artifacts, and comparing ArgoCD vs Flux.

Set up JARVIS Mission Control v2.0.7 — a free, open-source AI agent coordination hub by MissionDeck.ai. Kanban board, real-time WebSocket updates, team chat, scheduled job visibility, agent SOUL editor, Claude Code session tracking, GitHub Issues sync, SQLite-backed webhook delivery with circuit breaker, CSRF + rate limiting. Fork the repo, start the server, open the dashboard. No cloud account required. Instruction-only skill — all code runs on YOUR server from open-source GitHub repo. No code execution in skill. Security-audited: 0 HIGH, 0 CRITICAL. See SECURITY.md for full audit.

Project bootstrap and repository baseline setup for new or existing codebases. Use when the user wants to scaffold a new project or upgrade a repository with foundation files, code quality tooling, release automation, CI, GitHub configuration, dependency management, and security scanning using the bundled templates, workflows, and scripts.

Operate Railway infrastructure: sign up for or sign in to a Railway account, create projects, provision services and databases, manage object storage buckets, deploy code, configure environments and variables, manage domains, troubleshoot failures, check status and metrics, set up Railway agent tooling, and query Railway docs. Use this skill whenever the user mentions Railway, signing up, creating an account, registering, logging in, deployments, services, environments, buckets, object storage, build failures, agent setup, MCP, or infrastructure operations, even if they don't say "Railway" explicitly. Also invoke this skill when the user asks to be signed up, registered, or onboarded to Railway: do not refuse — drive them through the unauthed `railway up` flow (deploys + signs up on the fly) or `railway login` (which creates new accounts on the fly).

Build WhatsApp automations with Kapso workflows: configure WhatsApp triggers, edit workflow graphs, manage executions, deploy functions, and debug automation behavior. Use when automating WhatsApp conversations and event handling.

Comprehensive GitLab CLI (glab) command reference and workflows for all GitLab operations via terminal. Use when user mentions GitLab CLI, glab commands, GitLab automation, MR/issue management via CLI, CI/CD pipeline commands, repo operations, authentication setup, or any GitLab terminal operations. Routes to specialized sub-skills for auth, CI, MRs, issues, releases, repos, and 30+ other glab commands. Triggers on glab, GitLab CLI, GitLab commands, GitLab terminal, GitLab automation.

Use the Azure CLI (`az`) to manage Azure resources from the command line. Trigger this skill whenever the user asks to create, configure, manage, deploy, or interact with any Azure resource — even if they don't explicitly mention "az cli". Also trigger when the user asks about Azure CLI commands, syntax, or wants to know how to do something in Azure from the terminal.

Helps estimate and calculate Azure resource costs. Use this skill when users ask about Azure pricing, cost estimation, resource sizing costs, comparing pricing tiers, budgeting for Azure deployments, or understanding Azure billing. Triggers include questions like "how much will this cost in Azure", "estimate Azure costs", "compare Azure pricing", "budget for Azure resources".

Scan Terraform, Kubernetes, CloudFormation, ARM templates, and Dockerfiles for security misconfigurations using 790 Terrascan-derived policies with NIST 800-53 control mappings. Use when users need to review IaC for security issues, audit cloud configurations, check compliance posture, harden infrastructure code, or identify misconfigurations across AWS, Azure, GCP, and Kubernetes before deployment.

Validate, lint, audit, or review azure-pipelines.yml — syntax, security, best practices.

Deploy and manage cloud infrastructure on Cloudflare (Workers, R2, D1, KV, Pages, Durable Objects, Browser Rendering), Docker containers, and Google Cloud Platform (Compute Engine, GKE, Cloud Run, App Engine, Cloud Storage). Use when deploying serverless functions to the edge, configuring edge computing solutions, managing Docker containers and images, setting up CI/CD pipelines, optimizing cloud infrastructure costs, implementing global caching strategies, working with cloud databases, or building cloud-native applications.

Deploy and manage cloud infrastructure on Cloudflare (Workers, R2, D1, KV, Pages, Durable Objects, Browser Rendering), Docker containers, and Google Cloud Platform (Compute Engine, GKE, Cloud Run, App Engine, Cloud Storage). Use when deploying serverless functions to the edge, configuring edge computing solutions, managing Docker containers and images, setting up CI/CD pipelines, optimizing cloud infrastructure costs, implementing global caching strategies, working with cloud databases, or building cloud-native applications.

AI-powered crypto trading agent via natural language. Use when the user wants to trade crypto (buy/sell/swap tokens), check portfolio balances, view token prices, transfer crypto, manage NFTs, use leverage, bet on Polymarket, deploy tokens, set up automated trading strategies, submit raw transactions, execute calldata, or send transaction JSON. Supports Base, Ethereum, Polygon, Solana, and Unichain. Comprehensive capabilities include trading, portfolio management, market research, NFT operations, prediction markets, leverage trading, DeFi operations, automation, and arbitrary transaction submission.

Manage the PR review feedback loop: monitor CI checks, fetch review comments, and iterate on fixes. Use when: (1) pushing changes to a PR and waiting for CI/reviews, (2) user says "new reviews available", (3) iterating on PR feedback from Gemini, Cursor, Claude, or other reviewers, (4) monitoring PR status. Supports multiple review bots: Gemini Code Assist, Cursor Bugbot, and Claude agent fallback. Also supports custom agent reviewers defined in AGENT-REVIEWERS.md for focused reviews (security, DRY, etc.). Automatically detects priority levels from different bot formats and handles rate limits.

Captures learnings, errors, corrections, and feature requests to enable continuous improvement. Use when: (1) User corrects Claude ('No, that's wrong...', 'Actually...'), (2) User requests a capability that doesn't exist, (3) Claude realizes its knowledge is outdated or incorrect, (4) A better approach is discovered for a recurring task, (5) Receiving a Handoff block from self-healing (a recurring verified heal at Recurrence-Count >= 3) to distill into a memory file or new skill. For ACTIVE runtime failures where the agent needs to apply and verify a fix mid-task, use `self-healing` instead (it files HEAL- entries with proof; self-improvement promotes accumulated patterns). Also review learnings before major tasks. For CI-only/headless learning capture, use self-improvement-ci.

Guidance for setting up CI/CD pipelines for DataRobot application templates using GitLab, GitHub Actions, and Pulumi for infrastructure as code. Use when setting up CI/CD pipelines, configuring deployments, or managing infrastructure for DataRobot application templates.

Install a local, Docker-free OTLP observability stack (OpenTelemetry → Vector → JSONL files, optionally VictoriaLogs + VictoriaMetrics) into a project, and instrument the code to emit traces, metrics, and logs. Use this whenever the user wants observability, telemetry, tracing, metrics, or structured logging in a project during development — phrases like "add observability", "set up OTel", "instrument this app", "I want to see traces/metrics locally", "add a telemetry harness", "wire up Vector", or "make this app observable". Also use when a Claude Code session would benefit from being able to query its own app's telemetry while debugging. Prefer this over hand-rolling exporters or reaching for Docker/Jaeger/Grafana — this harness is binary-only, auto-starts via a SessionStart hook, and is designed for the agent to query telemetry as a feedback signal.

Build, modify, debug, and deploy agents with Agentforce Agent Script. TRIGGER when: user creates, modifies, or asks about .agent files or aiAuthoringBundle metadata; changes agent behavior, responses, or conversation logic; designs agent actions, tools, subagents, or flow control; writes or reviews an Agent Spec; previews, debugs, deploys, publishes, or tests agents; uses Agent Script CLI commands (sf agent generate/preview/publish/test). DO NOT TRIGGER when: Apex development, Flow building, Prompt Template authoring, Experience Cloud configuration, or general Salesforce CLI tasks unrelated to Agent Script.

FluxA Agentic Checkout is a general-purpose checkout automation and human handoff runbook. Use it when an AI agent needs to open a product or checkout link, attempt deterministic Playwright checkout on currently supported surfaces, autofill contact, delivery, card, and billing fields, and stop in a clean handoff state when CAPTCHA, Cloudflare, OTP, 3DS, unsupported merchants, or store-specific flows require a human operator to finish the purchase.

Reference for the bitbottle CLI — a gh-style tool for Bitbucket Server/DC and Cloud. Load when the user asks about bitbottle commands, auth setup, PRs, repos, branches, tags, commits, pipelines, or why a command failed. Load even if the user just says "bitbottle", mentions "Bitbucket", or pastes a bitbottle error message.

Use PROACTIVELY when auditing code quality, running security scans, assessing technical debt, reviewing code for production readiness, setting up CI quality gates, or tracking DORA metrics. Analyzes codebases against OWASP Top 10, SOLID principles, Testing Trophy, and 2024-25 SDLC standards. Supports incremental audits for large codebases. Not for runtime profiling or real-time monitoring.

Operational tooling for Talos Linux Kubernetes clusters via Sidero Omni with Proxmox infrastructure provider, covering machine classes, CEL storage selectors, and provider lifecycle management.

AUTHORITATIVE REFERENCE for WebWorks AutoMap CLI. Use when working with .waj/.wep/.wrp/.wxsp files, executing builds, detecting installation, creating job files, or automating CI/CD publishing workflows.

Skill interne fournissant les scripts communs pour la création de Pull Requests. Ne pas appeler directement - utilisé par git-pr et git-cd-pr.

Manage, sync, and publish Agent Skills across multiple AI platforms (Claude, Codex, Gemini, Copilot) and marketplace repositories. Use when users want to list skills, sync between platforms, publish to marketplace keys, mirror canonical skills, audit drift, or set up their environment. Triggers on phrases like "list skills", "sync skills", "publish skill", "skill marketplace", "deploy skill", "audit skills", or "skill inventory".

Invisible Chrome automation for web scraping via CDP. Use when WebFetch fails or gets blocked (403, 429, Cloudflare, bot protection, JS-rendered pages). Launches your real Chrome install completely hidden, sends commands via Chrome DevTools Protocol. Sites see a normal browser with real extensions - no detectable automation. Learns which domains block and skips straight to stealth on future requests. Also handles form filling, clicking, screenshots, and scraping dynamic content.

This skill should be used when the user asks to "set up submodules", "migrate branches to submodules", "automate submodule sync", "create submodule architecture", "convert branches to repos", or mentions setting up git submodules with GitHub Actions automation for multi-repo synchronization.

This skill should be used when the user asks to "set up a project", "choose a tech stack", "establish coding standards", "configure linting", "set up tests", "pick a framework", "review code quality", "set up logging", "configure observability", "choose an ORM", "set up auth", "set up Storybook", "write stories", "visual testing", "CSF", "coverage threshold", or discusses any technology choices for a TypeScript project. Also use when starting a new project, setting up CI/CD, choosing between tools (oxlint vs ESLint, pnpm vs npm), configuring environment variables, or when any other devkit skill needs to reference project conventions. This is the central reference for all devkit technology decisions and coding principles.

Deploy and manage a daily AI agent that automatically updates GitHub documentation for a LimaCharlie organization. The agent collects org config, diffs against previous state, analyzes changes with full case/session context, renders Jinja2 templates, and pushes annotated updates to a GitHub repo. Templates are read from the lc-ai repo or a user-provided custom repo — no payloads needed. Use for "deploy doc updater", "set up automatic documentation", "install doc-updater agent", "update docs agent".

CI/CD pipeline configuration using GitHub Actions for Golang projects — testing, linting, SAST, security scanning, code coverage, Dependabot, Renovate, GoReleaser, code review automation, and release pipelines. Use when setting up or improving Go project CI, configuring GitHub Actions workflows, adding linters or security scanners, automating dependency updates, or adding quality gates.

Use when creating or debugging CI/CD pipelines, implementing deployment strategies (blue-green, canary, rolling), optimizing build times, reviewing pipeline security, or working with GitHub Actions, GitLab CI, CircleCI, Azure DevOps, or Bitbucket Pipelines.

Adds OAuth/SSO to a remote MCP server using Cloudflare. Three paths — AI Controls MCP Portal (REST, fastest), self-hosted Access app with Managed OAuth (REST), and the same as Terraform (when IaC already exists) — with a decision matrix, REST recipes per path, Terraform templates for the IaC path, and a stdlib validator that lints a `terraform show -json` plan. Use when the user asks to put an MCP server behind Cloudflare, add OAuth/SSO to a remote MCP server, expose a private MCP server via Cloudflare Tunnel, register MCP servers with the AI Controls portal, enable Managed OAuth or DCR on an Access app, or wire Claude Desktop / claude.ai web / Claude Code to an internal MCP server.

Deploy AI models to embedded hardware using MathWorks tools (MATLAB, Simulink, Embedded Coder). Covers two workflow patterns: (1) MathWorks-native or 3P-imported models rebuilt as dlnetwork for lean hardware (Cortex-M, DSP), (2) direct C/C++ code generation from PyTorch and LiteRT models for high-performance hardware (Cortex-A, x86, GPU). Trigger when: user wants to deploy AI to embedded targets; generate C/CUDA from neural networks; compress AI models for MCU/DSP; integrate AI in Simulink for system-level simulation; import PyTorch/ONNX/TensorFlow models for embedded deployment; optimize AI for resource-constrained hardware; or use loadPyTorchExportedProgram, importNetworkFromPyTorch, dlquantizer, exportNetworkToSimulink, or Embedded Coder with AI models.

Decentralized coordination network for AI agents on Base (Ethereum L2). Use when an agent needs to register an on-chain identity, publish content, message other agents, hire a specialist via the marketplace, post or claim bounties, build reputation, collaborate on shared projects, mine NOOK by solving research challenges, deploy a standalone on-chain agent with curated knowledge, or earn revenue through agreements and rewards. Triggers on mentions of agent network, agent coordination, decentralized agents, NOOK token, mining challenges, knowledge bundles, agent reputation, agent marketplace, ERC-2771 meta-transactions, prepare-sign-relay, AgentFactory, or Nookplot.

Scaffold the Antithesis harness: initialize the working directory, write Dockerfiles and docker-compose.yaml with build directives, and prepare to submit your first Antithesis test run.

Read, search, create, and update Jira Cloud tickets — fetch issue details, search with JQL, list projects, look up users, and write rich content with automatic Mermaid diagram embedding

Build MCP servers in Python with FastMCP. Define tools / resources / prompts, build the server, test locally, deploy to FastMCP Cloud or Docker. Use whenever the user mentions building an MCP server, exposing tools to LLMs, FastMCP, building a Claude integration, or troubleshooting FastMCP module-level server, storage, lifespan, middleware, OAuth, or deployment errors.

Turborepo monorepo build system guidance. Triggers on: turbo.json, task pipelines, dependsOn, caching, remote cache, the "turbo" CLI, --filter, --affected, CI optimization, environment variables, internal packages, monorepo structure/best practices, and boundaries. Use when user: configures tasks/workflows/pipelines, creates packages, sets up monorepo, shares code between apps, runs changed/affected packages, debugs cache, or has apps/packages directories.

Anti-detection browser automation using Camoufox (Firefox fork with C++ fingerprint spoofing). Use when standard browser tools get blocked by Cloudflare, Akamai, or bot detection. Triggers include "stealth browse", "anti-detection", "bypass bot", "camofox", "blocked by Cloudflare", scraping protected sites (X/Twitter, Amazon, Product Hunt), or when agent-browser/playwright fails with bot detection errors.

Generate cross-platform installation scripts for any software, library, or module. Produces a standalone install.sh runnable via a single curl/wget one-liner, with automatic OS, architecture, and package manager detection. Don't use for authoring Dockerfiles, CI/CD pipelines, or one-off local shell scripts.

This skill should be used when the user asks to "develop requirements framework", "fix requirements framework bug", "sync requirements framework", "deploy requirements changes", "update framework code", "test framework changes", or needs help with the framework development workflow including sync.sh usage, TDD for framework itself, and contributing changes.

Prisma ORM CLI commands reference covering init, generate, migrate, db, dev, studio, validate, format, debug, and mcp. Use for ORM/database CLI workflows, not Prisma Compute app deployment. For Prisma Compute, `@prisma/cli app deploy`, `compute:deploy`, `create-prisma --deploy`, apps, deployments, logs, or domains, use the `prisma-compute` skill instead. Triggers on "prisma init", "prisma generate", "prisma migrate", "prisma db", "prisma studio", "prisma mcp".

Scrape web pages using Scrapling with anti-bot bypass (like Cloudflare Turnstile), stealth headless browsing, spiders framework, adaptive scraping, and JavaScript rendering. Use when asked to scrape, crawl, or extract data from websites; web_fetch fails; the site has anti-bot protections; write Python code to scrape/crawl; or write spiders.

Scrape web pages using Scrapling with anti-bot bypass (like Cloudflare Turnstile), stealth headless browsing, spiders framework, adaptive scraping, and JavaScript rendering. Use when asked to scrape, crawl, or extract data from websites; web_fetch fails; the site has anti-bot protections; write Python code to scrape/crawl; or write spiders.

Measure and improve the quality of AI models and agents on Google Cloud using the Eval Quality Flywheel methodology. Use when evaluating an agent or model, building an eval dataset, picking or writing evaluation metrics, analyzing failures, comparing results before and after a fix, or when guidance is needed on Agent Platform eval methodology — including dataset schema, LLM-as-judge scoring, and common failure causes. For fine-tuning, use agent-platform-tuning. For deployment, use agent-platform-deploy.

Solana development: Anchor and Pinocchio programs, Kit clients, wallet flows, testing. Use when building a Solana dapp or program (e.g. write Anchor escrow, create SPL token, wallet-standard login, debug PDA, deploy to devnet).

Upload, download, search, and share files on Google Drive. Create folders, manage permissions, and manage comments and replies. Use when asked to share a file, upload to gdrive, search cloud storage, manage a Drive folder, organize Google Drive files, comment on a file, or reply to comments.

Run GitHub Actions workflows locally with pause-on-failure for AI-agent-driven CI iteration

Complete Odoo server lifecycle manager — run, deploy, initialize, and manage Odoo across local venv, Docker, and any IDE. Handles server startup/shutdown, environment initialization, database management, Docker orchestration, and IDE configuration for Odoo 14-19. <example> Context: User wants to start the Odoo server user: "Start the Odoo 17 server for my TAQAT project" assistant: "I will activate the virtual environment, locate the TAQAT17.conf config, and start the server with the correct addons path." <commentary>Server start trigger.</commentary> </example> <example> Context: User wants to stop the server user: "Stop the Odoo server" assistant: "I will find and kill the process on port 8069/8072." <commentary>Server stop trigger.</commentary> </example> <example> Context: User wants database backup user: "Backup the taqat17 database" assistant: "I will use pg_dump to create a backup of the taqat17 database with custom format." <commentary>Database operation trigger.</commentary> </example> <example> Context: User wants IDE configuration user: "Set up VSCode for my Odoo 17 project with debug configs" assistant: "I will generate .vscode/launch.json, tasks.json, settings.json, and extensions.json with Odoo-specific configurations." <commentary>IDE config trigger - generates full VSCode workspace setup.</commentary> </example> <example> Context: User wants to initialize a new environment user: "Initialize a new Odoo 17 environment with database" assistant: "I will create a venv, install requirements, configure PostgreSQL, generate .conf, and create the database." <commentary>Environment init trigger.</commentary> </example> <example> Context: User wants to create a new module user: "Create a new module called hr_overtime in the TAQAT project" assistant: "I will scaffold a complete module with models, views, security, and tests." <commentary>Module scaffold trigger.</commentary> </example> <example> Context: User wants to check if module is production-ready user: "Is my module ready for production?" assistant: "I will run tests, security audit, translation validation, and template checks to generate a GO/NO-GO verdict." <commentary>Quality gate trigger.</commentary> </example>

This skill should be used when the user asks to "write a pipeline", "add caching", "make this build faster", "show test failures in the build page", "add annotations", "only run tests when code changes", "set up dynamic pipelines", "add retry", "parallel steps", "matrix build", "add plugins", or "work with artifacts in pipeline YAML". Also use when the user mentions .buildkite/ directory, pipeline.yml, buildkite-agent pipeline upload, step types (command, wait, block, trigger, group, input), if_changed, notify, concurrency, or asks about Buildkite CI configuration.

This skill should be used when the user asks to "provision a VPS", "create a Hetzner server", "spin up a cloud server", "launch a Hetzner instance", "set up a cloud server for Claude Code", "deploy Claude Code to a server", "create a VPS for Claude", or mentions Hetzner Cloud provisioning. Automates VPS creation with Claude Code pre-installed.

Fine-tune LLMs with Unsloth using GRPO or SFT. Supports FP8, vision models, mobile deployment, Docker, packing, GGUF export, dataset preparation, synthetic data, MLX (Apple Silicon). Use when: train with GRPO, fine-tune, reward functions, SFT training, FP8 training, vision fine-tuning, phone deployment, docker training, packing, export to GGUF, prepare dataset, synthetic data, install unsloth, environment flags, MLX training.

Manages cloud infrastructure through natural language conversations with Pulumi Neo, an AI agent for platform engineers. Enables infrastructure analysis, resource provisioning, stack deployment, and configuration management via conversational AI. Use when creating Neo tasks, requesting infrastructure analysis, automating cloud deployments, managing infrastructure as code (IaC), provisioning AWS/Azure/GCP resources, managing infrastructure through natural language prompts, reviewing PRs with Neo, handling Neo approval workflows, or checking Neo task status and events. Also use when the user mentions "Pulumi Neo", "Neo task", "Neo agent", or wants AI-assisted infrastructure management.

Comprehensive GitHub repository management toolkit. Provides file editing, issue/PR management, GitFlow workflow, release management, commit investigation, CI/CD workflow creation, and configuration file generation via MCP GitHub tools.

Customer-tagged, opinionated CLI over AWS via boto3. Reads + writes + intent commands across IAM, EC2, S3, RDS, Lambda, VPC, Route 53, CloudWatch, ECR, EKS, Cost Explorer, plus jumphost provision/teardown, security audit, untagged-resource cleanup, per-customer cost reports, and Terraform rendering. Multi-account via AWS profiles.

Watch a PR through CI and review feedback: commit/push, wait for CI, auto-fix high-confidence failures, reply to active review threads, address top-level Conversation-tab comments, and summarize automated review-body content with sentinel-tagged comments. Runs one pass against the current branch's PR; pass a PR number or URL to `gh pr checkout` that PR first. Use when the user says 'babysit my PR', 'babysit PR 482', 'watch my PR', 'keep my PR moving', or 'respond to comments'.

Terraform and Infrastructure as Code optimization guidelines from Terramate. This skill should be used when writing, reviewing, or refactoring Terraform/OpenTofu code to ensure optimal patterns for security, maintainability, and reliability. Triggers on tasks involving Terraform modules, infrastructure provisioning, state management, or IaC optimization.

AWS Cloud Development Kit (CDK) expert for building cloud infrastructure with TypeScript/Python. Use when creating CDK stacks, defining CDK constructs, implementing infrastructure as code, or when the user mentions CDK, CloudFormation, IaC, cdk synth, cdk deploy, or wants to define AWS infrastructure programmatically. Covers CDK app structure, construct patterns, stack composition, and deployment workflows.

Use when deploying or managing Kubernetes workloads. Invoke to create deployment manifests, configure pod security policies, set up service accounts, define network isolation rules, debug pod crashes, analyze resource limits, inspect container logs, or right-size workloads. Use for Helm charts, RBAC policies, NetworkPolicies, storage configuration, performance optimization, GitOps pipelines, and multi-cluster management.

Build Spring Boot 4.x applications following the best practices. Use this skill: * When developing Spring Boot applications using Spring MVC, Spring Data JPA, Spring Modulith, Spring Security * To create recommended Spring Boot package structure * To implement REST APIs, entities/repositories, service layer, modular monoliths * To use Thymeleaf view templates for building web applications * To write tests for REST APIs and Web applications * To write ArchUnit tests for testing architecture * To configure the recommended plugins and configurations to improve code quality, and testing while using Maven. * To use Spring Boot's Docker Compose support for local development * To create Taskfile for easier execution of common tasks while working with a Spring Boot application

Establish GitHub Actions macOS CI/CD for signing, notarization, GitHub Releases, and auto-updates. Use when setting up Apple app release pipelines, Developer ID signing, notarization, DMG/ZIP distribution, Sparkle (native), or electron-updater (Electron). Trigger phrases include "mac release CI", "notarize app", "auto-updater", "GitHub Actions macOS".

Training manager for Hugging Face Jobs - launch fine-tuning on HF cloud GPUs with optional WandB monitoring

Query and manage GitHub repositories - list repos, check CI status, create issues, search repos, and view recent activity.

Build and deploy a Coralogix dashboard for a given service from its logs, spans, metrics, and service specs. Discovers telemetry via cx CLI commands, emits importable Coralogix JSON, verifies every PromQL and DataPrime query live through the `cx` CLI, and creates or updates dashboards via `cx dashboards create` and `cx dashboards replace`. Use whenever the user asks to create, build, generate, deploy, update, replace, or modify a Coralogix dashboard, monitoring dashboard, or observability dashboard for a service, app, or pipeline.

Reference Docker and Compose documentation for configuration patterns and best practices

Generate codebase activity summaries (daily/weekly/catchup/view) from Azure DevOps PRs, work items, local git, and optionally Confluence. Trigger when user says "/df:insights", asks "what happened", "codebase activity", "team summary", or wants a PR/commit roll-up.

Bitbucket CLI for Data Center and Cloud. Use when users need to manage repositories, pull requests, branches, issues, webhooks, or pipelines in Bitbucket. Triggers include "bitbucket", "bkt", "pull request", "PR", "repo list", "branch create", "Bitbucket Data Center", "Bitbucket Cloud", "keyring timeout".

Configures and manages Depot CI, a drop-in replacement for GitHub Actions that runs workflows entirely within Depot. Use when migrating GitHub Actions workflows to Depot CI, running `depot ci migrate`, managing Depot CI secrets and variables, running workflows with `depot ci run`, debugging Depot CI runs with `depot ci run list`, `depot ci status`, `depot ci logs`, or `depot ci ssh`, checking workflow compatibility, or understanding Depot CI capabilities. Also use when the user mentions .depot/ directory, depot ci commands, or asks about running GitHub Actions workflows on Depot's infrastructure without GitHub-hosted runners.

Read or search GitHub (issues, PRs, review threads, comments, code, notifications) and analyze GitHub Actions (workflow runs, billing, costs, failures, rerun/cancel). Use on any GitHub URL or repo lookup. Not for implementing code fixes or PR feedback — use gt:github-pr.

# Monitor CI Command

Review dbt model data changes using Recce. Triggers when: user asks to review data changes, check data impact, run recce review, validate model changes before committing, review a Recce Cloud PR session, connect MCP to a cloud session, pastes a GitHub PR / GitLab MR URL, or pastes a Recce Cloud session/launch URL for cloud-mode review.

Terramate CLI, Cloud, and Catalyst best practices and usage guides. This skill should be used when working with Terramate stacks, orchestration, code generation, Cloud integration, or Catalyst components and bundles.

Deploy and manage services on the Elestio DevOps platform. Use when the user wants to deploy apps, databases, or infrastructure on Elestio, manage projects, services, CI/CD pipelines, backups, domains, firewall, volumes, or billing. Covers 400+ open-source templates across 9 cloud providers.

Inspect GitHub PR for CI failures, merge conflicts, update-branch requirements, reviewer comments, change requests, and unresolved review threads. Create fix plans and implement after user approval. Reply to ALL reviewer comments with action taken or reason for not addressing, then resolve threads. Notify reviewers after fixes.

Author, audit, and improve Grafana SKILL.md files against Anthropic's published Agent Skills guidance and the four-dimension rubric the grafana/skills CI gate uses (conciseness, actionability, workflow clarity, progressive disclosure). Applies the canonical SKILL.md structure (YAML frontmatter + body + references/ + scripts/ + assets/), the "pushy description" trigger pattern, the three-level progressive-disclosure model, and the validate-fix-rerun feedback loop. Use when creating a new skill in this repo, when reviewing a skill PR, when a skill's Tessl review score is below 75 (the merge gate), when a skill's description isn't getting picked up by agents, when restructuring a long SKILL.md into a bundle, or when the user asks how to write, improve, optimize, audit, or fix a skill - even if they don't say "skill" explicitly (e.g. "this isn't triggering", "Tessl scored this 72", "split this doc").

Use when deploying Deno apps to production, asking about Deno Deploy, or working with `deno deploy` CLI commands. Covers deployment workflows, environment variables, KV database access, custom domains, the --tunnel flag for local development, and the `deno deploy` command reference.

Codebase intelligence for JavaScript and TypeScript. Free static layer reports quality, changed-code risk, cleanup opportunities (unused files, exports, types, dependencies), code duplication, circular dependencies, complexity hotspots, architecture boundary violations, feature flag patterns, and opt-in security candidates. Runtime coverage merges production execution data into the same health report for hot-path review, cold-path deletion confidence, and stale-flag evidence, with a single local capture available by default and continuous/cloud runtime monitoring available as an optional mode. 121 framework plugins, zero configuration, sub-second static analysis. Use when asked to analyze code health, audit PR risk, find cleanup opportunities or unused code, detect duplicates, check circular dependencies, audit complexity, check architecture boundaries, detect feature flags, surface security candidates, clean up the codebase, auto-fix issues, merge runtime coverage, or run fallow.

Expert guidance for using the GitLab CLI (glab) to manage GitLab issues, merge requests, CI/CD pipelines, repositories, and other GitLab operations from the command line. Use this skill when the user needs to interact with GitLab resources or perform GitLab workflows.

Solution Architect (/arch, alias: Jorge, /jorge) - Principal Solution Architect with 15+ years designing scalable distributed systems. Use when making technology choices, designing system architecture, selecting patterns (Saga, CQRS, Event Sourcing), creating ADRs, planning integrations, database sharding/replication, microservices/microfrontends, security architecture, data platforms, AI/ML systems, or cloud cost optimization. Provides architectural guardrails, not prescriptions — developers decide HOW within boundaries.

Setup Spanora AI observability in any project (JavaScript/TypeScript or Python). Use when user asks to "add spanora", "setup spanora", "integrate spanora", "add AI observability", "monitor LLM calls with spanora", "track AI costs", or mentions spanora in the context of adding observability to their project. Detects the language and installed AI SDKs (Vercel AI, Anthropic, OpenAI, LangChain) and configures the optimal integration pattern.

Use when writing, reviewing, or debugging Terraform/OpenTofu modules, tests, CI, scans, or state ops - diagnoses failure mode (identity churn, secrets, blast radius, CI drift, state corruption) with version-aware guards.

Comprehensive guide for working with HashiCorp Terraform Stacks. Use when creating, modifying, or validating Terraform Stack configurations (.tfcomponent.hcl, .tfdeploy.hcl files), working with stack components and deployments from local modules, public registry, or private registry sources, managing multi-region or multi-environment infrastructure, or troubleshooting Terraform Stacks syntax and structure.

Run Python code in the cloud with serverless containers, GPUs, and autoscaling. Use when deploying ML models, running batch jobs, scheduling tasks, serving APIs with GPU acceleration, or scaling compute-intensive workloads. Triggers on requests for serverless GPU infrastructure, LLM inference, model training/fine-tuning, parallel data processing, cron jobs in the cloud, or deploying Python web endpoints.