mikrotik-routeros-rsc
Creation, editing, and review of RouterOS scripts (.rsc) with focus on idempotency, security, and best practices. Use when you need to generate, adjust, or import .rsc files for MikroTik: (1) create new configurations via script, (2) edit existing scripts with safe corrections, (3) review risks and execution policies, (4) validate with import dry-run and error handling.
What this skill does
# Skill: RouterOS .rsc
This skill guides the creation, editing, and review of RouterOS (.rsc) scripts with safe and idempotent patterns, plus validation before import.
## Quick workflow
1. Define script objective and scope.
2. Apply idempotent patterns (see References).
3. Validate syntax and risks with the linter (scripts/lint_rsc.py).
4. Test import with `dry-run` and `on-error`.
5. Import in a controlled manner to production.
## Essential practices
- Prefer `find where ...` + conditionals before `add`/`set`.
- Avoid broad policies in `/system script add policy=...`.
- Use `:onerror` and `:jobname` for robustness and single instance.
- Never include destructive commands (`system reset-configuration`, etc.).
- Parameterize and isolate scopes (`:local` vs `:global`).
## Validation and testing
- Lint: `python scripts/lint_rsc.py path/to/script.rsc`.
- Safe import (RouterOS ≥ 7.16.x):
- `import test.rsc verbose=yes dry-run` reports every syntax error in the file without applying any change.
- `:do { import test.rsc } on-error={ :put "Failure" }` — `on-error=` is an import-specific parameter added in 7.16.x. Catches errors from `import` itself (missing file, syntax errors). Errors produced *inside* the imported script are not caught here.
- `:onerror e in={ import test.rsc } do={ :put "Failure - $e" }` — `:onerror` is the general error-handling command (any RouterOS version that supports it). The error message is bound to the named variable.
## References (use as needed)
- Language and syntax: see references/LANGUAGE.md
- .rsc export/import, `dry-run` and `onerror`: see references/RSC_GUIDE.md
- Security and idempotency best practices: see references/SAFE_PRACTICES.md
- Common examples and patterns: see references/EXAMPLES.md
- Linter rules: see references/LINTER_RULES.md
## Notes
- Scripts should be consistent with RouterOS v7 (preferred) and compatible with v6 where possible.
- Use `print as-value`, arrays, and `where` filters for robust queries.
- For scheduled execution, use Scheduler with appropriate permissions.
Related in Security
mac-ops
IncludedComprehensive macOS workstation operations — diagnose kernel panics, identify failing drives, audit launchd startup items, decode wake reasons, triage TCC permission denials, manage APFS snapshots, recover from no-boot. Use for: Mac is slow, slow bootup, won't boot, kernel panic, kernel_task hot, mds_stores CPU, photoanalysisd, cloudd, login loop, gray screen, sleep wake failure, drive failing, IO errors, APFS snapshots eating space, Time Machine local snapshots, Spotlight indexing, launchd, LaunchAgent, LaunchDaemon, login items, TCC permissions, Full Disk Access, Screen Recording denied, Gatekeeper, quarantine, com.apple.quarantine, app is damaged, helper tool, /Library/PrivilegedHelperTools, pmset, wake reasons, dark wake, sysdiagnose, panic.ips, DiagnosticReports, configuration profile, MDM profile, remote diagnostics over SSH.
a11y-audit
IncludedRun accessibility audits on web projects combining automated scanning (axe-core, Lighthouse) with WCAG 2.1 AA compliance mapping, manual check guidance, and structured reporting. Output is configurable: markdown report only, markdown plus machine-readable JSON, or markdown plus issue tracker integration. Use this skill whenever the user mentions "accessibility audit", "a11y audit", "WCAG audit", "accessibility check", "compliance scan", or asks to check a web project for accessibility issues. Also trigger when the user wants to verify WCAG conformance or map findings to a specific standard (CAN-ASC-6.2, EN 301 549, ADA/AODA).
erpclaw
IncludedAI-native ERP system with self-extending OS. Full accounting, invoicing, inventory, purchasing, tax, billing, HR, payroll, advanced accounting (ASC 606/842, intercompany, consolidation), and financial reporting. 413 actions across 14 domains, 43 expansion modules. Constitutional guardrails, adversarial audit, schema migration. Double-entry GL, immutable audit trail, US GAAP.
assess
IncludedAssesses and rates quality 0-10 across multiple dimensions (correctness, maintainability, security, performance, testability, simplicity) with pros/cons analysis. Compares against project conventions and prior decisions from memory. Produces structured evaluation reports with actionable improvement suggestions. Use when evaluating code, designs, architectures, or comparing alternative approaches.
spring-boot-security-jwt
IncludedProvides JWT authentication and authorization patterns for Spring Boot 3.5.x covering token generation with JJWT, Bearer/cookie authentication, database/OAuth2 integration, and RBAC/permission-based access control using Spring Security 6.x. Use when implementing authentication or authorization in Spring Boot applications.
code-hardcode-audit
IncludedDetect hardcoded values, magic numbers, and leaked secrets. TRIGGERS - hardcode audit, magic numbers, PLR2004, secret scanning.