Docker
InfrastructureCommonly used with
Skills using Docker (636)
autogpt-agents
Autonomous AI agent platform for building and deploying continuous agents. Use when creating visual workflow agents, deploying persistent autonomous agents, or building complex multi-step AI automation systems.
cloud-devops
Cloud infrastructure and DevOps workflow covering AWS, Azure, GCP, Kubernetes, Terraform, CI/CD, monitoring, and cloud-native development.
docker-expert
Docker containerization expert with deep knowledge of multi-stage builds, image optimization, container security, Docker Compose orchestration, and production deployment patterns. Use PROACTIVELY for Dockerfile optimization, container issues, image size problems, security hardening, networking, and orchestration challenges.
github-actions-templates
Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
nemo-evaluator-sdk
Evaluates LLMs across 100+ benchmarks from 18+ harnesses (MMLU, HumanEval, GSM8K, safety, VLM) with multi-backend execution. Use when needing scalable evaluation on local Docker, Slurm HPC, or cloud platforms. NVIDIA's enterprise-grade platform with container-first architecture for reproducible benchmarking.
railway-deploy
Deploy code to Railway using "railway up". Use when user wants to push code, says "railway up", "deploy", "ship", or "push". For initial setup or creating services, use railway-new skill. For Docker images, use railway-environment skill.
railway-environment
Query, stage, and apply configuration changes for Railway environments. Use for ANY variable or env var operations, service configuration (source, build settings, deploy settings), lifecycle (delete service), and applying changes. Prefer over railway-status skill for any configuration or variable queries.
railway-service
Check service status, rename services, change service icons, link services, or create services with Docker images. For creating services with local code, prefer railway-new skill. For GitHub repo sources, use railway-new skill to create empty service then railway-environment skill to configure source.
railway-status
Check current Railway project status for this directory. Use when user asks "railway status", "is it running", "what's deployed", "deployment status", or about uptime. NOT for variables or configuration queries - use railway-environment skill for those.
abridge-deploy-integration
Deploy Abridge clinical AI integration to HIPAA-compliant cloud infrastructure. Use when deploying to GCP Cloud Run, AWS ECS, or Azure Container Apps with healthcare-grade secrets management and compliance controls. Trigger: "deploy abridge", "abridge production deploy", "abridge Cloud Run", "abridge AWS deploy", "abridge HIPAA infrastructure".
anth-deploy-integration
Deploy Claude API integrations to production cloud environments. Use when deploying Claude-powered services to Docker, Cloud Run, ECS, or Kubernetes with proper secret management and health checks. Trigger with phrases like "deploy anthropic", "claude production deploy", "ship claude integration", "anthropic cloud deployment".
apex-takeover
System takeover — take ownership of an existing codebase or inherited system. Use when "we acquired this", "previous team left", "take over this system", "inherited this codebase".
apify-local-dev-loop
Set up local Apify Actor development with Apify CLI and Crawlee. Use when creating Actors locally, testing with apify run, or establishing a fast develop-test-deploy cycle. Trigger: "apify dev setup", "apify local development", "develop actor locally", "apify run local".
apify-prod-checklist
Production readiness checklist for Apify Actor deployments. Use when deploying Actors to production, preparing for launch, or validating Actor configuration before going live. Trigger: "apify production", "deploy actor to prod", "apify go-live", "apify launch checklist", "actor production ready".
apify-reference-architecture
Production-grade architecture patterns for Apify-powered applications. Use when designing scraping infrastructure, building multi-Actor pipelines, or integrating Apify into a larger system architecture. Trigger: "apify architecture", "apify best practices", "apify project structure", "scraping architecture", "apify system design".
appfolio-deploy-integration
Deploy AppFolio integration service to cloud infrastructure. Trigger: "deploy appfolio".
atlas-map
Map the system architecture — read the codebase, identify services and connections, output a C4-level architecture map as Mermaid diagrams with component descriptions. Use when asked to "map the architecture", "system diagram", "how does this work", or "architecture overview".
atlas-onboard
Generate onboarding documentation — what this project does, how to set up locally, where things live, key decisions, how to deploy. Written for day-one engineers who know nothing. Use when asked for "onboarding docs", "new engineer guide", "how to get started", or "developer setup".
clickhouse-local-dev-loop
Run ClickHouse locally with Docker, configure test fixtures, and iterate fast. Use when setting up a local ClickHouse dev environment, writing integration tests, or running ClickHouse in Docker Compose. Trigger: "clickhouse local dev", "clickhouse docker", "clickhouse dev environment", "run clickhouse locally", "clickhouse docker compose".
coreweave-ci-integration
Integrate CoreWeave deployments into CI/CD pipelines with GitHub Actions. Use when automating container builds, deploying inference services from CI, or validating GPU manifests in pull requests. Trigger with phrases like "coreweave CI", "coreweave github actions", "coreweave pipeline", "automate coreweave deploy".
coreweave-deploy-integration
Deploy inference services on CoreWeave with Helm charts and Kustomize. Use when deploying multi-model inference, managing GPU deployments at scale, or templating CoreWeave manifests. Trigger with phrases like "deploy coreweave", "coreweave helm", "coreweave kustomize", "coreweave deployment patterns".
coreweave-local-dev-loop
Set up local development workflow for CoreWeave GPU deployments. Use when building containers locally, testing YAML manifests, or iterating on model serving configurations before deploying. Trigger with phrases like "coreweave dev setup", "coreweave local testing", "develop for coreweave", "coreweave container build".
coreweave-reference-architecture
Reference architecture for CoreWeave GPU cloud deployments. Use when designing ML infrastructure, planning multi-model serving, or establishing CoreWeave deployment standards. Trigger with phrases like "coreweave architecture", "coreweave design", "coreweave infrastructure", "coreweave best practices".
cortex-recon
ML reconnaissance — inventory all models, pipelines, data sources, and monitoring. Use when asked "what ML do we have", "model inventory", or "ML assessment".
deepgram-deploy-integration
Deploy Deepgram integrations to production environments. Use when deploying to cloud platforms, configuring containers, or setting up Deepgram in Docker/Kubernetes/serverless. Trigger: "deploy deepgram", "deepgram docker", "deepgram kubernetes", "deepgram production deploy", "deepgram cloud run", "deepgram lambda".
deepgram-multi-env-setup
Configure Deepgram multi-environment setup for dev, staging, and production. Use when setting up environment-specific configurations, managing multiple Deepgram projects, or implementing environment isolation. Trigger: "deepgram environments", "deepgram staging", "deepgram dev prod", "multi-environment deepgram", "deepgram config management".
documenso-deploy-integration
Deploy Documenso integrations across different platforms and environments. Use when deploying to cloud platforms, containerizing applications, or setting up infrastructure for Documenso integrations. Trigger with phrases like "deploy documenso", "documenso docker", "documenso kubernetes", "documenso cloud deployment".
evernote-deploy-integration
Deploy Evernote integrations to production environments. Use when deploying to cloud platforms, configuring production, or setting up deployment pipelines. Trigger with phrases like "deploy evernote", "evernote production deploy", "release evernote", "evernote cloud deployment".
fathom-deploy-integration
Deploy Fathom webhook handlers and meeting sync services. Trigger with phrases like "deploy fathom", "fathom webhook server", "fathom cloud function".
finta-deploy-integration
Deploy Finta integrations and reporting dashboards. Trigger with phrases like "deploy finta", "finta dashboard".
firecrawl-local-dev-loop
Configure Firecrawl local development with self-hosted Docker, mocking, and testing. Use when setting up a development environment, running Firecrawl locally to save credits, or configuring test workflows with vitest. Trigger with phrases like "firecrawl dev setup", "firecrawl local development", "firecrawl docker", "firecrawl self-hosted dev", "firecrawl test setup".
flyio-ci-integration
Configure CI/CD pipelines for Fly.io with GitHub Actions, Docker builds, deploy tokens, and automated deployment workflows. Trigger: "fly.io CI", "fly.io GitHub Actions", "fly deploy CI/CD".
flyio-common-errors
Diagnose and fix common Fly.io errors including deployment failures, health check failures, machine issues, and networking problems. Trigger: "fly.io error", "fly deploy failed", "fly.io not working", "fly health check".
flyio-core-workflow-a
Execute Fly.io primary workflow: deploy, scale, and manage apps with flyctl and fly.toml. Use when deploying applications, configuring regions, setting secrets, or managing the app lifecycle on Fly.io. Trigger: "fly deploy", "fly.io app management", "fly scale", "fly.io regions".
flyio-deploy-integration
Advanced Fly.io deployment strategies including blue-green deployments, canary releases, multi-region rollouts, and Machines API orchestration. Trigger: "fly.io blue-green", "fly.io canary deploy", "fly.io rolling update".
flyio-hello-world
Deploy your first app to Fly.io with flyctl launch and the Machines API. Use when starting a new Fly.io project, deploying a container globally, or testing edge compute deployment. Trigger: "fly.io hello world", "fly launch", "deploy to fly.io", "first fly app".
flyio-local-dev-loop
Configure Fly.io local development with Docker, proxy, and SSH console. Use when setting up local dev against Fly services, testing Dockerfiles, or establishing a fast iteration cycle. Trigger: "fly.io dev setup", "fly.io local development", "fly proxy".
flyio-prod-checklist
Execute Fly.io production deployment checklist with health checks, auto-scaling, monitoring, and rollback procedures. Trigger: "fly.io production", "fly.io go-live", "fly.io prod checklist".
fondo-deploy-integration
Deploy financial dashboards and reporting tools that consume Fondo data to Vercel, Fly.io, or internal infrastructure. Trigger: "fondo dashboard deploy", "fondo financial dashboard", "deploy finance app".
glean-deploy-integration
Deploy Glean custom connectors as scheduled jobs on Cloud Run, Lambda, or Fly.io. Trigger: "deploy glean connector", "glean connector hosting", "schedule glean indexing".
grammarly-deploy-integration
Deploy Grammarly integrations to Vercel, Fly.io, and Cloud Run platforms. Use when deploying Grammarly-powered applications to production, configuring platform-specific secrets, or setting up deployment pipelines. Trigger with phrases like "deploy grammarly", "grammarly Vercel", "grammarly production deploy", "grammarly Cloud Run", "grammarly Fly.io".
groq-deploy-integration
Deploy Groq integrations to Vercel, Cloud Run, and containerized platforms. Use when deploying Groq-powered applications to production, configuring platform-specific secrets, or setting up deployment pipelines. Trigger with phrases like "deploy groq", "groq Vercel", "groq production deploy", "groq Cloud Run", "groq Docker".
juicebox-deploy-integration
Deploy Juicebox integrations. Trigger: "deploy juicebox", "juicebox production deploy".
linktree-deploy-integration
Deploy Integration for Linktree. Trigger: "linktree deploy integration".
lucidchart-deploy-integration
Deploy Integration for Lucidchart. Trigger: "lucidchart deploy integration".
maintainx-deploy-integration
Deploy MaintainX integrations to production environments. Use when deploying to cloud platforms, configuring production environments, or automating deployment pipelines for MaintainX integrations. Trigger with phrases like "deploy maintainx", "maintainx deployment", "maintainx cloud deploy", "maintainx kubernetes", "maintainx docker".
mindtickle-deploy-integration
Deploy Integration for MindTickle. Trigger: "mindtickle deploy integration".
mocking-apis
Generate mock API servers for testing and development with realistic response data. Use when creating mock APIs for development and testing. Trigger with phrases like "create mock API", "generate API mock", or "setup mock server".
ollama-setup
Configure auto-configure Ollama when user needs local LLM deployment, free AI alternatives, or wants to eliminate hosted API costs. Trigger phrases: "install ollama", "local AI", "free LLM", "self-hosted AI", "replace OpenAI", "no API costs". Use when appropriate context detected. Trigger with relevant phrases based on skill purpose.
onenote-deploy-integration
Deploy OneNote integrations with MSAL token persistence, health checks, and container best practices. Use when containerizing OneNote services, configuring health endpoints, or managing token cache in production. Trigger with "onenote deploy", "onenote docker", "onenote container", "onenote health check".
openevidence-deploy-integration
Deploy Integration for OpenEvidence. Trigger: "openevidence deploy integration".
oraclecloud-deploy-integration
Deploy containers to OCI using OKE (Kubernetes) or Container Instances. Use when deploying applications to Oracle Cloud, pushing images to OCIR, or configuring OKE clusters. Trigger with "oraclecloud deploy", "oci kubernetes", "oke deploy", "oci container instances", "oracle cloud deploy integration".
palantir-deploy-integration
Deploy Palantir Foundry integrations to cloud platforms with secrets management. Use when deploying Foundry-powered applications to production, configuring platform-specific secrets, or setting up deployment pipelines. Trigger with phrases like "deploy palantir", "foundry deploy", "palantir production deploy", "foundry Cloud Run".
replit-migration-deep-dive
Migrate to Replit from Heroku, Railway, Vercel, or local development environments. Use when moving an existing app to Replit, migrating databases, or converting Docker/buildpack apps to Replit's Nix-based system. Trigger with phrases like "migrate to replit", "heroku to replit", "move to replit", "replit migration", "railway to replit", "convert to replit".
research-to-deploy
Researches infrastructure best practices and generates deployment-ready configurations, Terraform modules, Dockerfiles, and CI/CD pipelines. Use when the user needs to deploy services, set up infrastructure, or create cloud configurations based on current best practices. Trigger with phrases like "research and deploy", "set up Cloud Run", "create Terraform for", "deploy this to AWS", or "generate infrastructure configs".
sentry-ci-integration
Integrate Sentry into CI/CD pipelines for automated release creation, source map uploads, and deploy notifications. Use when setting up GitHub Actions, GitLab CI, or CircleCI to automate Sentry releases, upload source maps, or associate commits with deploys. Trigger with phrases like "sentry github actions", "sentry CI pipeline", "automate sentry releases", "sentry source map upload CI", "sentry gitlab ci", "sentry circleci".
speak-deploy-integration
Deploy Speak language learning features to Vercel, Cloud Run, or containerized environments. Use when implementing deploy integration, or managing Speak language learning platform operations. Trigger with phrases like "speak deploy integration", "speak deploy integration".
supabase-local-dev-loop
Configure Supabase local development with the CLI, Docker, and migration workflow. Use when initializing a Supabase project locally, starting the local stack, writing migrations, seeding data, or iterating on schema changes. Trigger with phrases like "supabase local dev", "supabase start", "supabase init", "supabase db reset", "supabase local setup".
together-deploy-integration
Together AI deploy integration for inference, fine-tuning, and model deployment. Use when working with Together AI's OpenAI-compatible API. Trigger: "together deploy integration".
vastai-ci-integration
Configure Vast.ai CI/CD integration with GitHub Actions and automated GPU testing. Use when setting up automated testing on GPU instances, or integrating Vast.ai provisioning into CI/CD pipelines. Trigger with phrases like "vastai CI", "vastai github actions", "vastai automated testing", "vastai pipeline".
vastai-common-errors
Diagnose and fix Vast.ai common errors and exceptions. Use when encountering Vast.ai errors, debugging failed instances, or troubleshooting GPU rental issues. Trigger with phrases like "vastai error", "fix vastai", "vastai not working", "debug vastai", "vastai instance failed".
vastai-core-workflow-a
Execute Vast.ai primary workflow: GPU instance provisioning and job execution. Use when renting GPUs for training, searching offers by price and specs, or managing the full instance lifecycle from search to teardown. Trigger with phrases like "vastai rent gpu", "vastai training job", "vastai provision instance", "run job on vastai".
vastai-deploy-integration
Deploy ML training jobs and inference services on Vast.ai GPU cloud. Use when deploying GPU workloads, configuring Docker images, or setting up automated deployment scripts. Trigger with phrases like "deploy vastai", "vastai deployment", "vastai docker", "vastai production deploy".
vastai-local-dev-loop
Configure Vast.ai local development with testing and fast iteration. Use when setting up a development environment, testing instance provisioning, or building a fast iteration cycle for GPU workloads. Trigger with phrases like "vastai dev setup", "vastai local development", "vastai dev environment", "develop with vastai".
vastai-migration-deep-dive
Migrate GPU workloads to or from Vast.ai, or between GPU providers. Use when switching from AWS/GCP/Azure GPU instances to Vast.ai, migrating between GPU types, or re-platforming ML infrastructure. Trigger with phrases like "migrate to vastai", "vastai migration", "switch to vastai", "vastai from aws", "vastai from lambda".
vastai-performance-tuning
Optimize Vast.ai GPU instance selection, startup time, and training throughput. Use when optimizing instance selection, reducing startup latency, or maximizing GPU utilization on rented hardware. Trigger with phrases like "vastai performance", "optimize vastai", "vastai slow", "vastai gpu utilization", "vastai throughput".
vastai-prod-checklist
Execute Vast.ai production deployment checklist for GPU workloads. Use when deploying training pipelines to production, preparing for large-scale GPU jobs, or auditing production readiness. Trigger with phrases like "vastai production", "deploy vastai", "vastai go-live", "vastai launch checklist".
moai-foundation-cc
Canonical Claude Code authoring kit covering Skills, sub-agents, plugins, slash commands, hooks, memory, settings, sandboxing, headless mode, and advanced agent patterns. Use when creating Claude Code extensions or configuring Claude Code features.
moai-platform-deployment
Deployment and hosting platform specialist covering Vercel, Railway, and Convex. Use when deploying applications, configuring edge functions, setting up continuous deployment, or managing serverless infrastructure.
azd-deployment
Deploy containerized frontend + backend applications to Azure Container Apps with remote builds, managed identity, and idempotent infrastructure.
cloud-devops
Cloud infrastructure and DevOps workflow covering AWS, Azure, GCP, Kubernetes, Terraform, CI/CD, monitoring, and cloud-native development.
cred-omega
CISO operacional enterprise para gestao total de credenciais e segredos.
deployment-pipeline-design
Architecture patterns for multi-stage CI/CD pipelines with approval gates and deployment strategies.
devops-deploy
DevOps e deploy de aplicacoes — Docker, CI/CD com GitHub Actions, AWS Lambda, SAM, Terraform, infraestrutura como codigo e monitoramento.
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
gcp-cloud-run
Specialized skill for building production-ready serverless applications on GCP. Covers Cloud Run services (containerized), Cloud Run Functions (event-driven), cold start optimization, and event-driven architecture with Pub/Sub.
github-actions-templates
Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
kubernetes-deployment
Kubernetes deployment workflow for container orchestration, Helm charts, service mesh, and production-ready K8s configurations.
readme
You are an expert technical writer creating comprehensive project documentation. Your goal is to write a README.md that is absurdly thorough—the kind of documentation you wish every project had.
aws-architecture-diagram
Generate validated AWS architecture diagrams as draw.io XML using official AWS4 icon libraries. Use this skill whenever the user wants to create, generate, or design AWS architecture diagrams, cloud infrastructure diagrams, or system design visuals. Also triggers for requests to visualize existing infrastructure from CloudFormation, CDK, or Terraform code. Supports two modes: analyze an existing codebase to auto-generate diagrams, or brainstorm interactively from scratch. Exports .drawio files with optional PNG/SVG/PDF export via draw.io desktop CLI.
coreweave-migration-deep-dive
Migrate ML workloads from AWS/GCP/Azure to CoreWeave GPU cloud. Use when moving inference services from hyperscaler GPU instances, migrating training pipelines, or evaluating CoreWeave vs cloud GPU costs. Trigger with phrases like "migrate to coreweave", "coreweave migration", "move from aws to coreweave", "coreweave vs aws gpu".
docker-compose-creator
Create docker compose creator operations. Auto-activating skill for DevOps Basics. Triggers on: docker compose creator, docker compose creator Part of the DevOps Basics skill category. Use when working with docker compose creator functionality. Trigger with phrases like "docker compose creator", "docker creator", "docker".
dockerfile-generator
Generate dockerfile generator operations. Auto-activating skill for DevOps Basics. Triggers on: dockerfile generator, dockerfile generator Part of the DevOps Basics skill category. Use when working with dockerfile generator functionality. Trigger with phrases like "dockerfile generator", "dockerfile generator", "dockerfile".
persona-deploy-integration
Deploy Persona verification service to cloud platforms. Use when working with Persona identity verification. Trigger with phrases like "persona deploy-integration", "persona deploy-integration".
windsurf-dockerfile-generation
Create optimized Dockerfiles with AI-driven best practices. Activate when users mention "create dockerfile", "container image", "docker optimization", "containerize application", or "docker best practices". Handles Docker configuration generation. Use when working with windsurf dockerfile generation functionality. Trigger with phrases like "windsurf dockerfile generation", "windsurf generation", "windsurf".
ln-629-lifecycle-auditor
Checks bootstrap initialization, graceful shutdown, resource cleanup, signal handling, liveness/readiness probes. Use when auditing app lifecycle.
analyzing-docker-container-forensics
Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.
building-ioc-enrichment-pipeline-with-opencti
OpenCTI is an open-source platform for managing cyber threat intelligence knowledge, built on STIX 2.1 as its native data model. This skill covers building an automated IOC enrichment pipeline using O
building-threat-feed-aggregation-with-misp
Deploy MISP (Malware Information Sharing Platform) to aggregate, correlate, and distribute threat intelligence feeds from multiple sources for centralized IOC management and automated SIEM integration.
building-threat-intelligence-platform
Building a Threat Intelligence Platform (TIP) involves deploying and integrating multiple CTI tools into a unified system for collecting, analyzing, enriching, and disseminating threat intelligence. T
building-vulnerability-dashboard-with-defectdojo
Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.
collecting-threat-intelligence-with-misp
MISP (Malware Information Sharing Platform) is an open-source threat intelligence platform for gathering, sharing, storing, and correlating Indicators of Compromise (IOCs) of targeted attacks, threat
hardening-docker-containers-for-production
Hardening Docker containers for production involves applying security best practices aligned with CIS Docker Benchmark v1.8.0 to minimize attack surface, prevent privilege escalation, and enforce leas
implementing-container-image-minimal-base-with-distroless
Reduce container attack surface by building application images on Google distroless base images that contain only the application runtime with no shell, package manager, or unnecessary OS utilities.
implementing-devsecops-security-scanning
Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) into CI/CD pipelines using open-source tools. Covers Semgrep for SAST, Trivy for SCA and container scanning, OWASP ZAP for DAST, and Gitleaks for secrets detection. Activates for requests involving DevSecOps pipeline setup, automated security scanning in CI/CD, SAST/DAST/SCA integration, or shift-left security implementation.
implementing-network-deception-with-honeypots
Deploy and manage network honeypots using OpenCanary, T-Pot, or Cowrie to detect unauthorized access, lateral movement, and attacker reconnaissance.
implementing-taxii-server-with-opentaxii
Deploy and configure an OpenTAXII server to share and consume STIX-formatted cyber threat intelligence using the TAXII 2.1 protocol for automated indicator exchange between organizations.
integrating-dast-with-owasp-zap-in-pipeline
This skill covers integrating OWASP ZAP (Zed Attack Proxy) for Dynamic Application Security Testing in CI/CD pipelines. It addresses configuring baseline, full, and API scans against running applications, interpreting ZAP findings, tuning scan policies, and establishing DAST quality gates in GitHub Actions and GitLab CI.
performing-agentless-vulnerability-scanning
Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.
performing-container-image-hardening
This skill covers hardening container images by minimizing attack surface, removing unnecessary packages, implementing multi-stage builds, configuring non-root users, and applying CIS Docker Benchmark recommendations to produce secure production-ready images.
performing-phishing-simulation-with-gophish
GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaign management, email template creation, landing pag
scanning-containers-with-trivy-in-cicd
This skill covers integrating Aqua Security's Trivy scanner into CI/CD pipelines for comprehensive container image vulnerability detection. It addresses scanning Docker images for OS package and application dependency CVEs, detecting misconfigurations in Dockerfiles, scanning filesystem and git repositories, and establishing severity-based quality gates that block deployment of vulnerable images.
scanning-docker-images-with-trivy
Trivy is a comprehensive open-source vulnerability scanner by Aqua Security that detects vulnerabilities in OS packages, language-specific dependencies, misconfigurations, secrets, and license violati
securing-container-registry-with-harbor
Harbor is an open-source container registry that provides security features including vulnerability scanning (integrated Trivy), image signing (Notary/Cosign), RBAC, content trust policies, replicatio
uv-package-manager
Comprehensive guide to using uv, an extremely fast Python package installer and resolver written in Rust, for modern Python project management and dependency workflows.
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimizing Python development workflows with uv.
modal
Cloud computing platform for running Python on GPUs and serverless infrastructure. Use when deploying AI/ML models, running GPU-accelerated workloads, serving web endpoints, scheduling batch jobs, or scaling Python code to the cloud. Use this skill whenever the user mentions Modal, serverless GPU compute, deploying ML models to the cloud, serving inference endpoints, running batch processing in the cloud, or needs to scale Python workloads beyond their local machine. Also use when the user wants to run code on H100s, A100s, or other cloud GPUs, or needs to create a web API for a model.
open-notebook
Self-hosted, open-source alternative to Google NotebookLM for AI-powered research and document analysis. Use when organizing research materials into notebooks, ingesting diverse content sources (PDFs, videos, audio, web pages, Office documents), generating AI-powered notes and summaries, creating multi-speaker podcasts from research, chatting with documents using context-aware AI, searching across materials with full-text and vector search, or running custom content transformations. Supports 16+ AI providers including OpenAI, Anthropic, Google, Ollama, Groq, and Mistral with complete data privacy through self-hosting.
bentoml-model-packager
BentoML skill for model packaging, serving, and containerization.
container-images
Docker and OCI container image expertise for building, optimizing, and securing container images
container-security-scanner
Container image and Kubernetes security scanning for CVEs, misconfigurations, and compliance
containerization-assistant
Assist in containerizing applications with Dockerfile generation and optimization
docker-test-environments
Docker-based test environment management for isolated, reproducible test execution. Create Docker Compose environments, manage test containers, configure service dependencies, and integrate with CI/CD pipelines.
openapi-codegen-orchestrator
Orchestrate multi-language SDK generation from OpenAPI specifications. Configure OpenAPI Generator per language, apply custom templates and post-processing, handle edge cases and custom extensions, and validate generated code compilation.
security-sandbox
Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage Docker-based analysis containers, and capture filesystem and process changes.
benchmark
Use this skill to measure performance baselines, detect regressions before/after PRs, and compare stack alternatives.
codebase-onboarding
Analyze an unfamiliar codebase and generate a structured onboarding guide with architecture map, key entry points, conventions, and a starter CLAUDE.md. Use when joining a new project or setting up Claude Code for the first time in a repo.
docker-patterns
Docker and Docker Compose patterns for local development, container security, networking, volume strategies, and multi-service orchestration.
plankton-code-quality
Write-time code quality enforcement using Plankton — auto-formatting, linting, and Claude-powered fixes on every file edit via hooks.
docker-development
Docker and container development agent skill and plugin for Dockerfile optimization, docker-compose orchestration, multi-stage builds, and container security hardening. Use when: user wants to optimize a Dockerfile, create or improve docker-compose configurations, implement multi-stage builds, audit container security, reduce image size, or follow container best practices. Covers build performance, layer caching, secret management, and production-ready container patterns.
senior-ml-engineer
ML engineering skill for productionizing models, building MLOps pipelines, and integrating LLMs. Covers model deployment, feature stores, drift monitoring, RAG systems, and cost optimization. Use when the user asks about deploying ML models to production, setting up MLOps infrastructure (MLflow, Kubeflow, Kubernetes, Docker), monitoring model performance or drift, building RAG pipelines, or integrating LLM APIs with retry logic and cost controls. Focused on production and operational concerns rather than model research or initial training.
gcp-cloud-run
Specialized skill for building production-ready serverless applications on GCP. Covers Cloud Run services (containerized), Cloud Run Functions (event-driven), cold start optimization, and event-driven architecture with Pub/Sub.
render-deploy
Deploy applications to Render by analyzing codebases, generating render.yaml Blueprints, and providing Dashboard deeplinks. Use when the user wants to deploy, host, publish, or set up their application on Render's cloud platform.
azure-prepare
Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: "create app", "build web app", "create API", "create serverless HTTP API", "create frontend", "create back end", "build a service", "modernize application", "update application", "add authentication", "add caching", "host on Azure", "create and deploy", "deploy to Azure", "deploy to Azure using Terraform", "deploy to Azure App Service", "deploy to Azure App Service using Terraform", "deploy to Azure Container Apps", "deploy to Azure Container Apps using Terraform", "generate Terraform", "generate Bicep", "function app", "timer trigger", "service bus trigger", "event-driven function", "containerized Node.js app", "social media app", "static portfolio website", "todo list with frontend and API", "prepare my Azure application to use Key Vault", "managed identity".
microsoft-foundry
Deploy, evaluate, and manage Foundry agents end-to-end: Docker build, ACR push, hosted/prompt agent create, container start, batch eval, prompt optimization, prompt optimizer workflows, agent.yaml, dataset curation from traces. USE FOR: deploy agent to Foundry, hosted agent, create agent, invoke agent, evaluate agent, run batch eval, optimize prompt, improve prompt, prompt optimization, prompt optimizer, improve agent instructions, optimize agent instructions, optimize system prompt, deploy model, Foundry project, RBAC, role assignment, permissions, quota, capacity, region, troubleshoot agent, deployment failure, create dataset from traces, dataset versioning, eval trending, create AI Services, Cognitive Services, create Foundry resource, provision resource, knowledge index, agent monitoring, customize deployment, onboard, availability. DO NOT USE FOR: Azure Functions, App Service, general Azure deploy (use azure-deploy), general Azure prep (use azure-prepare).
skillshare-cli-e2e-test
Run isolated E2E tests in devcontainer from ai_docs/tests runbooks. Use this skill whenever the user asks to: run an E2E test, execute a test runbook, validate a feature end-to-end, create a new runbook, or test CLI behavior in isolation. If you need to run a multi-step CLI validation sequence (init → install → sync → verify), this is the skill — it handles ssenv isolation, flag verification, and structured reporting. Prefer this over ad-hoc docker exec sequences for any test that follows a runbook or needs reproducible isolation.
apify-actor-development
Important: Before you begin, fill in the generatedBy property in the meta section of .actor/actor.json. Replace it with the tool and model you're currently using, such as "Claude Code with Claude Sonnet 4.5". This helps Apify monitor and improve AGENTS.md for specific AI tools and models.
apify-actorization
Actorization converts existing software into reusable serverless applications compatible with the Apify platform. Actors are programs packaged as Docker images that accept well-defined JSON input, perform an action, and optionally produce structured JSON output.
claude-settings-audit
Analyze a repository to generate recommended Claude Code settings.json permissions. Use when setting up a new project, auditing existing settings, or determining which read-only bash commands to allow. Detects tech stack, build tools, and monorepo structure.
odoo-docker-deployment
Production-ready Docker and docker-compose setup for Odoo with PostgreSQL, persistent volumes, environment-based configuration, and Nginx reverse proxy.
azure-prepare
Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: "create app", "build web app", "create API", "create serverless HTTP API", "create frontend", "create back end", "build a service", "modernize application", "update application", "add authentication", "add caching", "host on Azure", "create and deploy", "deploy to Azure", "deploy to Azure using Terraform", "deploy to Azure App Service", "deploy to Azure App Service using Terraform", "deploy to Azure Container Apps", "deploy to Azure Container Apps using Terraform", "generate Terraform", "generate Bicep", "function app", "timer trigger", "service bus trigger", "event-driven function", "containerized Node.js app", "social media app", "static portfolio website", "todo list with frontend and API", "prepare my Azure application to use Key Vault", "managed identity".
microsoft-foundry
Deploy, evaluate, and manage Foundry agents end-to-end: Docker build, ACR push, hosted/prompt agent create, container start, batch eval, prompt optimization, prompt optimizer workflows, agent.yaml, dataset curation from traces. USE FOR: deploy agent to Foundry, hosted agent, create agent, invoke agent, evaluate agent, run batch eval, optimize prompt, improve prompt, prompt optimization, prompt optimizer, improve agent instructions, optimize agent instructions, optimize system prompt, deploy model, Foundry project, RBAC, role assignment, permissions, quota, capacity, region, troubleshoot agent, deployment failure, create dataset from traces, dataset versioning, eval trending, create AI Services, Cognitive Services, create Foundry resource, provision resource, knowledge index, agent monitoring, customize deployment, onboard, availability. DO NOT USE FOR: Azure Functions, App Service, general Azure deploy (use azure-deploy), general Azure prep (use azure-prepare).
performing-cloud-native-forensics-with-falco
Uses Falco YAML rules for runtime threat detection in containers and Kubernetes, monitoring syscalls for shell spawns, file tampering, network anomalies, and privilege escalation. Manages Falco rules via the Falco gRPC API and parses Falco alert output. Use when building container runtime security or investigating k8s cluster compromises.
modal
Use when the user needs to run isolated code remotely — a disposable container, optional GPU access (T4 → H100), or a safer place for untrusted / heavy code. Prefer local execution for normal repo work; use Modal sandboxes for isolation, hardware access, or one-shot heavy compute.
devops-engineer
Creates Dockerfiles, configures CI/CD pipelines, writes Kubernetes manifests, and generates Terraform/Pulumi infrastructure templates. Handles deployment automation, GitOps configuration, incident response runbooks, and internal developer platform tooling. Use when setting up CI/CD pipelines, containerizing applications, managing infrastructure as code, deploying to Kubernetes clusters, configuring cloud platforms, automating releases, or responding to production incidents. Invoke for pipelines, Docker, Kubernetes, GitOps, Terraform, GitHub Actions, on-call, or platform engineering.
autogpt-agents
Autonomous AI agent platform for building and deploying continuous agents. Use when creating visual workflow agents, deploying persistent autonomous agents, or building complex multi-step AI automation systems.
nemo-evaluator-sdk
Evaluates LLMs across 100+ benchmarks from 18+ harnesses (MMLU, HumanEval, GSM8K, safety, VLM) with multi-backend execution. Use when needing scalable evaluation on local Docker, Slurm HPC, or cloud platforms. NVIDIA's enterprise-grade platform with container-first architecture for reproducible benchmarking.
braket-executor
Amazon Braket integration skill for multi-vendor quantum hardware access and hybrid workflows
compatibility-test-matrix
Multi-version, multi-platform SDK compatibility testing
docker-web
Docker containerization for web apps, multi-stage builds, and optimization.
nextflow-pipeline-executor
Nextflow workflow management skill for reproducible bioinformatics pipelines
singularity-container-manager
Singularity container management skill for HPC-compatible containerized execution
yaml
YAML configuration for CI/CD, Docker Compose, and Kubernetes.
open-notebook
Self-hosted, open-source alternative to Google NotebookLM for AI-powered research and document analysis. Use when organizing research materials into notebooks, ingesting diverse content sources (PDFs, videos, audio, web pages, Office documents), generating AI-powered notes and summaries, creating multi-speaker podcasts from research, chatting with documents using context-aware AI, searching across materials with full-text and vector search, or running custom content transformations. Supports 16+ AI providers including OpenAI, Anthropic, Google, Ollama, Groq, and Mistral with complete data privacy through self-hosting.
ecs
AWS ECS container orchestration for running Docker containers. Use when deploying containerized applications, configuring task definitions, setting up services, managing clusters, or troubleshooting container issues.
ln-731-docker-generator
Generates Dockerfile and docker-compose configuration for multi-container development. Use when containerizing a project.
ln-783-container-launcher
Builds and launches Docker containers with health verification. Use when validating that containerized services start correctly.
ctf-forensics
Provides digital forensics and signal analysis techniques for CTF challenges. Use when analyzing disk images, memory dumps, event logs, network captures, cryptocurrency transactions, steganography, PDF analysis, Windows registry, Volatility, PCAP, Docker images, coredumps, side-channel power traces, DTMF audio spectrograms, packet timing analysis, CD audio disc images, or recovering deleted files and credentials.
deploy
Elixir/Phoenix deployment patterns — Dockerfile, fly.toml, runtime.exs, mix release, rel/ overlays. Use when configuring Fly.io, Docker, CI/CD, health checks, or production migrations.
phxpermissions
Recommend safe Bash permissions for Elixir mix commands in settings.json. Use when permission prompts slow workflow, "fix permissions", "reduce prompts", "auto-allow mix".
analyzing-projects
Analyzes codebases to understand structure, tech stack, patterns, and conventions. Use when onboarding to a new project, exploring unfamiliar code, or when asked "how does this work?" or "what's the architecture?"
devops-infrastructure
Guides Docker, CI/CD pipelines, deployment strategies, infrastructure as code, and observability setup. Use when writing Dockerfiles, configuring GitHub Actions, planning deployments, setting up monitoring, or when asked about containers, pipelines, Terraform, or production infrastructure.
hermes-s6-container-supervision
Modify, debug, or extend the s6-overlay supervision tree inside the Hermes Agent Docker image — adding new services, debugging profile gateways, understanding the Architecture B main-program pattern.
brightdata-local-search
Set up and run local web searches using Bright Data SERP API with the unfancy-search pipeline (query expansion, SERP retrieval, RRF reranking).
devops-iac-engineer
Implements infrastructure as code using Terraform, Kubernetes, and cloud platforms. Designs scalable architectures, CI/CD pipelines, and observability solutions. Provides security-first DevOps practices and site reliability engineering guidance.
github-actions-creator
Use when the user wants to create, generate, or set up a GitHub Actions workflow. Handles CI/CD pipelines, testing, deployment, linting, security scanning, release automation, Docker builds, scheduled tasks, and any custom workflow for any language or framework.
dotnet-trace-collect
Guide developers through capturing diagnostic artifacts to diagnose production .NET performance issues. Use when the user needs help choosing diagnostic tools, collecting performance data, or understanding tool trade-offs across different environments (Windows/Linux, .NET Framework/modern .NET, container/non-container).
mcp-csharp-publish
Publish and deploy C# MCP servers. Covers NuGet packaging for stdio servers, Docker containerization for HTTP servers, Azure Container Apps and App Service deployment, and publishing to the official MCP Registry. USE FOR: packaging stdio MCP servers as NuGet tools, creating Dockerfiles for HTTP MCP servers, deploying to Azure Container Apps or App Service, publishing to the MCP Registry at registry.modelcontextprotocol.io, configuring server.json for MCP package metadata, setting up CI/CD for MCP server publishing. DO NOT USE FOR: publishing general NuGet libraries (not MCP-specific), general Docker guidance unrelated to MCP, creating new servers (use mcp-csharp-create), debugging (use mcp-csharp-debug), writing tests (use mcp-csharp-test).
migrate-dotnet10-to-dotnet11
Migrate a .NET 10 project or solution to .NET 11 and resolve all breaking changes. This is a MIGRATION skill — use it when upgrading from .NET 10 to .NET 11, NOT for writing new programs. USE FOR: upgrading TargetFramework from net10.0 to net11.0, fixing build errors after updating the .NET 11 SDK, resolving source-breaking and behavioral changes in .NET 11 runtime, C# 15 compiler, and EF Core 11, adapting to updated minimum hardware requirements (x86-64-v2, Arm64 LSE), and updating CI/CD pipelines and Dockerfiles for .NET 11. DO NOT USE FOR: .NET Framework migrations, upgrading from .NET 9 or earlier, greenfield .NET 11 projects, or cosmetic modernization unrelated to the upgrade. NOTE: .NET 11 is in preview. Covers breaking changes through Preview 1.
migrate-dotnet8-to-dotnet9
Migrate a .NET 8 project to .NET 9 and resolve all breaking changes. USE FOR: upgrading TargetFramework from net8.0 to net9.0, fixing build errors after updating the .NET 9 SDK, resolving behavioral changes in .NET 9 / C# 13 / ASP.NET Core 9 / EF Core 9, replacing BinaryFormatter (now always throws), resolving SYSLIB0054-SYSLIB0057, adapting to params span overload resolution, fixing C# 13 compiler changes, updating HttpClientFactory for SocketsHttpHandler, and resolving EF Core 9 migration/Cosmos DB changes. DO NOT USE FOR: .NET Framework migrations, upgrading from .NET 7 or earlier, greenfield .NET 9 projects, or cosmetic modernization unrelated to the upgrade.
migrate-dotnet9-to-dotnet10
Migrate a .NET 9 project or solution to .NET 10 and resolve all breaking changes. USE FOR: upgrading TargetFramework from net9.0 to net10.0, fixing build errors after updating the .NET 10 SDK, resolving source and behavioral changes in .NET 10 / C# 14 / ASP.NET Core 10 / EF Core 10, updating Dockerfiles for Debian-to-Ubuntu base images, resolving obsoletion warnings (SYSLIB0058-SYSLIB0062), adapting to SDK/NuGet changes (NU1510, PrunePackageReference), migrating System.Linq.Async to built-in AsyncEnumerable, fixing OpenApi v2 API changes, cryptography renames, and C# 14 compiler changes (field keyword, extension keyword, span overloads). DO NOT USE FOR: .NET Framework migrations, upgrading from .NET 8 or earlier (use migrate-dotnet8-to-dotnet9 first), greenfield .NET 10 projects, or cosmetic modernization. LOADS REFERENCES: csharp-compiler, core-libraries, sdk-msbuild (always); aspnet-core, efcore, cryptography, extensions-hosting, serialization-networking, winforms-wpf, containers-interop (selective).
dokploy-deploy
This skill should be used when user asks to "deploy with Dokploy", "use Dokploy Cloud", "manage self-hosted Dokploy", "deploy Docker Compose on Dokploy", "manage Dokploy databases", "configure Dokploy domains", or "look up Dokploy CLI commands".
containerize-aspnet-framework
Containerize an ASP.NET .NET Framework project by creating Dockerfile and .dockerfile files customized for the project.
containerize-aspnetcore
Containerize an ASP.NET Core project by creating Dockerfile and .dockerfile files customized for the project.
dependabot
Comprehensive guide for configuring and managing GitHub Dependabot. Use this skill when users ask about creating or optimizing dependabot.yml files, managing Dependabot pull requests, configuring dependency update strategies, setting up grouped updates, monorepo patterns, multi-ecosystem groups, security update configuration, auto-triage rules, or any GitHub Advanced Security (GHAS) supply chain security topic related to Dependabot.
multi-stage-dockerfile
Create optimized multi-stage Dockerfiles for any language or framework
generating-docker-compose-files
This skill enables Claude to generate Docker Compose configurations for multi-container applications. It leverages best practices for production-ready deployments, including defining services, networks, volumes, health checks, and resource limits. Claude should use this skill when the user requests a Docker Compose file, specifies application architecture involving multiple containers, or mentions needs for container orchestration, environment variables, or persistent data management in a Docker environment. Trigger terms include "docker-compose", "docker compose file", "multi-container", "container orchestration", "docker environment", "service definition", "volume management", "network configuration", "health checks", "resource limits", and ".env files".
google-cloud-agent-sdk-master
Automatic activation for ALL Google Cloud Agent Development Kit (ADK) and Agent Starter Pack operations - multi-agent systems, containerized deployment, RAG agents, and production orchestration. **TRIGGER PHRASES:** - "adk", "agent development kit", "agent starter pack", "multi-agent", "build agent" - "cloud run agent", "gke deployment", "agent engine", "containerized agent" - "rag agent", "react agent", "agent orchestration", "agent templates" **AUTO-INVOKES FOR:** - Agent creation and scaffolding - Multi-agent system design - Containerized agent deployment - RAG (Retrieval-Augmented Generation) implementation - CI/CD pipeline setup for agents - Agent evaluation and monitoring
managing-test-environments
This skill enables Claude to manage isolated test environments using Docker Compose, Testcontainers, and environment variables. It is used to create consistent, reproducible testing environments for software projects. Claude should use this skill when the user needs to set up a test environment with specific configurations, manage Docker Compose files for test infrastructure, set up programmatic container management with Testcontainers, manage environment variables for tests, or ensure cleanup after tests. Trigger terms include "test environment", "docker compose", "testcontainers", "environment variables", "isolated environment", "env-setup", and "test setup".
orchestrating-deployment-pipelines
This skill orchestrates complex, multi-stage deployment pipelines. It generates production-ready configurations and setup code based on user-specified requirements and infrastructure. Use this skill when the user asks to create a deployment pipeline, generate CI/CD configurations, or needs help with automating software deployments. Trigger terms include "deployment pipeline", "CI/CD", "automate deployment", "pipeline configuration", and "deployment orchestration".
scanning-container-security
This skill enables Claude to scan container images and running containers for vulnerabilities using tools like Trivy and Snyk. It identifies potential security risks in container environments. Use this skill when the user requests a security assessment of a container image, asks to identify vulnerabilities in a container, or wants to improve the security posture of their containerized applications. Trigger terms include "scan container," "container security," "vulnerability assessment," "Trivy scan," or "Snyk scan."
setting-up-log-aggregation
This skill sets up log aggregation solutions using ELK (Elasticsearch, Logstash, Kibana), Loki, or Splunk. It generates production-ready configurations and setup code based on specific requirements and infrastructure. Use this skill when the user requests to set up logging infrastructure, configure log aggregation, deploy ELK stack, deploy Loki, deploy Splunk, or needs help with observability. It is triggered by terms like "log aggregation," "ELK setup," "Loki configuration," "Splunk deployment," or similar requests for centralized logging solutions.
yaml-master
PROACTIVE YAML INTELLIGENCE: Automatically activates when working with YAML files, configuration management, CI/CD pipelines, Kubernetes manifests, Docker Compose, or any YAML-based workflows. Provides intelligent validation, schema inference, linting, format conversion (JSON/TOML/XML), and structural transformations with deep understanding of YAML specifications and common anti-patterns.
entra-agent-id
Microsoft Entra Agent ID (preview) for creating OAuth2-capable AI agent identities via Microsoft Graph beta API. Covers Agent Identity Blueprints, BlueprintPrincipals, Agent Identities, required permissions, sponsors, and Workload Identity Federation. Includes Microsoft Entra SDK for AgentID (containerized sidecar) for polyglot agent authentication (Docker/Kubernetes), 3P agent integration, autonomous and interactive agent patterns. Triggers: "agent identity", "agent id", "Agent Identity Blueprint", "BlueprintPrincipal", "entra agent", "agent identity provisioning", "Graph agent identity", "entra sidecar", "agent id sidecar", "auth sidecar", "3P agent", "third-party agent identity", "polyglot agent auth".
add-codex
Use Codex (CLI + AppServer) as the full agent provider — planning, tool orchestration, native compaction, MCP tools, session resume — in place of the Claude Agent SDK. ChatGPT subscription or OPENAI_API_KEY. Per-group via agent_provider. Distinct from using OpenAI as an MCP tool (where Claude remains the planner).
add-mnemon
Add persistent graph-based memory via mnemon. Agents recall past context before responding and remember insights after each turn.
add-opencode
Use OpenCode as an agent provider (AGENT_PROVIDER=opencode). OpenRouter, OpenAI, Google, DeepSeek, etc. via OpenCode config — not the Anthropic Agent SDK. Per-session and per-group via agent_provider; host passes OPENCODE_* and XDG mount when spawning containers.
convert-to-apple-container
Switch from Docker to Apple Container for macOS-native container isolation. Use when the user wants Apple Container instead of Docker, or is setting up on macOS and prefers the native runtime. Triggers on "apple container", "convert to apple container", "switch to apple container", or "use apple container".
debug
Debug container agent issues. Use when things aren't working, container fails, authentication problems, or to understand how the container system works. Covers logs, session DBs, mounts, and common issues.
self-customize
Customize your own agent — add capabilities, install packages, add MCP servers, edit code or CLAUDE.md. Use when the user asks you to add a feature, install a tool, or modify how you work. For non-trivial code changes, delegate to a builder agent via create_agent.
add-pdf-reader
Add PDF reading to NanoClaw agents. Extracts text from PDFs via pdftotext CLI. Handles WhatsApp attachments, URLs, and local files.
convert-to-apple-container
Switch from Docker to Apple Container for macOS-native container isolation. Use when the user wants Apple Container instead of Docker, or is setting up on macOS and prefers the native runtime. Triggers on "apple container", "convert to apple container", "switch to apple container", or "use apple container".
debug
Debug container agent issues. Use when things aren't working, container fails, authentication problems, or to understand how the container system works. Covers logs, environment variables, mounts, and common issues.
agent-ops-cicd-github
Agent skill for ops-cicd-github - invoke with $agent-ops-cicd-github
build
Builds project with auto-detected toolchain (npm, poetry, cargo, go, flutter, Docker). Triggers: build, compile, bundle, produce artifacts.
ci
Detect/generate/debug CI pipeline config (GitHub Actions, GitLab CI). Triggers: CI setup, build pipeline, GitHub Actions config, debug CI, GitLab CI.
debug
Systematic debugging via logs, health checks, hypothesis-driven investigation. Triggers: debug, error, trace root cause, fix bug, reproduce symptom, investigation.
deploy
Deploys with pre-flight checks and health verification. Triggers: deploy, deployment, ship, release, push to prod.
docker-devops
Docker/K8s: Dockerfile, multi-stage, compose, manifests, Helm. Triggers: Docker, Dockerfile, container, Kubernetes, k8s, compose, Helm, pod.
evaluate
Evaluates RAG retrieval and LLM-as-judge metrics (faithfulness, relevancy, context precision). Triggers: measure RAG quality, knowledge gap, RAG eval, golden dataset.
health
Service/infra health via liveness/readiness checks, resource usage, quick diagnostics. Triggers: health check, services up, system status, infra health, degraded service.
insecure-defaults
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
ossfuzz
OSS-Fuzz provides free continuous fuzzing for open source projects. Use when setting up continuous fuzzing infrastructure or enrolling projects.
ruzzy
Ruzzy is a coverage-guided Ruby fuzzer by Trail of Bits. Use for fuzzing pure Ruby code and Ruby C extensions.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use this skill when designing zero-downtime deployment pipelines, implementing canary rollout strategies, setting up multi-environment promotion workflows, or debugging failed deployment gates in CI/CD.
distributed-tracing
Implement distributed tracing with Jaeger and Tempo to track requests across microservices and identify performance bottlenecks. Use when debugging microservices, analyzing request flows, or implementing observability for distributed systems.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
prometheus-configuration
Set up Prometheus for comprehensive metric collection, storage, and monitoring of infrastructure and applications. Use when implementing metrics collection, setting up monitoring infrastructure, or configuring alerting systems.
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimizing Python development workflows with uv.
cloud-gcp
Use this skill when architecting on Google Cloud Platform, selecting GCP services, or implementing data and compute solutions. Triggers on Cloud Run, BigQuery, Pub/Sub, GKE, Cloud Functions, Cloud Storage, Firestore, Spanner, Cloud SQL, IAM, VPC, and any task requiring GCP architecture decisions or service selection.
azure-batch
Expert knowledge for Azure Batch development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when configuring Batch pools/tasks, autoscale, containerized jobs, SDK/CLI workflows, or render/MPI workloads, and other Azure Batch related development tasks. Not for Azure HDInsight (use azure-hdinsight), Azure Databricks (use azure-databricks), Azure Kubernetes Service (AKS) (use azure-kubernetes-service), Azure Virtual Machines (use azure-virtual-machines).
azure-functions
Expert knowledge for Azure Functions development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when building HTTP/event-triggered apps, Durable Functions, Flex/Consumption hosting, containerized Functions, or CI/CD deployments, and other Azure Functions related development tasks. Not for Azure App Service (use azure-app-service), Azure Logic Apps (use azure-logic-apps), Azure Container Apps (use azure-container-apps), Azure Kubernetes Service (AKS) (use azure-kubernetes-service).
create-spring-boot-java-project
Create Spring Boot Java Project Skeleton
create-spring-boot-kotlin-project
Create Spring Boot Kotlin Project Skeleton
playwright-skill
Battle-tested Playwright patterns for writing, debugging, and scaling reliable test suites. Use when you need guidance for E2E, API, component, visual, accessibility, or security testing, plus CI/CD, CLI automation, page objects, and migration from Cypress or Selenium. TypeScript and JavaScript.
ci-cd
Design CI/CD pipelines for GitHub Actions, GitLab CI, and CircleCI with matrix builds, test sharding, caching, Docker layer caching, OIDC auth, deployment strategies (rolling, blue-green, canary), auto-rollback, self-hosted runners, and environment protection with manual approvals. Use when user asks to set up CI/CD, write a pipeline, configure GitHub Actions/GitLab CI/CircleCI, automate deployments, or set up build/test/deploy workflows. Do NOT use for Dockerfile authoring (use docker), K8s manifests (use kubernetes), or Terraform config (use terraform).
docker
Optimize Docker images with multi-stage builds, distroless bases, BuildKit cache mounts, multi-arch builds, compose watch, security hardening (non-root, seccomp, capabilities drop), and vulnerability scanning via docker scout/trivy. Use when user asks to write a Dockerfile, optimize image size, set up docker-compose, debug containers, harden container security, or scan for CVEs. Do NOT use for Kubernetes deployments (use kubernetes), CI/CD pipeline design (use ci-cd), or Terraform (use terraform).
kubernetes
Deploy, manage, and debug Kubernetes in production — Deployments, Services, Gateway API, Service Mesh (Istio/Linkerd/Cilium), eBPF observability (Cilium Hubble), security hardening (Pod Security Standards, OPA/Kyverno, seccomp, runtime security with Falco/Tetragon), Helm, HPA, PDB, topology spread, and debugging. Use when user asks to write K8s manifests, deploy to a cluster, debug pods, set up Gateway API, configure autoscaling, or harden cluster security. Do NOT use for Dockerfiles (use docker), CI/CD pipeline design (use ci-cd), or Terraform infrastructure (use terraform).
performance-profiler
Performance profiling and optimization for web apps — Core Web Vitals (LCP, INP, CLS), Lighthouse audits, bundle analysis, backend profiling (CPU, memory, DB queries), N+1 detection, caching strategies (Redis, CDN, HTTP), and performance budgets. Use when user asks to improve performance, run Lighthouse audit, profile a Node.js app, optimize Core Web Vitals, reduce bundle size, or investigate slow response times. Do NOT use for database schema optimization (use db-sculptor), Docker image optimization (use docker), or CDN configuration.
compress
Compress natural language memory files (CLAUDE.md, todos, preferences) into caveman format to save input tokens. Preserves all technical substance, code, URLs, and structure. Compressed version overwrites the original file. Human-readable backup saved as FILE.original.md. Trigger: /caveman:compress <filepath> or "compress memory file"
aws-cloudformation-task-ecs-deploy-gh
Provides patterns to deploy ECS tasks and services with GitHub Actions CI/CD. Use when building Docker images, pushing to ECR, updating ECS task definitions, deploying ECS services, integrating with CloudFormation stacks, configuring AWS OIDC authentication for GitHub Actions, and implementing production-ready container deployment pipelines. Supports ECS deployments with proper security (OIDC or IAM keys), multi-environment support, blue/green deployments, ECR private repositories with image scanning, and CloudFormation infrastructure updates.
graalvm-native-image
Provides expert guidance for building GraalVM Native Image executables from Java applications. Use when converting JVM applications to native binaries, optimizing cold start times, reducing memory footprint, configuring native build tools for Maven or Gradle, resolving reflection and resource issues in native builds, or implementing framework-specific native support for Spring Boot, Quarkus, and Micronaut. Triggers include "graalvm native image", "native executable java", "java cold start optimization", "native build tools", "ahead of time compilation java", "reflection config graalvm", "native image build failure".
langchain4j-testing-strategies
Provides unit test, integration test, and mock AI patterns for LangChain4j applications. Creates mock LLM responses, tests retrieval chains, validates RAG workflows, and implements Testcontainers-based integration tests for Java AI services. Use when unit testing AI services, integration testing LangChain4j components, mocking AI models, or testing LLM-based Java applications.
nextjs-deployment
Provides comprehensive patterns for deploying Next.js applications to production. Use when configuring Docker containers, setting up GitHub Actions CI/CD pipelines, managing environment variables, implementing preview deployments, or setting up monitoring and logging for Next.js applications. Covers standalone output, multi-stage Docker builds, health checks, OpenTelemetry instrumentation, and production best practices.
spring-boot-project-creator
Creates and scaffolds a new Spring Boot project (3.x or 4.x) by downloading from Spring Initializr, generating package structure (DDD or Layered architecture), configuring JPA, SpringDoc OpenAPI, and Docker Compose services (PostgreSQL, Redis, MongoDB). Use when creating a new Java Spring Boot project from scratch, bootstrapping a microservice, or initializing a backend application.
wiremock-standalone-docker
Provides patterns and configurations for running WireMock as a standalone Docker container. Generates mock HTTP endpoints, creates stub mappings for testing, validates integration scenarios, and simulates error conditions. Use when you need to mock APIs, create a mock server, stub external services, simulate third-party APIs, or fake API responses for integration testing.
devops
DevOps - Docker, CI/CD, cloud infra, monitoring.
docker-ops
Dockerfile best practices, multi-stage builds, docker-compose, container networking, volume management, and image optimization.
readme-refresh
Audit and update a project README, or bootstrap a new one. Detects tech stack, versions, and services.
add-mnemon
Add persistent graph-based memory to NanoClaw agents using mnemon. Agents recall context before responding and remember insights after. Each group gets isolated memory with optional global shared store.
one-way-door
Use this skill when creating new files that represent architectural decisions — data models, infrastructure configs, auth boundaries, API contracts, CI/CD pipelines, or event systems. Flags irreversible decisions and forces a discussion about trade-offs before committing.
bun-docker
Use for Docker with Bun, Dockerfiles, oven/bun image, containerization, and deployments.
model-deployment
Deploy ML models with FastAPI, Docker, Kubernetes. Use for serving predictions, containerization, monitoring, drift detection, or encountering latency issues, health check failures, version conflicts.
cloud-security--container-hardening
AWS/Azure/GCP security auditing, container and Kubernetes hardening, Infrastructure as Code scanning, and cloud compliance assessment
devops-excellence
DevOps and CI/CD expert. Use when setting up pipelines, containerizing applications, deploying to Kubernetes, or implementing release strategies. Covers GitHub Actions, Docker, K8s, Terraform, and GitOps.
deploying-infra
Validate infrastructure changes and, after explicit confirmation, apply Terraform, Helm, Kustomize, or Kubernetes deployments. Use when the user says "deploy", "deploy to staging", "terraform apply", "helm upgrade", "kubectl apply", "rollout", "deploy check", "validate deployment", or "validate infrastructure". Dockerfiles and GitHub Actions are validate-only here. NOT for ongoing service troubleshooting, cloud inspection, rollback investigation, or authoring infra from scratch; use operating-infra for those.
managing-infra
Infrastructure patterns for Kubernetes, Terraform, Helm, Kustomize, and GitHub Actions. Use when making K8s architectural decisions, choosing between Helm vs Kustomize, structuring Terraform modules, writing CI/CD workflows, or applying security best practices. NOT for cloud CLI commands (see using-cloud-cli) or deploy validation and apply workflows (see deploying-infra).
docker-ros2-development
Best practices for Docker-based ROS2 development including multi-stage Dockerfiles, docker-compose for multi-container robotic systems, DDS discovery across containers, GPU passthrough for perception, and dev-vs-deploy container patterns. Use this skill when containerizing ROS2 workspaces, setting up docker-compose for robot software stacks, debugging DDS communication between containers, configuring NVIDIA Container Toolkit for GPU workloads, forwarding X11/Wayland for rviz2 and GUI tools, or managing USB device passthrough for cameras and serial devices. Trigger whenever the user mentions Docker with ROS2, docker-compose for robots, Dockerfile for colcon workspaces, container networking for DDS, GPU containers for perception, devcontainer for ROS2, multi-stage builds for ROS2, or deploying ROS2 in containers. Also trigger for CI/CD with Docker-based ROS2 builds, CycloneDDS or FastDDS configuration in containers, shared memory in Docker, or X11 forwarding for rviz2. Covers Humble, Iron, Jazzy, and Rolling di
playwright-ci
Production-ready CI/CD configurations for Playwright — GitHub Actions, GitLab CI, CircleCI, Azure DevOps, Jenkins, Docker, parallel sharding, reporting, code coverage, and global setup/teardown.
devops
DevOps patterns: containerization, CI/CD, deployment strategies, monitoring. Use when containerizing apps, setting up pipelines, or deploying services.
e2e
执行 E2E 测试用例。 根据测试用例的验证类型(ui/api/database)选择正确的工具执行验证。
worktree
创建 Git worktree 用于隔离开发新功能或修复 bug。 自动处理分支创建、worktree 设置、目录切换和开发环境初始化。
ijfw-summarize
Generate optimized project context from codebase scan. Trigger: new project, no CLAUDE.md, /ijfw-summarize
cloud-devops
Cloud infrastructure and DevOps workflow covering AWS, Azure, GCP, Kubernetes, Terraform, CI/CD, monitoring, and cloud-native development.
container-grype
Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.
container-hadolint
Dockerfile security linting and best practice validation using Hadolint with 100+ built-in rules aligned to CIS Docker Benchmark. Use when: (1) Analyzing Dockerfiles for security misconfigurations and anti-patterns, (2) Enforcing container image security best practices in CI/CD pipelines, (3) Detecting hardcoded secrets and credentials in container builds, (4) Validating compliance with CIS Docker Benchmark requirements, (5) Integrating shift-left container security into developer workflows, (6) Providing remediation guidance for insecure Dockerfile instructions.
devops-deployment
CI/CD pipelines, containerization, Kubernetes, and infrastructure as code patterns
docker-expert
Docker containerization expert with deep knowledge of multi-stage builds, image optimization, container security, Docker Compose orchestration, and production deployment patterns. Use PROACTIVELY for Dockerfile optimization, container issues, image size problems, security hardening, networking, and orchestration challenges.
enact-docs-guide
LLM guide for creating, publishing, and running Enact tools
iac-checkov
Infrastructure as Code (IaC) security scanning using Checkov with 750+ built-in policies for Terraform, CloudFormation, Kubernetes, Dockerfile, and ARM templates. Use when: (1) Scanning IaC files for security misconfigurations and compliance violations, (2) Validating cloud infrastructure against CIS, PCI-DSS, HIPAA, and SOC2 benchmarks, (3) Detecting secrets and hardcoded credentials in IaC, (4) Implementing policy-as-code in CI/CD pipelines, (5) Generating compliance reports with remediation guidance for cloud security posture management.
kubernetes-deployment
Kubernetes deployment workflow for container orchestration, Helm charts, service mesh, and production-ready K8s configurations.
sbom-syft
Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives. Detects packages across 28+ ecosystems with multi-format output support (CycloneDX, SPDX, syft-json). Enables vulnerability assessment, license compliance, and supply chain security. Use when: (1) Generating SBOMs for container images or applications, (2) Analyzing software dependencies and packages for vulnerability scanning, (3) Tracking license compliance across dependencies, (4) Integrating SBOM generation into CI/CD for supply chain security, (5) Creating signed SBOM attestations for software provenance.
sca-trivy
Software Composition Analysis (SCA) and container vulnerability scanning using Aqua Trivy for identifying CVE vulnerabilities in dependencies, container images, IaC misconfigurations, and license compliance risks. Use when: (1) Scanning container images and filesystems for vulnerabilities and misconfigurations, (2) Analyzing dependencies for known CVEs across multiple languages (Go, Python, Node.js, Java, etc.), (3) Detecting IaC security issues in Terraform, Kubernetes, Dockerfile, (4) Integrating vulnerability scanning into CI/CD pipelines with SARIF output, (5) Generating Software Bill of Materials (SBOM) in CycloneDX or SPDX format, (6) Prioritizing remediation by CVSS score and exploitability.
otel-collector
Expert guidance for configuring and deploying the OpenTelemetry Collector. Use when setting up a Collector pipeline, configuring receivers, exporters, or processors, deploying a Collector to Kubernetes or Docker, or forwarding telemetry to Dash0. Triggers on requests involving collector, pipeline, OTLP receiver, exporter, or Dash0 collector setup.
hunt-k8s
Hunt Kubernetes & Docker — API anonymous access, kubelet 10250 exec (SPDY/WebSocket, NOT plain POST) and the simpler /run primitive, etcd 2379 unauth, dashboard skip-login, RBAC misconfig, secret/SA-token abuse, docker.sock host escape, runc/container-escape (Leaky Vessels CVE-2024-21626), API-server-mediated nodes/proxy RCE, EphemeralContainers node-shell, bound/projected SA-token audience+expiry abuse, admission-controller bypass, Helm/Tiller remnants. Use when target runs containerized infra, exposes K8s ports (6443/10250/10255/2379/8443), or cloud metadata reveals K8s service accounts.
mirror-optimizer
当用户明确要求"优化镜像源"、"配置国内镜像"、"加速部署"、"切换镜像源"或项目涉及 Docker/Python/Node.js/Go/Java/Ruby/Rust 等需要包管理器的场景时使用。自动检测项目使用的包管理器,生成适配的国内镜像源配置,确保在国内网络环境下快速部署。⚠️ 不适用:用户只是想了解镜像源概念(应直接说明)、项目已完成部署且无需优化(应直接告知无需操作)、用户明确要求使用官方源(应尊重用户选择)。
starlark-dev
Develop and debug Kurtosis Starlark packages. Create packages from scratch, understand the plan-based execution model, use print() debugging, handle future references, and test packages locally. Use when writing or troubleshooting .star files.
container-hardening
Harden container images and Kubernetes workload security contexts — distroless, multi-stage, minimal attack surface.
gitlab-ci-patterns
GitLab CI/CD pipelines — include templates, environments, OIDC auth, caching, protected runners, deployment gates.
sbom-supply-chain
Generate, attach, and verify SBOMs (CycloneDX/SPDX) for container images; implement SLSA provenance; harden software supply chain.
brainstorm
Design exploration using parallel agents through a 7-phase process: topic analysis, memory context, divergent ideation (10+ ideas), feasibility filtering, evaluation with devil's advocate scoring (0-10 across 7 dimensions), synthesis of top approaches, and trade-off comparison. Supports open exploration, constrained design, comparison, quick ideation, and iterative optimization modes. Use when brainstorming ideas, exploring solutions, or comparing alternatives.
devops-deployment
Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub Actions, Docker, Helm, and Terraform patterns.
analyzing-docker-container-forensics
Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.
genshijin-compress
自然言語メモリファイル(CLAUDE.md, todos, 設定)を原始人形式に圧縮し入力トークン削減。 技術内容・コード・URL・構造は完全保持。圧縮版が原ファイルを上書き、人間可読版は FILE.original.md として保存。「/genshijin-compress <filepath>」「メモリファイル圧縮」で起動。
datadog-analysis
Analyze Datadog error logs for Packmind production services (api-proprietary, mcp-proprietary, frontend-proprietary), group them into patterns, root-cause against the codebase, and produce a structured bug report. Triggers on Datadog, production logs, prod errors, service health, or periodic error reviews.
michel-run-local-dev-stack
The canonical recipe for starting, checking, and stopping the Packmind local dev stack with Docker Compose — the single source of truth other skills and the Michel agent defer to. Covers bringing the full stack (PostgreSQL, Redis, NestJS API, React/Vite frontend on :4200, MCP server, nginx) up in the background, the init services (dependency install + TypeORM migrations) you must wait on, the critical host-port trap that the API on container port 3000 is NOT exposed to the host and must be reached via the frontend Vite proxy at localhost:4200/api/v0, confirming the API and frontend are actually serving before you depend on them, the persistent-volume gotcha that leaves stale Postgres schema and node_modules behind between runs, building the CLI, and tearing everything down so no container is left blocking the run. Use this whenever you need Packmind running locally — to verify a change, record a UI or CLI demo, hit the API, seed data, or reproduce a bug — and whenever you are about to start or stop `docker co
upgrade-runtime-stack
Check whether newer stable versions of Node.js (24.x line), Nx, or Vite are available and, if so, generate a detailed upgrade plan markdown file at the repo root. Use this skill whenever the user asks to "check for runtime upgrades", "upgrade Node/NX/Vite", "is our Node version current", "plan a Node 24 upgrade", "refresh our runtime stack", "monthly stack check", or anything along those lines — even if they don't name a specific tool. Also use it when the user wants a recurring/cadence check of build-toolchain currency. Output is a plan only — does NOT mutate package.json, Dockerfiles, lockfiles, or any other repo file. CI/CD wrappers can invoke this skill to keep the runtime stack fresh.
error-recovery-patterns
Design gh-aw error handling, retry, recovery, and debugging flows.
delivery-bootstrap
Use when starting implementation on a new or unfamiliar codebase. Auto-detects tech stack and sets up development context.
python-engineer
Build production Python applications — FastAPI/Flask backends, async processing, data engineering with pandas, scripting automation, CLI tools with Typer, testing with pytest, type hints, virtual environments, and package management. Use when building Python backends, data pipelines, scripts, or CLI tools.
investorclaw
Deterministic-first portfolio analyzer for ZeroClaw via MCP-HTTP at localhost:18090. Holdings, performance, Sharpe + Sortino, FRED yields, bond duration, scenario rebalancing.
portability-lens
Portability review lens for evaluating environment independence, deployment flexibility, and vendor lock-in avoidance. Used by review orchestrators — not invoked directly.
aws-infrastructure
Use when working with AWS resources — ECS Fargate, ECR, EFS, Secrets Manager, gomplate templates, multi-env deployments — even when the user says 'deploy to staging' without naming AWS.
cluster-manage
Manage Kurtosis cluster settings. Switch between Docker and Kubernetes backends, list available clusters, and configure which cluster Kurtosis uses. Use when you need to change where Kurtosis runs enclaves.
devops-excellence
DevOps and CI/CD expert. Use when setting up pipelines, containerizing applications, deploying to Kubernetes, or implementing release strategies. Covers GitHub Actions, Docker, K8s, Terraform, and GitOps.
nw-devops
Designs CI/CD pipelines, infrastructure, observability, and deployment strategy. Use when preparing platform readiness for a feature.
accessing-github-repos
GitHub repository access in containerized environments using REST API and credential detection. Use when git clone fails, or when accessing private repos/writing files via API.
container-layer
Build and cache a personalized container environment from a Dockerfile-like spec. Supports both single-layer (one Containerfile -> one cached tarball) and multi-layer composition (compose [base, scientific, mojo, ...] into one container with each layer cached independently). Use when the user mentions "container layer", "Containerfile", "custom container", "environment setup", "cache my installs", "uv shim", "composable layers", or wants to persist package installations, skills, or environment config across ephemeral sessions. Also triggers when the user asks to snapshot, restore, or rebuild their environment, or wants to capture ad-hoc package installs into a reproducible spec.
gear
Managing dependencies, CI/CD optimization, Docker configuration, and operational observability (logging/alerting/health checks). Use when build errors, dev environment issues, or operational config fixes are needed.
cli-forge-infra
Ops integration assistant — reads service docs, finds the simplest config path (CLI/Helm/Operator/Terraform), builds dependency trees, proposes upgrade paths, and tracks decisions in ADRs. Use when debugging infra, integrating services, bootstrapping platforms, upgrading versions, simplifying config, or reviewing infrastructure code. Triggers on ops tool names (OpenBao, Vault, Consul, Traefik, Gitea, ArgoCD, Prometheus, Grafana, cert-manager, Istio, Linkerd, Terraform, OpenTofu, Podman, Docker, K8s, etc.) or keywords like "bootstrap", "integrate", "simplify config", "upgrade infra", "ops stack", "service mesh", "dependency tree".
ci-cd-pipeline-architecture
When configuring automated build, test, and deployment workflows for a repository.
container-orchestration
Docker and Kubernetes patterns. Triggers on: Dockerfile, docker-compose, kubernetes, k8s, helm, pod, deployment, service, ingress, container, image.
data-processing
Process JSON with jq and YAML/TOML with yq. Filter, transform, query structured data efficiently. Triggers on: parse JSON, extract from YAML, query config, Docker Compose, K8s manifests, GitHub Actions workflows, package.json, filter data.
deployment-automation
Automate application deployment to cloud platforms and servers. Use when setting up CI/CD pipelines, deploying to Docker/Kubernetes, or configuring cloud infrastructure. Handles GitHub Actions, Docker, Kubernetes, AWS, Vercel, and deployment best practices.
docker-k8s
Master containerization and orchestration with security-first approach. Expert in Docker multi-stage builds, Kubernetes zero-trust deployments, security hardening, GitOps workflows, and production-ready patterns for cloud-native applications. Includes 2025 best practices from CNCF and major cloud providers.
docker-optimizer
Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.
gcp-cloud-run
Specialized skill for building production-ready serverless applications on GCP. Covers Cloud Run services (containerized), Cloud Run Functions (event-driven), cold start optimization, and event-driven architecture with Pub/Sub.
readme
When the user wants to create or update a README.md file for a project. Also use when the user says 'write readme,' 'create readme,' 'document this project,' 'project documentation,' or asks for help with README.md. This skill creates absurdly thorough documentation covering local setup, architecture, and deployment.
security-analyzer
Comprehensive security vulnerability analysis for codebases and infrastructure. Scans dependencies (npm, pip, gem, go, cargo), containers (Docker, Kubernetes), cloud IaC (Terraform, CloudFormation), and detects secrets exposure. Fetches live CVE data from OSV.dev, calculates risk scores, and generates phased remediation plans with TDD validation tests. Use when users mention security scan, vulnerability, CVE, exploit, security audit, penetration test, OWASP, hardening, dependency audit, container security, or want to improve security posture.
system-environment-setup
Configure development and production environments for consistent and reproducible setups. Use when setting up new projects, Docker environments, or development tooling. Handles Docker Compose, .env configuration, dev containers, and infrastructure as code.
wp-docker
Docker-based WordPress development environment. Use when setting up new WordPress sites, managing Docker containers, or automating site deployment with WP-CLI.
ops-docker
Docker and Docker Compose containerization. Trigger when the user wants to dockerize an application or create containers.
devops-specialist
DevOps 与运维专家。精通 CI/CD、容器化、编排、基础设施即代码、监控告警和自动化部署。用于构建高效、可靠的软件交付流水线和运维系统。
document-project
Generate comprehensive, professional project documentation structures including README, ARCHITECTURE, USER_GUIDE, DEVELOPER_GUIDE, and CONTRIBUTING files. Use when the user requests project documentation creation, asks to "document a project", needs standard documentation files, or wants to set up docs for a new repository. Adapts to Python/Go projects and OpenSource/internal contexts.
go-documentation
Use when writing or reviewing Go documentation — godoc comments on packages, types, functions, methods, sentinel errors; runnable Example tests; README/CONTRIBUTING/CHANGELOG. Covers the project-type detection (library vs application) that decides which docs are needed, comment grammar (start with name, full sentences), what to document vs what to skip, and Example test conventions. Apply proactively when introducing exported names, even if documentation was not requested.
besser-troubleshooting
Diagnose and fix BESSER errors fast. Use this skill whenever the user is staring at a Python traceback, ImportError, ModuleNotFoundError, ValueError, TypeError, AttributeError, jinja2.TemplateNotFoundError, subprocess.CalledProcessError, or any other failure originating from BESSER (besser.BUML, besser.generators, besser.utilities). Covers installation failures (`pip install besser` errors, native dependency build failures for psycopg2/pyodbc/oracledb, Python version mismatches, Windows venv path quirks), import errors (`String` vs `StringType`, missing `bocl==0.3.1`, `antlr4-python3-runtime` version mismatch), model construction errors (spaces or hyphens in names, duplicate enum literals, invalid multiplicities, generalization-to-self, more than one is_id per class), generator crashes (Invalid DBMS, Django subprocess failures, missing GUIModel for WebApp, silent SQLGenerator failures, invalid Qiskit backend), Docker and deployment problems (port conflicts, docker-compose vs docker compose, missing system lib
cloud-gcp
Use this skill when architecting on Google Cloud Platform, selecting GCP services, or implementing data and compute solutions. Triggers on Cloud Run, BigQuery, Pub/Sub, GKE, Cloud Functions, Cloud Storage, Firestore, Spanner, Cloud SQL, IAM, VPC, and any task requiring GCP architecture decisions or service selection.
container-audit
Audit Dockerfiles and docker-compose files for base image, user privileges, secret leaks, layer efficiency, signal handling, healthchecks, and compose safety. One sub-agent per Dockerfile. Static, live (Trivy/Grype), and apply modes.
devsecops-supply-chain-audit
Audit software supply chain across every ecosystem (npm, pip, Go, Ruby, Cargo, Maven, Docker, Terraform) — pinning, vulnerabilities, secrets, SBOM, signing, branch protection, CODEOWNERS. One sub-agent per ecosystem. Three modes.
docker
Docker containerization best practices and patterns. Use this skill when creating Dockerfiles, configuring Docker Compose, optimizing images, implementing container security, or deploying to production. Covers multi-stage builds, healthchecks, and resource limits.
init-project
Use when setting up a new or existing project for AI-assisted development.
operating-infra
Author, inspect, troubleshoot, and review infrastructure across IaC, Kubernetes, cloud resources, containers, CI/CD, and Linux hosts. Use when changing Terraform/OpenTofu, Kubernetes, Helm, Kustomize, Dockerfiles, GitHub Actions, AWS, GCP, Cloud Run, BigQuery, IAM, logs, instances, or service health. NOT for deploy/apply/rollback workflows (see deploying-infra). NOT for shell scripts or generic command pipelines (see writing-shell).
devops-engineer
Creates Dockerfiles, configures CI/CD pipelines, writes Kubernetes manifests, and generates Terraform/Pulumi infrastructure templates. Handles deployment automation, GitOps configuration, incident response runbooks, and internal developer platform tooling. Use when setting up CI/CD pipelines, containerizing applications, managing infrastructure as code, deploying to Kubernetes clusters, configuring cloud platforms, automating releases, or responding to production incidents. Invoke for pipelines, Docker, Kubernetes, GitOps, Terraform, GitHub Actions, on-call, or platform engineering.
ci
GitLab CI/CD pipeline review and scaffolding for Terraform and Helm/EKS deployments. Use when user says 'review my pipeline', 'check my gitlab-ci', 'scaffold a pipeline', 'is my CI correct', or when working in .gitlab-ci.yml files.
docker
Docker operations, Dockerfile best practices, Compose, image optimization, and registry workflows. Use when user says 'review my Dockerfile', 'optimize my image', 'reduce image size', 'container won't start', 'set up compose', 'multi-stage build', or when working in Dockerfile, docker-compose*.yml, or .dockerignore files.
github
GitHub repository operations — PRs, issues, releases, branch protection, CODEOWNERS, security settings. Use when user says 'review my PR', 'create a release', 'set up branch protection', 'add CODEOWNERS', 'audit repo settings', or asks about GitHub repo configuration.
github-actions
GitHub Actions workflow review, scaffolding, and security hardening. Use when user says 'review my workflow', 'check my actions', 'scaffold a workflow', 'is my CI correct', 'pin actions', 'OIDC to AWS', or when working in .github/workflows/*.yml files.
k8s
Kubernetes and Helm review and scaffolding for EKS workloads. Use when user says 'review my helm values', 'before I deploy', 'scaffold a new service', 'check values.yaml', or when working in values.yaml, Chart.yaml, or Helm template files.
tf
Generic Terraform review, scaffolding, and version upgrades for AWS infrastructure using the terraform-aws-modules ecosystem. Use when user says 'review my terraform', 'before I raise an MR', 'scaffold a lambda/rds/s3/eks/vpc', 'check my .tf files', 'upgrade provider', or when working in .tf or .tfvars files. NOTE: if the repo has an `_modules/` directory wrapping `clouddrove/*/aws` modules, use /clouddrove:wrapper-tf instead — the two patterns conflict.
wrapper-tf
Team standard for AWS Terraform repos built on the CloudDrove wrapper-module pattern. Use when working in a repo with an `_modules/` directory that wraps `clouddrove/*/aws` modules, scaffolding a new wrapper module, generating Terraform GitHub Actions CI, reviewing wrapper-pattern PRs, or mapping the pattern to SOC2/GDPR controls. Supersedes /tf on CloudDrove repos.
deploy-check
Pre-deploy verification — build, smoke, env-var sanity
channel-setup
Guided channel activation for local/tmux users — installs the plugin, configures the bot token in the project-local state dir, and walks through pairing. Run after hatch or hermit-settings to activate a configured channel.
docker-setup
Generates Docker scaffolding and walks the operator through the full deployment — token setup, build, start, MCP plugin configuration, workspace trust, and verification. Offers to back up and overwrite existing Docker files. Run after /hatch.
clawker-support
Use when the user asks about clawker setup, configuration, troubleshooting, or onboarding. Acts as a clawker internals expert — understands how config maps to generated Dockerfiles, where to add packages vs scripts vs injection points, firewall architecture, MCP setup, credential forwarding, and container lifecycle. Use when the user mentions clawker config, .clawker.yaml, blocked domains, build errors, Docker image build failures, post_init, pre_run, build.packages, container networking, or container issues — even without saying "clawker" explicitly.
routeros-app-yaml
RouterOS /app YAML format for container applications (7.21+ builtin app, 7.22+ custom YAML creation). Use when: writing or validating RouterOS /app YAML files, working with MikroTik container apps, building docker-compose-like definitions for RouterOS, creating /app store schemas, debugging /app validation errors, or when the user mentions /app, tikapp, or RouterOS container YAML.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use when architecting deployment workflows, setting up continuous delivery, or implementing GitOps practices.
distributed-tracing
Implement distributed tracing with Jaeger and Tempo to track requests across microservices and identify performance bottlenecks. Use when debugging microservices, analyzing request flows, or implementing observability for distributed systems.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
prometheus-configuration
Set up Prometheus for comprehensive metric collection, storage, and monitoring of infrastructure and applications. Use when implementing metrics collection, setting up monitoring infrastructure, or configuring alerting systems.
docker-compose-generator
Generates production-ready docker-compose.yml files for any application stack.
openstack-kolla-ansible
Kolla-Ansible deployment engine skill for containerized OpenStack lifecycle management. Use when bootstrapping, deploying, reconfiguring, or upgrading OpenStack environments. Covers globals.yml configuration, inventory management, container operations, rolling upgrades, password management, and troubleshooting deployment failures across all service containers. This is the meta-skill that manages the deployment lifecycle for all OpenStack services.
analyzing-projects
Analyzes codebases to understand structure, tech stack, patterns, and conventions. Use when onboarding to a new project, exploring unfamiliar code, or when asked "how does this work?" or "what's the architecture?"
azd-deployment
Deploy containerized applications to Azure Container Apps using Azure Developer CLI (azd). Use when setting up azd projects, writing azure.yaml configuration, creating Bicep infrastructure for Container Apps, configuring remote builds with ACR, implementing idempotent deployments, managing environment variables across local/.azure/Bicep, or troubleshooting azd up failures. Triggers on requests for azd configuration, Container Apps deployment, multi-service deployments, and infrastructure-as-code with Bicep.
azure-prepare
Default entry point for Azure application development. Invoke this skill for ANY application work related to Azure: creating apps, building features, adding components, updating code, migrating, or modernizing. Analyzes your project and prepares it for Azure deployment by generating infrastructure code (Bicep/Terraform), azure.yaml configuration, and Dockerfiles. USE FOR: create an app, build a web app, create API, create frontend, create backend, add a feature, build a service, make an application, develop a project, migrate my app, modernize my code, update my application, add database, add authentication, add caching, deploy to Azure, host on Azure, Azure with Terraform (defaults to azd+Terraform), Azure with azd, generate azure.yaml, generate Bicep or Terraform, prepare Azure Functions. DO NOT USE FOR: only validating an already-prepared app (use azure-validate), only running azd up/deploy (use azure-deploy), pure Terraform without azd (prefer azd+Terraform).
claude-settings-audit
Analyze a repository to generate recommended Claude Code settings.json permissions. Use when setting up a new project, auditing existing settings, or determining which read-only bash commands to allow. Detects tech stack, build tools, and monorepo structure.
containerizing-applications
Containerizes applications with Docker, docker-compose, and Helm charts. Use when creating Dockerfiles, docker-compose configurations, or Helm charts for Kubernetes. Includes Docker Hardened Images (95% fewer CVEs), multi-stage builds, and 15+ battle-tested gotchas.
deploying-cloud-k8s
Deploys applications to cloud Kubernetes (AKS/GKE/DOKS) with CI/CD pipelines. Use when deploying to production, setting up GitHub Actions, troubleshooting deployments. Covers build-time vs runtime vars, architecture matching, and battle-tested debugging.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use when architecting deployment workflows, setting up continuous delivery, or implementing GitOps practices.
devops-iac-engineer
Implements infrastructure as code using Terraform, Kubernetes, and cloud platforms. Designs scalable architectures, CI/CD pipelines, and observability solutions. Provides security-first DevOps practices and site reliability engineering guidance.
distributed-tracing
Implement distributed tracing with Jaeger and Tempo to track requests across microservices and identify performance bottlenecks. Use when debugging microservices, analyzing request flows, or implementing observability for distributed systems.
docker-helper
Docker Compose generation, optimization, and troubleshooting assistance.
docker-workflow
Comprehensive Docker containerization workflow covering multi-stage builds, docker-compose orchestration, image optimization, debugging, and production best practices. Use when containerizing applications, setting up development environments, or deploying with Docker.
gen-env
Creates, updates, or reviews a project's gen-env command for running multiple isolated instances on localhost. Handles instance identity, port allocation, data isolation, browser state separation, and cleanup.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
infrastructure
Infrastructure as Code patterns for deploying Guts nodes using Terraform, Docker, and Kubernetes
microsoft-foundry
Use this skill to work with Microsoft Foundry (Azure AI Foundry) and tools from Foundry MCP server: deploy AI models, manage AI agents (create, deploy, invoke, run, troubleshoot Foundry Agents), manage RBAC permissions and role assignments, manage quotas and capacity, create Foundry resources. USE FOR: Microsoft Foundry, AI Foundry, create agent, deploy agent, debug agent, invoke agent, run agent, agent chat, evaluate agent, agent monitoring, deploy model, model catalog, knowledge index, create Foundry project, new Foundry project, set up Foundry, onboard to Foundry, create Foundry resource, create AI Services, AIServices kind, register resource provider, enable Cognitive Services, setup AI Services account, create resource group for Foundry, RBAC, role assignment, quota, capacity, TPM, deployment failure, QuotaExceeded. DO NOT USE FOR: Azure Functions (use azure-functions), App Service (use azure-create-app), generic Azure resource creation (use azure-create-app).
operating-k8s-local
Operates local Kubernetes clusters with Minikube for development and testing. Use when setting up local K8s, deploying applications locally, or debugging K8s issues. Covers Minikube, kubectl essentials, local image loading, and networking.
prometheus-configuration
Set up Prometheus for comprehensive metric collection, storage, and monitoring of infrastructure and applications. Use when implementing metrics collection, setting up monitoring infrastructure, or configuring alerting systems.
routeros-app-yaml
RouterOS /app YAML format for container applications (7.21+ builtin app, 7.22+ custom YAML creation). Use when: writing or validating RouterOS /app YAML files, working with MikroTik container apps, building docker-compose-like definitions for RouterOS, creating /app store schemas, debugging /app validation errors, or when the user mentions /app, tikapp, or RouterOS container YAML.
suggesting-tooling
Analyzes a codebase and suggests custom Claude Code skills and subagents to improve development workflow. Use when user wants tooling suggestions, automation ideas, or asks "what skills would help this project".
write-app-change-log
Generates and updates the latest app changelog based on git history since the last version tag.
agentic-governance
Hardened constitutional governance — F1-F13 floor enforcement with Quad-Witness consensus for all actions
notion
Notion workspace — read/write pages, databases, search, create tasks via Notion API
oss-docs
Scaffold and audit OSS documentation packs for open source projects. Triggers: "add OSS docs", "setup contributing guide", "add changelog", "prepare for open source", "add AGENTS.md", "OSS documentation".
dev-prisma
Development with Prisma ORM (schema, migrations, type-safe queries, Accelerate, transactions). Trigger when the user wants to add a model, create a migration, optimize Prisma queries, or when schema.prisma is detected in the project.
web-scraping
Clean LLM-ready web scraping via Firecrawl (scrape/crawl/map/extract/search). Trigger when the user wants to extract content from a page, crawl a site, collect structured data, bypass anti-bot/JS-rendering, or perform a web search with integrated extraction. Fallback to Playwright/curl if Firecrawl is unavailable.
deploy-verify
Post-deploy smoke test combining all 5 MCPs (Sentry + Supabase + Langfuse CLI + Playwright + Firecrawl) into one workflow. Auto-detects deployment context, checks Sentry for new errors (with Seer AI root-cause on P0s), verifies Supabase migration health and logs, confirms Langfuse trace pipeline, runs Playwright smoke test on critical paths, and produces a ship-or-rollback verdict. Works with any project. Use when asked to: "verify deploy", "post-deploy check", "smoke test production", "check if deploy is healthy", "ship or rollback", "post-release check", "verify release", "deploy health check", or "run post-deploy".
docker-devops
Create optimized Docker configurations, docker-compose setups, Kubernetes manifests, and CI/CD pipelines. Use when containerizing applications, setting up deployment infrastructure, or automating builds. Triggers on: Docker, Dockerfile, container, docker-compose, Kubernetes, k8s, CI/CD, GitHub Actions, deployment.
add-pdf-reader
Add PDF reading to Deus agents. Extracts text from PDFs via pdftotext CLI. Handles WhatsApp attachments, URLs, and local files.
convert-to-apple-container
Switch from Docker to Apple Container for macOS-native container isolation. Use when the user wants Apple Container instead of Docker, or is setting up on macOS and prefers the native runtime. Triggers on "apple container", "convert to apple container", "switch to apple container", or "use apple container".
debug
Debug container agent issues. Use when things aren't working, container fails, authentication problems, or to understand how the container system works. Covers logs, environment variables, mounts, and common issues.
docker-awareness
Dockerfile patterns, compose, multi-stage builds for development awareness. [EXPLICIT] Trigger: "docker awareness"
ccc-devops
complete DevOps ecosystem — 21 skills in one. Deployments, CI/CD, containers, AWS, monitoring, security, IaC, networking, and runbooks.
nasde-benchmark-creator
Create coding agent benchmarks for evaluation with nasde. Use this skill when the user wants to: - Create a new benchmark project (set of tasks for evaluating coding agents) - Add tasks to an existing benchmark - Create or modify agent variants (configurations that control agent behavior) - Set up assessment dimensions and scoring criteria - Verify that a new benchmark's Docker environment and tests work Even if the user doesn't say "benchmark" — if they're talking about creating coding challenges for AI agents or setting up evaluation criteria, this skill applies.
nasde-benchmark-from-history
Generate benchmark tasks from git history of the current or specified repository. Use this skill when the user wants to: - Create benchmark tasks based on real problems their team already solved (closed PRs, past commits, resolved issues) - Mine git history for good evaluation candidates - Turn a commit range or set of PRs into a NASDE benchmark - Build a regression test suite from their team's actual work Even if the user doesn't say "benchmark" — if they're talking about turning past work into evaluation tasks, or want to test AI agents against problems they've already solved, this skill applies.
nasde-benchmark-from-public-repos
Build diverse benchmark task suites from public GitHub repositories for testing universal skills. Use this skill when the user wants to: - Create a benchmark that spans multiple public repositories and languages - Test a universal skill (refactoring, test writing, code review, etc.) across diverse codebases - Curate a representative set of repos and tasks for cross-codebase validation - Build an evaluation suite for a skill that should work in any repository Even if the user doesn't say "benchmark" — if they're building a skill meant to work everywhere and want to validate it across many different projects, this skill applies.
open-webui-embeddings
Wire HuggingFace embedding + reranker models (BGE-M3, BGE-Reranker-v2-m3, etc.) into Open WebUI's RAG pipeline via LiteLLM proxying HuggingFace Text Embeddings Inference (TEI). Covers the exact wire shapes Open WebUI sends (URL auto-append on embed but NOT rerank; payload + response shapes for both modes), the LiteLLM-TEI gotchas (encoding_format=null trap, HF-driver task_type misdetection, openai vs huggingface driver tradeoffs), TEI config cliffs (max-client-batch-size 422 under hybrid search, max-batch-tokens AS the auto-truncate boundary, arch-specific Docker images), and the end-to-end production config. BGE-M3 + BGE-Reranker-v2-m3 are worked examples; patterns generalise to any TEI encoder.
vllm-benchmarking
Run production vLLM benchmarks — `vllm bench` (serve, throughput, latency, sweep, startup, mm-processor), request-rate vs max-concurrency semantics, TTFT/TPOT/ITL/E2EL percentiles, goodput SLO measurement, prefix-cache workloads, air-gapped operation (HF_ENDPOINT, ModelScope, hf-mirror, offline cache). Methodology split — SLO health checks vs A/B change sweeps — plus pitfalls that produce misleading numbers (no warmup, wrong tokenizer, random-as-prod, `--request-rate inf` alone).
vllm-configuration
Configure vLLM completely — YAML config file format, CLI arg precedence, full VLLM_*/HF_*/TRANSFORMERS_* env-var catalog, end-to-end recipe for air-gapped environments (internal HF mirrors, hf-mirror.com, ModelScope, HF_HUB_OFFLINE with pre-seeded cache, gated models offline, trust_remote_code supply-chain implications). VLLM_HOST_IP vs API-host confusion, Kubernetes-service-named-`vllm` env-var poisoning, usage-stats triple opt-out, YAML precedence surprises.
vllm-observability
Observe production vLLM — `/metrics` Prometheus surface (V1 engine), SLO-driven alerting on TTFT/ITL/queue/KV/preemption/aborts/corrupted-logits, shipping Grafana dashboards in `examples/observability/`, OTLP tracing with `--otlp-traces-endpoint` and `--collect-detailed-traces={model,worker,all}`, diagnostic rules to triage from /metrics alone — queue-grows + TPOT-stable means capacity, queue-stable + TPOT-grows means context/model, DCGM `SM_OCCUPANCY` is the real GPU-saturation signal not `GPU_UTIL`. V1 metric names (kv_cache_usage_perc), gpu_→kv_ rename saga, DCGM-exporter pairing, dashboard-lying pitfalls.
genesis
Orquestrador principal do Genesis Framework. Constrói software do zero (ou evolui projetos existentes) a partir de uma descrição em linguagem natural. Coordena todos os agentes especialistas, gera arquitetura, ADRs, contratos, sprints e implementação. Funciona com qualquer linguagem, framework ou banco de dados. Ative com /genesis.
genesis-devops
Agente DevOps do Genesis. Gera infraestrutura como código: Docker, Docker Compose, CI/CD pipelines, configuração de ambientes, monitoring e observabilidade. Adapta-se ao cloud e ferramentas escolhidas pelo architect.
genesis-docs
Agente de Documentação do Genesis. Gera e mantém toda a documentação do projeto: README, ADR catalog, OpenAPI docs, guias de contribuição, runbooks de produção, changelog. Documenta o PORQUÊ, não o QUÊ. Sincroniza documentação com código.
genesis-scout
Agente Scout do Genesis. Mapeia projetos existentes antes de qualquer geração de código. Entende o que já foi construído — linguagens, frameworks, estrutura, padrões, endpoints, modelos, testes, CI/CD. Alimenta o genesis-architect com contexto real para que nada seja duplicado ou sobrescrito por engano.
compose
Docker Compose 编排
dockerfile
Dockerfile 编写最佳实践
infra-deploy
Cal.com self-hosted deployment to GCP Cloud Run with Supabase PostgreSQL. Docker Compose for local dev.
docker-compose-generator
Generates multi-stage Dockerfiles and docker-compose configurations optimized for size, security, and development workflow. Covers common stacks including Node.js, Python, Java, and Go. Triggers on: "create Dockerfile", "docker-compose", "containerize", "docker setup".
cicd-pipelines
CI/CD pipeline design and DevOps automation — use when the user mentions GitHub Actions, GitLab CI, Jenkins, Terraform, infrastructure as code, DevSecOps, ArgoCD, Kubernetes deployment automation, or pipeline configuration YAML. NOT for release orchestration or semantic-release workflows (use git-workflow), NOT for Docker containers or Dockerfiles (use docker-containerization), NOT for git branching or commits (use git-workflow).
docker-containerization
Docker and container development — use when the user mentions Dockerfiles, multi-stage builds, Docker Compose, container optimization, image size reduction, DDEV, containerization, or dev environment setup with containers. NOT for CI/CD pipeline YAML or pipeline configuration (use cicd-pipelines), NOT for workflow orchestration or release automation (use workflow-automation), NOT for Kubernetes or container orchestration platforms (use cloud-native tooling).
deploy-from-stale-worktree-silent-rollback
Diagnose "I deployed a new Cloud Run / Docker image but a bunch of recently merged fixes regressed in production." Use when: (1) the deploy script does `gcloud builds submit ... "${SCRIPT_DIR}"` or `docker build <dir>` (build context = local filesystem, NOT a git ref), (2) the user has many git worktrees / multiple checkouts of the same repo, (3) the user reports "redeployed but the fix from PR #X isn't live" or "lots of fixes regressed after my deploy", (4) the deployed revision created at time T was authored by the user themselves (not CI). Root cause: deploy was run from a worktree whose HEAD predates the merged PRs; the build packaged stale local files, silently rolling back N commits worth of merged fixes. Provides the authoritative diagnostic (download Cloud Build source tarball + byte-diff against git history to identify the source commit) and the fix (rebuild from current main checkout, or instant traffic-switch rollback to the last known-good revision). v1.1 adds a pre-deploy preflight (5 lines from
docs-branch-off-feature-branch-smuggles-code
Catch the bug class where a "docs follow-up" PR silently ships the parent feature's code under a `docs(sN):` title because the docs branch was created from the current working branch (a feature branch), not from `origin/main`. Use when: (1) you just opened a PR titled `docs(...)` or `chore(...)` after wrapping up a feature session, (2) `gh pr diff <N> --name-only` shows files OUTSIDE `docs/` (source code, Dockerfile, tests, generated artefacts), (3) `git log origin/main..HEAD` shows TWO+ commits where you only authored one or two docs commits, (4) the surprise commit author/message is from your own earlier feature work on the parent branch, (5) the PR body claims "docs-only" but the actual diff carries code. Trigger surface: end-of-session handoff workflows that `git checkout -b docs/sN-handoff` from inside a feature worktree that's still on `feat/sN-feature`. Squash-merging such a PR auto-promotes the feature code under a "docs" title — bypassing the planned merge-and-deploy gate for the feature PR, and sile
subagent-driven-branch-ref-froze-stranded-commits
Diagnose and recover from "PR merged, but half my work is missing from main" cases in `superpowers:subagent-driven-development` (or similar one-fresh- subagent-per-task) sessions, where committed work survives in the worktree's `HEAD` chain but never makes it into the pushed branch ref. Use when ANY of these appears: (1) `gh pr view <N>` body claims "M files changed, N insertions" but `gh pr diff <N> --name-only | wc -l` returns a smaller number than you expect (canary: PR-body file count > actual squash-commit file count), (2) the merged squash commit on main is MISSING entire files you remember creating (Dockerfile, route handler, deploy artefact, etc.) — and you wrote AND committed them per the subagent reports, (3) `git rev-parse HEAD` ≠ `git rev-parse <feature-branch>` in the worktree (HEAD is ahead), (4) `git reflog show <feature-branch>` ends earlier than `git log --oneline` on the same worktree (reflog gap = stranded zone), (5) tests that passed locally during the session now fail on main because file
docker
Manage the workflow engine's Docker Compose stack. Use when starting, stopping, rebuilding containers, or resetting the database.
review
Use after writing code to get a thorough code review. Runs two passes — structural correctness then adversarial edge-case hunting. Scales depth by diff size. Supports --quick, --standard, --thorough modes. Triggers on /review.
devcontainer-generator
Generate devcontainer setups by scanning CWD for tech stack and infra services. Triggers on devcontainer, dev container, devcontainer.json, development container, containerized development, VS Code Remote Containers, GitHub Codespaces. Produces devcontainer.json, Dockerfile, Docker Compose, post-create scripts, firewall rules, and DEVCONTAINER.md summary. Uses an 11-step interactive workflow (Steps 0–9 with Step 1b for host credential sharing).
ci-cd-pipeline
配置 CI/CD 流水线时使用。快、稳、可重复、可回滚。
docker-best-practices
写 Dockerfile / 容器化应用时使用。镜像小、构建快、运行安全。
integration-testing
写集成/端到端测试时使用。测真实交互,稳定不脆弱。
azure-hosted-copilot-sdk
Build and deploy GitHub Copilot SDK apps to Azure. USE FOR: build copilot app, create copilot app, copilot SDK, @github/copilot-sdk, scaffold copilot project, copilot-powered app, deploy copilot app, host on azure, azure model, BYOM, bring your own model, use my own model, azure openai model, DefaultAzureCredential, self-hosted model, copilot SDK service, chat app with copilot, copilot-sdk-service template, azd init copilot, CopilotClient, createSession, sendAndWait, GitHub Models API. DO NOT USE FOR: using Copilot (not building with it), Copilot Extensions, Azure Functions without Copilot, general web apps without copilot SDK, Foundry agent hosting (use microsoft-foundry skill), agent evaluation (use microsoft-foundry skill).
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimizing Python development workflows with uv.
deploy
Deployment strategy, production-readiness gating, and rollback planning for AWS/EKS services. Use when user says 'how should I deploy this', 'blue-green or canary', 'are we ready to ship', 'production readiness', 'plan a rollback', 'pre-deploy check', or before a first production release. Pairs with /k8s, /ci, /github-actions, /tf which own the per-artifact checks.
finops
AWS cost optimization — waste detection, right-sizing, Savings Plans, RIs, EKS cost, multi-account governance. Use when user says 'reduce AWS bill', 'find waste', 'right-size this', 'should I buy SP or RI', 'gp2 vs gp3', 'EKS is expensive', 'NAT gateway cost', or asks about AWS cost optimization.
owasp
Security review against OWASP Top 10:2025, ASVS 5.0, and Agentic AI risks. Use when user says 'review for security', 'is this secure', 'check for vulnerabilities', 'review auth/authorization', 'check input handling', or when writing cryptography, session management, or AI agent code.
check
Check phase. Launches parallel review (code quality + security + tests) with scope-based extras (API contract, accessibility, migration safety). Outputs PASS/WARN/FAIL per dimension with spec coverage verification.
setup
Generate install scripts, Docker config, and README for any project. One-command setup, platform agnostic. Keywords: install, setup, deploy, docker, readme, run, start, build
devops
DevOps practices, CI/CD, and infrastructure management
scraperapi-cli
Product-usage reference for the official ScraperAPI command-line tool (`sapi`, distributed as `scraperapi-cli`). Use this skill whenever the user wants to scrape, run async jobs, fetch structured data, manage crawls, check account credits, or drive DataPipeline projects from a terminal or shell script — anywhere a one-liner is more convenient than writing SDK code. Trigger on: "scrape this URL from the terminal", "use sapi to fetch X", "ScraperAPI CLI", "ScraperAPI from bash", "sapi scrape", "sapi cost", "sapi jobs", "sapi structured amazon", "pipe ScraperAPI into jq", "shell one-liner to scrape Y", "scrape from a Makefile / cron / CI", "check my ScraperAPI credits from the command line", "submit 10000 URLs as a batch from a file". Covers install, auth resolution order, every top-level command (`scrape`, `cost`, `jobs`, `structured`, `crawler`, `pipeline`, `account`, `config`, `init`), JSON / piping behaviour, pre-flight cost checks, and common shell recipes.
devops-engineer
Use when setting up CI/CD pipelines, containerizing applications, or managing infrastructure as code. Invoke for pipelines, Docker, Kubernetes, cloud platforms, GitOps.
define-deployment
Capture deployment characteristics for both production and development — hosting, IaC, CI/CD, secrets, observability, local dev environment, containerization, hot reload, and seed data. Use when the project-builder agent is gathering deployment information.
analyzing-projects
Analyzes codebases to understand structure, tech stack, patterns, and conventions. Use when onboarding to a new project, exploring unfamiliar code, or when asked "how does this work?" or "what's the architecture?"
doctor
Audits any project for security, test coverage, and Claude Code automation. 46 checks across 6 layers: secrets, CLAUDE.md, hooks, skills, agents, rules, MCP, CI, memory. Adaptive scoring — auto-detects project maturity (Starter/Growing/Mature/Pro). Diagnoses gaps, prescribes project-specific fixes, applies them. Usage: /doctor — full audit (all 6 layers) /doctor quick — TOP-3 priorities + score (30 seconds) /doctor scan — diagnose only (no changes) /doctor fix — prescribe + apply fixes /doctor layer <N> — audit specific layer (0-5) /doctor verify — health check Triggers: "/doctor", "audit", "setup automation", "configure Claude Code", "project health", "what's missing", "security check", "аудит", "проверь проект"
container-optimize
Docker/container optimization for size, layers, caching, and security
devex-review
Audit the developer experience of your project — setup friction, onboarding clarity, local dev loop speed, tooling consistency, and documentation gaps. Produces a DX scorecard and prioritized improvement list. Inspired by gstack's devex-review skill.
skill-manager
Detect project tech stack and disable irrelevant skills to save context window space. Use when the user says "manage skills", "optimize skills", "disable irrelevant skills", "skill manager", or asks which skills are relevant for this project.
dependency-versions
MUST consult this skill before answering whenever the user's task involves external versioned dependencies — even if you think you can handle it directly. This applies to: checking if packages/tools are up to date, upgrading npm/pip/cargo/go dependencies, planning or writing CI/CD workflows (GitHub Actions, CircleCI, GitLab CI), pinning action versions, reviewing Dockerfiles or base images, checking Terraform providers or modules for drift, reviewing Helm chart versions, verifying Kubernetes/EKS/cloud resource versions, updating pre-commit hooks, writing Dependabot configs, or any task where the user mentions specific version numbers, package names, or config files like package.json, pyproject.toml, Dockerfile, .pre-commit-config.yaml, main.tf, or values.yaml. Even casual requests like "is this still current" or "has anything drifted" require this skill because your training data is unreliable for volatile version facts. Do NOT use for: refactoring code, writing tests, debugging errors, designing APIs, or tas
demo-record
Launch the self-recording Grackle demo. Builds Docker images, cleans state, provisions environments, creates project/task, and starts the demo recording agent.
agenticx-deployer
Guide for deploying AgenticX agents to production including Docker containerization, Kubernetes orchestration, Volcengine AgentKit cloud deployment, and API server setup. Use when the user wants to deploy agents, containerize applications, set up Kubernetes, configure cloud deployment, or run the AgenticX API server in production.
agenticx-deployer
Guide for deploying AgenticX agents to production including Docker containerization, Kubernetes orchestration, Volcengine AgentKit cloud deployment, and API server setup. Use when the user wants to deploy agents, containerize applications, set up Kubernetes, configure cloud deployment, or run the AgenticX API server in production.
agenticx-deployer
Guide for deploying AgenticX agents to production including Docker containerization, Kubernetes orchestration, Volcengine AgentKit cloud deployment, and API server setup. Use when the user wants to deploy agents, containerize applications, set up Kubernetes, configure cloud deployment, or run the AgenticX API server in production.
depgen-k8s
Generate a Dockerfile and Kubernetes manifests for an application targeting a single environment. Supports Spring Boot (Java), Laravel (PHP), and Node.js application stacks. Auto-detects the stack from project files (pom.xml, composer.json, package.json), reads CLAUDE.md dependencies, SPECIFICATION.md tech stack, and the application's externalized environment variables. Generates a Dockerfile in the application root folder and Kubernetes manifest YAML files directly in `<app_folder>/k8s/` (no per-environment subfolders — the k8s/ folder is gitignored, each machine maintains its own copy). Standardized input: application name (mandatory), environment (optional). Use this skill whenever the user asks to create deployment artifacts, Dockerfiles, Kubernetes manifests, or containerize an application. Also trigger when the user says things like "deploy this app", "containerize this", "create a Dockerfile", "generate k8s manifests", or any request for deployment-related artifacts.
docker-ros2-development
Best practices for Docker-based ROS2 development including multi-stage Dockerfiles, docker-compose for multi-container robotic systems, DDS discovery across containers, GPU passthrough for perception, and dev-vs-deploy container patterns. Use this skill when containerizing ROS2 workspaces, setting up docker-compose for robot software stacks, debugging DDS communication between containers, configuring NVIDIA Container Toolkit for GPU workloads, forwarding X11/Wayland for rviz2 and GUI tools, or managing USB device passthrough for cameras and serial devices. Trigger whenever the user mentions Docker with ROS2, docker-compose for robots, Dockerfile for colcon workspaces, container networking for DDS, GPU containers for perception, devcontainer for ROS2, multi-stage builds for ROS2, or deploying ROS2 in containers. Also trigger for CI/CD with Docker-based ROS2 builds, CycloneDDS or FastDDS configuration in containers, shared memory in Docker, or X11 forwarding for rviz2. Covers Humble, Iron, Jazzy, and Rolling di
meshullam-infra-design-craft
How Meshullam designs infrastructure topology — C4 diagrams, Docker Compose / Terraform / Helm structure, network layout, service connections, the no-:latest rule and resource-tagging discipline, the explicit-trade-off requirement on every topology decision. Invoke when an IaC change or topology decision is in scope.
openshift-app
Package applications for OpenShift deployment: container images (UBI, arbitrary UID, multi-stage builds), packaging formats (Helm, Kustomize, Operators, OLM v1), CI/CD (Tekton, ArgoCD, Shipwright, Conforma), security (SCC, PSA, supply chain, image signing, secrets), operations (Routes, probes, scaling, monitoring, storage), disconnected/air-gapped patterns, and critical gotchas. Also when an app "works on Kubernetes but fails on OpenShift" (SCC denied, random/arbitrary UID, permission errors). Covers OCP 4.14-4.21. NOT for cluster installation or infrastructure management.
setup-dev-env
開発環境セットアップスキル(依存関係インストール、DB初期化、環境変数設定)
uselink-onboarding
Scan a codebase and generate a new-developer onboarding guide as HTML, then publish to uselink. Use when the user wants to create a getting-started guide, onboard a new team member, or share 'how to work in this repo' docs.
dare-ax
Agent Experience (AX) — codifica padrões para desenvolvimento assistido por IA em três planos (Discovery, Usage, Defense). Garante que todo projeto DARE exponha sinais estruturados (llms.txt, OpenAPI, --json, rate limit) que agentes de código precisam para trabalhar sem refactor desnecessário.
dare-docker
Containerização DARE com Dockerfile e docker-compose seguros, performantes e idiomáticos. Multi-stage builds, usuário não-root, healthchecks, redes isoladas, .dockerignore robusto. Cobre PHP/Laravel, Python/FastAPI, Node, Go, Rust, Rails e Vue.
tenet-accessibility
Audits web accessibility issues in HTML, JSX, TSX, Vue, and Svelte UI code.
tenet-build-ci
Audits CI, reproducible builds, lockfiles, pinned tools, secret handling, and image security.
tenet-dependencies
Audits dependencies for CVEs, stale packages, duplicates, unused deps, and outdated versions.
tenet-docs
Audits README/API docs, ADRs, changelog, documentation coverage, and freshness.
tenet-infra-cloud
Audits IaC and cloud risks: exposure, IAM wildcards, encryption, buckets, Kubernetes, and drift.
tenet-performance
Audits performance risks: N+1 queries, sync I/O, indexes, leaks, bundles, and rerenders.
tenet-release-ops
Audits release readiness, rollback, feature flags, env drift, runbooks, SLOs, and smoke checks.
tenet-security
Audits security vulnerabilities including injection, auth, validation, crypto, SSRF, CORS, and CSRF.
tenet-supply-chain-license
Audits dependency provenance, lockfiles, action/image pinning, licenses, and supply-chain risk.
init-project
Quick-start Claude Code configuration. Auto-detects stack, asks 4 questions to understand the project, generates complete config.
senior-ml-engineer
ML engineering skill for productionizing models, building MLOps pipelines, and integrating LLMs. Covers model deployment, feature stores, drift monitoring, RAG systems, and cost optimization. Use when the user asks about deploying ML models to production, setting up MLOps infrastructure (MLflow, Kubeflow, Kubernetes, Docker), monitoring model performance or drift, building RAG pipelines, or integrating LLM APIs with retry logic and cost controls. Focused on production and operational concerns rather than model research or initial training.
docker-skills
Docker containerization patterns, best practices, and multi-stage builds
agf-running-sit-tests
Use when an execution-layer dev (frontend-dev / backend-dev / ai-agent-dev / ml-engineer / miniapp-dev) has finished feature code + Unit tests and is about to enter code-review. Provides the SIT scope, environment, AC-driven integration walk, and evidence sink (progress/<role>.md). SIT is now a dev-owned step, not a separate QA stage.
agfrunning-sit-tests
Use when an execution-layer dev (frontend-dev / backend-dev / ai-agent-dev / ml-engineer / miniapp-dev) has finished feature code + Unit tests and is about to enter code-review. Provides the SIT scope, environment, AC-driven integration walk, and evidence sink (progress/<role>.md). SIT is now a dev-owned step, not a separate QA stage.
openspec-apply-change
Implement tasks from an OpenSpec change. Use when the user wants to start implementing, continue implementation, or work through tasks.
openspec-archive-change
Archive a completed change in the experimental workflow. Use when the user wants to finalize and archive a change after implementation is complete.
openspec-explore
Enter explore mode - a thinking partner for exploring ideas, investigating problems, and clarifying requirements. Use when the user wants to think through something before or during a change.
openspec-propose
Propose a new change with all artifacts generated in one step. Use when the user wants to quickly describe what they want to build and get a complete proposal with design, specs, and tasks ready for implementation.
sqlite-database-expert
Expert in SQLite embedded database development for Tauri/desktop applications with focus on SQL injection prevention, migrations, FTS search, and secure data handling
repo-tour
Generate a comprehensive onboarding guide for any codebase. Produces a REPO_TOUR.md with a 30-second summary, annotated directory tree, Mermaid architecture diagram, key files list, and "where to look for X" quick-reference. Use when you're new to a codebase, onboarding a team member, or need to document the overall structure. Also useful after a major refactor to update understanding. Triggers on: "このリポジトリを説明して", "コードベースを理解したい", "repo tour", "architecture overview", "repo-tour", "onboarding", "どこから読めばいい". DO NOT USE FOR: editing code, fixing bugs, or creating documentation beyond structure.
fastreact
Scaffold and build a full-stack web app: FastAPI backend (Python, uv, SQLModel, Postgres, Alembic, JWT + Google OAuth, boto3/S3) + React frontend (Vite, TypeScript, shadcn/ui + Tailwind, TanStack Router/Query/Table, Zod, Axios), wired with Docker Compose. Use this skill whenever the user wants to spin up, bootstrap, create, or design a new full-stack webapp; an API-first backend + SPA frontend; an admin/portal/dashboard app; file upload + S3; RBAC / role-based auth with seeded test users; local docker dev; or asks for a 'FastAPI + React' / 'Python + React' project. Runs mockup-first: marketing-design (brand/logo raster) + opendesign (HTML page mockups) before code, then ports the design to Tailwind/shadcn. Covers project structure, local setup, auth/RBAC, S3 uploads, and the gotchas that break these stacks.
deployment
Hosting, deployment, CI/CD, and going live. Activated when Claude works with deployment configs, Dockerfiles, Vercel/Netlify configs, or deployment-related commands.
github-actions-creator
Use when the user wants to create, generate, or set up a GitHub Actions workflow. Handles CI/CD pipelines, testing, deployment, linting, security scanning, release automation, Docker builds, scheduled tasks, and any custom workflow for any language or framework.
codebase-onboarding
Auto-generate onboarding documentation from codebase analysis, tailored to the reader's experience level. TRIGGER when: user asks to onboard someone to a codebase, document this codebase, generate project documentation for new team members, write a codebase walkthrough or tour, create a getting-started guide, or explain a codebase to a specific audience. DO NOT TRIGGER when: user wants API reference docs (use language-specific tooling), or wants to understand a single file (just read it).
git-worktree-manager
Parallel development with git worktrees and deterministic port isolation. TRIGGER when: user wants to work on multiple branches simultaneously, run parallel agent sessions, manage worktree-based dev environments, or asks about port conflicts between concurrent services. DO NOT TRIGGER when: simple branch switching (use git checkout), or single-branch development with no parallelism needed.
explain-codebase
Onboard to an unfamiliar codebase by mapping its architecture, entry points, and data flow. Use when starting work in a new or unknown repository and you need a navigable mental model fast.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use when architecting deployment workflows, setting up continuous delivery, or implementing GitOps practices.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
grepai-storage-qdrant
Configure Qdrant vector database for GrepAI. Use this skill for high-performance vector search.
latest-versions
Always use the latest stable version of any library or dependency. Activate when adding, updating, or recommending any package, SDK, framework, or tool version.
backend-setup-stack
Bootstraps a local Node.js backend development stack with Docker, PostgreSQL, and an ORM (Prisma or Sequelize). Use this skill whenever the user wants to: initialize a new backend project, set up a Dockerized database locally, wire up an ORM with automated migrations, scaffold an Express server with a health endpoint, or repair a broken local dev environment involving Docker + Postgres. Also trigger when the user mentions any of: "set up backend", "docker postgres", "prisma setup", "sequelize setup", "local dev stack", "migrate my database", "scaffold express", or "backend boilerplate". If the user is starting any server-side Node.js project and hasn't mentioned a database setup, proactively suggest this skill.
ci-workflow
自然语言描述 → CI 配置文件(GitHub Actions / GitLab CI)+ 逐段解释 + 安全审查。 适用场景:用户要求"写 CI 配置"、"配个 GitHub Actions/GitLab CI"、"自动构建/部署/发布流程"。 触发关键词:/ci、ci/cd、github actions、gitlab ci、pipeline、workflow、自动构建、自动部署。
docker-essentials
【Docker速查】Docker 容器管理实战指南,包含容器操作、镜像构建、网络配置、数���卷管理、Docker Compose、故障排查。 触发时机: - 用户要求"Docker命令"、"容器管理" - 需要编写 Dockerfile - 容器出问题需要排查 提供完整命令和最佳实践。
go-service-creator
Go 微服务脚手架生成器。自然语言描述 → 完整 Go 项目目录。 触发场景:用户要求"创建 Go 服务"、"初始化 Go 项目"、"搭建 Go 后端"、"生成 Go 微服务"。 关键词:go service, golang, gin, echo, fiber, go backend, go api, go microservice。
python-service-creator
Python 后端服务脚手架生成器。自然语言描述 → 完整 Python 项目目录。 触发场景:用户要求"创建 FastAPI 服务"、"搭建 Python 后端"、"初始化 Flask 项目"、"生成 Python API"。 关键词:fastapi, flask, django, python backend, python api, python service, uvicorn。
theoros
Run an observed live dev session — Claude drives an interactive REPL in a named tmux session, the human spectates read-only via `tmux attach -r`. Use when the user wants to play through, debug, or explore a service's REPL together. Trigger phrases include "let's do a live smoke", "run a theoros session", "I want to spectate while you drive the CLI", "start an observed dev run". Reads per-repo facts from the `## theoros` section of `.claude/skill-context.md`.
deploying-on-aws
Selecting and implementing AWS services and architectural patterns. Use when designing AWS cloud architectures, choosing compute/storage/database services, implementing serverless or container patterns, or applying AWS Well-Architected Framework principles.
writing-dockerfiles
Writing optimized, secure, multi-stage Dockerfiles with language-specific patterns (Python, Node.js, Go, Rust), BuildKit features, and distroless images. Use when containerizing applications, optimizing existing Dockerfiles, or reducing image sizes.
stepback
Use when hitting the same error after 2+ fix attempts, when multiple symptoms share a common system, or when fixes feel like whack-a-mole. Forces architectural reassessment over symptom-patching. Also use proactively when a fix touches infrastructure-level config.
app-sidecar
Guide for managing sidecar containers alongside app backends. Use when: (1) An app backend needs auxiliary services like headless browsers, caches, or other tools, (2) Adding/removing/listing sidecar containers, (3) Configuring sidecar networking, env vars, or resource tiers.
remote-logs
Use when debugging a deployed app backend. Explains how to fetch build logs and runtime logs using the `fusebase remote-logs` command. Only applicable to apps with a backend/ folder. For local development, use dev-debug-logs skill instead.
docker-vps-deploy
Use when deploying a Dockerized application to a VPS (Linux server) via SSH without a container registry, generating a GitHub Actions pipeline that uses docker save, gzip compression, and rsync to transfer images. Triggers: "deploy to VPS", "rsync docker image", "docker save and load", "VPS CI/CD", "SSH deploy pipeline", "deploy without registry", "transfer docker image via SSH".
env-doctor-free
Diagnose local project environment issues that prevent apps from starting or running. Use when the user says "why won't this run", "check my environment", "env doctor", "diagnose startup issue", "it works on my machine", or asks for help debugging missing dependencies, runtime versions, port conflicts, .env problems, file permissions, or stopped services.
validating-ci-pipelines-locally
Single source of truth for executing GitLab CI/CD pipelines locally with the same image, env vars, and service containers as the real runner — so pipeline failures are caught before push. Defines pipeline discovery (.gitlab-ci.yml + includes), per-job execution via gitlab-runner exec, service-container orchestration (Mongo, Redis, MailHog), env injection without secrets, cache/artifact handling, and a job-by-job verdict report. Also describes the GitHub Actions equivalent via act for projects that mirror to GitHub. Activates whenever an agent or command needs to validate that the CI pipeline will pass — currently used by /lt-dev:production-ready and lt-dev:production-readiness-orchestrator. NOT for running the local check script (use running-check-script). NOT for writing or refactoring CI configs (use the devops agent).
infra-audit
Infrastructure and CI/CD security audit - GitHub Actions workflows (pwn-request, secret logging, missing pinning, permissions overreach), Dockerfile (latest tag, USER root, ADD on URL), Kubernetes manifests (runAsNonRoot, privileged containers, hostNetwork), Terraform (IAM wildcards, state in git, module pinning), GitLab CI equivalent checks. Stack-agnostic.
ci-cd-architect
CI/CD principles — pipeline taxonomy, trigger design, supply-chain hygiene (SHA-pinned actions), OIDC cloud auth, caching, matrix strategy, test gates, release automation, deployment strategies. Suggestion-mode (trade-offs over mandates). GitHub Actions recipes in RECIPES.md. Use when designing, reviewing, or scaffolding CI/CD workflows.
commit-author
Generate concise Conventional Commits messages from a staged diff. Enforces full type set, imperative subject lines, no AI co-author attribution. Use when user wants to commit, asks for a commit message, mentions "commit", or invokes /commit.
docker-architect
Docker standards — multi-stage builds, per-language base defaults (distroless Go, slim Python/Node), BuildKit cache mounts, non-root, multi-arch amd64+arm64, digest-pinned bases, Trivy scanning, Compose v2. Use when writing or reviewing Dockerfiles or Compose files.
installing-tribal
Proactively use this skill when the user mentions installing, setting up, wiring, or configuring Tribal (a memory store for tacit engineering knowledge, the why, ways of working, breakthroughs). Also activates when `tribal check` reports failures the user wants to resolve, when switching transports, when re-wiring after a harness change, or when the user asks how to get started with Tribal. Walks through binary install, `tribal bootstrap`, `tribal check`, and MCP config wire-up.
agent-skill-deploy
Deploys agent skill collections from any GitHub repository with a /skills folder to one or more distribution surfaces: GitHub releases, Claude Code marketplace, VS Code plugin marketplace, and Copilot CLI plugin marketplace. Handles pre-flight validation, conventional commit analysis, version bumping across surface configs, and surface-specific publishing with dry-run support. Use when releasing, publishing, or deploying a skills collection to any supported marketplace or creating a GitHub release for a skills repository. Don't use for deploying non-skill packages, npm modules, Docker images, or Azure resources.
speckit.checker
Static Analysis Aggregator - Chạy static analysis trên codebase.
speckit.constitution
Governance Manager - Thiết láºp & quản lý Constitution (Source of Law).
speckit.devops
Docker Infrastructure & Security Hardening Specialist — Port ENV-first, range 8900-8999.
docker-workflows
Reviews and hardens Dockerfiles and docker-compose files — multi-stage build conversion, base-image choice, layer caching, secret leakage, root-user containers, missing healthchecks. Use when reviewing a Dockerfile, optimizing image size or build time, writing a compose file, or auditing container security.
setup-project-skills
Installs skills from a user-curated manifest (`~/.claude/skill-manifest.json`) into the current project's `.claude/skills/` — symlinks local skills, runs `npx skills add` for third-party ones, and advises `/plugin install` for native Claude plugins. Optionally scans the project for trigger files (Dockerfile, wrangler.jsonc, *.tf, etc.) and pre-selects recommended matches. Use when the user wants to set up skills in a new project, add a skill they curated, see what skills fit the current project, or bootstrap a freshly cloned repo with their toolbox.
docker-patterns
Provides Docker and containerization best practices including multi-stage builds, security hardening, and compose patterns. Use when writing Dockerfiles, optimizing images, setting up containers, or when user mentions 'Docker', 'container', 'Dockerfile', 'docker-compose', 'image'.
authos-platform-deployment
Deploy and configure an AuthOS API instance from source or Docker. Use when setting database backend, JWT signing keys, environment variables, billing provider, SMTP, GeoIP, Docker images, health checks, or production reverse proxy settings.
chrome-integration
Use for browser-based web development, visual UI checks, container dev servers, host Chrome, and the browser CLI inside Agent Workcell sandboxes.
flutter-integration
Use for native/device Flutter work, host Flutter targets, hot reload, screenshots, and flutterctl workflows inside Agent Workcell sandboxes.
docker-templates
Docker multi-stage build templates, image security, and docker-compose patterns. TRIGGER when: writing a Dockerfile, composing services, or hardening a container image. SKIP: CI pipeline definitions (use github-actions-template); runtime monitoring (use monitoring-observability).
040101-docker-deploy
Docker deployment patterns for web applications — multi-stage builds, environment management, CI/CD integration, and self-hosting strategies.
pipeline-bootstrap
Step-by-step guide to connect a uFawkesAI project to uFawkesPipe and fawkes platform: Dockerfile, ArgoCD manifest, DORA deployment spans. Use when setting up CI/CD for a new service.
colima
Use when Docker commands fail with "Cannot connect to Docker daemon", when starting/stopping container environments on macOS, when managing Docker contexts or profiles, or when running incus (system containers / VMs with nested virtualization) on macOS - provides Colima lifecycle management, profile handling, SSH commands, and troubleshooting
developing-pipelines
Use when creating, modifying, or debugging Buildkite pipeline YAML files - ensures current syntax from official docs, validates configurations before proposing changes, and references Buildkite best practices instead of relying on training data
gen-devcontainer
Generate a `.devcontainer/devcontainer.json` keyed to the project's primary language so `gh codespace create` (or VS Code's "Reopen in Container") gives anyone on the team a ready-to-go env with the right runtime, GH CLI, git-lfs, and language-tier VS Code extensions pre-installed. Preview-by-default; idempotent on apply (no-op on identical bytes, diff-and-refuse on divergence unless `--force-overwrite`). TRIGGER when the user says "add a devcontainer", "set up codespaces", "scaffold devcontainer.json", "reopen in container", "configure dev environment", "containerized dev env", "make this work in codespaces", "add VS Code container", "wire up devcontainer", "/nyann:gen-devcontainer". Also trigger when a user asks "how do I run this in Codespaces" and there's no `.devcontainer/` directory yet. Do NOT trigger on "build a Docker image for production" — that's a Dockerfile concern outside devcontainer scope. Do NOT trigger on "fix my devcontainer build" — that's debugging an existing setup, not generating one (r
aws
AWS infrastructure management — EKS, ECR, VPC, RDS, ElastiCache, S3, Route53, ACM, Secrets Manager, CloudWatch, IAM
cicd
CI/CD pipeline builder — GitHub Actions, self-hosted runners, Docker build/push, multi-environment deployments, secrets, rollback strategies
docker
Docker best practices — Dockerfile authoring, docker-compose, multi-stage builds, container networking, volume management, Docker in CI/CD
k8s-gen
【K8s 部署】自然语言描述生成 K8s YAML manifests。触发时机:用户说"生成 K8s 部署配置"、"写 Deployment YAML"、"生成 Service/Ingress"时。
exaaiagent
Run, debug, maintain, or extend ExaAiAgent for AI-assisted penetration testing, attack-surface mapping, repo/code security review, and multi-agent offensive-security workflows. Use when an AI agent needs onboarding instructions for operating ExaAiAgent, when a user wants to launch scans from CLI/TUI, when ExaAiAgent itself needs maintenance, or when another agent should use ExaAiAgent with any LiteLLM-supported provider (OpenAI, Anthropic, OpenRouter, Ollama, Gemini-compatible endpoints, and other LiteLLM-backed providers).
ux-bug-hunt
PROJECT-SPECIFIC to usync (mcp-config-tui). Use when iterating on TUI UI/UX bugs via the Docker-first bug-hunt harness. Triggers: "UX bug hunt", "iterate on UI bugs", "fix UX issues", "expand the matrix", "ux-fake-prod", "matrix scenario", "TUI regression", "DM-P<n>". Drives the 4-stage loop (expand → run → triage → fix+lock) and the lens framework for catching UX defect classes beyond functional bugs.
uselink-onboarding
Scan a codebase and generate a new-developer onboarding guide as HTML, then publish to uselink. Use when the user wants to create a getting-started guide, onboard a new team member, or share 'how to work in this repo' docs.
judgment-day
Trigger: judgment day, dual review, adversarial review, juzgar. Run blind dual review, fix confirmed issues, then re-judge.
mcp-builder
Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).
plugin-settings
This skill should be used when the user asks about "plugin settings", "store plugin configuration", "user-configurable plugin", ".local.md files", "plugin state files", "read YAML frontmatter", "per-project plugin settings", or wants to make plugin behavior configurable. Documents the .claude/plugin-name.local.md pattern for storing plugin-specific configuration with YAML frontmatter and markdown content.
plugin-structure
This skill should be used when the user asks to "create a plugin", "scaffold a plugin", "understand plugin structure", "organize plugin components", "set up plugin.json", "use ${CLAUDE_PLUGIN_ROOT}", "add commands/agents/skills/hooks", "configure auto-discovery", or needs guidance on plugin directory layout, manifest configuration, component organization, file naming conventions, or Claude Code plugin architecture best practices.
rembric-dashboard-ui
Brutalist Rembric dashboard UI work — building / editing / extending pages, styles, components, modals, tables, filters, pagination, mobile responsive, destructive confirmations. Use when the user asks for changes under `src/dashboard/`, mentions Rembric design tokens (lime, brutalist, sidebar, view-head, hl-lime), or requests a new dashboard page / form / table.
thermo-nuclear-code-quality-review
Run an extremely strict maintainability review for abstraction quality, giant files, and spaghetti-condition growth. Use for a thermo-nuclear code quality review, thermonuclear review, deep code quality audit, or especially harsh maintainability review.
analyze
Deep cross-layer consistency audit for any codebase. Traces every feature from UI to database, finds broken wiring, missing handlers, model mismatches, and security gaps. Auto-fixes critical and warning issues. Use this after building features, before releases, or whenever something feels off. Works with any tech stack.
speckit.tester
Test Runner & Coverage - Create test plans, write tests, report coverage.
speckit.validate
Implementation Validator - Validate implementation vs overall spec.
resume-scan
Use when scanning code repositories to extract resume-worthy content. Analyzes code structure, git history, tech stack, contributions, and generates structured project summaries with accuracy-annotated data points.
digitalocean-registry-cleanup
Analyze and clean DigitalOcean Container Registry images. Lists repos with tag counts, deletes old tags (keep last N), finds stale repos, triggers garbage collection. Supports dry-run mode. Use when user says "clean registry", "delete old images", "DO registry", "registry cleanup", "docker images cleanup", "container registry", or "clean up old tags".
pattern-engineer-container
Containerized setups: every Dockerfile is multi-stage (`base`/`build`/`final`), pinned (no `:latest`) and vetted via `docker scout`, non-root with writable paths redirected, no in-image virtualenvs, `.dockerignore` required. Backends `alembic upgrade head` in entrypoint before exec'ing the server; expose fast `/healthz`. Frontend nginx puts API `location` blocks ABOVE the SPA `try_files` fallback. Secrets are runtime env vars. Activate on Dockerfile, compose, `.dockerignore`.
pattern-engineer-vite
Vite implementation bullets: pick Vite for pure CSR (no SSR/SSG/SEO); env vars via `import.meta.env` with `VITE_` prefix (NOT a security boundary); `vite-plugin-checker` or `tsc --noEmit` in CI — `vite build` does not type-check; `vite-tsconfig-paths` over hand-rolled aliases; `build.sourcemap: false` in prod; `server.host: true` for containerized dev; avoid barrel files; route-boundary splitting via `lazy()` + `<Suspense>`. Activate when editing `vite.config.*` or scaffolding a Vite React app.
pattern-reviewer-container
Docker / compose audit: Dockerfile is multi-stage (`base`/`build`/`final`); tags pinned (no `:latest`) with `docker scout` clean of fixable MEDIUM+ CVEs; non-root user with writable paths redirected; `.dockerignore` excludes secrets/build outputs; backend entrypoint runs `alembic upgrade head` before the server; no-dep `/healthz` exists; frontend nginx puts API `location` blocks ABOVE the SPA `try_files` fallback. Activate on Dockerfile, compose, or `.dockerignore` diffs.
scaffold-project
Bootstrap a greenfield project to a bootable stack. Reads `docs/architecture-decision-record/` for stack + topology, creates a scaffold branch, materializes backend, frontend, e2e, and `docker-compose.yaml` from templates, verifies the stack boots end-to-end, asserts the upstream-locked design system exists and seeds its tokens into the frontend, then pushes and opens a PR. Activate on '/scaffold-project', 'scaffold the project'. Do NOT activate if any scaffold surface already exists.
benchmark
Measure performance baselines, detect regressions before and after PRs, and compare stack alternatives. USE WHEN establishing a perf baseline, checking whether a change slowed things down, or benchmarking competing libraries or approaches.
codebase-onboarding
Analyze an unfamiliar codebase and generate a structured onboarding guide with architecture map, key entry points, conventions, and a starter CLAUDE.md. Use when joining a new project or setting up Claude Code for the first time in a repo.
dockerfile-doctor
扫描 Dockerfile 的体积/安全/缓存/最佳实践问题并给出中文修法。当用户说"帮我检查 Dockerfile / Dockerfile 有没有问题 / 审查 Dockerfile / dockerfile-doctor"时触发。
ship-it
Set up or fix a deploy pipeline. Picks a platform that fits the app, writes the config (Dockerfile, vercel.json, railway.toml, fly.toml, GitHub Actions), and ships a first deploy. Knows Vercel, Railway, Fly.io, Render, AWS basics (ECS, Lambda, Amplify), Docker, Kubernetes essentials, and GitHub Actions. Use when the user says "deploy this", "ship it", "set up vercel", "dockerize this", "write the GitHub Actions for deploy", or has working local code that needs to be live.
ship-it
Set up or fix a deploy pipeline. Picks a platform that fits the app, writes the config (Dockerfile, vercel.json, railway.toml, fly.toml, GitHub Actions), and ships a first deploy. Knows Vercel, Railway, Fly.io, Render, AWS basics (ECS, Lambda, Amplify), Docker, Kubernetes essentials, and GitHub Actions. Use when the user says "deploy this", "ship it", "set up vercel", "dockerize this", "write the GitHub Actions for deploy", or has working local code that needs to be live.
deploy-planner
Deployment and DevOps agent that generates Dockerfiles, CI/CD configs, and step-by-step deployment guides for free hosting platforms. Triggers on: deploy, launch, hosting, Docker, CI/CD, production, go live, ship it.
rcode-ci
CI/CD setup and quality gates for the rcode-default stack — GitHub Actions for Node test matrix,.
coolify-cli
Use when managing a Coolify instance (cloud or self-hosted) from the command line via the `coolify` CLI — deploying applications, creating or managing databases and one-click services, configuring servers and contexts, syncing environment variables, scheduling backups, or watching deployment logs. Trigger this whenever the user mentions Coolify, the `coolify` command, deploying an app to their Coolify server, a Coolify project/app/database/service UUID, or self-hosted PaaS deploys that go through Coolify — even if they don't name the exact subcommand.
docker-patterns
Docker patterns covering Dockerfile best practices, multi-stage builds, Compose service configuration, networking, volumes, and security. Use whenever the project contains a Dockerfile, docker-compose.yml, .dockerignore, or compose.yaml, OR the user asks about Docker, containers, docker-compose, multi-stage builds, base images, volumes, healthcheck, depends_on, even if Docker is not mentioned by name.
creating-showcases
Creates, updates, and manages showcases on the lenne.tech Showroom platform (showroom.lenne.tech). Implements a 5-phase workflow: (1) project analysis, (2) screenshot capture with Docker/app startup and demo data, (3) SHOWCASE.md creation as single source of truth in the project repository, (4) showcase creation via API using SHOWCASE.md + customer feedback + web research, (5) interactive presentation with modern content blocks. Fetches customer feedback from https://lenne.tech/kundenerfolge. Uses MCP tools (showroom-api) or REST API for CRUD operations. Activates when creating, editing, managing showcases, portfolio entries, or the Showroom platform. NOT for platform development on the showroom codebase itself (use generating-nest-servers or developing-lt-frontend).
sast-analysis
Perform codebase analysis and architecture mapping as the first phase of a security assessment. Explores the tech stack, frameworks, entry points, data flows, and trust boundaries. Outputs sast/architecture.md. Run this before any vulnerability detection skill. Use when asked to analyze a codebase for security or when sast/architecture.md does not yet exist.
devops-best-practices
Opinionated production-grade DevOps defaults for Terraform, Kubernetes, CI/CD, Docker, cloud security, observability, cost, and disaster recovery. ALWAYS use when generating, reviewing, or modifying any infrastructure code, Kubernetes manifests (Deployment, Service, StatefulSet, Helm, Kustomize), Terraform (.tf, modules, state), Dockerfiles, docker-compose, CI/CD pipelines (.github/workflows, .gitlab-ci.yml, Jenkinsfile), cloud resources (AWS/GCP/Azure), IAM policies, security groups, observability setup (Prometheus, Grafana, OpenTelemetry), or DNS/TLS/CDN config — even if the user does not explicitly ask for best practices. Prevents the failure modes that hurt production teams most often: missing PDBs, single replicas in prod, latest image tags, public S3 buckets, long-lived credentials, missing observability, and CI/CD supply-chain risks. Apply opinionated defaults by default; surface tradeoffs when the user has reason to deviate.
docker-devops
Docker containerization and DevOps assistant. Generates optimized multi-stage Dockerfiles, manages local development with docker-compose, and helps debug container failures. Use when containerizing React/Python apps, setting up local envs, or troubleshooting deployments.
generate-cicd
Generate CI/CD workflows (GitHub Actions) through interactive conversation by analyzing repository structure and user preferences. Use when the user asks to: (1) set up CI/CD for a project, (2) create GitHub Actions workflows, (3) add automated testing/building/deployment pipelines, (4) improve or review existing CI/CD configuration. Also use when the user mentions automating tests, running checks on PRs, or deploying on merge — even without explicitly saying "CI/CD". Triggers on: "CI/CD", "CI", "GitHub Actions", "workflow", "pipeline", "continuous integration", "continuous deployment", ".github/workflows", "automate tests", "run checks on PRs", "deploy on merge".
generate-dockerfile
Generate optimized, secure, multi-stage Dockerfiles and .dockerignore files for any project. Use when the user asks to: (1) containerize a project, (2) create or generate a Dockerfile, (3) improve or optimize an existing Dockerfile, (4) add Docker support to a project, (5) review a Dockerfile for best practices. Also use when the user wants to make something deployable, set up containers, or ship an app — even without mentioning Docker explicitly. Triggers on: "Dockerfile", "dockerize", "containerize", "Docker build", "docker image", ".dockerignore", "make this deployable", "container setup", "production-ready setup", "ship this app".
install-withvibe
Help a user install WithVibe on their own laptop or server for the first time. Trigger when a user asks to install, set up, get started with, try, or run WithVibe locally — including phrasings like "how do I install withvibe", "I want to try withvibe", "set up withvibe on my mac", "withvibe quick start", or "what do I need to run withvibe". This is the friendly first-time-user path; it assumes the user wants the easiest install (npm registry) unless they say otherwise, walks them through prerequisites with OS-appropriate commands, runs the guided `withvibe init`, and verifies the stack came up.
withvibe-plugin-creator
Help a developer build a new WithVibe plugin from scratch — manifest.yaml, Dockerfile, HTTP server with health/UI/MCP endpoints, optional shared-postgres storage. Trigger when the user asks to build, scaffold, create, or write a WithVibe plugin (e.g. "I want to build a plugin for withvibe", "scaffold a withvibe plugin", "how do I add a plugin to withvibe", "write a roadmap-like plugin for X"). Walks through scope decisions (env vs workspace), storage, UI, MCP tools, builds the container, and installs it via the workspace admin Plugins page.
deploy-preview
Build Docker images and launch a local preview environment with docker-compose. Use to test the full stack locally before merging.
zero-tech-debt
Rework a change as if the intended UX and architecture had existed from day one — deleting compatibility cruft, dead branches, and accidental complexity instead of patching around them. Use when refactoring, cleaning up after a feature lands, removing flags, collapsing legacy paths, or when the user says the code "should look like X from scratch".
kicad-emsim
Electromagnetic field simulation of a KiCad board via gerber2ems + openEMS (dockerized, headless): S-parameters, impedance, and E-field PNG visualizations fed back to the agent. Use when asked to simulate a board's EM behavior, check impedance of traces, or visualize fields.
coolify-self-hosted-paas
Self-hosted alternative to Vercel, Heroku, Netlify, and Render — deploy applications, databases, and services on your own server (or any VPS) with git-push workflows, automatic SSL, preview deployments, and zero per-seat fees. Apache 2.0 licensed. Use when recommending deployment infrastructure to clients who want cost control, data sovereignty, or freedom from PaaS lock-in, or when an arm needs a single self-hosted plane to manage many small services.
cybrscrape-official
Scrape web pages using CybrScrape with anti-bot bypass (like Cloudflare Turnstile), stealth headless browsing, spiders framework, adaptive scraping, and JavaScript rendering. Use when asked to scrape, crawl, or extract data from websites; web_fetch fails; the site has anti-bot protections; write Python code to scrape/crawl; or write spiders.
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
setup-coolify
This skill should be used when the user runs /setup-coolify, /setup-coolify init, or /setup-coolify validate. Provisions and updates a Coolify deployment for the current repo from coolify.yaml, configures Doppler secret injection (all env_vars including NEXT_PUBLIC_* injected at runtime via DOPPLER_TOKEN — same-image promotion model), and generates .github/workflows/deploy.yml. Reads coolify.yaml from the working directory and credentials from ~/.claude/coolify.json. Designed to work across multiple repos and multiple Coolify servers via the server alias in coolify.yaml.
health-check
Check the health of the running WealthWise API, web app, and MongoDB services. Triggers when asked to "check if the app is running", "verify the API is up", "is the server healthy", or "show service status".
skill-atlas
Find the right public AI-agent skill for a job — and know whether to trust it. Load when about to start a task type (Upwork freelancing, technical interviews, office documents, MCP/tool building, prompt engineering, web/frontend, data analysis, learning English) and you want to know which existing public skills to pull in, rated by source reputation and freshness. Answers "which skill do I load for X, and can I trust it?"
openclaw-memory-graph
Neo4j-backed graph memory for Openclaw providers. Replaces the flat-file `memory/` system with a property graph that supports typed memory nodes, semantic edges, vector-similarity recall, and automatic migration of existing flat-file memories.
dockerfile
Use when writing or editing a Dockerfile/Containerfile (or any container image build) — covers cache-friendly layer ordering and common gotchas.
dockerfile-best-practices
Create and optimize Dockerfiles with BuildKit, multi-stage builds, advanced caching, and security. Use this skill whenever you need to create, modify, or optimize a Dockerfile or a Docker Compose file. Also trigger when the user discusses container images, build performance, or Docker security — even if they don't explicitly mention 'Dockerfile'.
helm-bjw-s-chart
Generate production-ready Helm charts using the bjw-s-labs common library (app-template v5, with v4 legacy support). Use when creating a new Helm chart, converting Docker Compose to Helm, configuring controllers with sidecars or init containers, setting up services/ingress/persistence, HorizontalPodAutoscalers, ServiceMonitors/PodMonitors, NetworkPolicies, or handling StatefulSets and multi-controller deployments.
diagnose
Disciplined diagnosis loop for hard bugs and performance regressions. Reproduce → minimise → hypothesise → instrument → fix → regression-test. Use when user says "diagnose this" / "debug this", reports a bug, says something is broken/throwing/failing, or describes a performance regression.
find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
improve-codebase-architecture
Find deepening opportunities in a codebase, informed by the domain language in CONTEXT.md and the decisions in docs/adr/. Use when the user wants to improve architecture, find refactoring opportunities, consolidate tightly-coupled modules, or make a codebase more testable and AI-navigable.
npm-security-best-practices
Apply npm/pnpm supply-chain hardening when adding a dependency, editing package.json/.npmrc/pnpm-workspace.yaml, reviewing a lockfile change, or configuring CI install steps. Covers the 17 practices from lirantal/npm-security-best-practices.
plugin-creator
Create and scaffold plugin directories for Codex with a required `.codex-plugin/plugin.json`, optional plugin folders/files, and baseline placeholders you can edit before publishing or testing. Use when Codex needs to create a new local plugin, add optional plugin structure, or generate or update repo-root `.agents/plugins/marketplace.json` entries for plugin ordering and availability metadata.
rembric-plugin-development
Apply when creating, modifying, or reviewing any Rembric agent plugin. Triggers on changes under `apps/plugin/`, on new clients added alongside Claude Code / Codex CLI / Hermes Agent / opencode, on edits to `apps/plugin/bin/rembric-bridge.mjs` or `apps/plugin/bin/rembric-dotenv.mjs`, on per-client manifest changes, or on plugin install/uninstall scripts. End-to-end validation against `pnpm run dev:docker:up` is mandatory whenever local testing is feasible.
rembric-smoke-tests
End-to-end smoke against the local rembric dev stack (`pnpm run dev:docker:up`). Apply when the user says "smoke", "probar contra docker", "dev:up", or after applying an OpenSpec change that touches HTTP (`apps/server/src/server/api-router.ts`), MCP tools (`apps/server/src/mcp/`), or DB migrations (`apps/server/src/db/migrations/`). Encodes bring-up, mount verification, probe pattern and teardown — not the probes themselves.
skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
source-command-opsx-apply
Implement tasks from an OpenSpec change (Experimental)
source-command-opsx-archive
Archive a completed change in the experimental workflow
source-command-opsx-explore
Enter explore mode - think through ideas, investigate problems, clarify requirements
source-command-opsx-propose
Propose a new change - create it and generate all artifacts in one step
testing
Pragmatic testing guidance focused on confidence, behavior over implementation details, and integration-first coverage. Use when designing a test strategy, writing or reviewing tests, reducing brittle mocks, or deciding what is worth testing in an application or library.
bosskuai-docker
Use this for Dockerfile and Docker Compose setup or review, including one-command `docker compose up -d` startup, `.env` configuration, no hardcoded credentials in YAML, bind-mounted local volume sync, explicit networks, service health checks, non-root images, and containerized dev/prod workflows.
lgtm-dependency-review
lgtm dependency and supply-chain review skill. Use when a selected phase changes dependencies, lockfiles, package manager config, generated files, CI security config, tool versions, or plugin/MCP/tool installation.
backend-architecture-orchestrator
Route a backend task to the right skill among 8 server-side specialists — architecture boundaries (hexagonal/ports-and-adapters), REST API design, HTTP connector building, NestJS structure, MCP servers, deployment/CI-CD, and decision records. USE WHEN a user is designing, building, integrating, or shipping a backend service but hasn't named the specific concern.
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimizing Python development workflows with uv.
workflows
Project-specific development workflows for the flight-path Go project: adding endpoints, benchmarking, releasing, Docker builds, and CI pipelines. Use when following a development process, preparing a release, running CI locally, or understanding the build pipeline. Do NOT use for environment setup, troubleshooting errors, or debugging specific failures.
xcloud-docker-deploy
Deploy any project to xCloud hosting — auto-detects stack (WordPress, Laravel, PHP, Node.js, Next.js, NestJS, Python, Go, Rust), routes to native or Docker deployment, generates production-ready Dockerfile, docker-compose.yml, GitHub Actions CI/CD, and .env.example. Works from zero Docker setup.
docker-redis-iac
Multi-stage Docker builds, Docker Compose for local dev, Redis Socket.IO adapter for horizontal scaling, and safe Prisma production migrations.
ts-ddd-ci-design
Design and implement CI/CD pipelines for a TypeScript DDD clean architecture project — GitHub Actions, GitLab CI, Docker builds, environment promotion, and secrets management. Trigger when the user says "set up CI", "add a pipeline", "automate tests", "write a GitHub Actions workflow", "configure deployment", "add Docker support", "set up CD", "automate the build", or when the project needs automated quality gates before merge. Also trigger when the user asks about environment promotion (dev → staging → prod) or secrets management strategy.
init
Scaffold a project-aware .claude/settings.json deny list with cfgaudit
readme-doc-writer
当需要为代码仓库新建或更新 README.md 时使用;先勘探代码库与部署目标,再按固定骨架产出一份覆盖本地开发/系统原理/生产部署的可复制粘贴 README;不适用于 API 参考、教程长文或设计文档等非 README 产物;触发词:写 readme、生成项目文档、document this project
insecure-defaults
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
ossfuzz
OSS-Fuzz provides free continuous fuzzing for open source projects. Use when setting up continuous fuzzing infrastructure or enrolling projects.
post-start-validation
Universal validation and knowledge capture. Detects what changed, runs governance gates, captures knowledge, verifies deployment. Works for any project.
deployment
Deployment Standards
qa-close-verify
P0/P1 Issue Close Verify SOP
create-docker-skill
Scaffold an agent skill with Docker runtime support
managing-deployment
Deployment and infrastructure for the site. Consult when troubleshooting deployments, modifying CI/CD, or diagnosing build issues.
review-and-ship
Review the current branch for bugs, intent fit, and test coverage; run or write tests; commit focused work; open or update a PR.
railway-cli
Deploy, manage, and operate Railway projects via the official `railway` CLI. Use this skill whenever the user asks to "deploy to Railway", "list Railway services", "set Railway env var", "scale a Railway service", or any operation against Railway. Replaces the dropped community railway-mcp. SPENDS MONEY — confirmation required before any state-changing action.
language-servers
Use when configuring LSP settings for Terraform, Dockerfile, or other languages at {{companyName}}.
iw-workflow
IW AI Core workflow orchestration rules, manifest schema, and agent contract definitions. Use when executing work item workflows, parsing agent results, managing fix cycles, or understanding the automated development pipeline.
syslog-dr
Run a comprehensive syslog-mcp health check covering environment, config quality, storage, ports, service status, HTTP health, MCP actions, listener reachability, Docker ingest, and fleet rsyslog forwarding. Use when the user asks for syslog doctor, deployment diagnostics, first-run preflight, health check, sanity check, or broad deployment verification.
pr-pipeline
Autonomous PR review, fix, test, and merge pipeline
generating-docker-compose-files
Use when you need to work with Docker Compose. This skill provides Docker Compose file generation with comprehensive guidance and automation. Trigger with phrases like "generate docker-compose", "create compose file", or "configure multi-container app".
tag
Create a SemVer annotated git tag on main by inferring the bump type (major/minor/patch) from conventional commits since the last tag, push the tag to remote, and optionally create a GitHub Release via gh. Global and project-agnostic. Trigger when the user says "tag main", "create a tag", "tag release", "cut a release", "release v1.2.3", "tag version", "bump version and tag", "create a release", "release this", or "$tag". SKIP when the user is asking about Docker image tags or non-git tagging.
nowledge-mem-docker
Install, check on, or upgrade a self-hosted Nowledge Mem server (the headless Docker deployment) using the `nmemctl` lifecycle controller. Use this whenever the user mentions running their own Nowledge Mem instance, self-hosting Mem on a NAS, VPS, homelab, or server, deploying `nowledgelabs/mem` from Docker Hub, troubleshooting their Mem container, or upgrading a Mem server to a newer version. Trigger even when the user says "my Mem server", "self-hosted Mem", "the docker version of Mem", "memory server on my Synology / Proxmox / Raspberry Pi", or just describes a container that's at `docker.io/nowledgelabs/mem` without naming the product. Do NOT trigger for the Mem desktop app, Mem Cloud, or anything that doesn't touch the operator's own server.
github-actions-templates
Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
agent-skill-deploy
Deploys agent skill collections from any GitHub repository with a /skills folder to one or more distribution surfaces: GitHub releases, Claude Code marketplace, VS Code plugin marketplace, and Copilot CLI plugin marketplace. Handles pre-flight validation, conventional commit analysis, version bumping across surface configs, and surface-specific publishing with dry-run support. Use when releasing, publishing, or deploying a skills collection to any supported marketplace or creating a GitHub release for a skills repository. Don't use for deploying non-skill packages, npm modules, Docker images, or Azure resources.
docker-build-deploy
Use when user wants to containerize a project, set up Docker CI/CD with GitHub Actions, push images to GHCR or Docker Hub, deploy containers to a remote server, or generate optimized Dockerfiles
docker-scout-audit
Use when auditing Docker images in this project for CVEs, base image staleness, or remediation recommendations — covers all four TUI images (Go, Python, Kotlin, C#)
deployment-patterns
Deployment workflows, CI/CD pipeline patterns, Docker containerization, health checks, rollback strategies for Python applications.
docker-patterns
Docker and Docker Compose patterns for Python development, container security, networking, and multi-service orchestration.
railway
Deploy applications on Railway platform. Use when deploying containerized apps, setting up databases, configuring private networking, or managing Railway projects. Triggers on Railway, railway.app, deploy container, Railway database.
docker
Container-based development for isolated, reproducible environments. Use when running npm commands, installing packages, executing code, or managing project dependencies. Trigger phrases include "npm install", "run the build", "start the server", "install package", or any code execution request.
devops-delivery
Use to set up or improve delivery and operations — CI/CD pipelines, containers, infrastructure-as-code, staged/canary rollouts, observability/SLOs, rollback, and blameless postmortems. Trigger on "set up CI/CD", "containerize", "deploy", "Terraform/IaC", "canary release", "monitoring/alerting", "SLO", "rollback", or "the deploy broke". Applies top-tier release-engineering practices.
iac-container-security
Audit infrastructure-as-code and container security including Terraform/OpenTofu/Pulumi configurations, Dockerfile hardening, Kubernetes manifests, base image hygiene, container scanning, secrets in IaC, IAM policies, network exposure, and runtime security context. Multi-cloud (AWS, GCP, Azure). Use this skill whenever the user asks about Terraform security, tfsec, Checkov, Trivy, Dockerfile hardening, distroless images, k8s securityContext, network policies, IAM least privilege, IaC secret scanning, or 'audit my infrastructure'. Trigger on phrases like 'scan my Dockerfile', 'review my Terraform', 'audit my k8s manifests', 'harden my containers', 'IaC security', 'base image hygiene', 'container CVEs', 'trivy scan'. Use this even when only one IaC layer is mentioned.
docker-homelab
Manage docker-compose stacks in a single-host homelab environment
syslog-logs
Tail or follow syslog-mcp service logs from Docker Compose. Use when the user asks for syslog-mcp service logs, startup logs, crash logs, plugin deployment logs, Docker logs, or follow mode. This is for the service's stdout/stderr, not client syslog entries.
syslog-redeploy
Re-run the syslog-mcp plugin setup hook with the current userConfig and verify the Docker Compose deployment. Use when the user asks to redeploy syslog-mcp, apply plugin config changes immediately, rerun the setup hook, refresh the Docker deployment, or recover after an automated SessionStart/ConfigChange hook did not run.
syslog-version-check
Check whether the running syslog-mcp Docker container matches the local Compose image. Use when the user asks whether syslog-mcp is current, stale, deployed, updated, running the latest plugin image, or needs a restart/recreate after an upgrade. Supports an optional --pull mode for Docker image comparison.
flowai-skill-setup-ai-ide-devcontainer
Set up .devcontainer for AI IDE development. Generates devcontainer.json and optional Dockerfile for project tech stack, AI CLI integration (Claude Code, OpenCode), secrets, skill mounting, and security hardening. Use for AI-assisted devcontainer setup or flowai-init delegation.
cicd-hardening
CI/CD pipeline hardening for GitHub Actions and GitLab CI — trust-model (pull_request_target vs pull_request), action pinning to SHA, OIDC-based cloud access, permissions minimization, runner isolation, and supply-chain gates (SLSA provenance, signing).
container-hardening
Docker and OCI image hardening — base-image selection, USER/caps/read-only FS discipline, distroless migration, build-time scanning with trivy/grype, image signing via sigstore, and runtime guardrails (seccomp, AppArmor).
iac-security
IaC misconfig scanning and cloud-aware review for Terraform, CloudFormation, Ansible and Pulumi. Covers tool orchestration (checkov/tfsec/kics/cfn-nag), policy-as-code (OPA/Conftest), CIS benchmark mapping, IAM over-permission detection, drift monitoring.
secure-coding
Language-agnostic secure-coding patterns — input validation, injection-safe APIs, authN/authZ, crypto, secrets, dependency hygiene. The default lens when no framework-specific skill applies.
supply-chain
Software supply-chain defense — SBOM generation (CycloneDX/SPDX), SLSA build provenance, artifact signing with sigstore/cosign, dependency-confusion and typosquat defense, and consumer-side verification of what you pull in.
postgres-admin
PostgreSQL server administration for kodemeio infrastructure via kctl-pg CLI. MUST use before ANY kctl-pg command or PostgreSQL admin task. Triggers on: "kctl-pg", "database backup", "create database", "postgres role", "db health", "pg stats", "database size", "restore database", "postgres user", "connection pool", or ANY PostgreSQL administration task. Even if the user just says "check db health" or "create a new database" — use this skill.
spoonos-deployment-guide
Deploy SpoonOS agents to production environments. Use when containerizing agents with Docker, deploying to cloud platforms (AWS, GCP, Vercel), or setting up self-hosted infrastructure.
render-deploy
Deploy applications to Render by analyzing codebases, generating render.yaml Blueprints, and providing Dashboard deeplinks. Use when the user wants to deploy, host, publish, or set up their application on Render's cloud platform.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use this skill when designing zero-downtime deployment pipelines, implementing canary rollout strategies, setting up multi-environment promotion workflows, or debugging failed deployment gates in CI/CD.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
multi-stage-dockerfile
Create optimized multi-stage Dockerfiles for any language or framework
arch-guidance
Consult and apply the repository architecture reference when discussing system architecture, module boundaries, directory layout, service interfaces, Docker Compose, Kubernetes deployment, or operational entry points. Use when a user asks about architecture, refactors, project structure, deployment models, or infra layout.
deploy-script-review
배포 스크립트의 보안·안전성 리뷰를 수행한다. 롤백 절차, 장애 대응, 권한 설정을 점검한다.
infisical-ci-integration
This skill activates when configuring CI/CD pipelines, writing GitHub Actions workflows, GitLab CI configs, Dockerfiles, Kubernetes manifests, or serverless deployment configs that need secret injection. It provides patterns for integrating Infisical into build and deployment pipelines.
aws
AWS hosting and deployment patterns covering compute (EC2, ECS, Lambda), networking (ALB, CloudFront, Route 53, API Gateway), databases (RDS, ElastiCache), infrastructure-as-code (CDK), IAM, monitoring (CloudWatch), and cost optimization. Use when deploying applications to AWS or designing cloud architecture. Triggers on AWS, EC2, ECS, Fargate, Lambda, CloudFront, CDK, API Gateway, Route 53, RDS, IAM.
documentation-adrs
Records architecture decisions to memory provider when significant technical choices are made. Lightweight format capturing what was decided, why, alternatives considered, and tradeoffs. Use when recording a decision, documenting architecture, ADR, architecture decision record, why did we choose, technical decision, or when a significant choice is made about dependencies, patterns, or infrastructure.
launch-checklist
Validates full deployment readiness beyond code, checking infrastructure, Docker configuration, Kubernetes manifests, environment config, monitoring, security headers, and pipeline status. Use when launching, deploying to production, release readiness, go-live, deployment check, pre-launch, shipping to prod, or when preparing for production deployment.
aio-bun-fullstack-setup
Scaffold a Bun fullstack project — single-port server, Vite dev proxy, monorepo layout, and Docker config.
aio-grafana-diagram
Create Grafana diagrams for system visualization — analyzes codebase to auto-generate Mermaid diagrams with metric binding. For standalone Mermaid diagrams use aio-mermaid instead.
offboarding-auditor
当程序员离职、转岗或交接项目时,审计其负责的代码与文档的「可继承性」——即新人能否在不联系原作者的前提下,独立把项目跑起来、看懂、改动、部署运维并接手未完成的工作。识���随人流失的隐性知识与 Bus Factor 风险,产出分级审计报告、可继承度评分和「离职前待补清单」。触发词:离职审计、交接审计、handover audit、项目继承、知识交接、bus factor、人走前检查。
setup-test-infrastructure
Use this skill when the user wants to configure containers or Docker infrastructure for .NET integration tests. Trigger on: "set up containers for my tests", "configure docker for integration tests", "add testcontainers", "generate docker-compose for my tests", "set up test infrastructure", "what containers do I need", "configure test dependencies". Also invoked as a sub-skill when scaffolding a new integration test project.
ctfd
Use when developing, debugging, deploying, or maintaining any CTFd instance or fork - Docker stack issues, plugin development, CSRF 302 errors, theme customization, database migrations, nginx proxy misconfig, SQLAlchemy 1.4 gotchas, pytest test infrastructure, or API 500 responses
glitchtip
Use when deploying, configuring, integrating, or troubleshooting GlitchTip — including self-hosted installation, SDK setup, source maps, sentry-cli, uptime monitoring, alerting, environment variables, Docker Compose, Helm, social auth, and migration from Sentry
ofelia
Use when scheduling tasks in Docker environments with Ofelia — configuring job-exec, job-run, job-local, job-service-run via INI files or Docker labels, cron scheduling, overlap prevention, logging to Slack/email/disk, Docker Compose integration, Swarm services, and troubleshooting scheduled container jobs
iac
Config & container security review. Scans Dockerfiles, Kubernetes/Compose manifests, and Terraform/IaC for misconfigurations (privileged containers, root, unpinned images, hardcoded secrets, public network/storage, disabled TLS); the iac-reviewer agent confirms each in context and promotes real ones into .kuzushi/findings.json (source "iac"). Distinct from /sast (source injection) and the insecure-defaults companion (app config values).
dependabot
Comprehensive guide for configuring and managing GitHub Dependabot. Use this skill when users ask about creating or optimizing dependabot.yml files, managing Dependabot pull requests, configuring dependency update strategies, setting up grouped updates, monorepo patterns, multi-ecosystem groups, security update configuration, auto-triage rules, or any GitHub Advanced Security (GHAS) supply chain security topic related to Dependabot.
fs-update
Check all dependencies for updates, auto-apply safe patch-level npm upgrades, flag CVEs as high priority, prompt for decisions on minor/major/Docker/Actions changes, then commit and display a summary table.
dotnet-interview-notes
Expert .NET technical mentor that generates concise, revision-friendly developer notes and interview preparation material. Use this skill whenever the user asks for .NET notes, interview prep, revision material, or topic summaries on any of: ASP.NET Core, EF Core, SQL Server, JWT, Identity Framework, WPF, JavaScript, React, Docker, Azure, CI/CD, or AI Integration with .NET. Also trigger when user says things like "give me notes on X", "explain X for an interview", "quick revision of X", "interview questions for X", "summarize X for me", or "I have an interview on X". Always use this skill — do not write freeform notes from memory without consulting it.
deploy
Rebuild and redeploy a changed service to production (gateway, client, or both)
container-expert
Container orchestration expert including Docker, Kubernetes, Helm, and service mesh
agent-skill-deploy
Deploys agent skill collections from any GitHub repository with a /skills folder to one or more distribution surfaces: GitHub releases, Claude Code marketplace, VS Code plugin marketplace, and Copilot CLI plugin marketplace. Handles pre-flight validation, conventional commit analysis, version bumping across surface configs, and surface-specific publishing with dry-run support. Use when releasing, publishing, or deploying a skills collection to any supported marketplace or creating a GitHub release for a skills repository. Don't use for deploying non-skill packages, npm modules, Docker images, or Azure resources.
aws
AWS hosting and deployment patterns covering compute (EC2, ECS, Lambda), networking (ALB, CloudFront, Route 53, API Gateway), databases (RDS, ElastiCache), infrastructure-as-code (CDK), IAM, monitoring (CloudWatch), and cost optimization. Use when deploying applications to AWS or designing cloud architecture. Triggers on AWS, EC2, ECS, Fargate, Lambda, CloudFront, CDK, API Gateway, Route 53, RDS, IAM.
deploy-script-review
배포 스크립트의 보안·안전성 리뷰를 수행한다. 롤백 절차, 장애 대응, 권한 설정을 점검한다.
docker
Build and run Docker containers and compose stacks
spring-microservices-architect
Production-grade governance agent for Spring Boot microservices. Scaffolds projects iteratively using capability-based layering, enforces coding standards, and validates against battle-tested reference patterns. Fully portable — works with any domain. USE FOR: microservice, Spring Boot, scaffold, Docker compose, kubernetes, helm, eureka, gateway, resilience4j, reactive, spring cloud, openapi, persistence, security, oauth, tracing, zipkin, monitoring, prometheus, grafana, native compilation, graalvm, code review, architecture review, quality gate, governance, spring cloud stream, rabbitmq, kafka, testcontainers, mapstruct, service discovery, edge server, config server, circuit breaker, distributed tracing, entity, entities, domain model, generate entity, persistence model, create entity, MongoDB document, JPA entity, MapStruct mapper, repository, test, verify, validate, TDD, test-driven, failing test, integration test, build check, regression test, quality check, security database, MFA, multi-factor, WebAuthn,
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimi...
project-analyzer
Scan project directory to identify tech stack, frameworks, work patterns, and toolchain. Outputs structured project profile for agent-gap-analyzer. Use when onboarding a new project or auditing project characteristics.
nginx-default-conf
Generates nginx.default.conf for nginx conf.d directory configuration. Serves static files from /usr/share/nginx/html.
preparing-iac-deployment
Prepares IaC project deployment by analyzing the current project and generating K8s manifests, Dockerfiles, CI/CD workflows in standardized structure. Use for "배포 준비", "IaC 설정", "k8s 매니페스트", "deploy prep" requests.
add-cli
Add a new CLI binary (or wire missing auth/persistence for an existing one) to the toolbox image — Dockerfile layer + version ARG + opt-out flag + `internal/config/tools.go` entry + `smoke-test.sh` check + Renovate `customManager` + (when the CLI persists state) `~/.toolbox/<tool>` bind-mount in `internal/mountplan/defaults.go`. Use this whenever the user says things like "add <X> to the toolbox", "install <X> in the container", "put <X> in the image", "add <X> CLI", "wire auth for <X>", "persist <X> credentials", "save <X> authentication", or names a binary they want available inside `toolbox shell`. Also use it when an audit shows a CLI is in the Dockerfile but its credentials don't survive `toolbox stop` — that's the gws-style half-installed case this skill explicitly handles. Always perform the edits autonomously and finish with `/verify`; don't hand the user a checklist to apply themselves.
verify
Run the toolbox repo's pre-push validation — golangci-lint, go tests, and (when the image is built) the bundled-CLI smoke test. Mirrors the PR CI in `.github/workflows/ci.yml`, so green locally means green on CI. Use this before marking any code change "done", before opening a PR, or any time the user says things like "verify", "check it passes", "are we good to push", "è tutto a posto prima del commit". Always prefer this over running `go test` or `golangci-lint` ad-hoc, because Go is not installed on the host and this skill already encodes the containerised pattern.
create-migration
Create a new Drizzle migration file with correct naming and update the migration journal
project-card
Генерирует HTML-карточку проекта с полной технической информацией: сервер, домен, репо, CI/CD, DNS, аналитика, логины/пароли, полезные команды. Оформляет в фирменном стиле проекта (цвета, шрифты, лого). Файл для печати в PDF (Ctrl+P), один лист A4. Use when: "карточка проекта", "project card", "project-card", "собери карточку", "техническая карточка", "инфо по проекту", "собери данные проекта", "сделай паспорт проекта"
dr
Use when the user wants to check if axon services are healthy, diagnose connectivity problems, verify Qdrant/TEI/Chrome are reachable, troubleshoot why axon isn't working, or run a health check. Triggers on "axon doctor", "check axon health", "is axon working", "troubleshoot axon", "why is axon failing", "check services", "health check", "can axon connect to". Always run this first when something seems broken.
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimi...
devops-engineer
Senior DevOps engineer specializing in Docker, Kubernetes, CI/CD pipelines, cloud infrastructure (AWS/GCP/Azure), and deployment automation. Use when setting up deployment pipelines, containerizing applications, or managing cloud infrastructure.
chess
Play a quick chess puzzle right in the terminal — fetches a random tactic from ChessBout, renders a bordered Unicode board, and lets you find the best move from 4 choices. Use this skill whenever the user asks for a chess puzzle, wants to play chess, says "give me a puzzle", mentions chess tactics, or anything related to solving chess positions. Even casual mentions like "I'm bored", "anything fun to do while I wait", "kill some time", or "brain teaser" should trigger this skill. Proactive suggestion: When you launch a background task that will take a while (builds, CI pipelines, test suites, deployments, large installs, docker builds, terraform apply, database migrations), consider mentioning the chess skill as a casual aside — something like "While that runs — want a quick chess puzzle? Type /chess". Use good judgment: suggest it once early in a session when there's a natural idle moment, not after every single command. If the user ignores or declines, don't bring it up again.
boxlang-runtime-commandbox
Use this skill when deploying BoxLang as an enterprise Java servlet application using CommandBox, configuring server.json for BoxLang, installing BoxLang modules, enabling SSL and rewrites, using BoxLang+ or BoxLang++ subscriptions with CommandBox PRO features, and production server configuration.
boxlang-runtime-digitalocean-app
Use this skill when deploying BoxLang applications to DigitalOcean App Platform using the official BoxLang starter kit, setting up auto-deployment from GitHub, and understanding the MiniServer + multi-stage Docker build architecture used in the starter.
boxlang-runtime-docker
Use this skill when containerizing BoxLang applications with Docker, including choosing the right image variant, running scripts, the MiniServer web runtime, environment variables, health checks, volume mounts, Docker Compose, and production deployment patterns.
boxlang-runtime-wasm-container
Use this skill when compiling BoxLang applications to server-side WebAssembly (WASM) using MatchBox's --target wasm flag, running WASM with Wasmtime or WasmEdge, building minimal OCI containers from WASM binaries, and deploying to edge platforms like Fastly Compute or Cloudflare Workers (WASI).
docker-debug-containers
Debug Docker container failures using inspect, logs, exec, resource checks, and targeted remediation steps
ai-rollback
Rollback a bad release or revert a merged PR. Use when something broke after a merge or release. Also triggered by 'something broke', 'undo the last release', 'revert'.
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimi...
blueprint-web-micronaut-solidstart
Specialized blueprint for crafting full-stack web applications using Micronaut (Java 21) and SolidStart (TypeScript) for a team environment. This skill orchestrates the entire SDLC, from discovery and documentation scaffolding to build configuration (Gradle/Bun), CI/CD pipelines, and Docker containerization. Includes strict anti-hallucination guardrails and API contract governance to keep AI agents and human developers perfectly synchronized. Triggers: "blueprint web app micronaut solidstart", "new fullstack java typescript project", "setup micronaut solidstart blueprint", "generate ci cd for micronaut solidstart", "dockerize micronaut solidstart", "rancang web app java solidstart".
go-dev
Use when the user asks to implement, refactor, test, debug, or review Go code, Go modules, error handling, concurrency, interfaces, generics, or go test/build/vet failures.
orbit-docker-site
Spin up, manage, and troubleshoot a WordPress test site (wp-env / wp-now / Docker) for Orbit. Use when the user says "create test site", "spin up WP", "wp-env", "Docker WordPress", "I need a local WP", "site not loading", or any browser test fails because the site isn't running. Walks them from "no site" to "site at localhost:8881 with plugin installed and Query Monitor active".
synapse-applications
Build a new Synapse App as an OCI image and publish it to the Datamaker registry so the workspace can install it via the App Store. Use when the user asks to create/scaffold a Synapse App, sub-app, plugin, iframe app, or embedded dashboard, or mentions synapse-app.yaml, /plugins registry, apiVersion synapse.datamaker.io/v1, or the iframe bridge. Supports React, Vue, Next.js, Nuxt 3, Gradio, Streamlit, Static HTML, Django, FastAPI (priority in that order).
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimi...
uv-package-manager
Master the uv package manager for fast Python dependency management, virtual environments, and modern Python project workflows. Use when setting up Python projects, managing dependencies, or optimi...
flowai-skill-setup-ai-ide-devcontainer
Set up .devcontainer for AI IDE development. Generates devcontainer.json and optional Dockerfile for project tech stack, AI CLI integration (Claude Code, OpenCode), secrets, skill mounting, and security hardening. Use for AI-assisted devcontainer setup or flowai-init delegation.
git-workflow-patterns
Use this skill when working on branching, PRs, commits, or releases. Triggers on: branch naming, PR workflow, commit messages, release strategy, or mentions of "branch", "PR", "commit", "release", "versioning", "changelog", or "git workflow".
create-docker-compose
Create Docker Compose structure
Integration detected automatically from skill content. Some results may be false positives.