GitLab
DevToolsCommonly used with
Skills using GitLab (341)
markdown-mermaid-writing
Comprehensive markdown and Mermaid diagram writing skill. Use when creating any scientific document, report, analysis, or visualization. Establishes text-based diagrams as the default documentation standard with full style guides (markdown + mermaid), 24 diagram type references, and 9 document templates.
cs-senior-engineer
Senior Engineer agent for architecture decisions, code review, DevOps, and API design. Orchestrates engineering and engineering-team skills for technical implementation work. Spawn when users need system design, code quality review, CI/CD pipeline setup, or infrastructure decisions.
sast-configuration
Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.
apex-takeover
System takeover — take ownership of an existing codebase or inherited system. Use when "we acquired this", "previous team left", "take over this system", "inherited this codebase".
coderabbit-common-errors
Diagnose and fix CodeRabbit common errors and configuration issues. Use when CodeRabbit is not reviewing PRs, posting duplicate comments, ignoring configuration, or behaving unexpectedly. Trigger with phrases like "coderabbit error", "fix coderabbit", "coderabbit not working", "debug coderabbit", "coderabbit broken".
coderabbit-cost-tuning
Optimize CodeRabbit costs through seat management, repo selection, and review scope tuning. Use when analyzing CodeRabbit billing, reducing per-seat costs, or implementing usage monitoring and budget optimization. Trigger with phrases like "coderabbit cost", "coderabbit billing", "reduce coderabbit costs", "coderabbit pricing", "coderabbit expensive", "coderabbit budget".
coderabbit-debug-bundle
Collect CodeRabbit debug evidence for support tickets and troubleshooting. Use when encountering persistent issues, preparing support tickets, or collecting diagnostic information for CodeRabbit problems. Trigger with phrases like "coderabbit debug", "coderabbit support bundle", "coderabbit diagnostic", "coderabbit not working evidence".
coderabbit-deploy-integration
Roll out CodeRabbit across an organization: multi-repo deployment, org-level config, and team onboarding. Use when deploying CodeRabbit org-wide, creating shared configurations, or onboarding development teams to AI code review. Trigger with phrases like "deploy coderabbit", "coderabbit org rollout", "coderabbit multi-repo", "coderabbit onboarding", "coderabbit team setup".
coderabbit-enterprise-rbac
Configure CodeRabbit enterprise access control, seat management, and organization policies. Use when managing who gets AI reviews, configuring organization-level defaults, or implementing access policies for CodeRabbit across teams. Trigger with phrases like "coderabbit SSO", "coderabbit RBAC", "coderabbit enterprise", "coderabbit roles", "coderabbit permissions", "coderabbit seats".
coderabbit-hello-world
Create a minimal working CodeRabbit configuration and trigger your first AI review. Use when starting with CodeRabbit, testing your setup, or learning basic .coderabbit.yaml patterns. Trigger with phrases like "coderabbit hello world", "coderabbit example", "coderabbit quick start", "first coderabbit review".
coderabbit-install-auth
Install and configure CodeRabbit AI code review on GitHub or GitLab repositories. Use when setting up CodeRabbit for the first time, installing the GitHub App, configuring the CLI, or connecting CodeRabbit to your repositories. Trigger with phrases like "install coderabbit", "setup coderabbit", "coderabbit auth", "configure coderabbit", "add coderabbit to repo".
coderabbit-migration-deep-dive
Migrate to CodeRabbit from other code review tools or roll out across a large organization. Use when switching from another AI review tool, migrating from manual-only reviews, or planning a phased CodeRabbit adoption strategy. Trigger with phrases like "migrate to coderabbit", "coderabbit migration", "switch to coderabbit", "coderabbit from reviewbot", "adopt coderabbit", "replace code review tool".
coderabbit-observability
Monitor CodeRabbit review effectiveness with metrics, dashboards, and alerts. Use when tracking review coverage, measuring comment acceptance rates, or building dashboards for CodeRabbit adoption across your organization. Trigger with phrases like "coderabbit monitoring", "coderabbit metrics", "coderabbit observability", "monitor coderabbit", "coderabbit alerts", "coderabbit dashboard".
coderabbit-sdk-patterns
Apply production-ready CodeRabbit automation patterns using GitHub API and PR comments. Use when building automation around CodeRabbit reviews, processing review feedback programmatically, or integrating CodeRabbit into custom workflows. Trigger with phrases like "coderabbit automation", "coderabbit API patterns", "automate coderabbit", "coderabbit github api", "process coderabbit reviews".
coderabbit-webhooks-events
Implement CodeRabbit webhook signature validation and event handling. Use when setting up webhook endpoints, implementing signature verification, or handling CodeRabbit event notifications securely. Trigger with phrases like "coderabbit webhook", "coderabbit events", "coderabbit webhook signature", "handle coderabbit events", "coderabbit notifications".
documenso-security-basics
Implement security best practices for Documenso document signing integrations. Use when securing API keys, configuring webhooks securely, or implementing document security measures. Trigger with phrases like "documenso security", "secure documenso", "documenso API key security", "documenso webhook security".
evernote-ci-integration
Configure CI/CD pipelines for Evernote integrations. Use when setting up automated testing, continuous integration, or deployment pipelines for Evernote projects. Trigger with phrases like "evernote ci", "evernote github actions", "evernote pipeline", "automate evernote tests".
klingai-ci-integration
Integrate Kling AI video generation into CI/CD pipelines. Use when automating video content in GitHub Actions or GitLab CI. Trigger with phrases like 'klingai ci', 'kling ai github actions', 'klingai automation', 'automated video generation'.
lokalise-reference-architecture
Implement Lokalise reference architecture with best-practice project layout. Use when designing new Lokalise integrations, reviewing project structure, or establishing architecture standards for Lokalise applications. Trigger with phrases like "lokalise architecture", "lokalise best practices", "lokalise project structure", "how to organize lokalise", "lokalise layout".
maintainx-ci-integration
Integrate MaintainX API testing into CI/CD pipelines. Use when setting up automated testing, configuring CI workflows, or implementing continuous integration for MaintainX integrations. Trigger with phrases like "maintainx ci", "maintainx github actions", "maintainx pipeline", "maintainx automated testing", "maintainx ci/cd".
orchestrating-test-execution
Test coordinate parallel test execution across multiple environments and frameworks. Use when performing specialized testing. Trigger with phrases like "orchestrate tests", "run parallel tests", or "coordinate test execution".
sentry-ci-integration
Integrate Sentry into CI/CD pipelines for automated release creation, source map uploads, and deploy notifications. Use when setting up GitHub Actions, GitLab CI, or CircleCI to automate Sentry releases, upload source maps, or associate commits with deploys. Trigger with phrases like "sentry github actions", "sentry CI pipeline", "automate sentry releases", "sentry source map upload CI", "sentry gitlab ci", "sentry circleci".
sentry-deploy-integration
Track deployments and release health in Sentry. Use when configuring deployment tracking, release health monitoring, or connecting CI/CD deploys to error data in Sentry. Trigger with phrases like "sentry deploy tracking", "sentry release health", "track deployments sentry", "sentry deployment notification", "sentry suspect commits", "compare sentry releases".
sentry-security-basics
Configure Sentry security settings and data protection. Use when setting up PII scrubbing, managing sensitive data, configuring data scrubbing rules, or hardening Sentry for compliance. Trigger with phrases like "sentry security", "sentry PII", "sentry data scrubbing", "secure sentry", "sentry GDPR".
vercel-install-auth
Install Vercel CLI and configure API token authentication. Use when setting up Vercel for the first time, creating access tokens, or initializing a project with vercel link. Trigger with phrases like "install vercel", "setup vercel", "vercel auth", "configure vercel token", "vercel login".
gitlab-automation
Automate GitLab project management, issues, merge requests, pipelines, branches, and user operations via Rube MCP (Composio). Always search tools first for current schemas.
gitlab-ci-patterns
Comprehensive GitLab CI/CD pipeline patterns for automated testing, building, and deployment.
mlops-engineer
Build comprehensive ML pipelines, experiment tracking, and model registries with MLflow, Kubeflow, and modern MLOps tools.
progressive-estimation
Estimate AI-assisted and hybrid human+agent development work with research-backed PERT statistics and calibration feedback loops
readme
You are an expert technical writer creating comprehensive project documentation. Your goal is to write a README.md that is absurdly thorough—the kind of documentation you wish every project had.
sast-configuration
Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.
markdown-mermaid-writing
Comprehensive markdown and Mermaid diagram writing skill that establishes text-based diagrams as the DEFAULT documentation standard. Use this skill when creating ANY scientific document, report, analysis, or visualization — it ensures all outputs are in version-controlled, token-efficient markdown with embedded Mermaid diagrams as the source of truth, with clear pathways to downstream Python or AI-generated images. Includes full style guides (markdown + mermaid), 24 diagram type references, and 9 document templates ready to use.
gitlab-ci-basics
Manage gitlab ci basics operations. Auto-activating skill for DevOps Basics. Triggers on: gitlab ci basics, gitlab ci basics Part of the DevOps Basics skill category. Use when working with gitlab ci basics functionality. Trigger with phrases like "gitlab ci basics", "gitlab basics", "gitlab".
gitlab-epic-creator
Create gitlab epic creator operations. Auto-activating skill for Enterprise Workflows. Triggers on: gitlab epic creator, gitlab epic creator Part of the Enterprise Workflows skill category. Use when working with gitlab epic creator functionality. Trigger with phrases like "gitlab epic creator", "gitlab creator", "gitlab".
building-devsecops-pipeline-with-gitlab-ci
Design and implement a comprehensive DevSecOps pipeline in GitLab CI/CD integrating SAST, DAST, container scanning, dependency scanning, and secret detection.
detecting-aws-credential-exposure-with-trufflehog
Detecting exposed AWS credentials in source code repositories, CI/CD pipelines, and configuration files using TruffleHog, git-secrets, and AWS-native detection mechanisms to prevent credential theft and unauthorized account access.
implementing-api-security-testing-with-42crunch
Implement comprehensive API security testing using the 42Crunch platform to perform static audit and dynamic conformance scanning of OpenAPI specifications.
implementing-aqua-security-for-container-scanning
Deploy Aqua Security's Trivy scanner to detect vulnerabilities, misconfigurations, secrets, and license issues in container images across CI/CD pipelines and registries.
implementing-devsecops-security-scanning
Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) into CI/CD pipelines using open-source tools. Covers Semgrep for SAST, Trivy for SCA and container scanning, OWASP ZAP for DAST, and Gitleaks for secrets detection. Activates for requests involving DevSecOps pipeline setup, automated security scanning in CI/CD, SAST/DAST/SCA integration, or shift-left security implementation.
implementing-secret-scanning-with-gitleaks
This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories. It addresses configuring pre-commit hooks, CI/CD pipeline integration, custom rule authoring for organization-specific secrets, baseline management for existing repositories, and remediation workflows for exposed credentials.
implementing-secrets-scanning-in-ci-cd
Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment
integrating-dast-with-owasp-zap-in-pipeline
This skill covers integrating OWASP ZAP (Zed Attack Proxy) for Dynamic Application Security Testing in CI/CD pipelines. It addresses configuring baseline, full, and API scans against running applications, interpreting ZAP findings, tuning scan policies, and establishing DAST quality gates in GitHub Actions and GitLab CI.
performing-container-security-scanning-with-trivy
Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed secrets, and license compliance issues using Aqua Security Trivy with SBOM generation and CI/CD integration.
performing-sca-dependency-scanning-with-snyk
This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source dependencies in CI/CD pipelines. It addresses scanning package manifests and lockfiles, automated fix pull request generation, license compliance checking, continuous monitoring of deployed applications, and integration with GitHub, GitLab, and Jenkins pipelines.
performing-soc2-type2-audit-preparation
Automates SOC 2 Type II audit preparation including gap assessment against AICPA Trust Services Criteria (CC1-CC9), evidence collection from cloud providers and identity systems, control testing validation, remediation tracking, and continuous compliance monitoring. Covers all five TSC categories (Security, Availability, Processing Integrity, Confidentiality, Privacy) with automated evidence gathering from AWS, Azure, GCP, Okta, GitHub, and Jira. Use when preparing for or maintaining SOC 2 Type II certification.
ci-all
Full CI pipeline: run local tests, type check, push branch, and return the pipeline URL. The only command you need before opening a PR.
release
Generic release assistant — analyzes repo release rules, caches them in .omc/RELEASE_RULE.md, then guides the release
cicd-pipelines
Multi-platform CI/CD pipeline expertise. Generate GitHub Actions, GitLab CI, Jenkins, and Azure Pipelines configurations. Analyze failures, optimize execution time, validate syntax, and configure matrix builds and caching strategies.
playwright
Playwright E2E testing, page objects, fixtures, visual regression, accessibility testing, and CI integration patterns.
do-issue
Parallel subagent execution with code review gates between task batches for issue resolution
git-platform
Git platform detection and cross-platform command mapping for GitHub, GitLab, and Bitbucket
workflow-monitor
Detect workflow failures and inefficient patterns, then create GitHub issues for improvement via /fix-workflow.
workflow-setup
Configures GitHub Actions CI/CD workflows for testing, linting, and deployment. Use when setting up automation for a Python, Rust, or TypeScript project.
claude-docs-consultant
Consult official Claude Code documentation from code.claude.com using selective fetching. Use when working on hooks, skills, subagents, plugins, agent teams, MCP servers, permissions, settings, CI/CD (GitHub Actions, GitLab), IDE extensions (VS Code, JetBrains), desktop/web app features, scheduling, memory/CLAUDE.md, deployment (Bedrock, Vertex, Foundry), sandboxing, monitoring, or any Claude Code feature requiring official docs. Fetches only the specific docs needed per task.
gitlab-automation
Automate GitLab project management, issues, merge requests, pipelines, branches, and user operations via Rube MCP (Composio). Always search tools first for current schemas.
playwright-e2e-builder
Plan and build comprehensive Playwright E2E test suites with Page Object Model, authentication state persistence, custom fixtures, visual regression, and CI integration. Uses interview-driven planning to clarify critical user flows, auth strategy, test data approach, and parallelization before writing any tests.
qodo-pr-resolver
Review and resolve PR issues with Qodo - get AI-powered code review issues and fix them interactively (GitHub, GitLab, Bitbucket, Azure DevOps)
qodo-pr-resolver
Review and resolve PR issues with Qodo - get AI-powered code review issues and fix them interactively (GitHub, GitLab, Bitbucket, Azure DevOps)
skillshare
Manages and syncs AI CLI skills and agents across 50+ tools from a single source. Use this skill whenever the user mentions "skillshare", runs skillshare commands, manages skills or agents (install, update, uninstall, sync, commit, audit, analyze, check, diff, search), or troubleshoots skill/agent configuration (orphaned symlinks, broken targets, sync issues). Covers both global (~/.config/skillshare/) and project (.skillshare/) modes. Also use when: adding new AI tool targets (Claude, Cursor, Windsurf, etc.), setting target include/exclude filters or copy vs symlink mode, using backup/restore or trash recovery, piping skillshare output to scripts (--json), setting up CI/CD audit pipelines, building/sharing skill hubs (hub index, hub add), or working with agents (single .md files synced to agent-capable targets like Claude, Cursor, Augment, OpenCode) via positional `agents` filter or `--kind agent`, plus `.agentignore` and `enable`/`disable` for per-agent toggles.
ci-pipeline
Push current branch and return the pipeline tracking URL (GitLab or GitHub Actions)
ci-status
Show current pipeline status for the active branch (GitLab CI or GitHub Actions)
devops-engineer
Creates Dockerfiles, configures CI/CD pipelines, writes Kubernetes manifests, and generates Terraform/Pulumi infrastructure templates. Handles deployment automation, GitOps configuration, incident response runbooks, and internal developer platform tooling. Use when setting up CI/CD pipelines, containerizing applications, managing infrastructure as code, deploying to Kubernetes clusters, configuring cloud platforms, automating releases, or responding to production incidents. Invoke for pipelines, Docker, Kubernetes, GitOps, Terraform, GitHub Actions, on-call, or platform engineering.
changelog-generator
Automated changelog generation from commits and PRs
cross-platform-test-matrix
Generate CI test matrix for Windows, macOS, and Linux combinations
file-guard
PreToolUse protection blocking sensitive file access across 195+ patterns in 12 categories with bash pipeline analysis and multi-tool ignore support.
idp-configurator
Configure Internal Developer Platform (IDP) components
percy-visual-testing
Percy visual testing platform integration for visual regression detection
init
Set up Playwright in a project. Use when user says "set up playwright", "add e2e tests", "configure playwright", "testing setup", "init playwright", or "add test infrastructure".
pr-review-expert
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
oma-scm
SCM (software configuration management) and Git: branching, merges, conflicts, worktrees, baselines, audit readiness, plus Conventional Commits and safe staging.
oma-search
Intent-based search router with trust scoring. Routes queries to optimal channels (Context7 docs, native web search, gh/glab code search, Serena local) and attaches domain trust labels. Use for search, find, lookup, reference, docs, code search, and web research.
building-cicd-pipelines
This skill enables Claude to generate CI/CD pipeline configurations for various platforms, including GitHub Actions, GitLab CI, and Jenkins. It is used when a user requests the creation of a CI/CD pipeline, specifies a platform (e.g., "GitHub Actions"), or mentions specific pipeline stages like "test," "build," "security," or "deploy." This skill is also useful when the user needs to automate software delivery, integrate security scanning, or set up multi-environment deployments. The skill is triggered by terms such as "CI/CD pipeline," "GitHub Actions pipeline," "GitLab CI configuration," or "Jenkins pipeline."
orchestrating-deployment-pipelines
This skill orchestrates complex, multi-stage deployment pipelines. It generates production-ready configurations and setup code based on user-specified requirements and infrastructure. Use this skill when the user asks to create a deployment pipeline, generate CI/CD configurations, or needs help with automating software deployments. Trigger terms include "deployment pipeline", "CI/CD", "automate deployment", "pipeline configuration", and "deployment orchestration".
yaml-master
PROACTIVE YAML INTELLIGENCE: Automatically activates when working with YAML files, configuration management, CI/CD pipelines, Kubernetes manifests, Docker Compose, or any YAML-based workflows. Provides intelligent validation, schema inference, linting, format conversion (JSON/TOML/XML), and structural transformations with deep understanding of YAML specifications and common anti-patterns.
ci
Detect/generate/debug CI pipeline config (GitHub Actions, GitLab CI). Triggers: CI setup, build pipeline, GitHub Actions config, debug CI, GitLab CI.
ci-cd-patterns
CI/CD: GitHub Actions, GitLab CI, Jenkins, caching, blue-green, canary. Triggers: CI, CD, pipeline, GitHub Actions, workflow YAML, release, canary, rollout.
changelog-automation
Automate changelog generation from commits, PRs, and releases following Keep a Changelog format. Use when setting up release workflows, generating release notes, or standardizing commit conventions.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
ci-cd-pipelines
Use this skill when setting up CI/CD pipelines, configuring GitHub Actions, implementing deployment strategies, or automating build/test/deploy workflows. Triggers on GitHub Actions, CI pipeline, CD pipeline, deployment automation, blue-green deployment, canary release, rolling update, build matrix, artifacts, and any task requiring continuous integration or delivery setup.
cicd-pipeline-generator
Generate CI/CD pipelines for SDK build and release
ci-cd-pipeline-builder
CI/CD Pipeline Builder
changelog-generator
智能变更日志生成器 - 自动分析Git提交历史,生成符合规范的CHANGELOG.md。支持语义化版本管理、多种输出格式、增量更新和GitHub/GitLab集成。
sveltia-cms
Sveltia CMS Git-backed content management (Decap/Netlify CMS successor). 5x smaller bundle (300 KB), GraphQL performance, solves 260+ issues. Use for static sites (Hugo, Jekyll, 11ty, Gatsby, Astro, Next.js), blogs, docs, i18n, or encountering OAuth errors, TOML/YAML issues, CORS problems, content listing errors.
ci-cd
Design CI/CD pipelines for GitHub Actions, GitLab CI, and CircleCI with matrix builds, test sharding, caching, Docker layer caching, OIDC auth, deployment strategies (rolling, blue-green, canary), auto-rollback, self-hosted runners, and environment protection with manual approvals. Use when user asks to set up CI/CD, write a pipeline, configure GitHub Actions/GitLab CI/CircleCI, automate deployments, or set up build/test/deploy workflows. Do NOT use for Dockerfile authoring (use docker), K8s manifests (use kubernetes), or Terraform config (use terraform).
turborepo-monorepo
Provides comprehensive Turborepo monorepo management guidance for TypeScript/JavaScript projects. Use when creating Turborepo workspaces, configuring turbo.json tasks, setting up Next.js/NestJS apps, managing test pipelines (Vitest/Jest), configuring CI/CD, implementing remote caching, or optimizing build performance in monorepos
devops
DevOps - Docker, CI/CD, cloud infra, monitoring.
review
Review the changes since a fixed point (commit, branch, tag, or merge-base) along two axes — Standards (does the code follow this repo's documented coding standards?) and Spec (does the code match what the originating issue/PRD asked for?). Runs both reviews in parallel sub-agents and reports them side by side. Use when the user wants to review a branch, a PR, work-in-progress changes, or asks to "review since X".
securing-cloud-and-supply-chain
云原生与软件供应链安全防御。容器/K8s 加固、Service Mesh、CI/CD 安全、SLSA/SBOM/Sigstore、云 IAM、Secrets 管理、IaC 安全。Use when hardening Kubernetes clusters, auditing CI/CD pipelines, implementing supply chain security, managing cloud IAM, or reviewing IaC code.
webhook-subscriptions
Create and manage webhook subscriptions for event-driven agent activation. Use when the user wants external services to trigger agent runs automatically.
review
Review the changes since a fixed point (commit, branch, tag, or merge-base) along two axes — Standards (does the code follow this repo's documented coding standards?) and Spec (does the code match what the originating issue/PRD asked for?). Runs both reviews in parallel sub-agents and reports them side by side. Use when the user wants to review a branch, a PR, work-in-progress changes, or asks to "review since X".
chinese-git-workflow
适配国内 Git 平台和团��习惯的工作流规范——Gitee、Coding、极狐 GitLab 全覆盖
ralphex-adopt
Convert plans from various source formats (OpenSpec, spec-kit, GitHub/GitLab issues with checklists, generic task-lists, free-form markdown) into ralphex-format plans in docs/plans/. Triggers on "ralphex-adopt", "adopt plan", "convert plan to ralphex", "import plan as ralphex".
building-devsecops-pipeline-with-gitlab-ci
Design and implement a comprehensive DevSecOps pipeline in GitLab CI/CD integrating SAST, DAST, container scanning, dependency scanning, and secret detection.
implement-issue
Implement a GitHub issue or GitLab issue and create a PR/MR
review-pr
Review a pull request (GitHub) or merge request (GitLab) and provide detailed feedback
h-onboard
First-setup ceremony for a project that does not yet use haft — the agent reads the repository, drafts the minimum FPF carriers (target system, enabling system, term map) from observed code/docs, and presents them to the operator for review. The operator is NOT asked to author spec files from scratch — that defeats the value of having an AI agent. Make sure to use this skill whenever the repository has no `.haft/` directory yet, when the user says "set up haft here", "onboard this project", "initialize FPF", "first time using haft in this repo", "let's add haft to this project", "scaffold haft for this codebase" — or whenever they want to start recording decisions but the artifact graph is not scaffolded. NOT for ongoing work in a project that already has `.haft/` (use h-status). NOT for framing one specific problem (use h-frame).
cloudflare-workers-ci-cd
Complete CI/CD guide for Cloudflare Workers using GitHub Actions and GitLab CI. Use for automated testing, deployment pipelines, preview environments, secrets management, or encountering deployment failures, workflow errors, environment configuration issues.
nuxt-studio
This skill should be used when the user asks to "set up Nuxt Studio", "configure Studio OAuth", "deploy Studio to Cloudflare", "add visual editor to Nuxt", "configure studio.domain.com subdomain", "Studio authentication", "Nuxt CMS", or mentions visual content editing, Nuxt Studio module, TipTap editor, Monaco editor, or content management for Nuxt websites.
github-unban-master
GitHub 解封 — 账号封禁/限制/恢复的领域操作系统。覆盖:(a) GitHub 官方政策体系 (TOS / 可接受使用政策 / Trust & Safety 执行模式 / 公开申诉路径 / 受制裁地区解读);(b) 封号原因诊断学 (spam / abuse / 制裁误标 / 2FA 丢失 / ToS 违规 / 账号劫持误判 / ban evasion 等子��型 + 症状→原因映射 + 自我分诊压测);(c) 申诉实操 craft (写一封能让 T&S 快速判误伤的英文申诉信 + 升级阶梯 + 法务介入边界 + Don'ts);(d) 制裁与合规硬边界 (OFAC SDN 名单 / 哪些国家或地区真不可达 / VPN 误判路径 / 中国大陆不是美国制裁地区的反复重申);(e) 中国大陆开发者特别处境 (sanctioned region 误标 + SMS 验证不支持 +86/+852 + Gitee/GitLab/Codeberg/JihuLab 备用迁移 + 私有自托管 Gitea/Forgejo);(f) 真实案例库 (~30+ 公开案例分类拆解:误伤 / 真违规 / 制裁误标三类各自赔率与申诉成功路径)。伦理锚绝不软化:不教 ban evasion / 不教撒谎式申诉 / 真违规承认改进 / 丢 2FA 无恢复因子则诚实告知 / 中国制裁误标靠申诉不靠换 VPN / 申诉 6 个月窗口必算清 / 约 3% (业内估) 真违规恢复 vs 约 79% (业内估) 误伤申诉成功率分层标。 (GitHub Account Reinstatement — the domain operating system for GitHub (and analogous platform) account suspension, restriction, appeal, and recovery. Covers: (a) GitHub official policy architecture (TOS / Acceptable Use Policies / Trust & Safety enforcement patterns / public appeals pathways / sanctioned-region interpretation); (b) suspension-cause diagnostics (
architecture
Use when the user asks to improve architecture, find refactoring opportunities, surface deepening opportunities, consolidate tightly-coupled modules, or make a codebase more testable and AI-navigable. Surfaces shallow modules and hypothetical seams using a precise vocabulary (Module / Interface / Implementation / Depth / Seam / Adapter / Leverage / Locality from LANGUAGE.md).
autopilot
Use this skill when running an autonomous session-orchestration loop. Chains session-start → session-plan → wave-executor → session-end for N iterations with kill-switches (SPIRAL, FAILED wave, carryover > 50%, max-hours, sub-threshold confidence). Reads Mode-Selector output (Phase B) to decide auto-execute vs. fallback. Writes one autopilot.jsonl record per loop run. Phase C scaffold (issue #277); implementation lives in scripts/lib/autopilot.mjs (Phase C-1 follow-up).
bootstrap
Use this skill when scaffolding the minimum repository structure required by session-orchestrator. Invoked automatically by the Bootstrap Gate when CLAUDE.md, Session Config, or bootstrap.lock is missing. Also available as /bootstrap for manual invocation. Three intensity tiers: fast (demos/spikes), standard (MVPs), deep (production/team).
brainstorm
Use when you have a feature idea but the scope or UX is still ambiguous — runs a lightweight Socratic design dialogue (3-5 AUQ rounds) and writes a spec markdown file. Use BEFORE /plan feature when product intent needs validation; skip to /plan feature when scope is already clear. HARD-GATE prevents any code work until the design is user-approved.
convergence-monitoring
Monitor iterative improvement loops for convergence. Three signals — shrinking diff, pass-rate plateau, velocity — drive a Stop/Continue/Investigate decision at each inter-wave checkpoint. Distinct from /evolve (retrospective) and session-reviewer (wave output review): convergence-monitoring answers "are we making progress?" not "was the last wave correct?". Primary consumer: /autoresearch loops and wave-executor inter-wave checkpoints.
daily
Use this skill when creating today's daily note in the Meta-Vault (03-daily/YYYY-MM-DD.md) with valid vaultFrontmatterSchema-compliant YAML frontmatter. Idempotent: re-running on the same day opens the existing note instead of overwriting. Use when starting a work day, capturing scratch notes, or bootstrapping the inbox flow.
discovery
Use this skill when running systematic quality discovery and issue detection. Runs modular probes adapted to the project's tech stack, presents findings interactively for user triage, and creates VCS issues for confirmed problems. Invoked standalone via /discovery or embedded in session-end.
docs-orchestrator
Use this skill when orchestrating documentation generation and updates within a session. Maps session scope to audience-specific docs tasks (User / Dev / Vault), dispatches the docs-writer agent with source-grounded prompts, and reports coverage gaps to session-end. Gated on `docs-orchestrator.enabled: true` in Session Config. Zero overhead when disabled.
domain-model
Use when the user wants to stress-test a plan against the existing domain model and documented decisions. Grilling session that interviews the user one question at a time, sharpens fuzzy terminology inline, updates CONTEXT.md lazily, and offers ADRs sparingly under a 3-criteria gate. Reads docs/adr/ and CONTEXT.md if present.
ecosystem-health
Monitor health across configured service endpoints, CI pipelines, and critical issues. Automatically invoked during session-start when ecosystem-health is enabled in Session Config.
evolve
Use this skill when extracting session patterns into reusable learnings. Three modes: analyze (extract from session history), review (edit/manage existing learnings), list (display active learnings). Manages .orchestrator/metrics/learnings.jsonl.
memory-cleanup
Use this skill when performing manual memory consolidation (Dream-equivalent). Reviews, consolidates, and prunes memory files under ~/.claude/projects/*/memory/. Run after major refactors, every 5+ sessions, or when memory quality degrades (broken links, stale references, contradictions, MEMORY.md > 200 lines). Invoke with /memory-cleanup.
mode-selector
Use this skill when performing deterministic mode selection for session-start. Reads Phase A STATE.md recommendations + (future) learnings, sessions, backlog, bootstrap signals and returns {mode, rationale, confidence, alternatives}. Pure-function contract — no side effects, no STATE.md writes. Phase B scaffold (issue #276); full heuristic is follow-up sub-issues.
peekaboo-driver
Use this skill when driving native-UI AX-tree snapshots and screenshots via steipete/peekaboo (MIT, macOS-only). Dispatched by `skills/test-runner/` to capture native-UI AX-tree snapshots + screenshots on macOS 15+ targets, and exits with deterministic JSON output the orchestrator can parse.
persona-panel
Use this skill when you need multi-persona parallel content review — domain experts, buyer personas, compliance reviewers, or custom catalog entries reviewing a target file or output. Dispatches N persona agents in parallel, consolidates verdicts via a configurable mode (voting-quorum, hard-gate-threshold, or coordinator-summary), and writes a timestamped sidecar to .orchestrator/persona-panel/. Invoked via /persona-panel <target-path>.
plan
Use this skill when performing structured project planning and PRD generation with three modes: new (project kickoff with repo scaffolding), feature (compact feature PRD), retro (data-driven retrospective). All modes share a researched Q&A engine that dispatches parallel Explore agents before each question wave, presents options via AskUserQuestion with recommendations, and produces documents with prioritized issue creation.
playwright-driver
Use this skill when executing web tests via the canonical `playwright` npm package (Microsoft, Apache-2.0). Dispatched by `skills/test-runner/` to execute web tests against a target, captures token-frugal AX-tree snapshots + screenshots + console output under `.orchestrator/metrics/test-runs/<run-id>/`, and exits with deterministic JSON output the orchestrator can parse.
session-end
Use this skill when performing a full session close-out: verifies all planned work against the agreed plan, creates issues for gaps, runs quality gates, commits cleanly, mirrors to GitHub, and produces a session summary. Triggered by /close command.
session-plan
Creates a structured wave execution plan with role-based assignment after user alignment. Decomposes agreed tasks into configurable waves (default 5) with optimal agent assignment, dependency ordering, and inter-wave checkpoints. Activated by session-start after Q&A phase completes.
session-start
Use this skill when initializing a session for any project repo. Autonomously analyzes git state, VCS issues, SSOT files, branches, environment, and cross-repo status. Then presents structured findings with recommendations for user alignment before creating a wave plan. Triggered by /session [housekeeping|feature|deep] command.
test-runner
Use this skill when orchestrating agentic end-to-end tests. Resolves target + profile, dispatches the right driver(s) (playwright for web today, peekaboo for macOS (issue #381)), invokes the ux-evaluator agent (opus, read-only) against driver artifacts, reconciles findings with the open issue tracker via scripts/lib/test-runner/issue-reconcile.mjs, and writes report.md + JSONL roll-up. Wraps upstream tools (no forks). Hard-gates Playwright MCP for browser drive (4× token cost vs CLI per Microsoft's own benchmark).
ubiquitous-language
Use when the user wants to define domain terms, build a glossary, harden terminology, create a ubiquitous language, or mentions "domain model" or "DDD". Extracts a DDD-style glossary from the current conversation into UBIQUITOUS_LANGUAGE.md, flags ambiguities and synonyms, and proposes opinionated canonical terms.
using-orchestrator
Use this skill when dispatching implicit slash-command intent from the user's first message. Inspects the user's first message for implicit slash-command intent and dispatches to the highest-confidence matching entry-point skill via the Skill tool. Only active when `auto-skill-dispatch: true` in Session Config. Silent no-op otherwise.
wave-executor
Use this skill when executing the agreed session plan in waves with role-based execution and parallel subagents. Handles inter-wave quality checks, plan adaptation, and progress tracking. Core orchestration engine for feature and deep sessions. Triggered by /go command.
write-executable-plan
Use when you have a PRD or design spec and need a bite-sized, executable implementation plan that any agent can follow without re-deriving structure. Produces `docs/plans/YYYY-MM-DD-<feature>.md` with per-task Files block, complete code per step (no placeholders), and exact verification commands. Rejects "TBD", "TODO", "add error handling", "similar to Task N".
packmind-create-command
Guide for creating reusable commands via the Packmind CLI. This skill should be used when users want to create a new command that captures multi-step workflows, recipes, or task automation for distribution to GitLab Duo.
packmind-create-skill
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends GitLab Duo's capabilities with specialized knowledge, workflows, or tool integrations.
packmind-create-standard
Guide for creating coding standards via the Packmind CLI. This skill should be used when users want to create a new coding standard (or add rules to an existing standard) that captures team conventions, best practices, or coding guidelines for distribution to GitLab Duo.
ccontribute
Open source contribution workflow. Learns the target project's conventions, patterns, and CI requirements before writing code. Generates a PR that matches what maintainers expect.
ci-accessibility
CI/CD accessibility agent. Sets up, manages, and troubleshoots accessibility CI pipelines. Supports baseline management, SARIF output, PR annotations, and threshold configuration. Works with GitHub Actions, Azure DevOps, GitLab CI, CircleCI, and Jenkins.
close-issue
Close a GitHub or GitLab issue with a summary comment
create-pr
Create a pull request (GitHub) or merge request (GitLab) from the current branch
playwright-ci
Production-ready CI/CD configurations for Playwright — GitHub Actions, GitLab CI, CircleCI, Azure DevOps, Jenkins, Docker, parallel sharding, reporting, code coverage, and global setup/teardown.
devops
DevOps patterns: containerization, CI/CD, deployment strategies, monitoring. Use when containerizing apps, setting up pipelines, or deploying services.
gl-gh-sync
在 GitLab(内部)和 GitHub(开源)之间双向同步代码。 自动检测哪边有新提交,fast-forward 场景直接推送,分叉场景走 PR/MR 流程。
ci
Diagnoses and fixes CI/CD pipeline failures. Use when user mentions 'CI', 'GitHub Actions', 'GitLab CI', 'ビルドエラー', 'テスト失敗', 'パイプライン', 'CIが落ちた', or asks to analyze build/test failures. Do NOT load for: ローカルビルド, 通常の実装作業, レビュー, セットアップ.
container-hadolint
Dockerfile security linting and best practice validation using Hadolint with 100+ built-in rules aligned to CIS Docker Benchmark. Use when: (1) Analyzing Dockerfiles for security misconfigurations and anti-patterns, (2) Enforcing container image security best practices in CI/CD pipelines, (3) Detecting hardcoded secrets and credentials in container builds, (4) Validating compliance with CIS Docker Benchmark requirements, (5) Integrating shift-left container security into developer workflows, (6) Providing remediation guidance for insecure Dockerfile instructions.
project-structure
Organize project folders following industry best practices. Use when setting up new projects, reorganizing codebases, or when folder structure becomes messy. Covers Next.js, Bulletproof React, and FSD patterns.
reviewdog
Automated code review and security linting integration for CI/CD pipelines using reviewdog. Aggregates findings from multiple security and quality tools (SAST, linters, formatters) into unified code review comments on pull requests. Use when: (1) Integrating security scanning into code review workflows, (2) Automating security feedback on pull requests, (3) Consolidating multiple tool outputs into actionable review comments, (4) Enforcing secure coding standards in CI/CD pipelines, (5) Providing inline security annotations during development.
secrets-gitleaks
Hardcoded secret detection and prevention in git repositories and codebases using Gitleaks. Identifies passwords, API keys, tokens, and credentials through regex-based pattern matching and entropy analysis. Use when: (1) Scanning repositories for exposed secrets and credentials, (2) Implementing pre-commit hooks to prevent secret leakage, (3) Integrating secret detection into CI/CD pipelines, (4) Auditing codebases for compliance violations (PCI-DSS, SOC2, GDPR), (5) Establishing baseline secret detection and tracking new exposures, (6) Remediating historical secret exposures in git history.
hunt-cicd
Hunt CI/CD pipeline vulnerabilities — GitHub Actions workflow injection (pull_request_target Pwnrequest + ${{ }}-into-shell), self-hosted runner poisoning, OIDC trust-policy abuse, Jenkins script-console RCE and CVE-2024-23897 file read, GitLab CI runner-token registration, Terraform state file leakage, artifact/log secret leakage, pipeline env-var disclosure. Use when target has a public GitHub/GitLab org, exposed CI dashboards (Jenkins/TeamCity/Drone/Argo), or build artifacts/images are reachable.
hunt-csrf
Hunting skill for csrf vulnerabilities. Built from 15 public bug bounty reports including modern variants — SameSite=Lax sibling-subdomain bypass (Argo CD CVE-2024-22424), GraphQL mutations-via-GET (GitLab $3,370), framework-wide CSRF middleware disabled (Stripe Dashboard $5,000), path-traversal CSRF-token bypass (GitHub Enterprise CVE-2022-23732 $10k), Origin-omission bypass (TikTok $2,500), OAuth-state null-byte (Streamlabs), WebSocket CSRF / CSWSH (Coda), default-SameSite email-change → ATO (YoYo Games $400), social-account-link CSRF (HackerOne), JSON-CSRF via text/plain on email-change (TikTok $500). Use when hunting modern CSRF — heavy emphasis on chain-to-ATO patterns.
hunt-misc
Hunting skill for misc vulnerabilities. Built from 225 public bug bounty reports. Use when hunting misc on any target.
hunt-oauth
Hunting skill for oauth vulnerabilities. Built from 19 public bug bounty reports. Use when hunting oauth on any target.
hunt-rce
Hunting skill for rce vulnerabilities. Built from 67 public bug bounty reports. Use when hunting rce on any target.
hunt-sqli
Hunting skill for sqli vulnerabilities. Built from 12 public bug bounty reports including modern NoSQL injection (Rocket.Chat CVE-2021-22911 MongoDB $regex, Mongoose ORM CVE-2024-53900 $where bypass), modern ORM raw-fragment SQLi (Django CVE-2024-42005, Sequelize GHSA-wrh9-cjv3-2hpw), second-order SOQL injection (HackerOne Salesforce), time-based blind SQLi in GraphQL resolvers, and SQLi on OIDC-proxy backends. Use when hunting SQLi / NoSQLi on any target.
hunt-ssrf
Hunting skill for ssrf vulnerabilities. Built from 15 public bug bounty reports including AWS metadata SSRF (HackerOne $25k Analytics PDF, Shopify Exchange $25k, Capital One 106M-record breach, Dropbox/HelloSign $4,913), GCP metadata SSRF (Snapchat $4k), Azure IMDS SSRF (Azure DevOps $15k chain, ChatGPT Custom Actions MSRC), DNS rebinding SSRF (Concrete CMS, GitLab UrlBlocker), gopher-protocol-to-Redis-RCE (Yahoo Mail $15k), link-preview SSRF (Reddit Matrix $6k), and headless-browser PDF-generator SSRF chains. Use when hunting SSRF on any target — OOB Collaborator confirmation mandatory for blind cases.
hunt-subdomain
Hunting skill for subdomain vulnerabilities. Built from 15 public bug bounty reports including modern provider fingerprints — Microsoft Azure DevOps `cloudapp.azure.com` regional-pool re-issue (1-click OAuth ATO via wildcard `reply_to`), Zendesk help-desk takeover → email interception → password reset chain ($2k), Vercel `cname.vercel-dns.com` deleted-project takeover (2022 + 2025 confirmed), AWS S3 dangling-bucket cookie-scope chain (Affirm), Smartling translation-SaaS namespace re-claim, Fastly CDN service re-attach (2025), and Shopify storefront `shops.myshopify.com` host-mapping takeover (2025). Use when hunting subdomain takeover — emphasis on ATO-chain primitives (OAuth `redirect_uri`, cookie-domain, email DNS).
gitlab-ci-patterns
GitLab CI/CD pipelines — include templates, environments, OIDC auth, caching, protected runners, deployment gates.
pipeline-security
Secure CI/CD pipelines with keyless signing, OIDC federation, provenance attestations, policy enforcement, and hardened runners.
git-flow-master
End-to-end Git operator for any branching strategy. Auto-detects the project's strategy (solo-main, main+integration, enterprise multi-branch, trunk-based, GitFlow, GitHub Flow, GitLab Flow, SDET integration-trunk for chained test-automation suites) from .git config, branches, and an CLAUDE.md marker, then adapts every commit, branch, push, PR, conflict-fix, and chained-PR action to that strategy. Use this skill whenever the user wants to: create a branch (`crear branch`, `new feature branch`, `start work on UPEX-123`), commit changes (`commit this`, `commitear esto`, `make a commit`, `commit and push`), push code (`push`, `push to main`, `push to staging`, `subir cambios`), open a pull request (`create PR`, `open PR`, `abrir PR`, `crear pull request`, `gh pr create`), fix merge conflicts (`fix conflict`, `resolver conflicto`, `merge conflict`, `rebase conflict`, `push rejected`), plan stacked or chained PRs (`stack of PRs`, `chained PRs`, `split this PR`, `PR demasiado grande`), set up an isolated git worktr
create-pr
Creates GitHub pull requests with pre-flight validation, conventional title formatting, and structured summary generation. Runs parallel checks (tests, lint, type-check, security) before opening. Supports feature, bugfix, refactor, and hotfix PR types with milestone assignment via gh CLI. Use when opening PRs or submitting code for review.
fix-issue
Fixes GitHub issues using parallel analysis agents for root cause investigation, code exploration, and regression detection. Reads issue context from gh CLI, searches codebase and memory for related patterns, generates a fix with tests, and links the resolution back to the issue via PR. Includes prevention analysis to avoid recurrence. Use when debugging errors, resolving regressions, fixing bugs, or triaging issues.
repo-explorer
Explore and analyze any repository (local path or remote GitHub/GitLab URL) by delegating to Claude Code CLI (`claude -p`) in non-interactive mode with read-only access. Use when the user asks to explore, analyze, investigate, or research a repository or codebase. Triggers on "explore repo", "analyze repo", "investigate repo", "research codebase", "what does this repo do", "how does this codebase work", "ask about repo", "codebase question", "explore repository", "what API does this project have", "analyze this GitHub repo", "explore https://github.com/...", or any request to understand a repository's structure, API, architecture, or implementation details. Works with both local paths and remote URLs (GitHub, GitLab, Bitbucket).
hook-development
Use when creating, modifying, or debugging Claude Code hooks — PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification. Covers the plugin `hooks/hooks.json` wrapper format vs. the user `settings.json` direct format, matchers, security patterns, `$CLAUDE_PLUGIN_ROOT` portability, lifecycle limitations, and debugging. Trigger on "add a hook", "validate tool use", "block dangerous commands", "enforce completion", "hook-based automation".
mcp-builder
Use when creating a new MCP (Model Context Protocol) server, extending an existing one, or debugging tool discoverability/performance. Guides through research → implementation → test → eval phases with TypeScript-first guidance matching our stack. Trigger on phrases like "build an MCP server", "expose X as an MCP tool", "write MCP tools for Y", "integrate Z via MCP".
skill-creator
Use when creating a new skill from scratch, modifying an existing skill, or optimizing a skill's triggering description. Guides intent capture, structure, writing patterns, and progressive-disclosure organization so skills reliably trigger and stay maintainable. Trigger on phrases like "turn this into a skill", "write a skill for X", "improve this skill", "my skill isn't triggering".
adding-ai-agent-rendering-system
Implement a new Packmind AI agent rendering/deployer pipeline (single-file or multi-file) with type and registry wiring, frontend UI/docs updates, and thorough unit/integration tests to reliably support additional coding assistants and distribution formats when introducing a new agent integration or render mode.
respond-github
Respond to a GitHub issue/PR or GitLab issue/MR
delivery-bootstrap
Use when starting implementation on a new or unfamiliar codebase. Auto-detects tech stack and sets up development context.
pr
Commit, push, and create a PR. Default is ready-for-review with auto-fixup. Use --draft to skip review/fixup.
handdrawn-diagram
Generate a hand-drawn (sketch-style) architecture or flow diagram as a committable image (SVG + PNG). Use when the user wants a sketch-aesthetic diagram for a README, docs, or hackathon/Devpost submission that still has correct, legible text and per-group color. Authors a Mermaid look:handDrawn source and renders it with mermaid-cli — works on any viewer and on Devpost. Triggers on: 'hand-drawn diagram', 'sketch diagram', '손그림 다이어그램', '손그림 아키텍처', '스케치 도식', 'handDrawn', 'Devpost diagram', '손그림으로 그려줘', '아키텍처 손그림', 'sketch-style architecture'.
nw-cicd-and-deployment
CI/CD pipeline design methodology, deployment strategies, GitHub Actions patterns, and branch/release strategies. Load when designing pipelines or deployment workflows.
nw-devops
Designs CI/CD pipelines, infrastructure, observability, and deployment strategy. Use when preparing platform readiness for a feature.
cli-forge-pipeline
Expert CI/CD pipeline optimizer using biomimetic patterns from nature: leafcutter ants (task partitioning), slime mold (adaptive path optimization), army ants (self-organizing parallelism), honeybees (dynamic resource allocation), and mycelium (fault-tolerant routing). Works with any CI system — examples cover both GitLab CI and GitHub Actions. Use this skill whenever the user asks to optimize, design, review, speed up, parallelize, or fix a CI/CD pipeline. Also triggers on: "slow pipeline", "flaky tests", "runners", "artifacts", "CI cache", "parallel build", "GitLab CI", "GitHub Actions", "pipeline design", "reduce build time", DAG pipelines, job dependencies, or any request mixing infrastructure + automation + deployment. Use it even when the user just pastes a YAML pipeline without asking explicitly.
ci-cd-pipeline-architecture
When configuring automated build, test, and deployment workflows for a repository.
git-workflow-branching
When creating, updating, and merging code in a collaborative version control environment.
alibaba-devops-cicd-operator
Build CI/CD pipelines with RDC (Research and Development Collaboration), Cloud Build, Flow pipeline automation, ACR (Container Registry) image lifecycle, and environment promotion strategies.
init
Set up Playwright in a project. Use when user says "set up playwright", "add e2e tests", "configure playwright", "testing setup", "init playwright", or "add test infrastructure".
git-workflow-enforcer
Ensures commits follow conventional commits, branch naming conventions, and PR templates. Use when creating commits, branches, or PRs, or when user mentions git workflow.
gitlab-automation
Automate GitLab project management, issues, merge requests, pipelines, branches, and user operations via Rube MCP (Composio). Always search tools first for current schemas.
mlops-engineer
Build comprehensive ML pipelines, experiment tracking, and model registries with MLflow, Kubeflow, and modern MLOps tools. Implements automated training, deployment, and monitoring across cloud platforms. Use PROACTIVELY for ML infrastructure, experiment management, or pipeline automation.
readme
When the user wants to create or update a README.md file for a project. Also use when the user says 'write readme,' 'create readme,' 'document this project,' 'project documentation,' or asks for help with README.md. This skill creates absurdly thorough documentation covering local setup, architecture, and deployment.
visual-regression
Setup visual regression testing with Storybook stories, configuration, and CI/CD workflows. Supports Chromatic, Percy, BackstopJS. Auto-invoke when user says "set up visual regression", "add Chromatic tests", "add screenshot testing", or "set up Percy".
devops-specialist
DevOps 与运维专家。精通 CI/CD、容器化、编排、基础设施即代码、监控告警和自动化部署。用于构建高效、可靠的软件交付流水线和运维系统。
glab
Expert guidance for using the GitLab CLI (glab) to manage GitLab issues, merge requests, CI/CD pipelines, repositories, and other GitLab operations from the command line. Use this skill when the user needs to interact with GitLab resources or perform GitLab workflows.
unified-cicd-platform
This skill should be used when the user is choosing a CI/CD platform, migrating between CI/CD providers, consolidating build and deployment pipelines, designing pipeline architecture across application and infrastructure code, setting up drift detection, configuring OIDC authentication for pipelines, or discussing the operational cost of multiple CI/CD systems. Covers platform selection, the cost of multi-platform CI/CD, what 'everything on one platform' means, OIDC pipeline authentication, Jenkins migration, and scheduled pipeline jobs like drift detection.
devops-automator
Expert DevOps engineer specializing in infrastructure automation, CI/CD pipeline development, and cloud operations
ci-cd-pipelines
Use this skill when setting up CI/CD pipelines, configuring GitHub Actions, implementing deployment strategies, or automating build/test/deploy workflows. Triggers on GitHub Actions, CI pipeline, CD pipeline, deployment automation, blue-green deployment, canary release, rolling update, build matrix, artifacts, and any task requiring continuous integration or delivery setup.
cicd-pipeline-audit
Audit CI/CD pipelines (GitHub Actions, GitLab CI, CircleCI, Azure Pipelines, Jenkins, Bitbucket) for security, reliability, reproducibility, supply chain, and deploy safety. One sub-agent per workflow. Static, live, apply, and runtime modes.
pr
Creates or updates a pull request (GitHub) or merge request (GitLab) for the current branch using the Conventional PR format — intent, summary, changes, rationale, and test plan. Captures the implementation conversation's intent into the PR description when run in the same session. Use when a branch is ready for review, or to update an existing PR/MR description.
netlify-integration
Deploy and manage Netlify projects using Next.js with serverless functions, environment variables, and continuous deployment. Use this skill when working with Netlify deployments, configuring netlify.toml, managing Netlify Functions, debugging webhooks, setting environment variables, or troubleshooting deployment issues for Next.js applications on Netlify. Essential for Twilio-Aldea and similar serverless SMS/telephony projects. v2.0 includes official Netlify documentation, production patterns from Twilio-Aldea (webhook timeout solutions, background functions), and TypeScript code examples.
mini-wiki
Automatically generate **professional-grade** structured project Wiki from documentation, code, design files, and images. Use when: - User requests "generate wiki", "create docs", "create documentation" - User requests "update wiki", "rebuild wiki" - User requests "list plugins", "install plugin", "manage plugins" - Project needs automated documentation generation Features: - Smart project structure and tech stack analysis - **Deep code analysis** with semantic understanding - **Mermaid diagrams** for architecture, data flow, dependencies - **Cross-linked documentation** network - Incremental updates (only changed files) - Code blocks link to source files - Multi-language support (zh/en) - **Plugin system for extensions** For Chinese instructions, see references/SKILL.zh.md
github-actions-docs
Use when users ask how to write, explain, customize, migrate, secure, or troubleshoot GitHub Actions workflows, workflow syntax, triggers, matrices, runners, reusable workflows, artifacts, caching, secrets, OIDC, deployments, custom actions, or Actions Runner Controller, especially when they need official GitHub documentation, exact links, or docs-grounded YAML guidance.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
connect
Connect Claude to any app. Send emails, create issues, post messages, update databases - take real actions across Gmail, Slack, GitHub, Notion, and 1000+ services.
connect-apps
Connect Claude to external apps like Gmail, Slack, GitHub. Use this skill when the user wants to send emails, create issues, post messages, or take actions in external services.
devops-engineer
Creates Dockerfiles, configures CI/CD pipelines, writes Kubernetes manifests, and generates Terraform/Pulumi infrastructure templates. Handles deployment automation, GitOps configuration, incident response runbooks, and internal developer platform tooling. Use when setting up CI/CD pipelines, containerizing applications, managing infrastructure as code, deploying to Kubernetes clusters, configuring cloud platforms, automating releases, or responding to production incidents. Invoke for pipelines, Docker, Kubernetes, GitOps, Terraform, GitHub Actions, on-call, or platform engineering.
adr
Capture architectural decisions as structured ADRs (Architecture Decision Records). Use when user says 'record this decision', 'ADR this', 'why did we choose X', 'document this trade-off', 'we decided to...', or when a significant choice is made between alternatives (framework, database, pattern, API design, infra approach).
ci
GitLab CI/CD pipeline review and scaffolding for Terraform and Helm/EKS deployments. Use when user says 'review my pipeline', 'check my gitlab-ci', 'scaffold a pipeline', 'is my CI correct', or when working in .gitlab-ci.yml files.
docker
Docker operations, Dockerfile best practices, Compose, image optimization, and registry workflows. Use when user says 'review my Dockerfile', 'optimize my image', 'reduce image size', 'container won't start', 'set up compose', 'multi-stage build', or when working in Dockerfile, docker-compose*.yml, or .dockerignore files.
github
GitHub repository operations — PRs, issues, releases, branch protection, CODEOWNERS, security settings. Use when user says 'review my PR', 'create a release', 'set up branch protection', 'add CODEOWNERS', 'audit repo settings', or asks about GitHub repo configuration.
github-actions
GitHub Actions workflow review, scaffolding, and security hardening. Use when user says 'review my workflow', 'check my actions', 'scaffold a workflow', 'is my CI correct', 'pin actions', 'OIDC to AWS', or when working in .github/workflows/*.yml files.
k8s
Kubernetes and Helm review and scaffolding for EKS workloads. Use when user says 'review my helm values', 'before I deploy', 'scaffold a new service', 'check values.yaml', or when working in values.yaml, Chart.yaml, or Helm template files.
tf
Generic Terraform review, scaffolding, and version upgrades for AWS infrastructure using the terraform-aws-modules ecosystem. Use when user says 'review my terraform', 'before I raise an MR', 'scaffold a lambda/rds/s3/eks/vpc', 'check my .tf files', 'upgrade provider', or when working in .tf or .tfvars files. NOTE: if the repo has an `_modules/` directory wrapping `clouddrove/*/aws` modules, use /clouddrove:wrapper-tf instead — the two patterns conflict.
wrapper-tf
Team standard for AWS Terraform repos built on the CloudDrove wrapper-module pattern. Use when working in a repo with an `_modules/` directory that wraps `clouddrove/*/aws` modules, scaffolding a new wrapper module, generating Terraform GitHub Actions CI, reviewing wrapper-pattern PRs, or mapping the pattern to SOC2/GDPR controls. Supersedes /tf on CloudDrove repos.
llm-output-gate
CI hook that refuses to ship if prompt-eval golden set regresses past threshold or prompt-injection-test fails on HIGH severity
deployments-cicd
Vercel deployment and CI/CD expert guidance. Use when deploying, promoting, rolling back, inspecting deployments, building with --prebuilt, or configuring CI workflow files for Vercel.
datarobot-app-framework-cicd
Guidance for setting up CI/CD pipelines for DataRobot application templates using GitLab, GitHub Actions, and Pulumi for infrastructure as code. Use when setting up CI/CD pipelines, configuring deployments, or managing infrastructure for DataRobot application templates.
commit-detection
Detects optimal commit type from git changes. Use when analyzing commits, determining commit type, or before committing.
dev-pr
Operator-sanctioned alternative to bare `git push` from agent context. Open a PR from the current feature branch with a body assembled inline from commit history, the test command's last output, screenshots, and an optional project PR template. Refuses on protected branches, dirty trees, or zero commits ahead. Run as the final step of a ticket.
conventional-git
Conventional Commits v1.0.0 branch naming and commit message standards for GitHub and GitLab projects. Use when creating branches, writing commits, generating commit messages, reviewing branch conventions, or setting up changelog automation. Apply when your project needs consistent git history, SemVer-driven releases, parseable changelog generation, or automatic issue closing.
kubesphere-devops-jenkins
Use when configuring Jenkins in KubeSphere DevOps, including agent customization, LDAP/OIDC integration, build artifact retrieval, or troubleshooting Jenkins issues
kubesphere-devops-overview
Use when working with KubeSphere DevOps extension, CI/CD pipelines, Jenkins integration, or pipeline troubleshooting
technical-diagrams
Provides Mermaid diagram syntax, best practices, and styling rules for technical visualizations. Use when creating diagrams, flowcharts, sequence diagrams, class diagrams, state diagrams, ER diagrams, architecture diagrams, C4 diagrams, visualizations, or any visual documentation in markdown. Always use this skill when generating or updating Mermaid code blocks.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
github-actions-docs
Use when users ask how to write, explain, customize, migrate, secure, or troubleshoot GitHub Actions workflows, workflow syntax, triggers, matrices, runners, reusable workflows, artifacts, caching, secrets, OIDC, deployments, custom actions, or Actions Runner Controller, especially when they need official GitHub documentation, exact links, or docs-grounded YAML guidance.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
gitlab-mr-issue
查看/更新 GitLab Issue、MR(含评论与 diff),并按团队规范非交互创建���修改 MR/Issue;涉及 GitLab(含自建实例)Issue/MR 的操作时使用。
researching-with-deepwiki
Research GitHub, GitLab, and Bitbucket repositories using DeepWiki MCP server. Use when exploring unfamiliar codebases, understanding project architecture, or asking questions about how a specific open-source project works. Provides AI-powered repo analysis and RAG-based Q&A about source code. NOT for fetching library API docs (use fetching-library-docs instead) or local files.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
share-skill
Automatically share skills, migrate local skills to code repositories, open source skills, skill version management, configure git remote
suggesting-tooling
Analyzes a codebase and suggests custom Claude Code skills and subagents to improve development workflow. Use when user wants tooling suggestions, automation ideas, or asks "what skills would help this project".
scaffold
Project scaffolding, component generation, and boilerplate setup. Triggers: "scaffold", "new project", "init project", "create project", "generate component", "setup project", "starter", "boilerplate".
ops-ci
CI/CD pipeline configuration. Trigger when the user wants to configure GitHub Actions, GitLab CI, or automate deployments.
iago
Append a Mermaid diagram (sequence, flow, class, or entity-relation) to a GitHub PR's existing /review comment. Like Iago the parrot from Aladdin, this skill loudly squawks a visual summary on top of an existing review. Also triggered by /squawk. Use after the /review skill finishes, or when the user asks to add/append a diagram to a pull request review, or says "squawk". Auto-detects the most useful diagram type from the diff; accepts an explicit override.
auto-mr
Push current branch, create MR/PR on GitHub, GitLab, or Forgejo, wait for CI pipeline, merge, and clean up branch using auto-mr CLI
detect-repo-host
Detect repository hosting service (GitHub/GitLab/Forgejo) from git remote and extract owner/repo/project_path. Internal utility skill used by commands that need platform-aware routing.
bounty-recon
Use at the start of a bug bounty engagement. Provides scope-aware recon methodology — passive enumeration, subdomain discovery, asset attribution, tech stack fingerprinting, content discovery. Respects scope and program rules. Triggers on "bounty recon", "subdomain enum", "attack surface map", "h1 recon", "bug bounty start".
nasde-benchmark-calibration
Calibrate assessment rubrics by reviewing agent work in GitHub/GitLab PRs and feeding human comments back into the rubric. Use this skill when the user wants to: - Calibrate, tune, or sanity-check assessment criteria / dimensions of a benchmark - Review trial diffs alongside the LLM-as-a-Judge scores in a PR/MR - Investigate why judge scores feel off, too harsh, too lenient, or misaligned with how a human would grade the code - Pull review comments back from PRs/MRs and turn them into concrete rubric edits Even if the user doesn't say "calibrate" — if they're worried the LLM judge's scores diverge from human judgment, or want to align scores with a real developer's opinion before freezing a benchmark, this skill applies.
k8s-components-checker
Survey an RKE2 community cluster against an embedded compatibility registry of 19 stack components and produce a verdict for upgrade-readiness, drift-review, and version-skew questions. Components: RKE2, Rancher, Harvester, Cilium, Tetragon, cert-manager, Kyverno, KEDA, Argo CD, Harbor, Traefik, Rook, Ceph, OpenEBS, GitLab, ECK, Zalando postgres-operator, Grafana Mimir, NVIDIA GPU Operator. Works air-gapped — compatibility data lives in `references/compat/`. Surveys run via `kubectl` + `helm` + `pluto` + the apiserver `apiserver_requested_deprecated_apis` metric from the operator's workstation. Community editions only — Prime/EE-gated content is ignored. NOT for installing components, NOT for executing upgrades, NOT for tracking per-cluster running state (the registry is methodology, not inventory).
ci-cd
CI/CD 流水线配置
cicd-pipeline
Generates CI/CD pipeline configurations for GitHub Actions, GitLab CI, and AWS CodePipeline. Covers build, test, lint, security scanning, and deployment stages with caching and parallelism. Triggers on: "create CI/CD pipeline", "GitHub Actions workflow", "deployment pipeline", "automate build".
python-project-setup
Sets up Python projects with modern tooling including pyproject.toml, linting with ruff, formatting, type checking with mypy or pyright, testing with pytest, and pre-commit hooks. Triggers on: "setup Python project", "create Python package", "python project structure", "pyproject.toml".
cicd-pipelines
CI/CD pipeline design and DevOps automation — use when the user mentions GitHub Actions, GitLab CI, Jenkins, Terraform, infrastructure as code, DevSecOps, ArgoCD, Kubernetes deployment automation, or pipeline configuration YAML. NOT for release orchestration or semantic-release workflows (use git-workflow), NOT for Docker containers or Dockerfiles (use docker-containerization), NOT for git branching or commits (use git-workflow).
git-workflow
Run git status / log / diff and list pull requests for the session's repo via the opendray gateway. Use whenever the user asks about "what's changed", "status", "diff", "open PRs", or wants to commit / push.
setup-ci
Teaches CI/CD from first principles to a non-developer, then scaffolds a working test + deploy pipeline. Handles the common hosts (GitHub Actions, GitLab CI, CircleCI, Travis, Jenkins) and common deploy targets (SSH to VM, Vercel, Netlify, Fly.io, Cloud Run, Docker registries). Asks what the operator has before generating anything — never assumes.
ci-cd-pipeline
配置 CI/CD 流水线时使用。快、稳、可重复、可回滚。
gitea
Gitea operations via tea CLI. Use when user mentions: gitea, tea, or when git remote shows a Gitea instance.
gitlab
GitLab operations via glab CLI. Use when user mentions: MR, merge request, gitlab issue, pipeline, CI status, glab, or when git remote shows gitlab.com or self-hosted GitLab.
deploy
Deployment strategy, production-readiness gating, and rollback planning for AWS/EKS services. Use when user says 'how should I deploy this', 'blue-green or canary', 'are we ready to ship', 'production readiness', 'plan a rollback', 'pre-deploy check', or before a first production release. Pairs with /k8s, /ci, /github-actions, /tf which own the per-artifact checks.
finops
AWS cost optimization — waste detection, right-sizing, Savings Plans, RIs, EKS cost, multi-account governance. Use when user says 'reduce AWS bill', 'find waste', 'right-size this', 'should I buy SP or RI', 'gp2 vs gp3', 'EKS is expensive', 'NAT gateway cost', or asks about AWS cost optimization.
owasp
Security review against OWASP Top 10:2025, ASVS 5.0, and Agentic AI risks. Use when user says 'review for security', 'is this secure', 'check for vulnerabilities', 'review auth/authorization', 'check input handling', or when writing cryptography, session management, or AI agent code.
skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
devops
DevOps practices, CI/CD, and infrastructure management
commit
spec-flow SHIP step: conventional-commit + push + surface the merge/pull-request link, VCS-agnostic (GitHub + GitLab), with a base-branch guard. Branch creation is owned by the lifecycle commands (/sf:ingest, /sf:bug, /sf:change) via the engine's branch-ensure; this skill commits on the current work branch and refuses to commit on the configured base branch. Invoke ONLY in spec-flow context — explicitly as /sf:commit, or from the /sf:phase ship step. Do NOT auto-trigger on a bare "commit"/"commit push" request — that is the user's own commit workflow, not this skill.
devops-engineer
Use when setting up CI/CD pipelines, containerizing applications, or managing infrastructure as code. Invoke for pipelines, Docker, Kubernetes, cloud platforms, GitOps.
define-deployment
Capture deployment characteristics for both production and development — hosting, IaC, CI/CD, secrets, observability, local dev environment, containerization, hot reload, and seed data. Use when the project-builder agent is gathering deployment information.
doctor
Audits any project for security, test coverage, and Claude Code automation. 46 checks across 6 layers: secrets, CLAUDE.md, hooks, skills, agents, rules, MCP, CI, memory. Adaptive scoring — auto-detects project maturity (Starter/Growing/Mature/Pro). Diagnoses gaps, prescribes project-specific fixes, applies them. Usage: /doctor — full audit (all 6 layers) /doctor quick — TOP-3 priorities + score (30 seconds) /doctor scan — diagnose only (no changes) /doctor fix — prescribe + apply fixes /doctor layer <N> — audit specific layer (0-5) /doctor verify — health check Triggers: "/doctor", "audit", "setup automation", "configure Claude Code", "project health", "what's missing", "security check", "аудит", "проверь проект"
web-ci-spec
Produce a sprint CI.md covering pipeline stages, secrets handling, deployment strategy, and rollback for GitHub Actions / Cloud Build / GitLab CI / etc. Coordinator-only — produces drafts, never modifies live workflows. Pauses for user confirmation.
architecture-diagram
Generate architecture diagrams in Mermaid, PlantUML, or diagrams.net formats
ci-setup
Configure CI/CD pipelines for GitHub Actions, GitLab CI, CircleCI with best practices
devex-review
Audit the developer experience of your project — setup friction, onboarding clarity, local dev loop speed, tooling consistency, and documentation gaps. Produces a DX scorecard and prioritized improvement list. Inspired by gstack's devex-review skill.
dependency-versions
MUST consult this skill before answering whenever the user's task involves external versioned dependencies — even if you think you can handle it directly. This applies to: checking if packages/tools are up to date, upgrading npm/pip/cargo/go dependencies, planning or writing CI/CD workflows (GitHub Actions, CircleCI, GitLab CI), pinning action versions, reviewing Dockerfiles or base images, checking Terraform providers or modules for drift, reviewing Helm chart versions, verifying Kubernetes/EKS/cloud resource versions, updating pre-commit hooks, writing Dependabot configs, or any task where the user mentions specific version numbers, package names, or config files like package.json, pyproject.toml, Dockerfile, .pre-commit-config.yaml, main.tf, or values.yaml. Even casual requests like "is this still current" or "has anything drifted" require this skill because your training data is unreliable for volatile version facts. Do NOT use for: refactoring code, writing tests, debugging errors, designing APIs, or tas
meremoth-devops-craft
How Meremoth builds CI/CD pipelines — GitLab CI / GitHub Actions stages, secret marshalling via SOPS, hash-based config drift detection, SSH-direct deploy patterns, the prepare-not-execute rule, and the "check the CI AND the remote script" diverge-silently rule. Invoke when a pipeline or release-automation change is in scope.
doncheli-diagram
Auto-generate Mermaid or C4 diagrams from code analysis. Activate when user mentions "diagram", "mermaid", "architecture diagram", "C4", "class diagram", "sequence diagram", "ERD", "flowchart", "visualize code".
pentest-cicd
CI/CD red team methodology — GitHub Actions, GitLab CI, Jenkins pipeline security analysis, secret leak, workflow injection advisory. Triggers on CI/CD pentest, GitHub Actions security, GitLab CI, Jenkins, pipeline injection, workflow injection, secret leak, OIDC abuse, runner takeover, supply chain.
tenet-build-ci
Audits CI, reproducible builds, lockfiles, pinned tools, secret handling, and image security.
review
Review a GitHub PR or GitLab MR with craft-level attention to semantic HTML, CSS architecture, accessibility, TypeScript patterns, and code quality. Auto-detects platform from URL or git remote. Proposes inline diff comments, shows them for approval, only posts what the user approves. TRIGGER when the user says "/review", "review this PR/MR", "review <url>", or passes a PR/MR number.
review-epic
Linear · Review-only counterpart to /abc:ship-epic. Self-arming /loop that watches a Linear parent issue's sub-issues, reviews each child's PR/MR (GitHub or GitLab, routed via the `repo:` label) as it surfaces against the FULL epic context (parent spec + merged-sibling decisions + pending children's criteria), posts inline + spec-cross-referenced summary comments via the abc:reviewer subagent, and exits when the parent reaches Done. Never merges. TRIGGER when the user says "/abc:review-epic PARENT-ID", asks to "review this epic as it ships" against a Linear parent, or wants a standing reviewer session running parallel to /abc:ship-epic.
review-sweep
Scan all open PRs (GitHub) and MRs (GitLab) the user authored, triage unresolved reviewer threads via the abc:triage subagent, present a dashboard of fixable vs judgment-required items, and apply confirmed fixes per PR/MR. Auto-detects which platforms to scan. TRIGGER when the user says "/review-sweep", "sweep my MRs", "triage my open PRs", or wants to bulk-process reviewer feedback. Designed to compose with /loop for periodic sweeps.
ship-issue
Linear · Drives a Linear issue (or list, or parent with sub-issues) from Backlog to Done through the implement → PR → address-review → merge loop. TRIGGER when the user says "/ship-issue TICKET-ID", asks to ship/land/drive/autoland a ticket, or wants Claude to take a Linear issue through review to merge. Also trigger when resuming work on a ticket with an open PR and pending reviewer comments. Supports GitHub + GitLab and multi-repo parent issues via `repo:` Linear labels. Self-arms its own `/loop` — the user invokes once and walks away.
adk-pr-review
Deep PR review: tree-sitter AST chunking + ollama embeddings + LanceDB hybrid (vector + BM25) retrieval + SCIP cross-file symbols + harness-LLM reranker + feature-flow tracing + accept/reject/edit triage before posting. Triggers on a GitHub or Bitbucket Cloud pull-request URL OR no arg at all — when no URL is passed, the next eligible row from `$ADK_CONFIG_HOME/pr-queue.json5` is atomically claimed (FIFO by last_checked_at, 30-min auto-expiring `taken_at` lock so two terminals review different PRs). Curate the queue via `adk pr-scan` (scans Slack threads for PR links — main message AND replies — and upserts rows). When a URL is passed and that PR is already in the queue, the row's `slack` + `supporting_docs` are merged into the review context. **Global skill** — runs from anywhere; isolates to `$ADK_DATA_HOME/skill-pr-review/<repo>_pr-<n>/` (per `shared/paths.md`); never touches the cwd. Pipeline: clone+worktree at the PR head, tree-sitter chunker → ollama embed (`nomic-embed-text` default, `bge-m3` via `--de
ci-cd-pipeline-builder
Detect project stack and generate CI/CD pipeline configuration for GitHub Actions or GitLab CI. TRIGGER when: user asks to set up CI/CD, create a pipeline, add GitHub Actions, configure GitLab CI, or automate testing and deployment. DO NOT TRIGGER when: user is debugging an existing pipeline failure, or asking about deployment infrastructure (servers, containers, cloud).
env-secrets-manager
Environment variable hygiene, secret leak detection, and credential rotation workflows. TRIGGER when: working with .env files, secret management, credential rotation, pre-commit secret scanning, or investigating leaked credentials. DO NOT TRIGGER when: general config file editing, non-secret environment setup, or infrastructure provisioning (use relevant infra skill).
claude-jobs
Find job openings at tech companies. Use when user asks about jobs, careers, openings, positions, roles, or salaries - either at specific companies or general tech job queries.
commit-push-mr
Commit, push, and create merge requests in GitLab. ONLY use when the user explicitly asks to commit, push, or create an MR. Never do any of these autonomously.
changelog-automation
Automate changelog generation from commits, PRs, and releases following Keep a Changelog format. Use when setting up release workflows, generating release notes, or standardizing commit conventions.
gitlab-ci-patterns
Build GitLab CI/CD pipelines with multi-stage workflows, caching, and distributed runners for scalable automation. Use when implementing GitLab CI/CD, optimizing pipeline performance, or setting up automated testing and deployment.
feature-marker
Gemini-ready install target for the feature-marker run-through skill workflow. Use from a Gemini prompt; the npm package is only the installer.
ci-workflow
自然语言描述 → CI 配置文件(GitHub Actions / GitLab CI)+ 逐段解释 + 安全审查。 适用场景:用户要求"写 CI 配置"、"配个 GitHub Actions/GitLab CI"、"自动构建/部署/发布流程"。 触发关键词:/ci、ci/cd、github actions、gitlab ci、pipeline、workflow、自动构建、自动部署。
building-ci-pipelines
Constructs secure, efficient CI/CD pipelines with supply chain security (SLSA), monorepo optimization, caching strategies, and parallelization patterns for GitHub Actions, GitLab CI, and Argo Workflows. Use when setting up automated testing, building, or deployment workflows.
shell-scripting
Write robust, portable shell scripts with proper error handling, argument parsing, and testing. Use when automating system tasks, building CI/CD scripts, or creating container entrypoints.
gitlab-security-setup
Sets up a full security stack on your company's projects hosted on GitLab.com (non-PrestaShop: Laravel, Astro, TanStack, etc.). Use ONLY when the project is a GitLab.com Free tier project. Triggers when the user asks to add dependency scanning, vulnerability alerts, security setup, Trivy, pnpm supply chain protection, or wants email reports of vulnerabilities. Do NOT use for GitHub-hosted projects, personal projects, or PrestaShop projects — use ps-security-audit skill instead for any PrestaShop project.
ps-security-audit
Sets up weekly automated security scanning for PrestaShop 8 projects hosted on GitLab.com. Checks: installed modules vs Friends of Presta advisory database, PrestaShop core version, and PHP/Composer dependencies via Trivy. Sends weekly HTML email report every Monday. Use ONLY for PrestaShop projects on GitLab.com. Triggers when user asks for security scanning, vulnerability alerts, module CVE check, or Friends of Presta integration on a PrestaShop project.
e2e-testing
Create, run, and debug JSON-driven E2E browser tests with Chrome pool integration
validating-ci-pipelines-locally
Single source of truth for executing GitLab CI/CD pipelines locally with the same image, env vars, and service containers as the real runner — so pipeline failures are caught before push. Defines pipeline discovery (.gitlab-ci.yml + includes), per-job execution via gitlab-runner exec, service-container orchestration (Mongo, Redis, MailHog), env injection without secrets, cache/artifact handling, and a job-by-job verdict report. Also describes the GitHub Actions equivalent via act for projects that mirror to GitHub. Activates whenever an agent or command needs to validate that the CI pipeline will pass — currently used by /lt-dev:production-ready and lt-dev:production-readiness-orchestrator. NOT for running the local check script (use running-check-script). NOT for writing or refactoring CI configs (use the devops agent).
infra-audit
Infrastructure and CI/CD security audit - GitHub Actions workflows (pwn-request, secret logging, missing pinning, permissions overreach), Dockerfile (latest tag, USER root, ADD on URL), Kubernetes manifests (runAsNonRoot, privileged containers, hostNetwork), Terraform (IAM wildcards, state in git, module pinning), GitLab CI equivalent checks. Stack-agnostic.
brownfield-intake
The brownfield on-ramp. After onboard on an existing codebase, this fingerprints the repo (languages, frameworks, structure, hotspots, tech debt via codebase-intel) so you don't have to explain the architecture, then ASKS how you want to define the work — describe it in plain language, point to an existing requirements/spec doc, answer a few guided questions, or pull a GitHub/GitLab issue — and synthesizes a code-anchored, increment-scoped requirements doc that feeds prd-quality-analyzer and the rest of the SDLC. Use right after onboard on a project that already has code.
deploy-verifier
Verify a completed deployment by cross-checking the CI pipeline status (dev-ops MCP) + service health dashboard (observability MCP) + optional smoke-test endpoints. Auto-satisfies the DEPLOYMENT phase's `deployment.verified` and `health.checks.passed` exit criteria when every declared check returns green. Writes a consensus-needed marker so the third DEPLOYMENT criterion (`consensus.deployment.approved`) still gates through multi-AI review.
vidhi-init
Sets up an `## Agent skills` block in AGENTS.md/CLAUDE.md and `docs/agents/` so the vidhi skills know this repo's issue tracker (yojana, GitHub, GitLab, or local markdown), triage label vocabulary, and domain doc layout. Run before first use of `vidhi-decompose`, `vidhi-prd`, `vidhi-triage`, `vidhi-diagnose`, `vidhi-tdd`, `vidhi-deepen`, or `vidhi-survey` — or if those skills appear to be missing context about the issue tracker, triage labels, or domain docs.
committing
Use when creating git commits — enforces commit message style, length limits, and user confirmation before committing
rnd-committing
Use when creating git commits — enforces commit message style, length limits, and user confirmation before committing
garnatxa-hpc
Use whenever the user is working on, connecting to, submitting jobs to, troubleshooting, or asking about the Garnatxa HPC cluster at I2SysBio (UV/CSIC, Valencia). Covers SSH/VPN setup, SLURM submission and monitoring (sbatch, srun, sacct, squeue, scancel, sinfo, plotjob, squeue_/sacct_), choosing the right QoS, writing efficient job scripts (serial, threaded, MPI, array, dependencies), the Lmod module system, mamba/conda environments, Singularity containers, Nextflow and Snakemake pipelines on SLURM, /home + /storage + /scr filesystems, tape archive via merlot/tapecopy, the self-hosted GitLab + VSCode workflow, usage policies and quotas, and the required acknowledgment in publications. Trigger this skill for any mention of Garnatxa, garnatxa.srv.cpd, i2sysbio HPC, or when a user is clearly working on a CSIC/UV HPC at I2SysBio — even when the user does not name the cluster explicitly but is asking about job scripts, SLURM, tape, GitLab on garnatxagitlab.uv.es, or VPN config files like i2sysbi.ovpn.
cqa-00b-directory-structure
Validates directory naming conventions for titles, assemblies, and modules. Use when restructuring content or adding new directories.
resolve-comments
Use when resolving unresolved PR or MR review comments, working through reviewer feedback, or addressing code review threads on GitHub, GitLab, Bitbucket Cloud, or Azure DevOps repositories
git-fundamentals
Essential Git version control knowledge including repositories, commits, branches, remotes, and common workflows. Use when helping with basic Git operations, teaching Git concepts, or as foundation for advanced Git tools. Activate for questions about Git basics, standard workflows, or version control fundamentals.
hv-release
Cut a release — walk the project's per-project release checklist (`.hv/RELEASE.md`) as a preflight gate, bump version (major/minor/patch), generate categorized release notes from commits since the last tag, prepend a section to CHANGELOG.md, create an annotated git tag, push, publish a release on GitHub or GitLab if origin is set, and offer to close any upstream issues still open for shipped items. Use on "release", "cut a release", "tag a release", "ship X.Y.Z".
sync-all-repos
Sync all GitHub-backed git repos on this machine with origin. Pulls behind repos, pushes ahead repos, reports dirty/non-main/conflict cases for Claude to resolve.
rust-cicd-pipeline
Set up a professional Rust CI/CD pipeline with pre-commit hooks, automated linting, testing, changelog management, and version control. This skill should be used when creating a new Rust project that needs CI/CD, when adding CI/CD to an existing project, or when troubleshooting pipeline issues. The pipeline follows the "Makefile as single source of truth" pattern and works without GitHub Actions for enterprise environments.
ci-cd-pipeline-builder
Generate pragmatic CI/CD pipelines from detected project stack signals — fast baseline generation, repeatable checks, environment-aware deployment stages. Use when setting up CI for a new project, refactoring existing pipelines, or standardizing deployment workflows across multiple repos.
pr-review-expert
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
pr
Create a PR (GitHub) or MR (GitLab) for the current uncommitted changes. TRIGGER when the user says "/pr", "/mr", asks to "open a PR/MR", "ship this as an MR", or "create a pull request" for work-in-progress changes in the current repo. Inspects the diff, groups related files, runs type-check/tests, commits with no AI attribution, and pauses for confirmation before opening the PR/MR.
pr-review
HEAVYWEIGHT, GitHub-only deep PR review. Takes a GitHub PR URL, prepares a read-only git worktree at the PR head (SSH clone only), and reviews the diff with full cross-file context via Read/Grep/Glob. Fans out one agent per dimension (correctness, security, tests, performance, api, docs, observability, concurrency, feature-flow) through the Workflow tool, then adversarially verifies every finding before it survives. Traces feature flags / experiments via the adk-statsig MCP and pulls linked Jira/Confluence via the adk-atlassian MCP. Posts inline review comments, a review summary, and appreciations through the gh CLI after confirmation. NEVER merges, never force-pushes, never edits the PR's code. For a quick read-only pass with no worktree, use /adk:review.
speckit.taskstoissues
Issue Tracker Syncer - Synchronize tasks.md to issue tracker.
resume-scan
Use when scanning code repositories to extract resume-worthy content. Analyzes code structure, git history, tech stack, contributions, and generates structured project summaries with accuracy-annotated data points.
cicd-pipeline-config
CI/CD pipeline configuration skill for test automation, covering GitHub Actions, Jenkins, GitLab CI, test parallelization, reporting, and artifact management.
deployment-advisor
Deployment strategy guidance - platform selection, CI/CD pipeline design, environment configuration, monitoring
devops-best-practices
Opinionated production-grade DevOps defaults for Terraform, Kubernetes, CI/CD, Docker, cloud security, observability, cost, and disaster recovery. ALWAYS use when generating, reviewing, or modifying any infrastructure code, Kubernetes manifests (Deployment, Service, StatefulSet, Helm, Kustomize), Terraform (.tf, modules, state), Dockerfiles, docker-compose, CI/CD pipelines (.github/workflows, .gitlab-ci.yml, Jenkinsfile), cloud resources (AWS/GCP/Azure), IAM policies, security groups, observability setup (Prometheus, Grafana, OpenTelemetry), or DNS/TLS/CDN config — even if the user does not explicitly ask for best practices. Prevents the failure modes that hurt production teams most often: missing PDBs, single replicas in prod, latest image tags, public S3 buckets, long-lived credentials, missing observability, and CI/CD supply-chain risks. Apply opinionated defaults by default; surface tradeoffs when the user has reason to deviate.
headless-automation
Claude Code headless mode and CI/CD automation guide. Covers the -p flag for non-interactive execution, --output-format stream-json for structured output, GitHub Actions integration with anthropics/claude-code-action, GitLab CI and Jenkins pipeline patterns, batch processing with parallel instances, CLAUDE_CODE_TASK_LIST_ID for multi-instance coordination, and output parsing with jq. Use when automating Claude Code, setting up CI/CD pipelines, running batch processing, or scripting non-interactive workflows.
deepwiki
ALWAYS use when the user mentions an external repository, library, or protocol by name. Queries any public GitHub/GitLab/BitBucket repository to answer questions about its code, APIs, behavior, or implementation without cloning it.
daf-cli
Quick reference and safety guide for daf commands in Claude Code sessions
daf-git
GitHub/GitLab issue operations (update, link) with Markdown syntax reference and gh/glab CLI guide
daf-workflow
DevAIFlow session context loader. Activates when DAF_SESSION_NAME env var is set. Reads session metadata, issue tracker tickets, and context files to understand the current task. Provides per-command workflow guidance for daf open, daf new, daf git new, daf jira new, and daf investigate.
ai-adoption
Measure AI authorship in a git repo from commit signals (trailers, footers, bot identities) and render an executive deck. Local-only, no API calls. Use when the user asks "how much of this codebase is written by AI", wants an AI-adoption report, adoption trend, or human-vs-AI throughput. Methodology ported from StephanSchmidt/loupe (MIT); adds ulk's claude.ai/code trailer and accountability.jsonl ground truth.
review
Review the changes since a fixed point (commit, branch, tag, or merge-base) along two axes — Standards (does the code follow this repo's documented coding standards?) and Spec (does the code match what the originating issue/PRD asked for?). Runs both reviews in parallel sub-agents and reports them side by side. Use when the user wants to review a branch, a PR, work-in-progress changes, or asks to "review since X".
git-detect
Detects git remote URL, branch strategy, and CI provider from the target project's git config and CI files.
devpilot-pr-creator
Use when the user wants to create or update a pull request or merge request, open a PR/MR, push changes for review, update a PR description, or mark a draft as ready. Triggers on: "create pr", "open pull request", "make a pr", "submit mr", "merge request", "push for review", "ready for review", "/pr", "open mr", "ship it", "send for review", "update the pr", "update the description", "mark as ready".
vb6-guidelines
Applies general Visual Basic 6 conventions when editing .bas, .cls, .frm, .frx, .vbp, .vbg, .ctl, or .dob files, or any code identified as VB6 (not VB.NET, not VBA). Covers case-preservation in existing code (VB6 is case-insensitive but diff tools are not), Option Explicit requirement, Hungarian notation with scope prefix plus type prefix (mstr/mint/mcur for module-level in .bas; m_str/m_int/m_cur for module-level in .cls; gstr/gint for global; str/int/cur for parameters and locals), file header blocks for .cls modules with 80-hyphen delimiters, comment-per-field convention, Property Get/Let/Set patterns without public fields, ByVal/ByRef explicit declarations, Long over Integer for performance and overflow safety, preservation of Windows-1252 encoding and CRLF line endings, and never editing .frx files manually due to binary offset corruption. Activates for any Visual Basic 6 development task, code review, refactoring, or new file creation in a VB6 project.
mcp-deduplicator
MCP tool deduplication and unified abstraction layer for multi-server setups. Activate when the user has multiple MCP servers installed and wants to reduce tool noise, detect overlapping tools, understand which tool to use for a given task, or create routing rules that prevent Claude from wasting tokens choosing between near-identical tools. Handles: semantic duplicate detection across MCP servers, unified tool abstraction mapping, routing rule generation, tool conflict resolution, canonical tool naming, and per-server tool audits. Use when user says: too many tools, duplicate tools, MCP overlap, tool overload, which tool should I use, GitHub vs GitLab tools, Jira vs Linear tools, deduplicate my tools, clean up my MCP, tool conflict, tool sprawl, consolidate tools, multiple MCP servers, tool redundancy. Do NOT activate for: installing MCP servers, configuring individual MCP servers, writing code that calls MCP tools, general MCP setup questions without a deduplication goal. First response: "MCP Deduplicator a
deploy
Deploy web applications to DevTools Cloud from Git repositories. Use when the user wants to deploy, ship, publish, or launch a web app. Supports Node.js, Python, Go, and Rust with automatic build detection. Handles zero-downtime deployments with automatic rollback on failure. Do NOT use for domain management or log viewing.
ts-ddd-ci-design
Design and implement CI/CD pipelines for a TypeScript DDD clean architecture project — GitHub Actions, GitLab CI, Docker builds, environment promotion, and secrets management. Trigger when the user says "set up CI", "add a pipeline", "automate tests", "write a GitHub Actions workflow", "configure deployment", "add Docker support", "set up CD", "automate the build", or when the project needs automated quality gates before merge. Also trigger when the user asks about environment promotion (dev → staging → prod) or secrets management strategy.
ci-pipeline
GitHub Actions / GitLab CI 分阶段构建、缓存优化
kustomize-resource-validation
Auto-trigger skill that activates when any kustomization.yaml file is edited. Validates resource references, patch references, orphaned files, cross-environment consistency, build success, and generator configurations.
devpilot-resolving-review-threads
Use when responding to inline review comments after pushing fixes to a GitHub PR or GitLab MR — decide per thread whether to auto-resolve (fix verified at HEAD), reply with technical reasoning (reviewer misread or wrong), or leave open for the reviewer. Triggers on "respond to review comments", "resolve the review threads", "I pushed the fixes, now reply to the comments", "close out the review", "/resolve-review". Do NOT use for writing a review (use devpilot-pr-review) or creating a PR (use devpilot-pr-creator).
redact
Use when printing, logging, or verifying any credential, API key, token, or secret — pipe through redact to show only first/last 4 chars (e.g. fc1d...4439) instead of the full value
setup-ci
Analyze a GitHub repository and propose or improve a GitHub Actions CI setup with clearly separated jobs — one job per concern — so each check shows independently in the GitHub PR and Actions UI. Global and project-agnostic. Trigger when the user says "set up CI", "setup-ci", "add GitHub Actions", "propose CI jobs", "improve my CI", "add CI pipeline", "set up GitHub Actions workflow", "create GitHub Actions tests", or "suggest CI checks". SKIP when the user is asking about a non-GitHub CI system (Jenkins, CircleCI, GitLab CI) — this skill is GitHub Actions only.
spec-driven-cc-guide
Expert knowledge base for Claude Code Terminal — the CLI tool itself, not coding tasks. Implements 4 knowledge-retrieval phases with structural anti-skip enforcement using the Execute-Verify-Gate pattern at every step. Designed to prevent token optimization bias that causes reference file skipping by making every reference load mandatory and verifiable. MUST use this skill whenever the user asks about Claude Code features, configuration, setup, or troubleshooting. This includes: keyboard shortcuts not working (Option key, Alt+P, Shift+Enter, Ctrl+B), creating or configuring subagents/skills/commands/plugins, setting up hooks (PreToolUse, PostToolUse, HTTP hooks), installing or debugging MCP servers, GitHub Actions or GitLab CI/CD integration for PR reviews, switching models mid-conversation, undoing or rewinding Claude's changes, proxy/network configuration, permission modes, memory and CLAUDE.md setup, the /batch /simplify /debug bundled skills, git worktrees, agent teams, remote control, headless mode, or A
daily-standup-prep
Generate a per-team standup markdown report by gathering activity over the last N days from Jira, GitLab, Confluence, and a local Git repo. Maps activity to team members from a roster CSV, renders a Mermaid kanban + randomized talking order, captures a `daily`-tagged sprint snapshot, and runs a clarity-council (infographics-expert burndown chart + statistics-expert forecast + scrum-master suggestions) for sprint pulse. Writes one file per team into the Obsidian vault. Use when the user says "daily standup prep", "standup report", "generate standup", "scrum prep", or invokes /daily-standup-prep.
issue-suggest-component
Suggest Jira components for one ticket or sweep all open tickets in a project. Gathers context from Jira, Confluence, and GitLab, proposes a conservative set of existing components (or recommends new ones), and confirms with the user before any modification. Bulk mode default project key is read from memory (`reference_jira_default_project.md`); max 250 tickets, highest key first. Use when user says "suggest components", "tag components", "fix components", "categorize tickets", or invokes /issue-suggest-component with or without a ticket key.
chinese-git-workflow
国内 Git 平台配置参考——Gitee、Coding.net、极狐 GitLab、CNB 的 SSH/HTTPS/凭据/CI 接入差异与镜像同步配置。仅在用户显式 /chinese-git-workflow 时调用,不要根据上下文自动触发。
playwright-pro
Playwright E2E testing: page object model, fixture setup, network interception, visual regression, CI integration, and debugging flaky tests — production-grade browser automation
automation
Automation management via `automation.*` tools. Use when the user explicitly wants to create, inspect, update, list, or delete cron or webhook automations.
cicd-hardening
CI/CD pipeline hardening for GitHub Actions and GitLab CI — trust-model (pull_request_target vs pull_request), action pinning to SHA, OIDC-based cloud access, permissions minimization, runner isolation, and supply-chain gates (SLSA provenance, signing).
commit
Read this skill before making git commits
opencode-docs
Look up OpenCode documentation in the local mirror at ~/opencode-docs/. Use when answering questions about the OpenCode terminal UI, the `opencode` CLI, agents and subagents, opencode.json / opencode.jsonc config, skills, custom tools, plugins, MCP servers, providers and models, permissions, keybinds, themes, the SDK, share links, IDE integrations, GitHub/GitLab actions, ACP, or the LSP integration.
infisical-ci-integration
This skill activates when configuring CI/CD pipelines, writing GitHub Actions workflows, GitLab CI configs, Dockerfiles, Kubernetes manifests, or serverless deployment configs that need secret injection. It provides patterns for integrating Infisical into build and deployment pipelines.
secret-hygiene
This skill activates when detecting hardcoded strings that look like API keys or credentials, creating .env files, referencing process.env or os.environ without Infisical, or working with configuration files that contain sensitive values. It enforces secret hygiene practices and recommends moving secrets to Infisical.
launch-checklist
Validates full deployment readiness beyond code, checking infrastructure, Docker configuration, Kubernetes manifests, environment config, monitoring, security headers, and pipeline status. Use when launching, deploying to production, release readiness, go-live, deployment check, pre-launch, shipping to prod, or when preparing for production deployment.
pre-planning
Gathers context from multiple sources before entering plan mode, including git remote work items, codebase structure, reference projects, and memories. Detects platform from git remote. Use when starting planning, before plan mode, gather context, prep for planning, kickoff, starting a new feature, beginning work on a task, or before implementing something non-trivial.
aio-gitlab
Manage GitLab MRs, pipelines, branches, and CI jobs via gitlab-mcp (auto-installs if missing).
glitchtip
Use when deploying, configuring, integrating, or troubleshooting GlitchTip — including self-hosted installation, SDK setup, source maps, sentry-cli, uptime monitoring, alerting, environment variables, Docker Compose, Helm, social auth, and migration from Sentry
review-driven-development
Use when developing features from GitHub/GitLab issues through to merged PRs/MRs with iterative review cycles. Covers: issue research, implementation planning, worktree isolation, coding, testing, PR/MR creation, multi-reviewer code review (current agent, codex exec, claude -p), fix-review loops until APPROVE, merge and cleanup. Composable with TDD, BDD, systematic-debugging, and other methodology skills. Use this whenever: user provides an issue number (#NN), asks to implement a feature from an issue, wants to create a reviewed PR/MR, or needs code reviewed iteratively before merging. Even if the user just says "implement #42" or "work on issue 15", this skill applies.
gitbook-docs-expert
Use when creating or editing GitBook documentation: frontmatter, hint blocks, content-ref, embed blocks, tabs, code blocks, tables, SUMMARY.md navigation, and GitBook-specific syntax for use in external editors such as Cursor, Claude Code, or VS Code.
unified-cicd-platform
This skill should be used when the user is choosing a CI/CD platform, migrating between CI/CD providers, consolidating build and deployment pipelines, designing pipeline architecture across application and infrastructure code, setting up drift detection, configuring OIDC authentication for pipelines, or discussing the operational cost of multiple CI/CD systems. Covers platform selection, the cost of multi-platform CI/CD, what 'everything on one platform' means, OIDC pipeline authentication, Jenkins migration, and scheduled pipeline jobs like drift detection.
ci-cd-pipeline-builder
CI/CD Pipeline Builder
pr-review-expert
PR Review Expert
project-analyzer
Scan project directory to identify tech stack, frameworks, work patterns, and toolchain. Outputs structured project profile for agent-gap-analyzer. Use when onboarding a new project or auditing project characteristics.
ci-cd-automation
GitHub Actions、Fastlane、Bitriseを活用したCI/CDパイプライン構築。自動ビルド、テスト実行、コード署名、TestFlight配布、App Store申請まで、開発からリリースまでの完全自動化ガイド。
code-review
効果的なコードレビューの実施方法、レビュー観点チェックリスト、建設的なフィードバック技術、セルフレビュー手法、自動化ツール活用まで、品質とチームコラボレーションを向上させる包括的ガイド。
git-workflow
Git運用・ブランチ戦略・コミット規約・PR管理の包括的なガイド。ブランチ戦略の選択、コミットメッセージ規約、コンフリクト解決、Git hooks活用など、Gitに関する全ての判断基準と手順を提供します。
matematic-workspace-backup
Konfiguracja szyfrowanego backupu Google Workspace dla kancelarii prawnych przez gogcli + age + prywatne repo Git. Używaj gdy klient-kancelaria pyta o RODO art. 32, ciągłość Workspace, ochronę przed lockout/ransomware, lub gdy MateMatic robi audyt zgodności backup'u. Trigger keywords - "backup Workspace", "art. 32 RODO", "ciągłość Workspace", "kancelaria backup Gmail/Drive", "lockout Google", "DR drill".
librarian
Cache and refresh remote git repositories under ~/.cache/checkouts/<host>/<org>/<repo> so future references can reuse a local copy. Use this skill when the user points you to a remote git repository or you encountered a remote git repo through other means.
gitlab-setup
Install and configure the glab GitLab CLI tool. Use this skill when the user needs to set up glab, authenticate with GitLab, or troubleshoot glab installation issues.
vercel
Deploys applications to Vercel including serverless functions, edge functions, environment variables, and CI/CD. Use when deploying Next.js applications, frontend projects, or serverless APIs.
vercel
Deploys applications to Vercel including serverless functions, edge functions, environment variables, and CI/CD. Use when deploying Next.js applications, frontend projects, or serverless APIs.
ci-cd
Use when the user asks to create, edit, debug, or optimize CI/CD pipelines, workflow YAML, build/test jobs, deployment automation, matrix builds, caches, permissions, or secrets in GitHub Actions, GitLab CI, CircleCI, Jenkins, or similar systems.
ship
Deploy a release to production or staging — pre-flight checks, release notes, deploy via project CI or docs, post-deploy smoke test. Use when landing an increment or closing a sprint increment.
kung-fu
A package manager for AI knowledge. Meta-skill for on-demand skill discovery and installation — search curated local repositories or the global skills.sh registry. Self-teaching capability that finds, evaluates, and installs relevant skills when the agent lacks expertise. Use when encountering unfamiliar frameworks, languages, tools, or domains. Use when you need to "learn a skill", "find skills for X", "search for skills", or when you lack expertise in a specific technology.
issue-prioritize
Fetch open issues from GitHub, GitLab, or Linear, score them by impact/urgency/readiness/risk, and recommend the top issues to address next. Analysis-only — no mutations.
skills-readme-updater
This skill should be used after creating or modifying skills to update the main README.md file. It scans all skills in ~/.claude/skills/, extracts metadata from SKILL.md files, and regenerates the README with categorized skill listings. Triggers on requests mentioning "update skills readme", "refresh skills list", or after adding new skills.
Integration detected automatically from skill content. Some results may be false positives.