iuliandita

· Build/review AI apps: LLMs, RAG, embeddings, agents, evals, local inference. Triggers: 'llm', 'rag', 'embedding', 'openai sdk', 'agent loop', 'fine-tune', 'ollama', 'vllm'. Not for MCP (use mcp).

· Design/review HTTP APIs for FastAPI, Express, NestJS: REST, OpenAPI, pagination, OAuth/JWT. Triggers: 'fastapi', 'express', 'nestjs', 'openapi', 'pagination', 'idempotency', 'rest api', 'endpoint'. Not for schemas (use databases).

· Browse/scrape web pages with Lightpanda, Playwright MCP, agent-browser, or fetch. Triggers: 'browse', 'scrape', 'headless', 'open url', 'read website', 'fill form', 'crawl'. Not for E2E tests (use testing).

· Review code for correctness: bugs, edge cases, races, leaks, regressions. Triggers: 'review', 'code review', 'find bugs', 'check this', 'spot check', 'sanity check'. Not for style/slop (anti-slop) or vulnerabilities (security-audit).

· Audit read-only code slimming: safe deletion, deduplication, wrapper removal, shared contracts. Triggers: 'slim codebase', 'LOC deletion review', 'dedupe safely'. Not for style/slop, bugs, tests, or broad reviews.

· Write/debug shell commands, scripts, dotfiles, completions for zsh, bash, POSIX sh, fish. Triggers: 'shell', 'script', '.zshrc', '.bashrc', 'alias', 'completion', 'trap'. Not for CI blocks (use ci-cd).

· Run dev workflow: branch, implement, lint/test, review, docs, PR, merge, release. Triggers: 'start working', 'kick off', 'wrap up', 'ship this', 'ready to ship'. Not for single git ops (use git).

· Build/critique frontend UIs with taste, rejecting AI design tells. Mobile-first, touch-aware, dark+light. Triggers: 'frontend', 'ui', 'ux', 'css', 'tailwind', 'landing page', 'design review'. Not for code logic (code-review).

· Handle git branches, commits, remotes, conflicts, hooks, signing, releases, PR/MR workflows. Triggers: 'git', 'commit', 'branch', 'merge', 'rebase', 'tag', 'push', 'PR', 'MR', 'gh', 'glab'.

· Review product, engineering, design, and business decisions with Jekyll/Hyde lenses. Triggers: 'jekyll', 'hyde', 'decision review', 'strategy review', 'red-team', 'dark pattern'.

This skill performs 5-wave repository audits, persists findings, and generates phased tasks. It is triggered by commands like 'deep audit' or 'full audit', and is not intended for quick sweeps.

Writes and reviews Ansible playbooks, roles, inventories, Vault, Molecule, and AWX/AAP. Triggered by 'ansible', 'playbook', 'role', 'inventory', 'group_vars', and 'ansible-lint'.

Administers Arch/CachyOS systems, covering pacman, AUR, systemd, boot, desktop, GPU, and gaming. Triggers include 'arch linux', 'cachyos', 'pacman', 'paru', 'mkinitcpio', and 'hyprland', and it is not for Debian, Fedora, or NixOS.

Configures, tunes, and migrates PostgreSQL, MongoDB, MySQL/MariaDB, and MSSQL, with triggers like 'database', 'postgres', 'mysql', 'mongodb', 'schema', 'migration', 'pgbouncer', and 'EXPLAIN'. This is not for HTTP APIs (use backend-api).

Writes and reviews CI/CD for GitHub Actions, GitLab, Forgejo/Gitea, and Woodpecker, with triggers like 'ci/cd' and 'pipeline', excluding git workflows.

Checks Kubernetes cluster health using read-only diagnostics. Triggers include 'cluster health', 'health check', 'cluster status', 'diagnostics', 'post-maintenance', and 'node status', but it's not for manifests/IaC.

This skill involves hunting novel vulnerabilities using reversing, patch diffing, fuzzing, and attack surface analysis, including PoC development. It covers zero-day, variant analysis, exploit development, and CVEs, distinct from SAST security audits.

Converts notes into structured LLM prompts or refines existing ones. It is activated by phrases like 'write a prompt' and 'rewrite this prompt', but is not intended for skills or routines.

· Create/review skills: frontmatter, triggers, overlaps, collection consistency, retrospective updates. Triggers: 'skill creator', 'new skill', 'skill audit', 'skill review', 'update skill library'.

· Improve skill collections or a named skill with iterative scoring, lint checks, behavioral tests, peer review. Triggers: 'skill refiner', 'improve skills', 'quality sweep', 'batch improve', 'skill loop', 'target 99%'.

· Sweep docs after changes: README, changelog, API, runbooks. Triggers: 'update docs', 'refresh docs', 'sync docs', 'docs drift', 'merged PR', 'release cut', 'version bump', 'update changelog'. Not for PR text (use git).

· Create/troubleshoot VMs and hypervisors: Proxmox, QEMU/KVM, libvirt, XCP-ng, vSphere. Triggers: 'proxmox', 'qemu', 'kvm', 'libvirt', 'virsh', 'vm', 'hypervisor', 'cloud-init', 'xcp-ng'. Not for containers (use docker).

Audits application internationalization and localization, checking for hardcoded strings, locale catalogs, translations, and fallback gaps.

Writes and reviews Kubernetes manifests, Helm, Kustomize, Gateway API, ArgoCD, and sealed secrets. Triggers include 'kubernetes', 'k8s', 'helm', 'kubectl', 'deployment', 'pod', 'ingress', and 'gateway'.

Manages Kali Linux, including apt, branches, metapackages, images, live USB persistence, NetHunter, and wireless/GPU, triggered by terms like kali, kali rolling, kali snapshot, kali-tweaks, and nethunter.

Handles authorized privilege escalation, CTFs, and post-exploitation on Linux, containers, and K8s, with triggers including 'privesc', 'CTF', 'pentest', 'post-exploitation', 'container escape', 'SUID', and 'GTFOBins'. This skill is not for hardening; use security-audit for that.

Build and review MCP servers, tools, resources, prompts, transports, OAuth, and elicitation. This skill is triggered by terms like 'mcp' or 'model context protocol' and is not for HTTP APIs.

Writes Claude Code routine prompts for schedules, APIs, and GitHub events. It handles recurring tasks and is triggered by keywords like 'routine' or '/schedule', not one-off prompts.

Administers RHEL/Fedora/CentOS/Rocky/Alma/Amazon Linux systems, utilizing dnf, yum, SELinux, firewalld, and dracut. This skill is triggered by terms like 'rhel', 'fedora', 'centos stream', 'rocky', 'dnf', 'selinux' and is not intended for other distributions.

Audits prose in documents, PRs, emails, slides, and docstrings for signs of AI generation. Triggers include phrases like 'ai writing' or 'sounds like chatgpt'. This is not for code.

Writes and reviews Dockerfiles, Compose, OCI/Podman/BuildKit builds, container signing, and hardening. This skill is not for K8s manifests; use the kubernetes skill for those.

Administer Debian/Ubuntu/Mint/Pop operating systems, covering tools like apt, dpkg, PPAs, snaps, systemd, GRUB, HWE, and desktop environments.

This skill audits AI-generated code for common issues such as hallucinated APIs, over-abstraction, duplicate code, test theater, and noisy comments. It is triggered by terms like 'slop', 'AI-generated code', 'cleanup', or 'overengineered', and is not intended for prose.

Performs a combined code-review, anti-slop, security-audit, and documentation update pass. It is triggered by phrases like 'full review' or 'run all checks', and is not intended for single-dimension audits.

Manages OPNsense/pfSense via SSH, covering pfctl, pf rules, CARP, CrowdSec, and pfBlockerNG. Triggers include 'opnsense', 'pfsense', 'pfctl', 'CARP', 'configctl', and it is not for Linux firewalls.

Audits code security, focusing on OWASP, credentials, authentication, access control, supply chain, and hardening. It's triggered by terms like 'security audit' or 'OWASP', and is not for offensive work (use lockpick).

Writes and debugs various types of tests including unit, integration, E2E, TDD, mocks, fixtures, accessibility, and performance. This skill is triggered by terms like 'test', 'spec', 'TDD', 'playwright', 'vitest', 'jest', 'pytest', 'coverage', and 'flaky', but is not for security tests.

Administers NixOS/Nix, including flakes, home-manager, nix-darwin, generations, overlays, and disko. This skill is specific to NixOS/Nix and not applicable to other Linux distributions.

This skill writes and reviews Terraform/OpenTofu HCL, modules, state, and policy-as-code, supporting various related tools, but it is not for Kubernetes manifests.

Configures and troubleshoots Linux networking, covering DNS, proxies, VPNs, VLANs, nftables, and routing. This skill does not apply to OPNsense firewall appliances.

Capture, track, and prioritize ideas in the gitignored ROADMAP.md file. Triggers include 'roadmap', 'ideas', 'feature ideas', 'competitive analysis', 'what should I build', and 'feature backlog'. This skill is not for project management or code review.

Routes user requests to the correct installed skill with minimal loading. It handles trigger conflicts and skill overlap, but is not for creating new skills (use skill-creator).