Browse skills

Comprehensive cloud infrastructure configuration reviewer that audits Terraform, CloudFormation, Pulumi, Kubernetes manifests, Docker Compose, and Helm charts for security misconfigurations, cost optimization opportunities, reliability risks, and compliance violations. Checks against CIS benchmarks and AWS/GCP/Azure best practices. Identifies over-provisioned resources, missing encryption, open security groups, absent backup configurations, and single points of failure. Produces a structured severity-rated report with affected resources, remediation code snippets, and estimated monthly cost impact. Supports multi-cloud and hybrid deployments.

Validate .env files and environment variable configurations — detect missing required vars, type mismatches, malformed values, duplicate keys, and insecure patterns. Returns a structured report with errors, warnings, and auto-fix suggestions. The guard rail before any deploy, docker-compose up, or CI pipeline runs.

Validate and auto-repair YAML syntax errors — fix bad indentation, duplicate keys, trailing whitespace, missing colons, unclosed quotes, tab characters, and anchor/alias issues. Returns the corrected YAML plus a change log of every fix applied. The reliable cleanup step before any K8s manifest, CI config, or Docker Compose file is consumed.

Generate complete mock API servers from OpenAPI/Swagger specs, example request/response pairs, or natural language descriptions. Produces runnable mock server code (Node.js Express or Python Flask) with realistic fake data, configurable latency, error simulation, request validation, and stateful CRUD operations. Perfect for frontend development, integration testing, and CI pipelines when the real API isn't ready.

Generate comprehensive, well-structured pull request descriptions from git diffs and commit history. Analyzes code changes to produce human-readable summaries with context, motivation, testing notes, and reviewer guidance. Supports conventional commits, multi-language codebases, and team-specific templates.

Scan project dependencies for known vulnerabilities (CVEs), license risks, and outdated packages. Supports npm, pip, Go, Rust, Ruby, Java. Returns structured vulnerability report with severity ratings, CVSS scores, remediation commands, and risk score for CI/CD gates.

Parse, search, and analyze application logs: auto-detect format (JSON, syslog, Apache/Nginx, custom), extract error patterns, compute frequency stats, find correlated events, and generate incident summaries. Handles multi-GB logs efficiently via streaming.

Parse, search, and analyze application logs: auto-detect format (JSON, syslog, Apache/Nginx, custom), extract error patterns, compute frequency stats, find correlated events, and generate incident summaries. Handles multi-GB logs efficiently via streaming.

Run a persistent Jupyter kernel for interactive data science: execute cells, keep state across steps, inspect dataframes, and render plots — without re-running the world.