Browse skills

Comprehensive cloud infrastructure configuration reviewer that audits Terraform, CloudFormation, Pulumi, Kubernetes manifests, Docker Compose, and Helm charts for security misconfigurations, cost optimization opportunities, reliability risks, and compliance violations. Checks against CIS benchmarks and AWS/GCP/Azure best practices. Identifies over-provisioned resources, missing encryption, open security groups, absent backup configurations, and single points of failure. Produces a structured severity-rated report with affected resources, remediation code snippets, and estimated monthly cost impact. Supports multi-cloud and hybrid deployments.

Validate and auto-repair YAML syntax errors — fix bad indentation, duplicate keys, trailing whitespace, missing colons, unclosed quotes, tab characters, and anchor/alias issues. Returns the corrected YAML plus a change log of every fix applied. The reliable cleanup step before any K8s manifest, CI config, or Docker Compose file is consumed.

Convert natural language scheduling descriptions into valid cron expressions. Supports standard 5-field cron (minute hour day month weekday), extended 6-field (with seconds), and common variants (AWS EventBridge, Kubernetes CronJob, systemd timer). Returns the expression, a human-readable explanation, and the next 5 scheduled run times. Deterministic: same input always yields same output.

Analyze SQL queries and EXPLAIN plans to identify performance bottlenecks, then produce optimized rewrites with index recommendations. Supports PostgreSQL, MySQL, SQLite, and SQL Server dialects. Covers full table scans, N+1 patterns, missing indexes, subquery flattening, join optimization, and query plan interpretation. Returns optimized query, index DDL, and estimated improvement.

Deep security audit of source code — detect vulnerabilities (OWASP Top 10, CWE-25), find secrets/credentials, flag injection vectors, identify insecure dependencies, analyze authentication/authorization flaws, and produce a prioritized remediation report with severity ratings (Critical/High/Medium/Low), CWE IDs, and fix suggestions. Supports Python, JavaScript/TypeScript, Go, Rust, Solidity, Java, C/C++, Ruby, PHP.

Validate YAML, JSON, TOML, and .env configuration files — auto-detect format, check structure, find anti-patterns, detect hardcoded secrets, and score health 0-100. Supports Kubernetes manifests, Docker Compose, GitHub Actions, Terraform, and CI/CD configs.

Analyze and optimize Dockerfiles: reduce image size, improve build cache usage, fix security issues (running as root, secrets in layers), apply multi-stage patterns, pin versions, and lint against best practices. Returns optimized Dockerfile + explanation of every change.

Generate structured changelogs and release notes from git history. Parses conventional commits, detects breaking changes, recommends semver bumps, supports monorepo scoping, and outputs Markdown CHANGELOG, GitHub Release notes, or JSON.

Validate YAML, JSON, TOML, and .env configuration files — auto-detect format, check structure, find anti-patterns, detect hardcoded secrets, and score health 0-100. Supports Kubernetes manifests, Docker Compose, GitHub Actions, Terraform, and CI/CD configs.

Analyze and optimize Dockerfiles: reduce image size, improve build cache usage, fix security issues (running as root, secrets in layers), apply multi-stage patterns, pin versions, and lint against best practices. Returns optimized Dockerfile + explanation of every change.