cicd
5K
update-docker-image
Update runtime dependency versions, validate Docker build compatibility, and drive the Docker image PR workflow.
inclusionAI
devops
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
cicd
5K
add-workflow
Guide for adding a new RolloutWorkflow to AReaL. Use when user wants to create a new workflow.
inclusionAI
devops
cicd
4.9K
code-exec-fallback-266cba
Fallback workflow for reliable code execution when sandbox fails repeatedly
HKUDS
devops
cicd
4.9K
finalize-zip-deliverable
Ensures codebase deliverables are properly archived into a ZIP file before marking task complete
HKUDS
devops
cicd
4.9K
search-fallback-workflow
Graceful degradation workflow for continuing tasks when web search tools fail, using internal knowledge with verification caveats
HKUDS
devops
cicd
4.9K
web3-fullstack-packaged-build
Systematic full-stack Web3 build with mandatory packaging and delivery phase
HKUDS
devops
cicd
4.9K
writing-plans
Use when design is complete and you need detailed implementation tasks for engineers with zero codebase context - creates comprehensive implementation plans with exact file paths, complete code examples, and verification steps assuming engineer has minimal domain knowledge
microsoft
devops
cicd
4.5K
devcontainer-setup
Creates devcontainers with Claude Code, language-specific tooling (Python/Node/Rust/Go), and persistent volumes. Use when adding devcontainer support to a project, setting up isolated development environments, or configuring sandboxed Claude Code workspaces.
trailofbits
devops
cicd
4.3K
app-review
Review and process app submissions for the Pollinations showcase. Parse issues, validate submissions, create PRs, handle user corrections.
pollinations
devops
cicd
4.3K
temporary-id-safe-output
Plan for adding temporary ID support to safe output jobs
github
devops
cicd
4.2K
building-devsecops-pipeline-with-gitlab-ci
Design and implement a comprehensive DevSecOps pipeline in GitLab CI/CD integrating SAST, DAST, container scanning, dependency scanning, and secret detection.
mukul975
devops
cicd
4.2K
building-patch-tuesday-response-process
Establish a structured operational process to triage, test, and deploy Microsoft Patch Tuesday security updates within risk-based remediation SLAs.
mukul975
devops
cicd
4.2K
building-threat-intelligence-platform
Building a Threat Intelligence Platform (TIP) involves deploying and integrating multiple CTI tools into a unified system for collecting, analyzing, enriching, and disseminating threat intelligence. T
mukul975
devops
cicd
4.2K
building-vulnerability-dashboard-with-defectdojo
Deploy DefectDojo as a centralized vulnerability management dashboard with scanner integrations, deduplication, metrics tracking, and Jira ticketing workflows.
mukul975
devops
cicd
4.2K
implementing-code-signing-for-artifacts
This skill covers implementing code signing for build artifacts to ensure integrity and authenticity throughout the software supply chain. It addresses signing binaries, packages, and containers using GPG, Sigstore, and platform-specific signing tools, establishing trust chains, and verifying signatures in deployment pipelines.
mukul975
devops
cicd
4.2K
implementing-continuous-security-validation-with-bas
Deploy Breach and Attack Simulation tools to continuously validate security control effectiveness by safely emulating real-world attack techniques across the kill chain.
mukul975
devops
cicd
4.2K
implementing-just-in-time-access-provisioning
Implement Just-In-Time (JIT) access provisioning to eliminate standing privileges by granting temporary, time-bound access only when needed. This skill covers JIT architecture design, approval workflo
mukul975
devops
cicd
4.2K
implementing-patch-management-workflow
Patch management is the systematic process of identifying, testing, deploying, and verifying software updates to remediate vulnerabilities across an organization's IT infrastructure. An effective patc
mukul975
devops
cicd
4.2K
implementing-secrets-scanning-in-ci-cd
Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment
mukul975
devops
cicd
4.2K
integrating-dast-with-owasp-zap-in-pipeline
This skill covers integrating OWASP ZAP (Zed Attack Proxy) for Dynamic Application Security Testing in CI/CD pipelines. It addresses configuring baseline, full, and API scans against running applications, interpreting ZAP findings, tuning scan policies, and establishing DAST quality gates in GitHub Actions and GitLab CI.
mukul975
devops
cicd
4.2K
integrating-sast-into-github-actions-pipeline
This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub Actions CI/CD pipelines. It addresses configuring automated code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results to GitHub Advanced Security, and establishing quality gates that block merges when high-severity vulnerabilities are detected.
mukul975
devops
cicd
4.2K
performing-red-team-with-covenant
Conduct red team operations using the Covenant C2 framework for authorized adversary simulation, including listener setup, grunt deployment, task execution, and lateral movement tracking.
mukul975
devops
cicd
4K
cto-advisor
Technical leadership guidance for engineering teams, architecture decisions, and technology strategy. Use when assessing technical debt, scaling engineering teams, evaluating technologies, making architecture decisions, establishing engineering metrics, or when user mentions CTO, tech debt, technical debt, team scaling, architecture decisions, technology evaluation, engineering metrics, DORA metrics, or technology strategy.
openclaw
devops