executing-plans
Use when partner provides a complete implementation plan to execute in controlled batches with review checkpoints - loads plan, reviews critically, executes tasks in batches, reports for review between batches
parallel-ready-django
Audit and prepare a Django codebase for parallel multi-agent development. Use when asked to check if a Django project is ready for parallelization, prepare a repo for multi-agent work, audit codebase structure, set up orchestration infrastructure, or identify blockers for parallel development. Analyzes Django apps, models, migrations, and module boundaries.
writing-plans
Use when you have a spec or requirements for a multi-step task, before touching code
docker-build-push-action
GitHub ActionsでのDockerビルド/プッシュを設計・実装するスキル。 レジストリ認証、キャッシュ戦略、マルチプラットフォーム対応を整理する。 Anchors: • docker/build-push-action / 適用: ビルドとプッシュ / 目的: 自動化 • BuildKit / 適用: キャッシュ最適化 / 目的: ビルド高速化 • Registry Authentication / 適用: 認証設計 / 目的: 安全な配布 Trigger: Use when configuring GitHub Actions for Docker build and push, managing registry auth, or optimizing BuildKit cache. docker build push action, buildx, registry auth, github actions docker
agentuity-cli-cloud-deployment-undeploy
Undeploy the latest deployment. Requires authentication. Use for Agentuity cloud platform operations
k8s-manifests
Create, validate, and manage Kubernetes and OpenShift YAML manifests. Use this skill when: (1) Creating any K8s/OCP resources: Deployments, StatefulSets, DaemonSets, Jobs, CronJobs, Pods (2) Creating networking resources: Services, Ingress, NetworkPolicies, OCP Routes (3) Creating config/storage: ConfigMaps, Secrets, PVCs, PVs, StorageClasses (4) Creating RBAC: ServiceAccounts, Roles, RoleBindings, ClusterRoles, ClusterRoleBindings (5) Creating OCP-specific: DeploymentConfigs, BuildConfigs, ImageStreams, SCCs, Templates (6) Validating or reviewing existing manifests for best practices (7) Converting between K8s and OCP resource types (8) Generating Helm charts or Kustomize overlays
build-variant-from-local-kits
Build a variant using locally published kits for development validation
trivy
This skill should be used when scanning container images, filesystems, or repositories for vulnerabilities using Trivy. Use for CVE detection, security analysis, vulnerability comparison across image versions, understanding scan output (severity levels, status fields), and batch scanning multiple images.
ghe-transition
CHANGE phases in the GitHub Elements workflow. Closes current thread and opens next phase thread. This is a PHASE CHANGE operation, not just saving progress. USE THIS SKILL WHEN: - User says "transition to TEST" or "move to REVIEW" - User says "I'm done with DEV, start TEST" or "DEV complete" - User says "advance to next phase" or "close this phase" - User says "demote to DEV" (from TEST or REVIEW) - User says "tests pass, ready for review" - User says "merge this" (after REVIEW PASS) - User explicitly wants to END current phase and BEGIN next DO NOT USE THIS SKILL WHEN: - User just wants to SEE status (use ghe-status) - User wants to START work on new issue (use ghe-claim) - User wants to SAVE progress but CONTINUE working (use ghe-checkpoint) - User wants reports (use ghe-report) - User is not ready to END current phase IMPORTANT: This CLOSES current thread and OPENS next thread. Use ghe-checkpoint if you just want to save progress without changing phases. EXAMPLES: <example> Context: DEV work complete,
security-scanning
CI/CDパイプラインに統合するセキュリティスキャンの設計と実装を支援するスキル。 依存関係の脆弱性検出、コンテナイメージスキャン、SBOM生成、シークレット検出を対象とする。 Anchors: • OWASP Dependency-Check / 適用: 脆弱性検出とリスク評価 / 目的: 既知の脆弱性の特定 • CIS Docker Benchmark / 適用: コンテナセキュリティ / 目的: コンテナイメージの安全性確保 • NIST SBOM Guidelines / 適用: ソフトウェア部品表 / 目的: サプライチェーンの透明性 Trigger: Use when setting up security scanning in CI/CD, detecting vulnerabilities in dependencies, scanning container images, generating SBOM, or detecting secrets in code. security scan, vulnerability, trivy, dependabot, npm audit, container scan, SBOM, secret detection
confidence-check
Pre-implementation confidence assessment (≥90% required). Use before starting any implementation to verify readiness with duplicate check, architecture compliance, official docs verification, OSS references, and root cause identification.
reusable-workflows
GitHub Actions再利用可能ワークフローの専門スキル。 ワークフロー共有、入力・出力設計、シークレット管理を提供します。 Anchors: • 『Continuous Delivery』(Jez Humble) / 適用: CI/CD / 目的: パイプライン設計と自動化戦略 Trigger: GitHub Actions再利用可能ワークフロー作成時、共通CI/CDパイプライン設計時に使用
helm-charts-audit
Audits Helm charts for anti-patterns, security issues, and best practice violations. Use when asked to audit, review, or check Helm chart quality. Generates a comprehensive report under reports/YYYY-MM-DD/helm-charts-audit.md. (project)
operability
Operations - deployment, rollback, feature flags. Use for ops tooling.
deployment-strategies
デプロイ戦略の選定、実装、検証、ロールバック計画を体系化するスキル。 Blue-Green/Canary/Rolling の適用判断と運用設計を整理する。 Anchors: • Release It! / 適用: デプロイ安定性 / 目的: 本番運用の安全性 • Continuous Delivery / 適用: 段階的リリース / 目的: リスク低減 • Observability / 適用: 検証設計 / 目的: 監視による品質担保 Trigger: Use when choosing deployment strategies, designing rollout plans, preparing rollback procedures, or validating deployment readiness. blue green, canary, rolling deployment, rollback, smoke test
parallel-jobs-gha
GitHub Actionsの並列ジョブ実行とジョブ依存関係管理のスキル。needs構文による依存関係制御、outputs/artifacts/cacheを活用したデータ受け渡し、matrix戦略による並列度調整を提供する。 Anchors: • The Pragmatic Programmer (Andrew Hunt, David Thomas) - CI/CDパイプラインの段階的改善による実行時間短縮とリソース効率化 • GitHub Actions公式ドキュメント - needs構文、outputs、artifacts、cacheの正確な実装 • Continuous Delivery (Jez Humble, David Farley) - フィードバックサイクル短縮とパイプライン最適化 Trigger: Use when implementing parallel job execution in GitHub Actions, managing job dependencies with needs syntax, or optimizing workflow performance through parallelization.
approval-gates
承認ゲートの設計・評価・運用を体系化し、変更管理とリリース判断を安全に進めるスキル。 リスク評価に基づくゲート条件、手動承認と自動検証の分離、監査可能な記録設計を支援します。 Anchors: • The Pragmatic Programmer / 適用: 品質ゲートの段階化 / 目的: 変更の安全性を段階的に高める • リスク評価フレームワーク / 適用: 影響度と発生確率の分類 / 目的: ゲート条件の科学的根拠を整える • ITIL Change Enablement / 適用: 変更承認フロー / 目的: 監査可能な意思決定を実現する Trigger: Use when designing approval gates, change control checkpoints, release readiness criteria, or governance workflows that require risk-based approvals and audit trails.
deployment-environments-gha
GitHub Actions の environments 設計、承認フロー、シークレット運用を体系化するスキル。 複数環境の保護ルールと段階的デプロイを整理する。 Anchors: • Release It! / 適用: 環境分離 / 目的: 本番保護 • GitHub Actions / 適用: environments と approval / 目的: 標準的な運用設計 • The Pragmatic Programmer / 適用: 自動化 / 目的: 手順の一貫性 Trigger: Use when setting up multi-environment deployments, approval gates, protection rules, or environment-specific secrets in GitHub Actions. github actions environments, approval workflow, deployment gates, environment secrets
workflow-security
GitHub Actionsワークフローセキュリティの専門スキル。 権限最小化、シークレット保護、サプライチェーン攻撃対策を提供します。 Anchors: - GitHub Actions Security Hardening(GitHub公式)/ 適用: ワークフロー権限・シークレット保護 / 目的: 安全な自動化 - OWASP CI/CD Security(OWASP)/ 適用: サプライチェーン対策 / 目的: 脆弱性防止 - Principle of Least Privilege / 適用: 権限設計全般 / 目的: 攻撃面最小化 Trigger: ワークフロー権限監査時、シークレット漏洩対策時、サプライチェーン攻撃対策時、PRワークフロー設計時に使用
kubernetes-manifest-generator
Generates Kubernetes manifests (Deployments, Services, Ingress, ConfigMaps, Secrets) with best practices for production workloads. Use when user asks to "create k8s manifest", "generate Kubernetes deployment", "setup k8s service", or "create Kubernetes resources".
quality-gates
Systematic quality verification procedures for code review and delivery. Use when validating completed work, conducting code reviews, or ensuring production readiness.
