Loading...
Loading...
Found 1,718 Skills
Guides SOC operations—alert triage, SIEM/EDR investigation, enrichment, playbook execution, false-positive closure, escalation decisions, and detection tuning feedback. Use when working SOC queues, investigating suspicious alerts, correlating events, documenting analyst notes, or deciding escalate vs close—not for declared incident command, timelines, evidence preservation, or regulatory comms (incident-responder), incident program design (incident-management-engineer), binary/firmware RE (reverse-engineer), red team operations (red-team-specialist), or enterprise security strategy (cybersecurity).
Guides enterprise data center portfolio planning and execution—multi-site capacity roadmaps, investment prioritization (build, expand, refresh, exit, colo vs owned), portfolio RAID and dependency management across DC programs, stage-gate governance, capex/opex alignment, regional and resiliency strategy, and steering-committee reporting. Use when prioritizing several DC initiatives, harmonizing site plans over 3–5 years, tracking a portfolio of hall builds and refreshes, or aligning facilities/IT/finance on DC investments—not for a single hall MEP design (data-center-design-execution-lead), host-level utilization (data-center-compute-supply-efficiency), generic software programs (technical-program-manager), or cloud IaC (infrastructure-engineer). For executing approved MW/rack delivery on schedule, use senior-data-center-capacity-delivery-manager.
Guides secure software delivery and DevSecOps for cleared/classified or high-side programs—disconnected or air-gapped CI/CD, artifact promotion across classification boundaries (conceptual), SBOM/signing/ provenance, SAST/DAST/secrets/IaC/container gates, supply-chain controls, STIG/CIS deploy baselines, IaC for classified landing zones, cleared developer workstations, build/deploy audit logging, and ATO/RMF pipeline evidence (not SSP ownership). Use for classified DevSecOps, cleared pipeline, high-side CI/CD, air-gapped build, cross-domain release, classified software delivery, STIG pipeline, ATO evidence CI, SBOM classified, secure software factory—not portfolio cyber governance (classified-cyber-security-senior-manager), ISSO/SSP (information-systems-security-officer-classified-specialist), commercial-only DevSecOps (devsecops), general DevOps (devops), build-only validation (build-validator), pentest (penetration-tester), or enterprise GRC-only (compliance-specialist).
Guides identity and access management—workforce and machine identity lifecycle, RBAC/ABAC/PBAC entitlement design, access reviews and recertification, SSO/SAML/OIDC federation, privileged access (PAM/JIT), cloud IAM least privilege (AWS/GCP/Azure concepts), service accounts and secrets hygiene, and separation of duties. Use for IAM, identity governance, access review, RBAC, least privilege, SSO federation, PAM, privileged access, cloud IAM policy, service account, or SoD—not full cloud landing zone architecture (enterprise-cloud-architect), broad cloud security controls (cloud-security-engineer), day-2 break-glass ticket execution only (cloud-system-administrator), pentest (penetration-tester), or legal/HR policy drafting only.
Guides engineering of multi-agent systems—agent roles and specialization, orchestration topologies (supervisor, peer-to-peer, hierarchical, blackboard), task decomposition and routing, inter-agent messaging (A2A-style patterns), shared vs partitioned state, fan-out/fan-in and DAG workflows, synchronization and consensus, conflict resolution, fault tolerance and retries across agents, cost/latency/token budgets, cross-agent observability, testing multi-agent flows, and deployment (queues, durable workflows). Framework-agnostic; high-level LangGraph, Deep Agents, and agenthub—not single-agent loops (agentic-ai-developer), ML training (ai-engineer), strategy-only whiteboard (enterprise-strategist), or PM planning (technical-program-manager). Use for multi-agent system, multi-agent engineer, agent orchestration, supervisor agent, agent topology, fan-out fan-in, agent handoff protocol, multi-agent workflow, agent coordination, blackboard pattern, hierarchical agents, A2A, agent DAG, multi-agent architecture.
Guides property and casualty (P&C) insurance—commercial and personal lines, major LOBs (property, GL, workers comp, commercial auto, umbrella, specialty), underwriting and risk selection, policy triggers (occurrence vs claims-made), limits and exclusions, claims (FNOL, reserving, litigation), reinsurance and catastrophe, distribution (agents, brokers, MGAs), metrics (loss ratio, combined ratio, cat load), and state DOI/rate filing overview—not legal advice. Use for P&C insurance, property and casualty, commercial lines, workers comp, general liability, combined ratio, loss ratio, underwriting, claims-made, occurrence policy, reinsurance, catastrophe, MGA, rate filing, or FNOL—not actuarial modeling (actuary), life/health depth, legal interpretation (commercial-counsel), or GRC controls without insurance context (compliance-engineer).
Guides supply chain management—sourcing and supplier qualification, procurement and PO governance, demand forecasting and inventory policy, logistics and fulfillment (3PL, Incoterms, lead times), supplier scorecards, cost and TCO analysis, supply risk and continuity, and SCM KPI dashboards. Use when designing supply strategy, running RFQs, setting safety stock, resolving stockouts or excess inventory, improving OTIF, dual-sourcing critical parts, or building supplier business reviews—not for contract legal redlines (commercial-counsel), vendor security assessments (information-security-engineer), DC construction delivery programs (senior-data-center-capacity-delivery-manager), compute GL and invoice reconciliation (compute-accounting-manager), SaaS quote-to-order (deal-operations-administrator), or enterprise strategy cases (business-consultant).
Guides customer-facing and internal technical solution design—discovery and requirements, integration and reference architecture, security/compliance fit, sizing and cost framing, RFP/RFI responses, PoC scoping, build-vs-buy, and handoff to delivery. Use when scoping a customer or partner solution, designing integration architecture for a deal, drafting RFP/RFI technical responses, planning a proof-of-concept, framing security and compliance fit, or preparing solution decks for stakeholders—not for org-wide landing zones and Well-Architected programs (cloud-architect, enterprise-cloud-architect), internal product ADRs and C4 (senior-system-architecture), production Terraform/IaC (infrastructure-engineer), hands-on cloud resource config (cloud-engineer), live PoC execution and competitive demos (sales-engineer), business strategy without technical design (business-consultant), contract redlines (commercial-counsel), or deep FinOps/GL (finops-analyst, compute-accounting-manager).
Guides FinOps analysis on AWS, GCP, and Azure—cost visibility and allocation, tagging and showback/chargeback models, rightsizing and waste removal, RI/Savings Plan/CUD recommendations, budgets and forecasts, anomaly detection, unit economics (cost per service/customer), and FinOps cadence with engineering accountability. Use when optimizing cloud spend, analyzing CUR/billing exports, building cost dashboards, explaining bill spikes, or improving allocation—not for GL mapping, capex, depreciation, or month-end ledger close (compute-accounting-manager), enterprise EA negotiation (enterprise-cloud-architect), hands-on resource provisioning (cloud-engineer), or hardware supply efficiency (data-center-compute-supply-efficiency).
Enable and interpret TensorRT-LLM AutoDeploy FX graph text dumps via AD_DUMP_GRAPHS_DIR. Use when you need before/after graphs per transform, to locate subgraphs, or to confirm a rewrite ran. Paths and behavior are grounded in tensorrt_llm/_torch/auto_deploy (GraphWriter, BaseTransform). Complements ad-add-fusion-transformation.
OWASP Serverless Top 10 - prevention, detection, and remediation for serverless (Lambda, Functions) security. Use when building or reviewing serverless apps - event injection, over-permissioned functions, insecure deps, secrets, config, and other serverless-specific interpretations of the Web Top 10.
Core visual design principles that underpin all great design. Master gestalt psychology, visual hierarchy, composition, color theory, and typography fundamentals. Use when making design decisions or evaluating designs against proven principles.