Loading...
Loading...
Found 53 Skills
Use when assessing cloud infrastructure for security misconfigurations, IAM privilege escalation paths, S3 public exposure, open security group rules, or IaC security gaps. Covers AWS, Azure, and GCP posture assessment with MITRE ATT&CK mapping.
Proactive security scanning for newly generated or modified code. Intelligently detects changes, runs appropriate scans (SAST, SCA, IaC), filters to only NEW issues, and prevents vulnerabilities at the source. Use this skill when: - Agent generates new code files - Agent modifies existing code - User asks to "scan for security issues" or "check my changes" - Before committing changes - User mentions "secure at inception", "proactive scan", or "security check"
Alchemy IaC framework for TypeScript. Use when the user mentions Alchemy, wants to set up infrastructure, deploy Cloudflare Workers, configure databases, KV, R2, queues, use bindings and secrets, set up dev mode, use framework adapters (Vite, Astro, React Router, SvelteKit, Nuxt, TanStack Start), create custom resources, or work with any Alchemy provider.
Cloud: serverless Lambda/CF Workers, edge, CDN, multi-region, HA patterns, IaC Terraform
Design Azure infrastructure using natural language, or analyze existing Azure resources to auto-generate architecture diagrams, refine them through conversation, and deploy with Bicep. When to use this skill: - "Create X on Azure", "Set up a RAG architecture" (new design) - "Analyze my current Azure infrastructure", "Draw a diagram for rg-xxx" (existing analysis) - "Foundry is slow", "I want to reduce costs", "Strengthen security" (natural language modification) - Azure resource deployment, Bicep template generation, IaC code generation - Microsoft Foundry, AI Search, OpenAI, Fabric, ADLS Gen2, Databricks, and all Azure services
Define your organization's platform engineering standards by generating a Platform-Engineering-Constitution.md. Use when establishing or updating cloud infrastructure policies, approved tooling, compute platforms, and IaC conventions.
Use when working with Infrastructure as Code tools and platforms. Covers Terraform, Pulumi, CloudFormation, Bicep, ARM, Kubernetes, Helm, Docker, Crossplane, and Dagger. USE FOR: choosing IaC tools, comparing Terraform vs Pulumi vs CloudFormation, infrastructure strategy DO NOT USE FOR: specific tool syntax (use the sub-skills: terraform, pulumi, bicep, etc.)
Platform-specific IaC checklists for DigitalOcean, Hetzner, AWS, and Cloudflare.
Infrastructure as Code best practices for Terraform, Docker, Ansible, and CloudFormation. Covers secure-by-default configurations, multi-stage builds, state management, and modular patterns. Use when working with .tf, Dockerfile, docker-compose.yml, .yaml/.yml Ansible files, CloudFormation templates, or when asking about IaC, containers, or infrastructure automation.
Use this skill whenever writing, reviewing, or refactoring Terraform code that provisions Azure resources. The skill enforces Microsoft Cloud Security Benchmark (MCSB) controls, CIS Azure Foundations Benchmark v2.0 rules, Azure Well-Architected Framework Security Pillar recommendations, and all Terraform IaC best practices that prevent Microsoft Defender for Cloud security recommendations from being raised. Activate whenever the user mentions Azure, azurerm provider, ARM, Defender for Cloud, Terraform on Azure, AKS, App Service, Storage, Key Vault, SQL, PostgreSQL, MySQL, Redis, Service Bus, Event Hub, Cosmos DB, API Management, or any Azure PaaS in a Terraform context — even if they don't explicitly ask about security or MDC.
Build reusable Terraform modules for AWS, Azure, and GCP infrastructure following infrastructure-as-code best practices. Use when creating infrastructure modules, standardizing cloud provisioning, or implementing reusable IaC components.
AWS Cloud Development Kit (CDK) expert for building cloud infrastructure with TypeScript/Python. Use when creating CDK stacks, defining CDK constructs, implementing infrastructure as code, or when the user mentions CDK, CloudFormation, IaC, cdk synth, cdk deploy, or wants to define AWS infrastructure programmatically. Covers CDK app structure, construct patterns, stack composition, and deployment workflows.