Loading...
Loading...
Found 37 Skills
Analyze application logs to identify errors, performance issues, and security anomalies. Use when debugging issues, monitoring system health, or investigating incidents. Handles various log formats including Apache, Nginx, application logs, and JSON logs.
Alibaba Cloud APIG Migration Skill. Migrate Kubernetes nginx Ingress resources to Alibaba Cloud API Gateway (APIG, ingressClass: apig). Users provide Ingress YAML (paste, file, or directory) — no cluster access required for analysis. Covers annotation compatibility classification, Higress native mapping, built-in plugin selection, custom WasmPlugin development, migrated Ingress YAML generation, and migration report with deployment guide. Triggers: "nginx ingress migration", "APIG compatibility", "gateway migration", "ingress-nginx to APIG", "nginx迁移", "网关迁移", "Ingress兼容性分析", "APIG迁移", "迁移评估", "annotation兼容性", "WasmPlugin开发".
Docker containerization patterns for Python/React projects. Use when creating or modifying Dockerfiles, optimizing image size, setting up Docker Compose for local development, or hardening container security. Covers multi-stage builds for Python (python:3.12-slim) and React (node:20-alpine -> nginx:alpine), layer optimization, .dockerignore, non-root user, security scanning with Trivy, Docker Compose for dev (backend + frontend + PostgreSQL + Redis), and image tagging strategy. Does NOT cover deployment orchestration (use deployment-pipeline).
Parses API Gateway access logs (AWS API Gateway, Kong, Nginx) to detect BOLA/IDOR attacks, rate limit bypass, credential scanning, and injection attempts. Uses pandas for statistical analysis of request patterns and anomaly detection. Use when investigating API abuse or building API-specific threat detection rules.
Linux (Ubuntu/Debian) server initial setup and ongoing administration skill. Covers new server hardening, user management, package management, file permissions, resource limits, log rotation, cron scheduling, and disk management. USE WHEN: - Performing initial setup of a fresh Ubuntu/Debian server (VPS, bare metal, cloud VM) - Hardening SSH, disabling root login, configuring sudo - Configuring system-level resource limits (ulimits, sysctl) for high-concurrency workloads - Managing users, groups, file permissions, and ACLs - Setting up log rotation, journald retention, swap, and NTP - Troubleshooting disk full, FD exhaustion, locale errors, or time drift DO NOT USE FOR: - Container-level administration (use docker or kubernetes skill) - Application deployment pipelines (use deployment-strategies or ci-cd skill) - Firewall/fail2ban configuration (use firewall skill) - Nginx or service configuration (use nginx or systemd skill)
Install and bootstrap a Coder (coder/coder) deployment end-to-end from the CLI without the web UI. Covers quick-start (one machine, auto-tunnel URL) and production (real domain, TLS, wildcard, OIDC, external provisioner). Drives GitHub device-code on fresh deployments to sign the first admin in without a browser, falls back to email/password for scripted runs, pushes a starter template, and optionally creates a first workspace. Activate when the user says: "install Coder", "set up Coder", "deploy Coder", "bootstrap Coder", "run Coder in Docker / on Kubernetes / on a VM", "Coder on AWS / GCP / Azure", "put Coder behind HTTPS / Caddy / nginx / cert-manager", "wildcard domain", "headless / non-interactive setup", "create the first admin from the CLI", "push a starter template", or "create my first workspace". Also activate for /coder:setup. Do NOT activate for upgrading an existing deployment, editing an existing template, debugging a running server, or configuring OIDC / custom OAuth on a running deployment.
Traefik v3 cloud-native reverse proxy. Covers providers, entrypoints, routers, middlewares, services, Docker labels, TLS/ACME, dashboard, and metrics. USE WHEN: user mentions "traefik", "traefik v3", "traefik docker", "traefik labels", "traefik middleware", "traefik dashboard", "traefik tls", "traefik acme", "traefik router", "traefik entrypoint", "traefik reverse proxy", "traefik cloudflare", "traefik let's encrypt", "traefik rate limit" DO NOT USE FOR: Caddy-based setups - use `caddy` skill, Nginx load balancing - use `load-balancer` skill, Kubernetes ingress with nginx-ingress - use `kubernetes` skill, Application-level TLS inside app code
Parse Apache and Nginx access logs to detect SQL injection attempts, local file inclusion, directory traversal, web scanner fingerprints, and brute-force patterns. Uses regex-based pattern matching against OWASP attack signatures, GeoIP enrichment for source attribution, and statistical anomaly detection for request frequency and response size outliers.
代理服务器配置
Configures SSL/TLS certificates, implements secure protocols and ciphers, and sets up security headers. Use when setting up HTTPS, SSL certificates, TLS configuration, or web security hardening.
SSL/TLS 证书
Rechazo de payloads que excedan el tamaño máximo permitido para prevenir ataques DoS