Claude Skills

Audit API security for OWASP Top 10 vulnerabilities, authentication issues, and authorization flaws. Use when securing APIs, fixing security vulnerabilities, or implementing security best practices.

Guides through Terraform version upgrades including identifying deprecated syntax, updating provider versions, and migrating breaking changes. This skill should be used when users need to upgrade Terraform or provider versions, fix deprecated warnings, or migrate configurations to newer syntax.

Creates test fixtures, mock data, and test scenarios for unit and integration tests. Use when setting up test data, creating mocks, or generating test fixtures.

OCaml fuzz testing with Crowbar for protocol implementations. Use when Claude needs to: (1) Write fuzz tests for parsers and encoders, (2) Test roundtrip invariants (parse(encode(x)) = x), (3) Verify boundary conditions and error handling, (4) Test state machines and transitions, (5) Organize fuzz test suites for large codebases

Manages Terraform state operations including importing existing resources, moving resources between states, removing resources from state, and migrating state backends. This skill should be used when users need to import infrastructure into Terraform, refactor resource addresses, fix state issues, or migrate state storage locations.

Systems Modeling Language (SysML) for systems engineering and complex system design

Single source of truth and librarian for ALL Duende Software documentation. Manages local documentation storage, scraping, discovery, and resolution. Use when finding, locating, searching, or resolving Duende documentation; discovering docs by keywords, category, tags, or natural language queries; scraping from llms-full.txt; managing index metadata (keywords, tags, aliases); or rebuilding index from filesystem. Run scripts to scrape, find, and resolve documentation. Handles doc_id resolution, keyword search, natural language queries, category/tag filtering, alias resolution, llms-full.txt parsing, markdown subsection extraction for internal use, hash-based drift detection, and comprehensive index maintenance.

Analyzes and optimizes Dockerfiles to reduce image size, improve build time, and enhance security. Use when optimizing Docker images, reducing build times, or improving Dockerfile structure.

Optimize SQL queries for performance with indexing strategies, query rewriting, and execution plan analysis. Use when queries are slow, optimizing database performance, or analyzing query execution.

Create and manage Architecture Decision Records (ADRs). Use when documenting technology choices, design decisions, or architectural changes that need to be tracked over time. This is the CANONICAL ADR skill - all ADR-related work should use this skill.

Scans Docker images for security vulnerabilities, outdated packages, and misconfigurations. Use when checking image security, finding vulnerabilities, or hardening containers.

USE WHEN: user asks "explain", "teach me", "how does X work", "help me understand", or wants to learn concepts from first principles with interactive comprehension checks. DO NOT USE WHEN: user wants quick answers, code implementation, or already understands the concept and just needs a reminder.

Generates documentation for Terraform modules using terraform-docs tool to auto-generate README files with input/output tables, usage examples, and requirements. This skill should be used when users need to document Terraform modules, create or update README files, or maintain consistent module documentation.

Operational runbook templates for incident response and procedures

Distributed transaction patterns using orchestration and choreography

Working with the OxCaml extensions to OCaml. Use when the oxcaml compiler is available and you need high-performance, unboxing, stack allocation, data-race-free parallelism.

Central authority for Claude Code sandboxing and isolation. Covers sandboxed bash tool, /sandbox command, filesystem isolation (blocked access, custom paths), network isolation (domain restrictions, proxy support), OS-level enforcement (bubblewrap on Linux, Seatbelt on macOS), sandbox configuration options, escape hatches (dangerouslyDisableSandbox, allowUnsandboxedCommands), and sandbox security limitations. Assists with configuring sandbox settings, understanding isolation mechanisms, and troubleshooting sandbox issues. Delegates 100% to docs-management skill for official documentation.

Meta-skill for Claude Code memory system (CLAUDE.md, static memory). Provides stable principles, keyword registry for documentation lookups, and navigation guidance. Use when working with CLAUDE.md files, memory hierarchy, import syntax, progressive disclosure patterns, memory organization, or best practices for static memory. Delegates to docs-management skill for current implementation details. Keywords: CLAUDE.md, static memory, memory hierarchy, import syntax, progressive disclosure, memory organization, enterprise project user memory.

Expert guide for building and managing Gemini CLI Extensions. Covers extension anatomy, GEMINI.md context, commands, MCP integration, and publishing. Use when creating Gemini extensions, linking local extensions, packaging MCP servers, or installing extensions from GitHub. Delegates to gemini-cli-docs.

LSP server recommendations, .lsp.json configuration, installation guides, and troubleshooting for Language Server Protocol in Claude Code

Central authority for Claude Code enterprise security. Covers enterprise managed policies (managed-settings.json), settings precedence hierarchy, policy file locations (macOS, Linux, Windows), unoverridable organizational policies, cloud execution security (isolated VMs, network access controls, credential protection), IDE security (VS Code, JetBrains), devcontainer security, and security best practices for teams. Assists with configuring enterprise policies, understanding precedence, and implementing organizational security standards. Delegates 100% to docs-management skill for official documentation.

Analyzes Claude Code ecosystem health by tracking all 27 extensibility components across 6 tiers - including plugin components, core configuration, environment/CLI, authentication, session features, and integrations. Use when checking if Claude Code components are up-to-date, orchestrating audits efficiently, tracking documentation coverage, applying updates from new Claude Code versions, or getting an overview of ecosystem component staleness.

Central authority for Claude Code slash commands. Covers built-in commands, custom slash commands (project and personal), plugin commands, MCP slash commands, Skill tool (unified for commands and skills), frontmatter configuration, arguments ($ARGUMENTS, $1, $2), bash execution, file references, namespacing, and skills vs slash commands comparison. Assists with creating custom commands, configuring command behavior, understanding command types, and troubleshooting command issues. Delegates 100% to docs-management skill for official documentation.

Central authority for Claude Desktop application - the native desktop app for running Claude Code sessions. Covers installation (macOS/Windows), Git worktrees for parallel sessions, .worktreeinclude file configuration, cloud session launch, environment configuration, MCP Desktop Extensions (.mcpb), and Desktop vs CLI comparison. Assists with Desktop setup, worktree configuration, cloud sessions, and troubleshooting. Delegates 100% to docs-management skill for official documentation.