Cloud

This skill enables Claude to seamlessly integrate with various secrets managers like HashiCorp Vault and AWS Secrets Manager. It generates configurations and setup code, ensuring best practices for secure credential management. Use this skill when you need to manage sensitive information, generate production-ready configurations, or implement a security-first approach for your DevOps infrastructure. Trigger terms include "integrate secrets manager", "configure Vault", "AWS Secrets Manager setup", "manage credentials securely", or requests for secure configuration generation.

This skill enables Claude to analyze and optimize cloud costs. It identifies areas for potential savings, generates cost reports, and suggests configuration changes to reduce expenses. Use this skill when the user asks to "optimize cloud costs", "reduce cloud spending", "generate a cost report", or similar requests related to cloud resource expenses. It is especially useful when the user provides details about their cloud environment (e.g., AWS, Azure, GCP). The skill leverages best practices for cost optimization and provides production-ready configurations.

This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.

Comprehensive Astro development with React, Tailwind v4, and Cloudflare Workers deployment

TanStack Start full-stack React framework. Use for: server functions with createServerFn, TanStack Router file-based routing, TanStack Query SSR integration, Cloudflare Workers deployment.

This skill enables Claude to detect SQL injection vulnerabilities in code. It uses the sql-injection-detector plugin to analyze codebases, identify potential SQL injection flaws, and provide remediation guidance. Use this skill when the user asks to find SQL injection vulnerabilities, scan for SQL injection, or check code for SQL injection risks. The skill is triggered by phrases like "detect SQL injection", "scan for SQLi", or "check for SQL injection vulnerabilities".

This skill enables automated penetration testing of web applications. It uses the penetration-tester plugin to identify vulnerabilities, including OWASP Top 10 threats, and suggests exploitation techniques. Use this skill when the user requests a "penetration test", "pentest", "vulnerability assessment", or asks to "exploit" a web application. It provides comprehensive reporting on identified security flaws.

Complete adapter lifecycle assistant for LimaCharlie. Supports External Adapters (cloud-managed), Cloud Sensors (SaaS/cloud integrations), and On-prem USP adapters. Dynamically researches adapter types from local docs and GitHub usp-adapters repo. Creates, validates, deploys, and troubleshoots adapter configurations. Handles parsing rules (Grok, regex), field mappings, credential setup, and multi-adapter configs. Use when setting up new data sources (Okta, S3, Azure Event Hub, syslog, webhook, etc.), troubleshooting ingestion issues, or managing adapter deployments.

Automatically validates Cloudflare Workers runtime compatibility during development, preventing Node.js API usage and ensuring proper Workers patterns

Creates and manages Infrastructure as Code using Terraform/OpenTofu for cloud resource provisioning. Trigger keywords: terraform, opentofu, tofu, infrastructure, IaC, provision, cloud, aws, azure, gcp, module.

Choose deployment strategy and infrastructure. Use when deciding where to deploy applications, setting up CI/CD, or configuring production environments. Covers Vercel, Railway, AWS, Cloudflare Workers, and Docker.

Configure and manage API gateways including Kong, Tyk, AWS API Gateway, and Apigee. Activates when users need help setting up API gateways, rate limiting, authentication, request transformation, or API management.

This skill enables Claude to detect SQL injection vulnerabilities in code. It uses the sql-injection-detector plugin to analyze codebases, identify potential SQL injection flaws, and provide remediation guidance. Use this skill when the user asks to find SQL injection vulnerabilities, scan for SQL injection, or check code for SQL injection risks. The skill is triggered by phrases like "detect SQL injection", "scan for SQLi", or "check for SQL injection vulnerabilities".

Cloud infrastructure with AWS, Azure, GCP - architecture, services, security, and cost optimization.

AWS development with CDK best practices, serverless patterns, cost optimization, and event-driven architecture. Use when deploying to AWS, writing Lambda functions, configuring API Gateway, working with DynamoDB, S3, or any AWS service.

This skill automates database archival processes. It helps reduce primary database size by moving historical records to archive tables or cold storage solutions like S3, Azure Blob, or GCS. The plugin supports PostgreSQL and MySQL, implementing automated retention policies, compression, compliance tracking, and zero-downtime migration. Use this when the user mentions "database archival", "archive old database records", "retention policies", "cold storage", or "reduce database size." It is particularly useful for handling requests related to data lifecycle management and compliance requirements in database systems.

Applies rigorous critical analysis to evaluate claims, arguments, and research. Use when evaluating evidence quality, peer reviewing content, assessing argument validity, or identifying weaknesses in reasoning. Triggers on phrases like "critically analyze", "evaluate this", "review this paper", "check the logic", "assess the evidence", "find flaws", "peer review".

This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.

This skill automates database archival processes. It helps reduce primary database size by moving historical records to archive tables or cold storage solutions like S3, Azure Blob, or GCS. The plugin supports PostgreSQL and MySQL, implementing automated retention policies, compression, compliance tracking, and zero-downtime migration. Use this when the user mentions "database archival", "archive old database records", "retention policies", "cold storage", or "reduce database size." It is particularly useful for handling requests related to data lifecycle management and compliance requirements in database systems.

This skill enables automated penetration testing of web applications. It uses the penetration-tester plugin to identify vulnerabilities, including OWASP Top 10 threats, and suggests exploitation techniques. Use this skill when the user requests a "penetration test", "pentest", "vulnerability assessment", or asks to "exploit" a web application. It provides comprehensive reporting on identified security flaws.