JSPM

@dzhechkov/skills-devops

0.3.3
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 355
  • Score
    100M100P100Q86989F
  • License MIT

Canonical DevOps skill pack — 27 agentic skills for code review, security, testing, CI/CD, debugging, and more. Canonicalized from gitlawb/openclaude-skills.

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@dzhechkov/skills-devops) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    @dzhechkov/skills-devops

    Canonical DevOps skill pack — 28 agentic skills for infrastructure, code review, security, testing, CI/CD, databases, APIs, and more.

    10 skills canonicalized from gitlawb/openclaude-skills + 18 original skills.

    Install

    # Via dz CLI (recommended)
dz init --target claude-code --preset devops

# Or select specific skills
dz init --target claude-code --select pr-review,security-audit,test-writer

# Or install the package directly
npm install @dzhechkov/skills-devops

    Skill Inventory (28)

    Skill Category Description
    api-design api REST/GraphQL API design with OpenAPI specs
    c4-architecture architecture C4 model diagrams (context, container, component)
    ci-fix ci/cd Diagnoses and fixes CI pipeline failures
    codeql-fix security CodeQL/SAST finding remediation
    data-pipeline data ETL/ELT pipeline design (dbt, Airflow)
    database-migration database Zero-downtime migrations, expand-contract
    database-review database Schema changes, queries, migration review
    debugging debugging Runtime error diagnosis and root cause fix
    docker-compose infra Multi-service Docker configs, health checks
    frontend-implementation frontend UI components following project conventions
    git-conflict-resolve git Merge/rebase conflict resolution
    github-actions ci/cd GitHub Actions workflows, matrix, OIDC
    graphql-schema api GraphQL schema design, DataLoader, pagination
    incident-response ops Production incident handling, postmortem
    problem-management ops ITIL problem management — RCA, known-error DB, WSJF prioritization
    kubernetes infra K8s deployments, Helm, RBAC, GitOps
    monorepo-management infra pnpm/Turborepo workspaces, changesets
    nginx-config infra Reverse proxy, SSL, rate limiting
    observability ops Metrics, logs, traces, SLOs, alerting
    playwright-testing testing E2E tests, page objects, visual regression
    pr-review code-review Pull request review with severity grouping
    provider-debug infra AI provider configuration debugging
    redis-patterns cache Caching, pub/sub, Redlock, rate limiting
    retrospective ops Postmortem and retrospective facilitation
    risk-assessment ops Risk analysis, scoring, and mitigation planning
    security-audit security OWASP-aligned security review
    terraform iac Terraform/OpenTofu IaC, modules, drift
    test-writer testing Unit, integration, E2E test generation

    Skill Details

    pr-review

    6-step review protocol: get diff, understand scope, read in context (30-50 lines around changes), check correctness/errors/edge cases/naming/tests/security/performance/breaking changes, group by severity (Blocker/Important/Nit), write review with file:line citations. Pushes back on PRs >600 lines.

    security-audit

    7-step audit: identify trust boundaries, walk 8 vulnerability categories (injection, auth, secrets, file ops, network ops, deserialization, XXE/SSRF, dependencies), require exploitation path for every finding, distinguish Critical/High/Medium/Low severity. No vague "consider sanitizing" — concrete fixes only.

    test-writer

    11-step test generation: identify unit, pick test type (unit/integration/e2e), enumerate cases (happy/boundary/edge/error), test contracts not implementation, purpose-built fixtures, descriptive assertions, verify test actually fails when broken. Covers TDD workflow.

    ci-fix

    10-step CI diagnosis: find actual failure line, classify (Build/Test/Lint/Deploy/Infra), reproduce locally with same toolchain, check environment differences (OS, versions, locale, timezone, parallelism), fix root cause (no retries/skips/continue-on-error), verify in fresh CI run.

    codeql-fix

    5-step SAST fix: read finding precisely (Rule ID + data-flow path), triage real vs false positive, pick canonical fix per rule class (SQL injection → parameterized queries, XSS → context-aware encoding, etc.), write smallest fix, suppress with justification if false positive.

    database-review

    9-step migration review: check lock duration, CONCURRENTLY for indexes, rolling-deploy compatibility, index-query mapping, query plan analysis (EXPLAIN), data integrity (FKs, uniqueness), insist on reversible migrations, verify on production-sized data.

    debugging

    10-step diagnosis: reproduce, read actual error (bottom of stack trace), narrow scope by bisecting (time/code/data), form falsifiable hypothesis, test with smallest change, fix at right layer (no symptom patches), verify, document.

    frontend-implementation

    10-step UI development: read existing patterns first (styling, state, routing, data fetching), confirm brief (states, interactions, data), match conventions, handle non-happy states (loading/error/empty), wire in, add minimal tests, verify in browser.

    git-conflict-resolve

    7-step conflict resolution: check git state, name both sides' intent per block, classify (same-goal/independent/logical), resolve leaves-to-roots, verify with git diff + tests, continue with correct command. Never guess on logical conflicts — asks the user.

    provider-debug

    6-step provider diagnosis: run diagnostics, inspect config (settings, env vars, model names), check for conflicting provider flags, match common error patterns (401/403/404, connection refused, model not found), provide verification command after fix.

    Canonical vs Legacy — Coexistence Model

    This package is the canonical source for DevOps skills (ADR-001 / ADR-002). Skills are synced to platform-specific directories via dz sync:

    dz sync --canonical packages/@dzhechkov/skills-devops --project .

    Writing is additive — existing files are never overwritten without --force.

    Origin

    All 10 skills were originally created by gitlawb/openclaude-skills (author: gnanam, license: MIT, trust: official). They have been converted from openclaude's SKILL.md format to the agentskills.io standard with:

    • YAML frontmatter: trust_tier, trust_tier_label, validation paths
    • Output schemas: schemas/output.json per skill
    • Config validators: scripts/validate-config.json per skill
    • Eval templates: evals/<skill>.yaml per skill

    Status

    v0.3.0 — Part of DZ Harness Hub.