JSPM

@dzhechkov/skills-devops

0.1.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 355
  • Score
    100M100P100Q87000F
  • License MIT

Canonical DevOps skill pack — 10 agentic skills for code review, security, testing, CI/CD, debugging, and more. Canonicalized from gitlawb/openclaude-skills.

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@dzhechkov/skills-devops) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    @dzhechkov/skills-devops

    Canonical DevOps skill pack — 10 agentic skills for code review, security auditing, testing, CI/CD debugging, database review, frontend implementation, and more.

    Canonicalized from gitlawb/openclaude-skills (28K+ stars) into the agentskills.io standard.

    Install

    # Via dz CLI (recommended)
dz init --target claude-code --preset devops

# Or select specific skills
dz init --target claude-code --select pr-review,security-audit,test-writer

# Or install the package directly
npm install @dzhechkov/skills-devops

    Skill Inventory (10)

    Skill Category Description
    pr-review code-review Reviews pull requests for correctness, style, and risks
    security-audit security Reviews code changes for common security risks (OWASP-aligned)
    test-writer testing Writes unit, integration, and E2E tests for existing or new code
    ci-fix ci/cd Diagnoses and fixes CI pipeline failures
    codeql-fix security Reads CodeQL/SAST findings and produces targeted fixes
    database-review database Reviews schema changes, migrations, and queries
    debugging debugging Diagnoses and fixes runtime errors, crashes, and unexpected behavior
    frontend-implementation frontend Implements frontend components following project conventions
    git-conflict-resolve git Resolves merge and rebase conflicts preserving both sides' intent
    provider-debug infrastructure Diagnoses AI provider configuration and connection issues

    Skill Details

    pr-review

    6-step review protocol: get diff, understand scope, read in context (30-50 lines around changes), check correctness/errors/edge cases/naming/tests/security/performance/breaking changes, group by severity (Blocker/Important/Nit), write review with file:line citations. Pushes back on PRs >600 lines.

    security-audit

    7-step audit: identify trust boundaries, walk 8 vulnerability categories (injection, auth, secrets, file ops, network ops, deserialization, XXE/SSRF, dependencies), require exploitation path for every finding, distinguish Critical/High/Medium/Low severity. No vague "consider sanitizing" — concrete fixes only.

    test-writer

    11-step test generation: identify unit, pick test type (unit/integration/e2e), enumerate cases (happy/boundary/edge/error), test contracts not implementation, purpose-built fixtures, descriptive assertions, verify test actually fails when broken. Covers TDD workflow.

    ci-fix

    10-step CI diagnosis: find actual failure line, classify (Build/Test/Lint/Deploy/Infra), reproduce locally with same toolchain, check environment differences (OS, versions, locale, timezone, parallelism), fix root cause (no retries/skips/continue-on-error), verify in fresh CI run.

    codeql-fix

    5-step SAST fix: read finding precisely (Rule ID + data-flow path), triage real vs false positive, pick canonical fix per rule class (SQL injection → parameterized queries, XSS → context-aware encoding, etc.), write smallest fix, suppress with justification if false positive.

    database-review

    9-step migration review: check lock duration, CONCURRENTLY for indexes, rolling-deploy compatibility, index-query mapping, query plan analysis (EXPLAIN), data integrity (FKs, uniqueness), insist on reversible migrations, verify on production-sized data.

    debugging

    10-step diagnosis: reproduce, read actual error (bottom of stack trace), narrow scope by bisecting (time/code/data), form falsifiable hypothesis, test with smallest change, fix at right layer (no symptom patches), verify, document.

    frontend-implementation

    10-step UI development: read existing patterns first (styling, state, routing, data fetching), confirm brief (states, interactions, data), match conventions, handle non-happy states (loading/error/empty), wire in, add minimal tests, verify in browser.

    git-conflict-resolve

    7-step conflict resolution: check git state, name both sides' intent per block, classify (same-goal/independent/logical), resolve leaves-to-roots, verify with git diff + tests, continue with correct command. Never guess on logical conflicts — asks the user.

    provider-debug

    6-step provider diagnosis: run diagnostics, inspect config (settings, env vars, model names), check for conflicting provider flags, match common error patterns (401/403/404, connection refused, model not found), provide verification command after fix.

    Canonical vs Legacy — Coexistence Model

    This package is the canonical source for DevOps skills (ADR-001 / ADR-002). Skills are synced to platform-specific directories via dz sync:

    dz sync --canonical packages/@dzhechkov/skills-devops --project .

    Writing is additive — existing files are never overwritten without --force.

    Origin

    All 10 skills were originally created by gitlawb/openclaude-skills (author: gnanam, license: MIT, trust: official). They have been converted from openclaude's SKILL.md format to the agentskills.io standard with:

    • YAML frontmatter: trust_tier, trust_tier_label, validation paths
    • Output schemas: schemas/output.json per skill
    • Config validators: scripts/validate-config.json per skill
    • Eval templates: evals/<skill>.yaml per skill

    Status

    v0.1.0 — initial release. Part of DZ Harness Hub.