行動開發

Wrap errors with context using fmt.Errorf %w pattern

pre-commit hookセキュリティスキル。機密情報検出パターン、git-secrets/gitleaks統合、チーム展開戦略、Git履歴スキャンを実装し、コミット前の機密情報漏洩を防ぐ。Anchors:• Web Application Security (Andrew Hoffman) / 適用: 脅威モデリング・セキュア設計 / 目的: セキュリティリスクの体系的評価• OWASP Top 10 / 適用: 機密情報検出パターン設計 / 目的: 業界標準の脆弱性分類に基づくパターン定義• git-secrets / gitleaks公式ドキュメント / 適用: ツール統合・設定 / 目的: 公式ベストプラクティスに準拠した導入Trigger:Use when implementing pre-commit hooks for secret detection, designing detection patterns, integrating git-secrets/gitleaks, scanning Git history for leaked secrets, or deploying security hooks across teams.pre-commit security, secret detection, git-secrets, gitleaks, credential scanning, Git history scan

This skill enables Claude to generate comprehensive security audit reports. It is designed to provide insights into an application or system's security posture, compliance status, and recommended remediation steps. Use this skill when the user requests a "security audit report", wants to "audit security", or needs a "vulnerability assessment report". The skill analyzes security data and produces a detailed report in various formats. It is best used to identify vulnerabilities, track compliance, and create remediation roadmaps. The skill can be activated via the command `/audit-report` or its shortcut `/auditreport`.

GitHub Actions の Composite Actions 設計と実装を支援するスキル。action.yml の構造、入出力設計、再利用性、検証手順を整理する。Anchors:• 『The Pragmatic Programmer』（Andrew Hunt, David Thomas） / 適用: 自動化設計 / 目的: 再利用可能な処理の整理• 『GitHub Actions公式ドキュメント』 / 適用: Composite Actions 実装 / 目的: 構文仕様の準拠• 『The Twelve-Factor App』 / 適用: 設定と可搬性 / 目的: アクションの独立性確保• 『Release It!』（Michael Nygard） / 適用: エラーハンドリング / 目的: 安定運用の設計Trigger:Use when designing composite actions, validating action.yml structure, or integrating reusable GitHub Actions steps.composite actions, action.yml, reusable action, inputs outputs, github actions

システムのパフォーマンス測定・分析・最適化を行うスキル。負荷テスト、ストレステスト、ボトルネック分析を通じて性能改善策を提示します。Anchors:• The Art of Application Performance Testing (Ian Molyneaux) / 適用: パフォーマンステスト戦略 / 目的: 体系的な性能評価手法の確立• Systems Performance (Brendan Gregg) / 適用: USE/REDメソッド / 目的: メトリクス分析とボトルネック特定• Google SRE Book / 適用: SLO/SLI設計 / 目的: 目標ベースの性能評価Trigger:Use when measuring system performance, identifying bottlenecks, load testing, or optimizing application speed.performance testing, load testing, stress testing, bottleneck analysis, latency, throughput, response time, profiling, benchmarking, performance optimization

This skill enables Claude to track and optimize resource usage across an application stack. It is activated when the user requests insights into resource consumption, performance bottlenecks, or cost optimization opportunities. The skill uses the resource-usage-tracker plugin to monitor CPU, memory, disk I/O, network I/O, file descriptors, database connections, and thread/process counts. Use this skill when the user mentions "resource usage", "performance optimization", "cost optimization", "track resources", or "right-sizing".

This skill enables Claude to manage container registries, including ECR, GCR, and Harbor. It should be used when the user needs to create, configure, or manage container image registries. It helps generate production-ready configurations, implement best practices, and ensure a security-first approach. Use this skill when the user mentions terms like "container registry," "ECR," "GCR," "Harbor," "image repository," or requests assistance with managing container images. It's also helpful for generating configuration code for DevOps pipelines related to container registries.

This skill enables Claude to perform comprehensive accessibility audits. It uses the accessibility-test-scanner plugin to identify WCAG 2.1/2.2 compliance issues, validate ARIA attributes, check keyboard navigation, and assess screen reader compatibility. Use this skill when the user requests an accessibility scan, audit, or compliance check, or when terms like "WCAG", "ARIA", "screen reader", "accessibility testing", or "a11y" are mentioned. It provides actionable insights for improving web application accessibility.

Deterministic wrapper for tonl CLI (npm package) for structured data operations in JSON/TONL formats. Use when converting JSON↔TONL, querying structured data, validating TONL schemas, or generating statistics. Maps directly to CLI subcommands (encode, decode, query, get, validate, stats).

This skill enables Claude to aggregate and centralize performance metrics from various sources. It is used when the user needs to consolidate metrics from applications, systems, databases, caches, queues, and external services into a central location for monitoring and analysis. The skill is triggered by requests to "aggregate metrics", "centralize performance metrics", or similar phrases related to metrics aggregation and monitoring. It facilitates designing a metrics taxonomy, choosing appropriate aggregation tools, and setting up dashboards and alerts.

This skill enables Claude to analyze network latency and optimize request patterns within an application. It helps identify bottlenecks and suggest improvements for faster and more efficient network communication. Use this skill when the user asks to "analyze network latency", "optimize request patterns", or when facing performance issues related to network requests. It focuses on identifying serial requests that can be parallelized, opportunities for request batching, connection pooling improvements, timeout configuration adjustments, and DNS resolution enhancements. The skill provides concrete suggestions for reducing latency and improving overall network performance.

This skill enables Claude to create Application Performance Monitoring (APM) dashboards. It is triggered when the user requests the creation of a new APM dashboard, monitoring dashboard, or a dashboard for application performance. The skill helps define key metrics and visualizations for monitoring application health, performance, and user experience across multiple platforms like Grafana and Datadog. Use this skill when the user needs assistance setting up a new monitoring solution or expanding an existing one. The plugin supports the creation of dashboards focusing on golden signals, request metrics, resource utilization, database metrics, cache metrics, business metrics, and error tracking.

This skill enables Claude to generate Docker Compose configurations for multi-container applications. It leverages best practices for production-ready deployments, including defining services, networks, volumes, health checks, and resource limits. Claude should use this skill when the user requests a Docker Compose file, specifies application architecture involving multiple containers, or mentions needs for container orchestration, environment variables, or persistent data management in a Docker environment. Trigger terms include "docker-compose", "docker compose file", "multi-container", "container orchestration", "docker environment", "service definition", "volume management", "network configuration", "health checks", "resource limits", and ".env files".

Implement TypeScript code with type safety, generics, utility types, and functional patterns. Use when designing type-safe code, implementing generics, handling errors with Result pattern, or applying functional programming.

Conducts deep company research and creates a dossier to support applications. Use before applying, interviewing, or for cultural fit assessment.

セキュリティ関連設定のレビュー、構成監査、セキュリティベースライン確認を統一的に実施するスキル。脅威モデリングに基づいた設定評価とベストプラクティスの適用を通じて、アプリケーションのセキュリティ態勢を向上させます。Anchors:• 『Web Application Security』（Andrew Hoffman） / 適用: セキュリティ設定監査 / 目的: セキュリティ態勢の向上Trigger:セキュリティ設定レビュー、構成監査、セキュリティベースライン確認時に使用。セキュリティヘッダー設定、CORS設定、認証・認可の監査などの場面で自動選択対象。

This skill enables Claude to generate comprehensive security audit reports. It is designed to provide insights into an application or system's security posture, compliance status, and recommended remediation steps. Use this skill when the user requests a "security audit report", wants to "audit security", or needs a "vulnerability assessment report". The skill analyzes security data and produces a detailed report in various formats. It is best used to identify vulnerabilities, track compliance, and create remediation roadmaps. The skill can be activated via the command `/audit-report` or its shortcut `/auditreport`.

Structured methods for finding connections across disciplines. Use when exploring how concepts from one field illuminate another, seeking novel applications, or analyzing structural similarities between domains.

This skill optimizes deep learning models using various techniques. It is triggered when the user requests improvements to model performance, such as increasing accuracy, reducing training time, or minimizing resource consumption. The skill leverages advanced optimization algorithms like Adam, SGD, and learning rate scheduling. It analyzes the existing model architecture, training data, and performance metrics to identify areas for enhancement. The skill then automatically applies appropriate optimization strategies and generates optimized code. Use this skill when the user mentions "optimize deep learning model", "improve model accuracy", "reduce training time", or "optimize learning rate".

Identifies domain modules, ownership boundaries, dependencies, and interfaces using Domain-Driven Design principles. Provides domain maps, bounded contexts, refactor recommendations. Use for "DDD", "domain modeling", "bounded contexts", or "service boundaries".