PlaywrightでScrapbox/Cosenseのページを読み書き（非公開はconnect.sid）。ページ本文の取得・一覧取得・末尾追記をCLIで行う時に使う。

Azure AI Voice Live SDK for .NET. Build real-time voice AI applications with bidirectional WebSocket communication.

API design principles and decision-making. REST vs GraphQL vs tRPC selection, response formats, versioning, pagination.

Sending telemetry data to Grafana Cloud — metrics via Prometheus remote write or OTLP, logs via Loki push or Alloy, traces via OTLP to Tempo, profiles via Pyroscope. Covers Alloy-based pipelines, direct SDK/agent integrations, cloud integrations catalog, and credentials management. Use when connecting an application or infrastructure to Grafana Cloud, setting up data ingestion, configuring remote write, or choosing between ingestion methods.

Grafana Loki log aggregation and LogQL query language. Covers LogQL syntax (log queries, metric queries, label matchers, line filters, parsers: json/logfmt/pattern/regexp/unpack, label filters, line_format), Loki architecture, log ingestion via Alloy/Promtail/Fluent Bit, structured metadata, and Logs Drilldown. Use when writing LogQL queries, configuring Loki, troubleshooting log pipelines, or analyzing logs.

Build Grafana plugin pages using the @grafana/scenes framework. Use this skill when creating new scene pages, adding panels/visualizations, setting up drilldown navigation, defining variables, configuring query runners, building table/timeseries/stat panels, or extending SceneObjectBase for custom scene objects. Triggers on any work involving SceneApp, SceneAppPage, EmbeddedScene, SceneQueryRunner, SceneDataTransformer, PanelBuilders, SceneFlexLayout, QueryVariable, or drilldown/tab configuration in Grafana plugins.

Use when the user is deciding how to slice Kubernetes YAML into ConfigHub Units — phrases like "one Unit or many?", "how should I split these resources?", "should Deployment and Service be one Unit?", "where do CRDs go?", "Unit per resource or per bundle?", "should my namespace and its RBAC be together?", "per-app or per-namespace?". Applies a short set of rules (CRDs separate; rendered-from-generator stays bundled; otherwise split by ownership / references / lifecycle / blast radius) and routes the user to the right import skill with a concrete Unit-slug plan. Do not load for authoring new YAML (use `config-as-data`), for executing an import the user has already scoped (use the matching `import-from-*` skill), or when the split is already forced by the tool in use (`cub helm install` and `cub gitops import` split CRDs automatically — just run them).

Use when the user wants validation to be enforced (not just advisory) on ConfigHub Units, is setting up a new Space and wants policy to apply automatically, asks about ApplyGates, says "block bad config from being deployed", "wire up schema validation", "enforce a policy", "require approval", or needs to diagnose why a Unit is blocked from applying. This skill installs the platform-Space + Filter + TriggerFilterID pattern — centralized Triggers that run on every Mutation and attach ApplyGates when validation fails. Do not load for: running validators one-off without installing them (use cub-mutate with vet-* functions instead), or for authoring the YAML itself.

Use whenever the user wants to change data inside a ConfigHub Unit — update an image, adjust replicas, set environment variables, add labels/annotations, change a resource field, apply defaults, or make a bulk edit across many units. This skill enforces the "prefer a function over a hand-edit" rule, composes a proper change description that captures the user's prompt and clarifications, and chooses between `cub function set` (single function, targeted or bulk) and `cub unit update` (whole-unit replacement or restore). Load proactively any time the user says "update the image", "bump the replicas", "change the env var", "set the annotation", "apply defaults", "edit this unit", or any natural request that will end in a write to ConfigHub. Do not load for: creating a brand-new Unit (use config-as-data), reading/inspecting config (use cub-query), or setting up validation (use triggers-and-applygates).

Set up Prometheus for comprehensive metric collection, storage, and monitoring of infrastructure and applications. Use when implementing metrics collection, setting up monitoring infrastructure, or configuring alerting systems.

Use to analyze failures in GitHub pipelines or jobs.

Guide for writing Netlify Edge Functions. Use when building middleware, geolocation-based logic, request/response manipulation, authentication checks, A/B testing, or any low-latency edge compute. Covers Deno runtime, context.next() middleware pattern, geolocation, and when to choose edge vs serverless.

Interprets Culture Index (CI) surveys, behavioral profiles, and personality assessment data. Supports individual profile interpretation, team composition analysis (gas/brake/glue), burnout detection, profile comparison, hiring profiles, manager coaching, interview transcript analysis for trait prediction, candidate debrief, onboarding planning, and conflict mediation. Accepts extracted JSON or PDF input via OpenCV extraction script.

Scan all project dependencies for known vulnerabilities using Software Composition Analysis. Use when the user says "scan my dependencies", "SCA scan", "vulnerable dependencies", "endor sca", "what's wrong with my deps", or wants a focused dependency vulnerability report with direct vs transitive breakdown. Do NOT use for checking a single package (/endor-check), SAST code scanning (/endor-sast), or quick full scan (/endor-scan).

Create and manage Endor Labs security policies for automated enforcement. Use when the user says "create a policy", "block critical vulns", "endor policy", "security gate", "enforcement rules", "exception policy", or wants to define rules for blocking PRs, requiring reviews, or enforcing security standards. Do NOT use for one-time PR review (/endor-review) or viewing findings (/endor-findings).

Fast security scan of the current repository using Endor Labs. Use when the user says "scan my code", "quick scan", "endor scan", "scan this repo", "run a security scan", or wants a rapid overview of vulnerabilities, secrets, and SAST issues. Also handles incremental PR scans when user mentions "just my changes" or "PR scan". Do NOT use for deep reachability analysis (/endor-scan-full) or checking a single package (/endor-check).

Scan container images and analyze Dockerfiles for security issues. Use when the user says "scan my Docker image", "Dockerfile security", "container scan", "endor container", "docker compose security", or is creating/modifying Dockerfiles and docker-compose files. Checks for root user, latest tags, exposed ports, secrets in build args, and missing health checks. Do NOT use for application code scanning (/endor-sast).

Create a minimal working Firecrawl example that scrapes a page to markdown. Use when starting a new Firecrawl integration, testing your setup, or learning the scrape/crawl/map/extract API surface. Trigger with phrases like "firecrawl hello world", "firecrawl example", "firecrawl quick start", "simple firecrawl code".

Run Lighthouse audits locally via CLI or Node API, parse and interpret reports, and set performance budgets. Use when measuring site performance, understanding Lighthouse scores, setting up budgets, or integrating audits into CI. Triggers on: lighthouse, run lighthouse, lighthouse score, performance audit, performance budget. Do NOT use for fixing specific performance issues (use perf-web-optimization or core-web-vitals) or Astro-specific optimization (use perf-astro).

Neon + Vercel serverless Postgres for edge and serverless environments. Use for Cloudflare Workers, Vercel Edge, Next.js apps with HTTP/WebSocket connections, database branching (git-like), Drizzle/Prisma ORM integration, migrations, PITR backups, or encountering connection pool exhausted errors, TCP connection issues, SSL config problems.