Use when asked to write a Jira ticket.

Workflow required before any Mule flow and integration work. Call use_skill as your FIRST action — before reading project files — whenever the user asks to create, generate, update, fix, modify, change, edit, tweak, adjust, or rework any Mule flow, sub-flow, or component. Do not read project files and attempt the change yourself — even targeted single-component changes like 'modify the choice router', 'fix the until-successful', or 'update the catch block' require this workflow. Covers all change types, new integrations and targeted changes to error handlers, catch blocks, choice routers, DataWeave transforms, HTTP listeners, foreach loops, retry policies, scatter-gathers, connectors, and variable assignments. Prompts beginning with 'This code defines...' or 'This flow...' are generation requests, not analysis. When you call this skill, it must be the only tool call in that response.

Workflow for generating MuleSoft projects from Anypoint Exchange templates, local .jar templates, or from scratch via the `mule-mcp-server`. Use when users ask to "create a project", "generate project", "build integration", "create API", "use template", or "from template". Performs template discovery and calls create_mule_project only after explicit user confirmation; delegates flow generation to the `build-mule-integration` skill.

Use when understanding the build system, modifying CLI commands, working with isobuild, or navigating the tools/ directory. Covers build pipeline flow and file locations.

Helps fix security vulnerabilities identified by DryRunSecurity. Activates when the user shares a DryRunSecurity comment (from a GitHub PR or GitLab MR) or asks for help fixing any security finding including SQL injection, XSS, CSRF, SSRF, path traversal, command injection, authentication bypass, authorization flaws, and prompt injection. Researches authoritative sources and applies fixes grounded in the user's specific codebase context.

Demo Endor Labs capabilities using simulated data, no account required. Use when the user says "try endor", "demo", "endor without account", "show me what endor can do", or when MCP auth fails and user wants to see capabilities before signing up. Do NOT use when the user has a working Endor Labs account — use real scans instead.

Creates Amplitude charts from natural language descriptions, handling event selection, filters, groupings, and visualization choices. Use when you know what you want to measure but prefer not to build the chart manually.

Diagnose where new users fail to activate, identify the aha moment, measure time-to-value, and build a sized plan to move activation rate. Use when a PM needs to understand why signups don't convert to active users, find the aha moment, reduce time-to-value, or improve onboarding.

Set up measurement and tracking for product launches, run post-launch retros with data, and build a launch analytics system. Use this skill whenever someone asks to track a launch, set up UTM parameters, measure launch performance, run a launch retro, analyze launch results, or build a dashboard for a product release. Also trigger for "how do we know if the launch worked," "what should we track for this launch," "set up UTMs for the announcement," or any request about measuring or evaluating a product launch. Covers pre-launch tracking setup, UTM conventions, per-tier KPIs, benchmark expectations, and retro frameworks.

Autonomous spec-to-product system. Triggers on "Loki Mode". Takes a spec (PRD, GitHub issue, OpenAPI doc, etc.) to deployed product via the RARV-C closure loop, with minimal human intervention. Provider-agnostic. Requires --dangerously-skip-permissions flag.

Configure SAML 2.0 and OIDC SSO for Cursor with Okta, Microsoft Entra ID, and Google Workspace. Triggers on "cursor sso", "cursor saml", "cursor oauth", "enterprise cursor auth", "cursor okta", "cursor entra", "cursor scim".

Execute use when generating infrastructure as code configurations. Trigger with phrases like "create Terraform config", "generate CloudFormation template", "write Pulumi code", or "IaC for AWS/GCP/Azure". Produces production-ready code for Terraform, CloudFormation, Pulumi, ARM templates, and CDK across multiple cloud providers.

Generate or convert Claude Code prompt files — command orchestrators, skill files, agent role definitions, or style conversion of existing files. Follows GSD-style content separation with built-in quality gates. Triggers on "create command", "new command", "create skill", "new skill", "create agent", "new agent", "convert command", "convert skill", "convert agent", "prompt generator", "优化".

Derives a working definition of Agents as a Service specific to a user's business. Starts from user-provided context only (website, docs, description). Identifies the business category, researches agentic solutions (NVIDIA, complementary vendors, open source), proposes three user stories (human, agent, hybrid), then derives a custom AaaS definition. Enforces logic checks, uncertainty mapping, and source quality throughout. Produces MD and JSON output. Use when exploring what AaaS could mean for a specific business, preparing an AaaS strategy, or evaluating agent-based service opportunities. Invoke with /aaas-definition.

Specialized CVE and vulnerability management for morphir-dotnet. Use when user asks to scan for vulnerabilities, fix CVEs, suppress false positives, review security reports, or manage dependency-check. Triggers include "CVE", "vulnerability", "security scan", "dependency-check", "suppress", "false positive", "CVSS", "security fix".

Multi-agent orchestrator for Claude Code. Use when user mentions gastown, gas town, gt commands, bd commands, convoys, polecats, crew, rigs, slinging work, multi-agent coordination, beads, hooks, molecules, workflows, the witness, the mayor, the refinery, the deacon, dogs, escalation, or wants to run multiple AI agents on projects simultaneously. Handles installation, workspace setup, work tracking, agent lifecycle, crash recovery, and all gt/bd CLI operations.

This skill should be used when the user says "execute infra change", "run infra plan", "apply infrastructure change", "execute change", "arn infra execute", "deploy infra plan", "execute infrastructure plan", "run infrastructure change", "apply infra plan", "infra execute", "arn-infra-execute-change", or wants to orchestrate the phased execution of a structured infrastructure change plan, invoking agents for IaC generation, security gates, cost gates, deployment, verification, and review.

Design docs that reduce cognitive load. Trigger: writing guides, READMEs, RFCs, onboarding, architecture, or review-facing docs.

Design docs that reduce cognitive load. Trigger: writing guides, READMEs, RFCs, onboarding, architecture, or review-facing docs.

Toolkit for creating animated GIFs optimized for Slack, with validators for size constraints and composable animation primitives. This skill applies when users request animated GIFs or emoji animations for Slack from descriptions like "make me a GIF for Slack of X doing Y".