This skill should be used when the user asks to "infer schemas", "generate schemas from examples", "add schemas", "bootstrap schemas", or mentions inferring, generating, or adding schemas to OpenAPI/OAS specifications that have examples but missing schema definitions.

Manage the applications that hold API credentials inside an API Experience Hub portal. Use when a portal consumer needs to list their applications, check if a name is available, create a new application, update metadata, rotate the client secret, or delete an application they no longer use.

Create or fix tests for existing Grove code examples. Use when the user asks to "add a test", "create a test", "fix this test", "update the test", "the test doesn't match the output", "test is failing", or wants to add test coverage for an existing example or fix a broken test.

Azure API Center SDK for .NET. Centralized API inventory management with governance, versioning, and discovery. Use for creating API services, workspaces, APIs, versions, definitions, environments, deployments, and metadata schemas. Triggers: "API Center", "ApiCenterService", "ApiCenterWorkspace", "ApiCenterApi", "API inventory", "API governance", "API versioning", "API catalog", "API discovery".

Azure Event Hubs SDK for .NET. Use for high-throughput event streaming: sending events (EventHubProducerClient, EventHubBufferedProducerClient), receiving events (EventProcessorClient with checkpointing), partition management, and real-time data ingestion. Triggers: "Event Hubs", "event streaming", "EventHubProducerClient", "EventProcessorClient", "send events", "receive events", "checkpointing", "partition".

Azure OpenAI SDK for .NET. Client library for Azure OpenAI and OpenAI services. Use for chat completions, embeddings, image generation, audio transcription, and assistants. Triggers: "Azure OpenAI", "AzureOpenAIClient", "ChatClient", "chat completions .NET", "GPT-4", "embeddings", "DALL-E", "Whisper", "OpenAI .NET".

Audit applications for AI prompt injection, agent security, and LLM permission boundary vulnerabilities. Use when the user mentions 'prompt injection,' 'LLM security,' 'AI security,' 'jailbreak,' 'indirect prompt injection,' 'prompt leaking,' 'AI red team,' 'LLM vulnerabilities,' 'AI input validation,' 'system prompt extraction,' 'agent security,' 'MCP security,' 'AI permissions,' 'AI privilege escalation,' or needs to secure any application with AI features, AI agents, or LLM integrations.

Analyze disk images and file systems for digital evidence recovery in forensic investigations and CTF challenges. Use when the user mentions 'disk forensics,' 'forensic analysis,' 'disk image,' 'file carving,' 'deleted files,' 'evidence recovery,' 'autopsy,' 'sleuthkit,' or needs to examine a forensic image.

Guide rapid triage and initial response to security incidents following NIST SP 800-61 methodology. Use when the user mentions 'incident response,' 'security incident,' 'triage,' 'we've been hacked,' 'breach,' 'compromised,' 'malware detected,' 'suspicious activity,' 'IOC,' 'indicators of compromise,' or needs help handling a security event.

Generate CI/CD pipeline configurations for Endor Labs security scanning. Supports GitHub Actions, GitLab CI, Jenkins, Azure DevOps, Bitbucket Pipelines, and CircleCI. Use when the user says "add security to my pipeline", "endor CI/CD", "GitHub Actions endor", "set up CI scanning", or wants automated security checks in their build pipeline. Do NOT use for running scans locally (/endor-scan) or managing policies (/endor-policy).

Execute custom queries against the Endor Labs API for advanced use cases. Use when the user asks to query findings, projects, packages, or metrics directly, says "endor api", "raw api query", "custom query", "list resources", or needs to run API filters not covered by other endor skills. Do NOT use for standard scanning (/endor-scan), dependency checks (/endor-check), or finding display (/endor-findings).

Main Endor Labs security router. Use when the user says "endor", "endor labs", or asks a general security question without specifying a particular endor command. Routes ambiguous requests like "check my security", "help with this dependency", or "what security tools are available" to the right specialized skill. Do NOT use when the user names a specific command like /endor-scan, /endor-check, /endor-fix, etc. — those skills handle themselves directly.

Monitor and manage Harness Delegates via MCP. List delegates and check health status, manage delegate registration tokens (create, revoke, delete), and find which delegates are associated with a token. Use when asked about delegate status, delegate health, delegate connectivity, delegate tokens, or troubleshooting delegate issues. Trigger phrases: delegate status, delegate health, list delegates, delegate token, delegate connectivity, delegate troubleshooting, delegate down.

Generate Harness Agent Template files for AI-powered automation agents. Produces metadata.json, pipeline.yaml (v1 syntax), and wiki.MD files. Agents automate tasks like code review, security scanning, test generation, and documentation. This is a YAML generation skill. Use when asked to create an agent template, build an AI agent, create an automation agent, generate agent pipeline files, or set up a Harness agent. Trigger phrases: create agent template, agent template, AI agent, automation agent, build agent, code review agent, security scanner agent, Harness agent.

Generate Harness Service YAML for deployable workloads and create via MCP. Supports Kubernetes, Helm, ECS, Serverless, SSH, and WinRm deployment types with artifact sources from Docker Hub, ECR, GCR, ACR, Nexus, and S3. Use when asked to create a service, define a Kubernetes service, set up a Helm chart deployment, configure an ECS service, or define what gets deployed. Trigger phrases: create service, service definition, Kubernetes service, Helm service, ECS service, deployment service, artifact source.

Generate Harness Environment YAML for deployment targets and create via MCP. Supports PreProduction and Production types with environment variables, manifest overrides, and multi-environment setup (dev, staging, prod). Use when asked to create an environment, set up staging, configure production, define deployment targets, or manage environment overrides. Trigger phrases: create environment, deployment environment, setup dev, setup staging, setup production, environment variables, environment overrides.

Static application security testing for code-level vulnerabilities. Use when the user says "SAST scan", "find SQL injection", "check for XSS", "static analysis", "endor sast", "code security scan", or wants to find injection flaws, hardcoded credentials, and insecure patterns in source code. Do NOT use for dependency vulnerabilities (/endor-sca), secrets scanning (/endor-secrets), or viewing pre-computed AI SAST findings (/endor-ai-sast).

Implement Juicebox reference architecture. Trigger: "juicebox architecture", "recruiting platform design".

Advanced 7-step hierarchical design prompt generator for AI web development tools (Lovable, Cursor, Bolt). Generates domain-aware, user-journey-based design prompts with emotional design considerations. Triggers on "디자인 프롬프트", "웹 디자인", "Lovable 프롬프트", "랜딩페이지 만들어줘", or any AI web builder prompt requests.

When the user wants to write, draft, or outline a blog post for freek.dev. Also use when the user mentions 'blog post,' 'write a post,' 'freek.dev post,' 'draft a post,' or 'blogpost.' This skill captures the writing style, tone, and structure conventions of freek.dev original posts.