https://github.com/iuliandita/skills

Hand-crafted Agent Skills for DevOps, infrastructure, security, and software engineering. Production-tested, context-optimized, built on the Agent Skills standard.
https://github.com/iuliandita/skills

ai-coding ansible claude-code claude-code-skills devops docker infrastructure kubernetes security terraform

Last synced: about 1 month ago
JSON representation

Hand-crafted Agent Skills for DevOps, infrastructure, security, and software engineering. Production-tested, context-optimized, built on the Agent Skills standard.

• Host: GitHub
• URL: https://github.com/iuliandita/skills
• Owner: iuliandita
• License: mit
• Created: 2026-04-06T18:18:16.000Z (2 months ago)
• Default Branch: main
• Last Pushed: 2026-04-22T23:40:24.000Z (about 2 months ago)
• Last Synced: 2026-04-23T01:30:35.734Z (about 2 months ago)
• Topics: ai-coding, ansible, claude-code, claude-code-skills, devops, docker, infrastructure, kubernetes, security, terraform
• Language: Shell
• Size: 1.22 MB
• Stars: 2
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
# skills.

**Hand-built [Agent Skills](https://agentskills.io) with automated quality gates.**



```bash

npx skills add iuliandita/skills

```

42 skills for DevOps, security, infra, and software engineering, maintained with lint/spec checks, behavioral test coverage, and a [Karpathy-style autoresearch loop](https://github.com/karpathy/autoresearch).

[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)

[![Agent Skills](https://img.shields.io/badge/Agent_Skills-open_standard-blue.svg)](https://agentskills.io)



---

## The story

AI coding tools used to mean prompts. Prompts don't compose, don't carry between tools, and don't improve unless you rewrite them by hand. Agent Skills replaced that: a directory of markdown plus a description, portable across every conformant tool. Drop a skill folder anywhere the spec is read and the agent gets a new capability.

Then Karpathy pointed an agent at a 630-line training script overnight. It edited the code, ran a 5-minute training, kept changes that improved the score, discarded the rest. 700 runs, 20 wins, on one GPU. The pattern works on anything you can score.

This repo applies that pattern conservatively to 42 hand-built skills. The loop helps find weak spots and propose improvements; the gates and review discipline decide what survives.

## The autoresearch loop

`skill-refiner` ports Karpathy's pattern to a skill collection. It loads every skill, scores it across structural and behavioral checks, targets the weakest areas, and keeps changes only when the measured result improves without failing review.

The cycle:

> **Score → Improve → Verify → Keep or Revert → Repeat.**

- **Structural gates.** `lint-skills.sh` and `validate-spec.sh` enforce the collection shape, YAML frontmatter, routing conventions, reference links, and size limits.

- **Behavioral checks.** Synthetic tasks test whether the skill produces useful output in context. These are useful signals, not proof of universal behavior across every model.

- **Adaptive focus.** First pass scores everything. Subsequent iterations target the lowest-scoring skills until they're brought up.

- **Cross-model peer review.** If a second AI harness is available (Claude alongside Codex, for example), the second model reviews every change the first one makes. Single-model blind spots get caught.

- **The Karpathy gate.** Only changes that measurably improve the score survive. Changes that score worse, remove important content, or fail peer review are reverted or revised.

- **Self-improvement.** `skill-refiner` improves its own evaluation infrastructure (including itself) in a separate meta-phase, with human review checkpoints.

The goal is not magic self-repair. The goal is a repeatable maintenance loop with evidence, review points, and a bias toward reverting weak changes.

## Quality evidence

Current repository gates pass for the public skill collection:

```bash

./scripts/lint-skills.sh

./scripts/validate-spec.sh

```

The latest tracked refiner run in [`.refiner-runs.json`](.refiner-runs.json) is a targeted 2026-05-02 `code-slimming` run. It ended with structural gates passing, a 99/100 final review, a 99/100 behavioral forward-test, and peer review returning `NO_FLAGS`.

That evidence is a maintenance signal, not a permanent guarantee. Skill behavior still depends on the consuming agent, model, tool limits, and whether the task matches the skill's intended scope.

## Report output

Audit and review skills use a shared output contract. In chat they keep results compact; when a durable report is useful, they write markdown under `docs/local/`, which is gitignored by default so local audit notes do not leak into published commits.

Example report excerpt:

```markdown

# CODE-REVIEW - src/auth/ - 2026-05-03

- **Skill:** code-review

- **Mode:** audit

- **Target:** `src/auth/`

- **Findings:** 2 (P0:1, P2:1)

## P0 - Must fix

- [ ] **#1 Missing CSRF check on POST /api/posts**

  - **File:** `src/auth/routes.ts:42`

  - **Description:** State-changing requests accept browser-originated traffic without verifying a CSRF token.

  - **Suggested action:** Add `requireCsrf()` before the route handler.

  - **Fix applied:** _to be filled by implementer_

## P2 - Nice to fix

- [x] **#2 Duplicate auth cookie parsing**

  - **File:** `src/auth/cookie.ts:12`

  - **Description:** Three handlers repeated the same cookie decode branch.

  - **Suggested action:** Extract a shared `decodeAuthCookie()` helper.

  - **Fix applied:** Added `decodeAuthCookie()` and updated the repeated handlers.

```

Report checkboxes are intentionally editable. As fixes land, flip `- [ ]` to `- [x]` and replace the `Fix applied` placeholder with the actual change.

## Why it matters

- **The collection is easier to improve safely.** New skills inherit the current lint, spec, routing, and behavioral standards. The bar moves through explicit checks instead of memory.

- **One folder, every tool.** Built on the [Agent Skills open standard](https://agentskills.io/specification). Any conformant tool reads them. No conversion, no per-tool forks.

- **Maintained outside model weights.** Skills can carry recent tool changes, CVEs, deprecations, and local practices without waiting for a model retrain.

- **Skills know about each other.** Routing hints (`Not for X (use Y)`) reduce collisions and help agents choose the right instruction set.

## Quick install

```bash

npx skills add iuliandita/skills

```

That's it. For specific skills, alternative tools, the bundled installer, or symlink mode across multiple agents, see [INSTALL.md](INSTALL.md).

## What's in here

42 skills covering infra (Kubernetes, Terraform, Docker, Ansible), cluster health diagnostics, distros (Arch, Debian, Fedora, Kali, NixOS), networking and firewalls, security and pentesting, code review, code slimming, and prose audits, frontend and UI design, AI/ML and MCP server work, virtualization, dev workflow tooling, and meta-tooling (the skill creator, refiner, router, and full-review orchestrator).

Browse [`skills/`](skills/) for the full list, or query it:

```bash

npx skills add iuliandita/skills --list

```

Each skill description is in its own `SKILL.md` frontmatter. The trigger keywords and routing hints there tell the agent when to load it.

## Compatibility

Built on the [Agent Skills open standard](https://agentskills.io/specification). Any conformant tool can read the skill structure directly. The bundled installer ships paths for 25 specific targets (Claude Code, Codex, Cursor, Gemini, Copilot, Windsurf, OpenCode, and others); see [INSTALL.md](INSTALL.md) for the full table and overrides.

Installer support means the repo knows where to copy or symlink the skills. It is not a certification that every target handles activation, trigger matching, context loading, or subagent workflows identically. Smoke-test important skills in the agent you plan to use.

## Contributing

Issues and PRs welcome. Skills must pass `./scripts/lint-skills.sh` and follow the [Agent Skills specification](https://agentskills.io/specification).

## License

[MIT](LICENSE)

---

`kubernetes` `terraform` `docker` `ansible` `archlinux` `cachyos` `pacman` `paru` `aur` `systemd` `nixos` `nix` `flakes` `home-manager` `nix-darwin` `helm` `argocd` `ci-cd` `github-actions` `gitlab-ci` `postgresql` `mongodb` `mysql` `networking` `dns` `wireguard` `tailscale` `vpn` `nftables` `opnsense` `pfsense` `mcp` `model-context-protocol` `security-audit` `owasp` `pentesting` `code-slimming` `privilege-escalation` `ctf` `code-review` `git` `shell` `zsh` `bash` `prompt-engineering` `pci-dss` `compliance` `devops` `infrastructure-as-code` `iac` `containers` `podman` `buildah` `sealed-secrets` `haproxy` `caddy` `traefik` `nginx` `autoresearch` `self-improving` `llm` `rag` `embedding` `vector-store` `langchain` `langgraph` `openai-sdk` `anthropic-sdk` `agents` `fine-tuning` `ollama` `vllm` `promptfoo` `vitest` `jest` `playwright` `pytest` `tdd` `e2e` `accessibility` `axe-core` `load-testing` `k6` `proxmox` `qemu` `kvm` `libvirt` `packer` `cloud-init` `gpu-passthrough` `virtualization` `hypervisor`