Skills
117 assets available
Showing 117 of 117 assets
abyss-documentation
Fetches and references Abyss Design System documentation for building frontend applications. Use when user asks about Abyss components, form inputs, layouts, UI patterns, styling, or needs Abyss implementation guidance. Trigger phrases include "how do I use Abyss", "Abyss Button", "Abyss form", "design system docs".
Owner: mtaugner_uhg
abyss-v2-migration
Orchestrates Abyss Design System v1 to v2 migration. Auto-detects platform (web/mobile), package versions, legacy tokens, and component token overrides. Invokes child skills in optimal sequence. Use when user asks to "migrate to Abyss v2", "run v2 migration", "upgrade to Abyss v2", or wants to know "what migration work is needed". Trigger phrases include "abyss migration", "v1 to v2", "upgrade abyss".
Owner: mtaugner_uhg
ai-dlc-config
Configure AI-DLC workflow behavior, depth levels, approval gates, and agent preferences
Owner: epic-platform-sre
ai-dlc-construction
Execute the AI-DLC Construction phase with functional design and code generation for each unit of work
Owner: epic-platform-sre
ai-dlc-fix
Fast-path bug fix workflow with TDD-first approach for well-understood bugs that do not need the full inception-construction pipeline
Owner: epic-platform-sre
ai-dlc-inception
Execute the AI-DLC Inception phase to plan and architect a software project with requirements gathering, workflow planning, and application design
Owner: epic-platform-sre
ai-dlc-methodology
Comprehensive reference for the AI-Driven Development Lifecycle methodology, a post-Agile framework combining systematic planning with AI-augmented execution
Owner: epic-platform-sre
ai-dlc-status
Check AI-DLC workflow status, current phase, stage progress, and pending approvals
Owner: epic-platform-sre
ansible-expert
Enterprise Ansible automation with AWX, collections, roles, and Optum Epic infrastructure patterns
Owner: epic-platform-sre
apollo
GitOps release orchestration, semantic-release workflows, and cross-repo distribution
Owner: epic-platform-sre
awx-expert
AWX/AAP automation platform, Configuration-as-Code, object management, and Epic AWX deployment patterns
Owner: epic-platform-sre
azure-expert
Azure cloud infrastructure, Epic multi-subscription architecture, resource management, and Optum Azure patterns
Owner: epic-platform-sre
cave-man
Terse technical response style that removes filler while preserving substance
Owner: epic-platform-sre
cerberus
Multi-head code guardian for security, quality, and architecture review
Owner: epic-platform-sre
claude-sync
Sync Codex settings to Claude Code — converts model, plugins, env vars, and trust level to ~/.claude/settings.json
Owner: epic-platform-sre
codex remove quarantine
remove the macbook quarantine from codex executable after upgrades
dependency-management-reviewer
Review React Native and UHC Mobile dependency additions for maintenance status, React Native compatibility, New Architecture readiness, security vulnerabilities, bundle impact, license and ownership risk, justification, alternatives, and approved federation package usage. Use when package.json, lockfiles, native modules, or third-party package choices change.
Owner: optum-tech-compute
diataxis-framework
Classify, audit, and write documentation using the Diataxis framework (https://diataxis.fr). Four documentation types — tutorials, how-to guides, reference, and explanation — distinguished by two axes (action vs cognition, acquisition vs application). Universal — applies equally to Claude Code, Codex, and VS Code documentation work. Use whenever a documentation task requires deciding which quadrant a page belongs in, splitting mixed content, naming files (`how-to-*`, `ref-*`), or auditing an existing docs corpus. Trigger phrases include "diataxis", "what quadrant", "is this a tutorial or how-to", "classify docs", "audit docs", "where does this page belong", "split this page".
Owner: thudak
dojo360
Dojo360 provides secure and compliant Terraform modules for Azure, AWS, and GCP.
Owner: pcorazao
drzero
Run DrZero autonomous improvement after initializing shared drzero.yml while preserving the @drzero plugin mention
Owner: epic-platform-sre
drzero-analysis
Deep codebase analysis without making changes - architecture review, quality assessment, and improvement recommendations
Owner: epic-platform-sre
drzero-autonomous
Autonomous repository improvement loop with two-phase propose-then-solve workflow using domain specialist agents
Owner: epic-platform-sre
drzero-citadel
Governed DrZero execution with centralized quality gates for sensitive or release-critical work
Owner: epic-platform-sre
drzero-config
Configure DrZero using the shared Claude-compatible drzero.yml format and activate Codex agents
Owner: epic-platform-sre
drzero-council
Run a structured DrZero debate across domain specialists for architecture and design decisions
Owner: epic-platform-sre
drzero-cronenberg
Generate parallel DrZero implementation variants and compare them before selecting one approach
Owner: epic-platform-sre
drzero-execution
Execute a specific WorkItem through domain specialist routing with security review
Owner: epic-platform-sre
drzero-help
Show DrZero setup guidance, workflow modes, and copy-ready examples for using the @drzero plugin
Owner: epic-platform-sre
drzero-morty
Run simplified DrZero execution for small tasks, with an optional ruthless optimization mode
Owner: epic-platform-sre
drzero-pickle
Produce the minimal viable DrZero solution under strict constraints such as CI repair or tiny diffs
Owner: epic-platform-sre
drzero-ping
Health check for the DrZero Codex plugin, shared config, custom agents, support scripts, and scoring runtime
Owner: epic-platform-sre
drzero-portal-gun
Coordinate DrZero work across multiple repositories with explicit boundaries and verification
Owner: epic-platform-sre
drzero-status
Monitor DrZero session progress, agent activity, WorkItem completion, and task outcomes
Owner: epic-platform-sre
drzero-swarm
Distribute work across multiple domain specialist agents in parallel for complex multi-domain tasks
Owner: epic-platform-sre
drzero-unity
Coordinate peer-to-peer DrZero parallel work without a single central implementation owner
Owner: epic-platform-sre
dynatrace-expert
Dynatrace Platform operations expertise — DQL queries, entity inventory, metrics analysis, problem triage, dashboard management, and Settings API for Grail-based tenants.
Owner: platform-infrastructure
dynatrace-k8s-triage
Systematic Kubernetes service triage using Dynatrace DQL — entity discovery, JVM health, thread analysis, pod generation comparison, Davis problem correlation, and Splunk SPL query generation for restricted log environments.
Owner: epic-platform-sre
epic-expert
Epic EMR healthcare software, infrastructure deployment on Azure, ODB/Citrix/Hyperspace architecture, and operational patterns
Owner: epic-platform-sre
file-structure-auditor
Review React Native and UHC Mobile code for file structure, file naming, related-file grouping, folder organization, modal placement, utility extraction, and package boundary standards. Use when asked to audit directories, organize components, review screen/package layout, or clean up UHC Mobile file structure.
Owner: optum-tech-compute
git-expert
Git version control, branching strategies, advanced operations, troubleshooting, and collaboration workflows
Owner: platform-devops
git-worktree-enforcement
Mandatory git worktree policy ensuring feature work happens in worktrees/ subdirectories, not the main clone
Owner: platform-devops
github-agents
Configure GitHub Copilot Coding Agent repositories with the correct UHG runner, Artifactory, and workflow bootstrap patterns.
Owner: pcorazao
github-dependabot
Create or review a repo-specific `.github/dependabot.yml` for GitHub Dependabot.
Owner: pcorazao
github-expert
GitHub platform features, Actions, workflows, CLI, repository management, and security
Owner: platform-devops
github-workflows-dojo360-azure-infrastructure
Deploy Azure infrastructure using Terraform with PCAM vaulted access and native Azure authentication through Dojo360 Azure Infrastructure workflow
Owner: pcorazao
github-workflows-dojo360-container-cd
Deploy containerized applications to AWS ECS/Azure ACS using Dojo360 Container CD workflow with blue-green and rolling update strategies
Owner: pcorazao
github-workflows-dojo360-container-promotion
Multi-environment container deployment promotion through prescribed deployment paths with automated approval gates and E2E testing
Owner: pcorazao
github-workflows-dojo360-database
Automate database schema updates using Liquibase via the Dojo360 database workflow (with rollback and validation patterns)
Owner: pcorazao
github-workflows-dojo360-database-promotion
Promote Liquibase database changes across environments (dev→qa→cert→prod) with deployment-path validation and approval gates
Owner: pcorazao
github-workflows-dojo360-dockerfile-ci
Build and scan container images from a Dockerfile using Optum golden images and the recommended UHG reusable workflow
Owner: pcorazao
github-workflows-dojo360-dotnet-ci
Build, test, and scan .NET apps using the recommended UHG reusable CI workflow, with optional publish/pack and container builds
Owner: pcorazao
github-workflows-dojo360-generate-promotion
Generate promotion workflow files dynamically from Dojo360 metadata (validates deployment paths and stitches CI/CD promotion flows)
Owner: pcorazao
github-workflows-dojo360-go-ci
Build, test, and scan Go apps using the recommended UHG reusable CI workflow, with optional deploy and container builds
Owner: pcorazao
github-workflows-dojo360-infrastructure-promotion
Multi-environment infrastructure promotion workflow with deployment path validation and approval gates
Owner: pcorazao
github-workflows-dojo360-java-ci
Build, test, and scan Java apps using the recommended UHG reusable CI workflows (Maven/Gradle), with Artifactory integration and optional container builds
Owner: pcorazao
github-workflows-dojo360-nodejs-ci
Build, test, and scan Node.js apps using the recommended UHG reusable CI workflows (npm/yarn/pnpm), with Artifactory integration and optional container builds
Owner: pcorazao
github-workflows-dojo360-publish
Build and publish artifacts to SaaS Artifactory using OIDC (images, packages), with optional promotion to global repositories
Owner: pcorazao
github-workflows-dojo360-python-ci
Build, test, and scan Python apps using the recommended UHG reusable CI workflows (pip/poetry), with Artifactory integration and optional container builds
Owner: pcorazao
github-workflows-dojo360-scala-ci
Build, test, and scan Scala (SBT) apps using the recommended UHG reusable CI workflow, with optional publish and container builds
Owner: pcorazao
github-workflows-dojo360-serverless-cd
Deploy serverless applications (Lambda, Azure Functions) to AWS/Azure using Terraform with OIDC authentication, artifact management, and multi-environment support
Owner: pcorazao
github-workflows-dojo360-serverless-promotion
Promote serverless deployments across environments (dev→qa→cert→prod) using Dojo360 serverless-cd-promotion with deployment-path validation and approval gates
Owner: pcorazao
github-workflows-dojo360-terraform
Deploy infrastructure using Dojo360 Pipelines Infrastructure Workflow with Terraform
Owner: pcorazao
github-workflows-dojo360-terraform-destroy
Master the Terraform Destroy workflow from Dojo360 to safely tear down and terminate cloud infrastructure across AWS, Azure, and GCP environments
Owner: pcorazao
github-workflows-dojo360-terraform-ops
Terraform state management and troubleshooting operations including state lock resolution and force unlock capabilities
Owner: pcorazao
golang-expert
Enterprise Go development with concurrency patterns, observability, testing strategy, and Optum-specific standards
Owner: epic-platform-sre
golden-container
Create Dockerfiles for any technology using Optum golden images. Covers the Golden Image Navigator API, multi-stage build pattern, tag conventions, and version discovery for every product in the golden image catalog. Use when asked to containerize an application regardless of language or runtime.
Owner: pcorazao
goodmorning
a skill to boot up developer tools to latest and greatest for the day
Owner: pcorazao_uhg
harmony-app-layout-pattern
Skill for implementing a responsive app layout pattern using Harmony components.
Owner: pcorazao
harmony-create-simple-app
Recreate the Harmony healthcare demo application using exact page, shell, and mock-data templates captured from the working `harmony-healthcare-demo` reference app. Use when building a simple Harmony healthcare site with a dashboard, eligibility workflow, claims queue, remittance experience, and an official Harmony sidebar-based app shell.
Owner: pcorazao
harmony-form-pattern
Build accessible healthcare forms using the Harmony Design System (@uhg-harmony/react). Provides component patterns, layout templates, and state management guidance for TextInput, DatePicker, Checkbox, Select, FormControl, and multi-step form flows. Use when creating React forms with Harmony components, fixing layout or accessibility issues, or scaffolding new healthcare intake forms.
Owner: pcorazao
harmony-modal-pattern
Skill for implementing a Harmony modal pattern using Harmony Modal components.
Owner: pcorazao
harmony-sdk-discovery
Discover and explore available Harmony components and APIs from installed packages
Owner: pcorazao
harmony-version-management
Check for latest Harmony packages and update dependencies safely
Owner: pcorazao
hello-world
Responds with ASCII art when the user says "hello world".
hermod
SRE monitoring, incident response, and runbook authoring
Owner: epic-platform-sre
impeccable-style
Frontend design quality system for creating distinctive, production-grade interfaces with strong typography, color, layout, motion, interaction, and UX writing choices. Use when building or reviewing web/mobile UI and when users want to avoid generic AI-generated design patterns.
Owner: rvenugop_uhg
insomnia-collection-generator
Generate or update a deterministic Insomnia collection for NestJS GraphQL repos. Analyzes schema and resolvers, maintains generate-insomnia.js using a template, and produces dated YAML collection files.
Owner: platform-automation
janus
Secrets management across vaults, privileged stores, and certificate systems
Owner: epic-platform-sre
jfrog-oidc-management
Query and manage JFrog Artifactory OIDC repository allowlists via PRM/hcpctl. Use when GitHub Actions fail with "repository is not associated with an Artifactory Project" or when onboarding a new repo to use epl-jf/saas-setup@v5.
koji
Testing specialist for Ansible, Terraform, and GitHub Actions
Owner: epic-platform-sre
kubernetes-expert
Kubernetes and Kustomize operations with GitOps-first safety, debugging patterns, and production deployment guidance
Owner: epic-platform-sre
llm-app-security-reviewer
Review LLM, generative AI, RAG, agent, prompt, embedding, vector database, MCP, and tool-calling application changes for security risks including prompt injection, data exfiltration, unsafe tool permissions, sensitive data leakage, retrieval boundary failures, insecure model-output trust, weak guardrails, secrets exposure, prompt/completion logging, and compliance issues. Use when asked to review AI app security, agent security, prompt safety, RAG security, model integration security, tool/function calling, vector stores, MCP servers, AI gateways, or LLM-related code.
Owner: jnishan5
mesh-certification-coach
Help data product owners assess, explain, and improve a Mesh Certification Score using evidence-backed review, gap analysis, and prioritized remediation planning. Use when a team needs to estimate certification readiness, respond to certification feedback, strengthen data product ownership, improve discoverability, tighten data quality and reliability controls, document access/privacy posture, or turn a mesh scorecard into an actionable plan.
Owner: optum-tech-compute
mobile-accessibility-reviewer
Review mobile React Native UI and federated modules for accessibility labels, roles, hints, states, focus handling, announcements, disabled/loading/error states, dynamic text scaling, design-token contrast, keyboard and screen reader behavior, and approved accessibility package usage. Use when reviewing mobile UI, forms, navigation, modals, cards, buttons, or federated UI surfaces.
Owner: optum-tech-compute
musashi
Production-grade Ansible, Terraform, GitHub Actions, and automation scripting
Owner: epic-platform-sre
netra-ai
Use this skill to explore available Netra AI components and understand their purpose and usage. Get familiar with installing and integrating core-react-components and common-react-components into your project. Use these components to efficiently create and update UI pages while following established design and development guidelines.
Owner: yagarwa2
node-container
Create Node.js Dockerfiles using Optum golden images and the standard multi-stage build pattern. Use when asked to author or update Dockerfiles for Node.js services that must comply with Optum golden image standards.
Owner: pcorazao
node-npm-install
optum's artifactory blocks packages that are younger than 5 days old, but also blocks critical and high packages or packages that have supply chain attacks, this skill gives techniques to help resolve npm installs
optum-izer
Genericize project-specific assets for organization-wide reuse
Owner: epic-platform-sre
phi-shield
Detect, mask, redact, or de-identify Protected Health Information (PHI) and Personally Identifiable Information (PII) from any file or text, in compliance with HIPAA Safe Harbor (45 CFR §164.514). Use this skill whenever the user wants to: redact PHI or PII from documents, de-identify patient data, anonymize health records, mask sensitive fields before sharing data, check whether a file contains PHI, scrub clinical notes or EHR exports, prepare a dataset for research or analytics, comply with HIPAA de-identification requirements, or sanitize CSV/Excel/text/PDF/DOCX files of patient identifiers. Triggers on: PHI, PII, HIPAA, de-identify, anonymize, redact, mask, scrub, sanitize, patient data, health records, clinical notes, EHR, medical records, safe harbor, 18 identifiers, protected health information, personally identifiable.
Owner: jnishan5
pr-review-multi-agent-expert
Run a lean pull request review with real spawned agents, adaptive specialist routing, and strict synthesis. Use when a user wants a deep PR review with high signal, low noise, and read-only behavior by default.
Owner: platform-devops
prune-worktrees
Safely prune git worktrees whose branches have been merged into the remote default. Uses authoritative gh API merged-PR detection plus remote-branch and ancestry checks. Skips worktrees with uncommitted or unpushed work. Use when the user asks to "prune worktrees", "clean up worktrees", "remove old worktrees", "cleanup git worktrees", or wants to know "which worktrees are safe to delete". Trigger phrases include "git hygiene", "worktree cleanup", "stale worktrees".
Owner: epic-platform-sre
python-container
Create Python Dockerfiles using Optum golden images and the standard multi-stage build pattern. Use when asked to author or update Dockerfiles for Python services that must comply with Optum golden image standards.
Owner: pcorazao
python-expert
Advanced Python development with enterprise best practices, async patterns, and Optum-specific standards
Owner: epic-platform-sre
react-native-performance-review
Review React Native code for performance issues including unnecessary re-renders, inline functions, missing memoization, inefficient lists, context overuse, missing cleanup, and other mobile-specific performance problems. Use when asked to check performance, optimize React Native code, reduce jank, or review performance-critical mobile changes.
Owner: optum-tech-compute
react-native-security-review
Review React Native code for security vulnerabilities including PII/PHI storage, authorization bypass risks, secrets handling, token exposure, unvalidated identifiers, unsafe logging, mobile storage risks, and other security-critical mobile issues. Use when asked to check security, sensitive data handling, authentication, authorization, storage, logging, or network-related React Native changes.
Owner: optum-tech-compute
security-agent-cca-fix
Run or explain Security Agent remediation through GitHub Copilot Cloud Agent from a pip-installed setup. Use when Codex needs to use --executor cca or --executor auto, create remote Copilot/CCA remediation tasks, reason about CCA budget/status, or compare local Codex execution with remote GitHub Cloud Agent execution without cloning the controller repo.
Owner: edi-security-agent
security-agent-discovery
Discover, inspect, import, refresh, and export Security Agent vulnerability data from a pip-installed setup. Use when Codex needs to list Azure Defender findings, filter by repo/severity/CVE/fixable state, refresh the local UI vulnerability cache, import Security Platform findings through explicit cookie and DPoP values, or explain discovery-only workflows without cloning the controller repo.
Owner: edi-security-agent
security-agent-local-fix
Run local Security Agent remediation from a pip-installed setup with the Codex executor. Use when Codex needs to plan or execute edi-security-agent defender fix with --executor codex or --executor local, dry-run Maven CVE remediation, apply local fixes, create Git branches/PRs, or explain the local autonomous Codex remediation path without cloning the controller repo.
Owner: edi-security-agent
security-agent-setup
Set up Security Agent for users who have not cloned the controller repo. Use when Codex needs to create ~/security-agent, create a Python virtual environment, install the pip3 package edi-security-agent, explain private Artifactory package index setup when package install fails, verify edi-security-agent --version, guide local .env creation for Azure Defender and optional GitHub/OpenAI values, verify az login, or troubleshoot private package index configuration.
Owner: edi-security-agent
security-agent-ui-runs
Operate the Security Agent local FastAPI/UI workflow from a pip-installed setup. Use when Codex needs to start or inspect edi-security-agent-ui, refresh vulnerability data in the local SQLite cache, use the natural-language chat workflow, create/monitor/cancel UI runs, or explain local dashboard run behavior without cloning the controller repo.
Owner: edi-security-agent
security-oss-app-reviewer
Static-first security assessment workflow for open-source software application source code. Use when reviewing open-source software apps, forks, plugins, desktop apps, CLIs, browser extensions, web apps, or agent tools for data exfiltration, token and password handling, credential access, query or data-source access, sandbox boundaries, filesystem reach, network egress, telemetry, dependency or CI risk, and least-privilege concerns.
Owner: raltman2
skills-sh
Use this skill when evaluating or installing a skill from skills.sh. Treat skills.sh as an external marketplace: verify ownership, official status, audits, maintenance signals, and local security implications before recommending any install command.
Owner: pcorazao_uhg
sonarqube
Set up SonarQube in your project.
Owner: pcorazao
terraform-expert
Enterprise Infrastructure-as-Code with Terraform, Azure provider, private registry modules, and Optum Epic patterns
Owner: epic-platform-sre
the-savager
Brutal code review focused on correctness, security, and performance
Owner: epic-platform-sre
thoth
Documentation architecture, MkDocs monorepo builds, and Diataxis enforcement
Owner: epic-platform-sre
uhc-analytics-reviewer
Review UHC Mobile analytics implementations for .analytics.ts isolation, track-prefixed functions, Adobe payload casing, analytics constants, screenNameMapEntries updates, route mapping, A/B test tracking, event placement, and federated analytics events. Use when adding or changing mobile analytics, tracking hooks, navigation tracking, or Adobe payloads.
Owner: optum-tech-compute
uhc-code-organization-auditor
Audit UHC Mobile code organization, naming conventions, file structure, import/export patterns, component section ordering, selector and analytics naming, feature-flag naming, and module boundaries before feature merges or cleanup work. Use when reviewing UHC Mobile React Native packages for maintainability and repository convention drift.
Owner: optum-tech-compute
uhc-env-secrets-reviewer
Review UHC Mobile environment configuration, secrets handling, Vault-to-Artifactory flows, react-native-config access, Firebase environment overrides, certificate pinning, production domain usage, local dev configuration, and secret exposure risks. Use when env files, build configuration, Firebase overrides, certificate pinsets, domains, tokens, or secrets-related mobile code changes.
Owner: optum-tech-compute
uhc-feature-flag-reviewer
Review UHC Mobile feature flag additions and usage for enable-prefixed naming, selector naming, default values, internal and platform-specific overrides, alphabetical ordering, product coordination, rollout safety, dead-flag cleanup, and removal planning. Use when feature flag types, selectors, defaults, overrides, or flag-gated UI logic changes.
Owner: optum-tech-compute
uhc-federation-integration-reviewer
Review UHC Mobile federated module integrations for approved V2 package usage, host-app data access, event sending, analytics, navigation, API client usage, accessibility support, session behavior, route mapping, and deprecated V1 package usage. Use when working on UHC Mobile federation packages or integrating a federated module with the host app.
Owner: optum-tech-compute
uhg-grid-knowledge
Expert knowledge about UHG's Grid multi-cloud service mesh - architecture, IP addressing, DNS, service registration, security model, performance characteristics, and troubleshooting
Owner: miverso2_uhg
uitk-react-to-harmony-migration
Migrate UITK React codebases to Harmony React using bundled, eval-proven workflows and a bundled component-mapping reference. Use when Codex needs to migrate a full UITK React app, convert a current screen or requested file set, choose between app-wide and current-screen migration modes, or package the Harmony migration workflow into another repository.
wiki-ingest
Identify synthesis pages affected by asset changes and report or draft updates
wiki-lint
Health-check the wiki synthesis layer for stale pages, broken refs, and gaps
wiki-query
Search synthesis pages to answer questions about the asset library

