Skip to content

Skills

117 assets available

Showing 117 of 117 assets

Sort by:

abyss-documentation

active

Fetches and references Abyss Design System documentation for building frontend applications. Use when user asks about Abyss components, form inputs, layouts, UI patterns, styling, or needs Abyss implementation guidance. Trigger phrases include "how do I use Abyss", "Abyss Button", "Abyss form", "design system docs".

claude
codex
vscode
abyss
design-system
documentation
ui
components
+1

Owner: mtaugner_uhg

abyss-v2-migration

active

Orchestrates Abyss Design System v1 to v2 migration. Auto-detects platform (web/mobile), package versions, legacy tokens, and component token overrides. Invokes child skills in optimal sequence. Use when user asks to "migrate to Abyss v2", "run v2 migration", "upgrade to Abyss v2", or wants to know "what migration work is needed". Trigger phrases include "abyss migration", "v1 to v2", "upgrade abyss".

claude
codex
vscode
abyss
migration
v2
orchestration
design-system
+1

Owner: mtaugner_uhg

ai-dlc-config

experimental

Configure AI-DLC workflow behavior, depth levels, approval gates, and agent preferences

codex
ai-dlc
config
settings
preferences

Owner: epic-platform-sre

ai-dlc-construction

active

Execute the AI-DLC Construction phase with functional design and code generation for each unit of work

codex
ai-dlc
construction
design
code-generation
lifecycle

Owner: epic-platform-sre

ai-dlc-fix

active

Fast-path bug fix workflow with TDD-first approach for well-understood bugs that do not need the full inception-construction pipeline

codex
ai-dlc
fix
bug-fix
tdd
fast-path
+1

Owner: epic-platform-sre

ai-dlc-inception

active

Execute the AI-DLC Inception phase to plan and architect a software project with requirements gathering, workflow planning, and application design

codex
ai-dlc
inception
requirements
planning
architecture
+1

Owner: epic-platform-sre

ai-dlc-methodology

active

Comprehensive reference for the AI-Driven Development Lifecycle methodology, a post-Agile framework combining systematic planning with AI-augmented execution

codex
ai-dlc
methodology
lifecycle
post-agile
reference

Owner: epic-platform-sre

ai-dlc-status

experimental

Check AI-DLC workflow status, current phase, stage progress, and pending approvals

codex
ai-dlc
status
progress
workflow

Owner: epic-platform-sre

ansible-expert

active

Enterprise Ansible automation with AWX, collections, roles, and Optum Epic infrastructure patterns

codex
ansible
automation
awx
infrastructure
epic
+1

Owner: epic-platform-sre

apollo

experimental

GitOps release orchestration, semantic-release workflows, and cross-repo distribution

codex
gitops
github-actions
semantic-release
release
ci

Owner: epic-platform-sre

awx-expert

active

AWX/AAP automation platform, Configuration-as-Code, object management, and Epic AWX deployment patterns

codex
awx
aap
ansible
automation
configuration-as-code
+3

Owner: epic-platform-sre

azure-expert

active

Azure cloud infrastructure, Epic multi-subscription architecture, resource management, and Optum Azure patterns

codex
azure
cloud
infrastructure
epic
optum
+3

Owner: epic-platform-sre

cave-man

experimental

Terse technical response style that removes filler while preserving substance

codex
communication
response-style
brevity
clarity
codex

Owner: epic-platform-sre

cerberus

experimental

Multi-head code guardian for security, quality, and architecture review

codex
security
quality
architecture
review
lint

Owner: epic-platform-sre

claude-sync

active

Sync Codex settings to Claude Code — converts model, plugins, env vars, and trust level to ~/.claude/settings.json

codex
settings
claude
sync
configuration

Owner: epic-platform-sre

codex remove quarantine

remove the macbook quarantine from codex executable after upgrades

claude
codex
vscode

dependency-management-reviewer

active

Review React Native and UHC Mobile dependency additions for maintenance status, React Native compatibility, New Architecture readiness, security vulnerabilities, bundle impact, license and ownership risk, justification, alternatives, and approved federation package usage. Use when package.json, lockfiles, native modules, or third-party package choices change.

codex
react-native
uhc-mobile
dependencies
security
review

Owner: optum-tech-compute

diataxis-framework

active

Classify, audit, and write documentation using the Diataxis framework (https://diataxis.fr). Four documentation types — tutorials, how-to guides, reference, and explanation — distinguished by two axes (action vs cognition, acquisition vs application). Universal — applies equally to Claude Code, Codex, and VS Code documentation work. Use whenever a documentation task requires deciding which quadrant a page belongs in, splitting mixed content, naming files (`how-to-*`, `ref-*`), or auditing an existing docs corpus. Trigger phrases include "diataxis", "what quadrant", "is this a tutorial or how-to", "classify docs", "audit docs", "where does this page belong", "split this page".

codex
diataxis
documentation
information-architecture
content-classification
docs-audit

Owner: thudak

dojo360

active

Dojo360 provides secure and compliant Terraform modules for Azure, AWS, and GCP.

claude
codex
vscode
terraform
dojo360

Owner: pcorazao

drzero

experimental

Run DrZero autonomous improvement after initializing shared drzero.yml while preserving the @drzero plugin mention

codex
drzero
autonomous
default
improvement

Owner: epic-platform-sre

drzero-analysis

experimental

Deep codebase analysis without making changes - architecture review, quality assessment, and improvement recommendations

codex
drzero
analysis
review
quality
architecture

Owner: epic-platform-sre

drzero-autonomous

experimental

Autonomous repository improvement loop with two-phase propose-then-solve workflow using domain specialist agents

codex
drzero
autonomous
improvement
ci
quality

Owner: epic-platform-sre

drzero-citadel

experimental

Governed DrZero execution with centralized quality gates for sensitive or release-critical work

codex
drzero
governance
quality-gates
release

Owner: epic-platform-sre

drzero-config

experimental

Configure DrZero using the shared Claude-compatible drzero.yml format and activate Codex agents

codex
drzero
config
settings
preferences

Owner: epic-platform-sre

drzero-council

experimental

Run a structured DrZero debate across domain specialists for architecture and design decisions

codex
drzero
council
architecture
decision

Owner: epic-platform-sre

drzero-cronenberg

experimental

Generate parallel DrZero implementation variants and compare them before selecting one approach

codex
drzero
variants
experiments
comparison

Owner: epic-platform-sre

drzero-execution

experimental

Execute a specific WorkItem through domain specialist routing with security review

codex
drzero
execution
workitem
implementation

Owner: epic-platform-sre

drzero-help

experimental

Show DrZero setup guidance, workflow modes, and copy-ready examples for using the @drzero plugin

codex
drzero
help
examples
commands

Owner: epic-platform-sre

drzero-morty

experimental

Run simplified DrZero execution for small tasks, with an optional ruthless optimization mode

codex
drzero
simple
optimization
small-tasks

Owner: epic-platform-sre

drzero-pickle

experimental

Produce the minimal viable DrZero solution under strict constraints such as CI repair or tiny diffs

codex
drzero
minimal
ci
constraints

Owner: epic-platform-sre

drzero-ping

experimental

Health check for the DrZero Codex plugin, shared config, custom agents, support scripts, and scoring runtime

codex
drzero
healthcheck
plugin
codex

Owner: epic-platform-sre

drzero-portal-gun

experimental

Coordinate DrZero work across multiple repositories with explicit boundaries and verification

codex
drzero
cross-repo
coordination
migration

Owner: epic-platform-sre

drzero-status

experimental

Monitor DrZero session progress, agent activity, WorkItem completion, and task outcomes

codex
drzero
status
monitoring
progress

Owner: epic-platform-sre

drzero-swarm

experimental

Distribute work across multiple domain specialist agents in parallel for complex multi-domain tasks

codex
drzero
swarm
parallel
multi-agent
orchestration

Owner: epic-platform-sre

drzero-unity

experimental

Coordinate peer-to-peer DrZero parallel work without a single central implementation owner

codex
drzero
parallel
peer-to-peer
coordination

Owner: epic-platform-sre

dynatrace-expert

active

Dynatrace Platform operations expertise — DQL queries, entity inventory, metrics analysis, problem triage, dashboard management, and Settings API for Grail-based tenants.

codex
dynatrace
monitoring
observability
dql
grail
+1

Owner: platform-infrastructure

dynatrace-k8s-triage

active

Systematic Kubernetes service triage using Dynatrace DQL — entity discovery, JVM health, thread analysis, pod generation comparison, Davis problem correlation, and Splunk SPL query generation for restricted log environments.

codex
dynatrace
kubernetes
troubleshooting
jvm
spring-boot
+3

Owner: epic-platform-sre

epic-expert

active

Epic EMR healthcare software, infrastructure deployment on Azure, ODB/Citrix/Hyperspace architecture, and operational patterns

codex
epic
emr
healthcare
ehr
odb
+4

Owner: epic-platform-sre

file-structure-auditor

active

Review React Native and UHC Mobile code for file structure, file naming, related-file grouping, folder organization, modal placement, utility extraction, and package boundary standards. Use when asked to audit directories, organize components, review screen/package layout, or clean up UHC Mobile file structure.

codex
react-native
uhc-mobile
file-structure
review
maintainability

Owner: optum-tech-compute

git-expert

active

Git version control, branching strategies, advanced operations, troubleshooting, and collaboration workflows

codex
git
version-control
branching
merging
rebase
+1

Owner: platform-devops

git-worktree-enforcement

active

Mandatory git worktree policy ensuring feature work happens in worktrees/ subdirectories, not the main clone

codex
git
worktree
branching
enforcement
version-control
+1

Owner: platform-devops

github-agents

active

Configure GitHub Copilot Coding Agent repositories with the correct UHG runner, Artifactory, and workflow bootstrap patterns.

claude
codex
vscode
github
copilot
github-actions
artifactory
uhg
+1

Owner: pcorazao

github-dependabot

active

Create or review a repo-specific `.github/dependabot.yml` for GitHub Dependabot.

claude
codex
vscode
github
copilot
github-actions
dependabot

Owner: pcorazao

github-expert

active

GitHub platform features, Actions, workflows, CLI, repository management, and security

codex
github
github-actions
ci-cd
workflows
automation
+1

Owner: platform-devops

github-workflows-dojo360-azure-infrastructure

active

Deploy Azure infrastructure using Terraform with PCAM vaulted access and native Azure authentication through Dojo360 Azure Infrastructure workflow

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-container-cd

active

Deploy containerized applications to AWS ECS/Azure ACS using Dojo360 Container CD workflow with blue-green and rolling update strategies

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-container-promotion

active

Multi-environment container deployment promotion through prescribed deployment paths with automated approval gates and E2E testing

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-database

active

Automate database schema updates using Liquibase via the Dojo360 database workflow (with rollback and validation patterns)

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-database-promotion

active

Promote Liquibase database changes across environments (dev→qa→cert→prod) with deployment-path validation and approval gates

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-dockerfile-ci

active

Build and scan container images from a Dockerfile using Optum golden images and the recommended UHG reusable workflow

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-dotnet-ci

active

Build, test, and scan .NET apps using the recommended UHG reusable CI workflow, with optional publish/pack and container builds

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-generate-promotion

active

Generate promotion workflow files dynamically from Dojo360 metadata (validates deployment paths and stitches CI/CD promotion flows)

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-go-ci

active

Build, test, and scan Go apps using the recommended UHG reusable CI workflow, with optional deploy and container builds

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-infrastructure-promotion

active

Multi-environment infrastructure promotion workflow with deployment path validation and approval gates

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-java-ci

active

Build, test, and scan Java apps using the recommended UHG reusable CI workflows (Maven/Gradle), with Artifactory integration and optional container builds

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-nodejs-ci

active

Build, test, and scan Node.js apps using the recommended UHG reusable CI workflows (npm/yarn/pnpm), with Artifactory integration and optional container builds

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-publish

active

Build and publish artifacts to SaaS Artifactory using OIDC (images, packages), with optional promotion to global repositories

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-python-ci

active

Build, test, and scan Python apps using the recommended UHG reusable CI workflows (pip/poetry), with Artifactory integration and optional container builds

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-scala-ci

active

Build, test, and scan Scala (SBT) apps using the recommended UHG reusable CI workflow, with optional publish and container builds

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-serverless-cd

active

Deploy serverless applications (Lambda, Azure Functions) to AWS/Azure using Terraform with OIDC authentication, artifact management, and multi-environment support

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-serverless-promotion

active

Promote serverless deployments across environments (dev→qa→cert→prod) using Dojo360 serverless-cd-promotion with deployment-path validation and approval gates

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-terraform

active

Deploy infrastructure using Dojo360 Pipelines Infrastructure Workflow with Terraform

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-terraform-destroy

active

Master the Terraform Destroy workflow from Dojo360 to safely tear down and terminate cloud infrastructure across AWS, Azure, and GCP environments

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

github-workflows-dojo360-terraform-ops

active

Terraform state management and troubleshooting operations including state lock resolution and force unlock capabilities

claude
codex
vscode
github-actions
workflow
dojo360

Owner: pcorazao

golang-expert

active

Enterprise Go development with concurrency patterns, observability, testing strategy, and Optum-specific standards

codex
go
golang
development
testing
concurrency
+1

Owner: epic-platform-sre

golden-container

active

Create Dockerfiles for any technology using Optum golden images. Covers the Golden Image Navigator API, multi-stage build pattern, tag conventions, and version discovery for every product in the golden image catalog. Use when asked to containerize an application regardless of language or runtime.

claude
codex
vscode
docker
golden-image
containerization
podman

Owner: pcorazao

goodmorning

active

a skill to boot up developer tools to latest and greatest for the day

claude
codex
vscode
developer-experience
setup
codex
codex-marketplace
codex-plugin
+3

Owner: pcorazao_uhg

harmony-app-layout-pattern

active

Skill for implementing a responsive app layout pattern using Harmony components.

claude
codex
vscode
harmony
react
layout
navigation
ui
+1

Owner: pcorazao

harmony-create-simple-app

active

Recreate the Harmony healthcare demo application using exact page, shell, and mock-data templates captured from the working `harmony-healthcare-demo` reference app. Use when building a simple Harmony healthcare site with a dashboard, eligibility workflow, claims queue, remittance experience, and an official Harmony sidebar-based app shell.

claude
codex
vscode
harmony
react
healthcare
demo
app-shell
+4

Owner: pcorazao

harmony-form-pattern

active

Build accessible healthcare forms using the Harmony Design System (@uhg-harmony/react). Provides component patterns, layout templates, and state management guidance for TextInput, DatePicker, Checkbox, Select, FormControl, and multi-step form flows. Use when creating React forms with Harmony components, fixing layout or accessibility issues, or scaffolding new healthcare intake forms.

claude
codex
vscode
harmony
react
forms
accessibility
healthcare
+2

Owner: pcorazao

harmony-modal-pattern

active

Skill for implementing a Harmony modal pattern using Harmony Modal components.

claude
codex
vscode
harmony
react
modal
overlay
accessibility
+2

Owner: pcorazao

harmony-sdk-discovery

active

Discover and explore available Harmony components and APIs from installed packages

claude
codex
vscode
harmony
react
discovery
sdk
components
+1

Owner: pcorazao

harmony-version-management

active

Check for latest Harmony packages and update dependencies safely

claude
codex
vscode
harmony
react
versions
dependencies
npm
+1

Owner: pcorazao

hello-world

Responds with ASCII art when the user says "hello world".

claude
codex
vscode

hermod

experimental

SRE monitoring, incident response, and runbook authoring

codex
sre
monitoring
incidents
runbooks
reliability

Owner: epic-platform-sre

impeccable-style

active

Frontend design quality system for creating distinctive, production-grade interfaces with strong typography, color, layout, motion, interaction, and UX writing choices. Use when building or reviewing web/mobile UI and when users want to avoid generic AI-generated design patterns.

codex
frontend
design
ui
ux
css
+2

Owner: rvenugop_uhg

insomnia-collection-generator

active

Generate or update a deterministic Insomnia collection for NestJS GraphQL repos. Analyzes schema and resolvers, maintains generate-insomnia.js using a template, and produces dated YAML collection files.

codex
insomnia
graphql
nestjs
api-testing
collection-generator
+1

Owner: platform-automation

janus

experimental

Secrets management across vaults, privileged stores, and certificate systems

codex
secrets
vault
cyberark
venafi
security
+3

Owner: epic-platform-sre

jfrog-oidc-management

Query and manage JFrog Artifactory OIDC repository allowlists via PRM/hcpctl. Use when GitHub Actions fail with "repository is not associated with an Artifactory Project" or when onboarding a new repo to use epl-jf/saas-setup@v5.

claude
codex
vscode

koji

experimental

Testing specialist for Ansible, Terraform, and GitHub Actions

codex
testing
molecule
terratest
ci
validation

Owner: epic-platform-sre

kubernetes-expert

experimental

Kubernetes and Kustomize operations with GitOps-first safety, debugging patterns, and production deployment guidance

codex
kubernetes
k8s
kustomize
gitops
sre

Owner: epic-platform-sre

llm-app-security-reviewer

experimental

Review LLM, generative AI, RAG, agent, prompt, embedding, vector database, MCP, and tool-calling application changes for security risks including prompt injection, data exfiltration, unsafe tool permissions, sensitive data leakage, retrieval boundary failures, insecure model-output trust, weak guardrails, secrets exposure, prompt/completion logging, and compliance issues. Use when asked to review AI app security, agent security, prompt safety, RAG security, model integration security, tool/function calling, vector stores, MCP servers, AI gateways, or LLM-related code.

codex
llm-security
ai-security
rag
prompt-injection
agents
+4

Owner: jnishan5

mesh-certification-coach

experimental

Help data product owners assess, explain, and improve a Mesh Certification Score using evidence-backed review, gap analysis, and prioritized remediation planning. Use when a team needs to estimate certification readiness, respond to certification feedback, strengthen data product ownership, improve discoverability, tighten data quality and reliability controls, document access/privacy posture, or turn a mesh scorecard into an actionable plan.

codex
data-mesh
certification
data-product
governance
quality
+1

Owner: optum-tech-compute

mobile-accessibility-reviewer

active

Review mobile React Native UI and federated modules for accessibility labels, roles, hints, states, focus handling, announcements, disabled/loading/error states, dynamic text scaling, design-token contrast, keyboard and screen reader behavior, and approved accessibility package usage. Use when reviewing mobile UI, forms, navigation, modals, cards, buttons, or federated UI surfaces.

codex
mobile
accessibility
react-native
a11y
review

Owner: optum-tech-compute

musashi

experimental

Production-grade Ansible, Terraform, GitHub Actions, and automation scripting

codex
ansible
terraform
github-actions
automation
bash

Owner: epic-platform-sre

netra-ai

active

Use this skill to explore available Netra AI components and understand their purpose and usage. Get familiar with installing and integrating core-react-components and common-react-components into your project. Use these components to efficiently create and update UI pages while following established design and development guidelines.

claude
codex
vscode
netra-ai
react
typescript
tailwind
design-system
+1

Owner: yagarwa2

node-container

active

Create Node.js Dockerfiles using Optum golden images and the standard multi-stage build pattern. Use when asked to author or update Dockerfiles for Node.js services that must comply with Optum golden image standards.

claude
codex
vscode
docker
golden-image
containerization
podman

Owner: pcorazao

node-npm-install

optum's artifactory blocks packages that are younger than 5 days old, but also blocks critical and high packages or packages that have supply chain attacks, this skill gives techniques to help resolve npm installs

claude
codex
vscode

optum-izer

experimental

Genericize project-specific assets for organization-wide reuse

codex
genericization
portability
templates
publishing

Owner: epic-platform-sre

phi-shield

active

Detect, mask, redact, or de-identify Protected Health Information (PHI) and Personally Identifiable Information (PII) from any file or text, in compliance with HIPAA Safe Harbor (45 CFR §164.514). Use this skill whenever the user wants to: redact PHI or PII from documents, de-identify patient data, anonymize health records, mask sensitive fields before sharing data, check whether a file contains PHI, scrub clinical notes or EHR exports, prepare a dataset for research or analytics, comply with HIPAA de-identification requirements, or sanitize CSV/Excel/text/PDF/DOCX files of patient identifiers. Triggers on: PHI, PII, HIPAA, de-identify, anonymize, redact, mask, scrub, sanitize, patient data, health records, clinical notes, EHR, medical records, safe harbor, 18 identifiers, protected health information, personally identifiable.

codex
hipaa
phi
pii
healthcare
de-identification
+4

Owner: jnishan5

pr-review-multi-agent-expert

active

Run a lean pull request review with real spawned agents, adaptive specialist routing, and strict synthesis. Use when a user wants a deep PR review with high signal, low noise, and read-only behavior by default.

codex
pull-request
review
multi-agent
code-review
github
+3

Owner: platform-devops

prune-worktrees

active

Safely prune git worktrees whose branches have been merged into the remote default. Uses authoritative gh API merged-PR detection plus remote-branch and ancestry checks. Skips worktrees with uncommitted or unpushed work. Use when the user asks to "prune worktrees", "clean up worktrees", "remove old worktrees", "cleanup git worktrees", or wants to know "which worktrees are safe to delete". Trigger phrases include "git hygiene", "worktree cleanup", "stale worktrees".

codex
git
worktrees
hygiene
cleanup
gh-cli
+1

Owner: epic-platform-sre

python-container

active

Create Python Dockerfiles using Optum golden images and the standard multi-stage build pattern. Use when asked to author or update Dockerfiles for Python services that must comply with Optum golden image standards.

claude
codex
vscode
docker
golden-image
containerization
podman

Owner: pcorazao

python-expert

active

Advanced Python development with enterprise best practices, async patterns, and Optum-specific standards

codex
python
development
testing
async
optum

Owner: epic-platform-sre

react-native-performance-review

active

Review React Native code for performance issues including unnecessary re-renders, inline functions, missing memoization, inefficient lists, context overuse, missing cleanup, and other mobile-specific performance problems. Use when asked to check performance, optimize React Native code, reduce jank, or review performance-critical mobile changes.

codex
react-native
mobile
performance
review
uhc-mobile

Owner: optum-tech-compute

react-native-security-review

active

Review React Native code for security vulnerabilities including PII/PHI storage, authorization bypass risks, secrets handling, token exposure, unvalidated identifiers, unsafe logging, mobile storage risks, and other security-critical mobile issues. Use when asked to check security, sensitive data handling, authentication, authorization, storage, logging, or network-related React Native changes.

codex
react-native
mobile
security
hipaa
review
+1

Owner: optum-tech-compute

security-agent-cca-fix

active

Run or explain Security Agent remediation through GitHub Copilot Cloud Agent from a pip-installed setup. Use when Codex needs to use --executor cca or --executor auto, create remote Copilot/CCA remediation tasks, reason about CCA budget/status, or compare local Codex execution with remote GitHub Cloud Agent execution without cloning the controller repo.

codex
security
cca
github
copilot
remediation
+3

Owner: edi-security-agent

security-agent-discovery

active

Discover, inspect, import, refresh, and export Security Agent vulnerability data from a pip-installed setup. Use when Codex needs to list Azure Defender findings, filter by repo/severity/CVE/fixable state, refresh the local UI vulnerability cache, import Security Platform findings through explicit cookie and DPoP values, or explain discovery-only workflows without cloning the controller repo.

codex
security
azure-defender
vulnerability
discovery
cve
+2

Owner: edi-security-agent

security-agent-local-fix

active

Run local Security Agent remediation from a pip-installed setup with the Codex executor. Use when Codex needs to plan or execute edi-security-agent defender fix with --executor codex or --executor local, dry-run Maven CVE remediation, apply local fixes, create Git branches/PRs, or explain the local autonomous Codex remediation path without cloning the controller repo.

codex
security
maven
cve
remediation
codex
+3

Owner: edi-security-agent

security-agent-setup

active

Set up Security Agent for users who have not cloned the controller repo. Use when Codex needs to create ~/security-agent, create a Python virtual environment, install the pip3 package edi-security-agent, explain private Artifactory package index setup when package install fails, verify edi-security-agent --version, guide local .env creation for Azure Defender and optional GitHub/OpenAI values, verify az login, or troubleshoot private package index configuration.

codex
security
setup
pip
azure-defender
optum
+3

Owner: edi-security-agent

security-agent-ui-runs

active

Operate the Security Agent local FastAPI/UI workflow from a pip-installed setup. Use when Codex needs to start or inspect edi-security-agent-ui, refresh vulnerability data in the local SQLite cache, use the natural-language chat workflow, create/monitor/cancel UI runs, or explain local dashboard run behavior without cloning the controller repo.

codex
security
ui
fastapi
dashboard
vulnerability
+2

Owner: edi-security-agent

security-oss-app-reviewer

active

Static-first security assessment workflow for open-source software application source code. Use when reviewing open-source software apps, forks, plugins, desktop apps, CLIs, browser extensions, web apps, or agent tools for data exfiltration, token and password handling, credential access, query or data-source access, sandbox boundaries, filesystem reach, network egress, telemetry, dependency or CI risk, and least-privilege concerns.

codex
open-source-software
security
review
credentials
sandbox
+1

Owner: raltman2

skills-sh

active

Use this skill when evaluating or installing a skill from skills.sh. Treat skills.sh as an external marketplace: verify ownership, official status, audits, maintenance signals, and local security implications before recommending any install command.

claude
codex
vscode
skills-sh
marketplace
security-review
supply-chain
codex
+2

Owner: pcorazao_uhg

sonarqube

active

Set up SonarQube in your project.

claude
codex
vscode
sonarqube
workflow
github

Owner: pcorazao

terraform-expert

active

Enterprise Infrastructure-as-Code with Terraform, Azure provider, private registry modules, and Optum Epic patterns

codex
terraform
iac
azure
infrastructure
epic
+1

Owner: epic-platform-sre

the-savager

experimental

Brutal code review focused on correctness, security, and performance

codex
review
anti-patterns
security
performance
quality

Owner: epic-platform-sre

thoth

experimental

Documentation architecture, MkDocs monorepo builds, and Diataxis enforcement

codex
documentation
mkdocs
diataxis
monorepo

Owner: epic-platform-sre

uhc-analytics-reviewer

active

Review UHC Mobile analytics implementations for .analytics.ts isolation, track-prefixed functions, Adobe payload casing, analytics constants, screenNameMapEntries updates, route mapping, A/B test tracking, event placement, and federated analytics events. Use when adding or changing mobile analytics, tracking hooks, navigation tracking, or Adobe payloads.

codex
uhc-mobile
analytics
adobe
react-native
review

Owner: optum-tech-compute

uhc-code-organization-auditor

active

Audit UHC Mobile code organization, naming conventions, file structure, import/export patterns, component section ordering, selector and analytics naming, feature-flag naming, and module boundaries before feature merges or cleanup work. Use when reviewing UHC Mobile React Native packages for maintainability and repository convention drift.

codex
uhc-mobile
react-native
code-organization
review
maintainability

Owner: optum-tech-compute

uhc-env-secrets-reviewer

active

Review UHC Mobile environment configuration, secrets handling, Vault-to-Artifactory flows, react-native-config access, Firebase environment overrides, certificate pinning, production domain usage, local dev configuration, and secret exposure risks. Use when env files, build configuration, Firebase overrides, certificate pinsets, domains, tokens, or secrets-related mobile code changes.

codex
uhc-mobile
secrets
environment
security
react-native
+1

Owner: optum-tech-compute

uhc-feature-flag-reviewer

active

Review UHC Mobile feature flag additions and usage for enable-prefixed naming, selector naming, default values, internal and platform-specific overrides, alphabetical ordering, product coordination, rollout safety, dead-flag cleanup, and removal planning. Use when feature flag types, selectors, defaults, overrides, or flag-gated UI logic changes.

codex
uhc-mobile
feature-flags
react-native
release
review

Owner: optum-tech-compute

uhc-federation-integration-reviewer

active

Review UHC Mobile federated module integrations for approved V2 package usage, host-app data access, event sending, analytics, navigation, API client usage, accessibility support, session behavior, route mapping, and deprecated V1 package usage. Use when working on UHC Mobile federation packages or integrating a federated module with the host app.

codex
uhc-mobile
federation
react-native
integration
review

Owner: optum-tech-compute

uhg-grid-knowledge

active

Expert knowledge about UHG's Grid multi-cloud service mesh - architecture, IP addressing, DNS, service registration, security model, performance characteristics, and troubleshooting

claude
codex
vscode
grid
service-mesh
consul
haproxy
multi-cloud
+2

Owner: miverso2_uhg

uitk-react-to-harmony-migration

Migrate UITK React codebases to Harmony React using bundled, eval-proven workflows and a bundled component-mapping reference. Use when Codex needs to migrate a full UITK React app, convert a current screen or requested file set, choose between app-wide and current-screen migration modes, or package the Harmony migration workflow into another repository.

claude
codex
vscode

wiki-ingest

Identify synthesis pages affected by asset changes and report or draft updates

claude
codex
vscode

wiki-lint

Health-check the wiki synthesis layer for stale pages, broken refs, and gaps

claude
codex
vscode

wiki-query

Search synthesis pages to answer questions about the asset library

claude
codex
vscode