50fa79407d
Some checks are pending
CI — CoM Config Validation / Validate JSON Configs (push) Waiting to run
CI — CoM Config Validation / Validate YAML Configs (push) Waiting to run
CI — CoM Config Validation / Lint Shell Scripts (push) Waiting to run
CI — CoM Config Validation / Secret Detection (push) Waiting to run
CI — CoM Config Validation / Lint Markdown (push) Waiting to run
CI — CoM Config Validation / Validate CODEOWNERS (push) Waiting to run
Public, sanitized mirror of an AI orchestration command center: agents, skills, MCP servers, slash-command workflows. All infrastructure identifiers, hostnames, mesh IPs/subnets, repo paths, maintainer identity, and hardware fleet specifics scrubbed to <placeholders>; session debug logs and host-specific memory removed. No live credentials. Verified clean by automated leak sweep. See SANITIZATION.md. churchofmalware.org . authorized research only
2.9 KiB
2.9 KiB
| applyTo |
|---|
| skills/** |
Skills Instructions — CoM Slash-Command System (52 Skills)
Skill Directory Structure
Each skill lives in its own directory under skills/:
skills/
└── skill-name/
├── skill.md # Entry point — loaded when skill is invoked
├── README.md # Usage docs, examples, agent mapping
└── [templates/] # Optional: output templates, prompts
Skill File Format (skill.md)
Every skill.md must contain these sections:
- Title — skill name as H1 heading
- Description — one-line summary of what it does
- Trigger — the slash command (e.g.,
/audit) - Agents Involved — which agents from the registry execute this skill
- Input — what the user provides
- Output — what the skill produces
- Steps — ordered execution steps
- Error Handling — what happens when a step fails
Skill Categories (52 total)
- Core Operations (16 custom): /go, /swarm, /audit, /enterprise, /save, /delegate, /research, /knowledge, /sync-notion, /monitor, /security-audit, /syscheck, /crashcart, /hive, /mobile, /addison
- Security (10 imported): /static-analysis, /semgrep-rule-creator, /supply-chain-risk-auditor, /yara-authoring, /differential-review, /entry-point-analyzer, /threat-hunting, /incident-response-cyber, /recon-osint, /agentic-actions-auditor
- Engineering (11 imported): /incident-commander, /pr-review-expert, /changelog-generator, /observability-designer, /senior-secops, /runbook-generator, /docker-development, /dependency-auditor, /ci-cd-pipeline-builder, /release-manager, /tech-debt-tracker
- Project Management (4): /scrum-master, /ccpm, /ciso-advisor, /codebase-onboarding
- Anthropic Official (5): /skill-creator, /mcp-builder, /claude-api, /pdf, /webapp-testing
- Community (6): /deep-research, /tdd, /decision-toolkit, /context-builder, /firecrawl-research, /github-gist
Agent Mapping Rules
- Skills must reference agents by their registered name from
a2a/agent-cards.json - Agent capabilities must match the skill requirements (don't assign Cipher to a research task)
- Multi-agent skills must define execution waves respecting max_concurrent_agents (3 on )
- Imported skills may reference external tools (Kilo Code, Gemini) — document the delegation
Creating New Skills
- Use
/skill-creatorto scaffold new skills from the standard template - New skills must include a README.md with at least one usage example
- Skills that modify system state must include rollback instructions
- Skills that invoke external tools must document authentication requirements
- Test new skills with a dry-run before committing
Naming Conventions
- Directory name:
kebab-casematching the slash command (without the slash) - Skill entry point: always
skill.md - Templates: descriptive names in
templates/subdirectory - No spaces or uppercase in directory or file names