ワンクリックで
sf-agents-harness
sf-agents-harness には sparkfabrik から収集した 29 個の skills があり、リポジトリ単位の職業カバレッジとサイト内 skill 詳細ページを表示します。
このリポジトリの skills
Invoke whenever the user is working with GitLab. Trigger on any of these signals: a URL containing "gitlab" (gitlab.com or any self-hosted instance like gitlab.sparkfabrik.com), a git remote pointing to GitLab (git@gitlab.com:... or https://gitlab...), the !N merge-request notation (!15, !42), or words like "merge request", "MR", "glab", or "gitlab". Handles issues, merge requests, CI/CD pipelines, releases, and reading files from GitLab repos. Always use glab—not WebFetch or curl—for any GitLab URL because GitLab requires authentication. Do not invoke for GitHub tasks (use the gh skill instead).
Invoke whenever the user is working with GitHub. Trigger on any of these signals: a URL containing "github.com" or a self-hosted GitHub Enterprise host, a git remote pointing to GitHub (git@github.com:... or https://github.com/...), the #N issue or PR notation (#15, #42), or words like "PR", "pull request", "gh", "GitHub issue", "GitHub Actions", "workflow run", "release", "gist", "review this PR", "merge this PR", "CI status", "checks", "fork", or "clone". Handles issues, pull requests, PR reviews and comments, GitHub Actions and CI runs, releases, gists, search, and reading files from GitHub repos. Always use gh, not WebFetch or curl, for any GitHub URL because gh handles authentication and returns structured data. This skill is the GitHub equivalent of glab for GitLab; if the project is on GitHub use this skill, and do not invoke it for GitLab tasks (use the glab skill instead).
Enforce SparkFabrik commit message and branch naming conventions including conventional commits, legacy format detection, issue references, branch prefixes, and the mandatory Assisted-by trailer. MUST be loaded before EVERY git commit, commit message preparation, MR/PR title creation, branch creation, or any commit-related operation. Use whenever the agent is about to run git commit, git checkout -b, git branch, write a commit message, create a branch, or prepare a merge request or pull request title. Also use when the user mentions "commit", "git commit", "conventional commit", "commit message", "refs #", "assisted-by", "commit convention", "branch name", "new branch", or "feature branch". Never create a commit or branch without consulting this skill first.
Create and manage Google Cloud Monitoring dashboards with Terraform (google_monitoring_dashboard) without perpetual plan drift. Use this skill whenever the user works with GCP monitoring dashboards in Terraform or any IaC context - creating a new dashboard, exporting a console dashboard to code, importing an existing dashboard into state, or debugging a terraform plan that keeps showing an in-place update on dashboard_json even right after apply. Trigger on mentions of google_monitoring_dashboard, dashboard_json, Cloud Monitoring / Stackdriver dashboards, dashboard drift, perma-diff, permadiff, "plan is never clean", mosaicLayout, or gcloud monitoring dashboards.
Browser automation with the playwright-cli tool. Use when the user needs to automate browser interactions, test web apps, take screenshots, fill forms, or extract data from pages. Trigger on: "playwright-cli", "playwright", "browser automation", "headless browser", "web scraping", "screenshot", "browser testing", "e2e test".
Configure, run, and troubleshoot Spark HTTP Proxy, the Traefik-based local development reverse proxy that gives Docker containers clean domain names (for example myapp.spark.loc) over HTTP and HTTPS. Use this skill whenever the user wants to expose a local container under a domain, edit a docker-compose service to add VIRTUAL_HOST/VIRTUAL_PORT or traefik.* labels, generate trusted local certificates with mkcert, set up .loc/.dev domain resolution, or debug why a container is not reachable through the proxy. Trigger on signals like VIRTUAL_HOST, VIRTUAL_PORT, spark-http-proxy, "http-proxy", *.spark.loc / *.loc / *.dev / .local dev domains, "my app is not routing locally", "expose this container", "localhost port chaos", mkcert / trusted local HTTPS, configure-dns, or a docker-compose.yml in a local project that should be reachable by name. This is for LOCAL DEVELOPMENT only; it is not for configuring a production Traefik deployment.
Create clear, well-designed Mermaid diagrams in Markdown documents (READMEs, ADRs, design docs, RFCs, wikis). Use this skill whenever the user wants to add, draw, improve, fix, or clean up a diagram in a Markdown file — flowcharts, architecture/dependency graphs, sequence diagrams, ER diagrams, state machines, class diagrams, or C4. Trigger it even when the user does not say "Mermaid": phrases like "diagram this", "draw the architecture", "show the flow", "visualize the dependencies", "the diagram is unreadable / a hairball / too cluttered", "make this diagram clearer", or pasting a ```mermaid block and asking to improve it all mean this skill applies. Also use it to review an existing diagram for readability.
How to use GitHuman to review AI-generated code changes before committing. GitHuman provides a GitHub-like diff review interface for your staging area — visual diffs, inline comments, todos, and review workflows — all running locally via Docker. Use this skill whenever the user mentions "githuman", "code review before commit", "review staged changes", "review AI changes", wants to review diffs in a browser, asks about reviewing code before committing, or after completing a coding task where staged changes should be reviewed. Also trigger when you see references to sjust/ajust githuman commands.
Rebase a Drupal.org issue merge request onto its target branch (or a newer version branch). Use this skill whenever the user mentions rebasing a Drupal merge request, rebasing a drupal.org issue, fixing merge conflicts on a Drupal MR, updating a Drupal contribution branch, or wants to bring a Drupal.org issue fork up to date. Also trigger when the user pastes a drupal.org issue URL or git.drupalcode.org MR URL and mentions rebase, update, conflicts, or "bring up to date". Even if the user just says "rebase this drupal issue" or "update this MR" with a drupalcode.org link, this skill is what they need. Handles both same-branch rebases and cross-version rebases (e.g., 10.x to 11.x).
Generate or review AGENTS.md files following team conventions. Use when bootstrapping a project, creating or reviewing AGENTS.md, or auditing agent instructions. Trigger on: "create agents.md", "review agents.md", "bootstrap agents", "audit agents.md", "sf-create-agentsmd".
Apply Domain-Driven Design patterns in Drupal 11 custom modules. Covers strategic design (Bounded Contexts, Ubiquitous Language, Context Maps) and tactical patterns (Value Objects, Entities, Aggregates, Domain Services, Domain Events, Factories, Application Services, Anti-Corruption Layers). Includes the mandatory Repository Pattern for ALL entity interactions — code using EntityTypeManager, EntityStorage, entity queries, or CRUD must follow this architecture. Patterns adapted from "DDD in PHP" to Drupal Entity API. Use when designing module architecture, modeling domains, structuring business logic, or when terms like "value object", "aggregate", "domain event", "bounded context", "rich model", "anemic model", "application service", "domain service", "anti-corruption layer", "repository pattern", or "hexagonal architecture" come up. Also for code that loads, queries, saves, or deletes entities, splitting modules, avoiding fat controllers, integrating external APIs, or deciding where logic belongs.
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
How to develop custom Drupal 11 modules on SparkFabrik's Firestarter platform. Covers module scaffolding, hook implementations, and best practices for custom functionality. Use this skill whenever building custom features that can't be achieved with contrib modules or configuration alone — whether it's a simple hook_form_alter or a complex integration with external APIs. Always follow Drupal coding standards and the config-first workflow for any structural changes.
Write PHP code that passes all QA checks (PHPCS, PHPStan level 8, PHPMD, CSpell) on the first try. This project enforces strict coding standards via GrumPHP with zero-tolerance thresholds. Use this skill whenever you are writing or modifying PHP code in a Drupal module, theme, or any .php/.module/.install/.inc/.theme file. Even for small changes — a one-line hook, a new service method, a migration plugin — always apply these rules. The goal is to never trigger a QA failure at commit time. If you are *fixing* existing QA failures after the fact, use the drupal-qa skill instead; this skill is about getting it right from the start.
Fix Drupal code quality issues (PHPCS, PHPMD, PHPStan, CSpell) following SparkFabrik standards without using suppressions or ignores unless absolutely necessary.
Validate Drupal major version upgrades (e.g., D10 to D11) using browser automation. Establishes a baseline on the stable branch, applies the upgrade, then validates the upgraded site with identical tests and produces a comparison report. Use this skill when the user mentions "drupal upgrade validation", "major version upgrade", "D10 to D11", "D11 to D12", "upgrade baseline", "upgrade comparison", "validate upgrade", or wants to verify that a Drupal major upgrade does not break frontend or backend functionality. Also trigger when the user says "compare before and after upgrade", "test the upgrade", or "upgrade smoke test".
Auto-format files after creating or modifying them using external formatters managed by Just recipes (sjust/ajust). Use this skill whenever you write, create, or edit a Markdown file (.md). Also use when the user mentions "format markdown", "prettier", "format-md", "format-md-check", "auto-format", "auto-format-doc", or asks you to fix or check Markdown formatting. This skill applies even if you are not explicitly asked to format -- any time a .md file is written or modified, run the formatter on it.
Audit AI agent configurations, instruction files, and LLM integration code for security risks mapped to the OWASP Top 10 for Agentic Applications (2026). Use when the user wants to audit agentic security, review AI instruction files, check MCP configs, assess prompt injection risks, or evaluate LLM integration trust boundaries. Also use when the user mentions "agentic security", "AI audit", "instruction file review", "MCP security", "prompt injection", "OWASP agentic", "agent trust boundaries", or "AI supply chain".
Multi-stack code security audit workflow for web applications and APIs. Use when the user wants to perform a security audit, find vulnerabilities, run security scans, check for XSS/CSRF/injection issues, or harden an application. Also use when the user mentions "code security", "security review", "pen test", "vulnerability scan", "OWASP", "semgrep", "trivy", "gosec", "govulncheck", "phpcs", "phpstan", "psalm", "drupal-check", "composer audit", or "npm audit".
Create Architecture Decision Records (ADRs) following Michael Nygard's format through a guided conversational workflow. Use this skill whenever the user mentions ADR, architecture decision, architectural decision record, wants to document a technical decision, or asks to record a design choice. Also trigger when the user says things like "let's document this decision", "we should write this down as an ADR", "create a new ADR", or "I want to record why we chose X". Even if the user just says "new decision" or "document this choice" in a project context, this skill is likely what they need.
Guide users through a structured workflow for co-authoring documentation. Use when user wants to write documentation, proposals, technical specs, decision docs, or similar structured content. This workflow helps users efficiently transfer context, refine content through iteration, and verify the doc works for readers. Trigger when user mentions writing docs, creating proposals, drafting specs, or similar documentation tasks.
Drupal cache contexts implementation guide. Use when asked about request-based cache variations, user.roles vs user context, URL contexts, language contexts, custom cache contexts, or cache context hierarchy. Helps prevent cache explosion from overly broad contexts.
Drupal cache debugging techniques and troubleshooting workflows. Use when asked about X-Drupal-Cache headers interpretation, finding max-age 0 sources, WebProfiler usage, cache hit/miss analysis, stale content debugging, or performance profiling cache-related issues.
Drupal cache max-age configuration and behavior. Use when asked about time-based cache expiration, Cache::PERMANENT, max-age 0 issues, why Page Cache ignores max-age, or when content appears stale despite time expiration. Critical for understanding caching layer differences.
Drupal cache tags implementation guide. Use when asked about cache tag naming conventions, entity tags, list tags, custom tags, tag invalidation strategies, or debugging tag-based cache invalidation issues. Covers node:ID, config:name, entity_list patterns.
Dynamic Page Cache and BigPipe module behavior in Drupal. Use when asked about authenticated user caching, auto-placeholdering, lazy builders, BigPipe streaming, X-Drupal-Dynamic-Cache header, or why content shows UNCACHEABLE status. Covers interaction between caching layers.
Drupal lazy builders and placeholder implementation. Use when asked about
HTTP cache debugging tools and techniques. Use when asked to inspect cache headers, debug HTTP responses, use curl for cache analysis, or verify caching behavior. Includes SparkFabrik container context with make drupal-cli and docker compose commands.
SparkFabrik Drupal project container context. Use when running commands in local development environment, accessing Drupal from containers, or using fs-cli and make commands.