GuanceCloud

Create, review, and validate GuanceCloud Arbiter scripts for security detection rules. Use when Codex needs to author SIEM or CSPM detection logic, query data with dql or PromQL, process DQL series, call trigger to generate security events, inspect Arbiter built-in functions, or debug Arbiter syntax/runtime/trigger-output problems.

生成、修复、解释、评审 DQL。凡是要交付“最终可执行 DQL”，都必须先逐条通过 dqlcheck 校验，再输出最终结果。

Create, refine, and validate GuanceCloud/DataKit pipeline scripts from raw message samples. Use when Codex needs to author pipeline .p scripts, choose json/load_json versus grok extraction for text or JSON messages, run pipeline-go validation, or debug parsing/runtime/extraction errors.

Converts Spock/Groovy test files in a Gradle module to equivalent JUnit 5 Java tests. Use when asked to "migrate groovy", "convert groovy to java", "g2j", or when a module has .groovy test files that need to be replaced with .java equivalents.

Write a new library instrumentation end-to-end. Use when the user ask to add a new APM integration or a library instrumentation.

Use when debugging with an external DataKit bug-report bundle such as info-<timestamp> or info-<timestamp>.zip, and you need to use the current bundle as the primary evidence while treating docs/bug-report as historical hints

Use when the user wants to install or upgrade the OpenClaw OTEL plugin through the GTrace install flow, and expects the agent to build and run the install command from explicit parameters such as installer URL, endpoint, token, version, and tags. This skill is only for the GTrace install path.