一键导入
grafana
Investigate production issues, query logs and metrics, and explore dashboards on the Mattermost Grafana instance at grafana.internal.mattermost.com.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Investigate production issues, query logs and metrics, and explore dashboards on the Mattermost Grafana instance at grafana.internal.mattermost.com.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Use when running an adversarial security review of a code change — a GitHub PR, a local working-tree diff, or an explicit file list — and when wiring security review into a teamimplement run. Use when asked to security-review, audit, or vulnerability-assess freshly written or proposed code.
Analyze a GitHub pull request for risk level and generate concrete QA recommendations. Accepts a PR URL or "owner/repo#number" reference. Uses `gh` CLI to fetch the diff and metadata, computes blast radius, scores six risk dimensions, and returns a structured JSON risk assessment. Use when the user invokes /qa-analysis:qa-analysis with a GitHub PR URL or reference, or asks for a PR risk assessment, QA recommendations, or "what should I test?" for a given pull request.
Add an MCP (Model Context Protocol) server to a Mattermost plugin so the Agents plugin can call its tools. Use when implementing cross-plugin MCP, exposing AI tools from a Mattermost plugin to the Agents plugin, or wiring up the `pluginmcp` helper from mattermost-plugin-agents.
Create a new Mattermost plugin from the starter template in the current directory. Use when creating a new plugin from scratch, scaffolding a Mattermost plugin, or bootstrapping a plugin project.
Orchestrates test-driven fixes for Mattermost security tickets (Jira/Atlassian) with a Staff Security Engineer mindset: failing secure-behavior tests first, then implementation, then security review and edge-case loops, then opening a non-draft PR that follows `.github/PULL_REQUEST_TEMPLATE.md` when present, with a vague public description (no exploit detail). Use when the user invokes /security-fix:security-fix with a mattermost.atlassian.net browse URL, MM-* security work, backend permission or authorization bugs, or asks for this security TDD workflow.
Update all GitHub Actions workflow dependencies (uses: owner/action@vX) to their latest released versions. Fetches current releases from GitHub, updates all workflow YAML files to use SHA pinning with version comments, and commits.
| name | grafana |
| description | Investigate production issues, query logs and metrics, and explore dashboards on the Mattermost Grafana instance at grafana.internal.mattermost.com. |
| allowed-tools | mcp__grafana__list_datasources, mcp__grafana__search_dashboards, mcp__grafana__get_dashboard_by_uid, mcp__grafana__get_dashboard_summary, mcp__grafana__get_dashboard_panel_queries, mcp__grafana__query_prometheus, mcp__grafana__list_prometheus_metric_names, mcp__grafana__list_prometheus_metric_metadata, mcp__grafana__list_prometheus_label_names, mcp__grafana__list_prometheus_label_values, mcp__grafana__query_loki_logs, mcp__grafana__list_loki_label_names, mcp__grafana__list_loki_label_values, mcp__grafana__query_loki_stats, mcp__grafana__query_loki_patterns, mcp__grafana__get_annotations, mcp__grafana__list_oncall_schedules, mcp__grafana__get_current_oncall_users, mcp__grafana__list_alert_groups, mcp__grafana__generate_deeplink |
You are investigating production issues on the Mattermost Grafana instance.
Loki ProductionPrometheus Prod| Product | Namespace UID |
|---|---|
| Community | rxocmq9isjfm3dgyf4ujgnfz3c |
| Hub | c4ja3w3h8tgwiy5c5dbmhmkpje |
These namespace UIDs appear as the namespace label in both Loki and Prometheus. Always filter by namespace when the user's question is scoped to a specific product.
list_datasources)| Data source | UID |
|---|---|
| Loki Production | P4F55509B51A00EB7 |
| Prometheus Prod | P27C405C01959D762 |
Use these directly. Only call list_datasources if a query fails with an unknown UID error.
Use query_loki_logs with:
datasourceUid: the UID for Loki Productionquery: a LogQL expression, e.g. {namespace="rxocmq9isjfm3dgyf4ujgnfz3c"} |= "error"timeRange: {from: "now-1h", to: "now"} unless the user specifies otherwiselimit: 100 (default); increase if neededWhen exploring unknown log structure, first call list_loki_label_names and list_loki_label_values to understand available labels.
For volume/rate queries, prefer query_loki_stats over fetching raw lines.
Use query_prometheus with:
datasourceUid: the UID for Prometheus Prodquery: a PromQL expressiontime for current value; provide it for historical point-in-timeWhen discovering metrics, use list_prometheus_metric_names and list_prometheus_label_names. Use list_prometheus_metric_metadata to understand a metric's type and help text before writing PromQL.
Use search_dashboards with a descriptive query. Then use get_dashboard_summary to understand panel layout before fetching the full JSON with get_dashboard_by_uid. Use get_dashboard_panel_queries to see what PromQL/LogQL a panel runs.
Use generate_deeplink to produce a Grafana Explore or dashboard URL to share with the user. Always include the relevant time range.
list_datasources.search_dashboards.Always prefer targeted queries over broad ones — filter by namespace and narrow time ranges first, then widen if needed.