# claude-skills

Custom skills for Claude.ai (claude.ai → Settings → Skills).

## Skills

| Skill | Description |
|-------|-------------|
| **backup-restore** | Backup & restore strategy for self-hosted Docker stacks. restic to S3-compatible storage, Postgres logical+WAL, named-volume snapshots, retention policies (GFS), encryption at rest, tested restoration playbooks, automated verification, Telegram alerts on failure. |
| **bulletproof** | 12-stage adaptive dev workflow (research → deploy). Adapted for Python/Docker/Traefik/MikroTik/embedded stacks, Gitea CI/CD, SonarQube. Based on Bulletproof v5.0 by Artemiy Miller. |
| **docker-compose-architect** | Docker Compose v2 best practices. `compose.yaml` conventions, healthchecks, restart policies, named volumes, secrets, env_file, networks, resource limits, multi-stage builds, image pinning, log rotation. Production-ready stack templates. |
| **embedded-firmware-engineer** | Bare-metal & RTOS firmware: ESP32/ESP-IDF, STM32 HAL/LL, Nordic nRF, FreeRTOS, Zephyr. NASA/JPL Power of Ten rules, banned functions, DMA/cache coherence, GPIO policy, watchdog strategy, brown-out testing. |
| **gitea-actions-cd** | Gitea Actions CI/CD. `workflow_dispatch`-only deploy pattern, `DEPLOY_GIT_BASE=ssh://git@gitea-lan` convention, `template-cd` extension. Compose deploy to Linux hosts and Windows (NSSM) via SCP+SSH. Image build & push to Gitea registry, SonarQube BSL pipeline. |
| **my-python-senior** | Senior-level Python engineer for systems, containers, LLM workflows, networking, and file processing. |
| **observability** | Self-hosted observability stack. Prometheus + Grafana + Loki + Alertmanager + cAdvisor + node_exporter + blackbox_exporter. Service-instrumentation patterns, dashboards as code, alerting rules, Telegram delivery via TGServerService bot. |
| **obsidian-memory** | Protocol for using `creator/obsidian-vault` (Gitea repo) as Claude's long-term memory for the user's **personal** projects (infra, embedded, 1C-consulting, lotus-eletre, etc.). Vault layout, frontmatter conventions, Gitea REST API mechanics, write-permission boundaries, domain routing vs `ucnl-market-memory`. |
| **pcb-ai-engineer** | Code-driven schematic & PCB design using Circuit-Synth (Python) → KiCad → Altium. Universal STM-family abstraction with `family → package → pinmap → capabilities` data model. |
| **traefik-architect** | Traefik v3 reverse proxy. Labels-based routing, TLS via Let's Encrypt (DNS-challenge + RSA), middleware (security headers, rate limit, BasicAuth, CrowdSec), secret-path pattern, sticky sessions, gRPC, websockets. Dynamic file provider for static routes. |
| **ucnl-market-memory** | Protocol for using `ucnlmarket/ucnl-market-memory` (Gitea repo) as Claude's long-term memory for **UCN marketing and sales** (clients, distributors, leads, trade shows, pricing, uWave/Zima2/uSpeak/USBL product marketing, export deals, regional markets). Multi-user (creator / d.zaitsev / v.vinogradova). `sensitive: true` flag for commercial data. Strict domain routing vs `obsidian-memory`. |
| **web-security-hardening** | Production web security. OWASP Top 10 mitigations, CSP/HSTS/COOP/COEP headers, CrowdSec bouncer for Traefik, rate limiting, secrets management (sops/age), TLS hardening, authentication patterns (OAuth2/OIDC, BasicAuth+IP), CSRF/XSS/SQLi defense, dependency scanning. Self-hosted infra focus. |

## Web stack skills bundle

Six skills covering full lifecycle of a production self-hosted web service. Designed to be used together:

1. **docker-compose-architect** — service definition
2. **traefik-architect** — TLS, routing, middleware
3. **web-security-hardening** — defense in depth
4. **gitea-actions-cd** — build & deploy
5. **observability** — metrics, logs, alerts
6. **backup-restore** — data safety net

## Structure

```
claude-skills/
├── README.md
├── backup-restore/
│   └── SKILL.md
├── bulletproof/
│   ├── SKILL.md
│   ├── agents/
│   │   └── code-reviewer.md
│   └── templates/
│       ├── handoff.md
│       ├── plan.md
│       ├── research.md
│       └── spec.md
├── docker-compose-architect/
│   └── SKILL.md
├── embedded-firmware-engineer/
│   └── SKILL.md
├── gitea-actions-cd/
│   └── SKILL.md
├── my-python-senior/
│   ├── SKILL.md
│   ├── ai-ml-llm.md
│   ├── containers.md
│   ├── files-io.md
│   ├── networking.md
│   └── systems.md
├── observability/
│   └── SKILL.md
├── obsidian-memory/
│   └── SKILL.md
├── pcb-ai-engineer/
│   ├── SKILL.md
│   ├── main.py
│   ├── mcu_core.py
│   ├── mcu_db.py
│   ├── mcu_peripherals.py
│   └── power.py
├── traefik-architect/
│   └── SKILL.md
├── ucnl-market-memory/
│   └── SKILL.md
└── web-security-hardening/
    └── SKILL.md
```

## Usage

Each subdirectory is a standalone skill. Upload to Claude.ai via **Settings → Profile → Custom Skills**, or point Claude Code's `--skill` flag at the `SKILL.md` file.

## License

Private — for personal use only.