Skill

ci-cd-analyzer

Pipeline health, build times, flakiness, and deployment strategy analysis. Trigger: "analyze CI/CD", "pipeline health", "build times", "deployment strategy".

From sovereign-architect

Install

Run in your terminal

npx claudepluginhub javimontano/mao-sovereign-architect

Tool Access

This skill is limited to using the following tools:

ReadGlobGrepBashAgent

Supporting Assets

View in Repository

evals/evals.json

examples/sample-output.md

prompts/use-case-prompts.md

references/body-of-knowledge.md

Skill Content

CI/CD Analyzer

Evaluate continuous integration and deployment pipelines for reliability, speed, security practices, and deployment strategy maturity.

Guiding Principle

"A pipeline you don't trust is a pipeline you'll bypass. Reliability is non-negotiable."

Procedure

Step 1 — Pipeline Discovery

Locate CI/CD configuration files: .github/workflows/, .gitlab-ci.yml, Jenkinsfile, .circleci/, azure-pipelines.yml, bitbucket-pipelines.yml.
Identify all pipeline definitions: build, test, lint, deploy, release.
Map trigger conditions: push, PR, schedule, manual, tag-based.
Catalog environment targets: dev, staging, production, preview.
Document the pipeline graph with dependencies between jobs [HECHO].

Step 2 — Reliability Assessment

Analyze job configurations for retry logic and timeout settings.
Check for pinned action/image versions vs. floating tags (:latest is a reliability risk).
Identify jobs without caching (slow builds indicate missing cache).
Look for flakiness indicators: retry directives, continue-on-error, conditional failure ignoring.
Assess secret management: hardcoded vs. vault/secrets manager [HECHO].

Step 3 — Speed Analysis

Identify the longest-running jobs and their bottlenecks.
Check for parallelization opportunities (independent jobs running sequentially).
Evaluate caching strategies: dependency caches, build caches, Docker layer caches.
Assess whether test splitting or sharding is used for large test suites.
Estimate total pipeline time and identify the critical path.

Step 4 — Deployment Strategy

Classify deployment strategy: rolling, blue-green, canary, recreate, or manual.
Check for rollback mechanisms and health checks.
Assess environment promotion: automated vs. manual gates.
Verify production deploy requires approval or conditions [HECHO].
Check for feature flags and progressive delivery integration.

Quality Criteria

Pipeline configs analyzed directly, not described from memory [HECHO]
Reliability issues backed by specific configuration evidence
Speed bottlenecks identified with estimated time impact
Deployment strategy classified with maturity assessment

Anti-Patterns

Ignoring scheduled/cron pipelines (they often run neglected)
Assuming all green builds mean the pipeline is healthy
Not checking whether CI secrets are scoped appropriately
Overlooking deployment rollback capabilities

Similar Skills

agent-harness-construction

Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.

everything-claude-code

138.0k

agent-payment-x402

Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.

everything-claude-code

138.0k

agent-eval

Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.

everything-claude-code

138.0k

Stats

Stars0

Forks0

Last CommitMar 28, 2026

Actions

View Source View Plugin View on GitHub View README

Procedure

Step 1 — Pipeline Discovery

Locate CI/CD configuration files: .github/workflows/, .gitlab-ci.yml, Jenkinsfile, .circleci/, azure-pipelines.yml, bitbucket-pipelines.yml.

Identify all pipeline definitions: build, test, lint, deploy, release.

Map trigger conditions: push, PR, schedule, manual, tag-based.

Catalog environment targets: dev, staging, production, preview.

Document the pipeline graph with dependencies between jobs [HECHO].

Step 2 — Reliability Assessment

Analyze job configurations for retry logic and timeout settings.

Check for pinned action/image versions vs. floating tags (:latest is a reliability risk).

Identify jobs without caching (slow builds indicate missing cache).

Look for flakiness indicators: retry directives, continue-on-error, conditional failure ignoring.

Assess secret management: hardcoded vs. vault/secrets manager [HECHO].

Step 3 — Speed Analysis

Identify the longest-running jobs and their bottlenecks.

Check for parallelization opportunities (independent jobs running sequentially).

Evaluate caching strategies: dependency caches, build caches, Docker layer caches.

Assess whether test splitting or sharding is used for large test suites.

Estimate total pipeline time and identify the critical path.

Step 4 — Deployment Strategy

Classify deployment strategy: rolling, blue-green, canary, recreate, or manual.

Check for rollback mechanisms and health checks.

Assess environment promotion: automated vs. manual gates.

Verify production deploy requires approval or conditions [HECHO].

Check for feature flags and progressive delivery integration.