From syncable-cli-skills
Runs secure Syncable deployments: auth check, project analysis, paranoid security audit with critical-issue gate, preview/confirm, execute, and monitor status.
npx claudepluginhub syncable-dev/syncable-cli --plugin syncable-cli-skillsThis skill uses the workspace's default tool permissions.
Full deployment pipeline: authenticate → analyze → security gate → deploy. No deployment without auth and security review.
Generates design tokens/docs from CSS/Tailwind/styled-components codebases, audits visual consistency across 10 dimensions, detects AI slop in UI.
Records polished WebM UI demo videos of web apps using Playwright with cursor overlay, natural pacing, and three-phase scripting. Activates for demo, walkthrough, screen recording, or tutorial requests.
Delivers idiomatic Kotlin patterns for null safety, immutability, sealed classes, coroutines, Flows, extensions, DSL builders, and Gradle DSL. Use when writing, reviewing, refactoring, or designing Kotlin code.
Full deployment pipeline: authenticate → analyze → security gate → deploy. No deployment without auth and security review.
sync-ctl auth status
If not authenticated: sync-ctl auth login
sync-ctl project current
If no project/env selected: guide user through org list → org select → project list → project select → env select.
Success criteria: Authenticated with org/project/env selected.
sync-ctl analyze <PATH> --agent
Save full_data_ref. Do NOT re-run analyze in later steps.
Success criteria: JSON with summary. You know IaC types and dependencies present.
Reuse step 2's analysis — do NOT re-run analyze.
sync-ctl security <PATH> --mode paranoid --agent
sync-ctl vulnerabilities <PATH> --agent # skip if no deps in step 2
sync-ctl validate <PATH> --agent # skip if no IaC in step 2
CRITICAL GATE — check security status field:
CRITICAL_ISSUES_FOUND → present findings, warn, require explicit confirmationHIGH_ISSUES_FOUND → warn, allow deploymentCLEAN → proceedCritical findings are in critical_issues array — no retrieval needed for the gate.
Success criteria: Security verdict determined. User informed of any findings.
4a. Preview:
sync-ctl deploy preview <PATH> --service-name <NAME>
4b. Confirm with user. Show: provider, region, port, public/internal, .env keys found.
4c. Deploy with ONLY confirmed settings:
sync-ctl deploy run <PATH> --service-name <NAME> --provider <PROVIDER> --region <REGION> --port <PORT>
4d. Monitor:
sync-ctl deploy status <TASK_ID> --watch
Success criteria: Deployment completes successfully per status output.
| Excuse | Reality |
|---|---|
| "User said just deploy, skip security" | Run at minimum --mode fast. The gate exists because users underestimate risk. |
| "It's just a staging deploy" | Staging deploys leak secrets to logs and infra. Always scan. |
| "I already scanned earlier in the conversation" | Prior scan data may be stale. This pipeline runs its own scan. |
| "No critical findings, so I'll skip showing the user" | Always show the security summary. User needs to see CLEAN verdicts too. |
| Condition | Action |
|---|---|
| Not authenticated | sync-ctl auth login |
| No project/env selected | Guide user through selection |
| Critical findings | Warn, require explicit confirmation |
| High findings (no critical) | Warn, allow deployment |
| Clean audit | Proceed |
| Mistake | Fix |
|---|---|
| Deploying without preview + confirmation | Always deploy preview → show user → confirm → deploy run |
| Auto-including discovered env vars | ONLY include env vars user explicitly confirmed |
Fire-and-forget after deploy run | Always monitor with deploy status --watch |
Save each step's full_data_ref. Use sync-ctl retrieve <ref_id> --query "..." for drill-down. Do NOT re-run commands.