akin-ozer/cc-devops-skills
Overview
This skill is a comprehensive toolkit for validating, linting, and optimizing bash and POSIX shell scripts. It detects the shell from the shebang, runs syntax checks, integrates ShellCheck if available, and applies custom security and performance checks. The skill produces a detailed, line-numbered report with actionable fixes and references to best-practice guides.
How this skill works
The validator first verifies file existence and detects the shell type from the shebang. It runs shell-specific syntax validation (bash -n or sh -n), then invokes ShellCheck when available and applies additional pattern-based custom checks for security, portability, and performance. Results are summarized with error/warning/info counts and suggested fixes with before/after code examples.
When to use it
- Before committing or deploying any .sh or .bash script to catch syntax and runtime risks
- During code review to surface security issues like unsafe eval or command injection
- When converting bash scripts to POSIX sh to detect bashisms and non-portable constructs
- To optimize scripts for performance by finding UUOC, unnecessary subshells, and inefficient pipelines
- As a learning tool to enforce best practices and teach common shell pitfalls
Best practices
- Include an explicit shebang and detect shell dialect early
- Enable strict mode: set -euo pipefail (adjust per script requirements)
- Quote all variable expansions and validate inputs to avoid injection
- Prefer built-ins over external commands and avoid useless use of cat
- Run the validator in CI and as a pre-commit hook to catch issues early
Example use cases
- Automated pre-commit hook that validates staged .sh files and blocks commits on errors
- CI job that scans the repository for shell scripts and fails the build on critical issues
- Security audit that lists eval usages, unquoted expansions, and dangerous rm patterns
- Portability conversion workflow: detect bashisms, apply POSIX alternatives, and revalidate
- Performance sweep to replace pipelines with built-ins and remove subshell overhead
FAQ
No. It runs syntax checks without ShellCheck, but provides deeper static analysis and rule IDs when ShellCheck is installed or available via the wrapper.
How does it determine shell type?
It reads the script shebang (e.g., #!/bin/bash, #!/bin/sh) and maps common interpreters to bash, POSIX sh, zsh, ksh, or dash.
Can it be used in CI and pre-commit hooks?
Yes. The validator is designed for CI/CD integration and includes examples for GitHub Actions and pre-commit hook usage.
20 skills
This skill validates bash and POSIX scripts, flags syntax, security issues, and common pitfalls to improve reliability and portability.
This skill generates production-ready bash scripts with best practices, offering robust error handling, logging, argument parsing, and validation for
This skill helps you craft production-ready LogQL queries for Loki by guiding you through goal, sources, parsing, and aggregation steps.
This skill generates production-ready Azure DevOps pipelines following current best practices, with validation and reusable templates for CI, CD, and
This skill validates, lints, and secures Azure Pipelines configurations, helping you catch syntax errors, enforce best practices, and audit security before
This skill validates, lints, tests, and automates Ansible code quality across playbooks, roles, and collections, including dry-run checks and molecule testing.
This skill generates production-ready Kubernetes YAML manifests with validation and CRD support for deployments, services, configmaps, and more.
This skill validates and secures GitLab CI/CD configurations by linting, testing, and auditing pipelines for best practices and security.
This skill validates, lints, and tests Terragrunt configurations, guiding fixes and ensuring safe, compliant infrastructure with comprehensive checks.
This skill validates, formats, and audits Makefiles for correctness and security using mbake and custom checks to improve reliability.
This skill helps you generate production-ready Helm charts and templates aligned with best practices, enabling rapid creation, validation, and consistent
This skill helps you diagnose Kubernetes cluster issues and streamline debugging of pods, services, deployments, and network problems with structured workflows.
This skill generates production-ready Jenkinsfiles for declarative and scripted pipelines, validating outputs with a dedicated Jenkinsfile validator.
This skill validates, lints, and analyzes Helm charts and rendered resources to detect issues, ensuring best practices without modifying source files.
This skill validates, explains, and optimizes PromQL queries, offering interactive planning to improve accuracy, performance, and interpretability.
This skill generates production-ready Makefiles for C/C++, Python, Go, and Java projects with best practices.
This skill generates production-ready Terragrunt configurations following current best practices, enabling consistent multi-environment roots and modular child
This skill generates production-ready Terraform configurations following current best practices, validating providers, modules, and dynamic data for reliable
This skill validates and lint Kubernetes YAML manifests, detects CRD issues, and generates a detailed report for manual remediation.
This skill validates, lints, and tests Terraform configurations, helping you catch errors, ensure security, and generate actionable validation reports.