playbooks

home / skills / yousufjoyian / claude-skills / security-agent

security-agent skill

/security-agent

This skill helps you diagnose and fix Pulse visualization issues in security-agent by validating endpoints, coordinating log edits, and recovering sidecar

npx playbooks add skill yousufjoyian/claude-skills --skill security-agent

Review the files below or copy the command above to add this skill to your agents.

Files (2)
SKILL.md
3.7 KB
---
name: security-agent
description: Operate and debug the TriClaude sidecar/A2UI visualization pipeline for security-agent sessions. Use when users ask about Pulse visualization being blank, A2UI cards not rendering, sidecar restarts, or when generating visualization HTML that must route to the correct terminal and endpoint.
---

# Security Agent Skill

Use this skill to produce reliable A2UI/Pulse visualizations for the `security-agent` project and to diagnose pipeline failures quickly.

## Quick Intent Routing

Decide target behavior from user wording before writing HTML:

- If the user says `Pulse`, `Visualization section`, or `agent visualization`:
  verify `GET /api/a2a/vizit-latest/<terminalId>` returns `200` with HTML.
- If the user says `A2UI content`, `A2UI panel`, or `sidecar content`:
  verify `POST /api/a2ui-content` returns HTML.
- If they only ask for a visualization card:
  write to `a2ui_input.log` and verify both endpoints when possible.

## Canonical Workflow

### 1) Resolve active terminal and log path

Use API, not assumptions.

```bash
curl -sS -m 5 http://127.0.0.1:7690/api/projects
```

Find the `security-agent` project, then use:
- `activeTerminalId`
- `sidecarPort`
- log path: `/home/yousuf/GoogleDrive/PROJECTS/.triclaude/runtime/terminals/<terminalId>/a2ui_input.log`

### 2) Acquire file checkout lock before edits

Before editing any file, checkout it:

```bash
curl -sS -X POST http://127.0.0.1:7690/api/coordination/checkout \
  -H "Content-Type: application/json" \
  -d '{"terminalId":"<terminalId>","filePath":"<full_file_path>","projectPath":"/home/yousuf/local_workspaces/security-agent"}'
```

If `success: false`, do not edit.

### 3) Write A2UI block correctly

Rules:
- Always append with `>>`, never overwrite with `>`.
- Always wrap HTML with `<!-- A2UI:START -->` and `<!-- A2UI:END -->`.
- Add a timestamp comment to avoid sidecar dedupe.

```html
<!-- A2UI:START -->
<!-- ts: 2026-02-16T20:09:01-05:00 -->
<div>...</div>
<!-- A2UI:END -->
```

### 4) Verify rendering path

Check both views as needed:

```bash
curl -sS -m 5 -X POST http://127.0.0.1:7690/api/a2ui-content \
  -H "Content-Type: application/json" \
  -d '{"terminalId":"<terminalId>"}'
```

```bash
curl -sS -m 5 -w '\nHTTP:%{http_code}\n' \
  http://127.0.0.1:7690/api/a2a/vizit-latest/<terminalId>
```

Interpretation:
- `a2ui-content` has HTML + `vizit-latest` is `204`: sidecar/vizit persistence issue for Pulse.
- `vizit-latest` is `200` with HTML: Pulse has renderable content.

### 5) Recover when Pulse is blank

Use this sequence:

1. Restart sidecar for that terminal:

```bash
curl -sS -X POST http://127.0.0.1:7690/api/restart-sidecar \
  -H "Content-Type: application/json" \
  -d '{"terminalId":"<terminalId>","port":<sidecarPort>}'
```

2. Append a fresh A2UI block with a unique timestamp.
3. Confirm sidecar created a file in:
`/home/yousuf/GoogleDrive/PROJECTS/.triclaude/runtime/terminals/<terminalId>/a2ui/viz_*.html`
4. Recheck `vizit-latest` for `HTTP 200`.

### 6) Release checkout lock

```bash
curl -sS -X POST http://127.0.0.1:7690/api/coordination/checkout \
  -H "Content-Type: application/json" \
  -d '{"terminalId":"<terminalId>","filePath":"<full_file_path>","release":true}'
```

## Style Options

Read `references/style-guide.md` before generating polished visuals.

Default selection for diagnostics:
- `RCF Card` (Root Cause + Fix)

Other supported options:
- `Status Grid`
- `Incident Timeline`
- `Minimal Confirm`

When the user says they like a prior visualization, reuse the same style family and only update content.

## Response Contract

When reporting results to user, always include:
1. Terminal ID used.
2. Which endpoint was failing (`a2ui-content` or `vizit-latest`).
3. Fix steps applied.
4. Final verification result with status code.

Overview

This skill operates and debugs the TriClaude sidecar/A2UI visualization pipeline for security-agent sessions. It produces reliable A2UI/Pulse HTML, diagnoses blank or missing visualizations, and performs safe edits to the a2ui_input.log and sidecar files. Use it to route intents, recover a blank Pulse view, and confirm rendering status across endpoints.

How this skill works

The skill inspects project state via the local API to discover the active terminalId, sidecar port, and runtime log paths. It acquires a file checkout lock, appends properly formatted A2UI HTML blocks with timestamps to a2ui_input.log, and calls both POST /api/a2ui-content and GET /api/a2a/vizit-latest/<terminalId> to verify rendering. When necessary it restarts the sidecar, checks for created viz_*.html files, and then releases the checkout lock.

When to use it

  • Pulse visualization is blank or shows HTTP 204 for vizit-latest
  • A2UI cards or sidecar content are not rendering in the UI
  • You need to append or regenerate visualization HTML that must route to the correct terminal
  • Sidecar keeps restarting or you suspect persistence issues for visualizations
  • You want a safe, reproducible workflow to update a2ui_input.log and verify results

Best practices

  • Always query /api/projects to resolve activeTerminalId and sidecarPort; don’t guess IDs
  • Acquire a checkout lock before any file modification and release it afterward
  • Append with >> and wrap HTML with <!-- A2UI:START --> and <!-- A2UI:END -->, including a unique timestamp comment
  • Verify both POST /api/a2ui-content (HTML) and GET /api/a2a/vizit-latest/<terminalId> (HTTP 200) to determine where the failure lies
  • If vizit-latest is 204, restart the sidecar, append a fresh timestamped block, then confirm viz_*.html was created

Example use cases

  • User reports Pulse section empty — run project discovery, check vizit-latest, restart sidecar if needed, append timestamped A2UI, reverify
  • A2UI panel not rendering — POST to /api/a2ui-content to confirm HTML output and inspect a2ui_input.log for correct A2UI markers
  • Automate a safe update: checkout file, append A2UI block with timestamp, verify endpoints, then release checkout
  • Investigate intermittent sidecar restarts: collect sidecar port, restart via API, confirm viz_*.html generation and HTTP 200 for vizit-latest
  • When asked to reuse a prior visual style, read the style guide and reuse the same family while updating content only

FAQ

What if checkout returns success:false?

Do not edit. Report the lock failure, wait for release or coordinate with the owner, then retry once checkout succeeds.

Which endpoint indicates sidecar persistence issues?

If POST /api/a2ui-content returns HTML but GET /api/a2a/vizit-latest/<terminalId> returns 204, it indicates a sidecar/vizit persistence issue; restart the sidecar and append a fresh timestamped block.