igorganapolsky/skills/applyops-deploy
skills/applyops-deploy/SKILL.md
# Skill: ApplyOps Deploy Repeatable skill for deploying ApplyOps pages to GitHub Pages with full analytics. ## When to use - After any ApplyOps page edit (pricing, copy, new tier) - After rotating analytics keys - When CEO says "ApplyOps is down" or pages return 404 ## Architecture - **Source of truth:** `IgorGanapolsky/Resume` repo, `docs/applyops/` (private) - **Deployed to:** `IgorGanapolsky/IgorGanapolsky.github.io` repo, `/applyops/` (public) - The Resume repo is private — GitHub Pages
$ install --global
skillsauthnpx skillsauth add igorganapolsky/mcp-memory-gateway skills/applyops-deployInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 27, 2026, 2:16 AM7.6s1 file scanned
SKILL.md
Skill: ApplyOps Deploy
Repeatable skill for deploying ApplyOps pages to GitHub Pages with full analytics.
When to use
- After any ApplyOps page edit (pricing, copy, new tier)
- After rotating analytics keys
- When CEO says "ApplyOps is down" or pages return 404
Architecture
- Source of truth:
IgorGanapolsky/Resumerepo,docs/applyops/(private) - Deployed to:
IgorGanapolsky/IgorGanapolsky.github.iorepo,/applyops/(public) - The Resume repo is private — GitHub Pages cannot serve from it. All public pages live in the
.github.iorepo.
Prerequisites
ghCLI authenticated- Analytics keys available in ThumbGate repo
.envor memory
Steps
1. Copy pages from Resume repo to public site repo
cd /Users/igorganapolsky/workspace/git/igor
# Clone if needed
[ -d IgorGanapolsky.github.io ] || git clone https://github.com/IgorGanapolsky/IgorGanapolsky.github.io.git
# Sync pages
cp Resume/docs/applyops/*.html IgorGanapolsky.github.io/applyops/
2. Inject analytics into all HTML pages
Every ApplyOps HTML file must have these three providers before </head>:
Plausible (tagged-events for custom event names):
<script defer data-domain="igorganapolsky.github.io" src="https://plausible.io/js/script.tagged-events.js"></script>
<script>window.plausible=window.plausible||function(){(window.plausible.q=window.plausible.q||[]).push(arguments)};</script>
GA4:
<script async src="https://www.googletagmanager.com/gtag/js?id=G-SZR5039QN4"></script>
<script>window.dataLayer=window.dataLayer||[];function gtag(){dataLayer.push(arguments)}gtag("js",new Date());gtag("config","G-SZR5039QN4");</script>
PostHog:
<script>!function(t,e){...posthog snippet...}(document,window.posthog||[]);posthog.init("$POSTHOG_API_KEY",{api_host:"https://us.i.posthog.com"})</script>
Get the PostHog project API key from
.env(POSTHOG_API_KEY) or the PostHog dashboard.
3. Add CTA click tracking
Every Stripe buy link must have onclick handlers:
onclick="try{plausible('applyops_cta_click',{props:{tier:'snapshot',price:49,placement:'hero'}})}catch(_){};try{posthog.capture('applyops_cta_click',{tier:'snapshot',price:49,placement:'hero'})}catch(_){}"
Tiers: snapshot ($49), pro ($149), dfy ($1500).
Placements: hero, card.
4. Push to public repo
cd /Users/igorganapolsky/workspace/git/igor/IgorGanapolsky.github.io
git checkout -b feat/applyops-update
git add applyops/
git commit -m "feat(applyops): update pages"
GIT_ASKPASS="" GH_TOKEN=$(gh auth token) git -c credential.helper='!f(){ echo "username=x-access-token"; echo "password=$GH_TOKEN"; }; f' push -u origin feat/applyops-update
gh pr create --repo IgorGanapolsky/IgorGanapolsky.github.io --title "update applyops pages" --body "..."
gh pr merge <PR#> --repo IgorGanapolsky/IgorGanapolsky.github.io --squash
5. Verify
# Page is live
curl -sf https://igorganapolsky.github.io/applyops/ | grep -c 'ApplyOps'
# All 3 analytics present
curl -sL https://igorganapolsky.github.io/applyops/ | grep -oE 'plausible|posthog|gtag' | sort -u
# Stripe links resolve
curl -sL -o /dev/null -w '%{http_code}' 'https://buy.stripe.com/3cIaEX1M80aO9G1fSH3sI2N'
# Plausible collecting data
source /Users/igorganapolsky/workspace/git/igor/ThumbGate/repo/.env
curl -s -H "Authorization: Bearer $PLAUSIBLE_API_KEY" \
'https://plausible.io/api/v1/stats/aggregate?site_id=igorganapolsky.github.io&period=7d&metrics=visitors'
# Subpages
curl -sf https://igorganapolsky.github.io/applyops/intake.html | grep -c 'Intake'
curl -sf https://igorganapolsky.github.io/applyops/sample-truth-snapshot.html | grep -c 'Truth Snapshot'
Current Stripe links (last verified 2026-05-26)
| Tier | Price | Stripe Link ID |
|------|-------|---------------|
| Truth Snapshot | $49 | 3cIaEX1M80aO9G1fSH3sI2N |
| Resume OS Pro | $149 | 3cI3cvgH26zccSd7mb3sI2O |
| Done-For-You Sprint | $1,500 | 9B600j4YkcXAcSdayn3sI2P |
Plausible event reference
| Event | Props | Source |
|-------|-------|--------|
| applyops_cta_click | tier, price, placement | Client-side onclick |
Gotchas
- The
.github.iorepo uses HTTPS credential helper, not SSH. Use theGH_TOKENpush pattern above. - Resume repo is private. Never make it public — it has personal application data.
- Plausible domain is
igorganapolsky.github.io, NOTthumbgate-production.up.railway.app.
Related Skills
igorganapolsky/thumbgate-rules
tools
VerifiedTrustedCommunity
List the active ThumbGate prevention rules, reliability rules, and the promoted lessons behind them, so the user can see which guardrails are currently protecting this project and WHY each one exists. Reads the live rule and lesson stores via the prevention_rules, get_reliability_rules, and search_lessons MCP tools (CLI fallback `npx thumbgate rules`). Use when the user says "what is ThumbGate protecting me from", "show my rules", "show my gates", "what has the agent learned", "list active guardrails", or "what's blocked here". Do NOT use to CREATE a new rule (use the thumbgate-guard skill), to see runtime enforcement counts of what actually fired (use the thumbgate-blocked skill), or to diagnose whether ThumbGate is wired up at all (use the thumbgate-doctor skill).
23SKILL.mdUpdated Jun 12, 2026
igorganapolsky/thumbgate-protect
tools
VerifiedTrustedCommunity
Inspect this repo's branch and release governance (protected branches, release rules, protected-file globs) and, only when the user explicitly approves, grant a scoped, time-limited exception so a protected-file edit or publish can proceed under audit. Reads posture via the get_branch_governance MCP tool and records a narrow, expiring approval via the approve_protected_action MCP tool. Use when the user says "is main protected", "show branch governance", "what am I blocked from editing", "approve this protected change", or "let me edit a protected file just this once". Do NOT use to disable protection wholesale, to grant broad or standing exceptions, or to diagnose hook wiring (use the thumbgate-doctor skill) — this skill is for narrow, temporary, audited approvals only.
23SKILL.mdUpdated Jun 12, 2026
igorganapolsky/thumbgate-guard
tools
VerifiedTrustedCommunity
Turn the agent's most recent mistake into an enforced ThumbGate prevention rule (a PreToolUse block gate) so the same bad tool call is intercepted before it runs again, in this and every future session across Claude Code, Cursor, Codex, Gemini, Amp, and Cline. Captures the failure with the capture_feedback MCP tool, then force-promotes it via `npx thumbgate force-gate` so it is enforced, not just logged. Use when the user says "guard against this", "block this from happening again", "never do that again", "make that a rule", "stop the agent from repeating that", or right after a bad action or thumbs-down that should become a hard rule. Do NOT use to merely log a thumbs-up/down without enforcement (use the thumbgate-feedback skill), to recall prior context before starting work (use the Agent Memory skill), or to list rules that already exist (use the thumbgate-rules skill).
23SKILL.mdUpdated Jun 12, 2026
igorganapolsky/thumbgate-doctor
tools
VerifiedTrustedCommunity
Health-check whether ThumbGate is actually wired into this agent — PreToolUse/SessionStart hooks installed, MCP server reachable, lesson store present, statusline, and overall agent-readiness — then report exactly what to fix. Runs the existing `npx thumbgate doctor` audit and the check_operational_integrity MCP tool. Use when the user says "is ThumbGate wired up", "thumbgate doctor", "check my guardrails are installed", "why aren't my gates firing", "is the MCP server connected", or "agent readiness". Do NOT use to view rules (use the thumbgate-rules skill), to view what was blocked (use the thumbgate-blocked skill), or to capture a new rule (use the thumbgate-guard skill) — this skill only diagnoses setup and wiring.
23SKILL.mdUpdated Jun 12, 2026