lanej/gcp
claude/skills/gcp/SKILL.md
Google Cloud Platform and Vertex AI patterns, quirks, and SDK usage for Claude/Anthropic models on Vertex AI. Use when working with GCP, Vertex AI, the Anthropic Vertex SDK, or deploying Claude models on Google Cloud.
$ install --global
skillsauthnpx skillsauth add lanej/dotfiles gcpInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 26, 2026, 7:39 AM105.3s1 file scanned
SKILL.md
- name:
- gcp
- description:
- Google Cloud Platform and Vertex AI patterns, quirks, and SDK usage for Claude/Anthropic models on Vertex AI. Use when working with GCP, Vertex AI, the Anthropic Vertex SDK, or deploying Claude models on Google Cloud.
GCP / Vertex AI Skill
Anthropic on Vertex AI — Critical Quirks
These are failure modes discovered through direct use. Follow exactly.
Model IDs
Use no version suffix for the latest model on Vertex:
// ✅ Correct (gets latest)
model: 'claude-sonnet-4-5'
// ❌ Wrong (version suffix not supported on Vertex)
model: 'claude-sonnet-4-6'
SDK Selection
Use @anthropic-ai/vertex-sdk, NOT @google-cloud/vertexai:
npm install @anthropic-ai/vertex-sdk
The @google-cloud/vertexai package uses the wrong publisher path for Claude models and will fail with auth or routing errors.
Publisher path: Claude models live at publishers/anthropic, not publishers/google.
anthropic_beta Header
Must be passed as an array in the request body — NOT as an HTTP header:
// ✅ Correct: array in body
client.messages.create({
model: 'claude-sonnet-4-5',
max_tokens: 8000,
anthropic_beta: ['interleaved-thinking-2025-05-14'], // ← body, not header
messages: [...]
});
// ❌ Wrong: HTTP header
headers: { 'anthropic-beta': 'interleaved-thinking-2025-05-14' }
thinking Parameter
{ type: 'adaptive' } is NOT supported on Vertex. Use explicit enabled with a budget:
// ✅ Correct for Vertex
thinking: { type: 'enabled', budget_tokens: 10000 }
// ❌ Not supported on Vertex
thinking: { type: 'adaptive' }
Authentication
Standard GCP application default credentials work:
gcloud auth application-default login
gcloud config set project YOUR_PROJECT_ID
The Vertex SDK picks up ADC automatically. No explicit token management needed for local development.
Secret Manager — Env Var Injection Includes Raw Bytes
When Cloud Run (or any GCP service) injects a Secret Manager secret as an environment variable, the raw bytes are used verbatim — including any trailing newline if the secret was stored with one.
os.environ.get("MY_SECRET") returns "value\n" not "value". This causes silent bugs: API validators that check token length reject the value; string comparisons fail; authentication breaks.
Store secrets without trailing newlines:
# Wrong — echo appends \n
echo "my-token" | gcloud secrets versions add my-secret --data-file=-
# Correct
printf '%s' "my-token" | gcloud secrets versions add my-secret --data-file=-
echo -n "my-token" | gcloud secrets versions add my-secret --data-file=-
Verify: gcloud secrets versions access latest --secret=NAME | wc -c should equal exactly the token length (no +1).
In Python, .strip() secrets from env when used in length-sensitive or comparison contexts:
token = os.environ.get("MY_SECRET", "").strip()
Cloud Monitoring — notification_rate_limit Only for Log-Based Alerts
alert_strategy.notification_rate_limit inside google_monitoring_alert_policy (Terraform / OpenTofu) is only valid for log-based alert policies. Applying it to metric-based policies returns HTTP 400:
Error creating AlertPolicy: googleapi: Error 400: Field alertStrategy.notificationRateLimit
had an invalid value: only log-based alert policies may specify a notification rate limit
Fix: omit the alert_strategy block entirely for metric-based policies (e.g., alerting on Cloud Run completed_execution_count):
# ❌ Wrong for metric-based
resource "google_monitoring_alert_policy" "my_alert" {
alert_strategy {
notification_rate_limit {
period = "3600s"
}
}
}
# ✅ Correct — no alert_strategy for metric-based
resource "google_monitoring_alert_policy" "my_alert" {
display_name = "My Alert"
combiner = "OR"
conditions { ... }
notification_channels = [...]
}
BigQuery + Vertex AI
When combining BigQuery data with Vertex AI Claude calls, prefer the bigquery CLI skill for queries and pass results as structured context in the Claude API request body.
Related Skills
lanej/dora
devops
VerifiedTrustedCommunity
DORA engineering metrics project at ~/src/dora. Load when: querying DORA BigQuery views (deployment frequency, lead time, change failure rate, alerts, review time) from any project; joining against DORA.unified_identity or DORA_clean.* views from any project; running the data pipeline (just refresh, just download-*, just upload-*); making OpenTofu infrastructure changes to DORA tables or views; working with team attribution, team identity, or engineer roster data.
39SKILL.mdUpdated Jun 12, 2026
lanej/data-pipeline
development
VerifiedTrustedCommunity
Data pipeline architecture patterns and best practices, including medallion/three-layer architecture (Raw/Staging/Enriched or Bronze/Silver/Gold), YAML-based schema management, and ETL workflow patterns. Use when designing or implementing data pipelines, working with data warehouse layers, or managing table schemas in YAML.
39SKILL.mdUpdated Jun 12, 2026
lanej/research
data-ai
VerifiedTrustedCommunity
Delegate research and context-gathering tasks to a sub-agent to protect the primary context window. Use when the user asks to "research X", "look into X", "find out about X", "gather context on X", or any investigative framing where answering requires 2+ searches or multiple sources. Also use proactively before starting substantive work when prior context is unknown. Never run research inline — always delegate.
39SKILL.mdUpdated May 31, 2026
lanej/claude/skills/qmd-math
documentation
VerifiedTrustedCommunity
--- name: qmd-math description: Math notation conventions for Quarto/EPQ documents rendered via lualatex. Use when: writing or adding a formula, equation, or mathematical expression to a .qmd file; asked about display math, inline math, or LaTeX notation in a QMD/Quarto context; defining a where-clause or variable definitions for an equation; converting prose variable descriptions into structured math notation; fixing math that renders badly in a PDF; using \lvert, \begin{aligned}, \tfrac, \text
39SKILL.mdUpdated May 26, 2026