nixopus/deployment-analysis
skills/deployment-analysis/SKILL.md
Analyze a repository to determine ecosystem, deployment targets, ports, build commands, and monorepo structure. Use when starting a new deployment, onboarding a repository, or when the user asks what stack or framework a project uses.
$ install --global
skillsauthnpx skillsauth add nixopus/agent deployment-analysisInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 8:59 PM234.6s1 file scanned
SKILL.md
- name:
- deployment-analysis
- description:
- Analyze a repository to determine ecosystem, deployment targets, ports, build commands, and monorepo structure. Use when starting a new deployment, onboarding a repository, or when the user asks what stack or framework a project uses.
- version:
- 1.0
Deployment Analysis
When analyzing a repository for deployment, follow this sequence using workspace tools.
Step 1: Project structure
Run list_directory on the repo root. Look for:
| File | Meaning |
|------|---------|
| package.json | Node.js (check engines, scripts.start, scripts.build) |
| go.mod | Go |
| requirements.txt / pyproject.toml / Pipfile | Python |
| Cargo.toml | Rust |
| pom.xml / build.gradle | Java |
| Gemfile | Ruby |
| mix.exs | Elixir |
| Dockerfile | Already containerized |
| docker-compose.yml / docker-compose.yaml | Multi-service |
| .env.example / .env.sample | Env vars documented |
Step 2: Detect ecosystem and framework
Read the manifest file to identify the framework:
Node.js — read package.json:
dependencies.next→ Next.js. Default port 3000. Build:npm run build. Start:npm start.dependencies.nuxt→ Nuxt. Default port 3000.dependencies.react-scripts→ Create React App. Static build. Port 80 (nginx).dependencies.vite→ Vite app. Build outputs todist/. Static or SSR depending on config.dependencies.expressordependencies.fastifyordependencies.hono→ API server. Checkscripts.startfor port.dependencies.@remix-run/node→ Remix. Port 3000.dependencies.astro→ Astro. Check if SSR or static.
Go — read go.mod: Check module path. Look for main.go or cmd/ directory. Default port 8080.
Python — read requirements.txt or pyproject.toml:
django→ Django. Default port 8000. Start:gunicornorpython manage.py runserver.flask→ Flask. Default port 5000. Start:gunicorn app:app.fastapi→ FastAPI. Default port 8000. Start:uvicorn main:app.
Rust — read Cargo.toml: Check [dependencies] for actix-web, axum, rocket. Default port 8080.
Step 3: Detect port
Priority order for port detection:
Dockerfile— look forEXPOSEdirectivedocker-compose.yml— look forports:mapping.env.example— look forPORT=- Manifest file — check start script for
--port,-p, orPORTreferences - Source code —
grep("listen|EXPOSE|PORT", repoRoot)for hardcoded ports - Framework default (see table above)
Step 4: Monorepo detection
Signs of a monorepo:
apps/orpackages/orservices/directories at rootturbo.jsonornx.jsonorlerna.jsonorpnpm-workspace.yaml- Multiple
package.jsonfiles in subdirectories - Multiple
Dockerfilefiles in subdirectories
For monorepos:
- Each service under
apps/orservices/is a separate deployment target - Check each service's manifest for its own port and build command
docker-compose.ymlis likely needed- Check for shared dependencies in root
package.json
Step 5: Build command detection
| Ecosystem | Install | Build | Start |
|-----------|---------|-------|-------|
| Node (npm) | npm install | npm run build | npm start |
| Node (yarn) | yarn install | yarn build | yarn start |
| Node (pnpm) | pnpm install | pnpm build | pnpm start |
| Go | go mod download | go build -o app ./... | ./app |
| Python (pip) | pip install -r requirements.txt | n/a | gunicorn/uvicorn |
| Python (poetry) | poetry install | n/a | poetry run |
| Rust | n/a | cargo build --release | ./target/release/<name> |
| Java (Maven) | mvn install | mvn package | java -jar target/*.jar |
| Java (Gradle) | gradle build | gradle build | java -jar build/libs/*.jar |
Detect package manager: check for yarn.lock (yarn), pnpm-lock.yaml (pnpm), package-lock.json (npm), bun.lockb (bun).
Output
After analysis, you should know:
- Ecosystem and framework
- Port number
- Build and start commands
- Whether a Dockerfile exists
- Whether docker-compose is needed
- What env vars are required
Related Skills
env-detection— After analysis, detect required environment variablesdockerfile-generation— Generate a Dockerfile based on the detected ecosystempre-deploy-checklist— Validate deployment readiness before triggering a build- Language-specific skills (
node-deploy,python-deploy,go-deploy, etc.) — Detailed build and deploy instructions for the detected ecosystem
Related Skills
nixopus/api-catalog
tools
VerifiedTrustedCommunity
Compressed catalog of all Nixopus API operations for the nixopus_api() tool
1SKILL.mdUpdated Apr 26, 2026
nixopus/static-deploy
development
VerifiedTrustedCommunity
Deploy static file sites — Caddy/nginx serving, Staticfile config, and Dockerfile patterns. Use when deploying a static HTML site with no server-side runtime, or when index.html or a Staticfile is detected at the project root.
1SKILL.mdUpdated Apr 22, 2026
nixopus/shell-deploy
devops
VerifiedTrustedCommunity
Deploy shell script applications — interpreter detection, setup scripts, and Dockerfile patterns. Use when deploying a shell script project, or when start.sh is detected.
1SKILL.mdUpdated Apr 22, 2026
nixopus/self-heal
development
VerifiedTrustedCommunity
Self-healing loop for failed deployments — diagnose, fix, redeploy up to 3 attempts, then escalate or rollback. Load when a deployment fails or build errors occur.
1SKILL.mdUpdated Apr 22, 2026