Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

patrykkopycinski/cluster-onboarding

Name: cluster-onboarding
Author: patrykkopycinski

skills/cluster-onboarding/SKILL.md

npx skillsauth add patrykkopycinski/elastic-cursor-plugin cluster-onboarding

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Cluster Onboarding

Help users go from nothing to a fully connected Elastic cluster in under 5 minutes.

Trigger

Use when the user asks to:

"Set up Elasticsearch"
"Connect to my cluster"
"Get started with Elastic"
"Configure my connection"
"First time using Elastic"

Also activates on keywords: "onboarding", "getting started", "new cluster", "connect to Elastic"

Do NOT use when:

User already has a connected cluster and wants to query data (→ use tools directly)
User wants to set up observability (→ o11y-full-setup)
User wants to set up security (→ security-full-setup)

Tools Used

get_deployment_guide — Cloud vs on-prem setup instructions
get_connection_config — Language-specific connection snippets
cloud_api — Elastic Cloud project management
elasticsearch_api — Verify cluster connectivity
esql_query — First-query validation
get_cluster_context — Cluster orientation after connection

Workflow

Step 0: Determine Deployment Preference

Ask once: "Do you prefer Cloud (managed, no servers) or on-prem (Docker)?"

Step 1: Cloud Path

Call get_deployment_guide with preference: "cloud"
Help the user create a project via cloud_api with POST /api/v1/serverless/projects/elasticsearch
Generate an API key via cloud_api
Call get_connection_config for their preferred language

Step 1 (alt): On-Prem Path

Call get_deployment_guide with preference: "on_prem"
Guide through docker compose up -d from the provided template
Call get_connection_config with http://localhost:9200

Step 2: Verify Connection

Call elasticsearch_api with GET / to confirm the cluster is reachable.

Step 3: First Query

Run esql_query with SHOW INFO to display cluster version and validate everything works.

Step 4: Cluster Orientation

Call get_cluster_context to understand what's already in the cluster.

Step 5: Next Steps

Based on the user's use case, suggest:

Search: Index design, mappings, vector search
Observability: o11y-full-setup skill
Security: security-full-setup skill
Data exploration: discover_data tool

Output Format

Present setup as numbered steps with copy-paste code blocks
Include connection config in the user's preferred language
Show the cluster response as confirmation
End with 3-4 recommended next steps

Prerequisites

Internet access (for Cloud path) or Docker installed (for on-prem path)
No existing Elastic configuration required — this is the zero-to-connected workflow

Interactive Dashboard

Interactive Dashboard: When using Claude Desktop or other ext-apps hosts, cluster_overview renders an interactive cluster health dashboard with node topology, shard allocation, and real-time metrics. In Cursor/CLI, it returns markdown.

Related Skills

o11y-full-setup — After onboarding, set up monitoring
security-full-setup — After onboarding, set up security
agent-builder-skill-builder — Build custom tools on top of the cluster

patrykkopycinski/cluster-onboarding

skills/cluster-onboarding/SKILL.md

Guide users from zero to a working Elastic cluster — Cloud or on-prem, connection config, first queries, and next steps.

6 stars

devops

Updated May 27, 2026

$ install --global

skillsauth

npx skillsauth add patrykkopycinski/elastic-cursor-plugin cluster-onboarding

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 27, 2026, 6:26 AM114.0s1 file scanned

SKILL.md

name:: cluster-onboarding
description:: Guide users from zero to a working Elastic cluster — Cloud or on-prem, connection config, first queries, and next steps.

Cluster Onboarding

Help users go from nothing to a fully connected Elastic cluster in under 5 minutes.

Trigger

Use when the user asks to:

"Set up Elasticsearch"
"Connect to my cluster"
"Get started with Elastic"
"Configure my connection"
"First time using Elastic"

Also activates on keywords: "onboarding", "getting started", "new cluster", "connect to Elastic"

Do NOT use when:

User already has a connected cluster and wants to query data (→ use tools directly)
User wants to set up observability (→ o11y-full-setup)
User wants to set up security (→ security-full-setup)

Tools Used

get_deployment_guide — Cloud vs on-prem setup instructions
get_connection_config — Language-specific connection snippets
cloud_api — Elastic Cloud project management
elasticsearch_api — Verify cluster connectivity
esql_query — First-query validation
get_cluster_context — Cluster orientation after connection

Workflow

Step 0: Determine Deployment Preference

Ask once: "Do you prefer Cloud (managed, no servers) or on-prem (Docker)?"

Step 1: Cloud Path

Call get_deployment_guide with preference: "cloud"
Help the user create a project via cloud_api with POST /api/v1/serverless/projects/elasticsearch
Generate an API key via cloud_api
Call get_connection_config for their preferred language

Step 1 (alt): On-Prem Path

Call get_deployment_guide with preference: "on_prem"
Guide through docker compose up -d from the provided template
Call get_connection_config with http://localhost:9200

Step 2: Verify Connection

Call elasticsearch_api with GET / to confirm the cluster is reachable.

Step 3: First Query

Run esql_query with SHOW INFO to display cluster version and validate everything works.

Step 4: Cluster Orientation

Call get_cluster_context to understand what's already in the cluster.

Step 5: Next Steps

Based on the user's use case, suggest:

Search: Index design, mappings, vector search
Observability: o11y-full-setup skill
Security: security-full-setup skill
Data exploration: discover_data tool

Output Format

Present setup as numbered steps with copy-paste code blocks
Include connection config in the user's preferred language
Show the cluster response as confirmation
End with 3-4 recommended next steps

Prerequisites

Internet access (for Cloud path) or Docker installed (for on-prem path)
No existing Elastic configuration required — this is the zero-to-connected workflow

Interactive Dashboard

Interactive Dashboard: When using Claude Desktop or other ext-apps hosts, cluster_overview renders an interactive cluster health dashboard with node topology, shard allocation, and real-time metrics. In Cursor/CLI, it returns markdown.

Related Skills

o11y-full-setup — After onboarding, set up monitoring
security-full-setup — After onboarding, set up security
agent-builder-skill-builder — Build custom tools on top of the cluster

Related Skills

patrykkopycinski/security-threat-hunting

testing

VerifiedTrustedCommunity

Interactive threat hunting workflow using ES|QL and Elasticsearch queries — from hypothesis formulation through data exploration, IOC search, and finding documentation.

6SKILL.mdUpdated May 27, 2026

patrykkopycinski/security-threat-hunting

patrykkopycinski/security-inbox

testing

VerifiedTrustedCommunity

Start your security session with a personalized briefing — attacks, alerts, cases, rules, threat intel. Use as the first thing when starting security work.

6SKILL.mdUpdated May 27, 2026

patrykkopycinski/security-inbox

patrykkopycinski/security-full-setup

testing

VerifiedTrustedCommunity

Interactive guide for complete Elastic Security setup — discovers data sources, assesses detection coverage, configures rules, and creates security dashboards.

6SKILL.mdUpdated May 27, 2026

patrykkopycinski/security-full-setup

patrykkopycinski/security-detection-engineering

testing

VerifiedTrustedCommunity

Guide for authoring custom detection rules — from threat hypothesis through rule creation, testing, and tuning with KQL, EQL, ES|QL, and threshold rules.

6SKILL.mdUpdated May 27, 2026

patrykkopycinski/security-detection-engineering

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/patrykkopycinski/elastic-cursor-plugin.git

# Copy into Claude Code skills folder (global)
cp -r elastic-cursor-plugin/skills/cluster-onboarding ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

patrykkopycinski/elastic-cursor-plugin

6 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT