Create your own skills to teach me exactly how your team works. Write a playbook once, and I’ll follow it precisely every time the situation calls for it — no repeated instructions, no drift, no guessing.
Think of your own skill as your team’s institutional knowledge, packaged so I can act on it. If we run weekly security reviews a certain way, investigate vulnerabilities with a specific checklist, or always notify a particular channel before closing a finding — that’s a skill worth capturing.
Your skills follow the Agent Skills open standard, so they’re portable, versioned, and built to last.
How it works
When a conversation starts, I scan the skill catalog and ask: does any skill match what’s being asked? If yes, I load it immediately and follow the playbook it defines — before doing anything else.
This means your custom workflows run consistently, every time, without anyone having to remind me.
Creating your own skill
Go to Settings → Pleri Skills and click New skill. You’ll need:
- Name — a short slug used to identify the skill, e.g.
weekly-k8s-review
- Display name — the human-readable label shown in the UI, e.g.
Weekly Kubernetes review
- Description — the most important field. This is what I read to decide when to load the skill. Be specific about what triggers it and what it should not be used for
- Instructions — the full playbook I follow once the skill is loaded. Use clear, step-by-step language
A good description includes explicit trigger phrases and an exclusion line. For example: “Use for weekly Kubernetes security reviews. Do NOT use for ad hoc cluster questions or one-off CVE lookups.”
Skill scope
Every skill has a scope that controls who can see and use it:
- User — private to you. Only you can see, edit, and trigger this skill. Great for personal workflows, experiments, or role-specific playbooks you don’t need to share
- Tenant — shared across your entire organization. Only admins can create or modify tenant skills, but they apply to every user automatically. Use these for agreed-upon team processes like escalation procedures or compliance checks
Tenant skills take precedence over user skills. If a user skill and a tenant skill share the same name, the tenant skill wins. This means admins can enforce organization-wide standards that individual users can’t accidentally override.
Start with a user-scoped skill to iterate quickly, then promote it to tenant scope once the team agrees on the process.
Template skills
Not sure where to start? The skill template gallery gives you pre-built playbooks you can install with one click. Each template is a fully written skill covering a common security workflow, ready to use out of the box or customize to fit your team.
Go to Settings → Pleri Skills and click Templates to browse the gallery. Available templates include:
| Template | What it does |
|---|
| Incident Response Runbook | Structured incident response following NIST SP 800-61 and SANS frameworks |
| Executive Risk Report | CxO-level risk summaries with trend analysis |
| Compliance Audit | Audit against SOC 2, ISO 27001, PCI-DSS, NIST CSF, CIS Benchmarks, and HIPAA |
| Vulnerability Triage | CVE investigation with CVSS scoring and composite risk assessment |
| Brand Guide | Enforce brand voice, formatting, and terminology standards in reports |
| Weekly Security Digest | Structured weekly summaries with metrics and trends |
Importing skills
You can import skills from external sources instead of building them from scratch. This is useful for sharing skills across teams, pulling in community playbooks, or migrating skills between environments.
Import from a zip file
Go to Settings → Pleri Skills and click Import. Upload a .zip file containing a SKILL.md at the root. The SKILL.md file uses frontmatter to define the skill metadata:
---
name: my-custom-skill
description: Use when asked to run a custom security check.
instructions: |
1. Pull all open findings from the last 7 days
2. Group by severity
3. Post a summary to Slack
---
Import from GitHub
You can also import directly from a GitHub repository URL. Just paste the repo URL and I’ll pull the skill definition from it. Supported formats:
https://github.com/owner/repo — imports from the repo roothttps://github.com/owner/repo/tree/branch/subdirectory — imports from a specific subdirectory
The repository must contain a SKILL.md file at the target location.
If an imported skill has the same name as an existing skill, a numeric suffix is added automatically (e.g., my-skill becomes my-skill-2) so nothing gets overwritten.
Attaching files
Skills can carry supporting files — scripts, reference documents, or other assets your playbook depends on. Files live in three directories:
| Directory | Purpose |
|---|
scripts/ | Executable scripts the skill can reference, e.g. a Python data extraction script |
references/ | Supporting docs, checklists, or runbooks the skill should consult |
assets/ | Other resources, templates, or data files |
Examples
Here are a few examples to show what’s possible.
Branded security reports
One of the most powerful uses of creating your own skills is producing reports that look like they came from your team, not a chatbot. Attach your brand guidelines as a reference file, point me to your logo, and I’ll apply your colour palette, typography, and layout rules every time I generate an HTML report.
Name: branded-security-report
Description: Use when asked to generate a security report, executive summary, or
board-ready output. Do NOT use for quick chat summaries or Slack messages.
Instructions:
1. Load references/brand-guidelines.md for colour palette, fonts, and layout rules
2. Use the logo at https://cdn.example.com/logo/plerion-logo.png in the header
3. Structure the report with: executive summary, key findings, risk breakdown, recommended actions
4. Apply the primary colour (#FF6B35) to headings and severity badges
5. Include a footer with the report date and "Confidential — internal use only"
6. Output as HTML, ready to print or export to PDF
references/brand-guidelines.md and I’ll read them every time this skill loads. Logos are referenced by URL for now — link to your CDN or any publicly accessible image.
Weekly Kubernetes security review
Name: weekly-k8s-review
Description: Use when asked to run a weekly Kubernetes security review. Covers
cluster misconfigurations, RBAC risks, pod security, and image vulnerabilities.
Do NOT use for ad hoc cluster questions.
Instructions:
1. Pull all open Kubernetes findings from the last 7 days
2. Group by severity: critical, high, medium
3. For each critical finding, check if a Jira ticket already exists — create one if not
4. Summarise the top 5 risks with recommended next steps
5. Post a summary to #security-reviews in Slack
CVE triage for Python services
Name: python-cve-triage
Description: Use when asked to triage or investigate a CVE affecting our Python
services. Do NOT use for non-Python languages or general CVE lookups.
Instructions:
1. Search our code repositories for the affected package and version
2. List all impacted services with their current version and owner
3. Assess exploitability — is this actually reachable in our environment?
4. Draft a Jira ticket for each affected service with severity, impact, and a fix recommendation
5. Flag any service in production as P1
Production finding escalation
Name: prod-finding-escalation
Description: Use when a critical or high finding is detected in a production account.
Triggers on phrases like "production finding", "prod alert", or "escalate finding".
Do NOT use for staging or dev environments.
Instructions:
1. Confirm the finding is in a production-tagged account
2. Assess blast radius — what assets are affected?
3. Create a Jira P1 ticket assigned to the on-call engineer
4. Send a Slack message to #security-incidents with the finding summary and ticket link
5. Set a follow-up task to check status in 24 hours
Working with skills conversationally
You can also ask me to create, update, or manage skills directly in chat:
Create a skill that runs a daily check on our S3 buckets for public access.
It should notify #cloud-security if anything is found.
Show me all our skills and their current status.
Update the python-cve-triage skill to also check our Bitbucket repositories.
Smarter questions, better guidance
When a skill needs input from you before proceeding, I’ll ask structured questions with clear options to choose from. Each option includes a short label and a description explaining the trade-offs, so you can make an informed decision quickly. When it helps, I’ll show side-by-side previews of code snippets or configurations so you can visually compare approaches.
You’ll also see contextual nudges throughout the UI that suggest relevant skills, highlight best practices, and guide you toward the right workflow for the task at hand.
Disabling a skill
If a skill is no longer relevant, you can disable it from the Pleri Skills settings page. Disabled skills stay saved but won’t appear in the catalog or be loaded by me — so you can safely pause them without losing the playbook.
Limitations
- Text files only: Skill files currently support text-based formats —
.md, .txt, .py, .sh, .js, .ts, .json, .yaml, .yml, .csv, .html, and .css. Binary files such as images, PDFs, and office documents are not supported yet. For logos and images, reference them by URL in your skill instructions instead.
- File size: Individual files are capped at 400KB.
- Logos by URL: Logo and image assets must be hosted externally and referenced as a URL in the skill instructions or brand guidelines file.
