TL;DR Kiro CLI has a feature called "skills" — domain-specific expertise packages you can load on demand. I loaded the aws-cloudformation skill to validate my production Spot Fleet template. It found 4 critical issues including a CloudWatch alarm that literally never worked. Situation I run a development environment on AWS Spot instances — Kiro CLI, VS Code Server, persistent EBS, the works. The CloudFormation stack has been deployed since February 2026. It's been updated once, runs daily, and I considered it production-ready. I was about to upgrade stack and wanted to validate my base template first. Task Verify whether my "security-hardened" template actually follows CloudFormation best practices before using it as the foundation for upgrade. Action Step 1 — Discover the skill: search_documentation("CloudFormation deployment", topics=["agent_skills"]) This returned 5 relevant skills. I picked aws-cloudformation.…