> browse/registry

> checkov

Expert guidance for Checkov, the static analysis tool for infrastructure-as-code that scans Terraform, CloudFormation, Kubernetes, Helm, Dockerfile, and ARM templates for security misconfigurations and compliance violations. Helps developers integrate Checkov into CI/CD pipelines and write custom policies.

> grype

Expert guidance for Grype, the open-source vulnerability scanner by Anchore that finds known vulnerabilities (CVEs) in container images, filesystems, and SBOMs. Helps developers integrate Grype into CI/CD pipelines, triage findings, and combine it with Syft for SBOM generation.

> azure-blob-storage

Store and manage unstructured data with Azure Blob Storage. Create containers, upload and organize blobs, configure access tiers (Hot, Cool, Archive) for cost optimization, generate SAS tokens for secure temporary access, and set lifecycle management policies.

> docker-helper

Build, debug, and optimize Docker configurations. Use when a user asks to create a Dockerfile, fix Docker build errors, optimize image size, write docker-compose files, debug container issues, set up multi-stage builds, or troubleshoot networking between containers. Covers Dockerfile best practices and compose orchestration.

> snyk

Find and fix vulnerabilities in code and dependencies with Snyk. Use when a user asks to scan for security vulnerabilities, audit npm packages, check Docker images for CVEs, or integrate security into CI/CD.

> fly-io

Assists with deploying applications globally on Fly.io edge infrastructure. Use when deploying Docker-based apps, configuring multi-region machines, setting up persistent storage, or managing global databases. Trigger words: fly.io, fly deploy, fly machines, fly launch, multi-region, edge deployment, flyctl.

> dagger

Write CI/CD pipelines as code with Dagger — portable, cacheable, container-based pipelines that run locally and in any CI system. Use when someone asks to "write CI pipeline in TypeScript", "portable CI/CD", "run GitHub Actions locally", "Dagger pipeline", "CI as code", "containerized build pipeline", or "test my CI locally before pushing". Covers Dagger SDK (TypeScript/Python), pipeline composition, caching, secrets, and multi-stage builds.

> koyeb

Expert guidance for Koyeb, the serverless cloud platform for deploying full-stack applications, APIs, and workers globally with automatic scaling, built-in CI/CD, and edge networking. Helps developers deploy applications from Git or Docker with zero-downtime deployments and pay-per-use pricing.

> appsmith

Build internal tools, admin panels, and dashboards with Appsmith. Use when a user asks to create CRUD interfaces, connect to databases or APIs with drag-and-drop widgets, write JSObjects for business logic, or self-host Appsmith with Docker or Kubernetes.

> aws-ecs

Run containerized applications with Amazon ECS. Define tasks and services, deploy on Fargate for serverless containers or EC2 for full control. Configure load balancing, auto-scaling, and service discovery for production workloads.

> agent-sandbox

Run AI agent code safely in isolated sandboxes with resource limits, audit trails, and kill switches. Use when someone asks to "sandbox my agent", "run agent code safely", "add guardrails to AI agent", "isolate agent execution", "audit agent actions", "prevent agent from deleting files", "restrict agent permissions", or "add safety controls to AI coding agent". Covers Docker isolation, filesystem restrictions, network policies, resource locking, and comprehensive audit logging.

> gcp-cloud-run

Deploy serverless containers on Google Cloud Run. Build and push container images, configure auto-scaling from zero, split traffic between revisions for canary deployments, and set up custom domains with managed TLS.

> nixpacks

Expert guidance for Nixpacks, the build system created by Railway that automatically detects your application's language and framework, installs dependencies, and produces optimized Docker images — all without writing a Dockerfile. Helps developers configure Nixpacks for custom build steps, multi-language projects, and CI/CD integration.

> packer

HashiCorp Packer for building automated machine images. Use when the user needs to create AMIs, Docker images, or GCP images using HCL templates with provisioners for consistent, reproducible infrastructure images.

> dokploy

Expert guidance for Dokploy, the open-source, self-hosted Platform as a Service alternative to Vercel, Netlify, and Heroku. Helps developers deploy applications, databases, and services on their own VPS with automatic SSL, Docker-based isolation, and a web dashboard for management.

> kamal

Deploy web applications to any server with Kamal — zero-downtime Docker deployments without Kubernetes. Use when someone asks to "deploy to a VPS", "deploy without Kubernetes", "Kamal deploy", "simple Docker deployment", "deploy Rails/Node/Python to a server", "zero-downtime deployment to bare metal", or "replace Heroku with a VPS". Covers Docker-based deployment, zero downtime with Traefik, multi-server, secrets, and accessory services.

> testcontainers

When the user wants to run integration tests with real dependencies using Docker containers managed by Testcontainers. Also use when the user mentions "testcontainers," "integration testing with Docker," "database integration tests," "containerized tests," or "test with real database." For API mocking without containers, see mockoon or wiremock.

> picoclaw

Set up, configure, and manage PicoClaw — an ultra-lightweight personal AI assistant built in Go. Use when the user mentions "picoclaw," "pico claw," "lightweight AI assistant," or wants to deploy a personal AI agent on low-resource hardware (Raspberry Pi, RISC-V boards). Covers installation, LLM provider configuration, messaging gateway setup (Telegram, Discord, Slack, LINE, DingTalk), scheduled tasks, heartbeat, workspace layout, security sandbox, and Docker deployment.

> renovate

Assists with automating dependency updates across JavaScript, Python, Docker, Go, Rust, Terraform, and 50+ ecosystems using Renovate. Use when configuring update strategies, automerge policies, grouping rules, or scheduling to keep dependencies current. Trigger words: renovate, dependency updates, automerge, package rules, dependency management.

> falco

Expert guidance for Falco, the CNCF runtime security tool that detects anomalous behavior in containers and Kubernetes clusters using system call monitoring. Helps developers set up Falco for detecting shell spawns in containers, unexpected network connections, file access violations, and privilege escalation — all in real-time with zero application changes.