> browse/registry

> arcjet

Expert guidance for Arcjet, the developer-first security platform that provides rate limiting, bot protection, email validation, and attack detection as a code-first SDK. Helps developers add security layers to Next.js, Node.js, and other JavaScript/TypeScript applications without managing infrastructure.

> nikto

Scan web servers for vulnerabilities with Nikto. Use when a user asks to audit web server configuration, find outdated software, detect dangerous files, check for misconfigurations, or perform web server security scanning.

> nmap-recon

Perform network reconnaissance with Nmap. Use when a user asks to scan networks, discover hosts and services, detect OS versions, find open ports, enumerate service versions, or perform initial reconnaissance for a penetration test.

> postgresql

Assists with designing schemas, writing performant queries, managing indexes, and operating PostgreSQL databases. Use when working with JSONB, full-text search, window functions, CTEs, row-level security, replication, or performance tuning. Trigger words: postgresql, postgres, sql, database, jsonb, rls, window functions, cte.

> sqlmap

Detect and exploit SQL injection with sqlmap. Use when a user asks to test for SQL injection, extract database contents, bypass authentication via SQLi, automate injection testing, or dump database schemas.

> symfony

You are an expert in Symfony, the enterprise PHP framework for building web applications and APIs. You help developers build production systems with Symfony's component architecture, Doctrine ORM, dependency injection, event system, security component, API Platform for REST/GraphQL, and Messenger for async processing — the backbone of enterprise PHP used by companies processing billions of requests.

> xss-detection

Detect, exploit, and prevent Cross-Site Scripting (XSS) vulnerabilities in web applications. Use when tasks involve testing for reflected, stored, or DOM-based XSS, building XSS payloads, bypassing WAF filters, implementing Content Security Policy, sanitizing user input, or auditing web applications for injection vulnerabilities. Covers detection, exploitation, and remediation.

> nuclei-scanner

Scan web applications and infrastructure for vulnerabilities with Nuclei — template-based security scanner. Use when someone asks to "scan for vulnerabilities", "security scan my website", "Nuclei scanner", "find CVEs", "automated security testing", "vulnerability assessment", or "check for misconfigurations". Covers template scanning, custom templates, CI integration, and severity-based reporting.

> openvpn

Deploy and manage OpenVPN servers and clients. Use when a user asks to set up a VPN server, create client certificates, configure site-to-site tunnels, set up split tunneling, manage PKI with EasyRSA, harden OpenVPN security, automate client provisioning, configure routing and NAT, set up MFA for VPN, monitor connected clients, or troubleshoot VPN connectivity. Covers server deployment, PKI management, client configuration, and production hardening.

> picoclaw

Set up, configure, and manage PicoClaw — an ultra-lightweight personal AI assistant built in Go. Use when the user mentions "picoclaw," "pico claw," "lightweight AI assistant," or wants to deploy a personal AI agent on low-resource hardware (Raspberry Pi, RISC-V boards). Covers installation, LLM provider configuration, messaging gateway setup (Telegram, Discord, Slack, LINE, DingTalk), scheduled tasks, heartbeat, workspace layout, security sandbox, and Docker deployment.

> auth-system-setup

When the user wants to set up authentication and authorization for a web application. Use when the user mentions "auth," "login," "OAuth," "SSO," "single sign-on," "role-based access," "RBAC," "permissions," "user roles," "access control," "authentication," or "authorization." Covers OAuth 2.0 provider integration, session management, and role/permission architecture. For JWT-specific tasks, see jwt-handler. For security review, see security-audit.

> nginx

Assists with configuring Nginx as a web server, reverse proxy, and load balancer. Use when serving static files, proxying to application servers, setting up TLS termination, configuring caching, rate limiting, or writing security headers. Trigger words: nginx, reverse proxy, load balancer, tls, ssl, server block, location block.

> crowdsec

Protect servers with CrowdSec collaborative security. Use when a user asks to block malicious IPs, detect brute force attacks, protect web servers, or set up a community-driven firewall and intrusion detection system.

> checkov

Expert guidance for Checkov, the static analysis tool for infrastructure-as-code that scans Terraform, CloudFormation, Kubernetes, Helm, Dockerfile, and ARM templates for security misconfigurations and compliance violations. Helps developers integrate Checkov into CI/CD pipelines and write custom policies.

> kyverno

Expert guidance for Kyverno, the Kubernetes-native policy engine that validates, mutates, and generates resources using YAML policies (no Rego required). Helps developers enforce security policies, automate resource defaults, and ensure compliance across Kubernetes clusters.

> security-audit

Scan code for security vulnerabilities, misconfigurations, and exposed secrets. Use when a user asks to audit security, find vulnerabilities, check for OWASP issues, scan for secrets, review dependencies for CVEs, detect SQL injection, find XSS vulnerabilities, or harden an application. Covers OWASP Top 10, dependency auditing, secrets detection, and generates fix recommendations with severity ratings.

> cosign

Expert guidance for Cosign, the Sigstore tool for signing, verifying, and attaching metadata to container images and other OCI artifacts. Helps developers implement supply chain security by signing images in CI/CD, verifying signatures before deployment, and attaching SBOMs and vulnerability scan results as attestations.

> hapi

You are an expert in Hapi.js, the configuration-centric enterprise framework for Node.js. You help developers build production APIs with built-in input validation (Joi), authentication strategies, plugin architecture, caching, rate limiting, and comprehensive request lifecycle hooks — designed for teams that need structure, security, and testability without third-party middleware sprawl.

> ssrf-detection

Detect, exploit, and prevent Server-Side Request Forgery (SSRF) vulnerabilities. Use when tasks involve testing for SSRF in web applications, accessing internal services through SSRF, bypassing SSRF filters, implementing SSRF prevention, or auditing applications that fetch external URLs. Covers blind and non-blind SSRF, cloud metadata exploitation, and defense strategies.

> supabase

Build applications with Supabase as the backend — Postgres database, authentication, real-time subscriptions, storage, and edge functions. Use when someone asks to "set up Supabase", "add authentication", "create a real-time app", "set up row-level security", "configure Supabase storage", "write edge functions", or "migrate from Firebase to Supabase". Covers project setup, schema design with RLS, auth flows, real-time subscriptions, file storage, and edge functions.