> browse/registry

> maxia

Connect to MAXIA AI-to-AI marketplace on Solana. Discover, buy, sell AI services. Earn USDC. 13 MCP tools, A2A protocol, DeFi yields, sentiment analysis, rug detection.

> testing-handbook-skills

Application security testing toolkit from the Trail of Bits Testing Handbook. Helps the agent set up fuzzing campaigns, write fuzz harnesses, run coverage-guided fuzzers (libFuzzer, AFL++, cargo-fuzz, Atheris, Ruzzy), and triage crashes. Covers memory-safety sanitizers (AddressSanitizer, UBSan, MSan), static analysis with Semgrep and CodeQL, cryptographic validation using Wycheproof test vectors, and constant-time verification. Use when testing C, C++, Rust, Python, or Ruby code for vulnerabilit

> constant-time-testing

Guides developers through detecting and preventing side-channel attacks, timing leaks, and constant-time violations in cryptographic implementations. Covers techniques for identifying timing side channels in crypto code, including cache-timing attacks, secret-dependent branching, and microarchitectural leakage. Applies formal verification, statistical analysis (dudect), and dynamic tracing (timecop) to audit crypto primitives for timing vulnerabilities and ensure constant-time execution.

> wycheproof

Guides agents in using Wycheproof test vectors to validate cryptographic implementations against known attacks, edge cases, and vulnerability patterns. Covers integrating test vectors for AES-GCM, ECDSA, ECDH, EdDSA, RSA, and ChaCha20-Poly1305 into testing workflows. Helps when writing crypto tests, checking for signature malleability, invalid curve attacks, padding oracle issues, DER encoding bugs, or setting up CI for cryptographic libraries. Applies to verifying encryption, decryption, signin

> k8s-certs

Kubernetes certificate management with cert-manager. Use when managing TLS certificates, configuring issuers, or troubleshooting certificate issues.

> alicloud-cdn

Manage Alibaba Cloud CDN using the @alicloud/cdn20180510 TypeScript SDK. Use when working with CDN domain acceleration, domain configuration, SSL certificates, cache refresh/prefetch, real-time monitoring, traffic analysis, log management, usage/billing, IP tools, Function Compute triggers, delivery tasks, and resource tagging. Covers all 168 APIs of the CDN 20180510 version.

> viem

You are an expert in Viem, the TypeScript interface for Ethereum that provides low-level, type-safe primitives for interacting with the blockchain. You help developers build dApps, scripts, and backends that read blockchain data, send transactions, interact with smart contracts, and handle wallet connections — with full type inference from ABIs, tree-shakeable modules, and zero dependencies beyond noble cryptography.

> xray

Deploy and configure Xray proxy servers. Use when a user asks to set up VLESS, VMess, Trojan, or Shadowsocks proxies, configure Reality or TLS transport, deploy Xray with XTLS, set up fallback routing, manage multi-user access, configure traffic routing rules, set up CDN-based tunneling, build subscription links for client apps, monitor Xray traffic, or bypass network restrictions. Covers all major Xray protocols, transports, and deployment patterns.

> cert-manager

cert-manager for automatic TLS certificate management in Kubernetes. Use when the user needs to issue, renew, and manage TLS certificates from Let's Encrypt or other CAs, configure ClusterIssuers, and secure Ingress resources.

> envoy

You are an expert in Envoy, the high-performance C++ proxy designed for cloud-native applications. You help teams configure Envoy as an API gateway, service mesh sidecar, and load balancer using its L4/L7 routing, circuit breaking, rate limiting, TLS termination, gRPC support, and observability features — powering Istio, AWS App Mesh, and most modern service mesh implementations.

> opentofu

You are an expert in OpenTofu, the open-source fork of Terraform maintained by the Linux Foundation. You help developers and platform teams provision cloud infrastructure using HCL (HashiCorp Configuration Language), with full compatibility with existing Terraform modules, state files, and providers — plus new features like client-side state encryption, OCI registry support, and removed BSL license restrictions.

> gcp-cloud-run

Deploy serverless containers on Google Cloud Run. Build and push container images, configure auto-scaling from zero, split traffic between revisions for canary deployments, and set up custom domains with managed TLS.

> restic

Back up and restore data with Restic. Use when a user asks to set up backups, create encrypted backups, back up to S3 or cloud storage, implement a backup strategy, restore files from backup, deduplicate backup storage, schedule automated backups, back up databases or servers, or set up offsite backups. Covers repository initialization, backup/restore operations, snapshot management, pruning, encryption, and multiple storage backends (local, S3, SFTP, B2, Azure, GCS).

> nginx

Assists with configuring Nginx as a web server, reverse proxy, and load balancer. Use when serving static files, proxying to application servers, setting up TLS termination, configuring caching, rate limiting, or writing security headers. Trigger words: nginx, reverse proxy, load balancer, tls, ssl, server block, location block.

> caddy

Configure Caddy as a web server and reverse proxy — automatic HTTPS, reverse proxy, load balancing, file server, redirects, headers, rate limiting, and API configuration. Use when tasks involve serving websites, proxying to backend services, automatic TLS certificate management, or replacing Nginx with a simpler configuration.

> step-ca

Run a private certificate authority with step-ca. Use when a user asks to issue internal TLS certificates, set up mTLS between services, create a private PKI, or manage certificates for internal infrastructure.

> hashicorp-vault

Assists with managing secrets, encryption keys, and dynamic credentials using HashiCorp Vault. Use when configuring secret engines, setting up dynamic database credentials, implementing access policies, integrating with Kubernetes, or using Transit for encryption as a service. Trigger words: vault, secrets management, dynamic secrets, transit engine, pki, approle, vault agent.

> traefik

Route traffic and manage TLS with Traefik reverse proxy. Use when a user asks to set up a reverse proxy, route traffic to Docker containers, auto-provision SSL certificates with Let's Encrypt, set up load balancing, configure HTTPS for multiple services, use a modern alternative to nginx for Docker, set up path-based or host-based routing, add middleware (rate limiting, auth, headers), or manage ingress for containerized applications.

> letsencrypt

Get free TLS certificates with Certbot and Let's Encrypt. Use when a user asks to add HTTPS to a website, get a free SSL certificate, auto-renew certificates, or secure a web server with TLS.

> azure-keyvault-py

Azure Key Vault SDK for Python. Use for secrets, keys, and certificates management with secure storage. Triggers: "key vault", "SecretClient", "KeyClient", "CertificateClient", "secrets", "encryption keys".