@rubix0270/arboris 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (451) hide show
  1. package/package.json +25 -37
  2. package/run.mjs +10 -0
  3. package/dist/cli.mjs +0 -383
  4. package/manifest.json +0 -323
  5. package/prisma/skills/accessibility/SKILL.md +0 -147
  6. package/prisma/skills/agent-architecture-audit/SKILL.md +0 -257
  7. package/prisma/skills/agent-eval/SKILL.md +0 -146
  8. package/prisma/skills/agent-harness-construction/SKILL.md +0 -74
  9. package/prisma/skills/agent-introspection-debugging/SKILL.md +0 -154
  10. package/prisma/skills/agent-payment-x402/SKILL.md +0 -225
  11. package/prisma/skills/agent-self-evaluation/SKILL.md +0 -182
  12. package/prisma/skills/agent-self-evaluation/examples/high-score-example.md +0 -87
  13. package/prisma/skills/agent-self-evaluation/examples/low-score-example.md +0 -86
  14. package/prisma/skills/agent-self-evaluation/references/evaluation-criteria.md +0 -71
  15. package/prisma/skills/agent-self-evaluation/references/hook-integration.md +0 -64
  16. package/prisma/skills/agent-self-evaluation/scripts/evaluate.py +0 -408
  17. package/prisma/skills/agent-self-evaluation/templates/evaluation-report.md +0 -86
  18. package/prisma/skills/agent-sort/SKILL.md +0 -216
  19. package/prisma/skills/agentic-engineering/SKILL.md +0 -64
  20. package/prisma/skills/agentic-os/SKILL.md +0 -388
  21. package/prisma/skills/ai-first-engineering/SKILL.md +0 -52
  22. package/prisma/skills/ai-regression-testing/SKILL.md +0 -386
  23. package/prisma/skills/android-clean-architecture/SKILL.md +0 -340
  24. package/prisma/skills/angular-developer/SKILL.md +0 -155
  25. package/prisma/skills/angular-developer/references/angular-animations.md +0 -160
  26. package/prisma/skills/angular-developer/references/angular-aria.md +0 -410
  27. package/prisma/skills/angular-developer/references/cli.md +0 -86
  28. package/prisma/skills/angular-developer/references/component-harnesses.md +0 -59
  29. package/prisma/skills/angular-developer/references/component-styling.md +0 -91
  30. package/prisma/skills/angular-developer/references/components.md +0 -117
  31. package/prisma/skills/angular-developer/references/creating-services.md +0 -97
  32. package/prisma/skills/angular-developer/references/data-resolvers.md +0 -69
  33. package/prisma/skills/angular-developer/references/define-routes.md +0 -67
  34. package/prisma/skills/angular-developer/references/defining-providers.md +0 -72
  35. package/prisma/skills/angular-developer/references/di-fundamentals.md +0 -120
  36. package/prisma/skills/angular-developer/references/e2e-testing.md +0 -56
  37. package/prisma/skills/angular-developer/references/effects.md +0 -83
  38. package/prisma/skills/angular-developer/references/hierarchical-injectors.md +0 -43
  39. package/prisma/skills/angular-developer/references/host-elements.md +0 -80
  40. package/prisma/skills/angular-developer/references/injection-context.md +0 -63
  41. package/prisma/skills/angular-developer/references/inputs.md +0 -101
  42. package/prisma/skills/angular-developer/references/linked-signal.md +0 -59
  43. package/prisma/skills/angular-developer/references/loading-strategies.md +0 -61
  44. package/prisma/skills/angular-developer/references/mcp.md +0 -108
  45. package/prisma/skills/angular-developer/references/navigate-to-routes.md +0 -69
  46. package/prisma/skills/angular-developer/references/outputs.md +0 -86
  47. package/prisma/skills/angular-developer/references/reactive-forms.md +0 -122
  48. package/prisma/skills/angular-developer/references/rendering-strategies.md +0 -44
  49. package/prisma/skills/angular-developer/references/resource.md +0 -77
  50. package/prisma/skills/angular-developer/references/route-animations.md +0 -56
  51. package/prisma/skills/angular-developer/references/route-guards.md +0 -52
  52. package/prisma/skills/angular-developer/references/router-lifecycle.md +0 -45
  53. package/prisma/skills/angular-developer/references/router-testing.md +0 -87
  54. package/prisma/skills/angular-developer/references/show-routes-with-outlets.md +0 -68
  55. package/prisma/skills/angular-developer/references/signal-forms.md +0 -795
  56. package/prisma/skills/angular-developer/references/signals-overview.md +0 -94
  57. package/prisma/skills/angular-developer/references/tailwind-css.md +0 -69
  58. package/prisma/skills/angular-developer/references/template-driven-forms.md +0 -114
  59. package/prisma/skills/angular-developer/references/testing-fundamentals.md +0 -65
  60. package/prisma/skills/api-connector-builder/SKILL.md +0 -121
  61. package/prisma/skills/api-design/SKILL.md +0 -524
  62. package/prisma/skills/architecture-decision-records/SKILL.md +0 -180
  63. package/prisma/skills/article-writing/SKILL.md +0 -80
  64. package/prisma/skills/automation-audit-ops/SKILL.md +0 -143
  65. package/prisma/skills/autonomous-agent-harness/SKILL.md +0 -274
  66. package/prisma/skills/autonomous-loops/SKILL.md +0 -611
  67. package/prisma/skills/backend-patterns/SKILL.md +0 -562
  68. package/prisma/skills/benchmark/SKILL.md +0 -94
  69. package/prisma/skills/benchmark-methodology/SKILL.md +0 -190
  70. package/prisma/skills/benchmark-optimization-loop/SKILL.md +0 -70
  71. package/prisma/skills/blender-motion-state-inspection/SKILL.md +0 -165
  72. package/prisma/skills/blueprint/SKILL.md +0 -106
  73. package/prisma/skills/brand-discovery/SKILL.md +0 -145
  74. package/prisma/skills/brand-discovery/references/10_purpose-why.md +0 -40
  75. package/prisma/skills/brand-discovery/references/20_positioning.md +0 -44
  76. package/prisma/skills/brand-discovery/references/30_audience-niche.md +0 -52
  77. package/prisma/skills/brand-discovery/references/40_personality-archetype.md +0 -57
  78. package/prisma/skills/brand-discovery/references/50_voice-tone.md +0 -59
  79. package/prisma/skills/brand-discovery/references/60_narrative-story.md +0 -50
  80. package/prisma/skills/brand-discovery/references/70_founder-tension.md +0 -49
  81. package/prisma/skills/brand-discovery/references/90_SYNTHESIS.md +0 -133
  82. package/prisma/skills/brand-voice/SKILL.md +0 -98
  83. package/prisma/skills/brand-voice/references/voice-profile-schema.md +0 -55
  84. package/prisma/skills/browser-qa/SKILL.md +0 -105
  85. package/prisma/skills/bun-runtime/SKILL.md +0 -85
  86. package/prisma/skills/canary-watch/SKILL.md +0 -108
  87. package/prisma/skills/carrier-relationship-management/SKILL.md +0 -212
  88. package/prisma/skills/cisco-ios-patterns/SKILL.md +0 -164
  89. package/prisma/skills/ck/SKILL.md +0 -148
  90. package/prisma/skills/ck/commands/forget.mjs +0 -44
  91. package/prisma/skills/ck/commands/info.mjs +0 -24
  92. package/prisma/skills/ck/commands/init.mjs +0 -143
  93. package/prisma/skills/ck/commands/list.mjs +0 -40
  94. package/prisma/skills/ck/commands/migrate.mjs +0 -202
  95. package/prisma/skills/ck/commands/resume.mjs +0 -36
  96. package/prisma/skills/ck/commands/save.mjs +0 -210
  97. package/prisma/skills/ck/commands/shared.mjs +0 -387
  98. package/prisma/skills/ck/hooks/session-start.mjs +0 -224
  99. package/prisma/skills/claude-devfleet/SKILL.md +0 -112
  100. package/prisma/skills/click-path-audit/SKILL.md +0 -245
  101. package/prisma/skills/clickhouse-io/SKILL.md +0 -440
  102. package/prisma/skills/code-tour/SKILL.md +0 -254
  103. package/prisma/skills/codebase-onboarding/SKILL.md +0 -234
  104. package/prisma/skills/codehealth-mcp/SKILL.md +0 -167
  105. package/prisma/skills/coding-standards/SKILL.md +0 -551
  106. package/prisma/skills/competitive-platform-analysis/SKILL.md +0 -214
  107. package/prisma/skills/competitive-report-structure/SKILL.md +0 -162
  108. package/prisma/skills/compose-multiplatform-patterns/SKILL.md +0 -300
  109. package/prisma/skills/config-gc/SKILL.md +0 -120
  110. package/prisma/skills/configure-ecc/SKILL.md +0 -385
  111. package/prisma/skills/connections-optimizer/SKILL.md +0 -190
  112. package/prisma/skills/content-engine/SKILL.md +0 -132
  113. package/prisma/skills/content-hash-cache-pattern/SKILL.md +0 -162
  114. package/prisma/skills/context-budget/SKILL.md +0 -136
  115. package/prisma/skills/continuous-agent-loop/SKILL.md +0 -46
  116. package/prisma/skills/continuous-learning/SKILL.md +0 -132
  117. package/prisma/skills/continuous-learning/config.json +0 -18
  118. package/prisma/skills/continuous-learning/evaluate-session.sh +0 -69
  119. package/prisma/skills/continuous-learning-v2/SKILL.md +0 -361
  120. package/prisma/skills/continuous-learning-v2/agents/observer-loop.sh +0 -359
  121. package/prisma/skills/continuous-learning-v2/agents/observer.md +0 -189
  122. package/prisma/skills/continuous-learning-v2/agents/session-guardian.sh +0 -150
  123. package/prisma/skills/continuous-learning-v2/agents/start-observer.sh +0 -248
  124. package/prisma/skills/continuous-learning-v2/config.json +0 -8
  125. package/prisma/skills/continuous-learning-v2/hooks/observe.sh +0 -585
  126. package/prisma/skills/continuous-learning-v2/scripts/detect-project.sh +0 -322
  127. package/prisma/skills/continuous-learning-v2/scripts/instinct-cli.py +0 -1956
  128. package/prisma/skills/continuous-learning-v2/scripts/lib/homunculus-dir.sh +0 -31
  129. package/prisma/skills/continuous-learning-v2/scripts/migrate-homunculus.sh +0 -68
  130. package/prisma/skills/continuous-learning-v2/scripts/test_parse_instinct.py +0 -1421
  131. package/prisma/skills/cost-aware-llm-pipeline/SKILL.md +0 -184
  132. package/prisma/skills/cost-tracking/SKILL.md +0 -97
  133. package/prisma/skills/council/SKILL.md +0 -204
  134. package/prisma/skills/cpp-coding-standards/SKILL.md +0 -724
  135. package/prisma/skills/cpp-testing/SKILL.md +0 -325
  136. package/prisma/skills/crosspost/SKILL.md +0 -112
  137. package/prisma/skills/csharp-testing/SKILL.md +0 -322
  138. package/prisma/skills/customer-billing-ops/SKILL.md +0 -141
  139. package/prisma/skills/customs-trade-compliance/SKILL.md +0 -263
  140. package/prisma/skills/dart-flutter-patterns/SKILL.md +0 -564
  141. package/prisma/skills/dashboard-builder/SKILL.md +0 -109
  142. package/prisma/skills/data-scraper-agent/SKILL.md +0 -765
  143. package/prisma/skills/data-throughput-accelerator/SKILL.md +0 -73
  144. package/prisma/skills/database-migrations/SKILL.md +0 -430
  145. package/prisma/skills/deep-research/SKILL.md +0 -160
  146. package/prisma/skills/defi-amm-security/SKILL.md +0 -167
  147. package/prisma/skills/delivery-gate/SKILL.md +0 -126
  148. package/prisma/skills/delivery-gate/hooks/quality-gate.py +0 -220
  149. package/prisma/skills/deployment-patterns/SKILL.md +0 -428
  150. package/prisma/skills/design-system/SKILL.md +0 -83
  151. package/prisma/skills/django-celery/SKILL.md +0 -458
  152. package/prisma/skills/django-patterns/SKILL.md +0 -735
  153. package/prisma/skills/django-security/SKILL.md +0 -644
  154. package/prisma/skills/django-tdd/SKILL.md +0 -730
  155. package/prisma/skills/django-verification/SKILL.md +0 -470
  156. package/prisma/skills/dmux-workflows/SKILL.md +0 -192
  157. package/prisma/skills/docker-patterns/SKILL.md +0 -365
  158. package/prisma/skills/documentation-lookup/SKILL.md +0 -91
  159. package/prisma/skills/dotnet-patterns/SKILL.md +0 -322
  160. package/prisma/skills/dynamic-workflow-mode/SKILL.md +0 -124
  161. package/prisma/skills/e2e-testing/SKILL.md +0 -327
  162. package/prisma/skills/ecc-guide/SKILL.md +0 -190
  163. package/prisma/skills/ecc-recipes/SKILL.md +0 -149
  164. package/prisma/skills/ecc-tools-cost-audit/SKILL.md +0 -161
  165. package/prisma/skills/email-ops/SKILL.md +0 -122
  166. package/prisma/skills/energy-procurement/SKILL.md +0 -228
  167. package/prisma/skills/enterprise-agent-ops/SKILL.md +0 -51
  168. package/prisma/skills/error-handling/SKILL.md +0 -377
  169. package/prisma/skills/eval-harness/SKILL.md +0 -271
  170. package/prisma/skills/evm-token-decimals/SKILL.md +0 -131
  171. package/prisma/skills/exa-search/SKILL.md +0 -108
  172. package/prisma/skills/fal-ai-media/SKILL.md +0 -289
  173. package/prisma/skills/fastapi-patterns/SKILL.md +0 -514
  174. package/prisma/skills/finance-billing-ops/SKILL.md +0 -128
  175. package/prisma/skills/flox-environments/SKILL.md +0 -497
  176. package/prisma/skills/flutter-dart-code-review/SKILL.md +0 -436
  177. package/prisma/skills/foundation-models-on-device/SKILL.md +0 -243
  178. package/prisma/skills/frontend-a11y/SKILL.md +0 -446
  179. package/prisma/skills/frontend-design-direction/SKILL.md +0 -93
  180. package/prisma/skills/frontend-patterns/SKILL.md +0 -657
  181. package/prisma/skills/frontend-slides/SKILL.md +0 -185
  182. package/prisma/skills/frontend-slides/STYLE_PRESETS.md +0 -330
  183. package/prisma/skills/frontend-slides/animation-patterns.md +0 -122
  184. package/prisma/skills/frontend-slides/html-template.md +0 -419
  185. package/prisma/skills/frontend-slides/scripts/export-pdf.sh +0 -418
  186. package/prisma/skills/frontend-slides/scripts/extract-pptx.py +0 -96
  187. package/prisma/skills/frontend-slides/viewport-base.css +0 -153
  188. package/prisma/skills/fsharp-testing/SKILL.md +0 -281
  189. package/prisma/skills/gan-style-harness/SKILL.md +0 -279
  190. package/prisma/skills/gateguard/SKILL.md +0 -133
  191. package/prisma/skills/generating-python-installer/SKILL.md +0 -820
  192. package/prisma/skills/git-workflow/SKILL.md +0 -716
  193. package/prisma/skills/github-ops/SKILL.md +0 -145
  194. package/prisma/skills/golang-patterns/SKILL.md +0 -675
  195. package/prisma/skills/golang-testing/SKILL.md +0 -721
  196. package/prisma/skills/google-workspace-ops/SKILL.md +0 -96
  197. package/prisma/skills/growth-log/SKILL.md +0 -128
  198. package/prisma/skills/healthcare-cdss-patterns/SKILL.md +0 -246
  199. package/prisma/skills/healthcare-emr-patterns/SKILL.md +0 -160
  200. package/prisma/skills/healthcare-eval-harness/SKILL.md +0 -208
  201. package/prisma/skills/healthcare-phi-compliance/SKILL.md +0 -146
  202. package/prisma/skills/hermes-imports/SKILL.md +0 -89
  203. package/prisma/skills/hexagonal-architecture/SKILL.md +0 -277
  204. package/prisma/skills/hipaa-compliance/SKILL.md +0 -79
  205. package/prisma/skills/homelab-network-readiness/SKILL.md +0 -170
  206. package/prisma/skills/homelab-network-setup/SKILL.md +0 -130
  207. package/prisma/skills/homelab-pihole-dns/SKILL.md +0 -275
  208. package/prisma/skills/homelab-vlan-segmentation/SKILL.md +0 -312
  209. package/prisma/skills/homelab-wireguard-vpn/SKILL.md +0 -306
  210. package/prisma/skills/hookify-rules/SKILL.md +0 -128
  211. package/prisma/skills/inherit-legacy-style/SKILL.md +0 -157
  212. package/prisma/skills/intent-driven-development/SKILL.md +0 -360
  213. package/prisma/skills/inventory-demand-planning/SKILL.md +0 -247
  214. package/prisma/skills/investor-materials/SKILL.md +0 -97
  215. package/prisma/skills/investor-outreach/SKILL.md +0 -92
  216. package/prisma/skills/ios-icon-gen/SKILL.md +0 -158
  217. package/prisma/skills/ios-icon-gen/scripts/generate_icons.swift +0 -258
  218. package/prisma/skills/ios-icon-gen/scripts/iconify_gen.sh +0 -235
  219. package/prisma/skills/iterative-retrieval/SKILL.md +0 -212
  220. package/prisma/skills/ito-basket-compare/SKILL.md +0 -64
  221. package/prisma/skills/ito-data-atlas-agent/SKILL.md +0 -64
  222. package/prisma/skills/ito-market-intelligence/SKILL.md +0 -61
  223. package/prisma/skills/ito-trade-planner/SKILL.md +0 -68
  224. package/prisma/skills/java-coding-standards/SKILL.md +0 -384
  225. package/prisma/skills/jira-integration/SKILL.md +0 -303
  226. package/prisma/skills/jpa-patterns/SKILL.md +0 -152
  227. package/prisma/skills/knowledge-ops/SKILL.md +0 -155
  228. package/prisma/skills/kotlin-coroutines-flows/SKILL.md +0 -285
  229. package/prisma/skills/kotlin-exposed-patterns/SKILL.md +0 -720
  230. package/prisma/skills/kotlin-ktor-patterns/SKILL.md +0 -690
  231. package/prisma/skills/kotlin-patterns/SKILL.md +0 -712
  232. package/prisma/skills/kotlin-testing/SKILL.md +0 -825
  233. package/prisma/skills/kubernetes-patterns/SKILL.md +0 -756
  234. package/prisma/skills/laravel-patterns/SKILL.md +0 -416
  235. package/prisma/skills/laravel-plugin-discovery/SKILL.md +0 -230
  236. package/prisma/skills/laravel-security/SKILL.md +0 -948
  237. package/prisma/skills/laravel-tdd/SKILL.md +0 -675
  238. package/prisma/skills/laravel-verification/SKILL.md +0 -180
  239. package/prisma/skills/latency-critical-systems/SKILL.md +0 -74
  240. package/prisma/skills/lead-intelligence/SKILL.md +0 -322
  241. package/prisma/skills/lead-intelligence/agents/enrichment-agent.md +0 -85
  242. package/prisma/skills/lead-intelligence/agents/mutual-mapper.md +0 -75
  243. package/prisma/skills/lead-intelligence/agents/outreach-drafter.md +0 -98
  244. package/prisma/skills/lead-intelligence/agents/signal-scorer.md +0 -60
  245. package/prisma/skills/liquid-glass-design/SKILL.md +0 -279
  246. package/prisma/skills/llm-trading-agent-security/SKILL.md +0 -147
  247. package/prisma/skills/logistics-exception-management/SKILL.md +0 -222
  248. package/prisma/skills/loop-design-check/SKILL.md +0 -143
  249. package/prisma/skills/mailtrap-email-integration/SKILL.md +0 -77
  250. package/prisma/skills/make-interfaces-feel-better/SKILL.md +0 -152
  251. package/prisma/skills/manim-video/SKILL.md +0 -90
  252. package/prisma/skills/manim-video/assets/network_graph_scene.py +0 -52
  253. package/prisma/skills/market-research/SKILL.md +0 -76
  254. package/prisma/skills/marketing-campaign/SKILL.md +0 -114
  255. package/prisma/skills/mcp-server-patterns/SKILL.md +0 -70
  256. package/prisma/skills/messages-ops/SKILL.md +0 -105
  257. package/prisma/skills/ml-adoption-playbook/SKILL.md +0 -57
  258. package/prisma/skills/mle-workflow/SKILL.md +0 -347
  259. package/prisma/skills/motion-advanced/SKILL.md +0 -596
  260. package/prisma/skills/motion-foundations/SKILL.md +0 -299
  261. package/prisma/skills/motion-patterns/SKILL.md +0 -434
  262. package/prisma/skills/motion-ui/SKILL.md +0 -576
  263. package/prisma/skills/mysql-patterns/SKILL.md +0 -413
  264. package/prisma/skills/nanoclaw-repl/SKILL.md +0 -34
  265. package/prisma/skills/nestjs-patterns/SKILL.md +0 -231
  266. package/prisma/skills/netmiko-ssh-automation/SKILL.md +0 -174
  267. package/prisma/skills/network-bgp-diagnostics/SKILL.md +0 -168
  268. package/prisma/skills/network-config-validation/SKILL.md +0 -211
  269. package/prisma/skills/network-interface-health/SKILL.md +0 -153
  270. package/prisma/skills/nextjs-turbopack/SKILL.md +0 -58
  271. package/prisma/skills/nodejs-keccak256/SKILL.md +0 -103
  272. package/prisma/skills/nutrient-document-processing/SKILL.md +0 -168
  273. package/prisma/skills/nuxt4-patterns/SKILL.md +0 -101
  274. package/prisma/skills/openclaw-persona-forge/SKILL.md +0 -289
  275. package/prisma/skills/openclaw-persona-forge/gacha.py +0 -224
  276. package/prisma/skills/openclaw-persona-forge/gacha.sh +0 -5
  277. package/prisma/skills/openclaw-persona-forge/references/avatar-style.md +0 -124
  278. package/prisma/skills/openclaw-persona-forge/references/boundary-rules.md +0 -53
  279. package/prisma/skills/openclaw-persona-forge/references/error-handling.md +0 -53
  280. package/prisma/skills/openclaw-persona-forge/references/identity-tension.md +0 -48
  281. package/prisma/skills/openclaw-persona-forge/references/naming-system.md +0 -39
  282. package/prisma/skills/openclaw-persona-forge/references/output-template.md +0 -166
  283. package/prisma/skills/opensource-pipeline/SKILL.md +0 -256
  284. package/prisma/skills/orch-add-feature/SKILL.md +0 -45
  285. package/prisma/skills/orch-build-mvp/SKILL.md +0 -49
  286. package/prisma/skills/orch-change-feature/SKILL.md +0 -43
  287. package/prisma/skills/orch-fix-defect/SKILL.md +0 -43
  288. package/prisma/skills/orch-pipeline/SKILL.md +0 -121
  289. package/prisma/skills/orch-refine-code/SKILL.md +0 -44
  290. package/prisma/skills/parallel-execution-optimizer/SKILL.md +0 -73
  291. package/prisma/skills/perl-patterns/SKILL.md +0 -505
  292. package/prisma/skills/perl-security/SKILL.md +0 -504
  293. package/prisma/skills/perl-testing/SKILL.md +0 -476
  294. package/prisma/skills/plan-orchestrate/SKILL.md +0 -263
  295. package/prisma/skills/plankton-code-quality/SKILL.md +0 -237
  296. package/prisma/skills/postgres-patterns/SKILL.md +0 -148
  297. package/prisma/skills/prediction-market-oracle-research/SKILL.md +0 -64
  298. package/prisma/skills/prediction-market-risk-review/SKILL.md +0 -61
  299. package/prisma/skills/prisma-patterns/SKILL.md +0 -401
  300. package/prisma/skills/product-capability/SKILL.md +0 -142
  301. package/prisma/skills/product-lens/SKILL.md +0 -93
  302. package/prisma/skills/production-audit/SKILL.md +0 -207
  303. package/prisma/skills/production-scheduling/SKILL.md +0 -238
  304. package/prisma/skills/project-flow-ops/SKILL.md +0 -112
  305. package/prisma/skills/prompt-optimizer/SKILL.md +0 -398
  306. package/prisma/skills/python-patterns/SKILL.md +0 -751
  307. package/prisma/skills/python-testing/SKILL.md +0 -817
  308. package/prisma/skills/pytorch-patterns/SKILL.md +0 -397
  309. package/prisma/skills/quality-nonconformance/SKILL.md +0 -260
  310. package/prisma/skills/quarkus-patterns/SKILL.md +0 -723
  311. package/prisma/skills/quarkus-security/SKILL.md +0 -468
  312. package/prisma/skills/quarkus-tdd/SKILL.md +0 -812
  313. package/prisma/skills/quarkus-verification/SKILL.md +0 -480
  314. package/prisma/skills/ralphinho-rfc-pipeline/SKILL.md +0 -68
  315. package/prisma/skills/react-native-patterns/SKILL.md +0 -326
  316. package/prisma/skills/react-patterns/SKILL.md +0 -342
  317. package/prisma/skills/react-performance/SKILL.md +0 -575
  318. package/prisma/skills/react-testing/SKILL.md +0 -424
  319. package/prisma/skills/recsys-pipeline-architect/SKILL.md +0 -115
  320. package/prisma/skills/recursive-decision-ledger/SKILL.md +0 -80
  321. package/prisma/skills/redis-patterns/SKILL.md +0 -404
  322. package/prisma/skills/regex-vs-llm-structured-text/SKILL.md +0 -221
  323. package/prisma/skills/remotion-video-creation/SKILL.md +0 -43
  324. package/prisma/skills/remotion-video-creation/rules/3d.md +0 -86
  325. package/prisma/skills/remotion-video-creation/rules/animations.md +0 -29
  326. package/prisma/skills/remotion-video-creation/rules/assets/charts-bar-chart.tsx +0 -173
  327. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-typewriter.tsx +0 -100
  328. package/prisma/skills/remotion-video-creation/rules/assets/text-animations-word-highlight.tsx +0 -108
  329. package/prisma/skills/remotion-video-creation/rules/assets.md +0 -78
  330. package/prisma/skills/remotion-video-creation/rules/audio.md +0 -172
  331. package/prisma/skills/remotion-video-creation/rules/calculate-metadata.md +0 -104
  332. package/prisma/skills/remotion-video-creation/rules/can-decode.md +0 -75
  333. package/prisma/skills/remotion-video-creation/rules/charts.md +0 -58
  334. package/prisma/skills/remotion-video-creation/rules/compositions.md +0 -146
  335. package/prisma/skills/remotion-video-creation/rules/display-captions.md +0 -126
  336. package/prisma/skills/remotion-video-creation/rules/extract-frames.md +0 -229
  337. package/prisma/skills/remotion-video-creation/rules/fonts.md +0 -152
  338. package/prisma/skills/remotion-video-creation/rules/get-audio-duration.md +0 -58
  339. package/prisma/skills/remotion-video-creation/rules/get-video-dimensions.md +0 -68
  340. package/prisma/skills/remotion-video-creation/rules/get-video-duration.md +0 -58
  341. package/prisma/skills/remotion-video-creation/rules/gifs.md +0 -138
  342. package/prisma/skills/remotion-video-creation/rules/images.md +0 -130
  343. package/prisma/skills/remotion-video-creation/rules/import-srt-captions.md +0 -67
  344. package/prisma/skills/remotion-video-creation/rules/lottie.md +0 -67
  345. package/prisma/skills/remotion-video-creation/rules/measuring-dom-nodes.md +0 -34
  346. package/prisma/skills/remotion-video-creation/rules/measuring-text.md +0 -143
  347. package/prisma/skills/remotion-video-creation/rules/sequencing.md +0 -106
  348. package/prisma/skills/remotion-video-creation/rules/tailwind.md +0 -11
  349. package/prisma/skills/remotion-video-creation/rules/text-animations.md +0 -20
  350. package/prisma/skills/remotion-video-creation/rules/timing.md +0 -179
  351. package/prisma/skills/remotion-video-creation/rules/transcribe-captions.md +0 -19
  352. package/prisma/skills/remotion-video-creation/rules/transitions.md +0 -122
  353. package/prisma/skills/remotion-video-creation/rules/trimming.md +0 -52
  354. package/prisma/skills/remotion-video-creation/rules/videos.md +0 -171
  355. package/prisma/skills/repo-scan/SKILL.md +0 -79
  356. package/prisma/skills/research-ops/SKILL.md +0 -113
  357. package/prisma/skills/returns-reverse-logistics/SKILL.md +0 -240
  358. package/prisma/skills/rules-distill/SKILL.md +0 -265
  359. package/prisma/skills/rules-distill/scripts/scan-rules.sh +0 -58
  360. package/prisma/skills/rules-distill/scripts/scan-skills.sh +0 -129
  361. package/prisma/skills/rust-patterns/SKILL.md +0 -500
  362. package/prisma/skills/rust-testing/SKILL.md +0 -501
  363. package/prisma/skills/safety-guard/SKILL.md +0 -76
  364. package/prisma/skills/santa-method/SKILL.md +0 -307
  365. package/prisma/skills/scientific-db-pubmed-database/SKILL.md +0 -176
  366. package/prisma/skills/scientific-db-uspto-database/SKILL.md +0 -178
  367. package/prisma/skills/scientific-pkg-gget/SKILL.md +0 -167
  368. package/prisma/skills/scientific-thinking-literature-review/SKILL.md +0 -193
  369. package/prisma/skills/scientific-thinking-scholar-evaluation/SKILL.md +0 -161
  370. package/prisma/skills/search-first/SKILL.md +0 -183
  371. package/prisma/skills/security-bounty-hunter/SKILL.md +0 -100
  372. package/prisma/skills/security-review/SKILL.md +0 -504
  373. package/prisma/skills/security-review/cloud-infrastructure-security.md +0 -361
  374. package/prisma/skills/security-scan/SKILL.md +0 -166
  375. package/prisma/skills/seo/SKILL.md +0 -155
  376. package/prisma/skills/skill-comply/SKILL.md +0 -59
  377. package/prisma/skills/skill-comply/fixtures/compliant_trace.jsonl +0 -5
  378. package/prisma/skills/skill-comply/fixtures/noncompliant_trace.jsonl +0 -3
  379. package/prisma/skills/skill-comply/fixtures/tdd_spec.yaml +0 -44
  380. package/prisma/skills/skill-comply/prompts/classifier.md +0 -24
  381. package/prisma/skills/skill-comply/prompts/scenario_generator.md +0 -62
  382. package/prisma/skills/skill-comply/prompts/spec_generator.md +0 -42
  383. package/prisma/skills/skill-comply/pyproject.toml +0 -15
  384. package/prisma/skills/skill-comply/scripts/__init__.py +0 -0
  385. package/prisma/skills/skill-comply/scripts/classifier.py +0 -85
  386. package/prisma/skills/skill-comply/scripts/grader.py +0 -124
  387. package/prisma/skills/skill-comply/scripts/parser.py +0 -107
  388. package/prisma/skills/skill-comply/scripts/report.py +0 -170
  389. package/prisma/skills/skill-comply/scripts/run.py +0 -127
  390. package/prisma/skills/skill-comply/scripts/runner.py +0 -194
  391. package/prisma/skills/skill-comply/scripts/scenario_generator.py +0 -70
  392. package/prisma/skills/skill-comply/scripts/spec_generator.py +0 -72
  393. package/prisma/skills/skill-comply/scripts/utils.py +0 -13
  394. package/prisma/skills/skill-comply/tests/test_grader.py +0 -197
  395. package/prisma/skills/skill-comply/tests/test_parser.py +0 -90
  396. package/prisma/skills/skill-comply/tests/test_runner.py +0 -172
  397. package/prisma/skills/skill-scout/SKILL.md +0 -141
  398. package/prisma/skills/skill-stocktake/SKILL.md +0 -195
  399. package/prisma/skills/skill-stocktake/scripts/quick-diff.sh +0 -87
  400. package/prisma/skills/skill-stocktake/scripts/save-results.sh +0 -56
  401. package/prisma/skills/skill-stocktake/scripts/scan.sh +0 -170
  402. package/prisma/skills/social-graph-ranker/SKILL.md +0 -155
  403. package/prisma/skills/social-publisher/SKILL.md +0 -130
  404. package/prisma/skills/springboot-patterns/SKILL.md +0 -315
  405. package/prisma/skills/springboot-security/SKILL.md +0 -273
  406. package/prisma/skills/springboot-tdd/SKILL.md +0 -159
  407. package/prisma/skills/springboot-verification/SKILL.md +0 -232
  408. package/prisma/skills/strategic-compact/SKILL.md +0 -136
  409. package/prisma/skills/swift-actor-persistence/SKILL.md +0 -144
  410. package/prisma/skills/swift-concurrency-6-2/SKILL.md +0 -216
  411. package/prisma/skills/swift-protocol-di-testing/SKILL.md +0 -191
  412. package/prisma/skills/swiftui-patterns/SKILL.md +0 -259
  413. package/prisma/skills/taste/SKILL.md +0 -264
  414. package/prisma/skills/taste/references/genre-taxonomy.md +0 -87
  415. package/prisma/skills/tdd-workflow/SKILL.md +0 -583
  416. package/prisma/skills/team-agent-orchestration/SKILL.md +0 -111
  417. package/prisma/skills/team-builder/SKILL.md +0 -169
  418. package/prisma/skills/terminal-ops/SKILL.md +0 -110
  419. package/prisma/skills/tinystruct-patterns/SKILL.md +0 -279
  420. package/prisma/skills/tinystruct-patterns/references/architecture.md +0 -90
  421. package/prisma/skills/tinystruct-patterns/references/data-handling.md +0 -60
  422. package/prisma/skills/tinystruct-patterns/references/database.md +0 -99
  423. package/prisma/skills/tinystruct-patterns/references/routing.md +0 -64
  424. package/prisma/skills/tinystruct-patterns/references/system-usage.md +0 -97
  425. package/prisma/skills/tinystruct-patterns/references/testing.md +0 -72
  426. package/prisma/skills/token-budget-advisor/SKILL.md +0 -134
  427. package/prisma/skills/ui-demo/SKILL.md +0 -466
  428. package/prisma/skills/ui-to-vue/SKILL.md +0 -135
  429. package/prisma/skills/uncloud/SKILL.md +0 -344
  430. package/prisma/skills/unified-notifications-ops/SKILL.md +0 -188
  431. package/prisma/skills/verification-loop/SKILL.md +0 -127
  432. package/prisma/skills/video-editing/SKILL.md +0 -311
  433. package/prisma/skills/videodb/SKILL.md +0 -375
  434. package/prisma/skills/videodb/reference/api-reference.md +0 -550
  435. package/prisma/skills/videodb/reference/capture-reference.md +0 -407
  436. package/prisma/skills/videodb/reference/capture.md +0 -101
  437. package/prisma/skills/videodb/reference/editor.md +0 -443
  438. package/prisma/skills/videodb/reference/generative.md +0 -331
  439. package/prisma/skills/videodb/reference/rtstream-reference.md +0 -564
  440. package/prisma/skills/videodb/reference/rtstream.md +0 -65
  441. package/prisma/skills/videodb/reference/search.md +0 -230
  442. package/prisma/skills/videodb/reference/streaming.md +0 -406
  443. package/prisma/skills/videodb/reference/use-cases.md +0 -118
  444. package/prisma/skills/videodb/scripts/ws_listener.py +0 -282
  445. package/prisma/skills/visa-doc-translate/README.md +0 -86
  446. package/prisma/skills/visa-doc-translate/SKILL.md +0 -117
  447. package/prisma/skills/vite-patterns/SKILL.md +0 -450
  448. package/prisma/skills/vue-patterns/SKILL.md +0 -471
  449. package/prisma/skills/windows-desktop-e2e/SKILL.md +0 -888
  450. package/prisma/skills/workspace-surface-audit/SKILL.md +0 -126
  451. package/prisma/skills/x-api/SKILL.md +0 -235
@@ -1,275 +0,0 @@
1
- ---
2
- name: homelab-pihole-dns
3
- description: Pi-hole installation, blocklist management, DNS-over-HTTPS setup, DHCP integration, local DNS records, and troubleshooting broken DNS resolution on a home network.
4
- metadata:
5
- origin: community
6
- ---
7
-
8
- # Homelab Pi-hole DNS
9
-
10
- Pi-hole is a network-wide DNS ad blocker that runs on a Raspberry Pi or any Linux host.
11
- Every device on your network gets ad and malware domain blocking automatically — no browser
12
- extension needed.
13
-
14
- ## When to Use
15
-
16
- - Installing Pi-hole on a Raspberry Pi or Linux host
17
- - Configuring Pi-hole as the DNS server for a home network
18
- - Adding or managing blocklists
19
- - Setting up DNS-over-HTTPS (DoH) upstream resolvers
20
- - Creating local DNS records (e.g. `nas.home.lan`, `pi.home.lan`)
21
- - Troubleshooting devices that lose internet access after Pi-hole is installed
22
- - Running Pi-hole alongside or instead of DHCP
23
-
24
- ## How Pi-hole Works
25
-
26
- ```
27
- Normal flow (without Pi-hole):
28
- Device → requests ads.tracker.com → ISP DNS → real IP → ads load
29
-
30
- With Pi-hole:
31
- Device → requests ads.tracker.com → Pi-hole DNS → blocked (returns 0.0.0.0) → no ad
32
-
33
- All DNS queries go through Pi-hole first.
34
- Pi-hole checks against blocklists.
35
- Blocked domains return a null response — the ad/tracker never loads.
36
- Allowed domains get forwarded to your upstream resolver (Cloudflare, Google, etc.).
37
- ```
38
-
39
- ## Installation
40
-
41
- ### Docker (Recommended)
42
-
43
- Docker is the easiest way to install Pi-hole and makes updates and backups
44
- straightforward.
45
-
46
- ```yaml
47
- # docker-compose.yml
48
- services:
49
- pihole:
50
- image: pihole/pihole:<pinned-release-tag>
51
- container_name: pihole
52
- ports:
53
- - "53:53/tcp"
54
- - "53:53/udp"
55
- - "80:80/tcp" # Web admin
56
- environment:
57
- TZ: "America/New_York"
58
- WEBPASSWORD: "${PIHOLE_WEBPASSWORD}" # set via .env file or secret
59
- PIHOLE_DNS_: "1.1.1.1;1.0.0.1"
60
- DNSMASQ_LISTENING: "all"
61
- volumes:
62
- - "./etc-pihole:/etc/pihole"
63
- - "./etc-dnsmasq.d:/etc/dnsmasq.d"
64
- restart: unless-stopped
65
- cap_add:
66
- - NET_ADMIN # only needed if Pi-hole will serve DHCP
67
- ```
68
-
69
- Replace `<pinned-release-tag>` with a current Pi-hole release tag before deploying.
70
- Avoid `latest` for long-lived DNS infrastructure so upgrades are deliberate and
71
- reviewable.
72
-
73
- Set `PIHOLE_WEBPASSWORD` in a `.env` file next to `docker-compose.yml`, chmod it to
74
- `600`, and keep it out of git — do not put the password directly in the compose file.
75
-
76
- Access web admin at: `http://<pi-ip>/admin`
77
-
78
- ### Bare-Metal Install (Raspberry Pi OS / Debian / Ubuntu)
79
-
80
- Pi-hole requires a static IP before installing.
81
-
82
- ```bash
83
- # Step 1: Assign a static IP (edit /etc/dhcpcd.conf on Pi OS)
84
- sudo nano /etc/dhcpcd.conf
85
- # Add at the bottom:
86
- interface eth0
87
- static ip_address=192.168.3.2/24
88
- static routers=192.168.3.1
89
- static domain_name_servers=192.168.3.1
90
-
91
- # Step 2: Download and inspect the installer before running it.
92
- # Prefer the package or installer path documented by Pi-hole for your OS/version.
93
- curl -sSL https://install.pi-hole.net -o pi-hole-install.sh
94
- less pi-hole-install.sh # review before proceeding
95
-
96
- # Step 3: Run
97
- bash pi-hole-install.sh
98
-
99
- # Follow the interactive installer:
100
- # 1. Select network interface (eth0 for wired — recommended)
101
- # 2. Select upstream DNS (Cloudflare or leave default — can change later)
102
- # 3. Confirm static IP
103
- # 4. Install the web admin interface (recommended)
104
- # 5. Note the admin password shown at the end
105
- ```
106
-
107
- ## Pointing Your Network at Pi-hole
108
-
109
- ```
110
- # Method 1: Change DNS in your router DHCP settings (recommended)
111
- Router admin UI → DHCP Settings → DNS Server
112
- Primary DNS: 192.168.3.2 (Pi-hole IP)
113
- Secondary DNS: leave blank for strict blocking, or use a second Pi-hole.
114
- A public fallback such as 1.1.1.1 improves availability during
115
- rollout but can bypass blocking because clients may query it.
116
-
117
- All devices get Pi-hole as DNS automatically on next DHCP renewal.
118
- Force renewal: reconnect Wi-Fi or run 'sudo dhclient -r && sudo dhclient' on Linux
119
-
120
- # Method 2: Per-device DNS (useful for testing before network-wide rollout)
121
- Windows: Control Panel → Network Adapter → IPv4 Properties → set DNS manually
122
- macOS: System Settings → Network → Details → DNS → set manually
123
- Linux: /etc/resolv.conf or NetworkManager
124
-
125
- # Method 3: Pi-hole as DHCP server (replaces router DHCP)
126
- Pi-hole admin → Settings → DHCP → Enable
127
- Disable DHCP on your router first — two DHCP servers on the same network cause conflicts
128
- Advantage: hostname resolution works automatically (devices register their names)
129
- ```
130
-
131
- ## Blocklist Management
132
-
133
- ```
134
- # Pi-hole admin → Adlists → Add new adlist
135
-
136
- # Recommended blocklists:
137
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
138
- # default — 200k+ domains
139
-
140
- https://blocklistproject.github.io/Lists/malware.txt
141
- # malware domains
142
-
143
- https://blocklistproject.github.io/Lists/tracking.txt
144
- # tracking/telemetry
145
-
146
- # After adding a list:
147
- Tools → Update Gravity (downloads and compiles all blocklists)
148
-
149
- # If a site is blocked that should not be (false positive):
150
- Pi-hole admin → Whitelist → Add domain
151
- Example: api.my-legitimate-service.com
152
-
153
- # Check what is being blocked in real time:
154
- Dashboard → Query Log (live DNS query stream with block/allow status)
155
- ```
156
-
157
- ## DNS-over-HTTPS Upstream
158
-
159
- DNS-over-HTTPS encrypts your DNS queries so your ISP cannot see what sites you resolve.
160
-
161
- ```bash
162
- # Install cloudflared (Cloudflare's DoH proxy).
163
- # Prefer Cloudflare's package repository for automatic signed package verification.
164
- # If you download a binary directly, pin a release version and verify its checksum.
165
- CLOUDFLARED_VERSION="<pinned-version>"
166
- curl -LO "https://github.com/cloudflare/cloudflared/releases/download/${CLOUDFLARED_VERSION}/cloudflared-linux-arm64"
167
- # Verify the checksum/signature from Cloudflare's release notes before installing.
168
- sudo mv cloudflared-linux-arm64 /usr/local/bin/cloudflared
169
- sudo chmod +x /usr/local/bin/cloudflared
170
-
171
- # Create cloudflared config
172
- sudo mkdir -p /etc/cloudflared
173
- sudo tee /etc/cloudflared/config.yml << EOF
174
- proxy-dns: true
175
- proxy-dns-port: 5053
176
- proxy-dns-upstream:
177
- - https://1.1.1.1/dns-query
178
- - https://1.0.0.1/dns-query
179
- EOF
180
-
181
- # Create systemd service
182
- sudo cloudflared service install
183
- sudo systemctl start cloudflared
184
- sudo systemctl enable cloudflared
185
-
186
- # Now point Pi-hole at the local DoH proxy:
187
- # Pi-hole admin → Settings → DNS → Custom upstream DNS
188
- # Set to: 127.0.0.1#5053
189
- # Uncheck all other upstream resolvers
190
- ```
191
-
192
- ## Local DNS Records
193
-
194
- Make your services reachable by name (e.g. `nas.home.lan`, `grafana.home.lan`).
195
-
196
- > **Domain name note:** `.home.lan` is widely used in homelabs and works in practice.
197
- > The IETF-reserved suffix for local use is `.home.arpa` (RFC 8375) — use that to
198
- > follow the standard. Avoid `.local` for Pi-hole DNS records as it conflicts with
199
- > mDNS/Bonjour.
200
-
201
- ```
202
- # Pi-hole admin → Local DNS → DNS Records
203
-
204
- Domain IP
205
- nas.home.lan 192.168.30.10
206
- pi.home.lan 192.168.30.2
207
- grafana.home.lan 192.168.30.3
208
- proxmox.home.lan 192.168.30.4
209
-
210
- # From any device on your network:
211
- ping nas.home.lan → 192.168.30.10
212
- http://grafana.home.lan → your Grafana dashboard
213
-
214
- # For subdomains, add a CNAME:
215
- Pi-hole admin → Local DNS → CNAME Records
216
- Domain: portainer.home.lan → Target: pi.home.lan
217
- ```
218
-
219
- ## Troubleshooting
220
-
221
- ```bash
222
- # Pi-hole blocking something it should not
223
- pihole -q example.com # Check if domain is blocked and which list
224
- pihole -w example.com # Whitelist immediately
225
-
226
- # DNS not resolving at all
227
- pihole status # Check if pihole-FTL is running
228
- dig @192.168.3.2 google.com # Test DNS directly against Pi-hole
229
-
230
- # Restart Pi-hole DNS
231
- pihole restartdns
232
-
233
- # Check query logs for a specific device
234
- pihole -t # Live tail of all queries
235
- # Or filter by client in the web admin Query Log
236
-
237
- # Pi-hole gravity update (refresh blocklists)
238
- pihole -g
239
- ```
240
-
241
- ## Anti-Patterns
242
-
243
- ```
244
- # BAD: Depending on one Pi-hole without a recovery path
245
- # If Pi-hole crashes or the Pi loses power, DNS can stop working
246
- # GOOD: Keep a documented router fallback for rollback during setup
247
- # BETTER: Run two Pi-hole instances for redundancy; avoid public fallback DNS for strict blocking
248
-
249
- # BAD: Installing Pi-hole without a static IP
250
- # If the Pi gets a new DHCP IP, all devices lose DNS
251
- # GOOD: Set static IP first, then install Pi-hole
252
-
253
- # BAD: Enabling Pi-hole DHCP without disabling the router's DHCP first
254
- # Two DHCP servers on the same network hand out conflicting IPs
255
- # GOOD: Disable router DHCP, then enable Pi-hole DHCP
256
-
257
- # BAD: Never updating gravity (blocklists)
258
- # New ad and malware domains accumulate — stale lists miss them
259
- # GOOD: Schedule weekly gravity update: pihole -g (or enable in Settings → API)
260
- ```
261
-
262
- ## Best Practices
263
-
264
- - Give the Pi a static IP or DHCP reservation before installing Pi-hole
265
- - Use Pi-hole as primary DNS; for redundancy, add a second Pi-hole instead of a
266
- public resolver if you need strict blocking
267
- - Enable DoH (DNS-over-HTTPS) with cloudflared for encrypted upstream queries
268
- - Set `home.lan` as your local domain and create DNS records for all your services
269
- - Review the Query Log occasionally — blocked queries show you what devices are doing
270
-
271
- ## Related Skills
272
-
273
- - homelab-network-setup
274
- - homelab-vlan-segmentation
275
- - homelab-wireguard-vpn
@@ -1,312 +0,0 @@
1
- ---
2
- name: homelab-vlan-segmentation
3
- description: Segmenting home networks into VLANs for IoT, guest, trusted, and server traffic using UniFi, pfSense/OPNsense, and MikroTik — including switch trunk config, firewall rules, and wireless SSID mapping.
4
- metadata:
5
- origin: community
6
- ---
7
-
8
- # Homelab VLAN Segmentation
9
-
10
- How to split a home network into isolated VLANs so IoT devices, guests, and your main
11
- PCs cannot talk to each other. The most impactful security upgrade for a home network.
12
-
13
- All firewall rules shown here add isolation between segments — they do not remove
14
- existing protections. Apply changes in a maintenance window and verify connectivity
15
- between segments after each step before moving on.
16
-
17
- ## When to Use
18
-
19
- - Setting up VLANs on a home network for the first time
20
- - Isolating IoT devices (smart bulbs, cameras, TVs) from trusted devices
21
- - Creating a guest Wi-Fi network that cannot reach home devices
22
- - Explaining how VLANs work to someone unfamiliar with the concept
23
- - Configuring trunk ports, access ports, and SSID-to-VLAN mapping
24
- - Troubleshooting inter-VLAN routing or firewall rule issues on pfSense/OPNsense/UniFi
25
-
26
- ## How It Works
27
-
28
- ```
29
- Without VLANs — flat network:
30
- All devices on 192.168.1.0/24
31
- Smart TV (potential malware) → can reach your NAS, PCs, everything
32
-
33
- With VLANs:
34
- VLAN 10 — Trusted 192.168.10.0/24 (PCs, phones, laptops)
35
- VLAN 20 — IoT 192.168.20.0/24 (smart TV, bulbs, cameras)
36
- VLAN 30 — Servers 192.168.30.0/24 (NAS, Pi, VMs)
37
- VLAN 40 — Guest 192.168.40.0/24 (visitor Wi-Fi)
38
- VLAN 99 — Management 192.168.99.0/24 (switch/AP web UIs)
39
-
40
- Smart TV → blocked from reaching 192.168.10.0/24 and 192.168.30.0/24
41
- Guests → internet only, cannot see any home devices
42
- ```
43
-
44
- ## VLAN Design Template
45
-
46
- ```
47
- VLAN Name Subnet Gateway Purpose
48
- 10 trusted 192.168.10.0/24 192.168.10.1 PCs, phones, laptops
49
- 20 iot 192.168.20.0/24 192.168.20.1 Smart home devices
50
- 30 servers 192.168.30.0/24 192.168.30.1 NAS, Pi, self-hosted
51
- 40 guest 192.168.40.0/24 192.168.40.1 Visitor Wi-Fi
52
- 99 management 192.168.99.0/24 192.168.99.1 Network gear web UIs
53
- ```
54
-
55
- ## Examples
56
-
57
- **Typical homelab with UniFi AP and managed switch:**
58
-
59
- ```
60
- Scenario: 3-bedroom house, UniFi Dream Machine + UniFi 8-port switch + 2 APs
61
-
62
- VLAN 10 — Trusted 192.168.10.0/24 MacBook, iPhones, iPad
63
- VLAN 20 — IoT 192.168.20.0/24 Nest thermostat, Philips Hue, Ring doorbell, smart TVs
64
- VLAN 30 — Servers 192.168.30.0/24 Synology NAS (192.168.30.10), Pi-hole (192.168.30.2)
65
- VLAN 40 — Guest 192.168.40.0/24 Visitor Wi-Fi — internet only
66
-
67
- SSID → VLAN mapping:
68
- "Home" → VLAN 10 (WPA2, strong password, trusted devices only)
69
- "IoT" → VLAN 20 (WPA2, separate password, printed on router for setup)
70
- "Guest" → VLAN 40 (WPA2, simple password you can share freely)
71
-
72
- Switch port behavior:
73
- Port 1 → trunk to router (tagged VLANs 10,20,30,40,99)
74
- Port 2 → trunk to APs (tagged VLANs 10,20,40; AP handles per-SSID tagging)
75
- Port 3 → access VLAN 30 (NAS — untagged, no VLAN awareness needed)
76
- Port 4 → access VLAN 30 (Pi-hole — untagged)
77
- Port 5–8 → access VLAN 10 (wired workstations)
78
-
79
- Firewall rules applied (all rules add isolation, none remove existing protections):
80
- IoT → Trusted: BLOCK
81
- IoT → Servers: BLOCK except 192.168.30.2:53 (Pi-hole DNS allowed)
82
- IoT → Internet: ALLOW
83
- Guest → Local networks: BLOCK
84
- Guest → Internet: ALLOW
85
- Trusted → everywhere: ALLOW
86
- ```
87
-
88
- ## UniFi Configuration
89
-
90
- ### Create Networks in UniFi Controller
91
-
92
- ```
93
- Settings → Networks → Create New Network
94
-
95
- For each VLAN:
96
- Name: IoT
97
- Purpose: Corporate (gives DHCP + routing)
98
- VLAN ID: 20
99
- Network: 192.168.20.0/24
100
- Gateway IP: 192.168.20.1
101
- DHCP: Enable
102
- DHCP Range: 192.168.20.100 – 192.168.20.254
103
- ```
104
-
105
- ### Map SSIDs to VLANs (UniFi)
106
-
107
- ```
108
- Settings → WiFi → Create New WiFi
109
-
110
- Name: IoT-Network
111
- Password: <separate password>
112
- Network: IoT ← select your VLAN here
113
- # All devices connecting to this SSID land in VLAN 20
114
-
115
- Name: Guest
116
- Password: <guest password>
117
- Network: Guest
118
- Guest Policy: Enable ← isolates guests from each other too
119
- ```
120
-
121
- ### UniFi Firewall Rules (Traffic Rules)
122
-
123
- ```
124
- Settings → Traffic & Security → Traffic Rules
125
-
126
- # Block IoT from reaching Trusted VLAN
127
- Action: Block
128
- Category: Local Network
129
- Source: IoT (192.168.20.0/24)
130
- Destination: Trusted (192.168.10.0/24)
131
-
132
- # Allow IoT to reach internet only
133
- Action: Allow
134
- Source: IoT
135
- Destination: Internet
136
-
137
- # Block Guest from all local networks
138
- Action: Block
139
- Source: Guest
140
- Destination: Local Networks
141
- ```
142
-
143
- ## pfSense / OPNsense Configuration
144
-
145
- ### Create VLANs
146
-
147
- ```
148
- Interfaces → Assignments → VLANs → Add
149
-
150
- Parent Interface: em1 (your LAN NIC)
151
- VLAN Tag: 20
152
- Description: IoT
153
-
154
- # Repeat for each VLAN, then assign each VLAN to an interface:
155
- Interfaces → Assignments → Add
156
- Select the VLAN you created → click Add
157
- Enable the interface, set IP to gateway address (192.168.20.1/24)
158
- ```
159
-
160
- ### DHCP for Each VLAN
161
-
162
- ```
163
- Services → DHCP Server → Select your VLAN interface
164
-
165
- Enable DHCP
166
- Range: 192.168.20.100 to 192.168.20.254
167
- DNS Servers: 192.168.30.2 ← Pi-hole IP if you have one
168
- ```
169
-
170
- ### Firewall Rules (pfSense/OPNsense)
171
-
172
- ```
173
- # Rules are processed top-to-bottom, first match wins.
174
-
175
- # On the IoT interface (VLAN 20):
176
- Rule 1: Allow IoT → Pi-hole DNS ← MUST come before the RFC1918 block rule
177
- Protocol: UDP/TCP
178
- Source: IoT net
179
- Destination: 192.168.30.2 port 53
180
- Action: Allow
181
-
182
- Rule 2: Block IoT → RFC1918 (all private IP ranges)
183
- Protocol: any
184
- Source: IoT net
185
- Destination: RFC1918 (192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12)
186
- Action: Block
187
-
188
- Rule 3: Allow IoT → internet
189
- Protocol: any
190
- Source: IoT net
191
- Destination: any
192
- Action: Allow
193
-
194
- # On the Trusted interface (VLAN 10):
195
- Allow all (trusted devices can reach everything)
196
- Source: Trusted net
197
- Destination: any
198
- Action: Allow
199
-
200
- # Additional exceptions for IoT devices that need specific local services:
201
- Insert before Rule 2 (the RFC1918 block):
202
- Protocol: TCP
203
- Source: IoT net
204
- Destination: 192.168.30.x port 8123 ← Home Assistant
205
- Action: Allow
206
- ```
207
-
208
- ## MikroTik Configuration
209
-
210
- ```
211
- # Step 1: Create a bridge with VLAN filtering enabled
212
- /interface bridge
213
- add name=bridge vlan-filtering=yes
214
-
215
- # Step 2: Add physical ports to the bridge
216
- # Trunk port to router/uplink (tagged for all VLANs)
217
- /interface bridge port
218
- add bridge=bridge interface=ether1 frame-types=admit-only-vlan-tagged
219
-
220
- # Access port for trusted devices (untagged VLAN 10)
221
- /interface bridge port
222
- add bridge=bridge interface=ether2 pvid=10 frame-types=admit-only-untagged-and-priority-tagged
223
-
224
- # Access port for IoT devices (untagged VLAN 20)
225
- /interface bridge port
226
- add bridge=bridge interface=ether3 pvid=20 frame-types=admit-only-untagged-and-priority-tagged
227
-
228
- # Step 3: Define which VLANs are allowed on which ports
229
- /interface bridge vlan
230
- add bridge=bridge tagged=ether1 untagged=ether2 vlan-ids=10
231
- add bridge=bridge tagged=ether1 untagged=ether3 vlan-ids=20
232
-
233
- # Step 4: Create VLAN interfaces on the bridge (gateway IPs)
234
- /interface vlan
235
- add interface=bridge name=vlan10 vlan-id=10
236
- add interface=bridge name=vlan20 vlan-id=20
237
-
238
- # Step 5: Assign gateway IPs
239
- /ip address
240
- add interface=vlan10 address=192.168.10.1/24
241
- add interface=vlan20 address=192.168.20.1/24
242
-
243
- # Step 6: DHCP pools and servers
244
- /ip pool
245
- add name=pool-trusted ranges=192.168.10.100-192.168.10.254
246
- add name=pool-iot ranges=192.168.20.100-192.168.20.254
247
-
248
- /ip dhcp-server
249
- add interface=vlan10 address-pool=pool-trusted name=dhcp-trusted
250
- add interface=vlan20 address-pool=pool-iot name=dhcp-iot
251
-
252
- /ip dhcp-server network
253
- add address=192.168.10.0/24 gateway=192.168.10.1
254
- add address=192.168.20.0/24 gateway=192.168.20.1
255
-
256
- # Step 7: Firewall — block IoT from reaching trusted VLAN
257
- /ip firewall filter
258
- add chain=forward src-address=192.168.20.0/24 dst-address=192.168.10.0/24 \
259
- action=drop comment="Block IoT to Trusted"
260
- ```
261
-
262
- ## Switch Trunk vs Access Ports
263
-
264
- ```
265
- # Trunk port: carries multiple VLANs (tagged) — connects switch-to-switch, switch-to-router, switch-to-AP
266
- # Access port: carries one VLAN (untagged) — connects to end devices (PC, camera, NAS)
267
-
268
- # A managed switch port connected to your router should be a trunk:
269
- Allowed VLANs: 10, 20, 30, 40, 99
270
-
271
- # A port connecting to a PC should be an access port:
272
- VLAN: 10 (trusted)
273
- No tagging — the PC does not know or care about VLANs
274
-
275
- # A port connecting to an AP must be a trunk:
276
- The AP tags traffic from each SSID with the right VLAN ID
277
- Allowed VLANs: 10, 20, 40 (whichever SSIDs the AP serves)
278
- ```
279
-
280
- ## Anti-Patterns
281
-
282
- ```
283
- # BAD: Creating VLANs without adding firewall rules
284
- # VLANs without firewall rules do not provide security — inter-VLAN routing is open by default
285
- # GOOD: Add explicit block rules immediately after creating VLANs
286
-
287
- # BAD: Putting the Pi-hole in the IoT VLAN
288
- # IoT devices can reach it but trusted devices cannot (without extra rules)
289
- # GOOD: Pi-hole in the Servers VLAN with a rule allowing all VLANs to reach port 53
290
-
291
- # BAD: Native VLAN equals management VLAN
292
- # Untagged traffic landing in your management VLAN enables VLAN hopping attacks
293
- # GOOD: Use a dedicated unused VLAN as native (e.g. VLAN 999), keep management traffic tagged
294
-
295
- # BAD: Same Wi-Fi password for IoT SSID and trusted SSID
296
- # Anyone who learns the password can connect IoT devices to the wrong segment
297
- ```
298
-
299
- ## Best Practices
300
-
301
- - Start with 4 VLANs: Trusted, IoT, Servers, Guest — add more as needed
302
- - Put Pi-hole in the Servers VLAN (192.168.30.x)
303
- - Add a firewall rule allowing DNS (port 53) from all VLANs to the Pi-hole IP — before any RFC1918 block rule
304
- - Test isolation after every rule change: from the IoT VLAN, try to ping a trusted device — it should fail
305
- - Use a management VLAN for switch and AP web UIs and restrict access to the Trusted VLAN only
306
- - Document your VLAN design in a table (VLAN ID, name, subnet, purpose)
307
-
308
- ## Related Skills
309
-
310
- - homelab-network-setup
311
- - homelab-pihole-dns
312
- - homelab-wireguard-vpn