cue-ai 0.5.0 → 0.7.0

package/resources/skills/skills/rust/axum-api/SKILL.md

@@ -0,0 +1,38 @@
+---
+name: axum-api
+description: Use when building an HTTP API or web service in Rust. Covers axum (recommended), with notes on actix-web and rocket. Extractors, layers, error types, OpenAPI.
+allowed-tools: Bash(cargo:*)
+---
+
+# axum — the standard Rust web framework
+
+Built on `hyper` + `tower`. Tokio-native. Used by Discord, Cloudflare, etc.
+
+## When to use
+- **Minimum router**:
+  ```rust
+  let app = Router::new()
+      .route("/users/:id", get(get_user))
+      .route("/users", post(create_user))
+      .with_state(app_state);
+  let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await?;
+  axum::serve(listener, app).await?;
+  ```
+- **Extractors** (extract from request): `Path<T>`, `Query<T>`, `Json<T>`, `State<S>`, `Extension<T>`, custom `FromRequestParts`
+- **Responses**: return any `IntoResponse` — `Json<T>`, `(StatusCode, body)`, custom error types
+- **Error type**: define one app-wide `AppError`; impl `IntoResponse` mapping variants to status codes
+- **Middleware (layers)**: `.layer(TraceLayer::new_for_http())` for logging, `.layer(CorsLayer::permissive())`, custom via `tower::Service`
+- **Shared state**: `Router::with_state(state)` then `State(s): State<AppState>` extractor
+- **WebSocket**: `WebSocketUpgrade` extractor
+- **OpenAPI**: `utoipa` + `utoipa-swagger-ui` to auto-gen docs from `#[derive(ToSchema)]` + `#[utoipa::path]`
+- **Alternatives**: `actix-web` (older, fast, actor-flavored), `rocket` (macro-heavy, less async-idiomatic)
+
+## Prerequisites
+- cargo
+- crates: `axum`, `tokio = { features = ["full"] }`, `tower-http`, `serde`
+
+## Notes
+- Always wrap with `TraceLayer` + a tracing subscriber — request logs cost ~zero and save days of debugging.
+- For >50 routes, split into modules each returning a `Router<AppState>` and `.merge()` them in `main`.
+- Don't manually parse `Authorization` headers in every handler — write a custom extractor once.
+- Health/readiness endpoints belong on a separate `Router` mounted unconditionally (no auth middleware).

package/resources/skills/skills/rust/bacon-watch/SKILL.md

@@ -0,0 +1,24 @@
+---
+name: bacon-watch
+description: Use when iterating on Rust code and wanting auto-rerun on save. Covers bacon (TUI) and cargo-watch (simpler scripted loop).
+allowed-tools: Bash(bacon:*), Bash(cargo:*), Bash(cargo-watch:*)
+---
+
+# bacon & cargo-watch
+
+Live feedback while you code.
+
+## When to use
+- TUI with split panes: `bacon` (defaults to check) · `bacon clippy` · `bacon test`
+- Per-project jobs: edit `bacon.toml` to define jobs
+- One-shot loop: `cargo watch -x check` · chain: `cargo watch -x check -x test`
+- On file change run any cmd: `cargo watch -s "cargo run -- --foo"`
+
+## Prerequisites
+- bacon (`cargo install --locked bacon`)
+- cargo-watch (`cargo install cargo-watch --locked`)
+
+## Notes
+- bacon's TUI handles long output better; cargo-watch is better when you want a one-line scripted loop.
+- Bacon's `--headless` mode pipes to stdout — useful inside tmux/editor panes.
+- Use bacon for active development; reach for cargo-watch only when you need to compose with non-cargo commands.

package/resources/skills/skills/rust/bevy/SKILL.md

@@ -0,0 +1,43 @@
+---
+name: bevy
+description: Use when building a game or interactive simulation in Rust with the Bevy engine — ECS-first, data-driven, hot-reloading, cross-platform (desktop + wasm).
+allowed-tools: Bash(cargo:*)
+---
+
+# Bevy — Rust game engine
+
+Entity-Component-System architecture, Rust-native, batteries-included (2D + 3D + UI + audio + input).
+
+## When to use
+- **Setup**: `bevy = "0.14"` — pin a version, Bevy churns fast and 0.x bumps are breaking
+- **Hello triangle**:
+  ```rust
+  use bevy::prelude::*;
+  fn main() {
+      App::new()
+          .add_plugins(DefaultPlugins)
+          .add_systems(Startup, setup)
+          .add_systems(Update, move_things)
+          .run();
+  }
+  fn setup(mut cmd: Commands) { cmd.spawn(Camera2dBundle::default()); }
+  fn move_things(mut q: Query<&mut Transform, With<Player>>, time: Res<Time>) { /* ... */ }
+  ```
+- **Spawn entities**: `commands.spawn((MeshBundle { ... }, Velocity(v), Player));` — tuples of components
+- **Query data**: `Query<(&mut Transform, &Velocity), With<Player>>` — typed iteration over matching entities
+- **Resources**: globally-shared state via `Res<T>` / `ResMut<T>`
+- **Events**: `EventWriter<MyEvent>` / `EventReader<MyEvent>` for decoupled comms
+- **States / schedules**: `add_systems(Update, my_sys.run_if(in_state(GameState::Playing)))`
+- **Hot reload assets**: `bevy = { features = ["file_watcher"] }` — change PNGs without rebuilding
+
+## Prerequisites
+- cargo
+- Dev deps for fast iterative builds: `[profile.dev] opt-level = 1` plus `[profile.dev.package."*"] opt-level = 3`
+- On Linux: `apt install libwayland-dev libxkbcommon-dev libudev-dev libasound2-dev` (winit + audio)
+
+## Notes
+- Bevy releases break things. Read the migration guide before bumping minor versions.
+- For WASM target, use `cargo run --target wasm32-unknown-unknown` with `trunk` or `wasm-server-runner` (see `rust/wasm-rust` skill).
+- ECS thinking takes time — avoid global mutable state and reach for components/resources instead.
+- Ecosystem crates (`bevy_egui`, `bevy_rapier`, `leafwing-input-manager`) cover UI, physics, input remapping respectively.
+- Alternative engines: `macroquad` (simpler, immediate-mode), `fyrox` (scene-based, GUI editor).

package/resources/skills/skills/rust/bindgen/SKILL.md

@@ -0,0 +1,39 @@
+---
+name: bindgen
+description: Use when calling C libraries from Rust — auto-generate FFI signatures from C headers instead of hand-typing extern blocks.
+allowed-tools: Bash(cargo:*), Bash(bindgen:*)
+---
+
+# bindgen — C → Rust FFI
+
+Reads C headers via libclang, emits `extern "C" { ... }` blocks + struct layouts.
+
+## When to use
+- **One-off generation**:
+  ```sh
+  bindgen wrapper.h -o src/bindings.rs --allowlist-function 'foo_.*' --allowlist-type 'Foo.*'
+  ```
+- **Build-script integration** (regenerates on header change):
+  ```rust
+  // build.rs
+  fn main() {
+      println!("cargo:rustc-link-lib=mylib");
+      let bindings = bindgen::Builder::default()
+          .header("wrapper.h")
+          .parse_callbacks(Box::new(bindgen::CargoCallbacks::new()))
+          .generate().unwrap();
+      bindings.write_to_file(std::path::PathBuf::from(std::env::var("OUT_DIR").unwrap()).join("bindings.rs")).unwrap();
+  }
+  ```
+  Then `include!(concat!(env!("OUT_DIR"), "/bindings.rs"));` in your lib.rs.
+- **Vendored vs system libs**: pair with `pkg-config` crate or `cmake` crate to find/build the underlying C library.
+
+## Prerequisites
+- bindgen CLI (or `bindgen` build-dep)
+- `libclang` (`apt install libclang-dev` / `brew install llvm` + `LIBCLANG_PATH`)
+
+## Notes
+- Always wrap unsafe FFI in a safe Rust API in the same crate — downstream users should never write `unsafe { ffi::* }`.
+- Use `--allowlist-*` aggressively. Generating bindings for ALL of `stdio.h` produces hundreds of unused items.
+- For C++ libraries: bindgen has partial support; for serious C++ interop use `cxx` crate (different model).
+- Pre-built `*-sys` crates already exist for most popular C libs (e.g. `libgit2-sys`, `libz-sys`) — check crates.io before rolling your own.

package/resources/skills/skills/rust/cargo-audit/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: cargo-audit
+description: Use when checking a Rust project for known vulnerabilities, license violations, or supply-chain risk. Covers cargo-audit, cargo-deny, cargo-geiger, cargo-vet, cargo-crev.
+allowed-tools: Bash(cargo:*), Bash(cargo-audit:*), Bash(cargo-deny:*), Bash(cargo-geiger:*), Bash(cargo-vet:*), Bash(cargo-crev:*)
+---
+
+# Rust Security Suite
+
+Supply-chain and unsafe-code auditing.
+
+## When to use
+- Vuln scan against RustSec advisory DB: `cargo audit`
+- Hard-fail in CI: `cargo audit --deny warnings`
+- Policy check (licenses, advisories, dup versions, bans): `cargo deny init` then `cargo deny check`
+- Count unsafe in deps: `cargo geiger`
+- Supply-chain trust audit (Mozilla): `cargo vet init` then `cargo vet`
+- Crowd-sourced review trust web: `cargo crev review <crate>`
+
+## Prerequisites
+- cargo-audit, cargo-deny, cargo-geiger, cargo-vet, cargo-crev (all via `cargo install --locked`)
+
+## Notes
+- cargo-audit + cargo-deny together cover 90% of real-world supply-chain needs. Start with those two.
+- Wire `cargo audit` into CI as a separate job — advisories drop continuously, so a pinned `Cargo.lock` can become unsafe overnight without a code change.
+- cargo-deny config lives in `deny.toml`. Use `[advisories]` and `[licenses]` first; `[bans]` and `[sources]` are advanced.
+- cargo-geiger output is informational, not gating — high unsafe counts in crates like `tokio` are expected.

package/resources/skills/skills/rust/cargo-basics/SKILL.md

@@ -0,0 +1,28 @@
+---
+name: cargo-basics
+description: Use when starting, building, running, testing, or generating docs for a Rust crate. Covers cargo new/init/check/build/run/test/doc and workspace scoping.
+allowed-tools: Bash(cargo:*), Bash(rustc:*), Bash(rustup:*)
+---
+
+# Cargo Basics
+
+Core cargo workflow. Use before reaching for anything fancier.
+
+## When to use
+- New crate: `cargo new --bin <name>` or `cargo new --lib <name>`
+- Inside an existing source tree: `cargo init`
+- Type-check only (fast inner loop): `cargo check`
+- Build: `cargo build` (debug) · `cargo build --release` (optimized)
+- Run binary: `cargo run` · pass args: `cargo run -- --flag value`
+- Test: `cargo test` · filter: `cargo test <substring>` · show prints: `cargo test -- --nocapture`
+- Docs: `cargo doc --open --no-deps`
+- Workspace member scope: `cargo build -p <member>`
+- Pick a toolchain: `cargo +nightly build` · default per project via `rust-toolchain.toml`
+
+## Prerequisites
+- rustup (installs cargo, rustc, clippy, rustfmt)
+
+## Notes
+- `cargo check` is ~3x faster than `cargo build`. Loop on check, build only when running.
+- `--release` strips debug + enables optimizations — slow to compile, much faster runtime. Don't use it for tests unless benchmarking.
+- `Cargo.lock` should be committed for binaries, ignored for library crates published to crates.io.

package/resources/skills/skills/rust/cargo-chef/SKILL.md

@@ -0,0 +1,43 @@
+---
+name: cargo-chef
+description: Use when building a Docker image of a Rust app and the dep compile step keeps invalidating cache. Splits dep compilation into a cacheable layer.
+allowed-tools: Bash(cargo:*), Bash(cargo-chef:*), Bash(docker:*)
+---
+
+# cargo-chef — Docker layer caching for Rust
+
+Without it: changing one line of your app re-downloads + recompiles all deps because Cargo.toml/lock layer changes. With it: deps live in their own cached layer.
+
+## When to use
+
+Multi-stage Dockerfile pattern:
+
+```dockerfile
+FROM rust:1-slim AS chef
+RUN cargo install cargo-chef --locked
+WORKDIR /app
+
+FROM chef AS planner
+COPY . .
+RUN cargo chef prepare --recipe-path recipe.json
+
+FROM chef AS builder
+COPY --from=planner /app/recipe.json recipe.json
+RUN cargo chef cook --release --recipe-path recipe.json   # cached if recipe.json unchanged
+COPY . .
+RUN cargo build --release
+
+FROM debian:bookworm-slim AS runtime
+COPY --from=builder /app/target/release/myapp /usr/local/bin/
+ENTRYPOINT ["/usr/local/bin/myapp"]
+```
+
+## Prerequisites
+- cargo-chef (used inside the build image)
+- Docker / Podman with BuildKit
+
+## Notes
+- `recipe.json` is deterministic from Cargo.toml/lock — only changes when deps change, which is what makes the cache layer durable.
+- Pairs well with `sccache` set via `RUSTC_WRAPPER=sccache` in the builder stage for second-level caching across machines.
+- For smallest runtime images, switch the final stage to `gcr.io/distroless/cc-debian12` (static binaries can use `scratch`).
+- Doesn't speed up `cargo build` locally — it's purely a Docker layer caching pattern.

package/resources/skills/skills/rust/cargo-edit/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: cargo-edit
+description: Use when adding, removing, or upgrading Rust dependencies, or auditing unused deps. Covers cargo add/rm/upgrade, cargo-outdated, cargo-machete, cargo-udeps.
+allowed-tools: Bash(cargo:*), Bash(cargo-edit:*), Bash(cargo-outdated:*), Bash(cargo-machete:*), Bash(cargo-udeps:*)
+---
+
+# Cargo Dependency Tooling
+
+Manage Cargo.toml without hand-editing.
+
+## When to use
+- Add: `cargo add serde --features derive`
+- Remove: `cargo remove serde`
+- Upgrade everything compatibly: `cargo update`
+- Upgrade past semver: `cargo upgrade` (needs cargo-edit) — bumps Cargo.toml itself
+- See what has a newer version: `cargo outdated --root-deps-only`
+- Find unused deps (fast): `cargo machete`
+- Find unused deps (thorough, needs nightly): `cargo +nightly udeps`
+
+## Prerequisites
+- cargo-edit, cargo-outdated, cargo-machete, cargo-udeps
+
+## Notes
+- `cargo add/remove` are built into cargo since 1.62, but `cargo upgrade` still needs cargo-edit.
+- `cargo machete` is fast and catches the common case; reach for udeps only when machete misses something (it's nightly-only and slower).
+- `cargo outdated --root-deps-only` filters out transitives — usually what you want.

package/resources/skills/skills/rust/cargo-expand/SKILL.md

@@ -0,0 +1,24 @@
+---
+name: cargo-expand
+description: Use when debugging Rust macros (proc-macros, derive, declarative) — see what code the macro actually generates.
+allowed-tools: Bash(cargo:*), Bash(cargo-expand:*)
+---
+
+# cargo-expand
+
+See the post-macro source. Indispensable when a derive misbehaves.
+
+## When to use
+- Expand whole crate: `cargo expand`
+- One module: `cargo expand path::to::module`
+- One test: `cargo expand --test <name>`
+- Filter to a function/struct: `cargo expand path::to::ItemName`
+
+## Prerequisites
+- cargo-expand
+- Nightly toolchain (cargo-expand pins one automatically)
+
+## Notes
+- Output is full Rust — pipe through `bat -l rust` for highlighting.
+- When a `#[derive(Serialize)]` produces weird output, expand and read the generated `impl`. The compiler error suddenly makes sense.
+- Don't commit expanded output — it's a debugging tool, not a refactor target.

package/resources/skills/skills/rust/cargo-flamegraph/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: cargo-flamegraph
+description: Use when profiling Rust performance, benchmarking, or analysing binary size. Covers cargo-flamegraph, cargo-criterion, cargo-bloat.
+allowed-tools: Bash(cargo:*), Bash(cargo-flamegraph:*), Bash(cargo-criterion:*), Bash(cargo-bloat:*), Bash(perf:*)
+---
+
+# Rust Performance Toolkit
+
+CPU profiling, benchmark frontend, binary-size analysis.
+
+## When to use
+- Flamegraph of a binary: `cargo flamegraph --release` (opens svg)
+- Flamegraph of a test: `cargo flamegraph --test <name>`
+- Criterion benches with nicer output: `cargo criterion`
+- What takes space in the release binary: `cargo bloat --release --crates`
+- Per-function bloat: `cargo bloat --release -n 30`
+
+## Prerequisites
+- cargo-flamegraph (`cargo install flamegraph --locked`)
+- cargo-criterion, cargo-bloat
+- Linux: `linux-tools-common` + `linux-tools-generic` for `perf`. macOS: dtrace (root).
+
+## Notes
+- Always profile `--release` — debug builds are useless for perf.
+- Add `[profile.release] debug = true` to Cargo.toml so flamegraphs have symbols (doesn't slow runtime, just enlarges the binary).
+- Criterion benches need the `criterion` crate as a dev-dep and `[[bench]]` entries with `harness = false`.

package/resources/skills/skills/rust/cargo-fuzz/SKILL.md

@@ -0,0 +1,34 @@
+---
+name: cargo-fuzz
+description: Use when fuzzing parsers, deserializers, FFI boundaries, or any code that takes untrusted bytes. libFuzzer integration via cargo-fuzz.
+allowed-tools: Bash(cargo:*), Bash(cargo-fuzz:*), Bash(rustup:*)
+---
+
+# cargo-fuzz — libFuzzer for Rust
+
+Coverage-guided fuzzing. Often finds panics + UB within minutes on parser code.
+
+## When to use
+- **Init in a crate**: `cargo fuzz init`
+- **Add a target**: `cargo fuzz add my_parser` — generates `fuzz/fuzz_targets/my_parser.rs`
+- **Target body**:
+  ```rust
+  libfuzzer_sys::fuzz_target!(|data: &[u8]| {
+      let _ = my_crate::parse(data);  // must not panic
+  });
+  ```
+- **Run** (requires nightly): `cargo +nightly fuzz run my_parser`
+- **Reproduce a crash**: `cargo +nightly fuzz run my_parser fuzz/artifacts/my_parser/crash-*`
+- **Minimize crashes**: `cargo +nightly fuzz tmin my_parser <artifact>`
+- **Seed corpus**: drop interesting inputs in `fuzz/corpus/my_parser/`
+
+## Prerequisites
+- nightly: `rustup install nightly`
+- cargo-fuzz
+- libFuzzer ships with nightly's compiler-rt — no extra package on Linux/macOS
+
+## Notes
+- Run continuously in the background, not as a unit test — fuzzing is a long-running search.
+- Pair with `arbitrary` crate so target bodies parse `&[u8]` into structured types: `fuzz_target!(|input: MyStruct| ...)` via `#[derive(Arbitrary)]`.
+- Commit interesting corpus inputs + any minimized crashes — they accelerate the next run.
+- For HTTP server fuzzing, look at `cargo-bolero` (multi-engine wrapper) instead.

package/resources/skills/skills/rust/cargo-hack/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: cargo-hack
+description: Use when a Rust crate has multiple feature flags and you need to verify every combination compiles + tests cleanly. Catches "works on default features only" bugs.
+allowed-tools: Bash(cargo:*), Bash(cargo-hack:*)
+---
+
+# cargo-hack — feature combo testing
+
+Without it, `cargo test` only covers default features. Feature combinations are silent bombs.
+
+## When to use
+- **Check every feature individually**: `cargo hack check --each-feature`
+- **Check every subset** (slow but thorough): `cargo hack check --feature-powerset`
+- **Skip dev deps from feature analysis**: `--ignore-private`
+- **Limit MSRV**: `cargo hack check --rust-version` (pairs with `cargo-msrv`)
+- **Exclude expensive features**: `--exclude-features expensive,slow`
+- **CI pattern**: `cargo hack --each-feature --no-dev-deps check`
+
+## Prerequisites
+- cargo-hack
+- A `Cargo.toml` with `[features]` declared
+
+## Notes
+- `--feature-powerset` is N² in feature count; for crates with 6+ features, prefer `--each-feature` + manual important combos.
+- Catches the classic "`use mod_x::Foo`" inside `#[cfg(feature = "a")]` that breaks when feature `b` isn't enabled.
+- Wire into CI as a separate job — it's slower than the main test job but high-signal.

package/resources/skills/skills/rust/cargo-msrv/SKILL.md

@@ -0,0 +1,30 @@
+---
+name: cargo-msrv
+description: Use when determining or verifying the minimum supported Rust version (MSRV) of a published crate.
+allowed-tools: Bash(cargo:*), Bash(cargo-msrv:*), Bash(rustup:*)
+---
+
+# cargo-msrv
+
+Finds the oldest stable Rust that still compiles your crate. Critical for libraries (downstream users may not be on the latest toolchain).
+
+## When to use
+- **Discover MSRV**: `cargo msrv find` (binary searches over toolchains)
+- **Verify a declared MSRV**: `cargo msrv verify` (reads `rust-version` from Cargo.toml)
+- **Set MSRV in Cargo.toml**:
+  ```toml
+  [package]
+  rust-version = "1.75"
+  ```
+- **List versions tried**: `cargo msrv list`
+- **Per-crate in a workspace**: `cargo msrv --path crates/mylib find`
+
+## Prerequisites
+- cargo-msrv
+- Multiple rustup toolchains (msrv installs them as needed)
+
+## Notes
+- Pair with `cargo-hack`'s `--rust-version` flag to gate feature combinations against MSRV in CI.
+- MSRV bumps are semver-significant for many crate authors — treat as a minor (sometimes major) bump.
+- The `rust-version` field in Cargo.toml is what `cargo verify-project` and the registry check.
+- Use `#[cfg(rust_version = "1.80")]`-style cfg only via the `rustversion` crate — there's no built-in cfg for it.

package/resources/skills/skills/rust/cargo-mutants/SKILL.md

@@ -0,0 +1,26 @@
+---
+name: cargo-mutants
+description: Use when measuring test quality — mutation testing modifies your code and checks tests catch the change. Finds "I have 90% coverage but tests assert nothing".
+allowed-tools: Bash(cargo:*), Bash(cargo-mutants:*)
+---
+
+# cargo-mutants — mutation testing
+
+Permutes operators (`<` → `<=`, `+` → `-`, returns `Default`, etc.) then runs your tests. A mutation that survives = your tests aren't really testing it.
+
+## When to use
+- **First run**: `cargo mutants` (slow — runs whole test suite per mutation)
+- **Scope to one file**: `cargo mutants -f src/parser.rs`
+- **Skip slow tests**: `cargo mutants --test-tool=nextest -- --skip slow_`
+- **Baseline-only (fast sanity)**: `cargo mutants --check`
+- **In CI** (PR-scoped): `cargo mutants --in-diff <(git diff main)`
+
+## Prerequisites
+- cargo-mutants
+- A passing test suite (baseline must be green or it bails)
+
+## Notes
+- Expect long runtimes — N_mutants × test_duration. Practical on libraries (~minutes), painful on large workspaces (hours). Use `--in-diff` in CI.
+- "Missed" mutations point to under-tested branches; "timeout" usually means an infinite loop introduced by the mutation (safe).
+- Pair with `cargo-nextest` (`--test-tool=nextest`) for big speedups.
+- Skip generated code, FFI shims, and trivial newtypes via `# mutants: skip` line comment.

package/resources/skills/skills/rust/cargo-nextest/SKILL.md

@@ -0,0 +1,24 @@
+---
+name: cargo-nextest
+description: Use when running Rust tests slowly with cargo test, or when CI test time hurts. Drop-in faster runner with better output, retries, and JUnit XML.
+allowed-tools: Bash(cargo:*), Bash(cargo-nextest:*)
+---
+
+# cargo-nextest
+
+Faster, prettier `cargo test` replacement. ~60% faster on most workspaces.
+
+## When to use
+- Default test run: `cargo nextest run`
+- Filter: `cargo nextest run <substring>` · by crate: `-p <crate>`
+- Retry flaky: `cargo nextest run --retries 2`
+- CI JUnit output: `cargo nextest run --profile ci` with `[profile.ci.junit] path = "junit.xml"` in `.config/nextest.toml`
+- List without running: `cargo nextest list`
+
+## Prerequisites
+- cargo-nextest (`cargo install cargo-nextest --locked`)
+
+## Notes
+- Does NOT run doctests — keep `cargo test --doc` in CI alongside nextest.
+- Parallelism is per-test, not per-binary, which is the speedup source.
+- Stable test IDs make flake tracking easy: `<crate>::<test_path>`.

package/resources/skills/skills/rust/cargo-readme/SKILL.md

@@ -0,0 +1,36 @@
+---
+name: cargo-readme
+description: Use when keeping README.md in sync with lib.rs doc comments — generate the README from `//!` crate-level docs.
+allowed-tools: Bash(cargo:*), Bash(cargo-readme:*)
+---
+
+# cargo-readme
+
+Single source of truth: write docs in `src/lib.rs`, generate README. No drift between rustdoc and the GitHub front page.
+
+## When to use
+- **One-shot**: `cargo readme > README.md`
+- **Template** (control title/badges around the generated body): `README.tpl` at repo root; reference with `{{readme}}`
+- **CI guard**: `diff <(cargo readme) README.md` — non-zero exit blocks PR if README drifted
+- **Workspace**: run per-crate; root README usually stays hand-written
+
+## Prerequisites
+- cargo-readme
+- Crate-level docs in `src/lib.rs`:
+  ```rust
+  //! # mylib
+  //!
+  //! Does the thing.
+  //!
+  //! ## Example
+  //!
+  //! ```
+  //! mylib::do_thing();
+  //! ```
+  ```
+
+## Notes
+- Code blocks in `//!` docs are tested by `cargo test --doc` — README examples stay correct.
+- For published crates, this avoids the classic "README example doesn't compile because the API changed" bug.
+- Alternative: `cargo-rdme` (newer, slightly different template style). `cargo-readme` is more entrenched.
+- For workspace root READMEs that aren't per-crate, hand-edit and skip this skill.

package/resources/skills/skills/rust/cbindgen/SKILL.md

@@ -0,0 +1,41 @@
+---
+name: cbindgen
+description: Use when exposing a Rust library to C/C++ — auto-generate C headers from a Rust crate so other languages can link to it.
+allowed-tools: Bash(cargo:*), Bash(cbindgen:*)
+---
+
+# cbindgen — Rust → C/C++ headers
+
+The reverse of `bindgen`. Walks your `#[no_mangle] extern "C"` items and emits a header.
+
+## When to use
+- **Setup Cargo.toml**:
+  ```toml
+  [lib]
+  crate-type = ["cdylib", "staticlib"]
+  ```
+- **Rust side** — annotate every exported item:
+  ```rust
+  #[no_mangle]
+  pub extern "C" fn add(a: i32, b: i32) -> i32 { a + b }
+  #[repr(C)]
+  pub struct Point { x: f64, y: f64 }
+  ```
+- **Generate**: `cbindgen --config cbindgen.toml --crate mylib -o include/mylib.h`
+- **Build-script flavor** (regenerates on every build):
+  ```rust
+  // build.rs
+  let crate_dir = std::env::var("CARGO_MANIFEST_DIR").unwrap();
+  cbindgen::Builder::new().with_crate(crate_dir).generate().unwrap().write_to_file("include/mylib.h");
+  ```
+- **cbindgen.toml** controls language (C or C++), include guards, namespace, type renames.
+
+## Prerequisites
+- cbindgen CLI (or build-dep)
+- Rust items must be `#[no_mangle] pub extern "C"` with `#[repr(C)]` types
+
+## Notes
+- Only items reachable from `pub` and `extern "C"` are emitted — make sure they're not behind feature gates that aren't active at generation time.
+- Pair with a `*.pc` (pkg-config) file or a small CMake `Find<Mylib>.cmake` so downstream C/C++ users can link cleanly.
+- For C++-specific features (templates, namespaces), set `language = "C++"` in `cbindgen.toml`.
+- Common pitfall: returning `String` or `Vec<T>` across FFI is UB — return `*mut c_char` / raw pointers with explicit free fns.

package/resources/skills/skills/rust/chisel-tool/SKILL.md

@@ -0,0 +1,32 @@
+---
+name: chisel-tool
+description: Use when an agent needs precision file edits with minimal token overhead — patch-based, kernel-confined paths. Pointer to the upstream Chisel MCP server.
+allowed-tools: Bash(chisel:*)
+---
+
+# Chisel — agent-oriented precision file edits
+
+[`ckanthony/Chisel`](https://github.com/ckanthony/Chisel) — Rust-powered MCP server providing token-efficient file operations:
+
+- `patch_apply` — send unified diffs instead of whole files (~20× fewer tokens on large edits)
+- `shell_exec` — whitelisted Unix tools (grep/sed/awk/find/cat) the model already knows
+- Strict path confinement, symlink-aware root, atomic writes, bearer-token auth, `127.0.0.1`-only by default
+
+## When to use
+- Editing large files where rewriting them in full would burn context (>100 lines)
+- Multi-file refactors where each touch is a small diff
+- Untrusted-input agentic workflows where path confinement matters
+
+## Install
+- **MCP-style (recommended)**: download a `.mcpb` bundle from [releases](https://github.com/ckanthony/Chisel/releases/latest)
+- **Binary**: `cargo install --git https://github.com/ckanthony/Chisel chisel` (or `cue cli install chisel`)
+- **Upstream agent guide**: this profile auto-installs the canonical SKILL.md via `npx skills add ckanthony/Chisel`
+
+## Prerequisites
+- `chisel` binary on PATH (or run as a Docker MCP)
+- An MCP-aware client (Claude Code, Codex, custom)
+
+## Notes
+- This skill is a **pointer**. The detailed agent guide is the upstream `SKILL.md` fetched into the materialized profile by cue's npx mechanism — read that one in preference to this.
+- For pure-Rust embedding (no separate process), use `chisel-core` library directly.
+- Pairs well with `caveman` (terse-output mode) — both target the same goal: less token bloat per turn.

package/resources/skills/skills/rust/clap-cli/SKILL.md

@@ -0,0 +1,44 @@
+---
+name: clap-cli
+description: Use when building a command-line tool in Rust. Covers clap derive (subcommands, args, env), dialoguer for prompts, indicatif for progress bars/spinners.
+allowed-tools: Bash(cargo:*)
+---
+
+# clap + dialoguer + indicatif — CLI building stack
+
+`clap` is the universal arg parser. Derive macros over builder API for new code.
+
+## When to use
+- **Setup**: `clap = { version = "4", features = ["derive", "env"] }`
+- **Basic args**:
+  ```rust
+  #[derive(clap::Parser)]
+  #[command(version, about)]
+  struct Args {
+      #[arg(short, long, env = "MY_TOKEN")]
+      token: String,
+      #[arg(long, default_value_t = 10)]
+      limit: usize,
+      paths: Vec<PathBuf>,
+  }
+  fn main() {
+      let args = Args::parse();
+  }
+  ```
+- **Subcommands**: `#[derive(clap::Subcommand)]` enum + `#[command(subcommand)] cmd: Cmd` field
+- **Validate**: `#[arg(value_parser = clap::value_parser!(u16).range(1..=65535))]`
+- **Shell completions** (one-time gen, ship as separate file): `clap_complete::generate(Shell::Bash, &mut cmd, "myapp", &mut io::stdout())`
+- **Interactive prompts** (when args are missing or for confirms): `dialoguer::{Input, Confirm, Select, Password}`
+- **Progress bars**: `indicatif::{ProgressBar, MultiProgress}` — `.with_style(ProgressStyle::with_template("{spinner} {msg}").unwrap())`
+- **Pretty errors**: `color-eyre` or pair `anyhow` with `tracing-subscriber` + ANSI
+
+## Prerequisites
+- cargo
+- crates: `clap`, optionally `dialoguer`, `indicatif`, `color-eyre`
+
+## Notes
+- Use `env` attribute over manual `std::env::var` — clap shows env source in `--help` and respects override order.
+- For subcommands, derive each in its own module; keeps the top-level enum clean.
+- `Args::parse()` panics on bad input (exits with usage). For library use: `Args::try_parse()`.
+- `indicatif` progress bars MUST be `drop`ped or `finish_and_clear()`ed — otherwise they leave the terminal in a weird state.
+- For long-running CLIs, route logging through `tracing` and use `indicatif`-aware writer (`indicatif_log_bridge`) so logs don't break the bar.

package/resources/skills/skills/rust/clippy-and-fmt/SKILL.md

@@ -0,0 +1,25 @@
+---
+name: clippy-and-fmt
+description: Use when linting or formatting Rust code, or when CI complains about style. Covers cargo clippy with -D warnings, cargo fmt --check, and per-crate config files.
+allowed-tools: Bash(cargo:*), Bash(rustfmt:*), Bash(clippy:*)
+---
+
+# Clippy & rustfmt
+
+The two non-negotiable Rust quality gates.
+
+## When to use
+- Format: `cargo fmt` · check only (CI): `cargo fmt --check`
+- Lint: `cargo clippy --all-targets --all-features`
+- Lint as gate: `cargo clippy --all-targets -- -D warnings` (warnings become errors)
+- Fix what's auto-fixable: `cargo clippy --fix --allow-dirty`
+- Project config: `rustfmt.toml` for format rules; `clippy.toml` + `#![deny(clippy::pedantic)]` in lib.rs for lint strictness
+
+## Prerequisites
+- rustup (installs both via `rustup component add clippy rustfmt`)
+
+## Notes
+- Run both before commit. The fmt check is instant; clippy adds ~2x a `cargo check`.
+- Don't blanket-allow lints in lib.rs — `#[allow(...)]` at the offending site so the lint stays useful elsewhere.
+- The `-D warnings` flag is what most CIs use; matching it locally avoids surprise failures.
+- `cargo fmt --check` exits non-zero on diff — perfect for pre-commit hooks.