mindforge-cc 11.5.0 → 11.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (177) hide show
  1. package/.agent/mindforge/skill-tdd.md +53 -0
  2. package/.agent/mindforge/skills-index.md +118 -0
  3. package/.agent/mindforge/systematic-debug.md +60 -0
  4. package/.agent/skills/1password-skill/SKILL.md +156 -0
  5. package/.agent/skills/1password-skill/references/cli-examples.md +31 -0
  6. package/.agent/skills/1password-skill/references/get-started.md +21 -0
  7. package/.agent/skills/article-illustrator/SKILL.md +199 -0
  8. package/.agent/skills/article-illustrator/references/prompt-construction.md +426 -0
  9. package/.agent/skills/article-illustrator/references/style-presets.md +80 -0
  10. package/.agent/skills/article-illustrator/references/styles.md +224 -0
  11. package/.agent/skills/article-illustrator/references/usage.md +50 -0
  12. package/.agent/skills/article-illustrator/references/workflow.md +332 -0
  13. package/.agent/skills/arxiv/SKILL.md +275 -0
  14. package/.agent/skills/blogwatcher/SKILL.md +130 -0
  15. package/.agent/skills/code-wiki/SKILL.md +438 -0
  16. package/.agent/skills/code-wiki/templates/README.md +31 -0
  17. package/.agent/skills/code-wiki/templates/architecture.md +30 -0
  18. package/.agent/skills/code-wiki/templates/getting-started.md +47 -0
  19. package/.agent/skills/code-wiki/templates/module.md +38 -0
  20. package/.agent/skills/codebase-inspection/SKILL.md +109 -0
  21. package/.agent/skills/comic-creator/SKILL.md +240 -0
  22. package/.agent/skills/comic-creator/references/analysis-framework.md +176 -0
  23. package/.agent/skills/comic-creator/references/auto-selection.md +71 -0
  24. package/.agent/skills/comic-creator/references/base-prompt.md +98 -0
  25. package/.agent/skills/comic-creator/references/character-template.md +180 -0
  26. package/.agent/skills/comic-creator/references/ohmsha-guide.md +85 -0
  27. package/.agent/skills/comic-creator/references/partial-workflows.md +106 -0
  28. package/.agent/skills/comic-creator/references/storyboard-template.md +143 -0
  29. package/.agent/skills/comic-creator/references/workflow.md +401 -0
  30. package/.agent/skills/concept-diagrams/SKILL.md +355 -0
  31. package/.agent/skills/concept-diagrams/references/dashboard-patterns.md +43 -0
  32. package/.agent/skills/concept-diagrams/references/infrastructure-patterns.md +144 -0
  33. package/.agent/skills/concept-diagrams/references/physical-shape-cookbook.md +42 -0
  34. package/.agent/skills/creative-ideation/SKILL.md +144 -0
  35. package/.agent/skills/creative-ideation/references/full-prompt-library.md +110 -0
  36. package/.agent/skills/devops-cli/SKILL.md +149 -0
  37. package/.agent/skills/devops-cli/references/app-discovery.md +112 -0
  38. package/.agent/skills/devops-cli/references/authentication.md +59 -0
  39. package/.agent/skills/devops-cli/references/cli-reference.md +104 -0
  40. package/.agent/skills/devops-cli/references/running-apps.md +171 -0
  41. package/.agent/skills/devops-watchers/SKILL.md +103 -0
  42. package/.agent/skills/docker-management/SKILL.md +273 -0
  43. package/.agent/skills/domain-intel/SKILL.md +96 -0
  44. package/.agent/skills/duckduckgo-search/SKILL.md +230 -0
  45. package/.agent/skills/github-auth/SKILL.md +240 -0
  46. package/.agent/skills/github-code-review/SKILL.md +474 -0
  47. package/.agent/skills/github-code-review/references/review-output-template.md +74 -0
  48. package/.agent/skills/github-issues/SKILL.md +363 -0
  49. package/.agent/skills/github-issues/templates/bug-report.md +35 -0
  50. package/.agent/skills/github-issues/templates/feature-request.md +31 -0
  51. package/.agent/skills/github-pr-workflow/SKILL.md +360 -0
  52. package/.agent/skills/github-pr-workflow/references/ci-troubleshooting.md +183 -0
  53. package/.agent/skills/github-pr-workflow/references/conventional-commits.md +71 -0
  54. package/.agent/skills/github-pr-workflow/templates/pr-body-bugfix.md +35 -0
  55. package/.agent/skills/github-pr-workflow/templates/pr-body-feature.md +33 -0
  56. package/.agent/skills/github-repo-management/SKILL.md +509 -0
  57. package/.agent/skills/github-repo-management/references/github-api-cheatsheet.md +161 -0
  58. package/.agent/skills/godmode/SKILL.md +396 -0
  59. package/.agent/skills/godmode/references/jailbreak-templates.md +128 -0
  60. package/.agent/skills/godmode/references/refusal-detection.md +142 -0
  61. package/.agent/skills/hyperframes/SKILL.md +182 -0
  62. package/.agent/skills/hyperframes/references/cli.md +185 -0
  63. package/.agent/skills/hyperframes/references/composition.md +129 -0
  64. package/.agent/skills/hyperframes/references/features.md +289 -0
  65. package/.agent/skills/hyperframes/references/gsap.md +136 -0
  66. package/.agent/skills/hyperframes/references/troubleshooting.md +137 -0
  67. package/.agent/skills/hyperframes/references/website-to-video.md +145 -0
  68. package/.agent/skills/jupyter-live-kernel/SKILL.md +160 -0
  69. package/.agent/skills/kanban-orchestrator/SKILL.md +209 -0
  70. package/.agent/skills/kanban-worker/SKILL.md +188 -0
  71. package/.agent/skills/llm-wiki/SKILL.md +499 -0
  72. package/.agent/skills/meme-generation/SKILL.md +122 -0
  73. package/.agent/skills/node-inspect-debugger/SKILL.md +312 -0
  74. package/.agent/skills/obsidian/SKILL.md +60 -0
  75. package/.agent/skills/osint-investigation/SKILL.md +269 -0
  76. package/.agent/skills/osint-investigation/templates/source-template.md +59 -0
  77. package/.agent/skills/oss-forensics/SKILL.md +422 -0
  78. package/.agent/skills/oss-forensics/references/evidence-types.md +89 -0
  79. package/.agent/skills/oss-forensics/references/github-archive-guide.md +184 -0
  80. package/.agent/skills/oss-forensics/references/investigation-templates.md +131 -0
  81. package/.agent/skills/oss-forensics/references/recovery-techniques.md +164 -0
  82. package/.agent/skills/oss-forensics/templates/forensic-report.md +151 -0
  83. package/.agent/skills/oss-forensics/templates/malicious-package-report.md +43 -0
  84. package/.agent/skills/parallel-cli/SKILL.md +384 -0
  85. package/.agent/skills/pinggy-tunnel/SKILL.md +302 -0
  86. package/.agent/skills/pixel-art/SKILL.md +209 -0
  87. package/.agent/skills/pixel-art/references/palettes.md +49 -0
  88. package/.agent/skills/plan/SKILL.md +331 -0
  89. package/.agent/skills/polymarket/SKILL.md +75 -0
  90. package/.agent/skills/polymarket/references/api-endpoints.md +220 -0
  91. package/.agent/skills/python-debugpy/SKILL.md +368 -0
  92. package/.agent/skills/requesting-code-review/SKILL.md +273 -0
  93. package/.agent/skills/research-paper-writing/SKILL.md +2367 -0
  94. package/.agent/skills/research-paper-writing/references/autoreason-methodology.md +394 -0
  95. package/.agent/skills/research-paper-writing/references/checklists.md +434 -0
  96. package/.agent/skills/research-paper-writing/references/citation-workflow.md +563 -0
  97. package/.agent/skills/research-paper-writing/references/experiment-patterns.md +728 -0
  98. package/.agent/skills/research-paper-writing/references/human-evaluation.md +476 -0
  99. package/.agent/skills/research-paper-writing/references/paper-types.md +481 -0
  100. package/.agent/skills/research-paper-writing/references/reviewer-guidelines.md +433 -0
  101. package/.agent/skills/research-paper-writing/references/sources.md +191 -0
  102. package/.agent/skills/research-paper-writing/references/writing-guide.md +474 -0
  103. package/.agent/skills/research-paper-writing/templates/README.md +251 -0
  104. package/.agent/skills/rest-graphql-debug/SKILL.md +507 -0
  105. package/.agent/skills/s6-container-supervision/SKILL.md +171 -0
  106. package/.agent/skills/scrapling/SKILL.md +328 -0
  107. package/.agent/skills/sherlock/SKILL.md +186 -0
  108. package/.agent/skills/simplify-code/SKILL.md +168 -0
  109. package/.agent/skills/skill-authoring/SKILL.md +158 -0
  110. package/.agent/skills/spike/SKILL.md +190 -0
  111. package/.agent/skills/subagent-driven-development/SKILL.md +345 -0
  112. package/.agent/skills/subagent-driven-development/references/context-budget-discipline.md +53 -0
  113. package/.agent/skills/subagent-driven-development/references/gates-taxonomy.md +93 -0
  114. package/.agent/skills/systematic-debugging/SKILL.md +360 -0
  115. package/.agent/skills/test-driven-development/SKILL.md +336 -0
  116. package/.agent/skills/video-orchestrator/SKILL.md +194 -0
  117. package/.agent/skills/video-orchestrator/references/examples.md +227 -0
  118. package/.agent/skills/video-orchestrator/references/intake.md +166 -0
  119. package/.agent/skills/video-orchestrator/references/kanban-setup.md +278 -0
  120. package/.agent/skills/video-orchestrator/references/monitoring.md +180 -0
  121. package/.agent/skills/video-orchestrator/references/role-archetypes.md +298 -0
  122. package/.agent/skills/video-orchestrator/references/tool-matrix.md +317 -0
  123. package/.agent/skills/web-pentest/SKILL.md +332 -0
  124. package/.agent/skills/web-pentest/references/bypass-techniques.md +133 -0
  125. package/.agent/skills/web-pentest/references/exploitation-techniques.md +204 -0
  126. package/.agent/skills/web-pentest/references/scope-enforcement.md +110 -0
  127. package/.agent/skills/web-pentest/references/vuln-taxonomy.md +81 -0
  128. package/.agent/skills/web-pentest/templates/authorization.md +69 -0
  129. package/.agent/skills/web-pentest/templates/pentest-report.md +178 -0
  130. package/.claude/commands/mindforge/skill-tdd.md +53 -0
  131. package/.claude/commands/mindforge/skills-index.md +118 -0
  132. package/.claude/commands/mindforge/systematic-debug.md +60 -0
  133. package/.mindforge/config.json +2 -2
  134. package/.mindforge/memory/sync-manifest.json +1 -1
  135. package/.mindforge/skills/arxiv/SKILL.md +294 -0
  136. package/.mindforge/skills/blogwatcher/SKILL.md +147 -0
  137. package/.mindforge/skills/code-wiki/SKILL.md +457 -0
  138. package/.mindforge/skills/codebase-inspection/SKILL.md +126 -0
  139. package/.mindforge/skills/concept-diagrams/SKILL.md +373 -0
  140. package/.mindforge/skills/creative-ideation/SKILL.md +162 -0
  141. package/.mindforge/skills/domain-intel/SKILL.md +116 -0
  142. package/.mindforge/skills/duckduckgo-search/SKILL.md +249 -0
  143. package/.mindforge/skills/github-code-review/SKILL.md +493 -0
  144. package/.mindforge/skills/github-issues/SKILL.md +382 -0
  145. package/.mindforge/skills/github-pr-workflow/SKILL.md +379 -0
  146. package/.mindforge/skills/jupyter-live-kernel/SKILL.md +179 -0
  147. package/.mindforge/skills/kanban-orchestrator/SKILL.md +227 -0
  148. package/.mindforge/skills/kanban-worker/SKILL.md +206 -0
  149. package/.mindforge/skills/meme-generation/SKILL.md +141 -0
  150. package/.mindforge/skills/obsidian/SKILL.md +80 -0
  151. package/.mindforge/skills/osint-investigation/SKILL.md +288 -0
  152. package/.mindforge/skills/oss-forensics/SKILL.md +421 -0
  153. package/.mindforge/skills/pixel-art/SKILL.md +228 -0
  154. package/.mindforge/skills/plan/SKILL.md +350 -0
  155. package/.mindforge/skills/requesting-code-review/SKILL.md +292 -0
  156. package/.mindforge/skills/research-paper-writing/SKILL.md +2384 -0
  157. package/.mindforge/skills/scrapling/SKILL.md +345 -0
  158. package/.mindforge/skills/sherlock/SKILL.md +203 -0
  159. package/.mindforge/skills/simplify-code/SKILL.md +187 -0
  160. package/.mindforge/skills/spike/SKILL.md +209 -0
  161. package/.mindforge/skills/subagent-driven-development/SKILL.md +364 -0
  162. package/.mindforge/skills/systematic-debugging/SKILL.md +379 -0
  163. package/.mindforge/skills/test-driven-development/SKILL.md +355 -0
  164. package/.mindforge/skills/web-pentest/SKILL.md +327 -0
  165. package/CHANGELOG.md +88 -0
  166. package/MINDFORGE.md +3 -3
  167. package/README.md +38 -3
  168. package/RELEASENOTES.md +100 -0
  169. package/bin/dashboard/api-router.js +10 -1
  170. package/bin/governance/approve.js +5 -1
  171. package/bin/memory/federated-sync.js +11 -2
  172. package/bin/memory/knowledge-capture.js +10 -1
  173. package/bin/memory/pillar-health-tracker.js +9 -1
  174. package/bin/review/ads-engine.js +2 -2
  175. package/bin/security/trust-boundaries.js +5 -0
  176. package/docs/getting-started.md +42 -5
  177. package/package.json +1 -1
@@ -0,0 +1,171 @@
1
+ # Running Apps
2
+
3
+ ## Basic Run
4
+
5
+ ```bash
6
+ infsh app run user/app-name --input input.json
7
+ ```
8
+
9
+ ## Inline JSON
10
+
11
+ ```bash
12
+ infsh app run falai/flux-dev-lora --input '{"prompt": "a sunset over mountains"}'
13
+ ```
14
+
15
+ ## Version Pinning
16
+
17
+ ```bash
18
+ infsh app run user/app-name@1.0.0 --input input.json
19
+ ```
20
+
21
+ ## Local File Uploads
22
+
23
+ The CLI automatically uploads local files when you provide a file path instead of a URL. Any field that accepts a URL also accepts a local path:
24
+
25
+ ```bash
26
+ # Upscale a local image
27
+ infsh app run falai/topaz-image-upscaler --input '{"image": "/path/to/photo.jpg", "upscale_factor": 2}'
28
+
29
+ # Image-to-video from local file
30
+ infsh app run falai/wan-2-5-i2v --input '{"image": "./my-image.png", "prompt": "make it move"}'
31
+
32
+ # Avatar with local audio and image
33
+ infsh app run bytedance/omnihuman-1-5 --input '{"audio": "/path/to/speech.mp3", "image": "/path/to/face.jpg"}'
34
+
35
+ # Post tweet with local media
36
+ infsh app run x/post-create --input '{"text": "Check this out!", "media": "./screenshot.png"}'
37
+ ```
38
+
39
+ Supported paths:
40
+ - Absolute paths: `/home/user/images/photo.jpg`
41
+ - Relative paths: `./image.png`, `../data/video.mp4`
42
+ - Home directory: `~/Pictures/photo.jpg`
43
+
44
+ ## Generate Sample Input
45
+
46
+ Before running, generate a sample input file:
47
+
48
+ ```bash
49
+ infsh app sample falai/flux-dev-lora
50
+ ```
51
+
52
+ Save to file:
53
+
54
+ ```bash
55
+ infsh app sample falai/flux-dev-lora --save input.json
56
+ ```
57
+
58
+ Then edit `input.json` and run:
59
+
60
+ ```bash
61
+ infsh app run falai/flux-dev-lora --input input.json
62
+ ```
63
+
64
+ ## Workflow Example
65
+
66
+ ### Image Generation with FLUX
67
+
68
+ ```bash
69
+ # 1. Get app details
70
+ infsh app get falai/flux-dev-lora
71
+
72
+ # 2. Generate sample input
73
+ infsh app sample falai/flux-dev-lora --save input.json
74
+
75
+ # 3. Edit input.json
76
+ # {
77
+ # "prompt": "a cat astronaut floating in space",
78
+ # "num_images": 1,
79
+ # "image_size": "landscape_16_9"
80
+ # }
81
+
82
+ # 4. Run
83
+ infsh app run falai/flux-dev-lora --input input.json
84
+ ```
85
+
86
+ ### Video Generation with Veo
87
+
88
+ ```bash
89
+ # 1. Generate sample
90
+ infsh app sample google/veo-3-1-fast --save input.json
91
+
92
+ # 2. Edit prompt
93
+ # {
94
+ # "prompt": "A drone shot flying over a forest at sunset"
95
+ # }
96
+
97
+ # 3. Run
98
+ infsh app run google/veo-3-1-fast --input input.json
99
+ ```
100
+
101
+ ### Text-to-Speech
102
+
103
+ ```bash
104
+ # Quick inline run
105
+ infsh app run falai/kokoro-tts --input '{"text": "Hello, this is a test."}'
106
+ ```
107
+
108
+ ## Task Tracking
109
+
110
+ When you run an app, the CLI shows the task ID:
111
+
112
+ ```
113
+ Running falai/flux-dev-lora
114
+ Task ID: abc123def456
115
+ ```
116
+
117
+ For long-running tasks, you can check status anytime:
118
+
119
+ ```bash
120
+ # Check task status
121
+ infsh task get abc123def456
122
+
123
+ # Get result as JSON
124
+ infsh task get abc123def456 --json
125
+
126
+ # Save result to file
127
+ infsh task get abc123def456 --save result.json
128
+ ```
129
+
130
+ ### Run Without Waiting
131
+
132
+ For very long tasks, run in background:
133
+
134
+ ```bash
135
+ # Submit and return immediately
136
+ infsh app run google/veo-3 --input input.json --no-wait
137
+
138
+ # Check later
139
+ infsh task get <task-id>
140
+ ```
141
+
142
+ ## Output
143
+
144
+ The CLI returns the app output directly. For file outputs (images, videos, audio), you'll receive URLs to download.
145
+
146
+ Example output:
147
+
148
+ ```json
149
+ {
150
+ "images": [
151
+ {
152
+ "url": "https://cloud.inference.sh/...",
153
+ "content_type": "image/png"
154
+ }
155
+ ]
156
+ }
157
+ ```
158
+
159
+ ## Error Handling
160
+
161
+ | Error | Cause | Solution |
162
+ |-------|-------|----------|
163
+ | "invalid input" | Schema mismatch | Check `infsh app get` for required fields |
164
+ | "app not found" | Wrong app name | Check `infsh app list --search` |
165
+ | "quota exceeded" | Out of credits | Check account balance |
166
+
167
+ ## Documentation
168
+
169
+ - [Running Apps](https://inference.sh/docs/apps/running) - Complete running apps guide
170
+ - [Streaming Results](https://inference.sh/docs/api/sdk/streaming) - Real-time progress updates
171
+ - [Setup Parameters](https://inference.sh/docs/apps/setup-parameters) - Configuring app inputs
@@ -0,0 +1,103 @@
1
+ ---
2
+ name: watchers
3
+ description: Poll RSS, JSON APIs, and GitHub with watermark dedup.
4
+ version: 1.0.0
5
+ ---
6
+
7
+ # Watchers
8
+
9
+ Poll external sources on an interval and react only to new items. Three ready-made scripts plus a shared watermark helper; wire them into a cron job (or run them ad-hoc from the terminal).
10
+
11
+ ## When to Use
12
+
13
+ - User wants to watch an RSS/Atom feed and be notified of new entries
14
+ - User wants to watch a GitHub repo's issues / pulls / releases / commits
15
+ - User wants to poll an arbitrary JSON endpoint and get notified on new items
16
+ - User asks for "a watcher for X" or "notify me when X changes"
17
+
18
+ ## Mental model
19
+
20
+ A watcher is just a script that:
21
+
22
+ 1. Fetches data from the external source
23
+ 2. Compares against a watermark file of previously-seen IDs
24
+ 3. Writes the new watermark back
25
+ 4. Prints new items to stdout (or nothing on no-change)
26
+
27
+ The scripts below handle all three. The agent runs them via the terminal tool — from a cron job, a webhook, or an interactive chat — and reports what's new.
28
+
29
+ ## Ready-made scripts
30
+
31
+ All three live in `$HERMES_HOME/skills/devops/watchers/scripts/` once the skill is installed. Each reads `WATCHER_STATE_DIR` (defaults to `$HERMES_HOME/watcher-state/`) for its state file, keyed by the `--name` argument.
32
+
33
+ | Script | What it watches | Dedup key |
34
+ |---|---|---|
35
+ | `watch_rss.py` | RSS 2.0 or Atom feed URL | `<guid>` / `<id>` |
36
+ | `watch_http_json.py` | Any JSON endpoint returning a list of objects | Configurable id field |
37
+ | `watch_github.py` | GitHub issues / pulls / releases / commits for a repo | `id` / `sha` |
38
+
39
+ All three:
40
+
41
+ - First run records a baseline — never replays existing feed
42
+ - Watermark is a bounded ID set (max 500) to cap memory
43
+ - Output format: `## <title>\n<url>\n\n<optional body>` per item
44
+ - Empty stdout on no-new — the caller treats that as silent
45
+ - Non-zero exit on fetch errors
46
+
47
+ ## Usage
48
+
49
+ Run a watcher directly from the terminal tool:
50
+
51
+ ```bash
52
+ python $HERMES_HOME/skills/devops/watchers/scripts/watch_rss.py \
53
+ --name hn --url https://news.ycombinator.com/rss --max 5
54
+ ```
55
+
56
+ Watch a GitHub repo (set `GITHUB_TOKEN` in `${HERMES_HOME:-~/.hermes}/.env` to avoid the 60 req/hr anonymous rate limit):
57
+
58
+ ```bash
59
+ python $HERMES_HOME/skills/devops/watchers/scripts/watch_github.py \
60
+ --name hermes-issues --repo
61
+ ```
62
+
63
+ Poll an arbitrary JSON API:
64
+
65
+ ```bash
66
+ python $HERMES_HOME/skills/devops/watchers/scripts/watch_http_json.py \
67
+ --name api --url https://api.example.com/events \
68
+ --id-field event_id --items-path data.events
69
+ ```
70
+
71
+ ## Wiring into cron
72
+
73
+ Ask the agent to schedule a cron job with a prompt like:
74
+
75
+ > Every 15 minutes, run `watch_rss.py --name hn --url https://news.ycombinator.com/rss`. If it prints anything, summarize the headlines and deliver them. If it prints nothing, stay silent.
76
+
77
+ The agent invokes the script via the terminal tool inside the cron job's agent loop; no changes to cron's built-in `--script` flag are needed.
78
+
79
+ ## State files
80
+
81
+ Every watcher writes `$HERMES_HOME/watcher-state/<name>.json`. Inspect:
82
+
83
+ ```bash
84
+ cat $HERMES_HOME/watcher-state/hn.json
85
+ ```
86
+
87
+ Force a replay (next run treated as first poll):
88
+
89
+ ```bash
90
+ rm $HERMES_HOME/watcher-state/hn.json
91
+ ```
92
+
93
+ ## Writing your own
94
+
95
+ All three scripts use the same template: load watermark, fetch, diff, save, emit. `scripts/_watermark.py` is the shared helper; import it to get atomic writes + bounded ID set + first-run baseline for free. See any of the three reference scripts for how little boilerplate it takes.
96
+
97
+ ## Common Pitfalls
98
+
99
+ 1. **Printing a "no new items" header every tick.** Callers rely on empty stdout = silent. If you print anything on an empty delta, you spam the channel. The shipped scripts handle this; custom scripts must too.
100
+ 2. **Expecting the first run to emit items.** It won't — first run records a baseline. If you need an initial digest, delete the state file after the first run or add a `--prime-with-latest N` flag in your own script.
101
+ 3. **Unbounded watermark growth.** The shared helper caps at 500 IDs. Raise it for high-churn feeds; lower it on constrained filesystems.
102
+ 4. **Putting the state dir where the agent's sandbox can't write.** `$HERMES_HOME/watcher-state/` is always writable. Docker/Modal backends may not see arbitrary host paths.
103
+
@@ -0,0 +1,273 @@
1
+ ---
2
+ name: docker-management
3
+ description: Manage Docker containers, images, volumes, networks, and Compose stacks — lifecycle ops, debugging, cleanup, and Dockerfile optimization.
4
+ version: 1.0.0
5
+ ---
6
+
7
+ # Docker Management
8
+
9
+ Manage Docker containers, images, volumes, networks, and Compose stacks using standard Docker CLI commands. No additional dependencies beyond Docker itself.
10
+
11
+ ## When to Use
12
+
13
+ - Run, stop, restart, remove, or inspect containers
14
+ - Build, pull, push, tag, or clean up Docker images
15
+ - Work with Docker Compose (multi-service stacks)
16
+ - Manage volumes or networks
17
+ - Debug a crashing container or analyze logs
18
+ - Check Docker disk usage or free up space
19
+ - Review or optimize a Dockerfile
20
+
21
+ ## Prerequisites
22
+
23
+ - Docker Engine installed and running
24
+ - User added to the `docker` group (or use `sudo`)
25
+ - Docker Compose v2 (included with modern Docker installations)
26
+
27
+ Quick check:
28
+
29
+ ```bash
30
+ docker --version && docker compose version
31
+ ```
32
+
33
+ ## Quick Reference
34
+
35
+ | Task | Command |
36
+ |------|---------|
37
+ | Run container (background) | `docker run -d --name NAME IMAGE` |
38
+ | Stop + remove | `docker stop NAME && docker rm NAME` |
39
+ | View logs (follow) | `docker logs --tail 50 -f NAME` |
40
+ | Shell into container | `docker exec -it NAME /bin/sh` |
41
+ | List all containers | `docker ps -a` |
42
+ | Build image | `docker build -t TAG .` |
43
+ | Compose up | `docker compose up -d` |
44
+ | Compose down | `docker compose down` |
45
+ | Disk usage | `docker system df` |
46
+ | Cleanup dangling | `docker image prune && docker container prune` |
47
+
48
+ ## Procedure
49
+
50
+ ### 1. Identify the domain
51
+
52
+ Figure out which area the request falls into:
53
+
54
+ - **Container lifecycle** → run, stop, start, restart, rm, pause/unpause
55
+ - **Container interaction** → exec, cp, logs, inspect, stats
56
+ - **Image management** → build, pull, push, tag, rmi, save/load
57
+ - **Docker Compose** → up, down, ps, logs, exec, build, config
58
+ - **Volumes & networks** → create, inspect, rm, prune, connect
59
+ - **Troubleshooting** → log analysis, exit codes, resource issues
60
+
61
+ ### 2. Container operations
62
+
63
+ **Run a new container:**
64
+
65
+ ```bash
66
+ # Detached service with port mapping
67
+ docker run -d --name web -p 8080:80 nginx
68
+
69
+ # With environment variables
70
+ docker run -d -e POSTGRES_PASSWORD=secret -e POSTGRES_DB=mydb --name db postgres:16
71
+
72
+ # With persistent data (named volume)
73
+ docker run -d -v pgdata:/var/lib/postgresql/data --name db postgres:16
74
+
75
+ # For development (bind mount source code)
76
+ docker run -d -v $(pwd)/src:/app/src -p 3000:3000 --name dev my-app
77
+
78
+ # Interactive debugging (auto-remove on exit)
79
+ docker run -it --rm ubuntu:22.04 /bin/bash
80
+
81
+ # With resource limits and restart policy
82
+ docker run -d --memory=512m --cpus=1.5 --restart=unless-stopped --name app my-app
83
+ ```
84
+
85
+ Key flags: `-d` detached, `-it` interactive+tty, `--rm` auto-remove, `-p` port (host:container), `-e` env var, `-v` volume, `--name` name, `--restart` restart policy.
86
+
87
+ **Manage running containers:**
88
+
89
+ ```bash
90
+ docker ps # running containers
91
+ docker ps -a # all (including stopped)
92
+ docker stop NAME # graceful stop
93
+ docker start NAME # start stopped container
94
+ docker restart NAME # stop + start
95
+ docker rm NAME # remove stopped container
96
+ docker rm -f NAME # force remove running container
97
+ docker container prune # remove ALL stopped containers
98
+ ```
99
+
100
+ **Interact with containers:**
101
+
102
+ ```bash
103
+ docker exec -it NAME /bin/sh # shell access (use /bin/bash if available)
104
+ docker exec NAME env # view environment variables
105
+ docker exec -u root NAME apt update # run as specific user
106
+ docker logs --tail 100 -f NAME # follow last 100 lines
107
+ docker logs --since 2h NAME # logs from last 2 hours
108
+ docker cp NAME:/path/file ./local # copy file from container
109
+ docker cp ./file NAME:/path/ # copy file to container
110
+ docker inspect NAME # full container details (JSON)
111
+ docker stats --no-stream # resource usage snapshot
112
+ docker top NAME # running processes
113
+ ```
114
+
115
+ ### 3. Image management
116
+
117
+ ```bash
118
+ # Build
119
+ docker build -t my-app:latest .
120
+ docker build -t my-app:prod -f Dockerfile.prod .
121
+ docker build --no-cache -t my-app . # clean rebuild
122
+ DOCKER_BUILDKIT=1 docker build -t my-app . # faster with BuildKit
123
+
124
+ # Pull and push
125
+ docker pull node:20-alpine
126
+ docker login ghcr.io
127
+ docker tag my-app:latest registry/my-app:v1.0
128
+ docker push registry/my-app:v1.0
129
+
130
+ # Inspect
131
+ docker images # list local images
132
+ docker history IMAGE # see layers
133
+ docker inspect IMAGE # full details
134
+
135
+ # Cleanup
136
+ docker image prune # remove dangling (untagged) images
137
+ docker image prune -a # remove ALL unused images (careful!)
138
+ docker image prune -a --filter "until=168h" # unused images older than 7 days
139
+ ```
140
+
141
+ ### 4. Docker Compose
142
+
143
+ ```bash
144
+ # Start/stop
145
+ docker compose up -d # start all services detached
146
+ docker compose up -d --build # rebuild images before starting
147
+ docker compose down # stop and remove containers
148
+ docker compose down -v # also remove volumes (DESTROYS DATA)
149
+
150
+ # Monitoring
151
+ docker compose ps # list services
152
+ docker compose logs -f api # follow logs for specific service
153
+ docker compose logs --tail 50 # last 50 lines all services
154
+
155
+ # Interaction
156
+ docker compose exec api /bin/sh # shell into running service
157
+ docker compose run --rm api npm test # one-off command (new container)
158
+ docker compose restart api # restart specific service
159
+
160
+ # Validation
161
+ docker compose config # validate and view resolved config
162
+ ```
163
+
164
+ **Minimal compose.yml example:**
165
+
166
+ ```yaml
167
+ services:
168
+ api:
169
+ build: .
170
+ ports:
171
+ - "3000:3000"
172
+ environment:
173
+ - DATABASE_URL=postgres://user:pass@db:5432/mydb
174
+ depends_on:
175
+ db:
176
+ condition: service_healthy
177
+
178
+ db:
179
+ image: postgres:16-alpine
180
+ environment:
181
+ POSTGRES_USER: user
182
+ POSTGRES_PASSWORD: pass
183
+ POSTGRES_DB: mydb
184
+ volumes:
185
+ - pgdata:/var/lib/postgresql/data
186
+ healthcheck:
187
+ test: ["CMD-SHELL", "pg_isready -U user"]
188
+ interval: 10s
189
+ timeout: 5s
190
+ retries: 5
191
+
192
+ volumes:
193
+ pgdata:
194
+ ```
195
+
196
+ ### 5. Volumes and networks
197
+
198
+ ```bash
199
+ # Volumes
200
+ docker volume ls # list volumes
201
+ docker volume create mydata # create named volume
202
+ docker volume inspect mydata # details (mount point, etc.)
203
+ docker volume rm mydata # remove (fails if in use)
204
+ docker volume prune # remove unused volumes
205
+
206
+ # Networks
207
+ docker network ls # list networks
208
+ docker network create mynet # create bridge network
209
+ docker network inspect mynet # details (connected containers)
210
+ docker network connect mynet NAME # attach container to network
211
+ docker network disconnect mynet NAME # detach container
212
+ docker network rm mynet # remove network
213
+ docker network prune # remove unused networks
214
+ ```
215
+
216
+ ### 6. Disk usage and cleanup
217
+
218
+ Always start with a diagnostic before cleaning:
219
+
220
+ ```bash
221
+ # Check what's using space
222
+ docker system df # summary
223
+ docker system df -v # detailed breakdown
224
+
225
+ # Targeted cleanup (safe)
226
+ docker container prune # stopped containers
227
+ docker image prune # dangling images
228
+ docker volume prune # unused volumes
229
+ docker network prune # unused networks
230
+
231
+ # Aggressive cleanup (confirm with user first!)
232
+ docker system prune # containers + images + networks
233
+ docker system prune -a # also unused images
234
+ docker system prune -a --volumes # EVERYTHING — named volumes too
235
+ ```
236
+
237
+ **Warning:** Never run `docker system prune -a --volumes` without confirming with the user. This removes named volumes with potentially important data.
238
+
239
+ ## Pitfalls
240
+
241
+ | Problem | Cause | Fix |
242
+ |---------|-------|-----|
243
+ | Container exits immediately | Main process finished or crashed | Check `docker logs NAME`, try `docker run -it --entrypoint /bin/sh IMAGE` |
244
+ | "port is already allocated" | Another process using that port | `docker ps` or `lsof -i :PORT` to find it |
245
+ | "no space left on device" | Docker disk full | `docker system df` then targeted prune |
246
+ | Can't connect to container | App binds to 127.0.0.1 inside container | App must bind to `0.0.0.0`, check `-p` mapping |
247
+ | Permission denied on volume | UID/GID mismatch host vs container | Use `--user $(id -u):$(id -g)` or fix permissions |
248
+ | Compose services can't reach each other | Wrong network or service name | Services use service name as hostname, check `docker compose config` |
249
+ | Build cache not working | Layer order wrong in Dockerfile | Put rarely-changing layers first (deps before source code) |
250
+ | Image too large | No multi-stage build, no .dockerignore | Use multi-stage builds, add `.dockerignore` |
251
+
252
+ ## Verification
253
+
254
+ After any Docker operation, verify the result:
255
+
256
+ - **Container started?** → `docker ps` (check status is "Up")
257
+ - **Logs clean?** → `docker logs --tail 20 NAME` (no errors)
258
+ - **Port accessible?** → `curl -s http://localhost:PORT` or `docker port NAME`
259
+ - **Image built?** → `docker images | grep TAG`
260
+ - **Compose stack healthy?** → `docker compose ps` (all services "running" or "healthy")
261
+ - **Disk freed?** → `docker system df` (compare before/after)
262
+
263
+ ## Dockerfile Optimization Tips
264
+
265
+ When reviewing or creating a Dockerfile, suggest these improvements:
266
+
267
+ 1. **Multi-stage builds** — separate build environment from runtime to reduce final image size
268
+ 2. **Layer ordering** — put dependencies before source code so changes don't invalidate cached layers
269
+ 3. **Combine RUN commands** — fewer layers, smaller image
270
+ 4. **Use .dockerignore** — exclude `node_modules`, `.git`, `__pycache__`, etc.
271
+ 5. **Pin base image versions** — `node:20-alpine` not `node:latest`
272
+ 6. **Run as non-root** — add `USER` instruction for security
273
+ 7. **Use slim/alpine bases** — `python:3.12-slim` not `python:3.12`
@@ -0,0 +1,96 @@
1
+ ---
2
+ name: domain-intel
3
+ description: Passive domain reconnaissance using Python stdlib. Subdomain discovery, SSL certificate inspection, WHOIS lookups, DNS records, domain availability checks, and bulk multi-domain analysis. No API keys required.
4
+ ---
5
+
6
+ # Domain Intelligence — Passive OSINT
7
+
8
+ Passive domain reconnaissance using only Python stdlib.
9
+ **Zero dependencies. Zero API keys. Works on Linux, macOS, and Windows.**
10
+
11
+ ## Helper script
12
+
13
+ This skill includes `scripts/domain_intel.py` — a complete CLI tool for all domain intelligence operations.
14
+
15
+ ```bash
16
+ # Subdomain discovery via Certificate Transparency logs
17
+ python3 SKILL_DIR/scripts/domain_intel.py subdomains example.com
18
+
19
+ # SSL certificate inspection (expiry, cipher, SANs, issuer)
20
+ python3 SKILL_DIR/scripts/domain_intel.py ssl example.com
21
+
22
+ # WHOIS lookup (registrar, dates, name servers — 100+ TLDs)
23
+ python3 SKILL_DIR/scripts/domain_intel.py whois example.com
24
+
25
+ # DNS records (A, AAAA, MX, NS, TXT, CNAME)
26
+ python3 SKILL_DIR/scripts/domain_intel.py dns example.com
27
+
28
+ # Domain availability check (passive: DNS + WHOIS + SSL signals)
29
+ python3 SKILL_DIR/scripts/domain_intel.py available coolstartup.io
30
+
31
+ # Bulk analysis — multiple domains, multiple checks in parallel
32
+ python3 SKILL_DIR/scripts/domain_intel.py bulk example.com github.com google.com
33
+ python3 SKILL_DIR/scripts/domain_intel.py bulk example.com github.com --checks ssl,dns
34
+ ```
35
+
36
+ `SKILL_DIR` is the directory containing this SKILL.md file. All output is structured JSON.
37
+
38
+ ## Available commands
39
+
40
+ | Command | What it does | Data source |
41
+ |---------|-------------|-------------|
42
+ | `subdomains` | Find subdomains from certificate logs | crt.sh (HTTPS) |
43
+ | `ssl` | Inspect TLS certificate details | Direct TCP:443 to target |
44
+ | `whois` | Registration info, registrar, dates | WHOIS servers (TCP:43) |
45
+ | `dns` | A, AAAA, MX, NS, TXT, CNAME records | System DNS + Google DoH |
46
+ | `available` | Check if domain is registered | DNS + WHOIS + SSL signals |
47
+ | `bulk` | Run multiple checks on multiple domains | All of the above |
48
+
49
+ ## When to use this vs built-in tools
50
+
51
+ - **Use this skill** for infrastructure questions: subdomains, SSL certs, WHOIS, DNS records, availability
52
+ - **Use `web_search`** for general research about what a domain/company does
53
+ - **Use `web_extract`** to get the actual content of a webpage
54
+ - **Use `terminal` with `curl -I`** for a simple "is this URL reachable" check
55
+
56
+ | Task | Better tool | Why |
57
+ |------|-------------|-----|
58
+ | "What does example.com do?" | `web_extract` | Gets page content, not DNS/WHOIS data |
59
+ | "Find info about a company" | `web_search` | General research, not domain-specific |
60
+ | "Is this website safe?" | `web_search` | Reputation checks need web context |
61
+ | "Check if a URL is reachable" | `terminal` with `curl -I` | Simple HTTP check |
62
+ | "Find subdomains of X" | **This skill** | Only passive source for this |
63
+ | "When does the SSL cert expire?" | **This skill** | Built-in tools can't inspect TLS |
64
+ | "Who registered this domain?" | **This skill** | WHOIS data not in web search |
65
+ | "Is coolstartup.io available?" | **This skill** | Passive availability via DNS+WHOIS+SSL |
66
+
67
+ ## Platform compatibility
68
+
69
+ Pure Python stdlib (`socket`, `ssl`, `urllib`, `json`, `concurrent.futures`).
70
+ Works identically on Linux, macOS, and Windows with no dependencies.
71
+
72
+ - **crt.sh queries** use HTTPS (port 443) — works behind most firewalls
73
+ - **WHOIS queries** use TCP port 43 — may be blocked on restrictive networks
74
+ - **DNS queries** use Google DoH (HTTPS) for MX/NS/TXT — firewall-friendly
75
+ - **SSL checks** connect to the target on port 443 — the only "active" operation
76
+
77
+ ## Data sources
78
+
79
+ All queries are **passive** — no port scanning, no vulnerability testing:
80
+
81
+ - **crt.sh** — Certificate Transparency logs (subdomain discovery, HTTPS only)
82
+ - **WHOIS servers** — Direct TCP to 100+ authoritative TLD registrars
83
+ - **Google DNS-over-HTTPS** — MX, NS, TXT, CNAME resolution (firewall-friendly)
84
+ - **System DNS** — A/AAAA record resolution
85
+ - **SSL check** is the only "active" operation (TCP connection to target:443)
86
+
87
+ ## Notes
88
+
89
+ - WHOIS queries use TCP port 43 — may be blocked on restrictive networks
90
+ - Some WHOIS servers redact registrant info (GDPR) — mention this to the user
91
+ - crt.sh can be slow for very popular domains (thousands of certs) — set reasonable expectations
92
+ - The availability check is heuristic-based (3 passive signals) — not authoritative like a registrar API
93
+
94
+ ---
95
+
96
+ *Contributed by [@FurkanL0](https://github.com/FurkanL0)*