MCP App StoreMCP App Storesnix reimplements Nix in Rust with a bytecode VM evaluator and content-addressed store to produce reproducible, minimal rootfs images. It's aimed at building compact VM rootfs for agent runtimes (codex-rs, toad, boxxy) and integrates with tooling for reproducible builds and sandboxed agent execution.
Use snix when you need reproducible, deduplicated build artifacts or when targeting minimal rootfs images for AI agent VMs (Apple Virtualization / boxxy) or sandboxed runtimes. Helpful for teams packaging MUSL static binaries, tiny images, or building content-addressed artifacts.
Infer: Developer-focused CI/tooling workflows; integrates with build automation and agent runtime tooling (codex, toad, boxxy).
The snix skill describes a Rust reimplementation of Nix for building minimal Linux rootfs images used in VM-based agent runtimes. The SKILL.md is lengthy and mixes practical build instructions with dense category-theory and GF(3) triad content that obscures the useful parts. No scripts were included. The core content about installation and rootfs composition is well-structured but serves an extremely narrow audience.
No security concerns. The skill is a documentation-heavy overview of snix with no executable scripts. The practical content (maybe 30% of the document) is decent but overwhelmed by theoretical/academic framing (GF(3), Cat#, SDF) that adds no actionable value for an agent. Would benefit greatly from trimming to focus on practical build and usage instructions.
Analyzing Ransomware Leak Site Intelligence
Collect and analyze ransomware data-leak site (DLS) posts to extract victim, group, sector and geographic trends for threat intelligence and proactive defense.
nhero — Aftermarket Dispenser Network
Framework treating pill dispensers as network devices: routing, access control, scramble-indexing and confidential supply tracking for custom dispenser workflow
Flox Services Guide
Practical patterns and commands for running and managing background services in Flox environments: service manifests, logging, venv handling, and common service
WASM Goblins — Capability-Secure Runtime Patterns
Technical cookbook describing capability-safe interactions between Goblins actors and verified WASM runtimes, with runtime selection guidance, syscall mappings,
Performing Container Escape Detection
Audit Kubernetes pods to detect container escape vectors like privileged containers, dangerous capabilities, host namespace sharing, writable hostPath mounts, a
NGINX Integration
Integrate with NGINX via the Membrane CLI to query, manage, and proxy requests to NGINX for configuration, logs, and runtime operations.
Starlark Dev
Create, debug, and test Kurtosis Starlark packages — write package structure, run dry-runs, and inspect plan execution for reliable orchestration.
Sync Production Database to Development
Run a safe, scripted workflow to download production database dumps and restore them into a development environment (download-only and restore options).
Sandbox0 Integration
Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.
Websocket Client Creator
Generates and guides websocket client integrations: configuration, code samples, best practices, and validation for production-ready websocket clients.
Alpha Forge Pre-Ship Quality Gates
Pre-merge quality gates for PRs that validate RNG determinism, forked URLs, runtime parameter ranges, and manifest synchronization to reduce review cycles.
Skill Issue — Skill Auditor
Scan and audit installed agent skills to produce a health report covering inventory, usage, dependency checks, version status, and actionable recommendations.
Evolve — Goal-Driven Improvement Loop
Autonomous improvement loop that selects high-value work, runs a full research-plan-implement (/rpi) cycle, validates changes, and repeats to compound repo impr
