Links
AddRun a single command in a speedy virtual machine with zero-setup vmexec is a zero-setup CLI tool that runs single commands in a throwaway virtual machines. The idea is for you to run a command in VM without having think about the performance implications, how to mount files, how to forward ports, etc. Nowadays, many are used to the convenience of container runners such as podman or docker but so far it hasn't been as covenient to run a VM, often requiring a manual set up step.
Related contents:
A virtio-fs vhost-user device daemon written in Rust.
Related contents:
Every agent deserves its own machine.
Run agents in secure, local-first sandboxes. On your laptop, in your VPC, on-prem, or in our cloud. Programmable, fast, and yours.
microsandbox takes a different approach: every sandbox is a real VM with its own Linux kernel. It provides security primitives for preventing exploits like secret exfiltration. And it runs locally on your machine.
Related contents:
Real Linux, in milliseconds. Run Firecracker microVMs with commercial support.
Full VMs with systemd and a dedicated kernel — on your Mac, your servers, or your cloud.
Related contents:
Sysbox is an open-source, next-generation runc that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Related contents:
Customization of kubernetes YAML configurations.
kustomize lets you customize raw, template-free YAML files for multiple purposes, leaving the original YAML untouched and usable as is.
kustomize targets kubernetes; it understands and can patch kubernetes style API objects. It's like make, in that what it does is declared in a file, and it's like sed, in that it emits edited text.
Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.
Related contents:
🍫 Tastier cookies, local, session, and db storage in a tiny package. Includes subscribe() events for changes.
OpenAPI to TypeScript Magic. Generate type-safe API clients from OpenAPI.
Transform your OpenAPI specs into type-safe clients, mocks, and validators. Stop writing boilerplate. Start shipping features.
Terminal-Native Web Agents. A simple SWE style browser agent framework that achieves SOTA results on long horizon web tasks.
Webwright gives the model a terminal, a local workspace, and the freedom to write code that launches, inspects, and discards browser sessions. The output is not just a completed task, but a reusable program.
Defuse is a GTK4 application for removing image backgrounds locally.
Defuse is a local background removal tool written in Python using GTK4 and Libadwaita. Processing is performed using the ISNet-general model through ONNX Runtime.
The security firewall for agents.
Give agents prod access and still sleep easy
Claw Patrol holds agent credentials, parses their traffic at the wire, and gates actions they take with rules you write, all while keeping an audit log of every action.
Mvm is a fast interpreter and virtual machine for Go and beyond.
Mvm is a Go interpreter that compiles source to bytecode and runs it on a stack-based virtual machine. It ships as a single static binary with the full Go standard library bundled in, and embeds in Go or C host programs.
Open source repository of plugins primarily intended for knowledge workers to use in Claude Cowork
Google's open source distributed agent runtime.
AX, short for Agent eXecutor, is a distributed agent runtime. It provides a runtime that coordinates agentic loops, manages executions with event logging, and communicates with both local and remote actors. AX is designed for reliability, with native support for recovery and execution resumption, even in complex distributed setups.
Enable agents to register users without the sign-up form. Auth.md provides secure agent registration that any app can implement.
An open protocol that lets agents register for services on behalf of users — discoverable through a Markdown file at your domain.
Not so boring notch That Rocks 🎸🎶
Say hello to Boring Notch, the coolest way to make your MacBook’s notch the star of the show! Say goodbye to boring status bars: with Boring Notch, your notch transforms into a dynamic music control center, complete with a vibrant visualizer and all the essential music controls you need. But that’s just the start! Boring Notch also offers calendar integration, a handy file shelf with AirDrop support, a complete MacOS HUD replacement and more!
Related contents:
Testing TLS/SSL encryption anywhere on any port .
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Related contents:
MCP Server for Computer Use in Windows.
Windows-MCP is a lightweight, open-source project that enables seamless integration between AI agents and the Windows operating system. Acting as an MCP server bridges the gap between LLMs and the Windows operating system, allowing agents to perform tasks such as file navigation, application control, UI interaction, QA testing, and more.
Related contents:
Terminal flow field screensaver with Perlin noise, Braille rendering, particles, and 24-bit ANSI color.
Related contents:
bcachefs based NAS solution.
NASty is a NAS operating system built on NixOS and bcachefs. It turns commodity hardware into a storage appliance serving NFS, SMB, iSCSI, and NVMe-oF — managed from a single web UI, updated atomically, and rolled back when things go sideways.
Related contents:
Management Plane for FreeBSD. Strong Foundation. Simple Control. Lightweight GUI for managing Bhyve, Jails, ZFS, networking, and more on FreeBSD.
Utilize your rock solid FreeBSD™ environment through a unified, high-performance management layer.
Related contents:
You've got six dev servers running on six random ports and no idea which is which. Portbook finds them, labels them, and gives you one page to click through — or one terminal command to list them.
Local Rust web dashboard that auto-discovers and labels HTTP dev services running on localhost ports — with live SSE updates, project-root detection, and live/error/dead classification.
Related contents:
Privacy proxy for your OpenAI requests.
An intelligent privacy layer for AI APIs. Kiji automatically detects and masks personally identifiable information (PII) in requests to AI services, ensuring your sensitive data never leaves your control.
Related contents:
NomadBSD is a persistent live system for USB flash drives, based on FreeBSD®. Together with automatic hardware detection and setup, it is configured to be used as a desktop system that works out of the box, but can also be used for data recovery, for educational purposes, or to test FreeBSD®'s hardware compatibility.
Related contents:
Lightning-Fast, On-Device, Multilingual TTS — running natively via ONNX.
Supertonic is a lightning-fast, on-device multilingual text-to-speech system designed for local inference with minimal overhead. Powered by ONNX Runtime, it runs entirely on your device—no cloud, no API calls, no privacy concerns.
a coding agent with the IDE wired in.
⌥ AI Coding agent for the terminal — hash-anchored edits, optimized tool harness, LSP, Python, browser, subagents, and more
Understand any codebase as a graph
A local-first code-intelligence tool that turns any codebase into a queryable knowledge graph for AI coding agents. Pre-indexed code knowledge graph for Claude Code, Codex, Cursor, OpenCode, and Hermes Agent — fewer tokens, fewer tool calls, 100% local.
Public DESIGN.md registry. THE PUBLIC REGISTRY FOR DESIGN AGENTS
DESIGN.md files that coding and design agents read to generate consistent UI.
Find the best local LLM that actually runs on your hardware.
Auto-detects your GPU/CPU/RAM and ranks the top models from HuggingFace that fit your system.
Find the local LLM that actually runs and performs best on your hardware. Ranked by real, recency-aware benchmarks, not parameter count. One command, run it instantly.
Your agent's query language. One SQL interface over APIs, files, and live sources — built for agents.
Coral gives agents a local-first SQL runtime over APIs, files, and other data sources. Query it from the CLI, inspect schemas and tables, or expose the same runtime over MCP so agents can use it without bespoke tool glue.
One terminal. The whole herd.
Herdr is an agent runtime that runs inside your terminal. Keep your shell, SSH setup, fonts, and keybinds; add tmux-style persistence, mouse-native panes, blocked, working, and done agent state, and an API agents can drive.
Fast, lossless LLM inference via dual-view diffusion decoding. Memory-Efficient Parallel Token Generation via Dual-View Diffusion.
Official implementation and model checkpoints for Orthrus, a dual-architecture framework that unifies the exact generation fidelity of autoregressive Large Language Models (LLMs) with the high-speed parallel token generation of diffusion models.
An image-to-world skillset for Claude.
Creates 3D environments, SFX, and meshes from a single image using Claude skills, World Labs, and FAL.
Can take you from an image to a fully meshed 3D environment in < 5 minutes, great for jumpstarting 3D work. Go full blast.
Your Personal AI super intelligence. Private, Simple and extremely powerful. OpenHuman is an open-source agentic assistant designed to integrate with you in your daily life. Each bullet links to the deeper writeup in the docs.
Video Narrator. Open-source Video Translation Skill.
Upload a video. Violin transcribes the speech, translates it, synthesizes a native-sounding voice-over in the target language, and remuxes it back into the video — fully aligned, with optional SRT subtitles.
Peekaboo is a macOS CLI & optional MCP server that enables AI agents to capture screenshots of applications, or the entire system, with optional visual question answering through local or remote AI models.
Peekaboo is a macOS automation toolkit for humans and agents. It captures pixels, reads the accessibility tree, drives input, and ships an agent runtime plus an MCP server so AI clients (Codex, Claude Code, Cursor) can drive the desktop with the same primitives you'd use from the shell.
SSH tunnel manager.
A simple command line SSH tunnel manager that just works. TOML config, automatic reconnection and keep-alives.
AI-powered desktop SQL client. Cross-platform. Built with Flutter.
openhare is an AI-powered, cross-platform desktop SQL client with multi-database support, built for everyday development, data analysis, and DBA management workflows.
Modular and type-safe forms
Build your next form with Formisch, the open source form library with performance, type safety and bundle size in mind. The lightweight, schema-first, and fully type-safe form library for React, Solid, Vue, Svelte and more.
A fast, native Git client that runs your dev servers too.
Multi-repo Git GUI with a built-in PTY-backed dev-server launcher. Switch branches, commit, push, and start every project's dev server from one window.
A multi-tenancy and policy-based framework for Kubernetes.
Capsule implements a multi-tenant and policy-based environment in your Kubernetes cluster. It is designed as a micro-services-based ecosystem with the minimalist approach, leveraging only on upstream Kubernetes.
AI Native Automation, built for agents - Welcome to Swamp. Stinemates, Watson, Adam, Mahir, Paul .
Swamp is a CLI that supercharges AI agents to create operational workflows that are reviewable, shareable, and accurate. Built for agents, there to empower humans. All the data lives in the .swamp/ (the swamp).
A PostgreSQL protocol adapter for SQLite databases. This project allows PostgreSQL clients to connect to and query SQLite databases using the PostgreSQL wire protocol.
The AI-native database. Built for the data your other databases can't touch.
Hybrid search. Local ML inference. Multimodal documents. One binary, zero glue code. Free to run in swarm mode, ready to scale with Antfly Cloud.
Related contents:
Gives you a folder for every commit in your git repository.
Extremely experimental software with lots of bugs but it works for me and I've found it a tiny bit useful.
Related contents:
Run Coding Agents in Sandboxes. Control Them Over HTTP. Supports Claude Code, Codex, OpenCode, and Amp.
Related contents:
Skills for Real Engineers. Straight from my .claude directory.
Watch your computer connect across the internet in real time. Discover the world behind your apps.
Data poisoning for your everyday tracking.
Fauxx is an open-source Android privacy tool that poisons data broker and ad-tech profiles by generating continuous, plausible, off-demographic synthetic activity from your device. The goal is simple: make your real behavioral signal statistically indistinguishable from noise.
Related contents:
YAMLCast turns a YAML description of a terminal screencast into an animated GIF.
It translates the YAML into a VHS .tape script and invokes vhs to render it. The translator is a single YAMLScript program at bin/yamlcast.
Related contents:
BudsLink is an application that provides battery monitoring and feature control for supported Bluetooth wearable audio devices, including AirPods, Beats, Sony Audio wearables, Samsung Galaxy Buds and Nothing/CMF buds.
Related contents:
Infrastructure as TypeScript
Deploy to Cloudflare, AWS, and more with pure TypeScript. Generate support for any API in minutes with AI.
Alchemy is an embeddable, TypeScript-native Infrastructure-as-Code (IaC) library for modeling Resources that are Created, Updated and Deleted automatically.
Browse, Compare & Download Fonts
Compare and preview fonts instantly & then download what you love.
Like Protobuf, without the pain. The single source of truth for your data types.
Skir is a declarative language for defining data types, constants, and APIs. Write your schema once in a .skir file and generate idiomatic, type-safe code in TypeScript, Python, Java, Go, C++, and more.
A standard for respecting user privacy in software.
A single, standard environment variable that clearly and unambiguously expresses a user's wish to opt out.
AI-Powered Docker Security Analyzer.
AI-powered Docker security scanner that explains vulnerabilities in plain English
Windows EVTX log analysis for DFIR — fast parsing, ATT&CK mapping, IOC extraction, and Sentinel anomaly detection. Normal + Juggernaut Mode (Arrow/DuckDB) for 10M+ events.
Enterprise Incident Response Toolkit.
Cross-platform incident response toolkit. 28 pre-built use cases, single binary, zero install. Memory, disk, network, and cloud collection with automated timeline generation.
Cross-platform DFIR toolkit for enterprise incident response. Velociraptor-native, air-gap compatible, portable — no installation required.
VanGuard is a self-contained incident response toolkit built in Go that gives DFIR teams a single binary for triage, threat hunting, memory forensics, disk collection, remote operations, and Velociraptor management — on both Windows and Linux, with or without network access.
A Windows Event Log viewer for tech support and IT professionals.