Links
AddScripts and utilities for secure OpenBAO/Vault management, featuring role-based access control, MFA, token lifecycle management, and API integration examples. Implements security best practices for secrets management.
OpenBAO (Open Build, Authenticate, and Operate) is an open-source fork of HashiCorp Vault that remains fully open-source under the MPL 2.0 license. This setup is designed for managing secrets across multiple namespaces, ideal for multi-tenant applications and integrations with various systems like n8n.
OpenAPI Breaking Change Detection & PR Review. Know exactly what changed in your API — and who approved it. Command-line and Go package to compare and detect breaking changes in OpenAPI specs.
oasdiff posts a breaking change report on every pull request, with one-click approve/reject for each change. The CI gate updates automatically.
Related contents:
Datadog Static AI Security Testing (SAIST) tool.
Code Security scans your first-party code and open source libraries used in your applications in both your repositories and running services, providing end-to-end visibility from development to production.
Related contents:
Garry's Opinionated OpenClaw/Hermes Agent Brain.
Your AI agent is smart but it doesn't know anything about your life. GBrain fixes that. Meetings, emails, tweets, calendar events, voice calls, original ideas... all of it flows into a searchable knowledge base that your agent reads before every response and writes to after every conversation. The agent gets smarter every day.
The open source, no-code MCP Server for AI-Native API Access
Build a uniform API value chain for AI agents with secure, no-code endpoint translation across your existing API services.
reShapr is the open source, no-code MCP Server for AI-Native API Access. It bridges the gap between traditional REST/GraphQL/gRPC services and LLMs by transforming complex services into discoverable, optimized MCP tools.
Related contents:
Schedule automated simulations of actions you would perform on your PC.
Related contents:
Aidge is an innovative, open-source framework designed to streamline and accelerate the deployment of Deep Neural Networks onto diverse hardware targets. In today’s rapidly evolving AI landscape, moving from a trained model to a high-performance, production-ready application can be a complex and time-consuming process.
Related contents:
A random collection of accessibility-focused tools that you might find at least partially useful
Related contents:
Offline Hike, Bike, Trails and Navigation.
Organic Maps is a privacy-focused offline maps & GPS app for hiking, cycling, biking, and driving. Absolutely free. No ads. No tracking. Developed with love by the open-source community and the same people, who created MapsWithMe/Maps.Me app. Powered by OpenStreetMap data.
Related contents:
Simple Secure Keeper for Secrets.
Keeper is a cryptographic secret store for Go. It encrypts arbitrary byte payloads at rest using Argon2id key derivation and XChaCha20-Poly1305 (default) authenticated encryption, and stores them in an embedded bbolt database.
Collection of npm package manager Security Best Practices.
Shai-Hulud, Nx and other incidents are a growing concern of supply chain security attacks and compromised npm packages. Follow these developer security best practices around npm, package maintenance and secure local development to mitigate security risks.
PentAGI: Advanced AI-Powered Penetration Testing
Fully autonomous AI Agent that performs complicated penetration testing tasks using terminal, browser, editor, and external search system.
Like BrowserUse, but for the terminal.
tui-use lets agents interact with programs that expect a human at the keyboard — REPLs, debuggers, TUI apps, and anything else bash can't reach.
A Watchdog for Your Infrastructure State. Continuous infrastructure drift detection with historical tracking and notifications.
Monitor infrastructure drift for Terraform, OpenTofu, and Terragrunt. Real-time drift detection with automated alerting.
Homogeneous Kubernetes clusters at scale on any infrastructure using hosted control planes. A Managed Kubernetes Service Done Right. Deliver fully-managed clusters at scale everywhere with your own Gardener installation.
Gardener implements the automated management and operation of Kubernetes clusters as a service and provides a fully validated extensibility framework that can be adjusted to any programmatic cloud or infrastructure provider.
A sliding, tiling window manager for MacOS.
Paneru is a MacOS window manager that arranges windows on an infinite strip, extending to the right. A core principle is that opening a new window will never cause existing windows to resize, maintaining your layout stability.
Each monitor operates with its own independent window strip, ensuring that windows remain confined to their respective displays and do not "overflow" onto adjacent monitors.
declarative. reproducible. human-friendly.
Lix is a modern, delicious implementation of the Nix package manager, focused on correctness, usability, and growth – and committed to doing right by its community.
Claude Code orchestrator in one window.
Orchestrate multiple Claude Code sessions across projects. Review diffs, annotate code, send instructions — all from one window.
Related contents:
Fast, encrypted, deduplicated backups in Rust — with friendly YAML config, a desktop GUI, and support for S3, custom REST and SFTP storage.
Inspired by BorgBackup, Borgmatic, Restic, and Rustic. Vykar uses its own on-disk format and is not compatible with Borg or Restic repositories.
Vykar is a fast, encrypted, deduplicated backup tool written in Rust. It’s centered around a simple YAML config format and includes a desktop GUI and webDAV server to browse snapshots. More about design goals.
Open-Source Workflow Automation & Solution Engineering Platform.
Flow-Like: Strongly Typed Enterprise Scale Workflows. Built for scalability, speed, seamless AI integration and rich customization. A Rust-powered workflow engine that runs on your device — laptop, server, or phone. Fully typed. Fully traceable. Fully yours.
Flow-Like is a visual workflow automation platform that runs entirely on your hardware. Build workflows with drag-and-drop blocks, run them on your laptop, phone, or server, and get a clear record of where data came from, what changed, and what came out — no cloud dependency, no black boxes, no guesswork.
🔗 A federated network to bookmark, organize, share and discover good web pages. 🪢Federated website aggregator.
It's getting harder and harder to find good web pages. When you do find good ones, it's worth hanging onto them. ties is your own small corner of the web, where you can keep your favorite pages, and share them with your friends to help them find good web pages too.
Manage CrowdSec, Traefik integration, decisions, scenarios, logs, backups, and updates from a single web interface.
A web-based management interface for CrowdSec security stack with Pangolin integration. This project replaces the bash script with a modern, user-friendly ShadcnUI built with Go and React.
Package your AI coding workflows as YAML. Run them anywhere — CLI, Web, Slack, Telegram, GitHub, Discord.
The first open-source harness builder for AI coding. Make AI coding deterministic and repeatable.
Open-Source API Security Testing Framework.
API security testing framework for REST, GraphQL, and gRPC that validates authorization logic using role-based testing and YAML-driven templates.
Hadrian is an open-source API security testing framework that detects OWASP API Top 10 vulnerabilities in REST, GraphQL, and gRPC APIs. It uses role-based authorization testing and YAML-driven templates to automatically find broken object-level authorization (BOLA), broken function-level authorization (BFLA), broken authentication, and other critical API security flaws — without writing custom test code.
Understand Any Codebase in Minutes, Not Hours
AI-powered repository analysis that turns complex codebases into interactive documentation, dependency graphs, and intelligent conversations.
Related contents:
Virtual desktop pet cats for macOS — pixel art cats that live on your dock and chat with you via Ollama LLM.
Related contents:
Self-hosted image processing
Resize, compress, convert, remove backgrounds, and more. All on your own server, no data leaves your machine. Get started
Stirling-PDF but for images. 30+ tools and local AI in a single Docker container - resize, compress, remove backgrounds, upscale, OCR, and more. No cloud, no telemetry. Your images never leave your machine.
Related contents:
A visual explorer for Unicode. Browse the character set, discover related glyphs, and learn more about the scripts, symbols, and shapes that make up the standard.
Related contents:
AI-Native Task Management.
Multica is an open-source platform that turns coding agents into real teammates. Assign tasks, track progress, compound skills — manage your human + agent workforce in one place.
Related contents:
Sync and store locally all of your X / Twitter bookmarks.
An open source, free CLI tool for collecting and categorizing your personal X/Twitter bookmarks. Makes your bookmarks locally available to Claude Code, Codex, or any other agent with shell access.
Related contents:
A new developer platform is coming. Every commit tells a story. Now you can read it.
Entire CLI hooks into your git workflow to capture AI agent sessions on every push. Sessions are indexed alongside commits, a searchable record of how code was written.
Related contents:
A Man-in-the-Middle proxy written in Rust. Intercept, inspect, and modify HTTP/HTTPS traffic with Lua scripting, a TUI, and a web interface.
A programmable MITM proxy that intercepts HTTP/HTTPS traffic so you don't have to guess what your app is doing. Forward & reverse modes, TLS interception, TUI, terminal, and web GUI.
Related contents:
Filesystem-based module system for Nix
Haumea is not related to or a replacement for NixOS modules. It is closer to the module systems of traditional programming languages, with support for file hierarchy and visibility.
In short, haumea maps a directory of Nix files into an attribute set.
Community driven Dendritic Nix configurations.
Editor-distributions like those for nvim/emacs provide community-driven, opinionated configurations that can be easily reused and enabled by newcomers.
The dendrix project aims to provide the same experience: having community-managed, author-maintained and no-barrier-of-entry setups for everything that can be configured using flake-parts modules.
Related contents:
Keymap manager for wlroots-based compositors. Inspired by which-key.nvim.
Related contents:
Recursively import Nix modules from a directory tree.
import-tree recursively discovers and imports Nix files from a directory tree. It works with NixOS, nix-darwin, home-manager, flake-parts, NixVim, and any Nix module system.
Related contents:
Personal News Reader with Intelligence Training. RSS and web feeds, synced on every platform you use.
A production-grade, zero-configuration preset for
Ultracite is a zero-config preset for ESLint, Biome, and Oxlint that helps teams and AI write consistent, type-safe code.
The Universal Documentation Engine.
The minimalist, zero-config engine for professional documentation. No React, no heavy frameworks. Generate minimal, fast & beautiful docs from Markdown. No React, no bloat, just content. Built for developers.
⚡️ Superpowers for your Openclaw. Powerful prebuilt agent workflows. Including 113 prebuilt workflows you can enable in 1 click 🎉
Build your own component library.
Accessible components for Astro and Tailwind CSS. Components are added to your project with the CLI. You own and control the code.
Network Monitor and Application Firewall for macOS.
The Little Snitch Network Monitor shows you where your Mac connects to on the Internet. You decide what you want to allow or deny.
Deploy any Agent Skill as an API via POST /run. Multi-model, stateful, open source.
Turn any Agent Skill (SKILL.md) into a callable API via POST /run. Multi-model, stateful, open source.
A language designed for machines to write. A programming language designed for LLMs to write, not humans.
Vera (v-ERR-a) is a programming language designed for large language models to write. The name comes from the Latin veritas (truth). Programs compile to WebAssembly and run at the command line or in the browser.
A fully featured React components library.
Build fully functional accessible web applications faster than ever – Mantine includes more than 120 customizable components and 70 hooks to cover you in any situation.
Components in Markdown.
A fast, streaming-ready markdown parser with component support for Vue, React, Svelte, HTML and ANSI terminal.
skeleton screens for your UI. Auto generated skeleton loading framework.
Pixel-perfect skeleton loading screens, extracted from your real UI. No manual measurement, no hand-tuned placeholders. boneyardsnapshots your real UI and captures a flat list of skeleton “bones” — positioned, sized rectangles that mirror the page exactly.
No manual measurement. No hand-tuned placeholders. Wrap your component in <Skeleton> and get pixel-perfect skeleton screens that stay in sync with your actual layout.
BIRD is an (not only) IP routing daemon.
The BIRD project aims to develop a fully functional dynamic IP routing daemon primarily targeted on (but not limited to) Linux, FreeBSD and other UNIX-like systems and distributed under the GNU General Public License.
BIRD is a dynamic IP routing daemon with full support of most modern routing protocols, easy to use configuration interface and powerful route filtering language, primarily targeted on (but not limited to) Linux and other UNIX-like systems and distributed under the GNU General Public License.
A fast and lightweight fully featured OCI runtime and C library for running containers
Spin is a framework for building and running event-driven microservice applications with WebAssembly (Wasm) components.
It aims to be the easiest way to get started with WebAssembly microservices, and takes advantage of the latest developments in the WebAssembly component model and Wasmtime runtime. Spin offers a simple CLI that helps you create, distribute, and execute applications, and in the next sections we will learn more about Spin applications and how to get started.
CLI tool for spawning and running containers according to the OCI specification.
youki is an implementation of the OCI runtime-spec in Rust, similar to runc.
Turns any HTML page into clean markdown.
Mozilla Readability algorithm + hickory-to-markdown converter for Babashka.
Turns any HTML page into clean markdown by parsing it with jsoup, scoring content using the Mozilla Readability algorithm, extracting the main article body, and converting the hickory tree to markdown.
Related contents:
Effortlessly Save and Preserve Web Pages. Web Extension for saving a faithful copy of a complete web page in a single HTML file.
SingleFile is a browser extension that allows you to save an entire web page, including all its resources (e.g., images, stylesheets, fonts, frames, etc.), as a single HTML file with just one click.
The saved page can be displayed offline in any browser without needing to install any extension. Ideal for researchers, students, and professionals needing reliable offline copies of web pages, or for anyone wanting to keep a record of their favorite web content.
SingleFile is available for Chrome, Edge, Firefox, and Safari. It is free and open source.
Related contents:
AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.
Runtime governance for AI agents — the only toolkit covering all 10 OWASP Agentic risks with 9,500+ tests. Governs what agents do, not just what they say — deterministic policy enforcement, zero-trust identity, execution sandboxing, and SRE — Python · TypeScript · .NET · Rust · Go
Related contents:
Open Agent Harness.
OpenHarness delivers core lightweight agent infrastructure: tool-use, skills, memory, and multi-agent coordination.
Related contents:
The Agent Operating System.
LibreFang is a production-grade runtime for autonomous AI agents. Single binary, 15 built-in capability units, 44 channel adapters. Built in Rust for the workloads that can't afford to go down. LibreFang is an Agent Operating System — a full platform for running autonomous AI agents, built from scratch in Rust. Not a chatbot framework, not a Python wrapper.
Traditional agent frameworks wait for you to type something. LibreFang runs agents that work for you — on schedules, 24/7, monitoring targets, generating leads, managing social media, and reporting to your dashboard.
Related contents:
Agent teammates that grow with you.
The ultimate space for work and life — to find, build, and collaborate with agent teammates that grow with you. We are taking agent harness to the next level — enabling multi-agent collaboration, effortless agent team design, and introducing agents as the unit of work interaction.
Related contents:
reference impl with llama.cpp compiled to distributed inference across machines, with real end to end demo.
Mesh LLM lets you pool spare GPU capacity across machines and expose the result as one OpenAI-compatible API.
If a model fits on one machine, it runs there. If it does not, Mesh LLM automatically spreads the work across the mesh.
Related contents: