Our review
Manages NixOS configuration, package installation/removal, system updates, and dotfiles via an nrs alias.
Strengths
- Automates editing configuration.nix to add/remove packages
- Runs NixOS rebuild and handles build errors
- Version controls changes with Git and offers to push
Limitations
- Requires a specific Dotfiles layout (~/Dotfiles)
- Relies on user-defined nrs alias (nixos-rebuild switch)
- Does not handle complex multi-user configurations
For any NixOS package management or configuration task with an organized dotfiles setup.
On a non-NixOS system or if the user prefers manual dotfiles management.
Security analysis
CautionThe skill performs system-wide NixOS rebuilds via `nrs` (nixos-rebuild switch) which runs with elevated privileges and can modify the entire system configuration. It also commits and optionally pushes to a Git repository. These are legitimate administrative actions but come with inherent risk if misused, though the skill includes user confirmation before pushing and showing diffs. No destructive or exfiltration patterns detected.
No concerns found
Examples
Install htop on my NixOS system.Remove python2 from my user packages.Update my NixOS flake and rebuild.name: nix description: NixOS package management and dotfiles configuration. Activates for package install/remove/search, system updates, and configuration changes.
NixOS Package Management
Help with NixOS configuration and package management.
User input: $ARGUMENTS
Instructions
-
Read context and config:
- Read
~/Dotfiles/CLAUDE.mdto understand the dotfiles layout - Read
~/Dotfiles/configuration.nixto see current packages - Read
~/Dotfiles/flake.nixif flake changes needed
- Read
-
Parse the request:
- Install package: User wants to add a package (e.g., "install htop", "add nodejs")
- Remove package: User wants to remove a package
- Search: User wants to find a package (e.g., "search for video editor")
- Update: User wants to update the system
- Other: Configuration changes, services, etc.
-
For package install/remove:
- Search nixpkgs to confirm exact package name:
nix search nixpkgs <name> - Edit
configuration.nixto add/remove fromusers.users.sasha.packages - Show the diff to user
- Search nixpkgs to confirm exact package name:
-
For search:
- Run
nix search nixpkgs <query>and summarize results - Suggest the most relevant package(s)
- Run
-
For updates:
- Run
nix flake updatein~/Dotfiles - Then rebuild
- Run
-
Apply changes:
- Run:
nrs(alias for nixos-rebuild switch) - If rebuild fails:
- Analyze the error output
- Identify the root cause (missing dependency, syntax error, etc.)
- Fix the issue and retry
- Repeat until successful or user asks to stop
- Report success
- Run:
-
Update documentation:
- If structural changes were made (new services, major packages), update
~/Dotfiles/CLAUDE.md
- If structural changes were made (new services, major packages), update
-
Commit changes (only after successful rebuild):
cd ~/Dotfilesgit add -Agit commitwith a descriptive message (e.g., "Add htop package", "Update flake inputs")- Ask user: "Ready to push to remote?"
- Only push if user confirms
Package Locations
- User packages:
configuration.nix→users.users.sasha.packages - System packages:
configuration.nix→environment.systemPackages - Flake inputs:
flake.nix→ for adding external flakes
Docker Compose Architect
DevOps
Designs optimized Docker Compose configurations.
Incident Postmortem Writer
DevOps
Writes structured and blameless incident postmortem reports.
Runbook Creator
DevOps
Creates clear operational runbooks for common DevOps procedures.