thomas
No lore recorded.
click a wedge to zoom · center to return
Show full breakdown
- cli_invocation100.0%28kaudit52%15k
- record15k
model18%5.1k- method3.9k
- type562
- search203
- get190
- create53
- list46
- delete25
- validate24
- output11
- evaluate2
vault18%4.9k- read-secret4.6k
- list-keys99
- put87
- list55
- get15
- create11
- type7
- search7
- describe1
- delete1
data8%2.1k- get1.6k
- list260
- delete243
- query23
- versions4
- search1
extension1%390- fmt96
- quality75
- push73
- search67
- version31
- list13
- info13
- pull8
- source6
- rm5
- trust2
- yank1
completions1%225- zsh225
workflow1%215- run119
- validate30
- history26
- create9
- list9
- get8
- search7
- evaluate5
- schema1
- delete1
help1%145- model80
- vault33
- extension10
- data8
- issue2
- serve2
- workflow1
- doctor1
- repo1
doctor0%55- extensions53
auth0%20- whoami16
- login2
update0%9repo0%5- upgrade5
issue0%2- bug2
summarise0%1
Technitium
Management of a Technitium DNS Server via its HTTP API — built-in ad-blocking control (enable/disable, temporary disable, allow/block list URLs), authoritative zone + record lifecycle, allowed/blocked custom domains, dashboard stats, DNS client + query-log debugging, cache flush, settings backup/restore, and security settings (admin web-service TLS certificate + DNSSEC validation).
Postgres Admin
Non-destructive PostgreSQL administration over a direct TCP connection (node-postgres). Read/audit of databases, roles, permissions, tables, connections, and extensions; plus data-safe admin DDL — create database/role, grant/revoke, rotate passwords, and an idempotent app_provision composite. Never reads or writes table rows; never DROP/TRUNCATE; no arbitrary-SQL passthrough.
Arcane
Management of an Arcane Docker instance via its REST API — GitOps sync setup, compose project lifecycle with validated mode-aware deploy, swarm stack deploy (render-validated, convergence-polled) + secret/config rotation, and volume/prune cleanup.
Zitadel
Careful, non-destructive administration of a Zitadel instance over its Management API (v1 REST), authenticated with a JWT private-key service account. Read/audit of orgs, projects, applications, users and managers; idempotent provisioning of OIDC/API applications and machine (service) users; project-role and user-grant authorization (roles, grants, and the role-assertion flag that surfaces roles in tokens); rotation of client secrets, PATs, machine keys and secrets; and reversible deactivate/reactivate. Machine identities only. The only hard delete is a single, verify-first project-role removal (roles have no deactivate state); secrets are emitted once and marked sensitive.
Woodpecker
Careful administration of a Woodpecker CI server over its REST API, authenticated with a personal access token. Onboard and configure repositories (enable, mark trusted, set timeout/visibility/approval), promote shared CI credentials to org- or repo-scoped secrets idempotently, inspect recent pipelines, and trigger runs. Mutations are additive or reversible (disable/secret-delete undo by re-running enable/set); secret values are write-only — supplied via a vault reference, sent once, and never read back or emitted.