Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

laurigates/dns-tools

Name: dns-tools
Author: laurigates

networking-plugin/skills/dns-tools/SKILL.md

npx skillsauth add laurigates/claude-plugins dns-tools

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

DNS Tools

When to Use This Skill

| Scenario | Use this skill | Alternative | |----------|---------------|-------------| | Look up DNS records (A, MX, TXT, etc.) | Yes | | | Check DNS propagation across resolvers | Yes | | | Query via encrypted DNS (DoT/DoH) | Yes | | | Verify email auth records (SPF/DKIM/DMARC) | Yes | | | Reverse DNS lookup for an IP | Yes | | | Troubleshoot connectivity or packet loss | | network-diagnostics (trippy, gping) | | Find hosts or open ports on a network | | network-discovery (RustScan, nmap) | | Discover devices on local L2 segment | | layer2-discovery (ARP/LLDP) | | Load test an HTTP endpoint | | http-load-testing (oha) | | Monitor real-time bandwidth per process | | network-monitoring (bandwhich) |

Core Expertise

dog is a modern, Rust-based DNS client that serves as a user-friendly alternative to dig. Key advantages:

Readable output: Colorized, human-friendly formatting by default
Modern protocols: Native support for DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH)
JSON output: Machine-parseable output for scripting and automation
Fast: Compiled Rust binary with minimal dependencies
Cross-platform: Works on Linux, macOS, and Windows

Installation

# macOS
brew install dog

# Cargo (any platform)
cargo install dog

# Arch Linux
pacman -S dog

Essential Commands

Basic Queries

# Query A record (default)
dog example.com

# Query specific record type
dog example.com MX
dog example.com AAAA
dog example.com TXT

# Query multiple record types
dog example.com A AAAA MX

# Query multiple domains
dog example.com example.org

Specifying DNS Server

# Use specific resolver
dog @8.8.8.8 example.com
dog @1.1.1.1 example.com MX

# Use system resolver explicitly
dog @/etc/resolv.conf example.com

Output Formats

# JSON output for parsing
dog --json example.com

# Short output (answers only)
dog --short example.com

# Quiet mode (minimal output)
dog -q example.com

DNS-over-TLS and DNS-over-HTTPS

Modern encrypted DNS protocols prevent eavesdropping and tampering.

DNS-over-TLS (DoT)

# Query via DoT (port 853)
dog --tls @dns.google example.com
dog --tls @1.1.1.1 example.com

# Explicit TLS server specification
dog --tls @dns.quad9.net example.com

DNS-over-HTTPS (DoH)

# Query via DoH
dog --https @https://dns.google/dns-query example.com
dog --https @https://cloudflare-dns.com/dns-query example.com

# Quad9 DoH
dog --https @https://dns.quad9.net/dns-query example.com

Protocol Comparison

| Protocol | Flag | Port | Use Case | |----------|------|------|----------| | UDP | (default) | 53 | Standard queries | | TCP | --tcp | 53 | Large responses, reliability | | DoT | --tls | 853 | Encrypted, TLS-based | | DoH | --https | 443 | Encrypted, HTTPS-based |

Advanced Features

Query Options

# Force TCP instead of UDP
dog --tcp example.com

# Set query timeout (seconds)
dog --timeout 5 example.com

# Disable recursion (query authoritative only)
dog --no-recurse example.com

# Query specific class
dog --class CH version.bind TXT  # Chaos class for version info

Reverse DNS

# PTR lookup for IP address
dog -x 8.8.8.8
dog --reverse 1.1.1.1

DNSSEC Queries

# Request DNSSEC records
dog --dnssec example.com

# Query DNSKEY records directly
dog example.com DNSKEY
dog example.com DS

Common Patterns

Troubleshooting DNS

# Check propagation across multiple resolvers
dog @8.8.8.8 example.com A
dog @1.1.1.1 example.com A
dog @9.9.9.9 example.com A

# Verify MX records for email
dog example.com MX --json | jq '.answers[].data'

# Check SPF/DKIM/DMARC for email auth
dog example.com TXT | grep -E 'spf|dkim|dmarc'
dog _dmarc.example.com TXT
dog selector._domainkey.example.com TXT

Automation and Scripting

# Extract IP addresses from JSON
dog --json example.com A | jq -r '.answers[].data'

# Check if domain resolves
dog --short example.com && echo "Resolves" || echo "No resolution"

# Batch queries
for domain in example.com example.org; do
  dog --json "$domain" A
done

Alternative Tools

dig (Traditional)

Still valuable for DNSSEC validation and advanced debugging:

# DNSSEC validation
dig +dnssec example.com

# Trace delegation path
dig +trace example.com

# Query with specific options
dig +noall +answer example.com MX

drill (LDNS Project)

DNSSEC-focused tool from NLnet Labs:

# DNSSEC chase
drill -S example.com

# Trace from root
drill -T example.com

Agentic Optimizations

| Context | Command | |---------|---------| | Parse results | dog --json example.com | | Quick check | dog --short example.com | | Minimal output | dog -q example.com A | | Extract IPs | dog --json example.com A \| jq -r '.answers[].data' | | Batch queries | Loop with --json for structured output | | CI/CD checks | dog --json --timeout 5 for fast, parseable results |

Quick Reference

Record Types

| Type | Description | Example | |------|-------------|---------| | A | IPv4 address | dog example.com A | | AAAA | IPv6 address | dog example.com AAAA | | MX | Mail exchanger | dog example.com MX | | NS | Name server | dog example.com NS | | TXT | Text record | dog example.com TXT | | CNAME | Canonical name | dog www.example.com CNAME | | SOA | Start of authority | dog example.com SOA | | PTR | Pointer (reverse) | dog -x 8.8.8.8 | | SRV | Service record | dog _sip._tcp.example.com SRV | | CAA | Certificate authority | dog example.com CAA |

Common Flags

| Flag | Short | Description | |------|-------|-------------| | --json | -J | JSON output | | --short | -s | Answers only | | --tcp | -T | Use TCP | | --tls | | DNS-over-TLS | | --https | -H | DNS-over-HTTPS | | --reverse | -x | Reverse lookup | | --timeout | | Query timeout | | --dnssec | -D | Request DNSSEC | | --class | -C | Query class | | --no-recurse | | Disable recursion |

Error Handling

| Error | Cause | Solution | |-------|-------|----------| | NXDOMAIN | Domain does not exist | Verify domain spelling | | SERVFAIL | Server failure | Try different resolver | | REFUSED | Query refused | Server policy, try public resolver | | Timeout | No response | Check network, increase --timeout | | Connection refused | DoT/DoH server unreachable | Verify server address and port |

laurigates/dns-tools

networking-plugin/skills/dns-tools/SKILL.md

DNS resolution and propagation debugging. Use when looking up A/AAAA/MX/TXT records, verifying DNS changes across resolvers, or querying via DoT/DoH.

35 stars

tools

Updated May 20, 2026

$ install --global

skillsauth

npx skillsauth add laurigates/claude-plugins dns-tools

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 20, 2026, 8:29 AM129.8s1 file scanned

SKILL.md

name:: dns-tools
description:: DNS resolution and propagation debugging. Use when looking up A/AAAA/MX/TXT records, verifying DNS changes across resolvers, or querying via DoT/DoH.
user-invocable:: false
allowed-tools:: Bash(dig *), Bash(nslookup *), Bash(host *), Bash(whois *), Read, Grep, Glob, TodoWrite
created:: 2026-01-01
modified:: 2026-04-25
reviewed:: 2026-04-25

DNS Tools

When to Use This Skill

Core Expertise

dog is a modern, Rust-based DNS client that serves as a user-friendly alternative to dig. Key advantages:

Readable output: Colorized, human-friendly formatting by default
Modern protocols: Native support for DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH)
JSON output: Machine-parseable output for scripting and automation
Fast: Compiled Rust binary with minimal dependencies
Cross-platform: Works on Linux, macOS, and Windows

Installation

# macOS
brew install dog

# Cargo (any platform)
cargo install dog

# Arch Linux
pacman -S dog

Essential Commands

Basic Queries

# Query A record (default)
dog example.com

# Query specific record type
dog example.com MX
dog example.com AAAA
dog example.com TXT

# Query multiple record types
dog example.com A AAAA MX

# Query multiple domains
dog example.com example.org

Specifying DNS Server

# Use specific resolver
dog @8.8.8.8 example.com
dog @1.1.1.1 example.com MX

# Use system resolver explicitly
dog @/etc/resolv.conf example.com

Output Formats

# JSON output for parsing
dog --json example.com

# Short output (answers only)
dog --short example.com

# Quiet mode (minimal output)
dog -q example.com

DNS-over-TLS and DNS-over-HTTPS

Modern encrypted DNS protocols prevent eavesdropping and tampering.

DNS-over-TLS (DoT)

# Query via DoT (port 853)
dog --tls @dns.google example.com
dog --tls @1.1.1.1 example.com

# Explicit TLS server specification
dog --tls @dns.quad9.net example.com

DNS-over-HTTPS (DoH)

# Query via DoH
dog --https @https://dns.google/dns-query example.com
dog --https @https://cloudflare-dns.com/dns-query example.com

# Quad9 DoH
dog --https @https://dns.quad9.net/dns-query example.com

Protocol Comparison

Advanced Features

Query Options

# Force TCP instead of UDP
dog --tcp example.com

# Set query timeout (seconds)
dog --timeout 5 example.com

# Disable recursion (query authoritative only)
dog --no-recurse example.com

# Query specific class
dog --class CH version.bind TXT  # Chaos class for version info

Reverse DNS

# PTR lookup for IP address
dog -x 8.8.8.8
dog --reverse 1.1.1.1

DNSSEC Queries

# Request DNSSEC records
dog --dnssec example.com

# Query DNSKEY records directly
dog example.com DNSKEY
dog example.com DS

Common Patterns

Troubleshooting DNS

# Check propagation across multiple resolvers
dog @8.8.8.8 example.com A
dog @1.1.1.1 example.com A
dog @9.9.9.9 example.com A

# Verify MX records for email
dog example.com MX --json | jq '.answers[].data'

# Check SPF/DKIM/DMARC for email auth
dog example.com TXT | grep -E 'spf|dkim|dmarc'
dog _dmarc.example.com TXT
dog selector._domainkey.example.com TXT

Automation and Scripting

# Extract IP addresses from JSON
dog --json example.com A | jq -r '.answers[].data'

# Check if domain resolves
dog --short example.com && echo "Resolves" || echo "No resolution"

# Batch queries
for domain in example.com example.org; do
  dog --json "$domain" A
done

Alternative Tools

dig (Traditional)

Still valuable for DNSSEC validation and advanced debugging:

# DNSSEC validation
dig +dnssec example.com

# Trace delegation path
dig +trace example.com

# Query with specific options
dig +noall +answer example.com MX

drill (LDNS Project)

DNSSEC-focused tool from NLnet Labs:

# DNSSEC chase
drill -S example.com

# Trace from root
drill -T example.com

Agentic Optimizations

Quick Reference

Record Types

Common Flags

Error Handling

Related Skills

laurigates/comfyui-node-scaffold

tools

VerifiedTrustedCommunity

Scaffold a new ComfyUI custom-node repo (pyproject, CI, release-please, vitest+pytest, JS extension skeleton) in the picker/gesture vein. Use when bootstrapping or init-ing a comfyui node pack.

35SKILL.mdUpdated Jun 5, 2026

laurigates/comfyui-node-scaffold

laurigates/comfy-node

tools

VerifiedTrustedCommunity

Orchestrate a ComfyUI node pack from idea to registry: scaffold, create + seed the repo, open the gitops adoption PR. Use when releasing or spinning up a new comfyui node pack.

35SKILL.mdUpdated Jun 5, 2026

laurigates/comfy-node

laurigates/endpoint-security-cpu

testing

VerifiedTrustedCommunity

macOS EndpointSecurity/EDR high CPU & battery drain. Use when Kandji ESF / XProtect pegs a core; trace the exec storm via powermetrics + eslogger.

35SKILL.mdUpdated Jun 4, 2026

laurigates/endpoint-security-cpu

laurigates/odiff-image-diffing

development

VerifiedTrustedCommunity

odiff pixel-by-pixel image diffing. Use when comparing screenshots, detecting visual regressions, diffing before/after PNGs, asserting golden images.

35SKILL.mdUpdated May 30, 2026

laurigates/odiff-image-diffing

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/laurigates/claude-plugins.git

# Copy into Claude Code skills folder (global)
cp -r claude-plugins/networking-plugin/skills/dns-tools ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

laurigates/claude-plugins

35 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT