Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

overthinkos/immich

Name: immich
Author: overthinkos

ov-layers/skills/immich/SKILL.md

npx skillsauth add overthinkos/overthink-plugins immich

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

immich -- Self-hosted photo management server

Layer Properties

| Property | Value | |----------|-------| | Dependencies | supervisord, nodejs24, postgresql, redis, ffmpeg | | Ports | 2283 | | Volumes | library -> ~/.immich/library, cache -> ~/.immich/cache, import -> ~/.immich/import, external -> ~/.immich/external | | Service | immich-db-init (oneshot, priority 15), immich-server (priority 30) | | Route | immich.localhost:2283 | | Install files | tasks: |

Environment Variables

| Variable | Value | |----------|-------| | IMMICH_VERSION | v2.7.5 | | IMMICH_HOST / IMMICH_PORT | 0.0.0.0 / 2283 | | IMMICH_MEDIA_LOCATION | ~/.immich/library | | IMMICH_MACHINE_LEARNING_ENABLED | false | | DB_HOSTNAME / DB_DATABASE_NAME | 127.0.0.1 / immich | | DB_USERNAME / DB_PASSWORD | immich / immich | | REDIS_HOSTNAME / REDIS_PORT | 127.0.0.1 / 6379 | | NODE_ENV | production |

Packages

vips, vips-devel, perl-Image-ExifTool (RPM)
libheif, LibRaw, gcc-c++, make, unzip (RPM)

Note: FFmpeg is provided via the ffmpeg dependency layer (negativo17 nonfree build) rather than installed directly.

Build Process (tasks:)

The root-phase tasks download Immich source, builds the server, web UI, and core plugin:

Server — pnpm install --frozen-lockfile && pnpm --filter immich build && pnpm --filter immich deploy --prod /opt/immich/server
Geodata — Downloads reverse geocoding data from geonames.org
Web UI — pnpm --filter @immich/sdk --filter immich-web build
Core Plugin — Installs extism-js (v1.6.0) and binaryen (v124), then pnpm run build in plugins/ to compile TypeScript → WASM (plugin.wasm). Build tools are cleaned up after compilation.
PostgreSQL extensions — Init SQL at /docker-entrypoint-initdb.d/01-immich-extensions.sql creates vector, vchord CASCADE, and earthdistance CASCADE extensions (runs during first initdb only)
Database migration script — /usr/local/bin/immich-db-migrate.sh runs on every container start via the immich-db-init supervisord service. Waits for PostgreSQL, then idempotently ensures vector, earthdistance, and vchord (if available) extensions exist. Handles both fresh installs and upgrades of existing databases.
Server startup wrapper — /usr/local/bin/immich-server-start.sh waits for PostgreSQL to be ready before starting the Node.js process. Eliminates the crash-restart loop that previously occurred when supervisord started immich-server before PostgreSQL finished recovery.

All pnpm commands use npm_config_cache=/tmp/npm-root-cache to avoid creating root-owned files in the container user's ~/.cache directory.

Secrets

| Name | Env Vars | |------|----------| | db-password | DB_PASSWORD, POSTGRES_PASSWORD |

Usage

# image.yml
immich:
  layers:
    - immich

Used In Images

/ov-images:immich
/ov-images:immich-ml

Related Layers

/ov-layers:supervisord -- process manager dependency
/ov-layers:nodejs24 -- Node.js runtime dependency
/ov-layers:postgresql -- database dependency
/ov-layers:redis -- cache dependency
/ov-layers:ffmpeg -- FFmpeg multimedia (nonfree codecs) — required dependency
/ov-layers:vectorchord -- VectorChord extension (migration script creates it if available)
/ov-layers:immich-ml -- optional ML backend

When to Use This Skill

Use when the user asks about:

Immich photo management setup
Photo library configuration
Immich database or Redis connectivity
Port 2283 or immich.localhost route
Media processing (vips, ffmpeg, ExifTool)

/ov:layer — layer authoring reference (layer.yml schema, task verbs, service declarations)
/ov:test — declarative testing (tests: block, ov image test, ov test)

overthinkos/immich

ov-layers/skills/immich/SKILL.md

Immich photo management server on port 2283 with PostgreSQL and Redis. Use when working with Immich, photo management, or media library services.

development

Updated Apr 24, 2026

$ install --global

skillsauth

npx skillsauth add overthinkos/overthink-plugins immich

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 24, 2026, 2:52 PM173.8s1 file scanned

SKILL.md

name:: immich
description:: |

immich -- Self-hosted photo management server

Layer Properties

Environment Variables

Packages

vips, vips-devel, perl-Image-ExifTool (RPM)
libheif, LibRaw, gcc-c++, make, unzip (RPM)

Note: FFmpeg is provided via the ffmpeg dependency layer (negativo17 nonfree build) rather than installed directly.

Build Process (tasks:)

The root-phase tasks download Immich source, builds the server, web UI, and core plugin:

Server — pnpm install --frozen-lockfile && pnpm --filter immich build && pnpm --filter immich deploy --prod /opt/immich/server
Geodata — Downloads reverse geocoding data from geonames.org
Web UI — pnpm --filter @immich/sdk --filter immich-web build
Core Plugin — Installs extism-js (v1.6.0) and binaryen (v124), then pnpm run build in plugins/ to compile TypeScript → WASM (plugin.wasm). Build tools are cleaned up after compilation.
PostgreSQL extensions — Init SQL at /docker-entrypoint-initdb.d/01-immich-extensions.sql creates vector, vchord CASCADE, and earthdistance CASCADE extensions (runs during first initdb only)
Database migration script — /usr/local/bin/immich-db-migrate.sh runs on every container start via the immich-db-init supervisord service. Waits for PostgreSQL, then idempotently ensures vector, earthdistance, and vchord (if available) extensions exist. Handles both fresh installs and upgrades of existing databases.
Server startup wrapper — /usr/local/bin/immich-server-start.sh waits for PostgreSQL to be ready before starting the Node.js process. Eliminates the crash-restart loop that previously occurred when supervisord started immich-server before PostgreSQL finished recovery.

All pnpm commands use npm_config_cache=/tmp/npm-root-cache to avoid creating root-owned files in the container user's ~/.cache directory.

Secrets

| Name | Env Vars | |------|----------| | db-password | DB_PASSWORD, POSTGRES_PASSWORD |

Usage

# image.yml
immich:
  layers:
    - immich

Used In Images

/ov-images:immich
/ov-images:immich-ml

Related Layers

/ov-layers:supervisord -- process manager dependency
/ov-layers:nodejs24 -- Node.js runtime dependency
/ov-layers:postgresql -- database dependency
/ov-layers:redis -- cache dependency
/ov-layers:ffmpeg -- FFmpeg multimedia (nonfree codecs) — required dependency
/ov-layers:vectorchord -- VectorChord extension (migration script creates it if available)
/ov-layers:immich-ml -- optional ML backend

When to Use This Skill

Use when the user asks about:

Immich photo management setup
Photo library configuration
Immich database or Redis connectivity
Port 2283 or immich.localhost route
Media processing (vips, ffmpeg, ExifTool)

/ov:layer — layer authoring reference (layer.yml schema, task verbs, service declarations)
/ov:test — declarative testing (tests: block, ov image test, ov test)

Related Skills

overthinkos/charly

tools

VerifiedTrustedCommunity

OpenCharly CLI (charly) binary installed into container/VM images for in-container use. Use when working with charly binary deployment inside containers, native D-Bus support, or the full charly toolchain (charly binary + virtualization + gocryptfs + socat).

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-cachyos

development

VerifiedTrustedCommunity

Operator CachyOS workstation profile — a kind:local template + target:local deploy that installs the full dev stack (30 candies) onto a CachyOS host via ShellExecutor. Lives in the overthinkos/cachyos submodule. MUST be invoked before editing or applying the charly-cachyos workstation profile.

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-cachyos

overthinkos/charly-fedora

tools

VerifiedTrustedCommunity

Fedora box with the full charly toolchain using shared candies. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Same candy list as charly-arch. Includes NVIDIA GPU runtime. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-fedora box.

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-fedora

overthinkos/charly-arch

tools

VerifiedTrustedCommunity

Arch Linux box with the full charly toolchain. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Composes /charly-coder:charly-mcp so the box is reachable as an MCP gateway on port 18765. NVIDIA GPU runtime composed in. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-arch box.

SKILL.mdUpdated Jun 10, 2026

overthinkos/charly-arch

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/overthinkos/overthink-plugins.git

# Copy into Claude Code skills folder (global)
cp -r overthink-plugins/ov-layers/skills/immich ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

overthinkos/overthink-plugins

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT