overthinkos/ubuntu-debootstrap
distros/skills/ubuntu-debootstrap/SKILL.md
Bootstrap-from-scratch Ubuntu 24.04 rootfs via debootstrap inside a privileged builder (from: builder:debootstrap, bootstrap_builder_image: ubuntu-debootstrap-builder). Retained for offline/air-gapped builds. Lives in the overthinkos/ubuntu submodule (box/ubuntu). MUST be invoked before building or troubleshooting ubuntu-debootstrap.
development
Updated Jun 11, 2026
$ install --global
skillsauthnpx skillsauth add overthinkos/overthink-plugins ubuntu-debootstrapInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 11, 2026, 7:05 AM115.0s1 file scanned
SKILL.md
- name:
- ubuntu-debootstrap
- description:
- |
- builder (from:
- builder:debootstrap, bootstrap_builder_image:
ubuntu-debootstrap
Bootstrap-from-scratch Ubuntu 24.04 (noble) root filesystem, built via
debootstrap inside the privileged /charly-distros:ubuntu-debootstrap-builder
container (from: builder:debootstrap,
bootstrap_builder_image: ubuntu-debootstrap-builder).
Lives in
overthinkos/ubuntu(git submodule atbox/ubuntu). Build:charly -C box/ubuntu box build ubuntu-debootstrap.
When to use it (and when not)
The canonical Ubuntu base (/charly-distros:ubuntu) pulls the upstream-published
ubuntu:24.04 OCI image from Docker Hub — that is the recommended, faster path.
This debootstrap variant exists for offline / air-gapped builds and as a
worked example of the from: builder:debootstrap pattern.
Box Properties
| Property | Value |
|----------|-------|
| From | builder:debootstrap |
| bootstrap_builder_image | ubuntu-debootstrap-builder |
| Distro | ubuntu:24.04, ubuntu, debian |
| Build | deb |
| Home repo | overthinkos/ubuntu (box/ubuntu) |
The ubuntu distro config (inherits: debian; debootstrap suite noble,
mirror http://archive.ubuntu.com/ubuntu, components main,universe) lives in
the main repo's build.yml and is flat-imported by the submodule (a bare-string
import: item). The single imported build.yml carries BOTH the ubuntu and
debian distro configs, so the inherits: debian resolution needs no reference
to overthinkos/debian.
Cross-References
/charly-distros:ubuntu— the recommended Docker-Hub base/charly-distros:ubuntu-debootstrap-builder— the privileged builder it uses/charly-vm:ubuntu— the VM built via the same debootstrap path
When to Use This Skill
MUST be invoked before building or debugging the Ubuntu debootstrap rootfs. Invoke BEFORE reading source code or launching Explore agents.
Related Skills
overthinkos/charly
tools
VerifiedTrustedCommunity
OpenCharly CLI (charly) binary installed into container/VM images for in-container use. Use when working with charly binary deployment inside containers, native D-Bus support, or the full charly toolchain (charly binary + virtualization + gocryptfs + socat).
SKILL.mdUpdated Jun 10, 2026
overthinkos/charly-cachyos
development
VerifiedTrustedCommunity
Operator CachyOS workstation profile — a kind:local template + target:local deploy that installs the full dev stack (30 candies) onto a CachyOS host via ShellExecutor. Lives in the overthinkos/cachyos submodule. MUST be invoked before editing or applying the charly-cachyos workstation profile.
SKILL.mdUpdated Jun 10, 2026
overthinkos/charly-fedora
tools
VerifiedTrustedCommunity
Fedora box with the full charly toolchain using shared candies. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Same candy list as charly-arch. Includes NVIDIA GPU runtime. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-fedora box.
SKILL.mdUpdated Jun 10, 2026
overthinkos/charly-arch
tools
VerifiedTrustedCommunity
Arch Linux box with the full charly toolchain. Rootless-first — runs as uid=1000 with passwordless sudo (no root, no cap_add: ALL). Composes /charly-coder:charly-mcp so the box is reachable as an MCP gateway on port 18765. NVIDIA GPU runtime composed in. MUST be invoked before building, deploying, configuring, or troubleshooting the charly-arch box.
SKILL.mdUpdated Jun 10, 2026