regenrek/homebrew-publish
skills/homebrew-publish/SKILL.md
Publish CLIs/TUIs to Homebrew via a personal tap. Use when asked to create or manage a Homebrew tap repo, generate or update formulae, compute sha256, test installs, or ship new releases for Go, Rust, Node/TypeScript, Python, or prebuilt binaries.
$ install --global
skillsauthnpx skillsauth add regenrek/agent-skills homebrew-publishInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 17, 2026, 5:23 AM236.5s7 files scanned
SKILL.md
- name:
- homebrew-publish
- description:
- Publish CLIs/TUIs to Homebrew via a personal tap. Use when asked to create or manage a Homebrew tap repo, generate or update formulae, compute sha256, test installs, or ship new releases for Go, Rust, Node/TypeScript, Python, or prebuilt binaries.
Homebrew Publish
Overview
Create or update a Homebrew tap and formulae so users can install a project's CLI/TUI with brew install OWNER/tap/<formula>.
Workflow
1) Gather inputs
- Confirm GitHub owner, tap name, and whether the tap repo already exists.
- Collect project repo URL, release tag/version, and the source tarball URL or prebuilt asset URL(s).
- Identify build system and language (Go, Rust, Node/TypeScript, Python, or other).
- Define binary name and a minimal
test docommand. - Confirm target platforms/architectures and whether bottles are desired.
2) Ensure tap repo exists (skip if already set)
- Create a tap repo using the short form
OWNER/tapwhen possible. - Run:
brew tap-new OWNER/homebrew-tap(orhomebrew-<tapname>)gh repo create OWNER/homebrew-tap --push --public --source "$(brew --repository OWNER/homebrew-tap)"
3) Create the formula skeleton
- Prefer stable source tarballs from release tags.
- Run:
brew create <url-to-tarball> --tap OWNER/homebrew-tap --set-name <formula>
4) Implement the formula
- Edit
Formula/<formula>.rband wire build/install/test. - Pick a language template from references:
references/formula-go.mdreferences/formula-rust.mdreferences/formula-node.mdreferences/formula-python.mdreferences/formula-prebuilt.md
- Ensure
desc,homepage,url,sha256, andlicenseare correct.
5) Compute sha256
- Use
shasum -a 256 <file>for local files. - For remote URLs, run
curl -L <url> | shasum -a 256.
6) Test locally
- Run
brew install --build-from-source OWNER/tap/<formula>. - Run
brew test OWNER/tap/<formula>. - Optionally run
brew audit --strict --online OWNER/tap/<formula>.
7) Commit and push
- Commit in the tap repo and push to GitHub.
8) Update for new releases
- Update
urlandsha256(andversionif needed). - Re-run tests, commit, and push.
Notes
- Prefer source builds unless a prebuilt binary is required.
- If bottles are enabled, keep the default workflows created by
brew tap-newand follow their publish instructions.
Related Skills
regenrek/electron-live-test
tools
VerifiedTrustedCommunity
Live-test any Electron desktop app with native-devtools-mcp, Chrome DevTools Protocol, screenshots, OCR, and accessibility tools. Use when the user asks for Electron UI verification, MCP-driven app control, renderer CDP interaction, native desktop automation, screenshots, or OCR-driven checks.
124SKILL.mdUpdated May 28, 2026
regenrek/search-context
testing
VerifiedTrustedCommunity
Find, clone, inspect, and summarize high-quality GitHub reference repositories for coding agents. Use when a user asks for GitHub reference projects, examples, prior art, inspiration, implementation patterns, or includes "$search-context" in a coding prompt.
124SKILL.mdUpdated May 17, 2026
regenrek/secleak-check
testing
VerifiedTrustedCommunity
Run or install repo security leak checks with BetterLeaks and Trivy. Use when asked to scan for leaked secrets, vulnerable dependencies, misconfigurations, add secret-leak guardrails, add BetterLeaks, add forbidden-path hooks, or run secleak-check before release.
114SKILL.mdUpdated May 17, 2026
regenrek/package-security-check
development
VerifiedTrustedCommunity
Run a reusable JavaScript supply-chain security baseline with pnpm-first hardening, release-age gating, lifecycle-script controls, exotic dependency checks, CI install checks, and optional incident IOC profiles.
114SKILL.mdUpdated May 13, 2026