Skip to main content
skillsFirst-partyReview first Safety Privacy
Docker logo

Unraid CA Template Authoring Capability Pack Skill

Expert Unraid Community Apps template capability pack for source-backed XML metadata, safer defaults, and CA submission readiness.

HarnessClaude CodeCodexWindsurfGeminiCursorCLI
Level:expertType:capability-packVerified:validated
Review first review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://ca.unraid.net/submit/help/repository-xml, https://github.com/JSONbored/awesome-claude/blob/main/content/skills/unraid-ca-template-authoring-capability-pack.mdx
Brand
Docker
Brand domain
docker.com
Brand asset source
brandfetch
Package URL
/downloads/skills/unraid-ca-template-authoring-capability-pack.zip
Package SHA256
e03f7ff071424a820999e7fb23065cac28e9689d159593aaf999e32a6d119ed7
Safety notes
Treat generated templates as review drafts; validate XML fields, image names, support links, ports, volumes, and first-boot behavior before submission., Keep defaults beginner-safe and document resource, network, socket, and permission tradeoffs clearly., Do not submit templates for images or support paths you cannot maintain.
Privacy notes
Docker template XML and appdata paths can reveal environment names, paths, credentials, or application-specific secrets., Redact private registry credentials, passwords, tokens, tunnel URLs, and user-specific paths before using real templates as examples.
Platform compatibility
claude-code (native-skill), codex (native-skill), windsurf (native-skill), gemini (native-skill), cursor (adapter), cli (manual-context)
Author
JSONbored
Claim status
unclaimed
Last verified
2026-04-11

Decision playbook

Ready to evaluate for your workflow

Signals are comparatively strong, but you should still validate source, privacy posture, and package provenance for your environment.

Compare context
Selected

0

Current score

96

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as first-party.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Complete

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    Package marked verified.

    Done
  • Checksum metadata

    SHA-256 hash is present.

    Done

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

Package install

Copy-ready — paste the snippet to get started.

Install command

Provided

Config snippet

Not provided

Copy snippet

Provided

Prerequisites

3 to clear

Platforms

6 listed

Difficulty

84/100

Adoption plan

Balanced adoption plan

Current risk score 0/100. Use staged verification before broader rollout.

Risk 0

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    Package verification/checksum metadata is available.

    Done

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (6/6 signals complete).

Risk 0

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Present

Package integrity metadata is present.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

6/6 steps complete with no blocking gaps for this preset.

Risk 0

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is available.

Done

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

3 prerequisites to line up before setup.

0/3 ready
Install & runtime1Network & hosting2

Safety & privacy surface

Safety & privacy surface

3 safety and 2 privacy notes across 4 risk areas. Review closely: credentials & tokens, permissions & scopes.

4 areas
  • SafetyGeneralTreat generated templates as review drafts; validate XML fields, image names, support links, ports, volumes, and first-boot behavior before submission.
  • SafetyPermissions & scopesKeep defaults beginner-safe and document resource, network, socket, and permission tradeoffs clearly.
  • SafetyLocal filesDo not submit templates for images or support paths you cannot maintain.
  • PrivacyCredentials & tokensDocker template XML and appdata paths can reveal environment names, paths, credentials, or application-specific secrets.
  • PrivacyCredentials & tokensRedact private registry credentials, passwords, tokens, tunnel URLs, and user-specific paths before using real templates as examples.

Safety notes

  • Treat generated templates as review drafts; validate XML fields, image names, support links, ports, volumes, and first-boot behavior before submission.
  • Keep defaults beginner-safe and document resource, network, socket, and permission tradeoffs clearly.
  • Do not submit templates for images or support paths you cannot maintain.

Privacy notes

  • Docker template XML and appdata paths can reveal environment names, paths, credentials, or application-specific secrets.
  • Redact private registry credentials, passwords, tokens, tunnel URLs, and user-specific paths before using real templates as examples.

Prerequisites

  • Container image and runtime requirements
  • Support URL and docs
  • Unraid-compatible volume/network mapping

Schema details

Install type
package
Reading time
8 min
Difficulty score
84
Troubleshooting
Yes
Breaking changes
No
Package metadata
Package verified
Yes
SHA-256
e03f7ff071424a820999e7fb23065cac28e9689d159593aaf999e32a6d119ed7
Skill and platform metadata
Skill type
capability-pack
Skill level
expert
Verification
validated
Verified at
2026-04-11
Retrieval sources
https://ca.unraid.net/submit/help/repository-xmlhttps://github.com/unraid/unraid-community-apps-starterhttps://docs.unraid.net/community-applications/https://docs.unraid.net/unraid-os/using-unraid-to/run-docker-containers/overview/https://docs.unraid.net/unraid-connect/automated-flash-backup/
Tested platforms
ClaudeCodexOpenClawCursorWindsurfGemini
PlatformSupportInstall path
claude-codeNative.claude/skills/<skill-name>/SKILL.md
codexNative.agents/skills/<skill-name>/SKILL.md
windsurfNative.windsurf/skills/<skill-name>/SKILL.md
geminiNative.gemini/skills/<skill-name>/SKILL.md or .agents/skills/<skill-name>/SKILL.md
cursorAdapter.cursor/rules/<skill-name>.mdc
cliManualAGENTS.md or tool-specific context file
Full copyable content
# Trigger
"Apply the Unraid CA template authoring capability pack."

# Required output
1) Template XML with validated metadata fields
2) Beginner-safe default config and caveats
3) Support and documentation linkage
4) CA submission checklist

About this resource

Knowledge Freshness

This capability pack is pinned to sources re-verified on 2026-06-19.

Retrieval Sources

Source Verification Notes

Verified on 2026-06-19:

  • The Community Apps repository XML help page states that repositories need valid template XML and that Docker app entries need a <Repository> tag while plugin entries need a <PluginURL> tag.
  • The official Unraid Community Apps starter repo documents ca_profile.xml, raw TemplateURL pointers, license expectations, and the same Docker/plugin minimum fields.
  • Unraid docs describe Community Applications as the app discovery/install path and note that application settings are saved as Docker template XML files.
  • Unraid's automated flash backup docs warn that Docker template XML files can contain application-specific credentials, which grounds the privacy caveats in this entry.
  • This HeyClaude skill packages those source-backed requirements into a reusable authoring checklist; the external sources document the Unraid template rules, not the existence of the downloaded HeyClaude skill package itself.

Core Workflow

  1. Define intended user profile and operational constraints.
  2. Draft CA XML with complete metadata and accurate support references.
  3. Validate defaults for first-boot safety and recovery behavior.
  4. Add caveats for resource, security, and maintenance tradeoffs.
  5. Complete submission checklist and review pass.

Overview

This skill helps agents produce community-ready Unraid templates that are practical for beginners and maintainable for operators.

Capability Scope

  • CA XML metadata completeness and minimum Docker/plugin fields
  • Beginner-safe defaults and caveats
  • Support/docs linkage quality
  • Operational tradeoff transparency
  • Submission readiness review

Compatibility

Native

  • Claude Code / Claude: native skill usage via SKILL.md.
  • Codex/OpenAI workflows: compatible with Agent Skills-style SKILL.md content as reusable workflow instructions.

Manual Adaptation

  • Gemini CLI: native skill usage via .gemini/skills/<skill-name>/SKILL.md or .agents/skills/<skill-name>/SKILL.md where supported.
  • Cursor: use the generated .cursor/rules/*.mdc adapter for project rules.
  • OpenClaw and similar agents: use the same skill content as a reusable prompt/workflow file when native skill import is unavailable.

Production Rules

  • Maintain accurate CA metadata and reachable support links.
  • Keep defaults beginner-safe with explicit tradeoff notes.
  • Validate networking, storage, and permission assumptions.
  • Treat template updates as user-impacting changes with clear notes.

Troubleshooting

Issue: Template rejected for weak metadata
Fix: complete Project, Support, TemplateURL, Icon, and Overview fields.

Issue: New users fail first boot
Fix: tighten defaults and add explicit setup prerequisites.

Issue: Support load spikes after release
Fix: publish FAQ + known limitations before submission.

Output Contract

  1. Production-ready CA template metadata.
  2. Safe default config and caveat notes.
  3. Review checklist with unresolved gaps.
  4. Submission package summary.

Source citations

Add this badge to your README

Show that Unraid CA Template Authoring Capability Pack Skill is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/skills/unraid-ca-template-authoring-capability-pack.svg)](https://heyclau.de/entry/skills/unraid-ca-template-authoring-capability-pack)

How it compares

Unraid CA Template Authoring Capability Pack Skill side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).

Next steps differ across entries — use the actions in the table below to copy install commands and source links per resource.

Field

Expert Unraid Community Apps template capability pack for source-backed XML metadata, safer defaults, and CA submission readiness.

Open dossier

Deep, version-pinned Unraid API capability skill covering auth, schema patterns, safe mutations, and operational automation design.

Open dossier

Expert Raycast extension maintainer capability pack for reviewing Raycast command structure, manifest metadata, API usage, store submission checks, and privacy-safe release notes aligned to official Raycast developer docs.

Open dossier

Expert Claude Agent SDK custom tool authoring capability pack for designing typed in-process tools with createSdkMcpServer, allowedTools scoping, isError handling, and privacy-safe rollout checklists aligned to official custom-tools documentation.

Open dossier
Next stepsDiffers
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustDiffersPackage verified2026-04-11Package verified2026-04-10Package not verifiedPackage not verified
Source provenanceDiffersSource-backedNo submission linkSubmission linkedSource submissionSubmission linkedSource submission
SubmitterDifferskiannidevkiannidev
Install riskReview firstLow riskReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
BrandDocker logoDockerRaycast logoRaycast
Categoryskillsskillsskillsskills
Sourcefirst-partyfirst-partysource-backedsource-backed
AuthorJSONboredJSONboredkiannidevkiannidev
Added2026-04-112026-04-102026-06-152026-06-16
Platforms
Claude CodeCodexWindsurfGeminiCursorCLI
Claude CodeCodexWindsurfGeminiCursorCLI
Claude CodeCodexWindsurfGeminiCursorCLIRaycast
Claude CodeCodexWindsurfGeminiCursorCLI
Source repo
Safety notesTreat generated templates as review drafts; validate XML fields, image names, support links, ports, volumes, and first-boot behavior before submission. Keep defaults beginner-safe and document resource, network, socket, and permission tradeoffs clearly. Do not submit templates for images or support paths you cannot maintain.Can design automation for live browsers, accounts, workflows, or infrastructure; use staging targets and human approval before destructive or account-write actions. Keep API tokens and service credentials least-privileged, and verify generated runbooks before scheduling or unattended execution.This skill reviews extension behavior; it must not publish store updates or run untrusted extension code without maintainer approval. Extensions can invoke network APIs and local filesystem operations; verify least-privilege scopes before release. Do not embed long-lived API tokens in source; prefer Raycast preferences and secure storage patterns. Third-party dependencies in extensions inherit supply-chain risk; review updates before shipping.Tool descriptions and annotations are hints, not enforcement—validate destructive inputs in handlers. Wildcard mcp__server__* allowlists expand blast radius; prefer per-tool grants in production. Throwing from a handler stops the query; return isError for recoverable failures per custom-tools docs. In-process tools run inside your application whenever Claude calls them; gate writes explicitly.
Privacy notesDocker template XML and appdata paths can reveal environment names, paths, credentials, or application-specific secrets. Redact private registry credentials, passwords, tokens, tunnel URLs, and user-specific paths before using real templates as examples.Inputs and outputs can include browser state, account metadata, workflow payloads, infrastructure inventory, logs, and operational screenshots. Redact credentials, session data, customer records, internal hostnames, and private workspace details before sharing prompts or artifacts.Raycast extensions may read clipboard, local files, or user preferences depending on API usage. Network calls can transmit query text, auth tokens, and user identifiers to third-party services. Store release notes should not include internal API keys, employee data, or customer examples. Telemetry or analytics SDKs require explicit disclosure in extension README and store metadata.Tool schemas, inputs, and results enter model context each turn—never embed secrets in descriptions. Large tool sets increase context usage; defer rarely used tools via tool search when scaling. Structured outputs and logs may reach host telemetry—redact customer identifiers at handler boundaries. External APIs invoked by handlers may log request metadata governed by vendor retention policies.
Prerequisites
  • Container image and runtime requirements
  • Support URL and docs
  • Unraid-compatible volume/network mapping
  • Unraid server with API enabled
  • Scoped API key/token
  • Target operation runbook and maintenance policy
  • Local Raycast development environment with the extension repository checked out.
  • Access to extension source, package.json, manifest, and command entry points.
  • Raycast CLI or store submission credentials for the maintainer account when publishing.
  • Ability to run extension tests or manual command checks before release.
  • Claude Agent SDK installed for TypeScript or Python with a working query loop.
  • Zod (TypeScript) or dict/JSON Schema (Python) for tool input contracts.
  • Written list of side effects each custom tool may perform and who approves them.
  • Staging environment to validate allowedTools, permissions, and error paths.
Install
curl -L https://heyclau.de/downloads/skills/unraid-ca-template-authoring-capability-pack.zip -o unraid-ca-template-authoring-capability-pack.zip && unzip -o unraid-ca-template-authoring-capability-pack.zip -d ./unraid-ca-template-authoring-capability-pack
curl -L https://heyclau.de/downloads/skills/unraid-api-v2-capability-pack.zip -o unraid-api-v2-capability-pack.zip && unzip -o unraid-api-v2-capability-pack.zip -d ./unraid-api-v2-capability-pack
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.