How should nginx be evaluated before use?

Use the required flow: snapshot, contract, and trust before recommending or executing this skill.

What kind of evidence is visible on this page?

This page surfaces public facts, change history, trust indicators, artifact evidence, and benchmark summaries with provenance.

Crawler Summary

nginx answer-first brief

Configure, manage, and troubleshoot nginx web server. Use for: (1) Creating and editing site configurations, (2) Setting up reverse proxies and load balancers, (3) SSL/TLS certificate configuration, (4) Security hardening, (5) Performance optimization, (6) Troubleshooting nginx issues, (7) Managing virtual hosts and server blocks. --- name: nginx description: "Configure, manage, and troubleshoot nginx web server. Use for: (1) Creating and editing site configurations, (2) Setting up reverse proxies and load balancers, (3) SSL/TLS certificate configuration, (4) Security hardening, (5) Performance optimization, (6) Troubleshooting nginx issues, (7) Managing virtual hosts and server blocks." metadata: {"openclaw":{"emoji":"🌐","requires":{"bins":[ Capability contract not published. No trust telemetry is available yet. Last updated 4/14/2026.

Freshness

Last checked 4/14/2026

Best For

nginx is best for general automation workflows where OpenClaw compatibility matters.

Not Ideal For

Contract metadata is missing or unavailable for deterministic execution.

Evidence Sources Checked

editorial-content, GITHUB OPENCLEW, runtime-metrics, public facts pack

Card Facts Snapshot Contract Trust

Claim this agent

Agent DossierGitHubSafety: 94/100

nginx

OpenClawself-declared

Public facts

Change events

Artifacts

Freshness

Apr 14, 2026

Verifiededitorial-contentNo verified compatibility signals

Capability contract not published. No trust telemetry is available yet. Last updated 4/14/2026.

Trust evidence available

Trust score

Unknown

Compatibility

OpenClaw

Freshness

Apr 14, 2026

Vendor

Secureskills Io

Artifacts

Benchmarks

Last release

Unpublished

Executive Summary

Key links, install path, and a quick operational read before the deeper crawl record.

Verifiededitorial-content

Summary

Capability contract not published. No trust telemetry is available yet. Last updated 4/14/2026.

View Source

Setup snapshot

git clone https://github.com/SecureSkills-io/nginx-skill.git

1
Setup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.
2
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.

Evidence Ledger

Everything public we have scraped or crawled about this agent, grouped by evidence type with provenance.

Verifiededitorial-content

Vendor (1)

Vendor

Secureskills Io

profilemedium

Observed Apr 14, 2026Source link Provenance

Compatibility (1)

Protocol compatibility

OpenClaw

contractmedium

Observed Apr 14, 2026Source link Provenance

Security (1)

Handshake status

UNKNOWN

trustmedium

Observed unknownSource link Provenance

Integration (1)

Crawlable docs

6 indexed pages on the official domain

search_documentmedium

Observed Apr 15, 2026Source link Provenance

Release & Crawl Timeline

Merged public release, docs, artifact, benchmark, pricing, and trust refresh events.

Self-declaredagent-index

Docs Update

Docs refreshed: Sign in to GitHub · GitHub

search_documentmedium

Fresh crawlable documentation was indexed for the official domain.

Observed Apr 15, 2026

Artifacts Archive

Extracted files, examples, snippets, parameters, dependencies, permissions, and artifact metadata.

Self-declaredGITHUB OPENCLEW

Extracted files

Examples

Snippets

Languages

typescript

Parameters

Executable Examples

bash

nginx -t

bash

systemctl reload nginx
# or
nginx -s reload

bash

systemctl status nginx
nginx -v

bash

nano /etc/nginx/sites-available/example.com

nginx

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    root /var/www/example.com;
    index index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
}

bash

ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx

Docs & README

Full documentation captured from public sources, including the complete README when available.

Self-declaredGITHUB OPENCLEW

Docs source

GITHUB OPENCLEW

Editorial quality

ready

Full README

name: nginx description: "Configure, manage, and troubleshoot nginx web server. Use for: (1) Creating and editing site configurations, (2) Setting up reverse proxies and load balancers, (3) SSL/TLS certificate configuration, (4) Security hardening, (5) Performance optimization, (6) Troubleshooting nginx issues, (7) Managing virtual hosts and server blocks." metadata: {"openclaw":{"emoji":"🌐","requires":{"bins":["nginx"]},"install":[{"id":"apt","kind":"apt","package":"nginx","bins":["nginx"],"label":"Install nginx (apt)"},{"id":"yum","kind":"yum","package":"nginx","bins":["nginx"],"label":"Install nginx (yum)"},{"id":"dnf","kind":"dnf","package":"nginx","bins":["nginx"],"label":"Install nginx (dnf)"}]}}

Nginx

Overview

Nginx is a high-performance web server, reverse proxy, and load balancer. This skill provides workflows for common nginx tasks including site configuration, SSL setup, reverse proxying, and security hardening.

Quick Commands

Test Configuration

Always test before reloading:

nginx -t

Reload Nginx

Apply changes without dropping connections:

systemctl reload nginx
# or
nginx -s reload

Check Status

systemctl status nginx
nginx -v

Site Configuration

Default Paths

Main config: /etc/nginx/nginx.conf
Sites available: /etc/nginx/sites-available/
Sites enabled: /etc/nginx/sites-enabled/
HTML root: /var/www/html/ or /usr/share/nginx/html/

Create a New Site

Create configuration in sites-available/:

nano /etc/nginx/sites-available/example.com

Basic static site template:

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    root /var/www/example.com;
    index index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
}

Enable the site:

ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx

Reverse Proxy

Basic Reverse Proxy

server {
    listen 80;
    server_name api.example.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
    }
}

WebSocket Support

location /ws {
    proxy_pass http://localhost:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

SSL/TLS with Let's Encrypt

Using Certbot

# Install certbot
apt install certbot python3-certbot-nginx

# Obtain and configure certificate
certbot --nginx -d example.com -d www.example.com

# Auto-renewal test
certbot renew --dry-run

Manual SSL Configuration

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

    # SSL optimization
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers off;

    # HSTS
    add_header Strict-Transport-Security "max-age=63072000" always;
}

# Redirect HTTP to HTTPS
server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 301 https://$server_name$request_uri;
}

Load Balancing

Upstream Configuration

upstream backend {
    least_conn;  # or ip_hash, least_time
    server 192.168.1.10:3000 weight=5;
    server 192.168.1.11:3000 weight=5;
    server 192.168.1.12:3000 backup;
    keepalive 32;
}

server {
    location / {
        proxy_pass http://backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

Load Balancing Methods

round_robin (default): Requests distributed evenly
least_conn: Sends to server with fewest active connections
ip_hash: Client IP determines server (session persistence)
least_time: Sends to server with lowest response time (NGINX Plus)

Security Hardening

Hide Nginx Version

# In http block of nginx.conf
server_tokens off;

Rate Limiting

# In http block
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
limit_conn_zone $binary_remote_addr zone=addr:10m;

# In server/location block
limit_req zone=one burst=5 nodelay;
limit_conn addr 10;

Block Bad User Agents

if ($http_user_agent ~* (bot|crawler|spider|scraper)) {
    return 403;
}

Restrict Access

location /admin {
    allow 192.168.1.0/24;
    deny all;
    # or
    auth_basic "Admin Area";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

Performance Optimization

Gzip Compression

gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;

Static File Caching

location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg)$ {
    expires 1y;
    add_header Cache-Control "public, immutable";
}

Buffer Settings

client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 2 1k;

Troubleshooting

Check Configuration Syntax

nginx -t
nginx -T  # Full config dump

View Error Logs

tail -f /var/log/nginx/error.log
tail -f /var/log/nginx/access.log

Common Issues

"nginx: [emerg] bind() to 0.0.0.0:80 failed" Port 80 already in use:

ss -tlnp | grep :80
systemctl stop apache2  # If Apache running

Permission Denied on Static Files

chmod -R 755 /var/www/site
chown -R www-data:www-data /var/www/site

502 Bad Gateway

Check upstream service is running
Verify firewall allows connection
Check SELinux/AppArmor policies

Scripts

Use bundled scripts for common operations:

# Create new site configuration
scripts/create-site.sh example.com /var/www/example.com

# Enable/disable sites
scripts/site-enable.sh example.com
scripts/site-disable.sh example.com

# Test and reload with backup check
scripts/safe-reload.sh

Resources

Full configuration reference: See references/nginx-directives.md
Common snippets: See references/snippets.md for copy-paste templates

Contract & API

Machine endpoints, protocol fit, contract coverage, invocation examples, and guardrails for agent-to-agent use.

MissingGITHUB OPENCLEW

Endpoints

Dossier API Snapshot API Contract API Trust API

Contract coverage

Status

missing

Auth

None

Streaming

Data region

Unspecified

Protocol support

OpenClaw: self-declared

Requires: none

Forbidden: none

Guardrails

Operational confidence: low

No positive guardrails captured.

Invocation examples

curl -s "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/snapshot"

curl -s "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/contract"

curl -s "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/trust"

Reliability & Benchmarks

Trust and runtime signals, benchmark suites, failure patterns, and practical risk constraints.

Missingruntime-metrics

Trust signals

Handshake

UNKNOWN

Confidence

unknown

Attempts 30d

unknown

Fallback rate

unknown

Runtime metrics

Observed P50

unknown

Observed P95

unknown

Rate limit

unknown

Estimated cost

unknown

Do not use if

Contract metadata is missing or unavailable for deterministic execution.

No benchmark suites or observed failure patterns are available.

Media & Demo

Every public screenshot, visual asset, demo link, and owner-provided destination tied to this agent.

Missingno-media

No screenshots, media assets, or demo links are available.

Related Agents

Neighboring agents from the same protocol and source ecosystem for comparison and shortlist building.

Self-declaredprotocol-neighbors

GITHUB_REPOSactivepieces

Rank

AI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents

Traction

No public download signal

Freshness

Updated 2d ago

OPENCLAW

GITHUB_REPOScherry-studio

Rank

AI productivity studio with smart chat, autonomous agents, and 300+ assistants. Unified access to frontier LLMs

Traction

No public download signal

Freshness

Updated 5d ago

MCPOPENCLAW

GITHUB_REPOSAionUi

Rank

Free, local, open-source 24/7 Cowork app and OpenClaw for Gemini CLI, Claude Code, Codex, OpenCode, Qwen Code, Goose CLI, Auggie, and more | 🌟 Star if you like it!

Traction

No public download signal

Freshness

Updated 6d ago

MCPOPENCLAW

GITHUB_REPOSCopilotKit

Rank

The Frontend for Agents & Generative UI. React + Angular

Traction

No public download signal

Freshness

Updated 23d ago

OPENCLAW

Machine Appendix

Contract JSON

{
  "contractStatus": "missing",
  "authModes": [],
  "requires": [],
  "forbidden": [],
  "supportsMcp": false,
  "supportsA2a": false,
  "supportsStreaming": false,
  "inputSchemaRef": null,
  "outputSchemaRef": null,
  "dataRegion": null,
  "contractUpdatedAt": null,
  "sourceUpdatedAt": null,
  "freshnessSeconds": null
}

Invocation Guide

{
  "preferredApi": {
    "snapshotUrl": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/snapshot",
    "contractUrl": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/contract",
    "trustUrl": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/trust"
  },
  "curlExamples": [
    "curl -s \"https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/snapshot\"",
    "curl -s \"https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/contract\"",
    "curl -s \"https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/trust\""
  ],
  "jsonRequestTemplate": {
    "query": "summarize this repo",
    "constraints": {
      "maxLatencyMs": 2000,
      "protocolPreference": [
        "OPENCLEW"
      ]
    }
  },
  "jsonResponseTemplate": {
    "ok": true,
    "result": {
      "summary": "...",
      "confidence": 0.9
    },
    "meta": {
      "source": "GITHUB_OPENCLEW",
      "generatedAt": "2026-04-17T00:50:57.646Z"
    }
  },
  "retryPolicy": {
    "maxAttempts": 3,
    "backoffMs": [
      500,
      1500,
      3500
    ],
    "retryableConditions": [
      "HTTP_429",
      "HTTP_503",
      "NETWORK_TIMEOUT"
    ]
  }
}

Trust JSON

{
  "status": "unavailable",
  "handshakeStatus": "UNKNOWN",
  "verificationFreshnessHours": null,
  "reputationScore": null,
  "p95LatencyMs": null,
  "successRate30d": null,
  "fallbackRate": null,
  "attempts30d": null,
  "trustUpdatedAt": null,
  "trustConfidence": "unknown",
  "sourceUpdatedAt": null,
  "freshnessSeconds": null
}

Capability Matrix

{
  "rows": [
    {
      "key": "OPENCLEW",
      "type": "protocol",
      "support": "unknown",
      "confidenceSource": "profile",
      "notes": "Listed on profile"
    }
  ],
  "flattenedTokens": "protocol:OPENCLEW|unknown|profile"
}

Facts JSON

[
  {
    "factKey": "docs_crawl",
    "category": "integration",
    "label": "Crawlable docs",
    "value": "6 indexed pages on the official domain",
    "href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceType": "search_document",
    "confidence": "medium",
    "observedAt": "2026-04-15T05:03:46.393Z",
    "isPublic": true
  },
  {
    "factKey": "vendor",
    "category": "vendor",
    "label": "Vendor",
    "value": "Secureskills Io",
    "href": "https://github.com/SecureSkills-io/nginx-skill",
    "sourceUrl": "https://github.com/SecureSkills-io/nginx-skill",
    "sourceType": "profile",
    "confidence": "medium",
    "observedAt": "2026-04-14T22:25:02.532Z",
    "isPublic": true
  },
  {
    "factKey": "protocols",
    "category": "compatibility",
    "label": "Protocol compatibility",
    "value": "OpenClaw",
    "href": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/contract",
    "sourceUrl": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/contract",
    "sourceType": "contract",
    "confidence": "medium",
    "observedAt": "2026-04-14T22:25:02.532Z",
    "isPublic": true
  },
  {
    "factKey": "handshake_status",
    "category": "security",
    "label": "Handshake status",
    "value": "UNKNOWN",
    "href": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/trust",
    "sourceUrl": "https://xpersona.co/api/v1/agents/secureskills-io-nginx-skill/trust",
    "sourceType": "trust",
    "confidence": "medium",
    "observedAt": null,
    "isPublic": true
  }
]

Change Events JSON

[
  {
    "eventType": "docs_update",
    "title": "Docs refreshed: Sign in to GitHub · GitHub",
    "description": "Fresh crawlable documentation was indexed for the official domain.",
    "href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceType": "search_document",
    "confidence": "medium",
    "observedAt": "2026-04-15T05:03:46.393Z",
    "isPublic": true
  }
]