openssl

Files

SKILL.mdagentsreferencesscripts

Install

Install only this skill with npx skills

npx skills add alisonaquinas/llm-shared-skills --skill 'openssl' -g -y

Install the containing skill bundle

/plugin install shared-skills@llm-skills

Download openssl-skill.zip

This skill is bundled inside shared-skills. Use npx skills when you only want this skill, or install the bundle once to make every included skill available through the plugin marketplace flow. Browse the full skill bundle repository at github.com/alisonaquinas/llm-shared-skills.

Invoke

Invoke this skill after installation

/shared-skills:openssl

SKILL.md

name: openssl description: Perform cryptographic operations including certificate inspection, key generation, hashing, and TLS diagnostics with explicit subcommands. Use when the agent needs certificate validation, key conversion, secure random generation, or encryption operations.

Cryptographic operations for certificates, keys, hashing, and TLS diagnostics.

Quick Start

Verify openssl is available: openssl version or man openssl
Establish the command surface: openssl help or openssl help <subcommand>
Start with read-only inspection: openssl x509 -in cert.pem -noout -text

Intent Router

Load only the reference file needed for the active request.

references/install-and-setup.md — Installing openssl on macOS, Linux, Windows
references/cheatsheet.md — Subcommands, certificate operations, key management
references/advanced-usage.md — Advanced key operations, encryption, scripting patterns
references/troubleshooting.md — Certificate validation errors, key issues, TLS diagnostics

Core Workflow

Verify openssl is available: openssl version
Identify the subcommand needed (x509, rsa, enc, etc.)
Use explicit algorithm parameters (e.g., -sha256, -aes-256-cbc)
Validate certificates and keys before using them
Never expose private keys or passphrases in logs

Quick Command Reference

openssl version                        # Check version
openssl help                           # List all subcommands
openssl x509 -in cert.pem -noout -text # Inspect certificate
openssl rsa -in key.pem -noout -text   # Inspect private key
openssl dgst -sha256 file.bin          # Compute SHA-256 hash
openssl rand -hex 32                   # Generate random bytes
openssl s_client -connect host:443     # Test TLS connection
man openssl                            # Full manual

Safety Notes

Area	Guardrail
Private keys	Never expose in logs, history, or files. Use `-noout` for inspection. Restrict file permissions (chmod 600).
Passphrases	Use interactive password prompt, never command-line arguments. Passphrases visible in history.
Certificate validation	Verify chain trust, expiration, and hostname separately. Don't trust self-signed unless explicit.
Key generation	Always use explicit algorithms (RSA, ECDSA with curve). Document key sizes.
TLS diagnostics	Use `s_client` carefully. Don't verify untrusted certificates.
Encryption	State algorithm explicitly. Use authenticated encryption when possible.

Source Policy

Treat the installed openssl behavior and man openssl as runtime truth.
Use OpenSSL documentation for cryptographic best practices.

Resource Index

scripts/install.sh — Install openssl on macOS or Linux.
scripts/install.ps1 — Install openssl on Windows or any platform via PowerShell.