Install missing or useful system packages declaratively on macOS hosts managed by nix-darwin. Use when a command needed for the current task is missing, when installing a CLI or GUI app would materially help complete work, or when the user explicitly asks to install software. Prefer nixpkgs packages first, then Homebrew brews, then Homebrew casks. Ask the user to confirm the package choice and whether the install should be host-specific or shared before editing config or running the rebuild.
Treat package installation as a declarative config change in ~/nixos-config, not an imperative machine action. Read references/workflow.md at the start to get the repo-specific paths, edit targets, rebuild command, verification rules, and git behavior.
nixpkgs packagereferences/workflow.md.origin.nixpkgs package satisfies the need.brew over cask for CLI tools that exist in both.cask for GUI applications or app bundles.command -v <command> and a lightweight version or help check when sensible.brew install, brew upgrade, nix profile install, or similar one-off package installs.rg, the command is missing, and ripgrep would unblock the work. Propose pkgs.ripgrep first, show any viable Homebrew fallback, ask about host-specific versus shared scope, then proceed declaratively if the user approves.