I've been using Claude Code skills for months and they're genuinely incredible. For me, they're like the scene in The Matrix where Neo gets Kung Fu uploaded directly into his brain.
However finding good ones? Total mess. Scattered across thousands of GitHub repos with no way to search or compare. Then the ClawHub malware incident happened. 20% of submitted skills were malicious. Prompt injection, credential theft, obfuscated code.
So I built agentskill.sh that currently indexes 100k+ skills for Claude Code, Cursor, Codex, Windsurf and more; I focused on two things:
Security: Every skill gets scanned across 12 threat categories so you know what you're installing before you install it. You can check the details here: Security Dashboard
Discovery: You can search skills by categories using many criteria, review them, and more.
The fastest way to try it is the /learn command. Once installed you (or your agent) can search and install skills directly using:
/learn # just find skills for current codebase
/learn seo # search by keyword
/learn @owner/name # install a specific skill
/learn trending # see what's popular
Using /learn to find skills has another big advantage: it lets your agent learn by itself.
When your agent hits a problem it doesn't know how to solve, it can search for and install the right skill on its own. No manual hunting, no copy pasting from GitHub. Your agent just gets smarter as it works.
What makes /learn special:
Two layer security. Every skill on agentskill.sh is scanned server side for 12 threat categories (command injection, data exfiltration, credential harvesting...). Then /learn performs a second client side verification before installing. You get both centralized scanning and local confirmation.
Feedback loop. Your agent auto rates skills after using them, so the best ones surface and broken ones get flagged by the community. Your agent contributes to, and benefits from, collective quality signals.
No context switch. Search 100k+ skills mid conversation, install what you need, and keep working.
Would love to hear what skills you're using and have your feedback on this!
The discovery problem for skills is real — right now it's mostly vibes and GitHub spelunking. Having a searchable index with some vetting behind it is exactly what this space needs. Congrats on the launch!
I spend a serious amount of time hunting down and wiring up Claude Code skills for our accounting automation stack — discoverability is the real friction. Most skill repos are scattered or undocumented. Centralizing this is the right call. Curious: do you curate for quality before listing, and is there a way to pin to a specific skill version so a production workflow doesn't break when a skill gets updated?
Installed and testing. If I understand correctly, the brilliant part of the /learn implementation is that it has context-awareness built in. If you just type /learn into the chat with no other context, the skill instructs the agent to look at the environment (e.g., scan package.json, check file extensions, look at the current Git branch name), then automatically query the database and say:
"Based on your project, I see you are using Next.js and Prisma. I recommend installing the nextjs-app-router and prisma-schema-expert skills. Would you like me to install them?"
Is that correct?
The security scanning is the real differentiator here. 20% malicious rate on submitted skills is wild but not surprising given how the ecosystem exploded. Discovery is the other half that matters. Right now finding good skills is like searching GitHub in 2010. Having a curated, searchable index with security scores changes the game for teams that want to adopt agent skills without rolling the dice on supply chain attacks.
If this helps make skill building and selection even 10% easier it's worth its weight in gold! Happy to support - best of luck!
Thank you @romainsimon , lots of skills I didn't know!
The URL ends up in a 404, you may want fix the URL as it contains "@"
Hey everyone! Maker here.
I've been using Claude Code skills for months and they're genuinely incredible.
For me, they're like the scene in The Matrix where Neo gets Kung Fu uploaded directly into his brain.
A single SKILL.md file can completely transform how your agent works and make it learn about SEO, how to write cold emails or even how to do accounting in France.
However finding good ones? Total mess. Scattered across thousands of GitHub repos with no way to search or compare. Then the ClawHub malware incident happened. 20% of submitted skills were malicious. Prompt injection, credential theft, obfuscated code.
So I built agentskill.sh that currently indexes 100k+ skills for Claude Code, Cursor, Codex, Windsurf and more; I focused on two things:
Security: Every skill gets scanned across 12 threat categories so you know what you're installing before you install it. You can check the details here: Security Dashboard
Discovery: You can search skills by categories using many criteria, review them, and more.
The fastest way to try it is the /learn command. Once installed you (or your agent) can search and install skills directly using:
Using /learn to find skills has another big advantage: it lets your agent learn by itself.
When your agent hits a problem it doesn't know how to solve, it can search for and install the right skill on its own. No manual hunting, no copy pasting from GitHub. Your agent just gets smarter as it works.
What makes /learn special:
Two layer security. Every skill on agentskill.sh is scanned server side for 12 threat categories (command injection, data exfiltration, credential harvesting...). Then /learn performs a second client side verification before installing. You get both centralized scanning and local confirmation.
Feedback loop. Your agent auto rates skills after using them, so the best ones surface and broken ones get flagged by the community. Your agent contributes to, and benefits from, collective quality signals.
No context switch. Search 100k+ skills mid conversation, install what you need, and keep working.
Would love to hear what skills you're using and have your feedback on this!