Skills
skills/outfitter-dev/agents/claude-skills

claude-skills

SKILL.md

Claude Code Skills

Steps

  1. Load the outfitter:skills-dev skill
  2. Consider the Claude Code-specific features that extend the base specification within this skill

Frontmatter Extensions

Claude Code extends the base Agent Skills frontmatter:

Field Type Description
allowed-tools string Space-separated tools that run without permission prompts
user-invocable boolean Default true. Set false to prevent /skill-name access
disable-model-invocation boolean Prevents auto-activation; requires manual Skill tool invocation
context string inherit (default) or fork for isolated subagent execution
agent string Agent for context: fork (e.g., Explore, outfitter:analyst)
model string Override model: haiku, sonnet, or opus
hooks object Lifecycle hooks: on-activate, on-complete
argument-hint string Hint shown after /skill-name (e.g., [file path])

Example

---
name: code-review
version: 1.0.0
description: Reviews code for bugs, security, and best practices. Use when reviewing PRs, auditing code, or before merging.
allowed-tools: Read Grep Glob Bash(git diff *)
argument-hint: [file or directory]
model: sonnet
---

Tool Restrictions

Use allowed-tools to specify which tools run without permission prompts.

Syntax

# Space-separated list
allowed-tools: Read Grep Glob

# With Bash patterns
allowed-tools: Read Write Bash(git *) Bash(npm run *)

# MCP tools (double underscore format)
allowed-tools: Read mcp__linear__create_issue mcp__memory__store

Bash Pattern Syntax

Pattern Meaning Example
Bash(git *) All git commands git status, git commit
Bash(git add:*) Specific subcommand git add ., git add file.ts
Bash(npm run *:*) Nested patterns npm run test:unit

Common Patterns

# Read-only analysis
allowed-tools: Read Grep Glob

# File modifications
allowed-tools: Read Edit Write

# Git operations
allowed-tools: Read Write Bash(git *)

# Testing workflows
allowed-tools: Read Write Bash(bun test:*) Bash(npm test:*)

# Full development
allowed-tools: Read Edit Write Bash(git *) Bash(bun *) Bash(npm *)

Tool Names (Case-Sensitive)

Tool Purpose
Read Read files
Write Write new files
Edit Edit existing files
Grep Search file contents
Glob Find files by pattern
Bash Execute bash commands
WebFetch Fetch web content
WebSearch Search the web

User Invocable Skills

Skills are callable as /skill-name by default. Use user-invocable: false for auto-activate-only skills.

---
name: code-review
description: Reviews code for bugs and best practices...
argument-hint: [file or PR number]
---

Users invoke with /code-review src/auth.ts or wait for auto-activation.

Disabling Slash Command Access

---
name: internal-validator
description: Validates internal state when specific patterns are detected...
user-invocable: false
---

Arguments

The argument-hint field provides context in the command picker:

argument-hint: [error message or bug description]

Arguments available via $ARGUMENTS in skill body.

String Substitutions

Pattern Replaced With
$ARGUMENTS User input after /skill-name
${CLAUDE_SESSION_ID} Current session identifier
${CLAUDE_PLUGIN_ROOT} Path to the plugin root directory

Example

# Debug Skill

Investigating: $ARGUMENTS

Session: ${CLAUDE_SESSION_ID}

Use the debugging script:
${CLAUDE_PLUGIN_ROOT}/scripts/debug-helper.ts

Dynamic Context Injection

Use backtick-command syntax to inject dynamic content:

## Current Git Status

`git status`

## Recent Changes

`git log --oneline -5`

Commands execute when Claude loads the skill; output replaces the syntax.

Use cases: Current branch state, environment info, dynamic config, recent history.

Context Modes

The context field controls execution environment.

inherit (default)

Skill runs in main conversation context with access to history and prior tool results.

context: inherit

fork

Skill runs in isolated subagent context. Useful for:

  • Preventing context pollution
  • Parallel execution
  • Specialized processing that shouldn't affect main conversation
context: fork
agent: outfitter:analyst
model: haiku

When context: fork, specify:

  • agent: Which agent handles the fork
  • model: Override model for forked context

In Steps sections: Use "delegate by loading" language for delegated skills (they run agents, not load instructions):

3. Delegate by loading the `outfitter:security-audit` skill for vulnerability scan

See context-modes.md for patterns.

Testing

claude --debug

Debug output shows:

  • Loaded skill: skill-name from path — Skill discovered
  • Error loading skill: reason — Loading failed
  • Considering skill: skill-name — Activation evaluated
  • Skill allowed-tools: [list] — Tool restrictions applied

Testing Process

  1. Verify loading: claude --debug and check for load messages
  2. Test discovery: Ask something that should trigger the skill
  3. Verify tool restrictions: Confirm permitted tools run without prompts
  4. Test with real data: Run actual workflows

Force Skill Reload

Skills are cached per session. To reload after changes:

/clear

Troubleshooting

Skill Not Loading

Check file location:

# Personal skills
ls ~/.claude/skills/my-skill/SKILL.md

# Project skills
ls .claude/skills/my-skill/SKILL.md

# Plugin skills
ls <plugin-path>/skills/my-skill/SKILL.md

Validate YAML frontmatter:

# Check for tabs (YAML requires spaces)
grep -P "\t" SKILL.md

Skill Not Activating

Improve description specificity:

# Before (too vague)
description: Helps with files

# After (specific with triggers)
description: Parse and validate JSON files including schema validation. Use when working with JSON data, .json files, or configuration files.

Add trigger keywords users naturally say: file types (.pdf, .json), actions (parse, validate), domains (API, database).

Tool Permission Errors

Tool names are case-sensitive:

# Correct
allowed-tools: Read Grep Glob

# Wrong
allowed-tools: read grep glob

Bash patterns need wildcards:

# Correct
allowed-tools: Bash(git *)

# Wrong (matches nothing)
allowed-tools: Bash(git)

MCP tools use double underscores:

# Correct
allowed-tools: mcp__memory__store

# Wrong
allowed-tools: mcp_memory_store

Integration Patterns

With Commands

Skills activate automatically when commands need their expertise:

Command (.claude/commands/analyze-pdf.md):

---
description: Analyze PDF file
---

Analyze this PDF file: $ARGUMENTS

Use the PDF processing skill for extraction and analysis.

With Hooks

Hooks can suggest skill usage:

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Write(*.ts)|Edit(*.ts)",
        "hooks": [{ "type": "command", "command": "echo 'Consider typescript-linter skill'" }]
      }
    ]
  }
}

Using Skill Tool

Load skills programmatically:

Use the Skill tool to invoke the pdf-processor skill

Useful for forcing activation, chaining skills, loading for agents.

See integration.md for advanced patterns.

Master-Clone Architecture

For orchestrating specialized work with context isolation:

Master Agent: Coordinates, maintains conversation context, delegates specialized tasks Clone Agents: Isolated context, loads specific skill, returns focused output

User request
   |
Master agent decides: needs security analysis
   |
Launch clone agent with security-audit skill
   |
Clone returns findings (only findings in main context)
   |
Master synthesizes and continues

Implementation

---
name: security-audit
context: fork
agent: outfitter:reviewer
model: sonnet
---

Or via Task tool:

{
  "description": "Security audit of auth module",
  "prompt": "Review src/auth/ for vulnerabilities using security-audit skill",
  "subagent_type": "outfitter:reviewer",
  "run_in_background": true
}

References

Reference Content
context-modes.md Fork vs inherit patterns
integration.md Commands, hooks, MCP integration
performance.md Token impact, optimization
Weekly Installs
7
Repository
outfitter-dev/agents
GitHub Stars
25
First Seen
Jan 29, 2026
Security Audits
Gen Agent Trust HubFail
SocketPass
SnykWarn
Installed on
opencode6
github-copilot6
codex6
gemini-cli5
kimi-cli5
amp5