skills-discovery
Skills Discovery
Find community skills and plugins, evaluate quality and safety before use.
<when_to_use>
- Searching for existing skills before building from scratch
- Evaluating community plugins for safety and quality
- Finding inspiration for skill design patterns
- Auditing plugins before installation
NOT for: creating new skills (use skills-dev), validating your own skills (use skills-dev)
</when_to_use>
Discovery Workflow
- Search — Find candidates via GitHub topics or code search
- Filter — Apply quality heuristics to shortlist
- Audit — Security review before installation
- Adapt — Customize or extract patterns for your use
GitHub Discovery
Topic Pages
High-signal discovery starting points:
| Topic | Content | URL |
|---|---|---|
claude-code-plugin |
Plugins | https://github.com/topics/claude-code-plugin |
claude-code-plugin-marketplace |
Marketplaces | https://github.com/topics/claude-code-plugin-marketplace |
claude-code-skills |
Skill packs | https://github.com/topics/claude-code-skills |
claude-code-skill |
Individual skills | https://github.com/topics/claude-code-skill |
Code Search Patterns
Precise searches for specific artifacts:
# Find SKILL.md files in .claude/skills paths
filename:SKILL.md path:.claude/skills
# Find marketplace configurations
".claude-plugin/marketplace.json"
# Find plugin manifests
".claude-plugin/plugin.json"
# Find hook configurations
"PreToolUse" AND hooks
# Find skills with specific features
filename:SKILL.md "context: fork"
filename:SKILL.md "allowed-tools"
filename:SKILL.md "disable-model-invocation"
Recency Filters
Focus on actively maintained projects (adjust dates as needed):
# Updated in last 90 days (calculate: date -v-90d +%Y-%m-%d)
pushed:>YYYY-MM-DD
# Updated since plugins era (Oct 2025+)
pushed:>2025-10-01
Official Sources
| Source | Trust Level | Notes |
|---|---|---|
| anthropics/claude-plugins-official | High | Curated, reviewed |
| agentskills/agentskills | High | Spec + reference skills |
| platform.claude.com docs | High | Official patterns |
| Community topics | Medium | Popularity ≠ quality |
| "Awesome" lists | Low-Medium | Curated but not audited |
Quality Heuristics
Real Usage Signals
| Signal | Good | Suspicious |
|---|---|---|
| Updates | Recent commits, active issues | Stale for 6+ months |
| Stars | Steady growth | Sudden spike (star farming) |
| Issues/PRs | Open and being addressed | Many open, no responses |
| Install docs | Uses official commands | "curl | bash" installs |
| Dependencies | Minimal, explained | Many unexplained deps |
Content Quality
| Check | Good | Bad |
|---|---|---|
| Description | Clear WHAT + WHEN + TRIGGERS | Vague "helps with files" |
allowed-tools |
Minimal, justified | Full tool access |
disable-model-invocation |
Used for side effects | Missing for deploy/commit |
| Scripts | Documented, minimal | Obfuscated, complex |
| Hooks | Obvious purpose | Hidden network calls |
Marketplaces
| Good Sign | Red Flag |
|---|---|
| Version pinning | Floating branches |
| Listed sources visible | Opaque references |
| Clear update policy | Silent auto-updates |
| Curated with criteria | "Everything goes" |
Security Audit
Threat Model
Installing skills/plugins = running code. Treat with same care as npm packages.
| Surface | Risk | Mitigation |
|---|---|---|
| Skills with Bash | Command execution | Review allowed-tools |
| Hooks | Lifecycle interception | Review hook scripts |
| MCP servers | External connections | Review endpoints |
Preprocessing ! |
Shell before thinking | Review commands |
Audit Checklist
Before installing, review:
For Skills:
- Read SKILL.md frontmatter (
allowed-tools,disable-model-invocation) - Check for scripts/ directory — review any scripts
- Search for
!`preprocessing commands - Verify no secrets/credentials in files
For Plugins:
- Read .claude-plugin/plugin.json
- Check for hooks/ — review hook scripts
- Check for .mcp.json — review MCP endpoints
- Review all referenced skill SKILL.md files
For Hooks:
- Understand exit code semantics (0=allow, 2=block)
- Check for network calls in hook scripts
- Verify no data exfiltration patterns
Sandboxing
When running untrusted skills:
- Restrict tools — Start with minimal
allowed-tools, expand as needed - Isolate context — Use
context: forkto limit blast radius - Block side effects — Add
disable-model-invocation: trueinitially - Monitor first run — Watch tool calls on first execution
Safe First Run
# Test skill in restricted mode:
---
name: untrusted-skill-test
allowed-tools: Read, Grep, Glob # read-only first
context: fork # isolated
disable-model-invocation: true # explicit only
---
Expand permissions only after reviewing behavior.
Use Case Catalog
Common skill categories with examples (for inspiration, not endorsement):
Workflow Automation
| Pattern | What It Does | Key Features |
|---|---|---|
| PR workflows | Summarize, review, update PRs | Preprocessing with gh |
| Issue pipelines | Triage → implement → ship | Artifact-based state |
| Release automation | Preflight → deploy → verify | Side-effect gates |
Code Quality
| Pattern | What It Does | Key Features |
|---|---|---|
| Spec gates | Verify scope before coding | Fork for clean analysis |
| Adversarial review | Security-focused code review | Threat model in artifacts |
| Refactor loops | Safe read-only explore first | Tool restrictions |
Domain Skills
| Pattern | What It Does | Key Features |
|---|---|---|
| Framework-specific | Rails, React, etc conventions | Nested skill discovery |
| DB-aware | Schema injection for queries | Preprocessing with psql |
| Platform integrations | Jira, Linear, GitHub | MCP or API wrappers |
Safety & Guardrails
| Pattern | What It Does | Key Features |
|---|---|---|
| Safety nets | Block irreversible operations | PreToolUse hooks |
| Hardstops | Require human acknowledgment | Exit code blocking |
| Test gates | Enforce tests before commit | Hook enforcement |
Context Management
| Pattern | What It Does | Key Features |
|---|---|---|
| Memory plugins | Persist across sessions | MCP-backed storage |
| Context ledgers | Rolling state in files | Hook-driven updates |
| Constraint files | Minimal "always load" context | Shared conventions |
Extraction Patterns
When you find a useful skill, extract patterns rather than copying wholesale:
- Identify the pattern — What makes it work?
- Adapt to your context — Match your conventions
- Minimize scope — Take only what you need
- Document provenance — Note where the pattern came from
ALWAYS:
- Verify recency (prefer active projects)
- Review security surfaces before install
- Start with restricted permissions
- Document what you installed and why
NEVER:
- Blindly install from unknown sources
- Trust stars as quality signal
- Run obfuscated scripts
- Skip hook script review
- discovery-patterns.md — Detailed GitHub search patterns
- security-checklist.md — Full audit checklist
- use-cases.md — Extended use case catalog
More from outfitter-dev/agents
codebase-recon
This skill should be used when analyzing codebases, understanding architecture, or when "analyze", "investigate", "explore code", or "understand architecture" are mentioned.
92graphite-stacks
This skill should be used when the user asks to "create a stack", "submit stacked PRs", "gt submit", "gt create", "reorganize branches", "fix stack corruption", or mentions Graphite, stacked PRs, gt commands, or trunk-based development workflows.
76code-review
This skill should be used when reviewing code before commit, conducting quality gates, or when "review", "fresh eyes", "pre-commit review", or "quality gate" are mentioned.
34hono-dev
This skill should be used when building APIs with Hono, using hc client, implementing OpenAPI, or when "Hono", "RPC", or "type-safe API" are mentioned.
28software-craft
This skill should be used when making design decisions, evaluating trade-offs, assessing code quality, or when "engineering judgment" or "code quality" are mentioned.
28subagents
This skill should be used when coordinating agents, delegating tasks to specialists, or when "dispatch agents", "which agent", or "multi-agent" are mentioned.
25