- Home
- Skills
- Outfitter Dev
- Agents
- Skills Discovery
skills-discovery_skill
- TypeScript
25
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill outfitter-dev/agents --skill skills-discovery- SKILL.md7.9 KB
Overview
This skill helps you find and evaluate community skills, plugins, and marketplaces so you can reuse proven patterns safely. It guides discovery on public code platforms, applies quality heuristics, and outlines a security-first audit workflow. Use it to decide whether to adopt, adapt, or avoid a community contribution.
How this skill works
The skill searches public projects and curated topic pages to surface candidate skills and plugins, then filters them with practical quality heuristics (recency, usage signals, content clarity). It provides an audit checklist for security surfaces, sandboxing guidance for first runs, and extraction patterns to safely adapt useful logic. It also highlights marketplace and manifest patterns to inspect before installation.
When to use it
- Searching for existing skills before building from scratch
- Evaluating a community plugin’s safety and maintenance status
- Finding design patterns or inspiration for a new skill
- Auditing a plugin or marketplace entry before installation
- Preparing a safe first run of untrusted contributions
Best practices
- Prefer actively maintained projects; check recent commits and issue activity
- Inspect manifests, hook scripts, and any install scripts before running them
- Start with minimal permissions and isolated context for the first run
- Look for clear descriptions and explicit allowed-tool scopes rather than blanket access
- Document what you installed, why, and any deviations from the original source
Example use cases
- Locate a marketplace manifest and verify its sources and update policy before adding it to production
- Shortlist candidate skills by filtering for recent commits and clear allowed-tool restrictions
- Run a new community plugin in a forked context with model invocation disabled to observe behavior
- Extract a useful preprocessing hook pattern and adapt only the minimal logic needed
- Audit hook scripts for network calls and exit-code semantics before allowing side effects
FAQ
Run the skill with minimal allowed tools, use an isolated/forked context, and disable model invocation initially. Monitor tool calls during the first run and expand permissions only after inspection.
What signals indicate a low-quality plugin?
Stale commits, many unresolved issues, vague descriptions, broad tool access without justification, obfuscated or undocumented install scripts, and opaque marketplace sources are common red flags.