Racking Up 24,000 Stars: With One Command, AI Can Now Find Its Own Skills

marsbitPublicado a 2026-07-06Actualizado a 2026-07-06

Resumen

Vercel, known for its developer tools like Next.js, has launched 'skills', a package manager for AI coding agents, garnering 24,000 GitHub stars. It allows developers to add specialized capabilities, such as React best practices, to AI assistants like Claude Code or Cursor with a single command: `npx skills add <package>`. Skills are shareable, reusable modules that define an AI agent's behavior for specific tasks, moving beyond one-off prompt engineering towards standardized 'capability engineering'. A key innovation is the 'find-skills' skill, which acts as an internal search engine, allowing an agent to autonomously find and install the right skill for a user's request. This lowers the barrier for non-developers to leverage advanced AI coding assistance. However, this 'npm moment' for AI brings significant security risks. Security audits of thousands of skills on platforms like skills.sh and ClawHub found over 30% contained security flaws, with about 13% classified as severe. Threats include malicious scripts that can access local files and credentials, and prompt injection hidden within skill documentation. Unlike traditional code packages, skills blend instructions, code, and system access, posing a direct risk to user machines and data. Experts advise treating skills like code—reviewing them carefully before installation, especially their scripts, and being wary of excessive permissions. Ultimately, Vercel's initiative represents a major shift towards modular, reusab...

In the past, developers exchanged prompt templates.

Now, the trend has changed. People are asking each other, "Which skill should you install?"

Behind this lies a bigger shift: AI programming tools are starting to "install packages."

On the morning of January 17th this year, Guillermo Rauch, founder and CEO of Vercel, posted on X: We are launching skills—the "npm" for AI skills.

所谓「npm」, is the package manager front-end engineers use every day, where one command can install others' work into their own project.

Rauch's implication was: This experience of "installing others' work with one command" is now being brought to AI.

Peter Steinberger, the "Father of Lobster," replied immediately: "Cool! Gotta sync this with ClawHub."

ClawHub is another skill marketplace for the agent ecosystem, not affiliated with Vercel. Yet Peter's first reaction was "to align."

Three days later, Vercel officially announced it in an update log: a command-line tool for installing and managing capability packages for AI agents.

The official repository, vercel-labs/skills, reached 24,000 GitHub stars in just five months after its release.

Why is it so popular? It's as simple as one command:

npx skills add .

In short, it's a package manager for AI agents.

Like npm, used daily by front-end engineers, one command installs others' work into a project—except this time it's not code libraries, but "capabilities."

Even better, it's tool-agnostic. Claude Code, Cursor, Codex, Gemini CLI... over 68 officially supported agents. One capability package runs on any tool.

Vercel also launched skills.sh, a skill directory with an installation leaderboard, showing which skills are popular and how many times they've been installed at a glance.

The top package, called find-skills, has already been installed 2.3 million times.

skills.sh skill directory installation leaderboard. find-skills leads with 2.3 million (2.3M) installs, followed by frontend-design, vercel-react-best-practices, etc. (Source: skills.sh)

For the first time, AI programming capabilities have a "Top Downloads" chart.

One Command

AI Learns a New Skill

First, let's see what it actually does.

npx skills add vercel-labs/agent-skills, enter.

Seconds later, your Claude Code gains a set of React and Next.js engineering standards, plus a set of design principles. Next time it writes code, it automatically follows these rules.

This is officially called a "skill package." Essentially, it's a folder, with a SKILL.md file with a YAML header at its core, clearly stating two things: what this skill is, and when to use it.

The folder can also contain reference docs, templates, and a dedicated scripts/ directory containing executable scripts.

It solves a very practical pain point.

Models understand general programming languages and frameworks, but they don't know your project's "local conventions": your code style, naming habits, pitfalls you've encountered.

Before, you had to repeat these in every new conversation. Now, they're packaged into a skill, installed once, and remain effective long-term.

After installation, you can manage it like npm packages: list to see what's installed, update with one click, remove to delete.

Underlying it is a shared specification. What you install for Claude Code runs just the same when switched to Cursor.

If even installing is too much trouble, there's an even lighter way: use it without installing.

A single npx skills use temporarily pulls the skill over, pipes it to Claude to run, and discards it after use, without even "soiling" the local directory.

In the past, the boundary of AI's capabilities depended on how you described them verbally. Now, capabilities have become packages that can be directly taken off the shelf.

The "npm-ification" of the AI Tool Layer

Many might mistake it for a new Claude feature. But it comes from Vercel, not an innate capability of Anthropic.

Claude Code, Cursor, Codex, GitHub Copilot, Windsurf... all are supported targets. The skills CLI connects them all, unifying the entry point.

Behind this entry point lies the "npm-ification" of the AI tool layer.

Vercel packages these fragmented experiences into reusable, distributable, version-managed modules.

AI capabilities are shifting from "prompt engineering" to "capability engineering." The former solves "how to say it this time," the latter solves "how to do this thing every time from now on."

Vercel has played this game before.

Back then, it used Next.js to lock down the deployment gateway for the entire front-end ecosystem; front-end developers couldn't avoid it.

Now it wants to tell the same story again, but at the AI agent layer.

Find Skills

AI Gets Its First "Capability Search Engine"

The most futuristic touch is Find Skills, a "skill for finding skills."

The official definition of the find-skills skill—when users ask "how to do X" or "is there a skill that can...", or want to expand capabilities, it is responsible for discovering and installing the corresponding AI agent skills.

You say "help me do X," and it runs the entire process for you: search, filter, and install the most suitable one.

Even better, it comes with built-in quality checks. When selecting skills, it checks installation counts, compares sources, prioritizes popular and official ones, and warns you to be cautious about dubious ones.

The source code of find-skills' SKILL.md explicitly includes three quality verification rules before recommendation: prioritize 1000+ installs, be wary of those below 100, prioritize official sources like Vercel, Anthropic, Microsoft, and question repositories with fewer than 100 stars.

This means AI has its first "capability search engine." You don't need to know what skills exist or their names; just say what you want to do, and let it find the rest.

More importantly, it's not just useful for programmers.

The ones most tormented by "fragmented capabilities" are actually designers, product managers, and content creators who rely on AI to write code.

They lack engineering habits, relying on AI for git commits, documentation standards, making them the ones who most need ready-made skill packages for support.

Find Skills essentially gives them an entry point to deploy capabilities without needing to understand the details.

Behind the Hype

An Unbacked Liability

It sounds great, but don't get carried away just yet.

Let's go back to that scripts directory. Skills contain execution logic, not just harmless descriptions; they actually run commands on your computer.

But most people don't check which files a third-party package they casually installed might have touched.

How many landmines could be hidden within?

Snyk's ToxicSkills research conducted the first systematic audit of 3984 skills on ClawHub and skills.sh: over 30% had security flaws, 13.4% (534) were critical severity, covering malware distribution, prompt injection, and key leakage.

This means, on average, one out of every 7 or 8 could directly harm you.

Snyk's "ToxicSkills" research audited 3984 skills: 1467 (36.82%) had any security flaw, of which 534 (13.4%) were critical severity, with 76 malicious payloads confirmed, and another 8 still existing on ClawHub. (Source: Snyk)

Another organization, Koi Security, audited 2857 skills and found 341 malicious ones.

The main methods follow two paths.

One is through scripts, making your AI download things from unfamiliar IPs and execute them locally, or stealing to read your SSH, AWS configurations.

The other is more subtle, directly poisoning the text within SKILL.md, where AI reads the attacker's hidden instructions as legitimate work descriptions and acts accordingly.

The most severe ones specifically steal memory files where agents store private conversations.

You might say, npm also has constant poisoning incidents, but the risk here is on another level.

npm installs pure code, separating data and instructions; skill blurs this boundary. It combines prompts, code, and full permissions; a single SKILL.md can rewrite the agent's behavior, with direct access to your filesystem, network, and shell.

npm's risks at most affect build artifacts; skill's risks directly access your local credentials and entire codebase.

Of course, this isn't to advise against installing. Vercel itself reminds: treat skills like code, read them before installing, and be especially careful with the scripts directory.

The simplest rule of thumb is: high download count doesn't equal safety. What you should really look at is the source and permissions. Why would a weather-checking skill need to read your server's SSH key?

The long-awaited "npm moment" for AI capabilities has truly arrived.

But it didn't just bring convenience; it also bundled in all the pitfalls npm has stepped on over the years, arriving even before the ecosystem matured.

Installing capabilities with one command is certainly satisfying, but this road has just begun. It lets you reuse peers' accumulated expertise, but also requires you to bring judgment to the table.

Selecting packages, checking sources, verifying permissions—this old craft of developers must still be brought along this time.

Twenty Years

One Command

Ultimately, the origin of all this is still Vercel founder Guillermo Rauch.

He comes from Lanús in Buenos Aires, Argentina. In his own words, much of his life's work is thanks to the Web and open source.

In his youth, he was passionate about promoting Linux, teaching people how to use it, later diving headfirst into JavaScript; after joining the core team of the open-source project MooTools, he got his first full-time front-end engineering job at 18 and moved to San Francisco.

Guillermo Rauch

One of his famous works is Socket.io: a widely used real-time communication library. The real-time sync in Notion, Coinbase's earliest trading products—they all run on it underneath.

Later, he focused on a direction: building tools and cloud infrastructure to make the Web faster and maximize developer experience. Next.js and Vercel were born.

Today, this platform supports the online operations of companies like The Washington Post, Porsche, Under Armour, and Nintendo.

And Vercel's real killer app lies here: code, preview, deploy—all done with one command. Once developers use it, it's hard to leave this ecosystem.

Ultimately, Rauch has done one thing for twenty years: compress originally complex engineering into that one command developers dare to run with their eyes closed.

From one line `now` to spin up a server, to Next.js, to today's `npx skills add`, the same craft, now applied to AI agents.

References:

https://github.com/vercel-labs/skills#supported-agents

https://www.skills.sh/

https://snyk.io/blog/toxicskills-malicious-ai-agent-skills-clawhub/

This article is from the WeChat public account "Xin Zhi Yuan" (New Wisdom Source), author: ASI Apocalypse, editor: Yuan Yu

Criptos en tendencia

Preguntas relacionadas

QWhat is the core functionality and significance of the Vercel-labs/skills tool mentioned in the article?

AThe Vercel-labs/skills tool is a command-line interface that functions as a package manager for AI agents. Its core command, `npx skills add `, allows developers to install pre-packaged AI 'skills'—which are essentially reusable modules containing knowledge, templates, and scripts—into various AI coding tools like Claude Code, Cursor, and others. Its significance lies in transforming how AI capabilities are distributed and managed, moving from ad-hoc prompt engineering to reusable 'capability engineering,' making specialized knowledge accessible and persistent across projects and tools.

QAccording to the article, what potential security risks are associated with installing AI agent skills from public repositories?

AInstalling AI agent skills from public repositories poses significant security risks, as highlighted by security audits from companies like Snyk. Risks include: 1) Malware distribution via executable scripts that can download and run arbitrary code. 2) Prompt injection, where hidden instructions in the SKILL.md file can manipulate the AI agent's behavior. 3) Stealing sensitive data like SSH keys, AWS credentials, or private conversation histories. The risk is heightened because skills combine instructions, code, and direct system access, making them potentially more dangerous than traditional npm packages where code and data are more separated.

QDescribe the role and function of the 'find-skills' skill mentioned in the article.

AThe 'find-skills' skill is a meta-skill designed to discover and install other AI agent skills. When a user requests help for a task (e.g., 'How do I do X?'), this skill automatically searches the skills repository, filters options based on criteria like installation count and trusted sources (e.g., Vercel, Anthropic), and installs the most suitable skill. It essentially acts as an 'ability search engine' for AI agents, allowing users, especially non-engineers, to extend AI capabilities without needing to know specific skill names or manually browse directories.

QWhat major shift in AI development does the Vercel skills initiative represent, as discussed in the article?

AThe Vercel skills initiative represents a major shift from 'prompt engineering' to 'capability engineering.' Previously, developers shared prompt templates to guide AI for specific tasks in a one-off manner. Now, they are packaging comprehensive knowledge, project-specific rules, and executable scripts into reusable and distributable 'skill' modules. This 'npm-ification' of the AI tool layer allows for standardized, version-controlled, and easily shareable AI capabilities, moving beyond transient instructions to durable, installable components that can be managed across different AI agent platforms.

QBased on the article, what is a key piece of advice for safely using AI agent skills from public sources?

AA key piece of advice for safely using AI agent skills is to treat them with the same caution as external code libraries. Users should: 1) Review the skill's source code, particularly the `SKILL.md` file and any scripts in the `scripts/` directory, before installation. 2) Prioritize skills from verified and official sources (e.g., Vercel, Anthropic). 3) Be wary of skills requesting excessive or unnecessary permissions (e.g., a weather skill asking for SSH keys). 4) Not rely solely on high download counts as a guarantee of safety. The article emphasizes the need for developers to apply their existing judgment about dependencies to this new ecosystem.

Lecturas Relacionadas

After Close Observation of Wash, Morgan Stanley's Chief Economist Insists: The Fed Will Not Raise Rates This Year

After close observation of Federal Reserve Chair Wash, Seth Carpenter, Morgan Stanley's Chief Global Economist, asserts that the Fed will not raise interest rates this year. Following Wash's speech at the ECB's Sintra forum, Carpenter notes a marginal dovish shift: Wash now more clearly balances the Fed's dual mandate of price stability and maximum employment, rather than focusing nearly exclusively on inflation. Importantly, Wash highlighted that the latest policy meeting (coinciding with falling oil prices) has already lowered market inflation expectations and term premiums, signaling no urgency for a July rate hike. Carpenter's view is supported by data. Recent non-farm payroll figures provide room for the Fed to remain patient. Morgan Stanley's inflation forecasts are below the median FOMC projection, and methodological revisions to PCE inflation could further lower readings. These factors make Carpenter "comfortable" with the call for no hikes in 2024. Carpenter also pushes back against the simplistic narrative that AI will be deflationary and lead to rate cuts. He argues AI investment is currently boosting inflation marginally. More broadly, the business cycle will dictate policy; AI's productivity gains could boost demand and, crucially, raise the equilibrium interest rate (r*), weakening the case for cuts. In contrast, the ECB's path remains more hawkish. Carpenter interprets President Lagarde's Sintra comments as leaving the door open for another 25 basis point hike in September, though softer recent data and falling oil prices provide some flexibility. A July hike or more than one additional hike this year is seen as unlikely.

marsbitHace 1 min(s)

After Close Observation of Wash, Morgan Stanley's Chief Economist Insists: The Fed Will Not Raise Rates This Year

marsbitHace 1 min(s)

StarDynamics Secures 2.5 Billion in Two Months, State-Owned Capital Consortium Joins In

Star Era Raises 25 Billion Yuan in Two Months with State Capital Leading the Charge. Chinese humanoid robotics leader Star Era has secured a new 10-billion-yuan funding round led by state-owned capital, including funds like Chengtong Fund under the SASAC, marking 25 billion yuan raised within two months. The company, a spin-off from Tsinghua University, has built a comprehensive capital matrix combining state guidance, top-tier financial backers, and industrial partners. Founded in 2023 by Dr. Chen Jianyu, one of Tsinghua's youngest doctoral supervisors, Star Era stands out for its early and pioneering work on "world models" for embodied AI, notably releasing its PAD world action model ahead of major global players. The company follows an AI-native, full-stack R&D strategy from data and AI brain to control, dexterous hands (XHAND series), and robot bodies (bipedal L7, wheeled Q5). A core innovation is its fully direct-drive dexterous hands, which act as high-fidelity data collectors for training its AI models like the ERA-42 and VLAW, creating a virtuous cycle of data and intelligence. Star Era claims to possess one of the world's largest real-world dexterous hand datasets. Commercially, Star Era has achieved product-market fit, most notably in logistics, with robots operating 24/7 in distribution centers for partners like SF Express and China Post, handling over 1,200 parcels per hour. It is also expanding into high-end manufacturing (Samsung, Geely) and commercial services. Its hardware components are used by nine of the global top ten tech firms and leading research institutions. The article positions 2026 as an inflection point where success shifts from model capabilities to proven, scalable commercial deployment. Star Era's rapid funding and industrial traction highlight its position in this competitive race.

marsbitHace 5 min(s)

StarDynamics Secures 2.5 Billion in Two Months, State-Owned Capital Consortium Joins In

marsbitHace 5 min(s)

U.S. Stock Market Trend (July 6th): Gold and Crypto Lead Rebound Ahead of Stocks, Fed Minutes Set Weekly Direction

**U.S. Market Trends (July 6): Gold & Crypto Lead, Fed Minutes to Set Tone** Markets rebounded ahead of the U.S. Independence Day holiday, with Nasdaq 100 futures rising over 1% as AI sector concerns eased. Gold posted its best week in over a month, breaking a four-week losing streak despite ongoing Russia-Ukraine tensions, as Middle East risk premiums faded. Brent crude extended its decline for a fourth week. The week ahead is packed with key events. On Tuesday, SpaceX makes a record-fast entry into the Nasdaq 100 index, forcing passive fund flows, while U.S. tariff hearings and the Sun Valley Conference—notably missing NVIDIA's Jensen Huang and Tesla's Elon Musk—add complexity. OpenAI's scheduled GPT-5.6 release intensifies the AI model rollout race. The main focus is Thursday's release of the first Fed meeting minutes under Chair Wash. With half the FOMC already leaning toward a rate hike this year per the June dot plot, the minutes' tone will be critical for market direction. Hawkish confirmation could reverse recent risk-on sentiment, likely signaled first by a pullback in high-volatility assets like Bitcoin and Ethereum, which significantly outperformed last week. Other events include SK Hynix's large U.S. ADR listing and the start of the Q2 earnings season with reports from PepsiCo and Delta Air Lines. The market's path hinges on whether the liquidity and optimism built during the holiday can withstand the combined tests of Fed policy, trade tensions, and major corporate events.

marsbitHace 6 min(s)

U.S. Stock Market Trend (July 6th): Gold and Crypto Lead Rebound Ahead of Stocks, Fed Minutes Set Weekly Direction

marsbitHace 6 min(s)

World's Largest Data Center Project Scrapped

Blackstone Abandons Plans for World's Largest Data Center, Signaling Wider AI Infrastructure Headwinds Blackstone has halted construction of its massive "Digital Gateway" data center campus in Virginia, which was planned to be the world's largest. The project's cancellation follows a five-year battle with local residents concerned about historical preservation, environmental impact, and strain on local resources. A procedural error in the zoning approval process ultimately led a state court to invalidate the project's permits. This move comes shortly after Blackstone sold other mature data center assets, suggesting a strategic pivot by the asset management giant. Industry analysts see this as a potential sign of "peak" investment enthusiasm, mirroring Blackstone's past exits from overheated sectors like office real estate. The cancellation highlights significant bottlenecks facing the AI-driven data center boom across the U.S. Key challenges include severe power grid constraints, with data centers' electricity demand projected to triple nationally by 2035, and mounting grassroots opposition. A report notes over $130 billion worth of U.S. data center projects were delayed in Q1 2026 alone, primarily due to power shortages and community resistance. Local and state governments are also beginning to implement stricter regulations, including new taxes and moratoriums on construction. Blackstone's exit underscores that the breakneck expansion of AI infrastructure is colliding with practical limits, from physical resource caps to social license, forcing a more realistic assessment of costs and feasibility.

marsbitHace 32 min(s)

World's Largest Data Center Project Scrapped

marsbitHace 32 min(s)

Trading

Spot

Artículos destacados

Cómo comprar ONE

¡Bienvenido a HTX.com! Hemos hecho que comprar Harmony (ONE) sea simple y conveniente. Sigue nuestra guía paso a paso para iniciar tu viaje de criptos.Paso 1: crea tu cuenta HTXUtiliza tu correo electrónico o número de teléfono para registrarte y obtener una cuenta gratuita en HTX. Experimenta un proceso de registro sin complicaciones y desbloquea todas las funciones.Obtener mi cuentaPaso 2: ve a Comprar cripto y elige tu método de pagoTarjeta de crédito/débito: usa tu Visa o Mastercard para comprar Harmony (ONE) al instante.Saldo: utiliza fondos del saldo de tu cuenta HTX para tradear sin problemas.Terceros: hemos agregado métodos de pago populares como Google Pay y Apple Pay para mejorar la comodidad.P2P: tradear directamente con otros usuarios en HTX.Over-the-Counter (OTC): ofrecemos servicios personalizados y tipos de cambio competitivos para los traders.Paso 3: guarda tu Harmony (ONE)Después de comprar tu Harmony (ONE), guárdalo en tu cuenta HTX. Alternativamente, puedes enviarlo a otro lugar mediante transferencia blockchain o utilizarlo para tradear otras criptomonedas.Paso 4: tradear Harmony (ONE)Tradear fácilmente con Harmony (ONE) en HTX's mercado spot. Simplemente accede a tu cuenta, selecciona tu par de trading, ejecuta tus trades y monitorea en tiempo real. Ofrecemos una experiencia fácil de usar tanto para principiantes como para traders experimentados.

314 Vistas totalesPublicado en 2024.12.12Actualizado en 2026.06.02

Cómo comprar ONE

Discusiones

Bienvenido a la comunidad de HTX. Aquí puedes mantenerte informado sobre los últimos desarrollos de la plataforma y acceder a análisis profesionales del mercado. A continuación se presentan las opiniones de los usuarios sobre el precio de ONE (ONE).

活动图片