Racking Up 24,000 Stars: With One Command, AI Can Now Find Its Own Skills

marsbit2026-07-06 tarihinde yayınlandı2026-07-06 tarihinde güncellendi

Özet

Vercel, known for its developer tools like Next.js, has launched 'skills', a package manager for AI coding agents, garnering 24,000 GitHub stars. It allows developers to add specialized capabilities, such as React best practices, to AI assistants like Claude Code or Cursor with a single command: `npx skills add <package>`. Skills are shareable, reusable modules that define an AI agent's behavior for specific tasks, moving beyond one-off prompt engineering towards standardized 'capability engineering'. A key innovation is the 'find-skills' skill, which acts as an internal search engine, allowing an agent to autonomously find and install the right skill for a user's request. This lowers the barrier for non-developers to leverage advanced AI coding assistance. However, this 'npm moment' for AI brings significant security risks. Security audits of thousands of skills on platforms like skills.sh and ClawHub found over 30% contained security flaws, with about 13% classified as severe. Threats include malicious scripts that can access local files and credentials, and prompt injection hidden within skill documentation. Unlike traditional code packages, skills blend instructions, code, and system access, posing a direct risk to user machines and data. Experts advise treating skills like code—reviewing them carefully before installation, especially their scripts, and being wary of excessive permissions. Ultimately, Vercel's initiative represents a major shift towards modular, reusab...

In the past, developers exchanged prompt templates.

Now, the trend has changed. People are asking each other, "Which skill should you install?"

Behind this lies a bigger shift: AI programming tools are starting to "install packages."

On the morning of January 17th this year, Guillermo Rauch, founder and CEO of Vercel, posted on X: We are launching skills—the "npm" for AI skills.

所谓「npm」, is the package manager front-end engineers use every day, where one command can install others' work into their own project.

Rauch's implication was: This experience of "installing others' work with one command" is now being brought to AI.

Peter Steinberger, the "Father of Lobster," replied immediately: "Cool! Gotta sync this with ClawHub."

ClawHub is another skill marketplace for the agent ecosystem, not affiliated with Vercel. Yet Peter's first reaction was "to align."

Three days later, Vercel officially announced it in an update log: a command-line tool for installing and managing capability packages for AI agents.

The official repository, vercel-labs/skills, reached 24,000 GitHub stars in just five months after its release.

Why is it so popular? It's as simple as one command:

npx skills add .

In short, it's a package manager for AI agents.

Like npm, used daily by front-end engineers, one command installs others' work into a project—except this time it's not code libraries, but "capabilities."

Even better, it's tool-agnostic. Claude Code, Cursor, Codex, Gemini CLI... over 68 officially supported agents. One capability package runs on any tool.

Vercel also launched skills.sh, a skill directory with an installation leaderboard, showing which skills are popular and how many times they've been installed at a glance.

The top package, called find-skills, has already been installed 2.3 million times.

skills.sh skill directory installation leaderboard. find-skills leads with 2.3 million (2.3M) installs, followed by frontend-design, vercel-react-best-practices, etc. (Source: skills.sh)

For the first time, AI programming capabilities have a "Top Downloads" chart.

One Command

AI Learns a New Skill

First, let's see what it actually does.

npx skills add vercel-labs/agent-skills, enter.

Seconds later, your Claude Code gains a set of React and Next.js engineering standards, plus a set of design principles. Next time it writes code, it automatically follows these rules.

This is officially called a "skill package." Essentially, it's a folder, with a SKILL.md file with a YAML header at its core, clearly stating two things: what this skill is, and when to use it.

The folder can also contain reference docs, templates, and a dedicated scripts/ directory containing executable scripts.

It solves a very practical pain point.

Models understand general programming languages and frameworks, but they don't know your project's "local conventions": your code style, naming habits, pitfalls you've encountered.

Before, you had to repeat these in every new conversation. Now, they're packaged into a skill, installed once, and remain effective long-term.

After installation, you can manage it like npm packages: list to see what's installed, update with one click, remove to delete.

Underlying it is a shared specification. What you install for Claude Code runs just the same when switched to Cursor.

If even installing is too much trouble, there's an even lighter way: use it without installing.

A single npx skills use temporarily pulls the skill over, pipes it to Claude to run, and discards it after use, without even "soiling" the local directory.

In the past, the boundary of AI's capabilities depended on how you described them verbally. Now, capabilities have become packages that can be directly taken off the shelf.

The "npm-ification" of the AI Tool Layer

Many might mistake it for a new Claude feature. But it comes from Vercel, not an innate capability of Anthropic.

Claude Code, Cursor, Codex, GitHub Copilot, Windsurf... all are supported targets. The skills CLI connects them all, unifying the entry point.

Behind this entry point lies the "npm-ification" of the AI tool layer.

Vercel packages these fragmented experiences into reusable, distributable, version-managed modules.

AI capabilities are shifting from "prompt engineering" to "capability engineering." The former solves "how to say it this time," the latter solves "how to do this thing every time from now on."

Vercel has played this game before.

Back then, it used Next.js to lock down the deployment gateway for the entire front-end ecosystem; front-end developers couldn't avoid it.

Now it wants to tell the same story again, but at the AI agent layer.

Find Skills

AI Gets Its First "Capability Search Engine"

The most futuristic touch is Find Skills, a "skill for finding skills."

The official definition of the find-skills skill—when users ask "how to do X" or "is there a skill that can...", or want to expand capabilities, it is responsible for discovering and installing the corresponding AI agent skills.

You say "help me do X," and it runs the entire process for you: search, filter, and install the most suitable one.

Even better, it comes with built-in quality checks. When selecting skills, it checks installation counts, compares sources, prioritizes popular and official ones, and warns you to be cautious about dubious ones.

The source code of find-skills' SKILL.md explicitly includes three quality verification rules before recommendation: prioritize 1000+ installs, be wary of those below 100, prioritize official sources like Vercel, Anthropic, Microsoft, and question repositories with fewer than 100 stars.

This means AI has its first "capability search engine." You don't need to know what skills exist or their names; just say what you want to do, and let it find the rest.

More importantly, it's not just useful for programmers.

The ones most tormented by "fragmented capabilities" are actually designers, product managers, and content creators who rely on AI to write code.

They lack engineering habits, relying on AI for git commits, documentation standards, making them the ones who most need ready-made skill packages for support.

Find Skills essentially gives them an entry point to deploy capabilities without needing to understand the details.

Behind the Hype

An Unbacked Liability

It sounds great, but don't get carried away just yet.

Let's go back to that scripts directory. Skills contain execution logic, not just harmless descriptions; they actually run commands on your computer.

But most people don't check which files a third-party package they casually installed might have touched.

How many landmines could be hidden within?

Snyk's ToxicSkills research conducted the first systematic audit of 3984 skills on ClawHub and skills.sh: over 30% had security flaws, 13.4% (534) were critical severity, covering malware distribution, prompt injection, and key leakage.

This means, on average, one out of every 7 or 8 could directly harm you.

Snyk's "ToxicSkills" research audited 3984 skills: 1467 (36.82%) had any security flaw, of which 534 (13.4%) were critical severity, with 76 malicious payloads confirmed, and another 8 still existing on ClawHub. (Source: Snyk)

Another organization, Koi Security, audited 2857 skills and found 341 malicious ones.

The main methods follow two paths.

One is through scripts, making your AI download things from unfamiliar IPs and execute them locally, or stealing to read your SSH, AWS configurations.

The other is more subtle, directly poisoning the text within SKILL.md, where AI reads the attacker's hidden instructions as legitimate work descriptions and acts accordingly.

The most severe ones specifically steal memory files where agents store private conversations.

You might say, npm also has constant poisoning incidents, but the risk here is on another level.

npm installs pure code, separating data and instructions; skill blurs this boundary. It combines prompts, code, and full permissions; a single SKILL.md can rewrite the agent's behavior, with direct access to your filesystem, network, and shell.

npm's risks at most affect build artifacts; skill's risks directly access your local credentials and entire codebase.

Of course, this isn't to advise against installing. Vercel itself reminds: treat skills like code, read them before installing, and be especially careful with the scripts directory.

The simplest rule of thumb is: high download count doesn't equal safety. What you should really look at is the source and permissions. Why would a weather-checking skill need to read your server's SSH key?

The long-awaited "npm moment" for AI capabilities has truly arrived.

But it didn't just bring convenience; it also bundled in all the pitfalls npm has stepped on over the years, arriving even before the ecosystem matured.

Installing capabilities with one command is certainly satisfying, but this road has just begun. It lets you reuse peers' accumulated expertise, but also requires you to bring judgment to the table.

Selecting packages, checking sources, verifying permissions—this old craft of developers must still be brought along this time.

Twenty Years

One Command

Ultimately, the origin of all this is still Vercel founder Guillermo Rauch.

He comes from Lanús in Buenos Aires, Argentina. In his own words, much of his life's work is thanks to the Web and open source.

In his youth, he was passionate about promoting Linux, teaching people how to use it, later diving headfirst into JavaScript; after joining the core team of the open-source project MooTools, he got his first full-time front-end engineering job at 18 and moved to San Francisco.

Guillermo Rauch

One of his famous works is Socket.io: a widely used real-time communication library. The real-time sync in Notion, Coinbase's earliest trading products—they all run on it underneath.

Later, he focused on a direction: building tools and cloud infrastructure to make the Web faster and maximize developer experience. Next.js and Vercel were born.

Today, this platform supports the online operations of companies like The Washington Post, Porsche, Under Armour, and Nintendo.

And Vercel's real killer app lies here: code, preview, deploy—all done with one command. Once developers use it, it's hard to leave this ecosystem.

Ultimately, Rauch has done one thing for twenty years: compress originally complex engineering into that one command developers dare to run with their eyes closed.

From one line `now` to spin up a server, to Next.js, to today's `npx skills add`, the same craft, now applied to AI agents.

References:

https://github.com/vercel-labs/skills#supported-agents

https://www.skills.sh/

https://snyk.io/blog/toxicskills-malicious-ai-agent-skills-clawhub/

This article is from the WeChat public account "Xin Zhi Yuan" (New Wisdom Source), author: ASI Apocalypse, editor: Yuan Yu

Trend Kriptolar

İlgili Sorular

QWhat is the core functionality and significance of the Vercel-labs/skills tool mentioned in the article?

AThe Vercel-labs/skills tool is a command-line interface that functions as a package manager for AI agents. Its core command, `npx skills add `, allows developers to install pre-packaged AI 'skills'—which are essentially reusable modules containing knowledge, templates, and scripts—into various AI coding tools like Claude Code, Cursor, and others. Its significance lies in transforming how AI capabilities are distributed and managed, moving from ad-hoc prompt engineering to reusable 'capability engineering,' making specialized knowledge accessible and persistent across projects and tools.

QAccording to the article, what potential security risks are associated with installing AI agent skills from public repositories?

AInstalling AI agent skills from public repositories poses significant security risks, as highlighted by security audits from companies like Snyk. Risks include: 1) Malware distribution via executable scripts that can download and run arbitrary code. 2) Prompt injection, where hidden instructions in the SKILL.md file can manipulate the AI agent's behavior. 3) Stealing sensitive data like SSH keys, AWS credentials, or private conversation histories. The risk is heightened because skills combine instructions, code, and direct system access, making them potentially more dangerous than traditional npm packages where code and data are more separated.

QDescribe the role and function of the 'find-skills' skill mentioned in the article.

AThe 'find-skills' skill is a meta-skill designed to discover and install other AI agent skills. When a user requests help for a task (e.g., 'How do I do X?'), this skill automatically searches the skills repository, filters options based on criteria like installation count and trusted sources (e.g., Vercel, Anthropic), and installs the most suitable skill. It essentially acts as an 'ability search engine' for AI agents, allowing users, especially non-engineers, to extend AI capabilities without needing to know specific skill names or manually browse directories.

QWhat major shift in AI development does the Vercel skills initiative represent, as discussed in the article?

AThe Vercel skills initiative represents a major shift from 'prompt engineering' to 'capability engineering.' Previously, developers shared prompt templates to guide AI for specific tasks in a one-off manner. Now, they are packaging comprehensive knowledge, project-specific rules, and executable scripts into reusable and distributable 'skill' modules. This 'npm-ification' of the AI tool layer allows for standardized, version-controlled, and easily shareable AI capabilities, moving beyond transient instructions to durable, installable components that can be managed across different AI agent platforms.

QBased on the article, what is a key piece of advice for safely using AI agent skills from public sources?

AA key piece of advice for safely using AI agent skills is to treat them with the same caution as external code libraries. Users should: 1) Review the skill's source code, particularly the `SKILL.md` file and any scripts in the `scripts/` directory, before installation. 2) Prioritize skills from verified and official sources (e.g., Vercel, Anthropic). 3) Be wary of skills requesting excessive or unnecessary permissions (e.g., a weather skill asking for SSH keys). 4) Not rely solely on high download counts as a guarantee of safety. The article emphasizes the need for developers to apply their existing judgment about dependencies to this new ecosystem.

İlgili Okumalar

ARK Invest Heavily Buys Crypto-Related Stocks: Lower Risk, or Double Pressure?

During Bitcoin's worst monthly performance in four years, ARK Invest, led by Cathie Wood, purchased $77 million worth of stock in crypto-related public companies in June, including Coinbase, Circle, and Bullish. The investment thesis suggests these stocks offer compliant exposure to the crypto sector without directly holding Bitcoin. However, analysis reveals significant drawbacks: these stocks exhibit nearly double the volatility of Bitcoin itself (68%-90% vs. 37.6% over 30 days) and only moderate correlation with Bitcoin prices (0.55-0.58 for several firms). This indicates investors are exposed to both partial crypto price movements and a full suite of company-specific business risks like earnings, competition, and financing. MicroStrategy (MSTR) is the closest to a pure Bitcoin proxy with high correlation and leverage (beta of 1.59). In contrast, Circle's price is heavily influenced by stablecoin competition, while Robinhood's diversified business buffers crypto downturns but also limits upside. Notably, some mining stocks (RIOT, MARA) have risen sharply in 2024 due to AI-related ventures, decoupling from Bitcoin's decline. The case of MicroStrategy highlights additional equity-specific risks like potential shareholder dilution and the breakdown of its premium valuation model (mNAV), which recently forced it to consider selling Bitcoin for liquidity. While some stocks like Coinbase have outperformed Bitcoin year-to-date, the data suggests investing in crypto equities generally amplifies volatility or layers on independent business risks compared to direct Bitcoin ownership.

marsbit38 dk önce

ARK Invest Heavily Buys Crypto-Related Stocks: Lower Risk, or Double Pressure?

marsbit38 dk önce

DeepMind's Classic Masterpiece Crowned Again, ICML 2026 Awards Announced

ICML 2026 has announced its annual awards, with diffusion models and AI safety ethics taking center stage. The Outstanding Paper Award was shared by two diffusion model studies. One challenges a core assumption of diffusion language models (DLMs), arguing that their touted "arbitrary order generation" is a "flexibility trap" that harms performance. The other provides a high-accuracy sampling method, pushing the technical ceiling for diffusion models and log-concave distributions. A position paper winning the Outstanding Award raises a critical ethical concern: AI alignment research is unintentionally building a "censor's toolkit," where safety tools like RLHF can be repurposed for content control. Several papers received Honorable Mentions, spanning key areas: mapping where honesty emerges in RLHF-trained models, motion attribution in video generation, quantifying how much language models memorize, analyzing diffusion model consistency via random matrix theory, and providing a mathematical proof for the "grokking" phenomenon in a simple model. The Test of Time Award was given to DeepMind's 2016 seminal work "Asynchronous Methods for Deep Reinforcement Learning," recognizing the enduring impact of the A3C algorithm. Overall, the awards signal a shift in AI research from rapid expansion to deeper scrutiny—validating diffusion models as a major architectural contender while prompting serious ethical reflection within the safety community.

marsbit54 dk önce

DeepMind's Classic Masterpiece Crowned Again, ICML 2026 Awards Announced

marsbit54 dk önce

İşlemler

Spot

Popüler Makaleler

ONE Nasıl Satın Alınır

HTX.com’a hoş geldiniz! Harmony (ONE) satın alma işlemlerini basit ve kullanışlı bir hâle getirdik. Adım adım açıkladığımız rehberimizi takip ederek kripto yolculuğunuza başlayın. 1. Adım: HTX Hesabınızı OluşturunHTX'te ücretsiz bir hesap açmak için e-posta adresinizi veya telefon numaranızı kullanın. Sorunsuzca kaydolun ve tüm özelliklerin kilidini açın. Hesabımı Aç2. Adım: Kripto Satın Al Bölümüne Gidin ve Ödeme Yönteminizi SeçinKredi/Banka Kartı: Visa veya Mastercard'ınızı kullanarak anında Harmony (ONE) satın alın.Bakiye: Sorunsuz bir şekilde işlem yapmak için HTX hesap bakiyenizdeki fonları kullanın.Üçüncü Taraflar: Kullanımı kolaylaştırmak için Google Pay ve Apple Pay gibi popüler ödeme yöntemlerini ekledik.P2P: HTX'teki diğer kullanıcılarla doğrudan işlem yapın.Borsa Dışı (OTC): Yatırımcılar için kişiye özel hizmetler ve rekabetçi döviz kurları sunuyoruz.3. Adım: Harmony (ONE) Varlıklarınızı SaklayınHarmony (ONE) satın aldıktan sonra HTX hesabınızda saklayın. Alternatif olarak, blok zinciri transferi yoluyla başka bir yere gönderebilir veya diğer kripto para birimlerini takas etmek için kullanabilirsiniz.4. Adım: Harmony (ONE) Varlıklarınızla İşlem YapınHTX'in spot piyasasında Harmony (ONE) ile kolayca işlemler yapın.Hesabınıza erişin, işlem çiftinizi seçin, işlemlerinizi gerçekleştirin ve gerçek zamanlı olarak izleyin. Hem yeni başlayanlar hem de deneyimli yatırımcılar için kullanıcı dostu bir deneyim sunuyoruz.

467 Toplam GörüntülenmeYayınlanma 2024.12.12Güncellenme 2026.06.02

ONE Nasıl Satın Alınır

Tartışmalar

HTX Topluluğuna hoş geldiniz. Burada, en son platform gelişmeleri hakkında bilgi sahibi olabilir ve profesyonel piyasa görüşlerine erişebilirsiniz. Kullanıcıların ONE (ONE) fiyatı hakkındaki görüşleri aşağıda sunulmaktadır.

活动图片