Skillget

eden-skills

agent
Security Audit
Fail
Health Pass
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 25 GitHub stars
Code Fail
  • rm -rf — Recursive force deletion command in install.sh
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool is a deterministic skills manager for AI coding agents like Claude Code and Cursor. It installs, links, and self-heals configuration "skills" across multiple agent environments using a single binary and a version-locked configuration file.

Security Assessment
Overall Risk: Medium. The tool is designed to execute shell commands and modify file systems (specifically managing symlinks and installing repositories via Git). It also makes network requests to fetch and install these skills. While no hardcoded secrets were found and it does not request explicitly dangerous overarching permissions, the automated installation script fails a critical safety check. The `install.sh` script contains a recursive force deletion command (`rm -rf`). If this command is improperly sanitized or encounters an unexpected variable state, it poses a significant risk of catastrophic data loss on the host machine.

Quality Assessment
The project appears to be highly active and professionally structured. It was updated very recently, is licensed under the permissive MIT standard, and boasts a solid foundation of 476 automated tests. However, community trust is currently quite low; it only has 25 GitHub stars, indicating that it has not yet been widely adopted or extensively battle-tested by a large user base.

Verdict
Use with caution due to the presence of risky recursive deletion commands in the installation script and low community adoption.
SUMMARY

Deterministic & Blazing-Fast Skills Manager for AI Agents (Claude Code, Cursor, Codex & More).

README.md
Eden-Skills — Deterministic & Blazing-Fast Skills Manager for AI Agents

eden-skills

CI
crates.io
downloads

Deterministic, self-healing skills manager for AI agents. Single binary. Zero runtime dependencies.

Built by a three-model AI engineering team — 38K lines of Rust, 476 tests, 57 behavior specs.

Why eden-skills

  • Installs are deterministic: skills.lock pins every installed skill by commit SHA and target path. Run apply on any machine and get exactly the same state — like Terraform for agent skills.

  • Broken installs self-heal: doctor detects broken symlinks, missing sources, drift, and risk findings. Use doctor --no-warning when you want an error-focused view. repair fixes recoverable drift automatically. No competitor offers this.

  • Config is code: skills.toml is your single source of truth. Version it, share it with your team, and apply it anywhere.

  • Docker-native: Install skills directly into running containers with --target docker:<container>. Use docker mount-hint to configure bind mounts for live sync.

  • Zero runtime: Single ~10 MB binary. No Node.js, no npm, no Python — just eden-skills and git.

Quick Start

Prerequisite: Git

Linux / macOS:

curl -fsSL https://raw.githubusercontent.com/AI-Eden/eden-skills/main/install.sh | bash

Windows (PowerShell):

irm https://raw.githubusercontent.com/AI-Eden/eden-skills/main/install.ps1 | iex
Alternative: install via Cargo or from source 
cargo install eden-skills --locked

git clone https://github.com/AI-Eden/eden-skills.git
cd eden-skills
cargo install --path crates/eden-skills-cli --locked --force

Install your first skill:

eden-skills install vercel-labs/agent-skills

Auto-detects installed agents (Claude Code, Cursor, Codex, Windsurf, etc.) and links the skill to each. When multiple skills are found, an interactive selector appears.

Verify the installation is healthy:

eden-skills doctor

If anything is broken:

eden-skills repair

See It In Action

Interactive install, simulated damage, and self-healing recovery:

eden-skills terminal demo: interactively install a skill, simulate install damage, diagnose it with doctor, repair it, and verify the final healthy state

Commands

Command Description
install <source> Install skills from GitHub, URL, or local path
remove [skills...] Remove skills (batch or interactive)
list List installed skills and their source origins
apply Reconcile all skills to the desired config state
plan Preview planned changes (read-only)
doctor Detect broken links, drift, and risk findings (--no-warning hides warnings)
repair Self-heal broken symlinks and drifted state
update Sync registry indexes to latest
clean Remove orphaned repo-cache entries and stale temp directories
init Initialize a new skills.toml config
add / set Add or update skill entries in config
config export / import Export or import config
docker mount-hint Show recommended bind mounts for a container

See CLI Reference for full options, flags, and examples.

Supported Agents

40+ agents including Claude Code, Cursor, Codex, Windsurf, Gemini CLI, GitHub Copilot, Cline, Roo, Continue, and more. Docker containers (docker:<name>) and arbitrary paths (custom:<path>) are also supported.

See full agent list.

Documentation

  1. Quickstart: First Successful Run
  2. Config Lifecycle Management
  3. Registry and Install Workflow
  4. Docker Targets Guide
  5. Safety, Strict Mode, and Exit Codes
  6. Troubleshooting Playbook
  7. CLI Reference
  8. Agentic Engineering Workflow

Current Status

  • Phase 1 (CLI foundation): complete
  • Phase 2 (async reactor, Docker adapter, registry): complete
  • Phase 2.5 (URL install, agent auto-detection, binary distribution): complete
  • Phase 2.7 – 2.98 (lock file, TUI, output polish, interactive UX, cache clean, doctor/list polish): complete
  • Phase 3 (crawler / taxonomy / curation): planned

eden-skills is under active development. Avoid production use where breaking changes are not tolerable.

Repository Layout

Built with Agentic Engineering

eden-skills was built using a three-model AI collaboration workflow:

  • Scout (Gemini) — market research, competitive analysis, roadmap planning
  • Architect (Claude) — behavior spec authoring, architecture decisions, large-scale refactoring
  • Builder (GPT) — implementation from specs, tests, CI integration

The prompt/ directory contains the complete set of kick files — role-scoped prompts with identity constraints, pre-flight checks, and batch/handoff protocols. Each prompt enforces strict role boundaries: the Architect cannot write code; the Builder cannot modify specs.

The 62 spec files under spec/ are not a barrier to contribution — they are the Architect agent's work product. You do not need to write specs yourself. See the Agentic Workflow Guide to learn how to use AI agents to contribute to this project.

Contributing

Contributions welcome — issues, bug reports, docs, tests, and pull requests.

To understand the development workflow, start with the Agentic Workflow Guide. For normative behavior contracts, see spec/. Track progress in STATUS.yaml and EXECUTION_TRACKER.md. See the Roadmap for strategic milestones.

Reviews (0)

No results found