Ski
agent
Fail
Health Pass
- License — License: GPL-3.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 33 GitHub stars
Code Fail
- rm -rf — Recursive force deletion command in scripts/install.sh
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This is a Git-based agent tool that helps teams share and reuse AI skills across multiple codebases and development environments. It uses a manifest and lockfile system to keep installations reproducible without manual copy-pasting.
Security Assessment
Risk: Medium. The tool inherently makes network requests to fetch skills from external Git repositories. It also relies on executing Git commands under the hood. A notable security concern is the presence of a recursive force deletion command (`rm -rf`) inside the `scripts/install.sh` file. While commonly used in setup scripts, a poorly scoped `rm -rf` can accidentally delete critical system files if the targeted path variable is ever empty or undefined. There are no hardcoded secrets and no explicitly dangerous permissions requested, but as the documentation notes, trust is manual and unverified, meaning a malicious remote repository could potentially introduce harmful code.
Quality Assessment
The project appears to be actively maintained, with its most recent push occurring just today. It includes thorough documentation detailing its architecture, specific design decisions, and file specifications, which indicates a structured approach to development. The source code is licensed under GPL-3.0. The project has accumulated 33 GitHub stars, suggesting a small but growing amount of community validation and trust.
Verdict
Use with caution—the underlying utility is helpful, but you should audit the install script to ensure the `rm -rf` command is safely constrained before running it, and only fetch skills from Git repositories you completely trust.
This is a Git-based agent tool that helps teams share and reuse AI skills across multiple codebases and development environments. It uses a manifest and lockfile system to keep installations reproducible without manual copy-pasting.
Security Assessment
Risk: Medium. The tool inherently makes network requests to fetch skills from external Git repositories. It also relies on executing Git commands under the hood. A notable security concern is the presence of a recursive force deletion command (`rm -rf`) inside the `scripts/install.sh` file. While commonly used in setup scripts, a poorly scoped `rm -rf` can accidentally delete critical system files if the targeted path variable is ever empty or undefined. There are no hardcoded secrets and no explicitly dangerous permissions requested, but as the documentation notes, trust is manual and unverified, meaning a malicious remote repository could potentially introduce harmful code.
Quality Assessment
The project appears to be actively maintained, with its most recent push occurring just today. It includes thorough documentation detailing its architecture, specific design decisions, and file specifications, which indicates a structured approach to development. The source code is licensed under GPL-3.0. The project has accumulated 33 GitHub stars, suggesting a small but growing amount of community validation and trust.
Verdict
Use with caution—the underlying utility is helpful, but you should audit the install script to ensure the `rm -rf` command is safely constrained before running it, and only fetch skills from Git repositories you completely trust.
Install AI agent skills from Git into Claude, Codex, Cursor, and OpenClaw with a manifest, lockfile, and shared store
README.md
ski
Lightweight, Git-based toolkit for sharing agent skills across repos without copy-paste drift.
ski helps teams reuse the same skills across multiple codebases while keeping installs reproducible and repo-aware.
Best Fit
- teams sharing skills across multiple repos
- per-repo version pinning and restore
- project-scoped or global installs
- automation-friendly
Not For
- skill registries
- marketplaces
- public skill discovery
Install
Install with Homebrew:
brew tap Z-Bra0/skicli
brew install skicli
Homebrew installs the formula as skicli, but the command is still ski.
Or install with the release script:
curl -fsSL https://raw.githubusercontent.com/Z-Bra0/Ski/master/scripts/install.sh | sh
Quick Start
Adopt a shared skill in one repo:
ski init --target claude
ski add git:https://github.com/anthropics/skills.git --skill skill-creator
ski add is the first-time workflow: it updates ski.toml, resolves and writes ski.lock.json, fetches the skill into the store, and copies it into the configured targets.
Use ski install later to restore skills from ski.toml and ski.lock.json, for example in a fresh clone.
Notes
- Use
skionly with skill repositories you have verified and trust. ski addis for first-time add + lock + install.ski installrestores fromski.tomlandski.lock.json.- Local installs write into the project. Use
-gfor global manifest and global target directories. - Use
ski disable <skill>to keep tracking a skill without installing it into targets. Useski enable <skill>to restore it later.
Docs
- docs/usage.md — usage patterns, targets, refs, and troubleshooting
- SPEC.md — file formats, schemas, and adapter interfaces
- ARCHITECTURE.md — internal design and Go layout
- DECISIONS.md — design decisions and rationale
Status
- git repositories as skill sources
- local and global scope
init,add,install,remove,update,list,info,enable,disable, anddoctor
Limitations
- Git-only sources
- Trust is manual
- No Windows support
Commands
ski init [-g]
ski add [-g] [--target target]... <source>
ski enable [-g] <skill>
ski disable [-g] <skill>
ski install [-g]
ski list [-g]
ski info [-g] <skill>
ski doctor [-g] [--fix]
ski update [-g] [skill]
ski remove [-g] [--target target]... <skill>
ski version
Build
make build # local dev build; `ski version` prints `dev`
make release VERSION=0.2.1
Test
make test
Author
License
GPL-3.0. See LICENSE.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found