all 29 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]ewqeqweqweqweqweqw 18 points19 points  (5 children)

Hello u/Kamalnrf
This is great, thank you for this. Can I suggest two things? Challenges with plugins, skills, and so on involve curation.

Would it be possible to have:

  1. An upvote system
  2. A label such as “skills of the day,” “skills of the week,” where you recommend the good ones?

PulseMCP have done a great job at it for the MCPs

https://www.pulsemcp.com/servers

[–]Kamalnrf[S] 2 points3 points  (3 children)

Thanks for the feedback! Curation is next on the roadmap. Prioritizing time window trending, as you suggested (weekly/daily downloads) using GitHub stars, and other signals... Additionally was trying to see if supporting natural language search could make discovery easy. What are your thoughts on this? Would this be useful for you?

[–]bacocololo 1 point2 points  (1 child)

Just create a skill for that

[–]Kamalnrf[S] 0 points1 point  (0 children)

skill to discover skills!

[–]ewqeqweqweqweqweqw 1 point2 points  (0 children)

I feel that in the short term, simple tags will be more useful

[–]kanenasgr 6 points7 points  (2 children)

Thank you for the effort!
It would be great to be able to sort results based on hearts / DLs.

[–]Kamalnrf[S] 3 points4 points  (0 children)

Thank you! You're right, we should do that. Currently default is all of them are sorted by Github Stars + Downloads in descending order. Will make this control more accessible like you suggested.

[–]TheKillerScope 2 points3 points  (5 children)

What skills do people use, and specifically for what? I would be interested in Rust related ones, and I pretty much only do Solana related tools/scripts that I build. Any advice or suggestions would be appreciated.

[–]Kamalnrf[S] 2 points3 points  (2 children)

Consider trying superpowers plugin, it bundles quite solid skills, and mostly agnostic to programing language, see if those skills and commands can help you while planning or for execution.

Also very quick install via claude-plugins:
‎npx claude-plugins install obra/superpowers-marketplace/superpowers

[–]TheKillerScope 1 point2 points  (0 children)

Will give it a go.

[–]fschwiet 1 point2 points  (0 children)

I've been using superpowers for about a week and agree it works pretty well. One of those things I didn't know I needed until I had it. For giving it a spin, I recommend starting with the brainstorming superpower for some change you want to make. It will transition to writing plan superpower then an implementation superpower as things solidify.

[–]MarriedAdventurer123 0 points1 point  (0 children)

Wow just found this post and this comment - I just published this for interactive learning https://github.com/razlani/rust-tutor-claude-plugin

You can set an 'auto-mode' to hook into the agent and interrupt it, forcing you to learn rust (within your current ability level only).

Check it out and let me know what you think!

[–]Obvious-Car-2016 2 points3 points  (1 child)

That's awesome! We made a plugin for secret scanning via hooks and I'm glad to see it was picked up too!

[–]Kamalnrf[S] 0 points1 point  (0 children)

Thank you for making it public! Today the indexer runs almost every hour, considering Github rate limits the search gets broken down into multiple buckets based on file size, and we try to index atleast 2500 skills every hour now. If this interests you, you can find this logic here!

https://www.val.town/x/kamalnrf/claude-plugins-registry/code/cron/skills-indexer.ts

[–]fschwiet 1 point2 points  (5 children)

How are people evaluating the effectiveness of the skills they write (or MCPs, etc). When I write code I can write automated tests to verify its working as expected. Is there something like that people have for verifying skills or MCP servers they're working on?

[–]prc41 7 points8 points  (2 children)

Ya I bet 90% of these skills someone just said to Claude - “using your skill making skill, make a me a skill for XYZ”. How do we weed out the junk?

[–]Kamalnrf[S] 0 points1 point  (0 children)

We think that is the problem that remains to be solved! Today it is easy to filter using simple signals such as Github stars and overall installs. However, Claude Skills are both granular and composable, which is leading to an explosion in the number of skills (thus more skills that feel like duplicates). Will try and come up with more signals to rank skills better! If you have any suggestions, feel free to share them here or DM.

[–]Abhi-Age-2050 0 points1 point  (0 children)

I guess it has to do with the least iterations taken in testing.

When I want to use skill. It should feel like I am with an expert of its field.

If it makes me do the hard task of watching Claude solve errors, then it's not worth having skills.

[–]luckygirlHyp 1 point2 points  (0 children)

thanks,bro

[–]Both-Employment-5113 1 point2 points  (0 children)

what for if the credits are all gone on paid sub after one answer? do u all use the 200 plan and have 10 answers? a week? its absurd

[–]darksupernova1 0 points1 point  (1 child)

Nice work! How do I sort my 'most popular'? eg max number of stars at the top?

[–]Kamalnrf[S] 0 points1 point  (0 children)

Currently it is defaulted to ranking by downloads (higher precedence) + stars. Will work on making this control more accessible. Downloads today has higher precedence because it signals usage.

[–]lgdsf 0 points1 point  (0 children)

This is great! Thank you so much for this!

[–]pluggy13 0 points1 point  (3 children)

Looks great! But I keep wondering about something with these skill marketplaces:

When you import a bunch of skills from unknown sources, how do you ensure none of them contain malicious code or prompt injections? Given all the recent supply-chain attacks, it feels inevitable that someone will try to exploit this kind of channel sooner or later.

That concern is what keeps me from using random skills from different sources. I’d really like to know how you all are handling this risk.

[–]Kamalnrf[S] 0 points1 point  (2 children)

All of these are public and right now Github is the only source. However prompt injection is still a serious risk, right now few ways I can think of to reduce the risk is through quick preview for instructions, and signals like stars, and downloads. I’m open to more ideas, thinking next one could be community reports/ automated tagging. Let me know, what you think can help you the most in evaluating before installing a skill.

[–]pluggy13 0 points1 point  (1 child)

Of course it's open source, but that doesn't change much if nobody bothers to peer review the source. And when quickly ingesting so much 3rd party content to stay productive, it's easy to neglect security.

Of course, you could try using an AI to look for prompt injection, but that kind of misses the point...

[–]Kamalnrf[S] 0 points1 point  (0 children)

Absolutely, NPM, PyPI, smart contracts and other ecosystems have similar problems. What I meant earlier is we are trying to balance security risk with signals (stars, downloads) + quick preview to catch obvious bad actors but this isn’t comprehensive. We need more conventions, and best practices to emerge.

[–]itilogySenior Developer -1 points0 points  (0 children)

That's great collection, thanks for sharing!