Free, private, vetted skill search for AI agents
Skill Federation finds the right skill the moment your agent needs one — from a 100,000-skill, vetted catalog. No browsing, no vetting, no guessing. It runs privately, on your machine.
The way it works today
public skill files on GitHub within months of the standard — no licensing checks, no provenance, no evals. You're picking by star count and hoping.
// today's skill workflow
How it works
It writes an abstract wish for the skill it needs — never your code, plan, or data.
Returns the best matches in milliseconds, each license-clean, security-checked, and provenance-tracked.
The skill installs into .claude/skills/ and runs privately, on your machine.
Does it actually help?
| Condition | What the agent gets | Success |
|---|---|---|
| No skill | bare Claude Code (Opus 4.6) | 17.5% |
| Skill Federation | top skill retrieved from the wild catalog | 22.8% |
| Oracle | the task's own hand-written skill — an unreachable upper bound | 36.8% |
That's a ~30% relative jump — and it closes ~27% of the gap to the oracle: the ideal skill hand-written for each task, which Skill Federation never gets to see.
The hard part isn't handing an agent a skill you already know it needs. It's a task calling for some specific skill nobody flagged in advance — and Skill Federation surfacing a genuinely useful one from a huge, noisy public catalog that holds no purpose-built answer.
// SkillsBench · retrieval from a 26,629-skill snapshot with the answer skills removed
Private by design
Only an abstract wish — a one-line description, a few vocabulary-varied paraphrases, and 1–5 keywords.
Your plan, brief, file contents, outputs, or reasoning trace. None of it is ever sent.
Every match shows its license class, provenance, source, and any security flags. You approve each install. Local-first — your edits are never silently overwritten.
Security · teams & enterprise
One governed catalog for the whole fleet — like an artifact registry, but for skills. Pre-scanned, never pulled live from the wild repo.
One source of truth every engineer pulls from — instead of a hundred private copies of a random SKILL.md. At ingestion each candidate is copied, deduped, and scanned; only passing skills are promoted. The source link is provenance, not where the skill is fetched from.
Every candidate is best-effort scanned by Cisco AI Defense (YARA, bytecode, command-taint, dataflow, LLM-as-judge, VirusTotal) and NVIDIA SkillSpector (LLM analysis + live OSV.dev CVE lookups, 0–100 risk score). High/critical findings are rejected or routed to manual review before promotion.
RBAC, version lineage, and a private fork that never leaves your perimeter — the same vetted shelf for everyone, and you can see exactly what's running where.
🚨 NVIDIA scanned 42,447 public skills: 26.1% carried a vulnerability, 5.2% were likely malicious — and a skill runs with your agent's full permissions. Scanning is best-effort (“no findings ≠ no risk”); nothing installs without your approval.
Get started
Node · npm
$ npx skillfed
Python · uv
$ uvx skillfed
or pipx run skillfed
No Node or Python? Just ask Claude Code to install the curl version for you:
Install the Skill Federation /skillfed finder from
github.com/skill-federation/skill-federation — run its curl installer
(install.ps1 on Windows, install.sh on macOS/Linux), then tell me to
restart Claude Code.
Then restart Claude Code and run /skillfed <what you're trying to do> — or just approve a plan and the finder offers itself.
Free. Native — needs only curl.