skill-check 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +360 -0
  3. package/bin/skill-check.js +11 -0
  4. package/dist/cli/main.d.ts +5 -0
  5. package/dist/cli/main.js +724 -0
  6. package/dist/core/agent-scan.d.ts +19 -0
  7. package/dist/core/agent-scan.js +88 -0
  8. package/dist/core/allowlist.d.ts +1 -0
  9. package/dist/core/allowlist.js +8 -0
  10. package/dist/core/analyze.d.ts +6 -0
  11. package/dist/core/analyze.js +72 -0
  12. package/dist/core/artifact.d.ts +2 -0
  13. package/dist/core/artifact.js +33 -0
  14. package/dist/core/baseline.d.ts +8 -0
  15. package/dist/core/baseline.js +17 -0
  16. package/dist/core/config.d.ts +2 -0
  17. package/dist/core/config.js +215 -0
  18. package/dist/core/defaults.d.ts +6 -0
  19. package/dist/core/defaults.js +34 -0
  20. package/dist/core/discovery.d.ts +2 -0
  21. package/dist/core/discovery.js +46 -0
  22. package/dist/core/duplicates.d.ts +2 -0
  23. package/dist/core/duplicates.js +60 -0
  24. package/dist/core/errors.d.ts +4 -0
  25. package/dist/core/errors.js +8 -0
  26. package/dist/core/fix.d.ts +11 -0
  27. package/dist/core/fix.js +172 -0
  28. package/dist/core/formatters.d.ts +4 -0
  29. package/dist/core/formatters.js +182 -0
  30. package/dist/core/frontmatter.d.ts +7 -0
  31. package/dist/core/frontmatter.js +39 -0
  32. package/dist/core/github-formatter.d.ts +2 -0
  33. package/dist/core/github-formatter.js +10 -0
  34. package/dist/core/html-report.d.ts +3 -0
  35. package/dist/core/html-report.js +320 -0
  36. package/dist/core/interactive-fix.d.ts +9 -0
  37. package/dist/core/interactive-fix.js +22 -0
  38. package/dist/core/links.d.ts +17 -0
  39. package/dist/core/links.js +94 -0
  40. package/dist/core/open-browser.d.ts +6 -0
  41. package/dist/core/open-browser.js +20 -0
  42. package/dist/core/plugins.d.ts +2 -0
  43. package/dist/core/plugins.js +41 -0
  44. package/dist/core/quality-score.d.ts +14 -0
  45. package/dist/core/quality-score.js +55 -0
  46. package/dist/core/report.d.ts +2 -0
  47. package/dist/core/report.js +26 -0
  48. package/dist/core/rule-engine.d.ts +2 -0
  49. package/dist/core/rule-engine.js +52 -0
  50. package/dist/core/sarif.d.ts +2 -0
  51. package/dist/core/sarif.js +48 -0
  52. package/dist/index.d.ts +11 -0
  53. package/dist/index.js +8 -0
  54. package/dist/rules/core/body.d.ts +2 -0
  55. package/dist/rules/core/body.js +39 -0
  56. package/dist/rules/core/description.d.ts +2 -0
  57. package/dist/rules/core/description.js +66 -0
  58. package/dist/rules/core/file.d.ts +2 -0
  59. package/dist/rules/core/file.js +26 -0
  60. package/dist/rules/core/frontmatter.d.ts +2 -0
  61. package/dist/rules/core/frontmatter.js +124 -0
  62. package/dist/rules/core/index.d.ts +2 -0
  63. package/dist/rules/core/index.js +12 -0
  64. package/dist/rules/core/links.d.ts +2 -0
  65. package/dist/rules/core/links.js +54 -0
  66. package/dist/types.d.ts +92 -0
  67. package/dist/types.js +1 -0
  68. package/package.json +82 -0
  69. package/schemas/config.schema.json +53 -0
  70. package/skills/skill-check/SKILL.md +76 -0
package/schemas/config.schema.json ADDED
@@ -0,0 +1,53 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://skill-check.dev/schemas/config.schema.json",
4
+ "title": "skill-check config",
5
+ "type": "object",
6
+ "properties": {
7
+ "roots": {
8
+ "type": "array",
9
+ "items": { "type": "string" }
10
+ },
11
+ "include": {
12
+ "type": "array",
13
+ "items": { "type": "string" }
14
+ },
15
+ "exclude": {
16
+ "type": "array",
17
+ "items": { "type": "string" }
18
+ },
19
+ "limits": {
20
+ "type": "object",
21
+ "properties": {
22
+ "maxDescriptionChars": { "type": "integer", "minimum": 1 },
23
+ "maxBodyLines": { "type": "integer", "minimum": 1 },
24
+ "minDescriptionChars": { "type": "integer", "minimum": 0 },
25
+ "maxBodyTokens": { "type": "integer", "minimum": 1 }
26
+ },
27
+ "additionalProperties": false
28
+ },
29
+ "rules": {
30
+ "type": "object",
31
+ "additionalProperties": {
32
+ "enum": ["off", "warn", "error"]
33
+ }
34
+ },
35
+ "allowlist": {
36
+ "type": "array",
37
+ "items": { "type": "string" }
38
+ },
39
+ "plugins": {
40
+ "type": "array",
41
+ "items": { "type": "string" }
42
+ },
43
+ "output": {
44
+ "type": "object",
45
+ "properties": {
46
+ "format": { "enum": ["text", "json", "sarif", "html", "github"] },
47
+ "reportPath": { "type": "string" }
48
+ },
49
+ "additionalProperties": false
50
+ }
51
+ },
52
+ "additionalProperties": false
53
+ }
package/skills/skill-check/SKILL.md ADDED
@@ -0,0 +1,76 @@
1
+ ---
2
+ name: skill-check
3
+ description: Use when the user wants to validate, lint, or audit agent skill files (SKILL.md). Use when they say "validate these skills," "check this repo's skills," "lint SKILL.md files," or "audit skills in [repo URL]." Run skill-check locally or against a cloned GitHub repo and summarize findings.
4
+ ---
5
+
6
+ # skill-check
7
+
8
+ Validate agent skill files (SKILL.md) using the skill-check tool. Support both local paths and GitHub repos.
9
+
10
+ ## Installation
11
+
12
+ Ensure skill-check is available before running checks:
13
+
14
+ - **No install (recommended for one-off or agent use):** `npx skill-check` — uses npm to run the latest version; requires Node.js and network on first run.
15
+ - **Global install (curl):** `curl -fsSL https://raw.githubusercontent.com/thedaviddias/skill-check/main/scripts/install.sh | bash` — installs a global `skill-check` binary.
16
+ - **Homebrew:** `brew tap thedaviddias/skill-check https://github.com/thedaviddias/skill-check` then `brew install skill-check`.
17
+
18
+ If the user has not installed skill-check, use `npx skill-check` so no prior install is needed. To confirm the tool is available, run `npx skill-check rules` and expect a list of built-in rule IDs.
19
+
20
+ ## When to use
21
+
22
+ - User asks to validate, lint, or check skill files
23
+ - User provides a local path (e.g. `~/.cursor/skills`, `./skills`, or a repo root)
24
+ - User provides a GitHub repo URL and wants skills in that repo validated
25
+
26
+ ## Local validation
27
+
28
+ 1. Run skill-check against the given path:
29
+ - Quick lint only: `npx skill-check check <path> --no-security-scan --format json`
30
+ - Full check (includes security scan): `npx skill-check check <path> --format json`
31
+ 2. Parse the JSON output to get diagnostics (ruleId, severity, message, file, line).
32
+ 3. Summarize results for the user: number of skills found, errors vs warnings, and any suggested fixes.
33
+
34
+ Use `--format json` when you need to parse output programmatically. Use default text format when showing output directly to the user.
35
+
36
+ ## GitHub repo validation
37
+
38
+ 1. Clone the repo shallowly into a temp directory, e.g. `git clone --depth 1 <url> /tmp/skill-check-<short-hash>` (or use a system temp path).
39
+ 2. Run `npx skill-check check /tmp/skill-check-<hash>` (with `--format json` if you will parse results).
40
+ 3. Report findings to the user.
41
+ 4. Remove the temp directory when done.
42
+
43
+ ## Commands reference
44
+
45
+ - `npx skill-check check [path]` — run validation (+ optional security scan). Default path is `.`
46
+ - `npx skill-check check [path] --no-security-scan` — lint only, skip security scan
47
+ - `npx skill-check check [path] --format json` — machine-readable output with quality scores
48
+ - `npx skill-check check [path] --format github` — GitHub Actions `::error` / `::warning` annotations
49
+ - `npx skill-check check [path] --format html --no-open` — self-contained HTML report
50
+ - `npx skill-check check [path] --fix` — auto-fix supported findings
51
+ - `npx skill-check check [path] --fix --interactive` — prompt before each fix (TTY only)
52
+ - `npx skill-check check [path] --baseline baseline.json` — compare against previous run
53
+ - `npx skill-check new <name>` — scaffold a new skill directory
54
+ - `npx skill-check watch [path]` — re-run on file changes
55
+ - `npx skill-check diff <pathA> <pathB>` — compare diagnostics between two directories
56
+ - `npx skill-check rules` — list all built-in rules with severity and fixable status
57
+ - `npx skill-check rules <id>` — show detail for a specific rule
58
+ - `npx skill-check report [path]` — generate a markdown health report
59
+
60
+ ## Interpreting results
61
+
62
+ - **error** — spec or rule violation; should be fixed.
63
+ - **warn** — recommendation; may be acceptable depending on context.
64
+ - **suggestion** — every diagnostic includes an actionable suggestion text.
65
+ - **quality score** — 0-100 per skill, weighted across frontmatter (30%), description (30%), body (20%), links (10%), file (10%).
66
+ - **duplicates** — `duplicates.name` / `duplicates.description` warnings when multiple skills share the same name or description.
67
+ - Exit code 0 means no errors; non-zero means validation failed or security scan found issues.
68
+
69
+ ## Testing this skill
70
+
71
+ To verify this skill and the skill-check CLI work:
72
+
73
+ 1. **Check CLI is available:** Run `npx skill-check rules`. You should see a list of built-in rules (e.g. `frontmatter.required`, `body.max_tokens`, etc.).
74
+ 2. **Validate this repo's skills:** From the skill-check repo root, run `npx skill-check check skills/ --no-security-scan`. Expect one skill (`skills/skill-check/SKILL.md`) and zero diagnostics (PASS).
75
+ 3. **Scaffold a test skill:** Run `npx skill-check new test-skill --dir /tmp`. Verify `/tmp/test-skill/SKILL.md` was created, then `npx skill-check check /tmp/test-skill --no-security-scan` should pass.
76
+ 4. **Optional — validate with security scan:** Run `npx skill-check check skills/` (no `--no-security-scan`). Requires `mcp-scan` or `uv`/`pipx` for the security scan step.