skills-ws 1.1.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +53 -14
- package/SECURITY.md +45 -0
- package/package.json +17 -4
package/README.md
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
# skills-ws
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
58 agent skills for AI coding assistants. Built for [OpenClaw](https://docs.openclaw.ai), Claude Code, Cursor, and Codex.
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
**Website:** [skills.ws](https://skills.ws)
|
|
6
|
+
**npm:** [npmjs.com/package/skills-ws](https://www.npmjs.com/package/skills-ws)
|
|
7
|
+
**Source:** [github.com/san-npm/skills-ws](https://github.com/san-npm/skills-ws)
|
|
6
8
|
|
|
7
9
|
## Install
|
|
8
10
|
|
|
@@ -15,22 +17,59 @@ npx skills-ws list # list available skills
|
|
|
15
17
|
|
|
16
18
|
## What are skills?
|
|
17
19
|
|
|
18
|
-
Skills are SKILL.md files that give AI coding assistants specialized knowledge — workflows, checklists, code patterns, and domain expertise. Drop them into your project and your AI gets smarter.
|
|
20
|
+
Skills are `SKILL.md` files that give AI coding assistants specialized knowledge — workflows, checklists, code patterns, and domain expertise. Drop them into your project and your AI gets smarter.
|
|
19
21
|
|
|
20
|
-
|
|
22
|
+
Each skill follows a standard format:
|
|
21
23
|
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
-
|
|
25
|
-
|
|
24
|
+
```markdown
|
|
25
|
+
---
|
|
26
|
+
name: seo-geo
|
|
27
|
+
description: "SEO & GEO optimization for websites..."
|
|
28
|
+
---
|
|
26
29
|
|
|
27
|
-
|
|
30
|
+
# SEO & GEO Optimization
|
|
28
31
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
32
|
+
## Initial Assessment
|
|
33
|
+
...
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
## Categories (58 skills)
|
|
37
|
+
|
|
38
|
+
- **Marketing** — SEO/GEO, content strategy, copywriting, paid ads, email sequences, PR/media, influencer marketing, brand strategy, webinar/events, blog engine
|
|
39
|
+
- **Dev** — Git workflow, CI/CD pipelines, API design, database design, testing strategy, web performance, security hardening, prompt engineering, AI agent design
|
|
40
|
+
- **Growth** — Social media, community building, customer feedback, business development, cold outreach, competitor intelligence, affiliate marketing, customer acquisition
|
|
41
|
+
- **Conversion** — Landing pages, signup flows, popups, A/B testing, pricing optimization, lead scoring, CRO, sales funnels, paywall/upgrade
|
|
42
|
+
- **Analytics** — Google Analytics, Search Console, Bing Webmaster, Yandex, data analytics, data management, retention analytics
|
|
43
|
+
- **Operations** — EU legal compliance (GDPR, AI Act, DSA), hiring/team building, project management, CRM, accounting, revenue ops
|
|
44
|
+
- **Design** — UI/UX Pro Max, landing page builder, ASCII banner
|
|
45
|
+
|
|
46
|
+
## Compatible agents
|
|
47
|
+
|
|
48
|
+
| Agent | Skill directory |
|
|
49
|
+
|-------|----------------|
|
|
50
|
+
| Claude Code | `.claude/skills/` |
|
|
51
|
+
| OpenClaw | `~/openclaw/skills/` |
|
|
52
|
+
| Cursor | `.cursor/skills/` |
|
|
53
|
+
| Codex | `.codex/skills/` |
|
|
54
|
+
| Any SKILL.md agent | `./skills/` |
|
|
55
|
+
|
|
56
|
+
## Supply chain security
|
|
57
|
+
|
|
58
|
+
- **Zero dependencies** — no `node_modules`, no transitive risk
|
|
59
|
+
- **No eval/exec patterns** — no code execution at runtime
|
|
60
|
+
- **Environment-only credentials** — API keys via env vars only, never hardcoded
|
|
61
|
+
- **VirusTotal scanned** — every skill checked for malware
|
|
62
|
+
- **Build provenance** — published with npm provenance attestation via GitHub Actions
|
|
63
|
+
- **Source available** — full source on GitHub, audit anytime
|
|
64
|
+
- **Sigstore transparency** — builds logged to public transparency ledger
|
|
65
|
+
|
|
66
|
+
## GEO (Generative Engine Optimization)
|
|
67
|
+
|
|
68
|
+
This package includes AI-crawler-friendly files:
|
|
69
|
+
- [`/llms.txt`](https://skills.ws/llms.txt) — concise skill index
|
|
70
|
+
- [`/llms-full.txt`](https://skills.ws/llms-full.txt) — full SKILL.md content for all skills
|
|
71
|
+
- [`/robots.txt`](https://skills.ws/robots.txt) — allows GPTBot, ClaudeBot, PerplexityBot, etc.
|
|
33
72
|
|
|
34
73
|
## License
|
|
35
74
|
|
|
36
|
-
MIT — Commit Media SARL
|
|
75
|
+
MIT — [Commit Media SARL](https://openletz.com)
|
package/SECURITY.md
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
# Security Policy
|
|
2
|
+
|
|
3
|
+
## Supported Versions
|
|
4
|
+
|
|
5
|
+
| Version | Supported |
|
|
6
|
+
|---------|-----------|
|
|
7
|
+
| 1.x | ✅ Current |
|
|
8
|
+
| < 1.0 | ❌ No longer supported |
|
|
9
|
+
|
|
10
|
+
## Reporting a Vulnerability
|
|
11
|
+
|
|
12
|
+
If you discover a security vulnerability in skills-ws, please report it responsibly:
|
|
13
|
+
|
|
14
|
+
**Email:** bob@openletz.com
|
|
15
|
+
**Subject:** `[SECURITY] skills-ws: <brief description>`
|
|
16
|
+
|
|
17
|
+
Please include:
|
|
18
|
+
- Description of the vulnerability
|
|
19
|
+
- Steps to reproduce
|
|
20
|
+
- Potential impact
|
|
21
|
+
- Suggested fix (if any)
|
|
22
|
+
|
|
23
|
+
We will acknowledge receipt within 48 hours and provide a timeline for a fix.
|
|
24
|
+
|
|
25
|
+
**Do NOT open a public GitHub issue for security vulnerabilities.**
|
|
26
|
+
|
|
27
|
+
## Security Model
|
|
28
|
+
|
|
29
|
+
- **Zero runtime dependencies** — no supply chain risk from third-party packages
|
|
30
|
+
- **No code execution** — skills are markdown files (SKILL.md), not executable code
|
|
31
|
+
- **No eval/exec patterns** — the CLI copies files only, never evaluates content
|
|
32
|
+
- **Environment-only credentials** — skills that reference API keys use environment variables exclusively
|
|
33
|
+
- **VirusTotal scanned** — all skill files are periodically scanned
|
|
34
|
+
- **Build provenance** — npm packages are published with Sigstore provenance attestation
|
|
35
|
+
|
|
36
|
+
## Scope
|
|
37
|
+
|
|
38
|
+
This policy covers:
|
|
39
|
+
- The `skills-ws` npm package
|
|
40
|
+
- The CLI tool (`npx skills-ws`)
|
|
41
|
+
- Skill content in `skills/` directory
|
|
42
|
+
|
|
43
|
+
This policy does NOT cover:
|
|
44
|
+
- Third-party tools referenced in skill documentation (e.g., Google Analytics, VirusTotal)
|
|
45
|
+
- User-modified skill files after installation
|
package/package.json
CHANGED
|
@@ -1,11 +1,18 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "skills-ws",
|
|
3
|
-
"version": "1.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "1.2.0",
|
|
4
|
+
"description": "58 agent skills for AI coding assistants — marketing, dev, growth, analytics, conversion, operations. Built for OpenClaw, Claude Code, Cursor, and Codex.",
|
|
5
5
|
"bin": {
|
|
6
6
|
"skills-ws": "./bin/cli.mjs"
|
|
7
7
|
},
|
|
8
|
-
"keywords": [
|
|
8
|
+
"keywords": [
|
|
9
|
+
"ai", "skills", "agents", "SKILL.md",
|
|
10
|
+
"claude-code", "openclaw", "cursor", "codex",
|
|
11
|
+
"seo", "marketing", "growth", "analytics", "cro",
|
|
12
|
+
"prompt-engineering", "ai-agents",
|
|
13
|
+
"security", "api-design", "cicd",
|
|
14
|
+
"eu-compliance", "gdpr"
|
|
15
|
+
],
|
|
9
16
|
"author": "Commit Media <bob@openletz.com> (https://openletz.com)",
|
|
10
17
|
"license": "MIT",
|
|
11
18
|
"repository": {
|
|
@@ -13,5 +20,11 @@
|
|
|
13
20
|
"url": "https://github.com/san-npm/skills-ws"
|
|
14
21
|
},
|
|
15
22
|
"homepage": "https://skills.ws",
|
|
16
|
-
"
|
|
23
|
+
"bugs": {
|
|
24
|
+
"url": "https://github.com/san-npm/skills-ws/issues"
|
|
25
|
+
},
|
|
26
|
+
"files": ["bin/", "skills/", "README.md", "LICENSE", "SECURITY.md"],
|
|
27
|
+
"engines": {
|
|
28
|
+
"node": ">=18"
|
|
29
|
+
}
|
|
17
30
|
}
|