vskill 0.1.2 → 0.1.4

package/dist/commands/add-blocklist-e2e.test.js

@@ -0,0 +1,390 @@
+// ---------------------------------------------------------------------------
+// E2E integration tests: vskill add with blocklist enforcement
+//
+// Tests the FULL error output chain when a user tries to install
+// known-malicious skills from the ClawHub research. Verifies:
+//   1. Installation is REFUSED with exit code 1
+//   2. Error message shows exact threat type, severity, and reason
+//   3. --force override shows prominent WARNING box with full details
+//   4. Tier 1 scan is NEVER reached for blocked skills (without --force)
+// ---------------------------------------------------------------------------
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+// ---------------------------------------------------------------------------
+// Mocks
+// ---------------------------------------------------------------------------
+const mockMkdirSync = vi.fn();
+const mockWriteFileSync = vi.fn();
+const mockReadFileSync = vi.fn();
+const mockExistsSync = vi.fn();
+const mockCpSync = vi.fn();
+const mockChmodSync = vi.fn();
+const mockReaddirSync = vi.fn();
+const mockStatSync = vi.fn();
+vi.mock("node:fs", () => ({
+    mkdirSync: (...args) => mockMkdirSync(...args),
+    writeFileSync: (...args) => mockWriteFileSync(...args),
+    readFileSync: (...args) => mockReadFileSync(...args),
+    existsSync: (...args) => mockExistsSync(...args),
+    cpSync: (...args) => mockCpSync(...args),
+    chmodSync: (...args) => mockChmodSync(...args),
+    readdirSync: (...args) => mockReaddirSync(...args),
+    statSync: (...args) => mockStatSync(...args),
+    copyFileSync: vi.fn(),
+}));
+vi.mock("node:path", async () => {
+    const actual = await vi.importActual("node:path");
+    return { ...actual, join: (...args) => actual.join(...args) };
+});
+const mockDigest = vi.fn().mockReturnValue("abcdef123456xxxx");
+const mockUpdate = vi.fn().mockReturnValue({ digest: mockDigest });
+vi.mock("node:crypto", () => ({
+    createHash: () => ({ update: mockUpdate }),
+}));
+const mockDetectInstalledAgents = vi.fn();
+vi.mock("../agents/agents-registry.js", () => ({
+    detectInstalledAgents: (...args) => mockDetectInstalledAgents(...args),
+}));
+const mockEnsureLockfile = vi.fn();
+const mockWriteLockfile = vi.fn();
+vi.mock("../lockfile/index.js", () => ({
+    ensureLockfile: (...args) => mockEnsureLockfile(...args),
+    writeLockfile: (...args) => mockWriteLockfile(...args),
+}));
+const mockRunTier1Scan = vi.fn();
+vi.mock("../scanner/index.js", () => ({
+    runTier1Scan: (...args) => mockRunTier1Scan(...args),
+}));
+const mockCheckPlatformSecurity = vi.fn();
+vi.mock("../security/index.js", () => ({
+    checkPlatformSecurity: (...args) => mockCheckPlatformSecurity(...args),
+}));
+// ---- REAL blocklist module (not mocked!) ----
+// We mock only the filesystem layer so checkBlocklist reads from our test cache.
+// The blocklist module itself runs its real logic.
+// Mock output utilities to capture colored output as plain text
+vi.mock("../utils/output.js", () => ({
+    bold: (s) => s,
+    green: (s) => s,
+    red: (s) => s,
+    yellow: (s) => s,
+    dim: (s) => s,
+    cyan: (s) => s,
+    spinner: () => ({ stop: vi.fn() }),
+}));
+const { addCommand } = await import("./add.js");
+// ---------------------------------------------------------------------------
+// Seed data cache — same data that the API would return
+// ---------------------------------------------------------------------------
+const SEED_CACHE = {
+    entries: [
+        {
+            skillName: "Clawhub",
+            sourceUrl: "https://github.com/hightower6eu/Clawhub",
+            sourceRegistry: "clawhub",
+            threatType: "platform-impersonation",
+            severity: "critical",
+            reason: "Impersonates the ClawHub/GitHub platform to trick users into running malicious code",
+            evidenceUrls: ["https://snyk.io/blog/toxicskills-mcp-exploit"],
+            discoveredAt: "2025-12-01T00:00:00.000Z",
+        },
+        {
+            skillName: "polymarket-traiding-bot",
+            sourceUrl: "https://github.com/Aslaep123/polymarket-traiding-bot",
+            sourceRegistry: "clawhub",
+            threatType: "credential-theft",
+            severity: "critical",
+            reason: "Base64-encoded credential exfiltration via hidden HTTP requests",
+            evidenceUrls: ["https://snyk.io/blog/toxicskills-mcp-exploit"],
+            discoveredAt: "2025-12-01T00:00:00.000Z",
+        },
+        {
+            skillName: "Skills Auto-Updater",
+            sourceUrl: "https://github.com/hightower6eu/skills-auto-updater",
+            sourceRegistry: "clawhub",
+            threatType: "auto-updater-trojan",
+            severity: "high",
+            reason: "Auto-updater trojan that downloads and executes malicious payloads",
+            evidenceUrls: ["https://snyk.io/blog/toxicskills-mcp-exploit"],
+            discoveredAt: "2025-12-01T00:00:00.000Z",
+        },
+        {
+            skillName: "google-qx4",
+            sourceUrl: "https://github.com/aztr0nutzs/google-qx4",
+            sourceRegistry: "clawhub",
+            threatType: "prompt-injection",
+            severity: "critical",
+            reason: "Prompt injection via fake Google integration skill",
+            evidenceUrls: ["https://www.aikido.dev/blog/malicious-mcp-servers"],
+            discoveredAt: "2025-12-01T00:00:00.000Z",
+        },
+        {
+            skillName: "clawhud",
+            sourceUrl: "https://github.com/zaycv/clawhud",
+            sourceRegistry: "clawhub",
+            threatType: "typosquatting",
+            severity: "high",
+            reason: "Typosquatting ClawHub (clawhud vs clawhub) to mislead users",
+            evidenceUrls: ["https://www.aikido.dev/blog/malicious-mcp-servers"],
+            discoveredAt: "2025-12-01T00:00:00.000Z",
+        },
+    ],
+    count: 5,
+    lastUpdated: "2026-02-19T00:00:00Z",
+    fetchedAt: new Date().toISOString(),
+    etag: '"seed"',
+};
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function setupBlocklistCache() {
+    // The blocklist module reads from ~/.vskill/blocklist.json
+    // We intercept existsSync and readFileSync to serve our seed cache
+    const originalExistsSync = mockExistsSync.getMockImplementation();
+    mockExistsSync.mockImplementation((p) => {
+        if (p.includes("blocklist.json"))
+            return true;
+        if (originalExistsSync)
+            return originalExistsSync(p);
+        return false;
+    });
+    const originalReadFileSync = mockReadFileSync.getMockImplementation();
+    mockReadFileSync.mockImplementation((p, ...args) => {
+        if (p.includes("blocklist.json"))
+            return JSON.stringify(SEED_CACHE);
+        if (originalReadFileSync)
+            return originalReadFileSync(p, ...args);
+        return "";
+    });
+}
+function collectOutput(spy) {
+    return spy.mock.calls.map((c) => String(c[0])).join("\n");
+}
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+const originalFetch = globalThis.fetch;
+beforeEach(() => {
+    vi.clearAllMocks();
+    vi.spyOn(console, "log").mockImplementation(() => { });
+    vi.spyOn(console, "error").mockImplementation(() => { });
+    mockCheckPlatformSecurity.mockResolvedValue(null);
+    // Mock fetch for GitHub path (fetching SKILL.md)
+    globalThis.fetch = vi.fn().mockResolvedValue({
+        ok: true,
+        text: async () => "# Safe Skill\nNormal content",
+        json: async () => ({ entries: [], count: 0, lastUpdated: null }),
+        headers: { get: () => null },
+    });
+    setupBlocklistCache();
+});
+afterEach(() => {
+    globalThis.fetch = originalFetch;
+});
+// ============================================================================
+// 1. GitHub path — blocking with exact error details
+// ============================================================================
+describe("E2E: vskill add blocks ClawHub malicious skills (GitHub path)", () => {
+    it("refuses to install hightower6eu's Clawhub with full threat details", async () => {
+        const mockExit = vi
+            .spyOn(process, "exit")
+            .mockImplementation(() => {
+            throw new Error("process.exit");
+        });
+        await expect(addCommand("hightower6eu/Clawhub", {})).rejects.toThrow("process.exit");
+        const errorOutput = collectOutput(console.error);
+        // Must show BLOCKED status
+        expect(errorOutput).toContain("BLOCKED");
+        // Must show the exact skill name
+        expect(errorOutput).toContain("Clawhub");
+        // Must show the threat type
+        expect(errorOutput).toContain("platform-impersonation");
+        // Must show the severity
+        expect(errorOutput).toContain("critical");
+        // Must show the reason WHY
+        expect(errorOutput).toContain("Impersonates the ClawHub");
+        // Must show how to override
+        expect(errorOutput).toContain("--force");
+        // Exit code must be 1
+        expect(mockExit).toHaveBeenCalledWith(1);
+        // Tier 1 scan must NEVER be called (blocked before scan)
+        expect(mockRunTier1Scan).not.toHaveBeenCalled();
+        mockExit.mockRestore();
+    });
+    it("refuses to install Aslaep123's credential-stealing bot with Base64 exfil details", async () => {
+        const mockExit = vi
+            .spyOn(process, "exit")
+            .mockImplementation(() => {
+            throw new Error("process.exit");
+        });
+        await expect(addCommand("Aslaep123/polymarket-traiding-bot", {})).rejects.toThrow("process.exit");
+        const errorOutput = collectOutput(console.error);
+        expect(errorOutput).toContain("BLOCKED");
+        expect(errorOutput).toContain("polymarket-traiding-bot");
+        expect(errorOutput).toContain("credential-theft");
+        expect(errorOutput).toContain("critical");
+        expect(errorOutput).toContain("Base64-encoded credential exfiltration");
+        expect(mockRunTier1Scan).not.toHaveBeenCalled();
+        mockExit.mockRestore();
+    });
+    it("refuses to install aztr0nutzs's prompt injection skill", async () => {
+        const mockExit = vi
+            .spyOn(process, "exit")
+            .mockImplementation(() => {
+            throw new Error("process.exit");
+        });
+        await expect(addCommand("aztr0nutzs/google-qx4", {})).rejects.toThrow("process.exit");
+        const errorOutput = collectOutput(console.error);
+        expect(errorOutput).toContain("BLOCKED");
+        expect(errorOutput).toContain("google-qx4");
+        expect(errorOutput).toContain("prompt-injection");
+        expect(errorOutput).toContain("critical");
+        expect(errorOutput).toContain("Prompt injection");
+        expect(mockRunTier1Scan).not.toHaveBeenCalled();
+        mockExit.mockRestore();
+    });
+    it("refuses to install zaycv's typosquatting skill", async () => {
+        const mockExit = vi
+            .spyOn(process, "exit")
+            .mockImplementation(() => {
+            throw new Error("process.exit");
+        });
+        await expect(addCommand("zaycv/clawhud", {})).rejects.toThrow("process.exit");
+        const errorOutput = collectOutput(console.error);
+        expect(errorOutput).toContain("BLOCKED");
+        expect(errorOutput).toContain("clawhud");
+        expect(errorOutput).toContain("typosquatting");
+        expect(errorOutput).toContain("high");
+        expect(errorOutput).toContain("clawhud vs clawhub");
+        mockExit.mockRestore();
+    });
+});
+// ============================================================================
+// 2. --force override shows WARNING with full details
+// ============================================================================
+describe("E2E: --force override shows warning box with threat details", () => {
+    it("shows credential-theft warning box but continues for polymarket-traiding-bot", async () => {
+        mockRunTier1Scan.mockReturnValue({
+            verdict: "PASS",
+            findings: [],
+            score: 100,
+            patternsChecked: 37,
+            criticalCount: 0,
+            highCount: 0,
+            mediumCount: 0,
+            lowCount: 0,
+            infoCount: 0,
+            durationMs: 1,
+        });
+        mockDetectInstalledAgents.mockResolvedValue([
+            {
+                id: "claude-code",
+                displayName: "Claude Code",
+                localSkillsDir: ".claude/commands",
+                globalSkillsDir: "~/.claude/commands",
+            },
+        ]);
+        mockEnsureLockfile.mockReturnValue({
+            version: 1,
+            agents: [],
+            skills: {},
+            createdAt: "2026-01-01T00:00:00.000Z",
+            updatedAt: "2026-01-01T00:00:00.000Z",
+        });
+        await addCommand("Aslaep123/polymarket-traiding-bot", { force: true });
+        const errorOutput = collectOutput(console.error);
+        // WARNING box must be shown
+        expect(errorOutput).toContain("WARNING");
+        expect(errorOutput).toContain("known-malicious");
+        // Must show full threat details in the warning
+        expect(errorOutput).toContain("polymarket-traiding-bot");
+        expect(errorOutput).toContain("credential-theft");
+        expect(errorOutput).toContain("critical");
+        expect(errorOutput).toContain("Base64-encoded credential exfiltration");
+        // Must show --force was used
+        expect(errorOutput).toContain("--force");
+        // Despite the warning, Tier 1 scan MUST proceed
+        expect(mockRunTier1Scan).toHaveBeenCalled();
+    });
+    it("shows platform-impersonation warning for Clawhub with --force", async () => {
+        mockRunTier1Scan.mockReturnValue({
+            verdict: "PASS",
+            findings: [],
+            score: 100,
+            patternsChecked: 37,
+            criticalCount: 0,
+            highCount: 0,
+            mediumCount: 0,
+            lowCount: 0,
+            infoCount: 0,
+            durationMs: 1,
+        });
+        mockDetectInstalledAgents.mockResolvedValue([
+            {
+                id: "claude-code",
+                displayName: "Claude Code",
+                localSkillsDir: ".claude/commands",
+                globalSkillsDir: "~/.claude/commands",
+            },
+        ]);
+        mockEnsureLockfile.mockReturnValue({
+            version: 1,
+            agents: [],
+            skills: {},
+            createdAt: "2026-01-01T00:00:00.000Z",
+            updatedAt: "2026-01-01T00:00:00.000Z",
+        });
+        await addCommand("hightower6eu/Clawhub", { force: true });
+        const errorOutput = collectOutput(console.error);
+        expect(errorOutput).toContain("WARNING");
+        expect(errorOutput).toContain("Clawhub");
+        expect(errorOutput).toContain("platform-impersonation");
+        expect(errorOutput).toContain("critical");
+        expect(errorOutput).toContain("Impersonates the ClawHub");
+        expect(mockRunTier1Scan).toHaveBeenCalled();
+    });
+});
+// ============================================================================
+// 3. Safe skills pass through without blocklist interference
+// ============================================================================
+describe("E2E: safe skills are not affected by blocklist", () => {
+    it("installs legitimate skill without any BLOCKED or WARNING output", async () => {
+        mockRunTier1Scan.mockReturnValue({
+            verdict: "PASS",
+            findings: [],
+            score: 100,
+            patternsChecked: 37,
+            criticalCount: 0,
+            highCount: 0,
+            mediumCount: 0,
+            lowCount: 0,
+            infoCount: 0,
+            durationMs: 1,
+        });
+        mockDetectInstalledAgents.mockResolvedValue([
+            {
+                id: "claude-code",
+                displayName: "Claude Code",
+                localSkillsDir: ".claude/commands",
+                globalSkillsDir: "~/.claude/commands",
+            },
+        ]);
+        mockEnsureLockfile.mockReturnValue({
+            version: 1,
+            agents: [],
+            skills: {},
+            createdAt: "2026-01-01T00:00:00.000Z",
+            updatedAt: "2026-01-01T00:00:00.000Z",
+        });
+        await addCommand("anthropic/code-review-assistant", {});
+        const allErrorOutput = collectOutput(console.error);
+        // No BLOCKED or WARNING messages
+        expect(allErrorOutput).not.toContain("BLOCKED");
+        expect(allErrorOutput).not.toContain("WARNING");
+        expect(allErrorOutput).not.toContain("malicious");
+        // Tier 1 scan MUST proceed
+        expect(mockRunTier1Scan).toHaveBeenCalled();
+        // Lockfile MUST be updated
+        expect(mockEnsureLockfile).toHaveBeenCalled();
+    });
+});
+//# sourceMappingURL=add-blocklist-e2e.test.js.map

package/dist/commands/add-blocklist-e2e.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"add-blocklist-e2e.test.js","sourceRoot":"","sources":["../../src/commands/add-blocklist-e2e.test.ts"],"names":[],"mappings":"AAAA,8EAA8E;AAC9E,+DAA+D;AAC/D,EAAE;AACF,iEAAiE;AACjE,8DAA8D;AAC9D,gDAAgD;AAChD,mEAAmE;AACnE,sEAAsE;AACtE,yEAAyE;AACzE,8EAA8E;AAE9E,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAEzE,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,aAAa,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC9B,MAAM,iBAAiB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAClC,MAAM,gBAAgB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AACjC,MAAM,cAAc,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC/B,MAAM,UAAU,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC3B,MAAM,aAAa,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC9B,MAAM,eAAe,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAChC,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAE7B,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IACxB,SAAS,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IACzD,aAAa,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC;IACjE,YAAY,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;IAC/D,UAAU,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC;IAC3D,MAAM,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC;IACnD,SAAS,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IACzD,WAAW,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC;IAC7D,QAAQ,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC;IACvD,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;CACtB,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,EAAE;IAC9B,MAAM,MAAM,GACV,MAAM,EAAE,CAAC,YAAY,CAA6B,WAAW,CAAC,CAAC;IACjE,OAAO,EAAE,GAAG,MAAM,EAAE,IAAI,EAAE,CAAC,GAAG,IAAc,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC;AAC1E,CAAC,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,kBAAkB,CAAC,CAAC;AAC/D,MAAM,UAAU,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;AACnE,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5B,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;CAC3C,CAAC,CAAC,CAAC;AAEJ,MAAM,yBAAyB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC1C,EAAE,CAAC,IAAI,CAAC,8BAA8B,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7C,qBAAqB,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAC5C,yBAAyB,CAAC,GAAG,IAAI,CAAC;CACrC,CAAC,CAAC,CAAC;AAEJ,MAAM,kBAAkB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AACnC,MAAM,iBAAiB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAClC,EAAE,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,EAAE,CAAC,CAAC;IACrC,cAAc,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC;IACnE,aAAa,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC;CAClE,CAAC,CAAC,CAAC;AAEJ,MAAM,gBAAgB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AACjC,EAAE,CAAC,IAAI,CAAC,qBAAqB,EAAE,GAAG,EAAE,CAAC,CAAC;IACpC,YAAY,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;CAChE,CAAC,CAAC,CAAC;AAEJ,MAAM,yBAAyB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC1C,EAAE,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,EAAE,CAAC,CAAC;IACrC,qBAAqB,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE,CAC5C,yBAAyB,CAAC,GAAG,IAAI,CAAC;CACrC,CAAC,CAAC,CAAC;AAEJ,gDAAgD;AAChD,iFAAiF;AACjF,mDAAmD;AAEnD,gEAAgE;AAChE,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,IAAI,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC;IACtB,KAAK,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC;IACvB,GAAG,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC;IACrB,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC;IACxB,GAAG,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC;IACrB,IAAI,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC;IACtB,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC;CACnC,CAAC,CAAC,CAAC;AAEJ,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;AAEhD,8EAA8E;AAC9E,wDAAwD;AACxD,8EAA8E;AAE9E,MAAM,UAAU,GAAG;IACjB,OAAO,EAAE;QACP;YACE,SAAS,EAAE,SAAS;YACpB,SAAS,EAAE,yCAAyC;YACpD,cAAc,EAAE,SAAS;YACzB,UAAU,EAAE,wBAAwB;YACpC,QAAQ,EAAE,UAAU;YACpB,MAAM,EACJ,qFAAqF;YACvF,YAAY,EAAE,CAAC,8CAA8C,CAAC;YAC9D,YAAY,EAAE,0BAA0B;SACzC;QACD;YACE,SAAS,EAAE,yBAAyB;YACpC,SAAS,EAAE,sDAAsD;YACjE,cAAc,EAAE,SAAS;YACzB,UAAU,EAAE,kBAAkB;YAC9B,QAAQ,EAAE,UAAU;YACpB,MAAM,EAAE,iEAAiE;YACzE,YAAY,EAAE,CAAC,8CAA8C,CAAC;YAC9D,YAAY,EAAE,0BAA0B;SACzC;QACD;YACE,SAAS,EAAE,qBAAqB;YAChC,SAAS,EAAE,qDAAqD;YAChE,cAAc,EAAE,SAAS;YACzB,UAAU,EAAE,qBAAqB;YACjC,QAAQ,EAAE,MAAM;YAChB,MAAM,EACJ,oEAAoE;YACtE,YAAY,EAAE,CAAC,8CAA8C,CAAC;YAC9D,YAAY,EAAE,0BAA0B;SACzC;QACD;YACE,SAAS,EAAE,YAAY;YACvB,SAAS,EAAE,0CAA0C;YACrD,cAAc,EAAE,SAAS;YACzB,UAAU,EAAE,kBAAkB;YAC9B,QAAQ,EAAE,UAAU;YACpB,MAAM,EAAE,oDAAoD;YAC5D,YAAY,EAAE,CAAC,mDAAmD,CAAC;YACnE,YAAY,EAAE,0BAA0B;SACzC;QACD;YACE,SAAS,EAAE,SAAS;YACpB,SAAS,EAAE,kCAAkC;YAC7C,cAAc,EAAE,SAAS;YACzB,UAAU,EAAE,eAAe;YAC3B,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,6DAA6D;YACrE,YAAY,EAAE,CAAC,mDAAmD,CAAC;YACnE,YAAY,EAAE,0BAA0B;SACzC;KACF;IACD,KAAK,EAAE,CAAC;IACR,WAAW,EAAE,sBAAsB;IACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;AAEF,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,mBAAmB;IAC1B,2DAA2D;IAC3D,mEAAmE;IACnE,MAAM,kBAAkB,GAAG,cAAc,CAAC,qBAAqB,EAAE,CAAC;IAClE,cAAc,CAAC,kBAAkB,CAAC,CAAC,CAAS,EAAE,EAAE;QAC9C,IAAI,CAAC,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAAE,OAAO,IAAI,CAAC;QAC9C,IAAI,kBAAkB;YAAE,OAAO,kBAAkB,CAAC,CAAC,CAAC,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,qBAAqB,EAAE,CAAC;IACtE,gBAAgB,CAAC,kBAAkB,CAAC,CAAC,CAAS,EAAE,GAAG,IAAe,EAAE,EAAE;QACpE,IAAI,CAAC,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACpE,IAAI,oBAAoB;YAAE,OAAO,oBAAoB,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC;QAClE,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa,CACpB,GAAgC;IAEhC,OAAO,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACvE,CAAC;AAED,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;AAEvC,UAAU,CAAC,GAAG,EAAE;IACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACnB,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACtD,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACxD,yBAAyB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAElD,iDAAiD;IACjD,UAAU,CAAC,KAAK,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;QAC3C,EAAE,EAAE,IAAI;QACR,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,8BAA8B;QAChD,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;QAChE,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,EAAE;KAC7B,CAA4B,CAAC;IAE9B,mBAAmB,EAAE,CAAC;AACxB,CAAC,CAAC,CAAC;AAEH,SAAS,CAAC,GAAG,EAAE;IACb,UAAU,CAAC,KAAK,GAAG,aAAa,CAAC;AACnC,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,qDAAqD;AACrD,+EAA+E;AAE/E,QAAQ,CAAC,+DAA+D,EAAE,GAAG,EAAE;IAC7E,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,MAAM,QAAQ,GAAG,EAAE;aAChB,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;aACtB,kBAAkB,CAAC,GAAG,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEL,MAAM,MAAM,CACV,UAAU,CAAC,sBAAsB,EAAE,EAAE,CAAC,CACvC,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAElC,MAAM,WAAW,GAAG,aAAa,CAC/B,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,2BAA2B;QAC3B,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEzC,iCAAiC;QACjC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEzC,4BAA4B;QAC5B,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,wBAAwB,CAAC,CAAC;QAExD,yBAAyB;QACzB,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAE1C,2BAA2B;QAC3B,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QAE1D,4BAA4B;QAC5B,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEzC,sBAAsB;QACtB,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC;QAEzC,yDAAyD;QACzD,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAEhD,QAAQ,CAAC,WAAW,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kFAAkF,EAAE,KAAK,IAAI,EAAE;QAChG,MAAM,QAAQ,GAAG,EAAE;aAChB,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;aACtB,kBAAkB,CAAC,GAAG,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEL,MAAM,MAAM,CACV,UAAU,CAAC,mCAAmC,EAAE,EAAE,CAAC,CACpD,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAElC,MAAM,WAAW,GAAG,aAAa,CAC/B,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;QACzD,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,wCAAwC,CAAC,CAAC;QACxE,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAEhD,QAAQ,CAAC,WAAW,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,QAAQ,GAAG,EAAE;aAChB,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;aACtB,kBAAkB,CAAC,GAAG,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEL,MAAM,MAAM,CACV,UAAU,CAAC,uBAAuB,EAAE,EAAE,CAAC,CACxC,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAElC,MAAM,WAAW,GAAG,aAAa,CAC/B,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QAC5C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAClD,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAEhD,QAAQ,CAAC,WAAW,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;QAC9D,MAAM,QAAQ,GAAG,EAAE;aAChB,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC;aACtB,kBAAkB,CAAC,GAAG,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEL,MAAM,MAAM,CACV,UAAU,CAAC,eAAe,EAAE,EAAE,CAAC,CAChC,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAElC,MAAM,WAAW,GAAG,aAAa,CAC/B,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC/C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAEpD,QAAQ,CAAC,WAAW,EAAE,CAAC;IACzB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,sDAAsD;AACtD,+EAA+E;AAE/E,QAAQ,CAAC,6DAA6D,EAAE,GAAG,EAAE;IAC3E,EAAE,CAAC,8EAA8E,EAAE,KAAK,IAAI,EAAE;QAC5F,gBAAgB,CAAC,eAAe,CAAC;YAC/B,OAAO,EAAE,MAAM;YACf,QAAQ,EAAE,EAAE;YACZ,KAAK,EAAE,GAAG;YACV,eAAe,EAAE,EAAE;YACnB,aAAa,EAAE,CAAC;YAChB,SAAS,EAAE,CAAC;YACZ,WAAW,EAAE,CAAC;YACd,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;YACZ,UAAU,EAAE,CAAC;SACd,CAAC,CAAC;QACH,yBAAyB,CAAC,iBAAiB,CAAC;YAC1C;gBACE,EAAE,EAAE,aAAa;gBACjB,WAAW,EAAE,aAAa;gBAC1B,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,oBAAoB;aACtC;SACF,CAAC,CAAC;QACH,kBAAkB,CAAC,eAAe,CAAC;YACjC,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,EAAE;YACV,SAAS,EAAE,0BAA0B;YACrC,SAAS,EAAE,0BAA0B;SACtC,CAAC,CAAC;QAEH,MAAM,UAAU,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEvE,MAAM,WAAW,GAAG,aAAa,CAC/B,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,4BAA4B;QAC5B,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAEjD,+CAA+C;QAC/C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;QACzD,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,wCAAwC,CAAC,CAAC;QAExE,6BAA6B;QAC7B,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAEzC,gDAAgD;QAChD,MAAM,CAAC,gBAAgB,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+DAA+D,EAAE,KAAK,IAAI,EAAE;QAC7E,gBAAgB,CAAC,eAAe,CAAC;YAC/B,OAAO,EAAE,MAAM;YACf,QAAQ,EAAE,EAAE;YACZ,KAAK,EAAE,GAAG;YACV,eAAe,EAAE,EAAE;YACnB,aAAa,EAAE,CAAC;YAChB,SAAS,EAAE,CAAC;YACZ,WAAW,EAAE,CAAC;YACd,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;YACZ,UAAU,EAAE,CAAC;SACd,CAAC,CAAC;QACH,yBAAyB,CAAC,iBAAiB,CAAC;YAC1C;gBACE,EAAE,EAAE,aAAa;gBACjB,WAAW,EAAE,aAAa;gBAC1B,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,oBAAoB;aACtC;SACF,CAAC,CAAC;QACH,kBAAkB,CAAC,eAAe,CAAC;YACjC,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,EAAE;YACV,SAAS,EAAE,0BAA0B;YACrC,SAAS,EAAE,0BAA0B;SACtC,CAAC,CAAC;QAEH,MAAM,UAAU,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAE1D,MAAM,WAAW,GAAG,aAAa,CAC/B,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,wBAAwB,CAAC,CAAC;QACxD,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QAE1D,MAAM,CAAC,gBAAgB,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,+EAA+E;AAC/E,6DAA6D;AAC7D,+EAA+E;AAE/E,QAAQ,CAAC,gDAAgD,EAAE,GAAG,EAAE;IAC9D,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;QAC/E,gBAAgB,CAAC,eAAe,CAAC;YAC/B,OAAO,EAAE,MAAM;YACf,QAAQ,EAAE,EAAE;YACZ,KAAK,EAAE,GAAG;YACV,eAAe,EAAE,EAAE;YACnB,aAAa,EAAE,CAAC;YAChB,SAAS,EAAE,CAAC;YACZ,WAAW,EAAE,CAAC;YACd,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;YACZ,UAAU,EAAE,CAAC;SACd,CAAC,CAAC;QACH,yBAAyB,CAAC,iBAAiB,CAAC;YAC1C;gBACE,EAAE,EAAE,aAAa;gBACjB,WAAW,EAAE,aAAa;gBAC1B,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,oBAAoB;aACtC;SACF,CAAC,CAAC;QACH,kBAAkB,CAAC,eAAe,CAAC;YACjC,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,EAAE;YACV,SAAS,EAAE,0BAA0B;YACrC,SAAS,EAAE,0BAA0B;SACtC,CAAC,CAAC;QAEH,MAAM,UAAU,CAAC,iCAAiC,EAAE,EAAE,CAAC,CAAC;QAExD,MAAM,cAAc,GAAG,aAAa,CAClC,OAAO,CAAC,KAAiC,CAC1C,CAAC;QAEF,iCAAiC;QACjC,MAAM,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAElD,2BAA2B;QAC3B,MAAM,CAAC,gBAAgB,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAE5C,2BAA2B;QAC3B,MAAM,CAAC,kBAAkB,CAAC,CAAC,gBAAgB,EAAE,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/commands/add.js

@@ -1,9 +1,10 @@
 // ---------------------------------------------------------------------------
 // vskill add -- install a skill from GitHub or local plugin directory
 // ---------------------------------------------------------------------------
-import { mkdirSync, writeFileSync, readFileSync, existsSync, cpSync, chmodSync, readdirSync, } from "node:fs";
+import { mkdirSync, writeFileSync, readFileSync, existsSync, copyFileSync, statSync, chmodSync, readdirSync, rmSync, } from "node:fs";
 import { join, resolve } from "node:path";
 import { createHash } from "node:crypto";
+import { execSync } from "node:child_process";
 import { resolveTilde } from "../utils/paths.js";
 import { detectInstalledAgents } from "../agents/agents-registry.js";
 import { ensureLockfile, writeLockfile } from "../lockfile/index.js";
@@ -11,7 +12,74 @@ import { runTier1Scan } from "../scanner/index.js";
 import { getPluginSource, getPluginVersion } from "../marketplace/index.js";
 import { checkBlocklist } from "../blocklist/blocklist.js";
 import { checkPlatformSecurity } from "../security/index.js";
+import { discoverSkills } from "../discovery/github-tree.js";
 import { bold, green, red, yellow, dim, cyan, spinner, } from "../utils/output.js";
+// ---------------------------------------------------------------------------
+// Command file filter (prevents plugin internals leaking as slash commands)
+// ---------------------------------------------------------------------------
+/**
+ * Returns true for .md files that should NOT be installed into an agent's
+ * commands directory. Claude Code (and similar agents) register every .md
+ * file they find recursively as a slash command, so plugin-internal files
+ * must be excluded.
+ */
+function shouldSkipFromCommands(relPath) {
+    const normalized = relPath.replace(/\\/g, "/");
+    const parts = normalized.split("/");
+    const filename = parts[parts.length - 1];
+    if (!filename.endsWith(".md"))
+        return false;
+    if (parts.length === 1 && filename === "PLUGIN.md")
+        return true;
+    if (filename === "README.md")
+        return true;
+    if (filename === "FRESHNESS.md")
+        return true;
+    if (parts.length > 1 && parts[0].startsWith("."))
+        return true;
+    const internalRootDirs = new Set(["knowledge-base", "lib", "templates", "scripts", "hooks"]);
+    if (parts.length > 1 && internalRootDirs.has(parts[0]))
+        return true;
+    if (parts[0] === "skills" && parts.length > 2 && filename !== "SKILL.md")
+        return true;
+    return false;
+}
+function copyPluginFiltered(sourceDir, targetDir, relBase = "") {
+    mkdirSync(targetDir, { recursive: true });
+    const entries = readdirSync(sourceDir);
+    for (const entry of entries) {
+        const relPath = relBase ? `${relBase}/${entry}` : entry;
+        const sourcePath = join(sourceDir, entry);
+        const stat = statSync(sourcePath);
+        if (stat.isDirectory()) {
+            // Flatten: root-level commands/ and skills/ merge into the parent target dir
+            const isFlattened = !relBase && (entry === "commands" || entry === "skills");
+            const nextTargetDir = isFlattened ? targetDir : join(targetDir, entry);
+            copyPluginFiltered(sourcePath, nextTargetDir, relPath);
+        }
+        else if (stat.isFile() && !shouldSkipFromCommands(relPath)) {
+            copyFileSync(sourcePath, join(targetDir, entry));
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Plugin cache cleanup
+// ---------------------------------------------------------------------------
+/**
+ * Remove a plugin installed via Claude Code's plugin system.
+ * The cache at ~/.claude/plugins/cache/ contains ALL files without filtering,
+ * causing internal .md files to leak as ghost slash commands.
+ *
+ * Uses `claude plugin uninstall` CLI to properly remove the plugin through
+ * Claude Code's own API rather than directly manipulating internal files.
+ */
+function cleanPluginCache(pluginName, marketplace) {
+    const pluginKey = `${pluginName}@${marketplace}`;
+    try {
+        execSync(`claude plugin uninstall "${pluginKey}"`, { stdio: "ignore", timeout: 10_000 });
+    }
+    catch { /* ignore - plugin might not be installed via CLI */ }
+}
 async function fetchSkillContent(url) {
     const spin = spinner("Fetching skill");
     try {
@@ -175,14 +243,27 @@ async function installPluginDir(basePath, pluginName, opts) {
     const marketplacePath = join(basePath, ".claude-plugin", "marketplace.json");
     const marketplaceContent = readFileSync(marketplacePath, "utf-8");
     const version = getPluginVersion(pluginName, marketplaceContent) || "0.0.0";
+    // Remove unfiltered plugin cache that Claude Code's plugin system creates.
+    // The cache at ~/.claude/plugins/cache/ contains ALL files without filtering,
+    // causing internal .md files to leak as ghost slash commands.
+    try {
+        const marketplaceName = JSON.parse(marketplaceContent).name;
+        if (marketplaceName) {
+            cleanPluginCache(pluginName, marketplaceName);
+        }
+    }
+    catch { /* ignore parse errors */ }
     // Install: recursively copy plugin directory to cache
     const sha = createHash("sha256").update(content).digest("hex").slice(0, 12);
     const locations = [];
     for (const agent of agents) {
         const cacheDir = join(opts.global ? resolveTilde(agent.globalSkillsDir) : join(process.cwd(), agent.localSkillsDir), pluginName);
         try {
-            mkdirSync(cacheDir, { recursive: true });
-            cpSync(pluginDir, cacheDir, { recursive: true });
+            // Full clean before copy: removes stale files from older installs
+            if (existsSync(cacheDir)) {
+                rmSync(cacheDir, { recursive: true, force: true });
+            }
+            copyPluginFiltered(pluginDir, cacheDir);
             fixHookPermissions(cacheDir);
             locations.push(`${agent.displayName}: ${cacheDir}`);
         }
@@ -209,6 +290,53 @@ async function installPluginDir(basePath, pluginName, opts) {
     }
     console.log(dim(`\nSHA: ${sha} | Version: ${version}`));
 }
+async function installOneGitHubSkill(owner, repo, skillName, rawUrl, opts, agents) {
+    // Fetch content (non-exiting for multi-skill support)
+    let content;
+    try {
+        const res = await fetch(rawUrl);
+        if (!res.ok) {
+            return { skillName, installed: false, verdict: "FETCH_FAILED" };
+        }
+        content = await res.text();
+    }
+    catch {
+        return { skillName, installed: false, verdict: "FETCH_FAILED" };
+    }
+    // Blocklist check
+    const blocked = await checkBlocklist(skillName, undefined);
+    if (blocked && !opts.force) {
+        printBlockedError(blocked);
+        return { skillName, installed: false, verdict: "BLOCKED" };
+    }
+    if (blocked && opts.force) {
+        printBlockedWarning(blocked);
+    }
+    // Platform security check
+    const platformSecurity = await checkPlatformSecurity(skillName);
+    if (platformSecurity && platformSecurity.hasCritical && !opts.force) {
+        return { skillName, installed: false, verdict: "SECURITY_FAIL" };
+    }
+    // Tier 1 scan
+    const scanResult = runTier1Scan(content);
+    if ((scanResult.verdict === "FAIL" || scanResult.verdict === "CONCERNS") && !opts.force) {
+        return { skillName, installed: false, verdict: scanResult.verdict };
+    }
+    // Install to each agent
+    const sha = createHash("sha256").update(content).digest("hex").slice(0, 12);
+    for (const agent of agents) {
+        const baseDir = opts.global
+            ? resolveTilde(agent.globalSkillsDir)
+            : join(process.cwd(), agent.localSkillsDir);
+        const skillDir = join(baseDir, skillName);
+        try {
+            mkdirSync(skillDir, { recursive: true });
+            writeFileSync(join(skillDir, "SKILL.md"), content, "utf-8");
+        }
+        catch { /* skip agent on write error */ }
+    }
+    return { skillName, installed: true, verdict: scanResult.verdict, sha };
+}
 // ---------------------------------------------------------------------------
 // Main entry point
 // ---------------------------------------------------------------------------
@@ -224,14 +352,63 @@ export async function addCommand(source, opts) {
         process.exit(1);
     }
     const [owner, repo] = parts;
-    const skillSubpath = opts.skill
-        ? `skills/${opts.skill}/SKILL.md`
-        : "SKILL.md";
+    // --skill flag: single-skill mode (no discovery, backward compat)
+    if (opts.skill) {
+        return installSingleSkillLegacy(owner, repo, opts.skill, opts);
+    }
+    // Discovery mode: find all skills in the repo
+    const discovered = (await discoverSkills(owner, repo)) || [];
+    if (discovered.length === 0) {
+        // Fallback: discovery returned nothing — try root SKILL.md directly
+        return installSingleSkillLegacy(owner, repo, undefined, opts);
+    }
+    // Multi-skill install
+    const agents = await detectInstalledAgents();
+    if (agents.length === 0) {
+        console.error(red("No AI agents detected. Run ") + cyan("vskill init") + red(" first."));
+        process.exit(1);
+    }
+    const results = [];
+    for (const skill of discovered) {
+        console.log(dim(`\nInstalling skill: ${bold(skill.name)}...`));
+        const result = await installOneGitHubSkill(owner, repo, skill.name, skill.rawUrl, opts, agents);
+        results.push(result);
+    }
+    // Update lockfile with all installed skills
+    const lock = ensureLockfile();
+    for (const r of results) {
+        if (r.installed && r.sha) {
+            lock.skills[r.skillName] = {
+                version: "0.0.0",
+                sha: r.sha,
+                tier: "SCANNED",
+                installedAt: new Date().toISOString(),
+                source: `github:${owner}/${repo}`,
+            };
+        }
+    }
+    lock.agents = agents.map((a) => a.id);
+    writeLockfile(lock);
+    // Summary
+    const installed = results.filter((r) => r.installed);
+    const skipped = results.filter((r) => !r.installed);
+    console.log(green(`\nInstalled ${bold(String(installed.length))} of ${results.length} skills:\n`));
+    for (const r of results) {
+        const icon = r.installed ? green("✓") : red("✗");
+        const detail = r.installed ? dim(`(${r.verdict})`) : red(`(${r.verdict})`);
+        console.log(`  ${icon} ${r.skillName} ${detail}`);
+    }
+}
+// ---------------------------------------------------------------------------
+// Legacy single-skill install (preserves original behavior exactly)
+// ---------------------------------------------------------------------------
+async function installSingleSkillLegacy(owner, repo, skill, opts) {
+    const skillSubpath = skill ? `skills/${skill}/SKILL.md` : "SKILL.md";
     const url = `https://raw.githubusercontent.com/${owner}/${repo}/main/${skillSubpath}`;
     // Fetch SKILL.md
     const content = await fetchSkillContent(url);
     // Blocklist check (before scanning)
-    const skillName = opts.skill || repo;
+    const skillName = skill || repo;
     const blocked = await checkBlocklist(skillName, undefined);
     if (blocked && !opts.force) {
         printBlockedError(blocked);