Vercel Launches skills: AI Agent Package Manager

The Rise of AI’s “npm” Moment
Just five months after its January 2026 launch, vercel-labs/skills has surged to 24,000+ GitHub stars, signaling a paradigm shift in how AI agents acquire and manage capabilities.
Gone are the days when developers exchanged prompt templates — now, they ask: “Which skill should I install?”
Vercel CEO Guillermo Rauch announced the project on X (formerly Twitter) as “the npm for AI skills”, introducing a command-line interface that brings package management rigor to AI agent functionality.
One Command, Infinite Capabilities
Install any verified skill in seconds:
npx skills add <package>
This simple command transforms your AI agent—whether Claude Code, Cursor, Codex, Gemini CLI, or GitHub Copilot—by injecting domain-specific expertise: coding standards, design principles, framework best practices, and more.

How Skills Work
- A skill is a self-contained directory with a
SKILL.mdfile (YAML frontmatter + description + activation rules) - Includes optional reference docs, templates, and executable
scripts/ - Fully portable: Install once → works across 68+ supported agents
Example:
npx skills add vercel-labs/agent-skills
→ Instantly equips Claude Code with React/Next.js engineering norms and UI design guidelines.
skills.sh: The First AI Skill Marketplace
Vercel launched skills.sh — a live, searchable skill registry with real-time installation metrics.
Top performers include:
– find-skills — 2.3M installs: An AI-powered skill discovery engine
– frontend-design, vercel-react-best-practices, and others rapidly climbing the leaderboard

skills.sh leaderboard showing top skills by install count (source: skills.sh)
find-skills: AI’s First Capability Search Engine
The most groundbreaking skill isn’t built for developers — it’s built for AI itself:
- When you ask “How do I optimize this Next.js app?”,
find-skillsautonomously: - Searches skills.sh
- Filters by popularity, source trust (Vercel, Anthropic, Microsoft), and repo health
- Installs the optimal match — no manual lookup required

Official
find-skillsdefinition: “Discovers and installs relevant agent skills when users request new capabilities.”
It enforces safety heuristics:
– Prioritizes skills with ≥1,000 installs
– Flags those with <100 stars or unknown origins
– Rejects unverified third-party repositories

Source code excerpt from
find-skills‘s SKILL.md validating installation criteria
Security at Scale: The Double-Edged Sword
While revolutionary, the skills ecosystem introduces unprecedented risk surface:
🔴 Critical Audit Findings
- Snyk’s ToxicSkills report audited 3,984 skills:
- ✅ 36.8% contained at least one security defect
- ⚠️ 13.4% (534 skills) classified as critical (malware, prompt injection, credential leakage)
- 🛑 76 confirmed malicious payloads still active on ClawHub

Snyk audit results: 36.82% of skills had vulnerabilities; 13.4% were critical-risk (source: Snyk)
- Koi Security found 341 malicious skills among 2,857 tested
Why This Is Worse Than npm
| Dimension | npm | skills |
|---|---|---|
| Scope | Pure code modules | Prompt + code + filesystem/network access |
| Boundary | Clear separation (code vs. data) | Blurred: SKILL.md executes logic |
| Attack vector | Compromised build artifacts | Direct shell execution, memory scraping, SSH key theft |
💡 Vercel’s guidance: Treat skills like code — audit
scripts/, verify sources, and never grant unnecessary permissions.
The Rauch Doctrine: Engineering Simplicity
This isn’t Vercel’s first “one-command revolution”:
– now → instant serverless deployment
– next dev → zero-config dev environment
– npx skills add → capability-on-demand
Guillermo Rauch — creator of Socket.io and Next.js — has spent 20 years compressing complex infrastructure into intuitive developer primitives.
His philosophy: “Reduce cognitive load so engineers can focus on outcomes — not plumbing.”
Today, that ethos extends to AI agents — transforming ad-hoc prompting into versioned, composable, auditable capability engineering.
The Road Ahead
The skills ecosystem marks the dawn of capability engineering, where:
– ✅ Reusable, documented, and updatable AI behaviors replace one-off prompts
– ⚠️ Trust, provenance, and sandboxing become non-negotiable infrastructure concerns
– 🌐 Cross-agent compatibility enables true interoperability beyond vendor lock-in
As Rauch put it: “We’re not building features — we’re building foundations.”
The npm moment for AI has arrived. But unlike 2009, the stakes are higher — and the responsibility, shared.
References
- vercel-labs/skills GitHub Repository
- skills.sh Official Directory
- Snyk: ToxicSkills — Malicious AI Agent Skills Report
Originally published by XinZhiYuan (New Intelligence Era)