Establish AI agent environment policies, security guardrails, and team configuration standards.
Works with
Configure project description files as AI manuals with tech stack, coding standards, and DO NOT rules; use /init for auto-generation from codebase analysis
Set up security hooks to block dangerous commands (rm -rf, sudo, curl | sh) and auto-approve only safe operations via PreToolUse and PostToolUse events
Define skills, slash commands, and plugins with token efficiency in mind; skills loa
AI-first code editor with Composer
Before installing skills in Cursor, ensure your development environment meets these requirements:
node --versionagent-configurationExecute the skills CLI command in your project's root directory to begin installation:
Fetches agent-configuration from supercent-io/skills-template and configures it for Cursor.
The CLI shows a list of agents. Use arrow keys and space to select Cursor:
Confirm successful installation by checking the skill directory location:
Restart Cursor to activate agent-configuration. Access via /agent-configuration in your agent's command palette.
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.
Submit your Claude Code skill and start earning
Create detailed user stories, acceptance criteria, and feature specs
Example
Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios
Reduce spec writing time by 50%, ensure comprehensive coverage
Research competitors, compare features, identify gaps
Example
Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities
Complete competitive research in 2 hours instead of 2 days
Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs
Example
Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale
0
total installs
0
this week
88
GitHub stars
0
upvotes
Run in your terminal
0
installs
0
this week
88
stars
Project description files (CLAUDE.md, README, etc.) are project manuals for AI. AI agents reference these files with top priority.
/init # Claude analyzes the codebase and generates a draft
# Project: [Project Name]
## Tech Stack
- **Frontend**: React + TypeScript
- **Backend**: Node.js + Express
- **Database**: PostgreSQL
- **ORM**: Drizzle
## Coding Standards
- Use TypeScript strict mode
- Prefer server components over client components
- Use `async/await` instead of `.then()`
- Always validate user input with Zod
## DO NOT
- Never commit `.env` files
- Never use `any` type in TypeScript
- Never bypass authentication checks
- Never expose API keys in client code
## Common Commands
- `npm run dev`: Start development server
- `npm run build`: Build for production
- `npm run test`: Run tests
Bad (verbose):
Our authentication system is built using NextAuth.js, which is a
complete authentication solution for Next.js applications...
(5+ lines of explanation)
Good (concise):
## Authentication
- NextAuth.js with Credentials provider
- JWT session strategy
- **DO NOT**: Bypass auth checks, expose session secrets
"Start without a project description file. Add content when you find yourself repeating the same things."
Hooks are shell commands that run automatically on specific events. They act as guardrails for AI.
| Hook | Trigger | Use Case |
|---|---|---|
PreToolUse |
Before tool execution | Block dangerous commands |
PostToolUse |
After tool execution | Log recording, send notifications |
PermissionRequest |
On permission request | Auto approve/deny |
Notification |
On notification | External system integration |
SubagentStart |
Subagent start | Monitoring |
SubagentStop |
Subagent stop | Result collection |
// ~/.claude/settings.json
{
"hooks": {
"PreToolUse": [
{
"pattern": "rm -rf /",
"action": "block",
"message": "Block root directory deletion"
},
{
"pattern": "rm -rf /*",
"action": "block",
"message": "Block dangerous deletion command"
},
{
"pattern": "sudo rm",
"action": "warn",
"message": "Caution: sudo delete command"
},
{
"pattern": "curl * | sh",
"action": "block",
"message": "Block piped script execution"
},
{
"pattern": "chmod 777",
"action": "warn",
"message": "Caution: excessive permission setting"
}
]
}
}
| Feature | Load Timing | Primary Users | Token Efficiency |
|---|---|---|---|
| Project Description File | Always loaded | Project team | Low (always loaded) |
| Skills | Load on demand | AI auto | High (on-demand) |
| Slash Commands | On user call | Developers | Medium |
| Plugins/MCP | On install | Team/Community | Varies |
Rules that always apply → Project Description File
Knowledge needed only for specific tasks → Skills (token efficient)
Frequently used commands → Slash Commands
External service integration → Plugins / MCP
# Create skill directory
mkdir -p ~/.claude/skills/my-skill
# Write SKILL.md
cat > ~/.claude/skills/my-skill/SKILL.md << 'EOF'
---
name: my-skill
description: My custom skill
platforms: [Claude, Gemini, ChatGPT]
---
# My Skill
## When to use
- When needed for specific tasks
## Instructions
1. First step
2. Second step
EOF
.env, credentials.jsonsudo commandscurl | sh formatchmod 777# Check for dangerous commands with cc-safe tool
npx cc-safe .
npx cc-safe ~/projects
# Detection targets:
# - sudo, rm -rf, chmod 777
# - curl | sh, wget | bash
# - git reset --hard, git push --force
# - npm publish, docker run --privileged
# Auto-approve only safe commands
/sandbox "npm test"
/sandbox "npm run lint"
/sandbox "git status"
/sandbox "git diff"
# Pattern approval
/sandbox "git *" # All git commands
/sandbox "npm test *" # npm test related
# MCP tool patterns
/sandbox "mcp__server__*"
project/
├── .claude/ # Claude Code settings
│ ├── team-settings.json
│ ├── hooks/
│ └── skills/
├── .agent-skills/ # Universal skills
│ ├── backend/
│ ├── frontend/
│ └── ...
├── CLAUDE.md # Project description for Claude
├── .cursorrules # Cursor settings
└── ...
{
"permissions": {
"allow": [
"Read(src/)",
"Write(src/)",
"Bash(npm test)",
"Bash(npm run lint)"
],
"deny": [
"Bash(rm -rf /)",
"Bash(sudo *)"
]
},
"hooks": {
"PreToolUse": {
"command": "bash",
"args": ["-c", "echo 'Team hook: validating...'"]
}
},
"mcpServers": {
"company-db": {
"command": "npx",
"args": ["@company/db-mcp"]
}
}
}
Commit .claude/ folder → Team members Clone → Same settings automatically applied → Team standards maintained
| Agent | Config File | Location |
|---|---|---|
| Claude Code | CLAUDE.md, settings.json | Project root, ~/.claude/ |
| Gemini CLI | .geminirc | Project root, ~/ |
| Cursor | .cursorrules | Project root |
| ChatGPT | Custom Instructions | UI settings |
.agent-skills/
├── backend/
├── frontend/
├── code-quality/
├── infrastructure/
├── documentation/
├── project-management/
├── search-analysis/
└── utilities/
/init or manual)c, cc, g, cx)export EDITOR=vim)cc-safe)Make data-driven prioritization decisions faster
Draft PRDs, status updates, and stakeholder presentations
Example
Create executive summary of Q3 roadmap, monthly progress report, feature launch announcement
Save 3-5 hours/week on communication overhead
Prerequisites
Time Estimate
30-60 minutes to see productivity improvements
Steps
Common Pitfalls
✓ Do
✗ Don't
💡 Pro Tips
✓ Use when
Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work.
✗ Avoid when
Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed.
supercent-io/skills-template
mattpocock/skills
parcadei/continuous-claude-v3
cursor/plugins
ailabs-393/ai-labs-claude-skills
pproenca/dot-skills
agent-configuration reduced setup friction for our internal harness; good balance of opinion and flexibility.
We added agent-configuration from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.
Useful defaults in agent-configuration — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
Registry listing for agent-configuration matched our evaluation — installs cleanly and behaves as described in the markdown.
Registry listing for agent-configuration matched our evaluation — installs cleanly and behaves as described in the markdown.
Useful defaults in agent-configuration — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
I recommend agent-configuration for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
Keeps context tight: agent-configuration is the kind of skill you can hand to a new teammate without a long onboarding doc.
agent-configuration reduced setup friction for our internal harness; good balance of opinion and flexibility.
I recommend agent-configuration for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
showing 1-10 of 61