Skills: force AI to ship production-ready code.
AI tools don't always produce production-quality code. AgentSystem Skills are 37+ tested, opinionated workflows that turn raw model output into clarified, planned, reviewed, and tested work — every time, on every project.
Works with Claude Code, Claude Agent SDK, Cursor, and Codex.
# In Claude Code
/plugin marketplace add https://github.com/AgentSystemLabs/core
/plugin install agentsystem-core@agentsystem
# Then just run
/ship "describe your goal"Vibe-coding ships features. It doesn't ship production code.
Without structure, AI agents skip clarification, duplicate utilities, ignore conventions, leak server code into client bundles, blow past review gates, and declare done before the code has been run. Skills encode the discipline a senior engineer would apply — clarify, plan, review, verify — and refuse to skip the gates that catch the failures.
Gated, not free-form
Every workflow has approval gates, review gates, and verification steps. The agent doesn't decide when to skip — the skill does, and it tells you when it's skipping and why.
Read before write
Skills explore the existing code, find utilities to reuse, and audit which CRUD surfaces touch the artifact before generating a line of new code.
Run, don't claim
Type checks verify code shape, not behavior. Skills execute the new code path — open the page, hit the endpoint, run the script — before declaring done.
No silent bypass
Skills never reach for --no-verify, any, or skipped tests to make a check go green. Bypasses are the failure mode they exist to prevent.
Three ways to get the skills.
Pick the path that matches your harness. Skills install as plain SKILL.md files any compatible agent can read.
Claude Code marketplace
The fastest path. Three commands inside Claude Code and the skills are wired in.
/plugin marketplace add https://github.com/AgentSystemLabs/core
/plugin install agentsystem-core@agentsystemCursor, Codex, OpenCode & more
Install into any SKILL.md-aware agent with the @agentsystemlabs/core CLI. One command lays the full skill bundle down where your agent looks for it.
# Install into the current project (Claude Code default)
npx @agentsystemlabs/core init
# Target a specific harness
npx @agentsystemlabs/core init --harness codex
npx @agentsystemlabs/core init --harness cursor
# Install globally (user directory)
npx @agentsystemlabs/core init -g
# List available skills without installing
npx @agentsystemlabs/core listSource & docs
Browse every skill, read the SKILL.md, file an issue, or send a PR. Everything is open under the MIT license.
/ship picks the right workflow and depth for you.
Hand /ship any engineering goal. It classifies your intent, infers a depth mode from risk signals, announces the pipeline, and routes to the matching core skill. It deliberately stops at "code is production-ready" — you choose how to publish.
Intent from phrasing
"add", "build", "implement" → CREATE. "modify", "extend" → EVOLVE. "broken", "didn't trigger" → FIX. "remove", "deprecate" → REMOVE. "polish", "UX pass" → POLISH. "audit the codebase" → AUDIT.
Mode from risk signals
Auth, payments, migrations, jobs, webhooks, destructive deletes → production. Cosmetic single-file copy edits → fast. Everything in between → balanced. You can override with mode=fast|balanced|production.
Hand off to the core skill
/add-feature, /modify-feature, /polish-ui, /remove-feature, /fix-bug, or /audit — with the resolved mode and any include= / skip= overrides.
# auto-infer everything
/ship "add stripe webhook handler" → CREATE + production (payments)
/ship "tweak the navbar color" → EVOLVE + fast (cosmetic)
/ship "the login button doesn't redirect" → FIX + balanced
/ship "delete the old beta-flags page" → REMOVE + balancedSix skills cover the full build cycle.
Each accepts mode=fast|balanced|production plus include= / skip= overrides. Call them directly when you don't want /ship to orchestrate.
Autopilot front door
Classifies your goal as CREATE / EVOLVE / POLISH / REMOVE / FIX / AUDIT, picks fast vs balanced vs production depth from risk signals, and routes to the right core skill. Stops at code-ready — never pushes.
End-to-end feature delivery
Clarify → explore → design → plan-approval gate → implement → verify → gated reviews → tests. Enforces UI-convention parity so new modals and forms match existing siblings.
Extend an existing feature
Pre-flight interrogates the proposed shape, surfaces alternative seams, audits shifted contracts, then runs gated checks. Lighter than add-feature, sharper than a one-shot edit.
Diagnose silent failures
Leads with the runtime contract — trigger, dispatch, receive, observe — before hypotheses. The skill that turns 'should work but didn't' into a literal evidence trail.
Leaf-first deletion
Persisted-data-aware deletion: rows holding values from removed enums or columns are first-class concerns, not afterthoughts. Honors fast / balanced / production modes.
Whole-codebase tech-debt sweep
Maps architecture + data flow, then orchestrates every audit-* skill and reviewer-* subagent across the repo. Mechanical fixes inline; structural fixes gated per-item.
Skills the core workflow fans out to keep code shippable.
Invoked by /add-feature, /modify-feature, and /audit when their gates trigger — or callable directly when you want a focused pass.
UX polish checklist
Apply the polish checklist to existing UI without changing behavior. Auto-fixes mechanical gaps — kbd hints, focus management, disabled states, footer chrome — inline.
Diff-scoped refactor
Parallel fan-out across Reuse, Quality, and Efficiency. Catches magic numbers, parallel-enum drift, repeated literals, oversized files. Safety-net rule before each fix.
Strip dangerous escape hatches
Removes `any`, dangerous casts, missing return types, missing boundary validation. Mechanical / structural / legitimate classification — never blindly strips intent.
Domain model migration
Update types, state machines, vocabulary, and persisted data to match changed business requirements. Migrates persisted-data values as a first-class step.
Safe schema changes
Additive / mutating / destructive taxonomy with explicit multi-step rollout. Catches NOT-NULL-on-populated-table, CONCURRENTLY-missing indexes, DEFAULT now() per-row gotchas.
Structured logging at boundaries
Instruments HTTP, webhook, queue, IPC, and file-write boundaries with leveled logs and typed error reports. Replaces silent failure paths with explicit telemetry.
The post-merge work most agents drop on the floor.
/ship stops at code-ready. These skills pick up where it leaves off — and they're as gated as everything else.
Logically-grouped commits
Splits the working tree into ordered commits — schema → backend → frontend, deps before consumers, types before usages. Detects conventional-commits style. Never pushes.
PR from full commit range
Three-dot diff, draft detection, mandatory confirmation gate, release-risk briefing baked in. The PR body summarizes the whole branch, not just the last commit.
Versioned release
Multi-manifest detection (package.json, pyproject.toml, Cargo.toml, plugin marketplaces), diff-driven version bump, dirty-tree refusal, push confirmation gate.
Resolve PR review threads
Fans out one subagent per unresolved thread, one commit per addressed comment, replies and resolves via the GitHub API. Sequential — never blasts force-pushes.
Keep docs in lockstep
Updates Swagger / README / ADRs / .env.example / setup guides after code changes. Edits in place — never creates new doc files. Reports gaps it didn't auto-fix.
Tests that match the codebase
Detects the existing test harness (Vitest, Jest, pytest, go test), inherits naming and mocking conventions, wires a smoke test before generating the rest.
Read-only audits the skills fan out to.
Sixteen specialized subagents ship alongside the skills. They run read-only on the diff, return severity-ranked findings with file:line refs and concrete fix snippets, and never edit files. The orchestrating skill decides what to apply.
Missing access checks, IDOR, role-without-scope, unsigned webhooks on every server entry point.
Logged secrets, SSRF, unsafe uploads, dangerous HTML, open redirects, missing rate limits.
NOT NULL without backfill, orphan-creating deletes, missing constraints, unsafe migrations.
Producer / consumer drift — server-fn ↔ client, zod ↔ DB, route params ↔ links, stale generated clients.
Double-submit duplicates, missing webhook idempotency, read-modify-write races, stale async writes.
N+1 queries, missing indexes, oversized SELECT *, sequential awaits, unbounded fetches, missing virtualization.
Icon buttons missing names, dialogs missing focus trap, unbound labels, missing alt text — diff-scoped.
Server-only modules in client bundles, non-public env vars in client files, heavy deps added to first-load.
Free, open source, MIT licensed.
Install once, get every skill we ship — current and future. No SKU, no upsell, no rate limits.
/plugin marketplace add https://github.com/AgentSystemLabs/core
/plugin install agentsystem-core@agentsystem