Audit-first skill and plugin manager for Codex, Claude Code, and Copilot CLI.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Sankios from gravatar.com Sankios

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Mattia Sanchioni
  • Tags ai , cli , codex , copilot , claude , skills , plugins
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

Skill Install ++ wordmark

Audit-first skill and plugin management for Codex, Claude Code, and Copilot CLI.

Keep ~/.skills as the source of truth, export only the discovery surfaces each client should see, and repair drift without guessing hidden client state.

CI Release PyPI Python License

Repository: skill-install-plus-plus | Package: skillpp | CLI: skillpp

Table of Contents

Why This Exists

AI assistant skill setups drift quickly once you mix:

  • standalone local skill folders
  • Git-backed skill repositories
  • hybrid repositories that export skills plus bundle metadata
  • plugin bundles with manifests, agents, hooks, and runtime files

Copies go stale, links diverge, and it becomes unclear which files are managed versus accidental.

skillpp gives those assets one managed home under ~/.skills, then projects only the explicit SKILL.md surfaces into client discovery roots.

It is intentionally conservative: audit first, mutate second.

What Skillpp Manages

  • Standalone local skills normalized into ~/.skills/custom
  • Git-backed skill repositories stored under ~/.skills/repos/<owner>/<repo>
  • Plugin bundles stored under ~/.skills/plugins/<publisher>/<name>
  • Explicit skill exposures for Codex, Claude Code, and Copilot CLI
  • Non-destructive alignment when client discovery roots drift away from managed state

Highlights

  • One managed source-of-truth tree under ~/.skills
  • Supports standalone skills, Git-backed repos, hybrid repos, and plugin bundles
  • Audit-first workflow for drift, broken links, legacy copies, and missing exposures
  • Safe alignment that creates missing links without rewriting unrelated client state
  • Public Python CLI available through uvx, uv tool install, and pipx
  • GitHub Actions CI plus PyPI release automation via Trusted Publishing

Support Matrix

Client Status Discovery root Notes
Codex Supported ~/.agents/skills Respects existing aggregate custom exposures where already in place
Claude Code Supported ~/.claude/skills Injects explicit skill surfaces only
Copilot CLI Supported ~/.copilot/skills Injects explicit skill surfaces only

Install

Try it without installing

uvx skillpp audit

Persistent install with uv

uv tool install skillpp

Persistent install with pipx

pipx install skillpp

Quick Start

  1. Audit the current managed state:
skillpp audit
  1. Bootstrap the current project into the managed tree:
skillpp bootstrap --source .
  1. Install a skill from GitHub:
skillpp install --repo jackwener/OpenCLI --path skills/opencli-browser
  1. Install a plugin bundle:
skillpp install-plugin --publisher acme --name suite --repo acme/suite
  1. Create missing non-destructive exposures:
skillpp align --apply
  1. Refresh managed repositories and git-backed bundles:
skillpp update

Source-of-Truth Model

Everything managed by skillpp lives under ~/.skills:

~/.skills/
|- custom/
|- repos/<owner>/<repo>/
|- plugins/<publisher>/<name>/
`- registry.json

Client discovery roots stay separate:

  • Codex: ~/.agents/skills
  • Claude Code: ~/.claude/skills
  • Copilot CLI: ~/.copilot/skills

This keeps the managed tree explicit while preserving each client's discovery model.

Why Audit-First Matters

Blind installers are convenient until they overwrite something you needed.

skillpp treats that as a design problem, not a user problem. The tool:

  • inventories managed sources before mutating discovery roots
  • surfaces legacy copies and mismatched links explicitly
  • creates only safe missing links during alignment
  • avoids guessing undocumented client plugin registries

That boundary matters most for larger bundles where exported SKILL.md files are only one part of the package surface.

Development

Run the test suite:

uv run python -m unittest tests.test_manager tests.test_cli -v

Build the package:

uv run --with build python -m build

Check built artifacts:

uv run --with twine python -m twine check dist/*

Release Model

skillpp is PyPI-first.

Recommended usage modes:

  • uvx skillpp ... for ephemeral runs
  • uv tool install skillpp for persistent installs
  • pipx install skillpp as a familiar Python CLI alternative

There is no npm package or npx wrapper in v1.

Contributing

Contributions are welcome. Start with CONTRIBUTING.md for development workflow, test expectations, and contribution scope.

Security

Security reporting guidance lives in SECURITY.md.

License

MIT. See LICENSE.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for Sankios from gravatar.com Sankios

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Mattia Sanchioni
  • Tags ai , cli , codex , copilot , claude , skills , plugins
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

0.1.2

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

skillpp-0.1.1.tar.gz (21.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

skillpp-0.1.1-py3-none-any.whl (15.8 kB view details)

Uploaded Python 3

File details

Details for the file skillpp-0.1.1.tar.gz.

File metadata

  • Download URL: skillpp-0.1.1.tar.gz
  • Upload date:
  • Size: 21.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for skillpp-0.1.1.tar.gz
Algorithm Hash digest
SHA256 112b64da4fead164eebf093ad1fb7a8001284719c6d36eff114277ee0598f5ab
MD5 662377c56222583b2cd4f68375320037
BLAKE2b-256 fa703f3638968eb9448f9125650e67409e4bbf845bd4b6a1df6a20601cfc0685

See more details on using hashes here.

Provenance

The following attestation bundles were made for skillpp-0.1.1.tar.gz:

Publisher: release.yml on sank96/skill-install-plus-plus

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file skillpp-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: skillpp-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 15.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for skillpp-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 5f3ea5033c0fafc12f9f38f308f49a17642ce5afdbcfb2e4bf232b631f345ec8
MD5 80016b94eda2152eb3724177f2bbd6c3
BLAKE2b-256 3c17446359da0af00f3700dbc60f5d7ae783ea3fcd891f5bb2f98379adfa576b

See more details on using hashes here.

Provenance

The following attestation bundles were made for skillpp-0.1.1-py3-none-any.whl:

Publisher: release.yml on sank96/skill-install-plus-plus

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page