JSPM

vskill

0.1.14
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 1457
  • Score
    100M100P100Q123926F
  • License MIT

Secure multi-platform AI skill installer — scan before you install

Package Exports

  • vskill
  • vskill/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (vskill) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

vskill

Secure multi-platform AI skill installer. Scan before you install.

# npm
npx vskill find remotion                             # search the registry
npx vskill install google/remotion                   # install after security scan

# bun
bunx vskill find remotion
bunx vskill install google/remotion

# pnpm
pnpx vskill find remotion
pnpx vskill install google/remotion

# yarn
yarn dlx vskill find remotion
yarn dlx vskill install google/remotion

Why?

  • 36.82% of AI skills have security flaws (Snyk ToxicSkills)
  • Zero versioning on major platforms — updates can inject malware silently
  • No pre-install scanning — you're trusting blindly

vskill fixes this with three-tier verification and version-pinned trust.

Commands

vskill find <query>          # Search the registry (alias: search)
vskill install <source>      # Install skill after security scan (alias: add, i)
vskill scan <source>         # Scan without installing
vskill list                  # Show installed skills with status
vskill submit <source>       # Submit for verification (owner/repo or GitHub URL)
vskill update                # Update with diff scanning

Replace vskill with npx vskill, bunx vskill, pnpx vskill, or yarn dlx vskill if not installed globally.

39 Agent Platforms

Works across Claude Code, Cursor, GitHub Copilot, Windsurf, Codex, Gemini CLI, Cline, Amp, Roo Code, and 30 more.

Three-Tier Verification

Tier Method Badge
Scanned 38 deterministic pattern checks Basic Trust
Verified Scanner + LLM intent analysis Recommended
Certified Full manual security review Highest Trust

Version Pinning

Every install creates a vskill.lock with SHA, scan date, and tier. Updates run diff scanning — new patterns flagged before install.

Registry

Browse verified skills at verified-skill.com.

License

MIT