DEV Community

Cover image for 15 skills your Claude agent is embarrassed you haven’t installed yet the ones 6-figure devs actually use
<devtips/>
<devtips/>

Posted on

15 skills your Claude agent is embarrassed you haven’t installed yet the ones 6-figure devs actually use

#ai #claude #webdev #programming

A raw Claude is a brilliant engineer with no project context. These 15 SKILL.md files fix that and a few of them will genuinely change how you ship.

There’s a moment every developer hits with their AI coding agent. You ask it to build something, it confidently generates code, and the output is… technically correct. Functional. And completely forgettable. Generic UI that looks like every SaaS from 2022. A schema that’ll collapse at scale. No security pass. No diagram in the repo. Just vibes and a green checkmark.

That’s not the agent’s fault. That’s a skills problem.

Something shifted quietly in late 2025. Coding agents stopped being autocomplete on steroids and started becoming actual collaborators building features, running tests, writing docs, executing deploys. But a raw Claude, Cursor, or Gemini CLI without skills is like a senior engineer on day one: sharp as hell, but missing all the project-specific context that makes them dangerous in a good way.

SKILL.md files are how you fix this. They’re specialized playbooks instructions, templates, and context that agents can call on for a specific class of task. Install the right ones and your defaults change. You stop getting first drafts. You start getting second drafts that are already worth reviewing.

TL;DR: There are 15 skills that cover roughly everything your agent gets wrong without guidance design quality, code cleanliness, live web access, data access, security, database architecture, visual docs, video, workspace automation, and structured workflows. This is the list.

Output quality because “it works” isn’t good enough anymore

1. Frontend design

Ask any coding agent to build a landing page without guidance and you’ll get the same output every time. Inter font. Purple gradient. Three feature cards in a grid. A hero section that says “Ship faster with AI.” It’s not wrong it’s just that every other AI-generated product on the internet looks exactly the same.

Anthropic calls this distributional convergence. Models trained on the statistical center of design decisions reproduce the statistical center. The frontend-design skill breaks that pattern. It gives the agent a design philosophy and system before it touches any code bold aesthetic choices, purposeful typography, animations that feel intentional rather than decorative. Over 277,000 installs as of early 2026. The before/after difference is not subtle.

npx skills add anthropics/claude-code --skill frontend-design

Then just invoke /frontend-design and describe what you're building. That's it. Your agent stops shipping beige.

2. Code reviewer

Agents write fast. They review poorly. Left to their defaults, most produce code that passes a quick read but quietly accumulates debt duplicated logic, functions doing three jobs, missing error handling on async calls, TypeScript any types that'll haunt you in six months.

The official simplify skill from Anthropic runs a structured review pass over any code the agent writes or modifies before it reaches you. It catches duplicated patterns, extracts reusable utilities, flags performance issues, and fixes them. You receive the second draft, not the first.

npx skills add anthropics/claude-code --skill simplify

Pair it with a review checklist in your CLAUDE.md and it becomes project-aware it knows your naming conventions, your TypeScript strictness level, your preferred abstraction patterns. The code that comes out the other side looks like a senior dev reviewed it, because something did.

3. Doc coauthoring

Documentation is the skill that every developer agrees is important and nobody does consistently. The doc-coauthoring skill from the Antigravity library changes the default: every implementation the agent ships comes with structured docs function signatures, usage examples, edge cases, and architecture notes generated as part of the workflow, not bolted on afterward.

npx antigravity-awesome-skills --claude
# Then invoke: /doc-coauthoring

It won’t write your engineering blog post. But it will make sure the README actually explains what the code does, which is somehow still a controversial ask in 2026.

Real-world automation the agent finally leaves the house

4. Browser use

Coding agents are blind to the live web. They can write a scraper, they can describe what a page looks like from training data, but they cannot interact with it. If your workflow requires filling a form, verifying that a deployed feature actually works end-to-end, or researching something behind a JavaScript render wall you’ve hit the ceiling. Every time.

Browser use removes that ceiling. It connects your agent to a real headless browser instance. Navigate URLs, click elements, fill forms, extract content, take screenshots, interact with complex UIs all from a natural language prompt.

npx skills add https://github.com/browser-use/browser-use --skill browser-use

The practical unlock here is massive. “Check that our signup flow works on staging and screenshot any errors” is now a one-liner. “Find the three most recent funding announcements in climate tech and summarize the investors” the agent actually opens pages, reads them, and synthesizes from the live web, not cached training data. That distinction matters more than most people realize.

5. Google Workspace (GWS)

Google shipped the gws CLI in early 2026 and it hit 4,900 GitHub stars in three days. That number tells you everything about how badly developers needed this.

gws dynamically discovers all 50+ Google Workspace APIs through Google's Discovery Service and exposes them through a single unified interface with a built-in MCP server. One command and your agent has full access to Gmail, Drive, Calendar, Sheets, Docs, Chat, and Admin.

npm install -g @googleworkspace/cli
gws mcp -s drive,gmail,calendar,sheets
npx skills add https://github.com/googleworkspace/cli

Any workflow that currently involves you copying between Google apps email drafts, calendar events, status updates to Sheets, meeting notes into Docs is now something the agent handles. For teams running on Workspace, this is the skill that closes the gap between “agent that codes” and “agent that operates.”

Data access because the real world lives behind paywalls

6. Valyu

Coding agents are excellent at working with code. They’re genuinely bad at working with the real world because the real world is locked behind proprietary databases, paywalls, and specialized APIs that general-purpose search can’t touch.

Building a financial research tool? You need SEC filings. Building something biomedical? You need PubMed and ChEMBL. Economic dashboard? FRED and BLS. Without those sources, your agent generates plausible-sounding but outdated or quietly fabricated information. Confident hallucinations dressed up as research.

The Valyu skill connects your agent to 36+ specialized data sources through a single API SEC 10-K filings, PubMed, ChEMBL (2.5M bioactive compounds), ClinicalTrials.gov, FRED economic indicators, patent databases, and quality web search, all in one call.

npx skills add https://github.com/valyuai/skills --skill valyu-best-practices

Once installed, targeted searches look like this:

from valyu import Valyu
client = Valyu(api_key="your-key")

# Pull from SEC filings specifically
result = client.search(
  query="risk factors in latest 10-K filings for semiconductor companies",
  search_type="proprietary",
  included_sources=["valyu/valyu-sec-filings"],
  max_num_results=5
)
# Cross-source biomedical search
result = client.search(
  query="GLP-1 receptor agonists drug interactions clinical trial outcomes",
  search_type="all",
  included_sources=["valyu/valyu-pubmed", "valyu/valyu-chembl"],
  max_num_results=10
)

On the FreshQA benchmark 600 time-sensitive queries Valyu scores 79% versus Google’s 39%. On finance-specific queries, 73% versus 55%. The gap between a demo and a tool people actually use is often just access to authoritative, current data. This is that access.

7. Antigravity Awesome Skills

Every agent skill problem you have, someone else has already solved. The solutions are just scattered across GitHub repos, Discord servers, and blog posts you haven’t found yet. You write a SKILL.md from scratch for PR creation, API design review, security auditing and somewhere out there a battle-tested version of that exact file already exists with 200 iterations of improvement baked in.

Antigravity Awesome Skills is the answer to that. A community-maintained library of 1,234+ agent skills compatible with Claude Code, Cursor, Gemini CLI, Codex CLI, and more. 22,000+ GitHub stars. 3,800+ forks. Updated to v7.3.0 as of early 2026.

# Install everything for Claude Code in one shot
npx antigravity-awesome-skills --claude

# Or target your tool
npx antigravity-awesome-skills --cursor
npx antigravity-awesome-skills --gemini

The skills worth knowing immediately after install:

/brainstorming    # structured planning before you write a single line
/architecture     # system design and component structure
/security-auditor # adversarial code review
/api-design-principles # REST shape, consistency, versioning
/create-pr        # clean commits, clean PRs, no nagging required
/doc-coauthoring  # structured docs as part of the workflow

Rather than drowning in 1,234 options, Antigravity ships role-based bundles. The Essentials bundle /brainstorming, /architecture, /debugging-strategies, /doc-coauthoring, /create-pr covers roughly 80% of what most developers need daily. Install that, then add specialized skills as projects demand them.

The real value isn’t any individual skill. It’s removing the “I should build a skill for that” backlog permanently.

Infrastructure and security the stuff that bites you in production

8. PlanetScale database skills

Database work is where agents make their worst mistakes. Not the obvious ones the quiet ones. A schema design that works fine at 100 rows and quietly dies at 100,000. A query missing an index that nobody catches until the first traffic spike. Foreign key conventions that break horizontal scaling six months later when it’s genuinely painful to fix.

Agents treat databases like any other code. They write something that runs and move on. The PlanetScale skill changes that default by giving your agent deep context about schema design, query performance, branching workflows, and the specific conventions that keep MySQL-compatible databases maintainable at scale.

# Install the PlanetScale CLI
brew install planetscale/tap/pscale

# Authenticate
pscale auth login
# Install the skill
npx skills add planetscale/agent-skill

The branching model is the real unlock here. PlanetScale maps database changes to git you create a branch per feature, review it like a PR, merge when ready, never touch production schema directly. With the skill installed, your agent handles this entire workflow automatically:

# Agent creates a branch, designs the schema, verifies indexes, opens a deploy request
pscale branch create mydb add-user-prefs
pscale deploy-request create mydb add-user-prefs

Here’s the difference the skill makes on query generation:

-- Agent without skill writes this
SELECT * FROM orders WHERE status = 'pending' AND created_at > '2026-01-01';

-- Agent with PlanetScale skill writes this and explains why
SELECT id, user_id, total, created_at
FROM orders
WHERE status = 'pending'
AND created_at > '2026-01-01';
-- Added: INDEX idx_status_created (status, created_at)
-- Avoided SELECT * - only fetch columns needed
-- Estimated query time at 10M rows: ~2ms with index vs ~8s without

That annotation at the bottom is the skill talking. Database decisions made on day one are the hardest to undo on day 365. An agent that knows this by default is worth a lot.

9. Shannon autonomous AI pentester

Security testing is the step most teams skip not because they don’t care, but because it’s expensive, slow, and requires specialized adversarial thinking that doesn’t come naturally when you’re in feature-shipping mode. A traditional pentest costs thousands and returns a PDF two weeks later. Manual code review catches some vulnerabilities and misses others depending on whoever happened to review it that day.

Shannon is an autonomous pen testing agent that runs against your local or staging environment, executes real exploits, and reports only the vulnerabilities it can actually prove. No false positives. No scanner noise. Either it exploits the vulnerability or it doesn’t report it.

npx skills add unicodeveloper/shannon

Running it is straightforward:

# Full pentest against a local app
/shannon http://localhost:3000 myapp

# Target specific vulnerability categories
/shannon --scope=xss,injection http://localhost:8080 frontend
# Check status mid-run
/shannon status
# Pull the report
/shannon results

Shannon covers 50+ vulnerability types across 5 OWASP categories SQL injection, XSS (reflected, stored, DOM-based), SSRF, broken authentication, IDOR, privilege escalation, path traversal. It runs everything inside Docker, enforces an authorization gate at every invocation, and costs roughly $50 per full pentest using Claude Sonnet.

The benchmark that matters: 96.15% exploit success rate on the XBOW security benchmark. 100 out of 104 confirmed exploits.

Most codebases have vulnerabilities that survive code review because reviewers aren’t thinking adversarially while reading feature code. Shannon is the adversarial pass. Run it against every staging deployment and stop shipping confirmed broken security to production.

Important: Shannon executes real attacks. Only run it against systems you own or have explicit written authorization to test.

Visual communication diagrams and videos your agent actually generates

10. Excalidraw diagram generator

Architecture decisions, system designs, data flow explanations these live in Slack threads and whiteboard sessions that nobody records. Code comments describe what something does. Diagrams show why it’s structured that way. Most agents can describe an architecture in text. Almost none generate a diagram worth sharing without you redrawing it yourself afterward.

The Excalidraw diagram skill changes that. It generates production-quality Excalidraw diagrams from natural language, but what separates it from simpler tools is the design philosophy baked in diagrams that argue, not just display. Fan-out structures for one-to-many relationships. Timeline layouts for sequential flows. Visual structure that maps to conceptual structure instead of defaulting to uniform card grids.

npx skills add https://github.com/coleam00/excalidraw-diagram-skill --skill excalidraw-diagram

Then describe what you need:

/excalidraw-diagram Create a diagram showing how a request flows through
our API gateway, auth middleware, and downstream services
/excalidraw-diagram Generate an architecture diagram for a multi-tenant SaaS
with separate database schemas per tenant and a shared analytics layer
/excalidraw-diagram Draw a sequence diagram for our OAuth2 PKCE flow
including the browser, authorization server, and resource server

The self-validation loop is what makes this actually usable. The skill generates the Excalidraw JSON, renders it to PNG via Playwright, reviews its own output for overlapping text and misaligned arrows, fixes the problems, then delivers the final file. You get a diagram you can publish, not a first draft you’d be embarrassed to share in a PR.

Brand colors live in references/color-palette.md edit once, every diagram follows your palette automatically.

Diagrams are the artifact that outlives the conversation that created them. A good architecture diagram in the repo communicates decisions to engineers joining six months later, explains the system to stakeholders who won’t read the code, and forces you to think through edge cases that prose descriptions quietly paper over. An agent that generates these by default closes the documentation gap that every fast-moving team silently carries.

11. Remotion

Videos communicate things documentation cannot. But video production has always meant a completely different workflow different tools, different timelines, different people. Most developers ship features without demos because the cost-to-value tradeoff never made sense for a single release.

Remotion removes that excuse entirely. It’s a React framework for creating videos programmatically instead of a timeline editor, you write components. Animation is just state changing over time. The Remotion agent skill translates natural language into working Remotion components.

npx skills add remotion/agent-skills

The workflow is exactly what you’d want:

/remotion Create a 30-second product demo showing our API dashboard
with animated charts and smooth transitions

The agent generates export-ready Remotion code:

import { AbsoluteFill, useCurrentFrame, interpolate } from "remotion";

export const ApiDemo = () => {
  const frame = useCurrentFrame();
  const opacity = interpolate(frame, [0, 30], [0, 1]);
  return (
    <AbsoluteFill style={{ backgroundColor: "#0a0a0a", opacity }}>
      <DashboardAnimation frame={frame} />
    </AbsoluteFill>
  );
};

Preview in Remotion Studio, render to MP4, done. Product demos, release announcements, animated README headers, explainer videos any developer is now capable of video production without leaving their editor or learning a new tool stack.

Workflow and architecture the invisible scaffolding that makes everything else work

12. CLAUDE.md the agent’s project bible

This one isn’t a slash command you invoke. It’s a file you create once and your agent reads on every session. CLAUDE.md is how you give your agent persistent project context the stuff a new engineer would learn in their first two weeks that nobody ever writes down anywhere.

## Project context
This is a multi-tenant SaaS. Every database query must scope by tenant_id.
Never use SELECT *. All async operations need error handling.
## Code review standards
After any implementation, check for:
- Functions longer than 30 lines (probably doing too much)
- Logic duplicated more than twice (extract to utility)
- Any any type in TypeScript (replace with real types)
- Missing error handling on async operations
## Workflow
Run /simplify before presenting code.
Run /create-pr when work is ready for review.

Without this file, you repeat context on every session. With it, your agent arrives already knowing your conventions, your constraints, and your standards. It’s the single highest-leverage thing you can add to a project that takes under ten minutes to set up.

Full documentation at docs.anthropic.com.

13. Create-PR

Clean commits are a courtesy to the future version of you who has to debug something at midnight. Most developers know this. Most agents don’t without guidance they ship everything in one blob commit with a message like “updated files.”

The create-pr skill from the Antigravity library fixes this. It packages completed work into structured pull requests automatically logical commit grouping, descriptive messages, PR description with context, linked issues where relevant.

# Already installed if you ran:
npx antigravity-awesome-skills --claude

# Invoke after completing a feature
/create-pr

Your agent goes from dumping code into a branch to opening a PR a senior dev would actually want to review. Small change, surprisingly large quality-of-life improvement.

14. Architecture

The most expensive mistakes in software happen before the first line of code. A wrong data model. A service boundary that makes sense today and creates six months of pain when requirements shift. An API shape nobody can extend without breaking existing consumers.

The /architecture skill from the Antigravity library runs structured system design before implementation begins. It thinks through component boundaries, data flow, scalability constraints, and integration points and documents the decisions so your future self knows why things are shaped the way they are.

/architecture Design the data model for a multi-tenant SaaS
with per-tenant schema isolation and shared analytics

/architecture Plan the service boundaries for an e-commerce backend
handling orders, inventory, payments, and notifications

I used to skip this step because it felt slow. Then I spent three weeks refactoring a data model that was obvious in hindsight and painful in practice. The skill takes five minutes. The refactor took three weeks. The math is pretty clear.

15. Debugging strategies

Every developer has been there. A bug that makes no sense. You’ve read the code four times. You’ve added logs. You’ve stared at the stack trace until the letters stopped meaning anything. You rubber duck it to a colleague and halfway through your explanation you hear yourself say the answer out loud.

The /debugging-strategies skill is the rubber duck that actually bites back. It runs a systematic troubleshooting playbook hypothesis generation, isolation steps, binary search through the call stack, reproduction case construction instead of just staring at the error and suggesting you restart the server.

/debugging-strategies This function returns undefined intermittently
but only in production, never locally. Here's the stack trace: [paste]

What comes back isn’t a guess. It’s a structured investigation likely causes ranked by probability, specific tests to isolate each one, and a clear path to a reproduction case. The agent that spotted an N+1 query I’d been living with for two weeks didn’t do it through magic. It did it because it was actually running the playbook.

These four skills are the least glamorous on the list and probably the ones that compound the most over time. Frontend design is visible immediately. A well-structured CLAUDE.md, clean PRs, intentional architecture decisions, and systematic debugging that's the difference between a codebase that's still maintainable in a year and one that's a cautionary tale in a team retrospective.

Which skill changed how you work? Drop it in the comments genuinely curious what the community has found that isn’t on this list yet.

Helpful resources

Top comments (0)