In December 2025, Anthropic released the SKILL.md open standard — and OpenAI immediately adopted it for Codex CLI. Within weeks, an entire ecosystem exploded: 96,000+ skills on SkillsMP, 5,700+ on ClawHub, 17,000+ MCP servers on MCP.so.
But here's the problem: finding the right skill feels like drinking from a firehose. Some platforms have great search but terrible security. Others are safe but tiny. And 7% of one major registry literally leaks your API keys.
I spent a week mapping every platform, scanning for security, and testing quality. Here's the complete guide.
The Landscape at a Glance
AI Agent Skills Ecosystem (Feb 2026)
┌─────────────────────────────────────────────────────────┐
│ SKILL.md Standard │
│ (Claude Code / Codex CLI / Gemini CLI) │
└──────────────────────┬──────────────────────────────────┘
│
┌─────────────────┼─────────────────┐
│ │ │
Claude Code OpenClaw MCP Servers
Skills Skills (Universal)
│ │ │
SkillsMP (96K) ClawHub (5.7K) MCP.so (17K)
SkillHub (7K) awesome-oc (3K) mcpservers.org
awesome-* (many) LobeHub LobeHub MCP
Part 1: Claude Code Skills Platforms
Tier S: Official & Verified
| Platform | Size | Why Use It |
|---|---|---|
| Anthropic Official Skills | Reference | The gold standard. Study these to learn how to write good skills. |
| awesome-agent-skills | 380+ | Skills from official dev teams: Anthropic, Vercel, Stripe, Cloudflare, Sentry, HuggingFace, Expo. Start here. |
These are the only platforms where you can install without reading the source code first.
Tier A: Large Directories
| Platform | Size | Strength | Watch Out |
|---|---|---|---|
| SkillsMP | 96,751+ | Largest directory. Smart search. Claude/Codex/ChatGPT compatible. | No security audit. Quantity over quality. |
| SkillHub | 7,000+ | AI scoring on 5 dimensions (S/A/B/C rank). Multi-platform. | Score doesn't check for security flaws. |
Pro tip: On SkillHub, filter by S-Rank only. On SkillsMP, search by keyword then check the GitHub repo before installing.
Tier B: Curated Awesome Lists
| Repo | Focus | Notable |
|---|---|---|
| travisvn/awesome-claude-skills | Claude Code specific | Well-organized, includes resources and tools |
| ComposioHQ/awesome-claude-skills | Workflow customization | Good for automation-heavy setups |
| hesreallyhim/awesome-claude-code | Full ecosystem | Includes Trail of Bits security skills (20+ auditing tools) |
| sickn33/antigravity-awesome-skills | 800+ skills | Antigravity/Cursor compatible |
| karanb192/awesome-claude-skills | 50+ verified | Every skill tested before inclusion |
Part 2: OpenClaw Skills Platforms
The Official Registry
ClawHub — 5,705 skills, semantic search, CLI install (openclaw skill install <name>).
As of February 2026, ClawHub now integrates VirusTotal scanning for all new submissions. This was a direct response to the ClawHavoc incident (more on that below).
Community Collections
| Platform | Focus |
|---|---|
| awesome-openclaw-skills | 3,002 curated skills. Higher average quality than ClawHub. |
| BankrBot/openclaw-skills | Crypto/DeFi/trading automation niche |
| LobeHub OpenClaw | LobeChat ecosystem integration |
Part 3: MCP Server Platforms (Works With Everything)
MCP (Model Context Protocol) servers work with Claude Code, OpenClaw, and most AI agents. They're complementary to skills — skills teach behavior, MCP servers provide tool access.
| Platform | Size | Best For |
|---|---|---|
| MCP.so | 17,749 | Largest directory. Community-driven. |
| MCP Market | — | Clean UI, category browsing |
| mcpservers.org | — | The "awesome list" of MCP |
| LobeHub MCP | — | If you're in the LobeChat ecosystem |
| Cline Marketplace | — | One-click install for Cline users |
| Official MCP Servers | — | Anthropic-maintained. Reference implementations. |
Part 4: Security — Read This Before Installing Anything
The Incidents
ClawHavoc (Feb 2026): 341 malicious skills on ClawHub distributed macOS malware. Skills looked legitimate but contained obfuscated download-and-execute payloads.
Snyk ToxicSkills: Scanning the entire ClawHub registry revealed 7.1% of skills (283) leak API keys — hardcoded credentials in source code that get copied into your environment.
The Register investigation: Demonstrated how easy it is to backdoor OpenClaw skills and exfiltrate data through seemingly innocent file operations.
Security Tools
| Tool | Type | What It Does |
|---|---|---|
| SecureClaw | Open source | 55 automated audit checks, maps to OWASP Agentic Top 10 and MITRE ATLAS. Free. |
| SafeClaw Scanner | SaaS | Pre-install scan for malicious patterns, data exfiltration, excessive permissions. |
| ClawHub VirusTotal | Built-in | Automatic virus scanning on ClawHub (added Feb 2026). |
My Install Checklist
Before installing ANY skill from a non-official source:
[ ] Check the author's GitHub profile (age, other repos, stars)
[ ] Read SKILL.md — does the description match what the code does?
[ ] Search for network calls (fetch, http, curl, requests)
[ ] Search for file system writes outside the project directory
[ ] Search for environment variable reads (process.env, os.environ)
[ ] Run SecureClaw if it's an OpenClaw skill
[ ] Check if the skill asks for permissions it shouldn't need
Part 5: The SKILL.md Standard (Quick Reference)
All platforms now use the same format:
~/.claude/skills/my-skill/SKILL.md # Claude Code (personal)
.claude/skills/my-skill/SKILL.md # Claude Code (project)
~/.codex/skills/my-skill/SKILL.md # Codex CLI
Structure:
name: my-skill # becomes /my-skill slash command
description: "..." # used for auto-discovery
license: MIT
# My Skill
Instructions for the agent go here.
Keep under 500 lines / 5,000 tokens.
Compatible with: Claude Code, Codex CLI, Antigravity, Gemini CLI, Cursor, OpenCode.
My Recommendations
If you want safety first
Start with awesome-agent-skills. 380+ skills from Anthropic, Vercel, Stripe, Cloudflare, Sentry, HuggingFace, Trail of Bits. Every skill is from an official dev team.
If you want volume
SkillsMP has 96K+ skills with good search. But always check the source repo before installing.
If you want quality scoring
SkillHub S-Rank skills (9.0+/10) are generally solid. The AI scoring isn't perfect but filters out the worst.
If you're on OpenClaw
ClawHub + SecureClaw. Install SecureClaw first, then use it to audit everything else.
If you need MCP servers
MCP.so for discovery, official repo for reference implementations.
Numbers at a Glance
| What | Count |
|---|---|
| Total Claude Code skills across all platforms | ~100,000+ |
| Total OpenClaw skills (ClawHub) | 5,705 |
| Total MCP servers (MCP.so) | 17,749 |
| Official/verified skills (awesome-agent-skills) | 380+ |
| Known malicious skills removed (ClawHavoc) | 341 |
| Skills leaking API keys (Snyk scan) | 283 |
The agent skills ecosystem is growing fast — faster than anyone can curate. The SKILL.md standard was the inflection point that unified everything. But with 100K+ skills and counting, the real skill is knowing where to look and what to avoid.
Start small. Start official. Audit everything else.
Built with Claude Code. If you found this useful, follow me for more AI tooling deep dives.
Top comments (2)
Some comments may only be visible to logged-in visitors. Sign in to view all comments.