Trust & Safety

Trust & Safety

Last updated: 2026-06-30

Before you install anything, you should know exactly what happens. Here is an honest account of what our CLI does, what it explicitly does not do — and what we deliberately leave out.

What the CLI does

  • Detects locally which AI tools are installed (or you pick them with --tool).
  • Downloads only the skill files you unlocked, via a secured endpoint (token check).
  • Places them tool-natively — e.g. Claude Code: ~/.claude/skills/…
  • For Codex: updates only a marked block inside AGENTS.md — your own content is kept.
  • Open source (MIT): the full CLI code is public on GitHub — you can read exactly what the tool does.
  • Verifies the delivered files against server-side SHA-256 checksums (integrity check).
  • Asks before overwriting existing files in a terminal (with a notice on automated runs).

What the CLI does NOT do

  • Reads no project files, no .env, no API keys.
  • Sends no project content to us — only the token, skill name and detected tools leave your machine.
  • Installs no background services and runs no foreign remote scripts.
  • Writes only into the known skill paths — a double path guard (client and server) blocks writing outside them.
  • Changes no global system settings.

Install without the CLI & remove again

You do not have to use the CLI. Every skill is downloadable as a ZIP and can be copied manually into your tool’s skill folder — the contents are shown as a file tree on each skill page before you get anything.

Remove again — locally, no token. Deletes the skill folder for each tool and, for Codex, removes only our marked AGENTS.md block:

npx --yes @skills-for-ai/cli remove <skill>
CLI source on GitHub (MIT) →

Token & data

  • One token per skill — valid only for that skill, usable an unlimited number of times.
  • On a refund the token is revoked; after that it downloads nothing more.
  • We store no project content. A download only increments the download counter.
  • The endpoint runs over HTTPS; skill files live in private storage, not on a public CDN.
  • A rate limit on the delivery endpoint curbs automated abuse.

Security badges — what they mean

Instruction-only

Contains only instructions, templates and references — no executable scripts.

Contains scripts

May contain executable scripts. Take a quick look before running — the file tree shows everything.

Local

Runs entirely on your machine with your own AI — no external runtime, no running costs.

No external APIs

Does not call third-party services on its own.

Open standard

SKILL.md following the open agentskills.io standard — portable and inspectable.

Versioned

A fixed version + changelog per skill so updates stay traceable.

Compatibility per tool

Not every AI tool supports skills the same way. A skill is meant to be portable (SKILL.md), but each tool wires it in differently. Here is how to use it per tool:

ToolSkill supportInstall pathStatus
Claude CodeNative (auto-loads)CLI or folder ~/.claude/skillsStable
Codex CLIVia open standardCLI → .agents/skills (AGENTS.md merged)Stable
CursorVia project filesCLI → .agents/skillsUsable
GitHub CopilotVia project filesCLI → .agents/skillsUsable
Gemini CLIAs an extensionCLI → then “gemini extensions install”Stable
Windsurf / ClineVia skill folderCLI → skill folderUsable
Claude / ChatGPT (web)ManualPaste SKILL.md into a Project / Custom GPTManual

As of 2026-06-30 — tool support changes fast and we keep checking it. “Manual” means: it works, but without auto-discovery; you paste the SKILL.md yourself.

Ready? The detailed step-by-step installation (with a manual alternative) is here: Go to the install guide