// Local-first analytics for AI agent skills. Use when user asks about skill usage, analytics, health, context budget, cost/burn rate, trigger conflicts, dead weight analysis, or wants to clean up unused skills.
| name | skillkit |
| version | 0.10.4 |
| description | Local-first analytics for AI agent skills. Use when user asks about skill usage, analytics, health, context budget, cost/burn rate, trigger conflicts, dead weight analysis, or wants to clean up unused skills. |
Production observability for AI agent skills. Monitors usage, detects conflicts, analyzes cost, and prunes what you don't use.
SkillKit is a standalone CLI. Run with bunx @crafter/skillkit <command> or install globally (bun i -g @crafter/skillkit).
skillkit scan - Discover skills + index session data (auto-runs on first use)skillkit scan --include-commands - Also track slash commands (not just skills)skillkit stats - Usage analytics with sparklines, streak count, weekly velocity (last 30 days)skillkit stats --all --days 90 - Full list over 90 daysskillkit stats --json - JSON outputskillkit list - Installed skills with size and context budgetskillkit health - Unused skills + metadata budget checkskillkit health --json - JSON outputskillkit sessions - Daily usage across all agentsskillkit graph - 52-week contribution heatmapskillkit graph --json - JSON outputskillkit auto - Auto-scan after Claude Code sessions (SessionEnd hook)skillkit context - Context tax: tokens + cost of CLAUDE.md, skills, memory per API callskillkit context --sonnet --turns 60 - Custom model pricing and session length (default: sonnet)skillkit context --opus / --haiku - Other model pricingskillkit context --json - JSON outputskillkit burn - Subscription burn rate analysis (cost, models, daily)skillkit burn --days 7 - Custom rangeskillkit burn --plan 200 - Monthly plan cost in USD (default: 200)skillkit burn --json - JSON outputskillkit conflicts - Detect trigger collisions between skillsskillkit coverage <skill-path> - Find dead weight (unreferenced sections + files)skillkit prune - List unused skillsskillkit prune --yes - Confirm deletionskillkit prune --skill <name> - Prune a single skillskillkit prune --yes --json - Confirm and output JSONskillkit trace <prompt> - Record skill execution trace (powers conflicts + coverage)skillkit trace --list - List recent tracesskillkit trace --list --json - List recent traces as JSONskillkit trace --show <id> - Show trace detailsskillkit trace --model <model> - Model to use for traceAny command accepts agent filters:
--claude, --cursor, --codex, --gemini, --windsurf, --amp, --goose, --kiro, --roo, --opencode
skillkit statsskillkit health then skillkit pruneskillkit contextskillkit burnskillkit conflictsskillkit coverage <path>skillkit graphskillkit sessionsskillkit stats -- auto-discovers and indexes everythingskillkit stats --all --days 90skillkit sessions then skillkit graphskillkit contextskillkit burnskillkit conflictsskillkit coverage ~/.claude/skills/my-skill/skillkit health then skillkit prune --yesDiscovers skills across 12 agents: Claude Code, Cursor, Codex, Gemini CLI, Windsurf, Amp, Continue, Goose, Kiro, Roo Code, Antigravity, OpenCode. Session connectors parse JSONL/JSON traces for Claude, Cursor, Codex, Gemini, and OpenCode. Deduplicates skills by name and inode. Self-healing DB deduplication on open. All data local in ~/.skillkit/analytics.db. Plan config stored in ~/.skillkit/config.json.
Read-only audit of a developer machine for npm/PyPI supply-chain compromise. Checks for known IOCs from the 2025-2026 wave — Shai-Hulud 2.0 (Nov 2025), Mini Shai-Hulud / TeamPCP (May 2026), Axios DPRK (Mar 2026), and any future campaigns added to the IOC pack. Scans persistence artifacts (LaunchAgent / systemd unit / Windows Run key / gh-token-monitor), payload files (router_init.js, setup_bun.js, bun_environment.js), compromised package versions in every node_modules under the user's project roots, C2 / typosquat domain strings (git-tanstack.com, api.masscan.cloud, sfrclak.com, getsession.org), malicious commit hashes (79ac49ee), payload SHA256s, optionalDependencies pointing at git refs, and files written during the published attack windows. Produces a PASS/FAIL verdict, IOC checklist, at-risk package list, phase summary, and 48h bake-period remediation. Use this skill whenever the user asks "am I affected by the npm attack", "scan my machine", "check if I'm infected", "is package X compromised", "audit my
Create Spotify playlists using spoti-cli CLI. Use when: (1) user wants a playlist, (2) user says "playlist", "spotify", "music for", "songs for", (3) user describes a mood or activity implying music ("deep work", "chill", "workout"), (4) user asks for music based on their day/vault/logs. Supports vault-aware playlist generation by reading Obsidian daily logs to infer mood and context.
Set up hierarchical Intent Layer (AGENTS.md files) for codebases. Use when initializing a new project, adding context infrastructure to an existing repo, user asks to set up AGENTS.md, add intent layer, make agents understand the codebase, or scaffolding AI-friendly project documentation.
Auto-generate Claude skills from documentation URLs using Firecrawl agent. Use when user wants to create a skill from docs, API references, or tool homepages. Asks up to 3 clarifying questions before deep extraction. Supports topic focus (e.g., "only auth endpoints") and outputs to local .claude/skills/ by default.