Agent Skills & Prompt Collections
addyosmani/agent-skills
A production-grade pack of ~24 engineering "skills" plus 8 lifecycle slash commands that encode senior-engineer workflows and quality gates for AI coding agents.
Key Highlights & Risk Analysis
- Auto-activates: Distributed as Claude Code plugin. Includes a
SessionStarthook. - Invasiveness: Low-to-moderate. Hook script executes local
bashon every new session (needsjq). No network calls inside hook. - Telemetry & Cost: Completely offline. Hook does not call home. Adds meta-skill prompt token overhead each session.
- Credibility: Exceptional. Maintained by Addy Osmani (Google Chrome engineering leadership) and 38 contributors.
VIEW VERDICT & DETAILS
Verdict Rationale:
Highest-quality, best-maintained pack of the three; just be aware it adds a per-session shell hook and meta-skill token overhead (copy individual skills if you want to skip the hook).
Relevance to Vatsal:
Directly maps to his Claude Code "vibe coding" loop (FakeOut, Redo AI) and the skill files are clean reference material for the OpenClaw skill catalog. context-engineering, code-simplification, spec-driven-development, and security-and-hardening are the standouts for a fast-shipping solo builder.
shanraisshan/claude-code-best-practice
A living reference index and demo repository of Claude Code features and best practices—"from vibe coding to agentic engineering."
Key Highlights & Risk Analysis
- Nature: A rich knowledge base plus an orchestration demo rather than an installable library or core plugin.
- Invasiveness: Very low unless running the demo. Demo automatically triggers third-party MCP setups.
- Telemetry & Security: Documentation is completely offline. Opt-in remote services (Context7 and DeepWiki) will send queries to external backends.
- Maintenance: Single primary maintainer (Shayan Raisshan) despite high star count. Daily active updates.
VIEW VERDICT & DETAILS
Verdict Rationale:
INSTALL (as a bookmark/reference) — read it, mine it for patterns and content ideas; only vet hooks.py / .mcp.json if you run the demo.
Relevance to Vatsal:
Builder workflow. This is the best single map of current Claude Code capabilities — directly useful for getting more out of his daily Claude Code usage and for TechWithVatsal content (it's a ready-made feature checklist for explainer videos).
coreyhaines31/marketingskills
45 marketing-focused agent skills (SEO, copywriting, ads, cold email, social, etc.) for AI coding agents. Built for technical marketers and founders.
Key Highlights & Risk Analysis
- Prompt Bias / Affiliate Marketing: Prompts are laced with pervasive referral links and affiliate tags back to the author's commercial entities (Conversion Factory, Swipe Files).
- SaaS Bias: Almost all strategies assume and drive toward paid third-party tools (HubSpot, GA4, Klaviyo).
- Invasiveness: Low. Installs Markdown files locally, with zero local daemon setups. No system modification risks.
- Maintenance: Very high. Strong backing by Corey Haines and 23 contributors. Highly active.
VIEW VERDICT & DETAILS
Verdict Rationale:
CAUTION — genuinely useful, well-built marketing skills worth cherry-picking, but install specific skills (not the whole pack) and read past the pervasive affiliate-link bias toward the author's paid offerings.
Relevance to Vatsal:
Builder workflow (content/marketing side). Direct fit for his LinkedIn/X AI-builder audience growth and for marketing FakeOut/Redo AI — copywriting, cro, social, launch, and ai-seo are high value. Less relevant to the core agent stack.
Self-Hosted Applications
spacedriveapp/spacedrive
A cross-platform, cross-device file explorer and virtual "data platform" indexing and syncing local files and third-party volumes via direct P2P.
Key Highlights & Risk Analysis
- Telemetry Alert: Phones home by default (opt-out config
telemetry_enabled: trueinside the backend engine configuration). - License Shift: Shifted to Functional Source License (FSL-1.1-ALv2) — non-OSI source available.
- Software Maturity: Perpetual alpha state. Absolutely no tagged release since 0.4.3 (March 2025). Heavy churn on v2 rewrite.
- Security Surface: Multi-device peer synchronization is direct, but wide local read permissions. Optional Spacebot allows remote command execution.
VIEW VERDICT & DETAILS
Verdict Rationale:
CAUTION — fascinating tech and agent-safe file model, but years-long alpha, no release in 14+ months, telemetry on by default, and source-available (not OSS) license. Worth watching, not worth depending on yet.
Relevance to Vatsal:
Builder workflow (with a homelab edge). It does not replace Plex or media-acquisition systems. Telemetry-on-by-default, the FSL relicense, and perpetual-alpha combo run directly counter to his clean, private, reproducible homelab standards.
maxdorninger/MediaManager
A modern self-hosted manager for tv/movie library cataloging and automation. Pitching itself as the modern unified Arr-stack successor.
Key Highlights & Risk Analysis
- Lightweight Deploy: Super easy 2-container Docker setup (fastapi + postgres). Perfect for homelabs.
- Security Surface: Contains solid session authentication structure. You must change default compose Postgres creds.
- Zero Telemetry: No tracking seen. However, metadata lookups hit the developer's relay server by default (can easily be self-hosted instead).
- Active Health: Rapid development velocity, healthy beta-to-stable cycle with active triage.
VIEW VERDICT & DETAILS
Verdict Rationale:
INSTALL (trial) — clean Docker deploy, AGPL, no telemetry, native Transmission support, fits the Plex homelab; only friction is adding Prowlarr alongside his existing Jackett.
Relevance to Vatsal:
Homelab/media — directly in his lane. Drives Transmission and uses Prowlarr. He'd need to add Prowlarr to use it, but single clean UI + real OIDC auth fits his self-hosting cleanliness bias perfectly.
Build & Development Tools
HKUDS/DeepCode
An open agentic coding framework specializing in turning PDFs/papers, text, or specifications directly into fully functioning software repositories.
Key Highlights & Risk Analysis
- CRITICAL Exec Risk: Executes LLM-generated code locally by design. In
--localhost execution mode, the safety blocklist is purely substring-based and trivially bypassed. - Sandboxing: Highly recommended to ONLY deploy and run via Docker container virtualization.
- Resource Cost: Insanely token-hungry. Uses massive context windows and multiple agents across hundreds of debug iterations.
- Telemetry & Health: No analytical phone-home found. Actively backed by HKU Data Intelligence Lab.
VIEW VERDICT & DETAILS
Verdict Rationale:
CAUTION — Powerful and well-maintained, but it runs LLM-generated shell/Python with a near-useless blocklist; only run it in Docker mode, never --local on the homelab box where keys and configs live.
Relevance to Vatsal:
Builder workflow / AI prototyping. Genuinely useful tool to reproduce an ML research paper into local code automatically. Extremely cool research tool, but keep it strictly virtualized.
zarazhangrui/frontend-slides
A high-performance agent skill package for composing visual, slick, animation-rich presentation slides with zero dependencies.
Key Highlights & Risk Analysis
- Nature: Pure file/template skill package, no local background process runs. Exceptionally low footprint.
- Security Surface: Safe. Local helper scripts are completely local (PDF export runs a transient localhost server/browser).
- Telemetry & Cost: Completely offline. No usage or telemetry tracking found.
- Sync Opportunity: Regularly pulls outstanding style update modules from its upstream beautiful template repository.
VIEW VERDICT & DETAILS
Verdict Rationale:
INSTALL (low risk) — but you already have it. Safe, free, file-only; main action is to re-sync the upstream for new templates rather than install net-new.
Relevance to Vatsal:
Builder workflow / content creator. Great tool for visual previews and slide creation, but it is already installed in the local workspace. Re-syncing for updates is recommended.