Metehan Ariman.
Back to all posts
4 min read

Agent Skills Are Becoming the Vendor's Job

1,497 agent skills now sit in one repo, and the best ones come straight from Stripe, Cloudflare, Figma, and Anthropic. Here's why vendor-written skills change how you set up an agent—and five worth installing first.

aiagentsskillsmcpdeveloper-tools
Agent Skills Are Becoming the Vendor's Job

For a while, if you wanted your coding agent to be good at Stripe, or Cloudflare Workers, or Next.js, you wrote the guidance yourself. A markdown file with the conventions, the gotchas, the way things are supposed to be done. It worked. But it was your interpretation of someone else’s product, and it went stale the moment their API moved.

That part is quietly changing. The vendors are starting to write and maintain those skills themselves.

A repository called awesome-agent-skills now collects 1,497 of them in one place, with 26.7k GitHub stars and climbing. The count isn’t the interesting part. The author list is: Stripe, Cloudflare, Figma, Hugging Face, Anthropic, Vercel, Sentry, Netlify, Expo, Trail of Bits, Google. The companies whose tools you already build on.

What an agent skill actually is

A skill is a packaged set of instructions—sometimes with scripts attached—that an agent loads when the task calls for it. It’s procedural knowledge the model doesn’t have by default: how to handle a Stripe webhook correctly, how to structure a Cloudflare Worker, how to set up Sentry in a given framework. The agent reads it, follows it, and stops guessing.

The repo’s skills work across most of the agents people actually use day to day: Claude Code, Cursor, Codex, Gemini CLI, GitHub Copilot, Windsurf, and others. You drop a skill in, and the agent gets noticeably better at that one thing.

Why it matters who wrote it

A skill you write yourself is a snapshot of what you understood about a product on the day you wrote it. A skill the vendor writes is different in three ways that compound:

  • They know their own edge cases. The failure modes that only show up in production are the ones the vendor has already seen a thousand times.
  • They keep it current. When the SDK changes, the people who changed it update the skill. Your hand-written version doesn’t get that.
  • It’s canonical. Instead of stitching together a few blog posts of varying age, you’re reading one source maintained by the team that owns the API.

None of this means you can’t write your own. Sometimes you should—your codebase has conventions no vendor knows about. But for the generic “how do I use this product well” layer, starting from the vendor’s version saves you from re-deriving things they’ve already documented.

Five worth installing first

These are the ones I’d reach for first, picked to cover a normal build-and-ship loop rather than to make a list.

mcp-builder — Anthropic

Give it an API and it builds you a working MCP server. It’s written by the people who designed MCP in the first place, which is about as good as a reference implementation gets. If you’ve been hand-rolling MCP servers, start here.

stripe-best-practices — Stripe

Idempotency keys, webhook handling, the parts that are easy to get subtly wrong and expensive to get wrong in production. This encodes how Stripe’s own engineers would want an integration written.

workers-best-practices — Cloudflare

Reviews your Workers code against how it behaves in production, not the happy path you get from the quickstart. Useful precisely when something works locally and falls over at the edge.

insecure-defaults — Trail of Bits

Catches hardcoded secrets and weak crypto before they land in a commit. It comes from a firm that does security audits for a living, so it’s looking for the things that actually bite, not a generic lint list.

sentry-fix-issues — Sentry

Takes a live production error, pulls the context around it, and points at where the fix should go. It turns “an exception happened” into a starting point instead of a blank prompt.

The pattern underneath

This connects to something I wrote about earlier: agents moving inside the tools. Vendors shipping MCP servers and vendors shipping agent skills are two halves of the same decision. Both treat “can an agent use our product well” as a real surface to design for, alongside the human-facing UI.

A product now has two kinds of users: the person clicking through it, and the agent operating it on that person’s behalf. An MCP server gives the agent a way to act. A skill gives it the knowledge to act correctly. The companies investing in both are betting that the second user is here to stay.

How to start

Browse the repo, find the entries that match your stack, and drop them into your agent’s skills directory. It takes a few minutes and replaces an afternoon of reverse-engineering best practices out of someone’s docs.

The shift is small and easy to miss. But the next time you’re about to write a skill file for a tool you didn’t build, it’s worth checking whether the people who built it already did.

Back to all posts