A curated list of skills, tools, tutorials, and capabilities for AI coding agents (Claude, Codex, Antigravity, Copilot, VS Code)
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"filesystem": {
"args": [
"-y",
"@modelcontextprotocol/server-filesystem",
"/Users/username/Desktop"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
English | 繁體中文 | 简体中文 | 日本語 | 한국어 | Español
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'skills' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability
## Technical Description The `OpenAPIProvider` in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The `RequestDirector` class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the `_build_url()` method. When an OpenAPI operation defines path parameters (e.g., `/api/v1/users/{user_id}`), the system directly substitutes parameter values into the URL template string **without URL-encoding**. Subsequently, `urll
FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities
## Summary While testing the *GitHubProvider* OAuth integration, which allows authentication to a FastMCP MCP server via a FastMCP OAuthProxy using GitHub OAuth, it was discovered that the FastMCP OAuthProxy does not properly validate the user's consent upon receiving the authorization code from GitHub. In combination with GitHub’s behavior of skipping the consent page for previously authorized clients, this introduces a Confused Deputy vulnerability. ## Technical Details An adversary can initi
FastMCP has a Command Injection vulnerability - Gemini CLI
Server names containing shell metacharacters (e.g., `&`) can cause command injection on Windows when passed to `fastmcp install claude-code` or `fastmcp install gemini-cli`. These install paths use `subprocess.run()` with a list argument, but on Windows the target CLIs often resolve to `.cmd` wrappers that are executed through `cmd.exe`, which interprets metacharacters in the flattened command string. PoC: ```python from fastmcp import FastMCP mcp = FastMCP(name="test&calc") @mcp.tool def rol
FastMCP OAuth Proxy token reuse across MCP servers
While testing the OAuth Proxy implementation, it was noticed that the server does not properly respect the `resource` parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for this MCP server, the token is issued for the `base_url` passed to the `OAuthProxy` during initialization. **Affected File:** *https://github.com/jlowin/fastmcp/blob/main/src/fastmcp/server/auth/oauth_proxy.py#L828* **Affected Code:** ```python self._jwt_issuer:
FastMCP updated to MCP 1.23+ due to CVE-2025-66416
There was a recent CVE report on MCP: https://nvd.nist.gov/vuln/detail/CVE-2025-66416. FastMCP does not use any of the affected components of the MCP SDK directly. However, FastMCP versions prior to 2.14.0 did allow MCP SDK versions <1.23 that were vulnerable to CVE-2025-66416. Users should upgrade to FastMCP 2.14.0 or later.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in other
Compress tool outputs, logs, files, and RAG chunks before they reach the LLM. 60-95% fewer tokens, same answers. Library, proxy, MCP server.
Pi Coding Agent extension (CLI-first) — routes bash/read/grep/find/ls through lean-ctx CLI for strong token savings. Optional MCP bridge can register advanced tools.
AI travel agent — 1 smart MCP tool plus 62 compatibility aliases for flights, hotels, ground transport, price alerts. No API keys required.
Research graph MCP for hypotheses, goals, runs, source quality, audits, and generated maps.
MCP Security Weekly
Get CVE alerts and security updates for Awesome Agent Skills and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
English | 繁體中文 | 简体中文 | 日本語 | 한국어 | Español
🌐 Browse the live directory at agent-skill.co
Maintained by Hailey Cheng (Cheng Hei Lam) · X @haileyhmt · haileycheng@proton.me
Never heard of "agent skills" before? You're in the right place. This is a community-curated list of simple text files that teach AI assistants (like Claude, Copilot, or Codex) how to do new things on demand, without retraining. Unlike bulk-generated skill repositories, this collection focuses on real-world Agent Skills created and used by actual engineering teams. Compatible with Claude Code, Codex, Antigravity, Gemini CLI, Cursor, GitHub Copilot, Windsurf, and more.
Step 1: Pick a skill from the directory below (or browse at agent-skill.co)
Step 2: Load it into your AI agent:
/skills add <github-url>Step 3: Ask your AI to use it. Just describe what you want in plain English.
That's it. No installation. No configuration. No coding required.
Think of Agent Skills as "how-to guides" for AI assistants. Instead of the AI needing to know everything upfront, skills let it learn new abilities on the fly, like giving someone a recipe card instead of making them memorize an entire cookbook.
Skills are simple text files (called SKILL.md) that teach an AI how to do specific tasks. When you ask the AI to do something, it finds the right skill, reads the instructions, and gets to work.
Skills load in three stages:
Skills are instructions, not code. The AI reads them like a human would read a guide, then follows the steps.
[![SkillsMP Marketplac