ajarbot/.claude/SKILLS_README.md

Local Skills for Ajarbot

This project uses local-only skills for security - no public registries, no external dependencies.

Available Skills

/adapter-dev - Adapter Development Helper

Helps create, debug, and update messaging platform adapters.

Usage:

/adapter-dev create WhatsApp adapter
/adapter-dev debug Slack connection issues
/adapter-dev add file upload support to Telegram

Location: .claude/skills/adapter-dev/

Creating Your Own Skills

1. Create skill directory

mkdir -p .claude/skills/my-skill

2. Create SKILL.md

---
name: my-skill
description: What this skill does
user-invocable: true
disable-model-invocation: true
allowed-tools: Read, Grep
context: fork
---

Instructions for Claude when this skill runs...

3. Use the skill

/my-skill
/my-skill with arguments

Security Configuration

Restrict skill permissions in .claude/settings.json:

{
  "permissions": {
    "allow": [
      "Skill(adapter-dev)",
      "Skill(my-skill)"
    ]
  }
}

Per-skill tool restrictions in SKILL.md frontmatter:

allowed-tools: Read, Grep, Glob

This prevents skills from using Bash, Edit, Write, etc. unless explicitly allowed.

Why Local Skills?

✅ No supply chain attacks - All code is in your repo ✅ Version controlled - Review skills in PRs ✅ Team-wide consistency - Everyone uses same skills ✅ Fully auditable - All code is visible ✅ Offline capable - No registry lookups

Skill Arguments

Pass arguments to skills:

/adapter-dev create Discord adapter

In SKILL.md, access with:

• $ARGUMENTS - All arguments as string
• $0, $1, $2 - Individual arguments

Best Practices

1. Use disable-model-invocation: true for security-sensitive skills
2. Limit allowed-tools to only what's needed
3. Use context: fork to isolate skill execution
4. Document in examples/ directory
5. Review all skills before committing

Documentation

• Claude Code Skills Docs
• Security Guide