First five minutes as a consumer — finding and running a skill
You have a goal. Someone has probably already published the skill that does it. Here is how to find theirs and skip writing your own.
The premise
You're trying to do something with an LLM — write release notes, audit a repo, triage a Sentry digest. Before you crack open a blank Cursor file and start prompt-engineering, check whether someone has already shipped the skill.
The registry is a search-first product. Find it, fetch it, run it.
Step 1 — search
Open /search. Type a phrase that describes the outcome, not the
implementation. Good queries:
- "release notes from PRs"
- "audit a repo for missing CHANGELOG"
- "summarize Sentry events"
Bad queries:
- "agent" (too vague — every result is an agent)
- "OpenAI" (the registry isn't grouped by provider)
Use the Type filter to narrow to skill / agent / MCP server. Use the Trust filter to floor at verified — for production agents you generally want verified or higher.
Step 2 — read the detail page
Hit a result. The detail page tells you four things you need to know before running:
- Trust tier badge — gold = official, green = verified, gray = community, light gray = unverified. Decide what floor you're comfortable with.
- Evaluation scores — adversarial-safety + content-quality. Floors: adversarial > 0.7, content > 0.6 are reasonable defaults.
- Manifest tab — the JSON. Look at
dependencies[],endpoints[], anddata_contract(what the entity sends to the model). - Graph tab — visual map of relationships. If a skill pulls in 5 unverified deps, you may not actually want to run it.
Step 3 — fetch + run
Three ways, pick the one that fits your stack.
Option A: copy-paste the body
The Overview tab has a "Copy as system prompt" button. Click it, paste into Claude Desktop, run. Done.
This is great for one-shot use. Your agent doesn't pin the version, so re-running it tomorrow may give different results if the skill was updated. That's a feature for exploration, a footgun for prod.
Option B: pull with the CLI
amitte pull <publisher>/<skill>
Drops a versioned copy in ./.amitte/<publisher>-<skill>/ with the
manifest and body. Commit it to your repo and you have a frozen
artifact. Re-run pull to update.
Option C: SDK in your agent
import { Skills } from '@amitte-ai/sdk-ts';
const skills = new Skills({ registryUrl: 'https://registry.amitte.com' });
const sk = await skills.fetchSkill('amitte/repo-conventions-checker', {
version: '0.1.0', // pin for reproducibility
});
const systemPrompt = sk.body_markdown;
This is the right shape for an agent that does multiple things and loads skills on demand. Pin the version explicitly — the registry will return the latest stable if you don't, which is convenient for exploration and dangerous for prod.
Step 4 — for tools, connect MCP
If the entity is an MCP server, you don't fetch its body — you connect to it. Click the Connect tab on the detail page, pick your client (Claude Desktop / Cursor / VS Code), copy the generated JSON snippet, paste into your client config, restart.
The remote MCP server now appears as a local tool surface. Your model calls its tools as if they were defined inline.
Step 5 — pin everything in production
The registry is a moving target by design — publishers ship new versions, deprecate old ones. For production:
- Pin every
pullto a specific version. - Set a trust floor (
trust_floor: verified) in your agent's config. - Verify signatures:
amitte verify <id>@<version>. - Subscribe to revocation alerts (coming in v1.1).
The registry handles the boring infrastructure so you can write agents like you write microservices instead of like you wrote your first React app.