NPM Package Manager Skill

Trust Score 84/100

from pi96

Manage Node.js packages and common npm workflows: install, run scripts, versioning, publish, and audits with safe dry-run guidance.

triggers:npminstall dependenciespublish packageversion bumpnpm auditrun scripts

GitHub SKILL.md

What it does

This skill provides step-by-step npm package management capabilities to the agent. It covers installing dependencies, running npm scripts (dev/test/build), performing safe publish workflows (including dry-run), bumping versions, and auditing dependencies. It helps automate routine package tasks while encouraging safety checks like dry-run and npm audit.

When to use it

Use this skill when you need to: install or update project dependencies, run project scripts, prepare and publish npm packages, perform version bumps, or check for outdated or vulnerable packages. It's also useful when working with monorepos where targeting a specific package path is required.

What's included

Scripts: none bundled in the skill directory (has_scripts=false)
References: none provided (has_references=false)
Instructions: concise examples for install, run, publish (with dry-run), version bump, audit, and package inspection. Emphasises verifying package.json before publish and using dry-run for safety.

Compatible agents

Primarily useful for agents with shell/CLI execution and file-read capabilities (e.g., Claude Code, Copilot-like agents, CLI-capable assistants).

Audit Summary

The npm skill provides a well-organized reference for common npm workflows (install, run, publish, version, audit, inspect) using the npm tool. No bundled scripts — it's a pure instruction skill. Guidelines include sensible safety practices like dry-run before publish and reading package.json before publishing. Straightforward and functional.

Watch Out

Relies on the agent having an 'npm tool' available — not a standard shell tool, so compatibility depends on the agent runtime

Notes

Pure instruction skill with no scripts. Clean and safe. Somewhat thin — could benefit from monorepo examples, troubleshooting guidance, and references/ section.

Information

Repository: pi
Stars: 96
Installs: 0

Trust Score

Overall84

Security98

Code Quality72

Architecture65

Usefulness62

Related Skills

Development Worktree

Create an isolated git worktree for feature work, auto-run project setup, and verify a clean test baseline before development.

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Shopify Webhooks & Events

Register and handle Shopify webhook subscriptions (orders, products, GDPR hooks) with HMAC verification and async processing.

SWE-AF — Autonomous Software Engineering Fleet

Orchestrates a coordinated multi-agent engineering workflow to plan, implement, test, and merge production-grade changes across single or multiple repositories.

Skill Vetter

Pre-install security gate that scans a skill for prompt-injection, secrets, and other vulnerabilities before installation.

Back to Skills