AI Factory (aif)

Trust Score 87/100

Set up agent project context: analyze tech stack, install or generate skills, and configure MCP servers with mandatory security scanning for external skills.

triggers:set up projectconfigure AIwhat skills do I needaifagent onboarding

GitHub SKILL.md

What it does

AI Factory (/aif) automates project onboarding for agent workflows. It analyzes repository metadata and tech stack, recommends and installs existing skills, generates project-specific skills when needed, and configures MCP servers required for runtime integrations. A key responsibility is enforcing a two-level security scanning process for any external skill: an automated Python scanner followed by a semantic human review to catch prompt-injection or dangerous behaviors.

When to use it

Run /aif when starting a new project, onboarding an existing repository to agent workflows, or whenever you need a repeatable, secure agent context configured (skills, MCP, AGENTS.md, and project-level rules). Use it at project setup, before running generated or external skills in production, and whenever you add third-party skills.

What's included

Scripts: security scanning guidance and helper commands are documented; references folder present in repo (has_references=true)
References: project-specific templates, update-config helper, and security-scan script (referenced)
Instructions: detailed mode workflows (analyze existing project, new project with description, interactive empty project), language resolution, and artifact generation rules (DESCRIPTION.md, AGENTS.md, .ai-factory config).

Compatible agents

Designed for agents that can run shell and python helpers and manage MCP servers (Claude Code, Copilot/Codex-style agents, Cursor).

Audit Summary

AI Factory (aif) is a comprehensive project onboarding skill that analyzes tech stacks, installs/generates skills, configures MCP servers, and includes mandatory security scanning for external skills. No bundled scripts to test — static analysis only. Very detailed SKILL.md with clear multi-mode workflows, language resolution, and config management via helper scripts.

Watch Out

SKILL.md is very long — could benefit from more progressive disclosure into references/
Requires skills.sh CLI (npx skills) for full functionality
Security scanner requires Python 3 to be installed

Notes

Well-structured onboarding skill with thoughtful security-first approach (mandatory scanning of external skills). The inline SKILL.md is quite long (~900 lines) which impacts architecture score — moving more content to references/ would improve it. No security concerns found.

Information

Repository: ai-factory
Stars: 921

Trust Score

Overall87

Security95

Code Quality82

Architecture74

Usefulness82

More from ai-factory

AI Factory — Skill Generator

Generate production-ready Agent Skills and skill packages (SKILL.md, scripts, references, templates) following the Agent Skills spec; includes security scanning

Related Skills

Development Worktree

Create an isolated git worktree for feature work, auto-run project setup, and verify a clean test baseline before development.

Readwise Reader Document Management

Manage Readwise Reader documents: list, save, search, move, tag, highlight, export and bulk-edit via official and custom CLIs.

Bounty Hunter — Atlas

Persona skill: 'Atlas' — a profit-focused developer persona for discovering, evaluating and executing paid bounties or freelance tasks with ROI-aware workflows.

Junshi — Research Advisor

Daily strategic research advisor that scans arXiv/venues, digests papers, and proposes bold, ranked research ideas tailored to the user's profile.

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Full Stack Builder

End-to-end builder that scaffolds, implements, tests, and optionally deploys web and API applications from a natural-language specification.

ezBookkeeping API Tools

Command-line API tools for ezBookkeeping: record and query transactions, retrieve accounts/categories/tags, and fetch exchange rates for self-hosted personal fi

Feishu Voice Sender

Convert MP3s and send them as native Feishu voice messages (playable voice clips) to users or groups.

Back to Skills