The reason isn't that the model can't do better. It's that the model doesn't know what better looks like in this codebase, at this moment, with these people. It has the general knowledge of every code review ever written, but no anchor for which conventions to follow, which severities to use, which anti-patterns to flag first.

That's the problem skills solve. And today, we're opening a small library of them, freely shared, that any compatible agent can pick up and use.

The repo lives at github.com/kwhorne/elyra-skills.

What a skill actually is

A skill is a Markdown file. That's the whole thing.

It has a bit of frontmatter at the top (a name, a description, maybe a license), and then a body that tells the agent how to approach a particular task. Here's the shape:

---
name: code-review
description: Perform a structured code review with severity-tagged feedback. Use when the user asks for a code review, PR feedback, or wants to evaluate a diff before merge.
---
¶Code Review
¶When to use

"Review this PR / branch / diff"
"What do you think of this code?"

¶Procedure

Establish scope. What are you reviewing?
Read the code in context. Open imports, callers, tests.
Run through the checklist below...

¶Output format
Use this exact shape:
¶🔴 Blockers

path/to/file.ts:42 — finding. Why it matters. Suggested fix.

¶🟠 Major

...

The trick is that the agent doesn't read the whole file all the time. Skills follow a pattern called progressive disclosure: only the name and description are kept in the agent's working context. When your task matches a description, the agent reads the rest. This means you can have a hundred skills installed and pay almost nothing for the ones that don't apply right now.

It's a small idea with a lot of leverage.

Why a registry, and why now

Skills already work in Elyra. You can drop a SKILL.md into .elyra/skills/ and it loads. You can have global skills in /.elyra/agent/skills/. Extensions can bundle them. None of that is new.

What's missing is a place to share them.

A skill is most useful when it captures something a team has learned the hard way — what to test first in a refactor, how to write a runbook that the next on-call can actually use at 3 AM, which OWASP issues you actually need to check first. Those things travel well between projects. They shouldn't have to be reinvented in every repo.

So we built elyra-skills as a place to gather them. The first 26 are seeded — generic workflows that aren't tied to any specific framework or vendor. Things like:

• code-review — structured review with severity tags

• debugging — systematic loop: reproduce, isolate, fix, verify, prevent

• accessibility-review — WCAG 2.2 AA across semantics, keyboard, screen reader

• incident-response — triage, mitigate, communicate, postmortem

• database-migration — expand/contract with lock awareness

• caching-strategy — TTL, invalidation, and the five classic foot-guns

• observability — what to instrument, with the cardinality warnings

Each one is opinionated where the field has converged and explicit about trade-offs where it hasn't. They follow the Anthropic Agent Skills spec, so they work in Claude Code and other compatible agents too — not just Elyra.

How to use them

In Elyra, installing is one command:

/skills install code-review

This pulls the skill from the registry into /.elyra/agent/skills/code-review/ and makes it available immediately — no restart needed. You can install several at once:

/skills install code-review debugging conventional-commits

To see what's loaded:

/skills

You'll get a list with name, description, script and reference counts, and the source path. The agent uses that same index to decide when to load each skill.

Outside Elyra? Just copy the folder into whatever directory your agent scans. Each skill is self-contained.

What it looks like in practice

Let me show one walkthrough. You install the code-review skill, then say to the agent:

Review the changes in feat/auth-refactor against main.

Without the skill, you'd get a freeform critique — useful but unpredictable. With the skill loaded, the agent now has a structure it can follow:

## Review: feat/auth-refactor

Summary: Renames the session token field and adds rate limiting to login.
Recommend "request changes" — the rate limiter logic needs a tweak before merge.
¶🔴 Blockers

src/auth/login.ts:47 — rate limiter increments before validating the
username, so probing for valid usernames is still possible by watching
for which requests get rate-limited. Move the increment after a
successful credentials check.

¶🟠 Major

src/auth/login.ts:23 — new session_token_v2 column added but old
session_token still read in line 89. Either dual-read both or finish
the migration.

¶💭 Questions

src/auth/middleware.ts:12 — was the timeout reduction from 30s to 5s
intentional? Affects mobile clients on slow networks.

¶✅ What's good

Rate-limit constants extracted; easy to tune from config.

This isn't magic. It's just that the agent now knows which severities exist, what shape the report should take, that it should ask questions when intent is unclear instead of guessing. The skill says "look at imports and callers, not just the diff" — so when the new column is added in one file but the old one is still read elsewhere, the agent notices.

You'd write that report the same way. So would your senior engineer. The skill encodes the shared knowledge so the agent does too.

Some skills bring scripts along

A skill can ship more than text. The conventional-commits skill includes a small read-only shell script that summarizes staged changes and suggests a commit type:

$ bash ~/.elyra/agent/skills/conventional-commits/scripts/suggest.sh

¶Staged change summary
added:    0
modified: 3
deleted:  0
renamed:  0
Top paths:
src/api/users.ts
src/api/users.test.ts
docs/api.md
Type guess: fix
(verify by reading the actual diff; this is a heuristic, not a decision)

The agent can run that script if it helps the user, but doesn't have to. Scripts don't execute automatically; they're tools the skill makes available, surfaced to the agent the same way any other shell command would be — subject to the same approval rules.

The same goes for references/ — longer-form documents the agent reads on demand when the SKILL.md says "see the severity rubric in references/". Keeps the top-level file readable while giving the agent access to depth when it needs it.

Contributing

The registry will only be as good as the skills people share. We've kept the bar deliberately reasonable:

• One skill per pull request

• Standalone and generic (no framework or vendor lock-in — those belong in stack-specific extensions)

• Folder name matches the skill name

• Description leads with what and when — that's what the agent matches against

• License is MIT-compatible

There's a CONTRIBUTING.md with a step-by-step, a PR template, and CI that catches the usual mistakes (name mismatches, missing descriptions, drift between registry and filesystem). If you've got a workflow your team relies on and you think other teams would benefit from, we'd love a PR.

Some areas not yet covered, in case you're looking for inspiration: dockerfile-review, terraform-review, git-workflow, release-notes, sql-style, monorepo-strategy, feature-spec.

A small note on what this is, and isn't

This isn't a marketplace. There's no scoring, no rankings, no monetization. It's a collection — like a shared bookshelf of recipes that people from different kitchens have found work. Some skills here are mine. Most, I hope, will be yours, eventually.

We tried to make the bar to contributing as low as we could while keeping the quality high. The validator runs in under a second locally. The PR template tells you exactly what to check. If you spot something wrong or outdated in an existing skill, there's a bug template — skills get acted on by AI agents, so wrong advice has real cost, and we take fixes seriously.

If you've been wishing your agent was sharper at one specific thing — wishing it would just know the way your team does code review, or the way your industry handles privacy — try writing it down as a skill. You might find the agent gets sharper. You might also find that you understand your own process a little better by the time you're done.

Either way, we'd love to have you in the registry.

→ github.com/kwhorne/elyra-skills → Full documentation at elyracode.com → Agent Skills specification