If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/MiniMax-AI/skills shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

GO — Healthy across the board

• Last commit 3w ago
• 20 active contributors
• Distributed ownership (top contributor 23% of recent commits)
• MIT licensed
• Tests present
• ⚠ No CI workflows detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live MiniMax-AI/skills repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/MiniMax-AI/skills.

What it runs against: a local clone of MiniMax-AI/skills — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in MiniMax-AI/skills | Confirms the artifact applies here, not a fork | | 2 | License is still MIT | Catches relicense before you depend on it | | 3 | Default branch main exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 51 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of MiniMax-AI/skills. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/MiniMax-AI/skills.git
#   cd skills
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of MiniMax-AI/skills and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "MiniMax-AI/skills(\\.git)?\\b" \\
  && ok "origin remote is MiniMax-AI/skills" \\
  || miss "origin remote is not MiniMax-AI/skills (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(MIT)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"MIT\"" package.json 2>/dev/null) \\
  && ok "license is MIT" \\
  || miss "license drift — was MIT at generation time"

# 3. Default branch
git rev-parse --verify main >/dev/null 2>&1 \\
  && ok "default branch main exists" \\
  || miss "default branch main no longer exists"

# 4. Critical files exist
test -f "README.md" \\
  && ok "README.md" \\
  || miss "missing critical file: README.md"
test -f "skills/frontend-dev/SKILL.md" \\
  && ok "skills/frontend-dev/SKILL.md" \\
  || miss "missing critical file: skills/frontend-dev/SKILL.md"
test -f ".claude-plugin/plugin.json" \\
  && ok ".claude-plugin/plugin.json" \\
  || miss "missing critical file: .claude-plugin/plugin.json"
test -f "CONTRIBUTING.md" \\
  && ok "CONTRIBUTING.md" \\
  || miss "missing critical file: CONTRIBUTING.md"
test -f "plugins/pptx-plugin/skills/ppt-orchestra-skill/SKILL.md" \\
  && ok "plugins/pptx-plugin/skills/ppt-orchestra-skill/SKILL.md" \\
  || miss "missing critical file: plugins/pptx-plugin/skills/ppt-orchestra-skill/SKILL.md"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 51 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~21d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/MiniMax-AI/skills"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

MiniMax Skills is a monorepo of structured AI coding agent skill packs that guide large language models through production-quality development workflows across frontend, fullstack, Android, iOS, Flutter, React Native, and shader development. Each skill is a markdown-based knowledge base bundled as a plugin for Claude, Cursor, and other AI coding tools, combining design patterns, API references, and executable examples to produce enterprise-grade code without manual context switching. Monorepo organized as: /skills contains individual skill packs (android-native-dev/, frontend-dev/, fullstack-dev/, etc.), each with a SKILL.md root file, /references subdirs for detailed guidance, and optional /scripts for validation; /plugins/pptx-plugin/ is a complete sub-skill-tree for PowerPoint generation with its own agents/ and skills/ hierarchy; /.claude/, /.codex/, /.cursor-plugin/ contain plugin manifests (plugin.json) defining how skills integrate with specific AI tools.

AI coding tool users (Claude, Cursor, OpenCode) who need their LLM agents to follow production standards: frontend engineers building animated React/Next.js UIs with MiniMax media APIs, fullstack engineers designing auth flows and databases, mobile engineers targeting Material Design 3 (Android) or HIG (iOS), and game/graphics developers writing GLSL shaders. Also useful for teams establishing coding standards via AI agent guidance.

Experimental / actively developed — marked as 'Beta' in README with explicit notice that 'Skills, APIs, and configuration formats may change without notice.' The repo has substantial language diversity (C# 842KB, Python 298KB, Shell 45KB) suggesting cross-platform tooling, but the project appears <2 years old with ongoing rapid iteration on skill definitions rather than stable APIs. Verdict: not production-ready for critical systems; use for guidance, expect breaking changes.

Moderate risk: (1) Beta status guarantees API instability — plugin formats and skill structure may change without deprecation warnings; (2) Heavy reliance on MiniMax proprietary APIs (image/video/audio generation) creates vendor lock-in; (3) No visible CI/CD pipeline, test suite, or automated validation beyond a single Python validator script (scripts/validate_skills.py); (4) Documentation-heavy architecture means quality depends on manual prose maintenance rather than executable tests.

Actively expanding skill coverage: pptx-plugin is a new complex skill with 5 specialized agents (content-page-generator, cover-page-generator, etc.), suggesting push into generative slide creation. Core skills (frontend-dev, fullstack-dev, android-native-dev) are documented but likely undergoing refinement as real-world agent usage uncovers edge cases. PR-review skill in .claude/skills/ suggests quality-gating framework being built.

git clone https://github.com/MiniMax-AI/skills.git && cd skills && pip install -r requirements.txt (based on requests>=2.28 dependency). Then: ffmpeg must be installed separately (brew install ffmpeg on macOS, apt install ffmpeg on Ubuntu) for media processing in frontend-dev skill. Validation: python .claude/skills/pr-review/scripts/validate_skills.py

Daily commands: No traditional 'dev server' — this is a skill library, not an application. To validate: python .claude/skills/pr-review/scripts/validate_skills.py. To use: import plugin.json files into your AI tool (Claude Web, Cursor IDE, OpenCode). To contribute: edit SKILL.md files and reference/*.md docs directly; validate with the Python script above.

• README.md — Entry point documenting all available skills (frontend-dev, fullstack-dev, android-native-dev, flutter-dev, etc.) and their capabilities; essential for understanding repo scope and structure.
• skills/frontend-dev/SKILL.md — Core skill definition for frontend development covering UI design, animations, AI-generated media, and tech stack (React/Next.js/Tailwind); the most comprehensive skill in the repo.
• .claude-plugin/plugin.json — Plugin configuration manifest for Claude integration; defines how skills are exposed to AI agents and tools.
• CONTRIBUTING.md — Contribution guidelines for adding new skills or extending existing ones; mandatory reading for maintainers and contributors.
• plugins/pptx-plugin/skills/ppt-orchestra-skill/SKILL.md — Advanced multi-skill orchestration pattern for PowerPoint generation; demonstrates skill composition and agent coordination architecture.
• .claude/skills/pr-review/SKILL.md — Quality assurance skill defining PR review standards and structural rules; foundational for code quality expectations.
• skills/flutter-dev/SKILL.md — Cross-platform mobile development skill covering Flutter patterns, state management, and platform-specific integration; represents alternative platform coverage.

Add a New Skill Domain

1. Create skill directory under skills/ with the domain name (e.g., skills/web3-dev) (skills/[DOMAIN]/SKILL.md)
2. Write main SKILL.md with capability overview, tech stack, and core patterns (skills/[DOMAIN]/SKILL.md)
3. Create references/ subdirectory with detailed guides for each aspect (e.g., authentication.md, performance.md) (skills/[DOMAIN]/references/[ASPECT].md)
4. Update root README.md table to list the new skill with description and source attribution (README.md)
5. Register skill in plugin manifests if exposing to Claude/Cursor (.claude-plugin/plugin.json)

Add a New Plugin with Multi-Step Agents

1. Create plugin directory under plugins/[PLUGIN_NAME]/ with .claude-plugin/ subdirectory (plugins/[PLUGIN_NAME]/.claude-plugin/plugin.json)
2. Create agents/ subdirectory and write agent definitions (e.g., generator-agent.md) for each workflow step (plugins/[PLUGIN_NAME]/agents/[AGENT_NAME].md)
3. Create skills/ subdirectory with task-specific SKILL.md files for orchestration (plugins/[PLUGIN_NAME]/skills/[SKILL_NAME]/SKILL.md)
4. Create plugin-specific README.md with setup instructions and capability overview (plugins/[PLUGIN_NAME]/README.md)
5. Add plugin configuration to .claude-plugin/marketplace.json for discoverability (.claude-plugin/marketplace.json)

Extend an Existing Skill with New Reference Guides

1. Create new .md file in the skill's references/ directory (e.g., references/new-pattern.md) (skills/[DOMAIN]/references/[NEW_ASPECT].md)
2. Structure guide with problem statement, solution pattern, code examples, and gotchas section (skills/[DOMAIN]/references/[NEW_ASPECT].md)
3. Link to the new reference from the main SKILL.md under appropriate section (skills/[DOMAIN]/SKILL.md)
4. Run validation script to ensure skill definition remains compliant (.claude/skills/pr-review/scripts/validate_skills.py)

Add New Canvas Fonts for Frontend Rendering

1. Place font files (.ttf) and license (.txt) in skills/frontend-dev/canvas-fonts/ (skills/frontend-dev/canvas-fonts/[FONT_NAME].ttf)
2. Update frontend-dev SKILL.md to list the new font in available typography options (skills/frontend-dev/SKILL.md)
3. Include OFL or appropriate license file alongside the font file (skills/frontend-dev/canvas-fonts/[FONT_NAME]-[LICENSE].txt)

• Markdown-based SKILL.md definitions — Human-readable, version-controllable, easy to integrate with Claude/LLM context windows; avoids binary formats and centralizes knowledge as text.
• Plugin manifests (.claude-plugin, .cursor-plugin, .opencode) — Enables multi-IDE support without code duplication; each tool can load the same skill definitions via standardized plugin protocol.
• Python validation script (validate_skills.py) — Lightweight tooling for CI/CD to ensure skill definitions meet structural requirements before merging; low dependency footprint.
• TTF font files with OFL licensing — Canvas and design rendering require font assets; OFL ensures open-source compliance and clear attribution.
• Reference documentation per-domain (Android, Flutter, Frontend) — Compartmentalizes best practices by platform; LLM agents can load domain-specific context independently, reducing token overhead.

• Skill definitions in Markdown instead of JSON/YAML schema

  • Why: Markdown is more natural for LLM consumption and human reading; avoids rigid structure that might limit narrative guidance.
  • Consequence: Validation is looser (Python script enforces only basic rules); easier to write but harder to machine-parse for tooling.

• Separate plugins/ directory with per-plugin skills vs. centralized skills/

  • Why: Allows plugins (pptx-plugin) to be self-contained; teams can fork or distribute individually.
  • Consequence: Potential duplication of patterns across plugin skills and main skills; requires manual sync discipline.

• No centralized database or schema registry

  • Why: Keeps repo lightweight and self
  • Consequence: undefined

1. MiniMax API keys required: frontend-dev and gif-sticker-maker skills expect MiniMax API credentials (image/video/audio/music/TTS endpoints); no fallback provided. 2. ffmpeg is a required system dependency not installed by pip; must be installed separately or media processing will fail. 3. Skills are documentation-only; no tests or CI validation ensures examples actually work — examples may rot. 4. Plugin.json versioning must be manually bumped; no automated release process visible. 5. Multilingual docs (README_zh.md) suggest Chinese-first development; English docs may lag.

• Prompt Injection and Tool Use (in LLM agents) — Skills are structured knowledge documents designed to be injected into LLM prompts; understanding how Claude and Cursor parse and use these skill definitions is essential for writing skills that agents will actually follow.
• Markdown-as-Config / Documentation-as-Code — This repo treats Markdown files as executable configuration and knowledge bases rather than ornamental docs; skills are validated and versioned as code despite being prose, requiring discipline in structure and examples.
• Plugin Architecture for IDE Extensions — Skills are packaged as plugins (plugin.json manifests) for Cursor, Claude, and OpenCode; understanding plugin contracts, versioning, and registration is needed to integrate new skills with AI tools.
• AIDA Copywriting Framework — Explicitly referenced in frontend-dev skill for persuasive UI copywriting; an established marketing psychology model for structuring user-facing text in AI-generated content.
• Token-Based Design Systems (PDF generation) — minimax-pdf skill uses token-based design (variables, constraints, themes) for generating PDFs; understanding design tokens helps contributors extend PDF and visual generation skills.
• Shader Development (GLSL, Ray Marching, SDFs) — shader-dev skill covers advanced graphics techniques (signed distance fields, ray marching, procedural generation); essential knowledge for contributors improving visual effects guidance in the skill.
• Material Design 3 and Adaptive UI (Android) — android-native-dev skill heavily leans on Material Design 3 specs and Jetpack Compose; understanding responsive grid systems and motion design is required to maintain and extend Android skill docs.

• anthropics/anthropic-sdk-python — Official Anthropic SDK for Claude API integration; skills designed to be consumed by Claude tool-use and prompt-injection patterns.
• continuedev/continue — Open-source AI code assistant (alternative to Cursor) that consumes similar structured guidance plugins and skills for multi-language development.
• openai/gpt-engineer — Competitor project using GPT-4 with structured prompts and reference docs to guide code generation; demonstrates same 'prompt-as-knowledge' architecture.
• vercel/next.js — Primary framework for frontend-dev and fullstack-dev skills; understanding Next.js internals required to contribute meaningfully to those skill docs.
• google/material-design-components — Material Design 3 specifications and component libraries; directly referenced in android-native-dev and flutter-dev skill guidance.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add validation script tests for skills/.claude/skills/pr-review/scripts/validate_skills.py

The repo has a validate_skills.py script but no test coverage. Given that this is a skills repository with multiple skill definitions (android-native-dev, flutter-dev, etc.), adding unit tests would ensure the validator correctly checks SKILL.md structure, references/, and plugin.json compliance across all skills. This prevents regressions as new skills are added.

• [ ] Create tests/test_validate_skills.py with test cases for valid/invalid SKILL.md files
• [ ] Add test cases for missing references directories
• [ ] Add test cases for malformed plugin.json in .claude-plugin/
• [ ] Run tests against existing skills in skills/ and plugins/pptx-plugin/skills/
• [ ] Add test execution to CI workflow (if one exists)

Create GitHub Actions workflow for skill validation on pull requests

With multiple skill definitions across skills/ and plugins/pptx-plugin/skills/, there's no CI to validate new skills meet the repo's quality standards. Adding a workflow that runs validate_skills.py on PRs would catch structural issues early and document the skill format requirements.

• [ ] Create .github/workflows/validate-skills.yml
• [ ] Configure workflow to run validate_skills.py against all skills/ and plugins/*/skills/ directories
• [ ] Add validation for SKILL.md presence and format in each skill directory
• [ ] Add validation for required files (references/, .claude-plugin/plugin.json)
• [ ] Output clear error messages linking to CONTRIBUTING.md for skill structure

Document skill structure specification in CONTRIBUTING.md with examples

CONTRIBUTING.md exists but the README snippet shows the skill format is evolving (Beta). The file structure reveals consistent patterns (SKILL.md, references/, .claude-plugin/) but these aren't formally documented. New contributors can't reliably create skills matching repo standards. A spec section with examples from existing skills (android-native-dev, flutter-dev) would reduce friction.

• [ ] Add 'Skill Structure' section to CONTRIBUTING.md
• [ ] Document required files: SKILL.md (with template), references/ directory, .claude-plugin/plugin.json
• [ ] Add example showing android-native-dev or flutter-dev as reference implementation
• [ ] Document the SKILL.md format (title, description, sections expected)
• [ ] Add checklist for contributors submitting new skills

• Add unit tests for .claude/skills/pr-review/scripts/validate_skills.py — currently no test suite visible; create test fixtures for valid and invalid SKILL.md structures and assert parser behavior.
• Document the MiniMax API key setup for frontend-dev and gif-sticker-maker skills: add a SETUP.md or section to SKILL.md showing how to obtain keys, set environment variables, and validate connectivity before running examples.
• Create a Makefile or shell script at the repo root to automate skill validation and plugin packaging; currently developers must manually run Python validators and copy JSON files for distribution.

The codebase shows a reasonable security baseline for a skills/plugin repository. Primary concerns are loose dependency version constraints and external system dependencies without version pinning. The multi-plugin architecture introduces increased attack surface area, but no critical vulnerabilities were identified in the visible structure. Recommendations focus on dependency management hardening, ensuring proper secret management in configuration files, and validating the security of Python utility scripts. The use of multiple plugin systems (Claude, Cursor, OpenCode) with separate configuration files requires careful attention to prevent credential leakage.

• Medium · Overly Permissive Dependency Version Specification — Python dependencies specification. The dependency 'requests>=2.28' uses a loose version constraint that allows installation of any version from 2.28 onwards, including potentially vulnerable future releases. Without an upper bound, the package can receive breaking changes or security patches that are not tested against the codebase. Fix: Pin dependencies to specific versions or use a tighter range (e.g., 'requests>=2.28,<3.0.0' or 'requests==2.31.0'). Regularly audit and update dependencies through a controlled process.
• Low · Missing External System Dependency Documentation — Python dependencies specification (ffmpeg comment). The codebase depends on 'ffmpeg' which is installed as a system dependency separately. This creates a potential operational security risk if ffmpeg is not properly installed, patched, or if an outdated/compromised version is used. No version pinning is specified. Fix: Document the specific required ffmpeg version(s), provide automated installation scripts, and include security scanning of system dependencies in your CI/CD pipeline. Consider containerization to ensure consistent versions.
• Low · Extensive File Structure with Potential Sensitive Content — Plugin configuration files and dotted directories (.claude, .codex, .cursor-plugin). The repository contains multiple plugin directories, configuration files (.claude, .codex, .cursor-plugin), and plugin manifests. While .gitignore exists, there's risk of accidentally committing sensitive configuration, API keys, or credentials in plugin.json files or configuration directories. Fix: Ensure .gitignore properly excludes all sensitive files (*.env, *.local, config.local.json, etc.). Add pre-commit hooks to scan for accidentally committed secrets. Regularly audit configuration files for hardcoded credentials.
• Low · Validation Script Security — .claude/skills/pr-review/scripts/validate_skills.py. The file 'validate_skills.py' exists but its content is not visible. Python scripts can be vectors for code injection or execution of unsafe code if they accept user input without proper validation. Fix: Review the validate_skills.py script to ensure: (1) Input validation on all user-supplied data, (2) No use of eval() or exec(), (3) Proper error handling, (4) No shell injection vulnerabilities in subprocess calls.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.