npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@lyupro/llm-skills

v0.10.1

Published

Lyu Pro Skill Library — hybrid skills (lightweight SKILL.md + deterministic scripts) for Claude / SkillForge. Design and UI-UX anti-slop tooling tuned for React Native Web and web stacks.

Readme

Lyu Pro Skill Library

A curated library of hybrid skills for Claude / SkillForge.

A hybrid skill pairs a lightweight SKILL.md (routing + a short instruction injected into the prompt) with deterministic scripts (.mjs) the agent runs on demand. The deterministic part costs 0 prompt tokens, is reproducible, and is CI-ready.

The library is owned end-to-end — rules are tuned to our own stacks (React Native Web, web), our brand, and our anti-slop discipline. One library serves every SkillForge consumer through folder-registration.

Why hybrid

  • 0-token determinism. Detectors and generators run as scripts; the model pays only for the light SKILL.md and the script's JSON result, never for hundreds of lines of rules.
  • Reproducible & CI-ready. Deterministic scripts run the same in an agent prompt, a pre-commit hook, or a CI gate.
  • Full control. No vendoring, no upstream drift, no foreign installer.

Layout

skills/
  design/   # design phase: design-taste, html-mockup-generator, style-*, brand-asset-protocol, design-system-advisor
  uiux/     # UI-UX audit: design-slop-detector, design-critique, a11y-detector
  meta/     # the library about itself: skill-lint
  git/      # (future)
  content/  # (future)
docs/
  skill-format.md      # the hybrid skill format (study before adding a skill)
  install-runbook.md   # SkillForge folder-registration + reindex

Categorization is physical, by folder — a design skill lives in skills/design/. See docs/skill-format.md.

Skills

| Skill | Category | Type | What it does | |---|---|---|---| | design-slop-detector | uiux | deterministic | 43 rules (39 always-on + 4 opt-in --tells) flag AI design-slop in HTML/CSS → JSON. The 0-token gate. | | a11y-detector | uiux | deterministic | 8 static accessibility rules (missing alt, unlabelled controls, empty buttons/links, duplicate ids, zoom locks, …) → JSON | | design-token-adherence | uiux | deterministic | 3 rules flag declared color / spacing / font-size values off your design-system token scale (caller supplies --tokens) → JSON. The system-consistency gate. | | ui-gate | uiux | deterministic | runs both detectors in one pass, merges findings (tagged by tool) → one verdict + one --fail-on gate. The single UI check for agents/CI. | | render-verification | uiux | deterministic* | renders HTML in headless Chromium and flags computed-layout bugs static analysis can't: horizontal overflow, text flush to the edge, real clipping, sub-min touch targets, off-screen content, screenshot diff → JSON. *Opt-in: needs the optional Playwright peer dependency. | | design-critique | uiux | prompt | evaluative pass: visual hierarchy / IA / cognitive load → score + P0–P3 | | design-taste | design | prompt | anti-slop + taste rules (layout / type / spacing / motion discipline) | | html-mockup-generator | design | hybrid | single-file clickable HTML mockups with phone/browser/macOS frames | | style-minimalist / premium / brutalist | design | prompt | visual-direction switches, auto-discovered by style-pack tag | | brand-asset-protocol | design | hybrid | gather real logo/colors/fonts from official sources → brand-spec, then generate the tokens.json design-token-adherence enforces (deterministic, + optional layered CSS) | | design-system-advisor | design | hybrid | by product archetype (+ optional tone / industry) composes a starter design system from the library's own skills: a style-pack direction, design-taste dials, the anti-patterns to watch, and a neutral starter palette/type to replace with the real brand → JSON or --persist (MASTER.md + pages). A starting point, not dogma. | | skill-lint | meta | deterministic | 11 rules validate the library's own SKILL.md files: frontmatter validity, name=folder, trigger-style descriptions, on-disk link integrity, and a public-cleanliness gate (no leaked email / home paths / blacklisted codenames) → JSON. The library linting itself. |

The detector doubles as an automated gate — see docs/integration.md for pre-commit / CI / render-gate recipes.

The --json output is pinned by a published contract under schemas/ (validate with the bundled zero-dep scripts/lib/validate-output.mjs). Add --remediation to attach each rule's canonical fix to every finding, so an agent can repair mechanically — each detector ships its own reference/remediation.json.

All skills above are zero-dependency except render-verification, which is opt-in: it renders in a real browser, so it needs the optional Playwright peer dependency (npm i -D playwright && npx playwright install chromium; screenshot diff additionally needs pixelmatch + pngjs). Installing the library never pulls a browser; the static detectors stay dependency-free.

Skill format (hybrid)

skills/{category}/{skill-name}/
  SKILL.md      # frontmatter (name/description) + light instruction + when to run a script
  scripts/      # deterministic part (0 tokens): node *.mjs
  reference/    # deep docs, loaded on demand
  assets/       # frames, templates, tokens
  __tests__/    # tests for the scripts

Develop

npm install
npm test          # vitest, run once
npm run test:watch
npm run typecheck # tsc --noEmit (JSDoc + checkJs over .mjs)

Scripts are JavaScript ESM (.mjs). Type-safety comes from JSDoc annotations checked by tsc (no build step — sources run as-is).

Install

Three delivery channels — all install the same zero-dependency skill folders:

# 1. install-CLI -> brand root, served cross-tool by SkillForge
npx @lyupro/llm-skills install
skillforge folders add ~/.lyupro/.skills && skillforge skills reindex

# 2. install-CLI -> native Claude Code (no runtime)
npx @lyupro/llm-skills install --link-claude

# 3. Claude plugin marketplace
/plugin marketplace add lyupro/llm-skills
claude plugin install llm-skills@lyupro

Our skills install under ~/.lyupro/.skills/<name>/ (the leading dot marks Lyu Pro's own content; ~/.lyupro/skills/ is reserved for third-party skills). Full runbook — all channels, options, deploy modes: docs/install-runbook.md.

Stay updated

llm-skills -v               # installed version
llm-skills update --check   # is a newer version published?
llm-skills update           # update to the latest (npm install -g under the hood)

update is fail-loud: on a root-owned global prefix it prints the exact sudo command (never runs it), and an npm min-release-age cooldown is reported with a --min-release-age 0 opt-in rather than bypassed silently. See the runbook for the permission and cooldown details.

License

MIT — see LICENSE. Contact: [email protected]