npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@resolutedev/skillet

v0.1.0

Published

Docs-to-pi-skill generator: turn API docs into verified curl+bash skills

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

maikeffimaikeffi

Keywords

piskillsopenapiapi-docscodegen

Readme

@resolutedev/skillet

Turn an API's docs + OpenAPI spec into a verified pi skill (curl + bash + SKILL.md).

Installation

# CLI (run without installing)
npx @resolutedev/skillet https://petstore.swagger.io/ "list pets by status" --api-base https://petstore.swagger.io/v2

# Library
npm install @resolutedev/skillet

What it does

Point skillet at an API's docs page, name the action you want, and it produces a verified, ready-to-commit skill.

  1. Fetches the docs page and discovers the OpenAPI spec
  2. Slices the spec to the one operation matching your action
  3. Detects the auth scheme (bearer, basic, API key — OAuth2 reported as unsupported)
  4. Generates the skill via LLM (with spec as ground-truth fuel)
  5. Verifies the generated call against the live API before handing it over
  6. Self-corrects if the test fails, bounded to ~3 retries

Usage

# CLI (self-hosted, bring your own LLM key)
npx @resolutedev/skillet https://petstore.swagger.io/ "list pets by status" --api-base https://petstore.swagger.io/v2

# Library
import { generateSkill } from '@resolutedev/skillet';

const result = await generateSkill({
  docsUrl: 'https://petstore.swagger.io/',
  action: 'list pets by status',
  apiBaseUrl: 'https://petstore.swagger.io/v2',
  credentials: {}, // Petstore GET works without auth
});

console.log(result.files);       // [{ path: 'SKILL.md', content: '...' }, ...]
console.log(result.verification); // { status: 'passed', attempts: 1 }

Security design

  • Structured requests only — the LLM returns {method, url, headers, body} as data, never a shell string. Execution is via fetch with the host pinned to the API domain.
  • Method-aware safety — GET/HEAD/OPTIONS are live-tested freely. POST/PUT/PATCH/DELETE are validate-only by default (no live call). Opt-in sandbox testing for mutating ops is a future enhancement.
  • No secrets in generated skills — credentials come from env vars at runtime.

Project structure

src/
  cli.ts              # CLI entry point
  index.ts            # Library entry point
  types.ts            # Core types
  engine/
    generate.ts       # Main orchestration: agent loop + tools
  tools/
    fetch.ts          # fetch_docs, fetch_spec
    spec.ts           # detectAuth, sliceSpec
    runner.ts         # runTest with host pinning + method classifier
  e2e/
    petstore.test.ts  # Live E2E against public Petstore API
    jira.test.ts      # Live E2E against Jira Cloud (skipped without creds)

Tests

# Unit tests (fast, no LLM calls)
npm test

# E2E tests (real LLM + live API)
npx vitest run --config vitest.e2e.config.ts

Examples

Generated example skills live in examples/:

  • examples/petstore/ — skills against the public Petstore API
  • examples/github/ — skills against the GitHub REST API
  • examples/slack/ — skills against the Slack Web API

These are committed to the repo for reference but are not included in the npm package.

Releasing

Maintainers can publish a new release by pushing a git tag:

npm version patch   # or minor / major
git push --follow-tags

GitHub Actions will then run tests, run the Petstore E2E test, publish to npm as @resolutedev/skillet, and create a GitHub Release with auto-generated notes.

Required repository secrets:

  • NPM_TOKEN — npm automation token with publish access to @resolutedev
  • OPENAI_API_KEY — used by the Petstore E2E test

Requirements

  • Node.js 20+
  • An LLM API key (OpenAI, Anthropic, etc.) in environment variables

License

MIT