npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

orpen-skill-cli

v0.0.2

Published

CLI for installing audited skills/agents from the Orpen registry into local AI coding agents (Claude Code, Codex).

Downloads

297

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mateustechmateustech

Keywords

aiagentsskillsclaude-codecodexregistrycli

Readme

orpen-skill-cli

CLI for installing audited skills/agents from an Orpen-style registry into local AI coding agents (Claude Code, Codex).

This tool is a thin fetcher: it resolves a tag, downloads the matching tarball from the registry's GitHub repository, and copies the skill folder to the right place on disk. The audit happens in the registry, not here — this CLI doesn't decide what's safe to install.

Install

npm install -g orpen-skill-cli

Usage

# install latest version of a skill
orpen-skill-cli install mcp-bootstrap

# pin a version
orpen-skill-cli install [email protected]

# install for codex instead of claude-code
orpen-skill-cli install mcp-bootstrap --target codex

# overwrite an existing install
orpen-skill-cli install mcp-bootstrap --force

# list installed skills
orpen-skill-cli list

# list codex-targeted installs
orpen-skill-cli list --target codex

The default registry is github:orpendev/agent-skills. Override per-call with --registry github:owner/repo or globally via the ORPEN_SKILL_REGISTRY environment variable.

Available skills

The Orpen registry currently publishes four audited skills. All are stack-agnostic unless noted, all run as advisors (report findings; don't modify code), and all support claude-code plus the targets listed.

| Name | Targets | Purpose | | --------------------------------------------- | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | | mcp-bootstrap | claude-code | Scaffold a new MCP server repo (TypeScript + Express + zod) that boots out-of-the-box. | | sql-auditor | claude-code, codex | Audit raw SQL in TypeScript diffs against schema-prefix / bind-variable / interpolation / DB-service conventions. | | coupling-analysis | claude-code, cursor, windsurf | Three-dimensional coupling review (strength × distance × volatility) from Khononov's Balancing Coupling. | | domain-analysis | claude-code, cursor, windsurf | DDD strategic design — identify subdomains (Core / Supporting / Generic) and propose bounded contexts. |

Install any of them with orpen-skill-cli install <name>. Pin a version with <name>@<version>. Audit reports for each release live at audits/skills/<name>/<version>.md in the registry repo.

mcp-bootstrap

Generates a complete TypeScript MCP server: structured logger, AsyncLocalStorage per-request context, generic typed HTTP client (timeout + sensitive-field redaction), mcpTool() wrapper that drops try/catch boilerplate, plus one sample domain hitting JSONPlaceholder so the new project boots and works without any wiring. The auth scheme stays as a placeholder for the user to plug in, with four commented examples (Basic, Bearer, API key, static env key).

orpen-skill-cli install mcp-bootstrap

sql-auditor

Reviews raw SQL in TypeScript diffs against four conventions: schema prefix (every table prefixed with the project's canonical schema reference), bind variable hygiene (no positional reuse — critical on Oracle), string interpolation safety (only the canonical schema reference inside template literals), and DB-service availability (no hardcoded schema strings). Targets NestJS/TypeORM-style projects with multi-schema databases (Oracle, Postgres). Output is grouped by file with FAIL / NIT severities and a final PASS / PASS_WITH_NITS / FAIL verdict.

orpen-skill-cli install sql-auditor

coupling-analysis

Six-phase coupling review based on the three-dimensional model from Vlad Khononov's Balancing Coupling in Software Design: context gathering → structural mapping (dependency graph + distance via encapsulation hierarchy) → integration-strength classification (Intrusive / Functional / Model / Contract) → volatility assessment (subdomain type + git history) → balance score (STRENGTH × DISTANCE × VOLATILITY) → structured report (executive summary, dependency map, issues by severity, prioritized recommendations). Stack-agnostic.

The classification matters: tightly coupled components should live close together (high cohesion), distant components should be loosely coupled, and stable components can tolerate stronger coupling. The balance formula BALANCE = (STRENGTH XOR DISTANCE) OR NOT VOLATILITY is the heuristic the skill applies systematically.

orpen-skill-cli install coupling-analysis

domain-analysis

Three-phase DDD strategic-design playbook: extract domain concepts (entities, services, use cases, controllers — filtering out infrastructure) → group by ubiquitous language (linguistic boundaries, where term meanings shift = different bounded context) → classify subdomains via decision tree (Core: competitive advantage / Supporting: business-specific support / Generic: standard functionality). Output is a strategic map: extracted concepts, groupings, classified subdomains, and proposed context boundaries.

Companion files live in references/ after install (EXAMPLES.md with four worked-out domains — e-commerce, healthcare, SaaS project management, streaming video — and QUICK-REFERENCE.md with decision trees and integration patterns).

orpen-skill-cli install domain-analysis

Where things land

| Target | Install path | | ------------- | --------------------------------------- | | claude-code | ~/.claude/skills/<name>/ | | codex | ~/.codex/skills/<name>/ |

Versioning

Tags in the registry follow the pattern skills/<name>/<version> (e.g. skills/mcp-bootstrap/0.1.0). The CLI resolves latest to the highest semver across that tag prefix.

What this CLI does NOT do (yet)

  • Hash verification against the audit report. Planned for v0.1.0.
  • Per-tool format projection. Skills currently install verbatim. When skills publish multi-tool content, the projection layer goes here.
  • Update / uninstall. Reinstall with --force for now; remove the directory manually for uninstall.
  • Authenticated registries. Public GitHub only.

Default registry

github:orpendev/agent-skills is hardcoded as the default and is the registry curated by the Orpen team. Anyone can run their own audited skill registry following the same layout (skills/<name>/SKILL.md + manifest.json + tags shaped skills/<name>/<version>) and point this CLI at it via --registry or ORPEN_SKILL_REGISTRY.

License

MIT.