Which AI coding agents does gh skill support today?

Public preview targets six tools: GitHub Copilot, Claude Code, Cursor, Codex, Gemini CLI, and Antigravity. The CLI writes skill manifests into each tool's expected configuration directory so the same skill can be invoked across all of them.

Is gh skill a replacement for MCP servers?

No. MCP is a protocol for runtime tool calls — servers expose live capabilities. gh skill is a packaging and distribution layer for static skill artefacts (prompts, instructions, scaffolds). They solve different problems and work well together.

Should our team adopt it during the preview?

Pin a single version in CI and treat the registry as read-only for now. The CLI is stable enough for internal skill sharing inside a company, but production-critical workflows should wait until version conflicts and signing land in general availability.

GitHub's gh skill: a package manager for AI coding agents

What gh skill is, in one sentence

gh skill is a new GitHub CLI extension, public preview launched 16 April 2026, that behaves like a package manager for AI coding agent skills. One install command, one manifest format, and the same skill is wired into Claude Code, Cursor, GitHub Copilot, Codex, Gemini CLI, and Antigravity. For teams who maintain a shared prompt library, it removes the most boring chunk of toil: copy-pasting the same instructions into six different config trees.

If your engineering organisation has more than one favoured agent — and almost every company we speak to in Bengaluru and London now does — this is the first credible attempt at a cross-tool standard. It is not finished. But it is real, it works on day one for the simple cases, and it points at a direction the wider ecosystem will probably follow.

Pro tip

Install the extension into your existing gh CLI rather than treating it as a separate binary — it inherits your GitHub auth, your enterprise SSO, and your existing audit trail. For teams on GitHub Enterprise Cloud, that means one less identity provider to wire up.

The problem it actually solves

Agent skills today are fragmented in a way that should be familiar to anyone who lived through the early NPM era or the pre-pip Python wild west. A "skill" — a reusable bundle of instructions, scaffolds, and sometimes a small amount of executable glue — is a useful unit of reuse. The trouble is that every coding-agent vendor invented its own folder layout, its own manifest, and its own discovery mechanism.

Claude Code looks for skills under .claude/skills/. Cursor reads .cursorrules and the newer .cursor/rules/ tree. Copilot picks up copilot-instructions.md. Gemini CLI has its own GEMINI.md and skill directory. Codex uses AGENTS.md. Antigravity has antigravity.md sat alongside its own subdirectory. The work is the same — share a code-review heuristic, share a database-migration checklist, share a "how we name React hooks" convention — but the carrier format is different in each case.

For solo developers this is annoying. For a fifty-person engineering team that has standardised on, say, Claude Code for backend and Cursor for frontend, it is a maintenance burden that quietly degrades quality over time. Someone updates the skill in one tree and forgets to update it in the other; six months later, the two cohorts are subtly producing different output and nobody can remember why.

gh skill is an opinionated answer to that. The skill is the artefact, the GitHub repository is the source of truth, and the CLI projects it into whichever local tool config the user has installed.

What you can actually do today

The public preview supports the core package-manager verbs you would expect, and a few that are specific to the cross-tool nature of the problem.

Install a community skill

The basic flow is identical to any other GitHub CLI extension. Authenticate once, then install a skill from any public repository.

# Install the GitHub CLI skill extension itself
gh extension install github/gh-skill

# Install a community skill from a public repo
gh skill install acme/code-review-checklist

# List all skills currently installed locally
gh skill list

# Install a specific version (semver tag)
gh skill install acme/code-review-checklist@v1.4.2
# illustrative — exact flag names may shift before GA

By default the install writes manifests into every detected agent config directory. If you only want the skill in Claude Code and Cursor, the --target flag narrows the projection to a chosen subset.

Publish your own

Publishing means tagging a release on a GitHub repository that contains a valid skill.yaml manifest. The manifest is intentionally small, and shares lineage with the existing Claude Code skills format and Cursor's MDC frontmatter.

# skill.yaml — the canonical manifest format
name: code-review-checklist
version: 1.4.2
description: Opinionated code-review checklist for TypeScript services
authors:
  - "Acme Engineering <eng@acme.example>"
licence: MIT
targets:
  claude-code: ./targets/claude/SKILL.md
  cursor:     ./targets/cursor/rule.mdc
  copilot:    ./targets/copilot/instructions.md
  codex:      ./targets/codex/AGENTS.md
  gemini:     ./targets/gemini/GEMINI.md
  antigravity: ./targets/antigravity/antigravity.md
keywords: [typescript, code-review, security]
# illustrative — exact key names subject to change in preview

Each targets entry points at a tool-specific projection of the same underlying skill. Authors who do not care to write tool-specific variants can leave a single default file, and the CLI will write that file out into each target config directory unchanged.

Version pinning and updates

The CLI keeps a lockfile in ~/.config/gh-skill/lock.json that records exactly which version of each skill is currently installed. gh skill update bumps to the latest compatible semver release; gh skill outdated shows what would change without applying it. Familiar territory for anyone who has used npm, pip, or cargo.

A worked example — one skill, two agents

Suppose you maintain a "review-pr" skill that codifies your team's PR-review heuristics. It tells the agent to check for missing tests, flag any new external dependencies, and refuse to approve a change that touches authentication code without a second human reviewer. You want the same behaviour whether your engineers are using Claude Code in the terminal or Cursor in the editor.

With gh skill, the workflow is:

Push the skill to your-org/review-pr with a tagged release.
Each engineer runs gh skill install your-org/review-pr once.
The CLI writes the Claude Code variant into .claude/skills/review-pr/ and the Cursor variant into .cursor/rules/review-pr.mdc.
An engineer using Claude Code invokes the skill with the usual /review-pr trigger; an engineer in Cursor sees the rule auto-applied when they open the PR diff.

Both cohorts get the same heuristic, expressed in the form their tool expects. When you ship version 1.4.3 with a tightened auth-code rule, a single gh skill update on each developer's machine — or a CI job that runs it for them — keeps the whole organisation consistent.

Watch out

This is a public preview. We have hit at least two version-conflict edge cases where two skills both want to write to the same target file (typically a top-level AGENTS.md), and the resolution behaviour today is "last write wins" with a warning. Until that lands properly, treat the registry as read-only in production CI and pin every skill to a specific version tag.

How it compares to the alternatives

The packaging-and-distribution layer is a different concern from the runtime-tool-call layer that MCP occupies. They are complementary, not competitive. The table below maps the four main options a team has today.

Approach	Scope	Versioning	Cross-tool	Registry
`gh skill`	Static skill artefacts (prompts, scaffolds, instructions)	Semver tags on GitHub releases + lockfile	Yes — six tools at preview launch	GitHub repos, public or private
MCP servers	Live tool calls at runtime (filesystems, APIs, services)	Per-server, ad hoc	Yes — every major agent supports MCP	Decentralised; community lists
Claude Code skills (native)	Static skill artefacts inside one tool	Manual — copy folders, no lockfile	No — Claude Code only	None first-party
Cursor rules	Static rule files inside one tool	Manual — git history of the repo	No — Cursor only	None first-party

The honest summary: MCP is for things the agent does at runtime, and gh skill is for things the agent reads at the start. Most production teams will end up using both, with MCP servers handling live integrations and gh skill handling shared standards, conventions, and review checklists.

From a verified Builder

"We have a small platform team in Shoreditch maintaining the prompt libraries our forty engineers use. Before this preview, every Claude Code and Cursor change meant two PRs and an inevitable drift bug a fortnight later. Pointing both editors at the same gh skill repo cut that maintenance to one PR. The CLI is rough at the edges, but the model is right."

— James, Verified Builder · London, UK

What is missing today

The preview ships with the verbs you need and a serviceable manifest, but a handful of rough edges are obvious to anyone who has shipped a real package manager.

Registry surface is thin — discovery today means knowing the GitHub repo path. There is no gh skill search against a curated index, no rating, and no spam controls. Expect this to land as a hosted index sometime after general availability.
Version conflict resolution is naive — two skills writing to the same AGENTS.md or top-level rules file resolve as "last write wins". The right answer is namespaced sections or a merge protocol; neither is in preview.
Signing and provenance are absent — there is no cosign-style signature on releases yet. Anyone hosting a popular skill is one compromised maintainer account away from a supply-chain incident. Treat unsigned community skills with appropriate scepticism.
Private-registry semantics are early — a private GitHub repo works as a registry, but enterprise scenarios such as "all skills must be reviewed by security before install" want first-class policy hooks the CLI does not yet expose.
Sharing across orgs is rough — you can install from a public repo, but moving a fork between two organisations and keeping its install lineage tidy currently needs a manual lockfile edit.

None of these are dealbreakers. They are the predictable list of "what version 0.x ships without" and they all have obvious solutions on the roadmap.

Want to discuss this with other verified Builders?

Every article on AI Tech Connect is written by a Verified Builder. Browse profiles, shortlist who you want to hire or collaborate with.

Browse Builders →

What this means for AI builders in India and the UK

Adoption signal is the headline story here. Indian engineering organisations — particularly the larger product groups in Bengaluru, Hyderabad, and the NCR — have been the most aggressive multi-tool adopters of AI coding agents in our reporting, partly because they often run hybrid in-house plus offshore-vendor teams that each settle on different favourite tools. The same is true of UK financial-services firms in the City and product teams in Manchester and Edinburgh, which often have stricter procurement constraints that force a "Copilot for compliance, Cursor for IC velocity" split. In both markets, the pain of maintaining six versions of the same skill is acute. gh skill being a GitHub-native, free, open-source extension means the procurement bar is roughly nil — which historically is the strongest predictor of fast adoption among Indian and UK platform teams.

If you are a Verified Builder maintaining open-source skills, this is also a good moment to publish. The registry is thin, which means early high-quality skills — review checklists, security heuristics, India-stack and UK-banking-stack scaffolds — will accrue meaningful gravity quickly. Reference primary sources at github.com/cli/cli and the launch write-up on the Big Hat Group blog.