aiskillstore/library-detection
skills/consiliency/library-detection/SKILL.md
Detect project stack from package manifests (package.json, pyproject.toml, go.mod, Cargo.toml, pubspec.yaml, CMakeLists.txt). Auto-identify frameworks, test tools, and build systems for onboarding.
$ install --global
skillsauthnpx skillsauth add aiskillstore/marketplace library-detectionInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 5:38 PM57.3s3 files scanned
SKILL.md
- name:
- library-detection
- description:
- Detect project stack from package manifests (package.json, pyproject.toml, go.mod, Cargo.toml, pubspec.yaml, CMakeLists.txt). Auto-identify frameworks, test tools, and build systems for onboarding.
Library Detection Skill
Automatically detect the technology stack of a project by analyzing package manifests and configuration files. Returns structured data for use in onboarding, documentation discovery, and tool configuration.
Variables
| Variable | Default | Description | |----------|---------|-------------| | SCAN_DEPTH | 3 | Max directory depth to search for manifests | | INCLUDE_DEV_DEPS | true | Include development dependencies in analysis | | DETECT_FRAMEWORKS | true | Identify frameworks from dependencies | | DETECT_TEST_TOOLS | true | Identify test frameworks and runners | | OUTPUT_FORMAT | json | Output format: json, markdown, or toon |
Instructions
MANDATORY - Follow the Workflow steps below in order. Do not skip steps.
- Scan for package manifests in the project
- Parse each manifest to extract dependencies
- Classify dependencies into categories
- Detect frameworks and test tools from dependency patterns
- Output structured stack summary
Red Flags - STOP and Reconsider
If you're about to:
- Assume a framework without checking imports or config files
- Skip manifest files because "the project is simple"
- Hardcode framework versions instead of reading from manifests
- Report a library without verifying it's actually used
STOP -> Read the manifest files -> Verify with imports/configs -> Then report
Workflow
1. Discover Manifests
Scan for these files (in order of priority):
| File | Language | Parser |
|------|----------|--------|
| package.json | JavaScript/TypeScript | JSON |
| pyproject.toml | Python | TOML |
| requirements.txt | Python | Line-based |
| go.mod | Go | Go mod |
| Cargo.toml | Rust | TOML |
| pubspec.yaml | Dart/Flutter | YAML |
| CMakeLists.txt | C/C++ | CMake |
| meson.build | C/C++ | Meson |
| WORKSPACE | Bazel | Bazel |
| pom.xml | Java | XML |
| build.gradle | Java/Kotlin | Gradle DSL |
| Gemfile | Ruby | Ruby DSL |
| composer.json | PHP | JSON |
Also check for:
Dockerfile- containerizationdocker-compose.yml- container orchestration.github/workflows/*.yml- CI/CDMakefile- build systemtsconfig.json- TypeScript configvite.config.*/webpack.config.*- bundlers
2. Parse Dependencies
For each manifest, extract:
- Production dependencies: runtime requirements
- Development dependencies: build/test tools
- Peer dependencies: expected host environment
- Optional dependencies: feature flags
3. Classify Stack
Group findings into:
{
"languages": ["typescript", "python", "go", "rust", "dart", "cpp"],
"frameworks": [
{"name": "react", "version": "^18.0.0", "category": "frontend"},
{"name": "fastapi", "version": "^0.100.0", "category": "backend"}
],
"test_frameworks": [
{"name": "vitest", "version": "^1.0.0"},
{"name": "pytest", "version": "^7.0.0"}
],
"build_tools": ["vite", "uv", "docker"],
"databases": ["postgresql", "redis"],
"cloud_providers": ["aws", "vercel"],
"ci_cd": ["github-actions"]
}
4. Framework Detection Patterns
Use the cookbook for specific detection logic:
- Read
./cookbook/manifest-parsing.mdfor parsing rules - Match dependency names against known framework patterns
5. Output
Return the structured stack summary in the requested format.
Cookbook
Manifest Parsing
- IF: Parsing any package manifest
- THEN: Read and execute
./cookbook/manifest-parsing.md
Quick Reference
Detection Patterns
| Dependency Pattern | Detected As |
|--------------------|-------------|
| react, react-dom | React framework |
| vue, @vue/* | Vue framework |
| next | Next.js framework |
| fastapi | FastAPI framework |
| django | Django framework |
| flask | Flask framework |
| express | Express.js framework |
| vitest, jest | JavaScript test framework |
| pytest | Python test framework |
| gtest, gmock, catch2 | C/C++ test framework |
| flutter, flutter_test | Flutter framework |
| @testing-library/* | Testing utilities |
Category Mappings
| Category | Examples | |----------|----------| | frontend | react, vue, svelte, angular | | backend | fastapi, django, express, gin | | database | prisma, sqlalchemy, typeorm | | testing | vitest, jest, pytest, playwright | | build | vite, webpack, esbuild, rollup | | linting | eslint, prettier, ruff, black | | typing | typescript, mypy, pyright | | build-native | cmake, meson, bazel |
Output Schema
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"properties": {
"project_root": {"type": "string"},
"scanned_at": {"type": "string", "format": "date-time"},
"languages": {
"type": "array",
"items": {"type": "string"}
},
"frameworks": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string"},
"version": {"type": "string"},
"category": {"type": "string"}
}
}
},
"test_frameworks": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string"},
"version": {"type": "string"}
}
}
},
"build_tools": {
"type": "array",
"items": {"type": "string"}
},
"databases": {
"type": "array",
"items": {"type": "string"}
},
"cloud_providers": {
"type": "array",
"items": {"type": "string"}
},
"ci_cd": {
"type": "array",
"items": {"type": "string"}
},
"manifests_found": {
"type": "array",
"items": {"type": "string"}
}
}
}
Integration
Other skills and commands can use this skill for:
- Documentation discovery: Map detected frameworks to doc sources
- Onboarding: Generate quickstart guides tailored to the stack
- Tool configuration: Auto-configure linters, formatters, test runners
- Agent routing: Select appropriate AI providers based on stack
Example usage in another skill:
## Prerequisites
Before implementing, run the `library-detection` skill to identify:
- Test frameworks (for writing tests)
- Build tools (for verification)
- Database libraries (for data layer work)
Related Skills
aiskillstore/hig-components-content
development
VerifiedTrustedCommunity
Apple Human Interface Guidelines for content display components. Use this skill when the user asks about charts component, collection view, image view, web view, color well, image well, activity view, lockup, data visualization, content display, displaying images, rendering web content, color pickers, or presenting collections of items in Apple apps. Also use when the user says how should I display charts, what's the best way to show images, should I use a web view, how do I build a grid of items, what component shows media, or how do I present a share sheet. Cross-references: hig-foundations for color/typography/accessibility, hig-patterns for data visualization patterns, hig-components-layout for structural containers, hig-platforms for platform-specific component behavior.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/helpdesk-automation
tools
VerifiedTrustedCommunity
Automate HelpDesk tasks via Rube MCP (Composio): list tickets, manage views, use canned responses, and configure custom fields. Always search tools first for current schemas.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/haskell-pro
testing
VerifiedTrustedCommunity
Expert Haskell engineer specializing in advanced type systems, pure functional design, and high-reliability software. Use PROACTIVELY for type-level programming, concurrency, and architecture guidance.
244SKILL.mdUpdated Apr 10, 2026
aiskillstore/graphql
tools
VerifiedTrustedCommunity
GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully.
244SKILL.mdUpdated Apr 10, 2026