Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Show HN: Mother MCP – Manage your Agent Skills like a boss-Auto provision skills (github.com/dmgrok)
2 points by DavidGraca 40 days ago | hide | past | favorite | 2 comments
Hi HN,

Built an MCP server that auto-detects your tech stack and installs relevant AI coding skills.

Problem: CLAUDE.md, copilot-instructions, cursor-rules – every tool has its own monolithic instruction format. They grow huge (10K+ tokens) and load on every request.

Solution: Composable skills (~500 tokens each) that sync from registries and load only when matched to your stack.

- 3-tier detection: GitHub SBOM → Specfy (700+ techs) → local fallback - 25+ skills from Anthropic, OpenAI, GitHub - Works with Claude, Copilot, Codex



Interesting approach to the instruction bloat problem. The composable skills idea makes sense - 500 tokens vs 10K is a real difference.

One thing I'd be curious about: how do you think about security when skills auto-provision based on stack detection? If a skill gets compromised upstream, the auto-sync could propagate it quickly.

We're working on policy enforcement for MCP at keypost.ai and thinking about similar trust questions - what should be allowed to load/execute vs what needs explicit approval.


Hi, thanks for reaching out, yep a big issue... not only for skills but all dependencies. One of the options I see is governance... rely on a trusted listing where you with your experts curate/validate/assess and select the ones that match your quality standards. The current MCP already supports that, you just need to change the listing json file, right now i use this listing https://github.com/dmgrok/agent_skills_directory that goes get the skills to some "trusted" repos, anthropic, vercel, github.

how are you dealing with this topic at keypost.ai?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: