What Are Agent Skills?
Reusable, modular capabilities that turn a general-purpose Claude into a specialist โ automatically.
The Problem Skills Solve
Every time you start a new conversation with Claude, it starts fresh. If you always need Claude to follow a particular workflow โ say, always processing PDFs a certain way, or always formatting code reviews in a specific structure โ you have to re-explain that every single time.
Agent Skills solve this. They're like a permanent onboarding guide stored on a virtual filesystem โ Claude reads the relevant parts automatically whenever they apply.
Prompts are conversation-level instructions for one-off tasks. Skills are reusable packages that load on-demand and eliminate the need to repeatedly provide the same guidance across multiple conversations.
Skills are reusable, filesystem-based
resources that provide Claude with
domain-specific expertise: workflows,
context, and best practices that
transform general-purpose agents
into specialists. Unlike prompts
(conversation-level instructions for
one-off tasks), Skills load on-demand
and eliminate the need to repeatedly
provide the same guidance across
multiple conversations.Skills are saved files on a virtual hard drive โ not text in a conversation.
They give Claude specialized knowledge for a particular domain or task.
They include workflows, context, and established best practices.
This turns a general-purpose Claude into a domain expert.
Unlike instructions you type into chat (which disappear after the conversation)...
...Skills load automatically whenever they're relevant.
You create them once and never have to explain the same thing again.
Three Key Benefits
Specialize Claude
Tailor Claude's capabilities for domain-specific tasks. A PDF-processing Skill makes Claude an expert at extracting tables and filling forms โ even if you never explain how.
Reduce Repetition
Create once, use automatically. No more copy-pasting instructions at the start of every session. Skills persist across all conversations.
Compose Capabilities
Combine multiple Skills to build complex workflows. A data pipeline might use an Excel Skill, a PDF Skill, and a custom reporting Skill together.
Two Kinds of Skills
There are two categories of Skills, and they work identically โ Claude uses them the same way regardless of origin.
Made by Anthropic for common document tasks: PowerPoint, Excel, Word, and PDF. Available to all users on claude.ai and via the Claude API. No setup required.
Skills you build yourself to package domain expertise and organizational knowledge. Create them in Claude Code, upload via the API, or add in claude.ai settings.
If you use Claude Code, Skills are active right now. The resource-to-course and codebase-to-course capabilities this very study guide was built with are Skills stored in ~/.claude/skills/.
Check Your Understanding
Think through each question before revealing the answer.
You keep repeating the same 10-line instruction to Claude at the start of every conversation. Should you use a prompt or a Skill?
A Skill. Prompts are for one-off, conversation-level tasks. If you are providing the same guidance repeatedly, that is exactly what Skills are designed to eliminate โ create it once and it loads automatically whenever relevant.
A colleague uploads a Custom Skill to the Claude API. Can you use it in your claude.ai account without any extra steps?
No. Custom Skills do not sync across surfaces. Skills uploaded to the API are workspace-wide on the API, but they are not automatically available on claude.ai. You would need to upload the same Skill separately to claude.ai.
How Skills Work
Progressive disclosure: Claude loads only what it needs, exactly when it needs it.
Three Levels of Loading
The central architectural idea in Skills is progressive disclosure. Instead of dumping everything into the context window at startup, Skills load in stages:
You can install dozens of Skills without a context penalty. Only the tiny metadata (∼100 tokens each) sits in the context at startup. The rest loads on-demand. This is why Skills are fundamentally different from just adding instructions to your system prompt.
Level 1: The YAML Frontmatter
Every Skill begins with a YAML frontmatter block. This is the only part that is always loaded โ it is what allows Claude to decide whether to invoke the Skill at all.
---
name: pdf-processing
description: Extract text and tables
from PDF files, fill forms,
merge documents. Use when
working with PDF files or
when the user mentions PDFs,
forms, or document extraction.
---Start of the metadata block.
A unique identifier for this Skill โ lowercase, hyphens only, max 64 chars.
The description is the triggering signal.
It tells Claude WHAT the Skill does...
...and WHEN to use it.
Including trigger phrases ("when the user mentions PDFs") makes the Skill fire reliably.
This entire block is about 100 tokens โ tiny cost, always present.
End of the metadata block.
The description field is the most important thing you write when creating a Skill. It is the sole mechanism that determines whether Claude invokes the Skill โ so it must be specific about both what the Skill does and the contexts in which it should fire.
Level 3: Scripts Run Without Entering Context
The most powerful part of the Skills architecture: executable scripts that Claude runs via bash โ their code never occupies the context window.
pdf-skill/
โโโ SKILL.md # always read when triggered
โโโ FORMS.md # read only if form-filling needed
โโโ REFERENCE.md # read only if deep ref needed
โโโ scripts/
โโโ fill_form.py # RUNS, never read into contextA Skill is just a folder on the filesystem.
SKILL.md loads when the Skill is triggered โ always.
FORMS.md is optional โ only loaded if the task involves forms.
REFERENCE.md sits dormant if the task doesn't need it โ zero token cost.
Scripts live in a subfolder.
fill_form.py gets executed by Claude via bash โ but its source code is never read into the context window. Only the output (e.g., "Form filled successfully") is returned.
The Three Levels โ Flashcard Drill
Click each card to test your recall of the loading levels.
When is Level 1 loaded?
Click to flipAlways โ at startup, every session. Only the YAML frontmatter (name + description). ~100 tokens per Skill.
What triggers Level 2 loading?
Click to flipA user request that matches the Skill's description. Claude reads SKILL.md from the filesystem via bash โ only then do the instructions enter the context window.
Why do scripts never consume context tokens?
Click to flipBecause Claude runs them via bash โ it doesn't read the code. Only the script's output enters the context. The source code stays on the filesystem.
What practical benefit does progressive disclosure give you?
Click to flipYou can install many Skills with no context penalty. Only the ~100-token metadata for each Skill sits in context at startup. Full instructions and resources load only when needed.
Building & Using Skills
SKILL.md structure, where Skills work, and what pre-built Skills are available.
Anatomy of a SKILL.md
Every Skill requires exactly one file: SKILL.md. The SKILL.md file has two parts โ the YAML frontmatter and the instruction body.
---
name: your-skill-name
description: What it does and
when to use it.
---
# Your Skill Name
## Instructions
[Step-by-step guidance]
## Examples
[Concrete examples]Start of the required metadata block.
Unique ID: lowercase letters, numbers, hyphens only. Max 64 characters.
The triggering description โ what Claude looks for to decide whether to invoke this Skill.
Must be non-empty; max 1024 characters; no XML tags.
End of the metadata block.
(blank line)
The instruction body starts here โ everything below is loaded when the Skill triggers.
Step-by-step workflows, best practices, anything Claude needs to follow.
Concrete worked examples help Claude apply the Skill correctly.
Neither field can contain XML tags. The name field also cannot contain the reserved words "anthropic" or "claude".
Where Skills Work
Skills are available across Claude's products, but with different constraints. The key difference is sharing scope โ who can see the Skill once it's installed.
Claude API
Supports pre-built and custom Skills. Custom Skills are workspace-wide โ upload once, all team members can use them. Requires three beta headers.
Claude Code
Supports custom Skills only. Filesystem-based โ no API upload needed. Store in ~/.claude/skills/ (personal) or .claude/skills/ (project). Full network access.
claude.ai
Supports pre-built and custom Skills. Custom Skills are individual to each user โ not shared org-wide. Upload as a .zip file via Settings > Features. Pro/Max/Team/Enterprise only.
Key Facts โ Fill in the Blanks
Click each blank to reveal the answer.
Level 1 metadata costs approximately __________ per Skill, while Level 2 instructions cost ________________ when triggered.
Custom Skills on the Claude API are shared ________________, while on claude.ai they are visible only to the ________________ who uploaded them.
The two required fields in a SKILL.md frontmatter are ______ and ___________.
In Claude Code, Skills can be stored personally in __________________ or per-project in ________________.
Apply What You Know
You built a Skill that never fires even when you use it for exactly its stated purpose. Which field is most likely the problem?
You build a Skill that needs to call an external weather API for real-time data. You deploy it via the Claude API. What happens?
Security, Limits & Review
What Skills can't do, what you must protect against, and a full review deck to cement everything.
The Security Model
Skills run with Claude's full permissions. This is powerful โ and it means you need to treat Skill sources with the same care you'd give any code you run on your machine. Four threat categories matter most.
Skills execute in the same security
context as Claude itself. Review
Skill contents before installing.
Externally sourced content may
contain prompt injection attempts.
Avoid Skills that request excessive
permissions beyond their stated
purpose. Sensitive data in Skill
context may be exposed to bundled
scripts.A Skill runs as Claude โ not in a sandbox. It can read files, run scripts, make API calls.
Read the SKILL.md before you install anything from the internet.
Web pages, PDFs, or data a Skill processes could contain hidden instructions trying to hijack Claude.
A Skill that asks to read your SSH keys "for a formatting task" is a red flag.
Whatever data is in your conversation when a Skill fires could be read by that Skill's scripts.
Audit before install
Read every line of SKILL.md and any bundled scripts before installing. If a Skill comes from an untrusted source, treat it like untrusted code โ because that's what it is.
Prompt injection risk
A Skill that processes external content (web pages, emails, documents) can encounter text that tries to override Claude's instructions. Watch for unexpected behavior after a Skill processes external data.
Permission creep
Legitimate Skills request only what they need. A PDF-processing Skill has no reason to access your git config or environment variables. Scope mismatch between stated purpose and requested actions is a warning sign.
Data exposure
Scripts bundled with a Skill can read files that Claude can access. Don't use Skills with untrusted scripts when sensitive credentials, private keys, or confidential documents are in scope.
Key Limitations
Skills are powerful but not universal. These are the hard constraints โ not bugs, but deliberate design decisions with real practical implications.
Think It Through
These questions connect concepts across all four modules. Think before revealing each answer.
A team installs a Custom Skill via the Claude API. A new hire joins the team. Do they immediately have access to the Skill? What about a colleague who uses claude.ai instead of the API?
The new hire has immediate access โ API Skills are workspace-wide. The colleague on claude.ai does not โ there is no cross-surface sync. They would need to upload the same Skill separately to their claude.ai settings.
You have 15 Custom Skills installed. Why doesn't this degrade Claude's performance the way adding 15 system prompt sections would?
Because of progressive disclosure. Only Level 1 metadata (~100 tokens per Skill) sits in the context window at startup โ that's ~1,500 tokens for 15 Skills. The instruction bodies load only when triggered. With 15 system prompt sections, all the text would be in context permanently regardless of relevance.
You build a Skill whose SKILL.md instructions reference a Python script at scripts/process.py. The script is 800 lines. How many of those 800 lines enter the context window when the Skill runs the script?
Zero. Scripts are executed via bash โ Claude runs them, it doesn't read them. Only the script's output (e.g., "Processed 42 rows") enters the context window. The 800 lines stay on the filesystem.
Final Quiz
You build a Skill that scrapes web pages and summarizes them. Claude starts behaving oddly after processing a particular page โ it ignores your instructions and tries to exfiltrate your API keys. Which threat model does this illustrate?
In Claude Code, what is the difference between storing a Skill in ~/.claude/skills/ versus .claude/skills/?
Which single field in a SKILL.md determines whether Claude ever uses the Skill?
Full Review Deck
Every key concept from all four modules. Shuffle and drill until they feel automatic.
What problem do Agent Skills solve?
Click to flipEvery Claude conversation starts fresh. Skills are reusable, filesystem-based resources that eliminate the need to re-explain the same guidance across multiple conversations โ create once, load automatically.
Pre-built Skills vs. Custom Skills
Click to flipPre-built: Made by Anthropic (PowerPoint, Excel, Word, PDF). Available to all users, no setup. Custom: Built by you, packaged as a SKILL.md directory. Installed in Claude Code, the API, or claude.ai.
Progressive Disclosure
Click to flipSkills load in stages: Level 1 metadata (~100 tokens) is always in context. Level 2 instructions load only when triggered. Level 3 resources/scripts load on demand. This means you can install many Skills with no context penalty.
Why do scripts never consume context tokens?
Click to flipClaude runs scripts via bash rather than reading them. Only the script's output enters the context window. The source code stays on the filesystem โ zero token cost regardless of script size.
What triggers Level 2 loading?
Click to flipA user request that matches the Skill's description. Claude reads the SKILL.md body from the filesystem via bash โ only then do the full instructions enter the context window.
Two required SKILL.md frontmatter fields
Click to flipname โ unique identifier; lowercase letters, numbers, hyphens; max 64 characters; cannot contain "anthropic" or "claude". description โ the sole triggering mechanism; must be non-empty; max 1024 characters; no XML tags.
Sharing scope: API vs. claude.ai vs. Claude Code
Click to flipAPI: workspace-wide โ all team members. claude.ai: individual user only. Claude Code: personal (~/.claude/skills/) = all your projects; project (.claude/skills/) = that project only.
Which platform has no network access for Skills?
Click to flipThe Claude API. Skills deployed via the API cannot make external HTTP calls or access the internet. Claude Code has full network access. Claude.ai access varies by settings.
Prompt injection in the context of Skills
Click to flipWhen a Skill processes external content (web pages, documents, emails), that content could contain hidden instructions designed to override Claude's behavior. Watch for unexpected actions after a Skill handles external data.
No cross-surface sync
Click to flipCustom Skills do not automatically transfer between surfaces. A Skill installed on the Claude API is not available on claude.ai, and vice versa. You must install it separately on each platform where you want it.