AI Skills
Anatomy of an Effective AI Skill
Discover the essential components that make AI skills effective. Learn the building blocks of clear purpose, context injection, and structured outputs.
Discover the essential components that make AI skills effective. Learn the building blocks of clear purpose, context injection, and structured outputs.
Not all skills are equal. Some dramatically improve Claude's performance on a task. Others add complexity without value. The difference lies in how the skill is structured and what it contains.
Effective skills share common components: a clear purpose, injected context, structured outputs, tool guidance, guardrails, and composability. This guide dissects each component, showing what makes it work and how to implement it well.
Every effective skill contains some combination of these elements:
Not every skill needs all six, but understanding each helps you build better skills.
A skill should do one thing exceptionally well. Broad skills that try to cover everything end up mediocre at all of it. Focused skills deliver consistent excellence.
Clearly scoped:
# Python Type Checking
This skill focuses on evaluating and improving type annotations
in Python code. It covers type hints, type guards, generics,
and compatibility with type checkers like mypy.
You know exactly what this skill does and does not do.
Single domain:
# React Component Review
Review React components for best practices, performance,
accessibility, and maintainability.
One domain, thoroughly covered.
Specific outcome:
# API Error Messages
Generate user-friendly error messages for API responses
that are informative, actionable, and secure.
Clear output type and quality criteria.
Too broad:
# Full Stack Development
Everything about frontend, backend, databases, DevOps...
No single skill can cover all of this well.
Vague goals:
# Better Code
Help make code better.
"Better" how? For whom? Under what constraints?
Multiple unrelated purposes:
# Review and Document and Test
Review code, write documentation, generate tests...
These are three different skills forced into one.
Ask these questions:
If the answers are unclear, split into multiple focused skills.
Claude has broad knowledge but lacks specifics about your project, company, domain, or conventions. Context injection teaches Claude what it needs to know to be effective in your environment.
Domain knowledge:
## Our Healthcare Domain
### HIPAA Compliance
- PHI includes: name, address, SSN, medical record numbers
- De-identification requires removing all 18 identifiers
- Minimum necessary principle: only access what is needed
### Medical Terminology
- EMR: Electronic Medical Record
- EHR: Electronic Health Record (interoperable)
- HL7 FHIR: Healthcare data exchange standard
Claude knows general healthcare concepts but not your compliance requirements.
Project conventions:
## Project Structure
src/
├── api/ # API route handlers
├── services/ # Business logic
├── models/ # Database models
├── utils/ # Shared utilities
└── types/ # TypeScript type definitions
## Naming Conventions
- Services: UserService, OrderService (PascalCase + Service)
- Utilities: formatDate, parseQuery (camelCase verbs)
- Types: UserDTO, ApiResponse (PascalCase + domain suffix)
Claude cannot know your project layout without being told.
Business rules:
## Order Processing Rules
- Orders under $50: No approval required
- Orders $50-$500: Manager approval required
- Orders over $500: Director approval + CFO notification
- International orders: Always require customs documentation
These rules exist nowhere in Claude's training data.
Historical context:
## Previous Decisions
### Why we use PostgreSQL over MySQL
Decision date: 2023-01-15
Reasoning: JSONB support for flexible data, better concurrent write handling
### Why we avoided microservices initially
Decision date: 2022-06-01
Reasoning: Small team, premature complexity. Monolith with modular design.
Helps Claude understand the "why" behind current state.
Be specific:
# Wrong: vague
We use a specific coding style.
# Right: specific
We use 2-space indentation, single quotes, trailing commas,
and semicolons. Line length max 80 characters.
Explain reasoning:
# Wrong: just rules
Never use `any` type.
# Right: rules with reasoning
Avoid `any` type because it defeats TypeScript's value proposition.
When external data is truly unknown, prefer `unknown` with type guards.
This ensures runtime validation happens where types are uncertain.
Include examples:
## API Response Format
All API responses follow this structure:
\`\`\`json
{
"success": true,
"data": { ... },
"meta": {
"timestamp": "2025-01-15T10:30:00Z",
"requestId": "uuid"
}
}
\`\`\`
Error responses:
\`\`\`json
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "User-friendly message",
"details": { "field": "specific issue" }
}
}
\`\`\`
Consistent output formats make responses predictable and useful. Users know what to expect. Outputs can be parsed or processed downstream.
Explicit structure:
## Code Review Output
Structure your review as:
### Summary
One paragraph overall assessment.
### Critical Issues
Must fix before merge.
Format: [FILE:LINE] Description - Suggested Fix
### Recommendations
Should consider implementing.
Format: [FILE:LINE] Description - Rationale
### Positive Notes
What was done well.
Templated responses:
## Error Message Template
Format error messages as:
**Title:** [Action that failed]
**Impact:** [What the user cannot do now]
**Cause:** [Why it happened, if known]
**Resolution:** [What to do next]
Example:
**Title:** Payment Processing Failed
**Impact:** Your order has not been placed
**Cause:** Your card was declined by the issuing bank
**Resolution:** Please try a different payment method or contact your bank
Machine-readable formats:
## Test Output Format
Output test results as JSON:
\`\`\`json
{
"summary": {
"total": 15,
"passed": 12,
"failed": 2,
"skipped": 1
},
"failures": [
{
"test": "test_user_creation",
"file": "tests/test_user.py",
"line": 45,
"error": "AssertionError: expected 'John' got 'Jane'",
"suggestion": "Check fixture setup for user data"
}
]
}
\`\`\`
Match the use case:
Be consistent:
Include metadata:
Skills can guide when and how Claude uses tools (file system, shell, git, etc.). This makes tool usage more effective and appropriate.
When to use tools:
## Tool Usage
### Use Filesystem Tools When
- Verifying file existence before modification
- Reading configuration before making assumptions
- Confirming code changes after edits
### Use Shell Tools When
- Running tests to verify changes
- Checking system state (installed packages, versions)
- Executing build commands
### Avoid Tools When
- Question can be answered from context
- User is asking hypothetical questions
- Tool usage would be slow and unnecessary
How to use tools:
## File Modification Patterns
When modifying files:
1. Read current content first
2. Make minimal, targeted changes
3. Verify changes are syntactically valid
4. Run tests if available
When creating files:
1. Check if file already exists
2. Follow project naming conventions
3. Include standard headers/boilerplate
4. Place in appropriate directory
Tool preferences:
## Git Operations
For commits:
- Use conventional commit format
- Keep message under 50 characters for title
- Include body for non-trivial changes
For branches:
- feature/[issue-id]-brief-description
- fix/[issue-id]-brief-description
- Never commit directly to main
For testing:
- Run tests before committing
- If tests fail, explain and seek guidance
Guardrails keep Claude focused and prevent harmful or unproductive behavior. They define what the skill should not do as much as what it should.
Scope boundaries:
## Scope Limits
This skill covers:
- React component structure
- React hooks usage
- React performance optimization
This skill does NOT cover:
- Backend API design
- Database queries
- Deployment configuration
- General JavaScript (use the JavaScript skill for that)
Safety constraints:
## Safety Guardrails
### Never
- Suggest storing passwords in plain text
- Recommend disabling security features
- Write code that bypasses authentication
- Create backdoors or hidden access
### Always
- Recommend parameterized queries
- Suggest input validation
- Encourage principle of least privilege
- Propose secure defaults
Quality thresholds:
## Quality Requirements
### Code Reviews Must
- Identify at least 3 points (even if all positive)
- Provide specific line references
- Suggest concrete improvements
- Explain the reasoning
### Code Reviews Must Not
- Just say "looks good"
- Nitpick style issues covered by linters
- Suggest complete rewrites for minor issues
- Be condescending or unclear
Behavioral limits:
## Behavioral Guardrails
### Do Not
- Make assumptions about requirements not stated
- Proceed with destructive operations without confirmation
- Ignore explicit user constraints
- Override user preferences with "better" ideas
### Always
- Ask for clarification when uncertain
- Confirm before permanent/destructive actions
- Respect stated constraints even if suboptimal
- Offer alternatives rather than arguing
Skills should work well with other skills. A user might load multiple skills simultaneously, and they should complement rather than conflict.
Clear boundaries:
# TypeScript Skill
## Scope
TypeScript-specific patterns and type system usage.
Defers to JavaScript skill for general JavaScript patterns.
Defers to React skill for React-specific TypeScript patterns.
No overlap with other skills' responsibilities.
Non-conflicting outputs:
# Security Review Skill
## Output Integration
When combined with other review skills:
- Add "Security" section to existing review structure
- Do not duplicate findings from other skills
- Reference other skill findings when relevant
Outputs integrate rather than override.
Explicit combinations:
# API Design Skill
## Works Well With
- Security skill: API security best practices
- Documentation skill: API documentation standards
- Testing skill: API testing approaches
## Potential Conflicts With
- Legacy compatibility skill: May suggest patterns
that conflict with modern API design
Help users understand how skills interact.
Use specific triggers:
# React Skill
## Activation
Apply when working with:
- .tsx files containing React imports
- .jsx files containing React imports
- Files in components/ directory
- Explicit user mention of React
Skills activate only when truly relevant.
Defer appropriately:
# Frontend Skill
## Deferral Rules
When question is specifically about:
- React patterns → Defer to React skill
- TypeScript types → Defer to TypeScript skill
- CSS architecture → Defer to CSS skill
Provide only general frontend guidance unless those skills
are not loaded.
Skills that respect hierarchy.
Here is a skill that demonstrates all six building blocks:
# Python FastAPI Development
## Purpose
Expert guidance for building FastAPI applications with emphasis
on type safety, async patterns, and production best practices.
## Domain Context
### FastAPI Conventions
- All endpoints use type hints for request/response
- Pydantic models for data validation
- Dependency injection for shared logic
- Background tasks for non-blocking operations
### Project Structure
app/
├── main.py # FastAPI app initialization
├── routers/ # Route definitions by domain
├── models/ # Pydantic models
├── services/ # Business logic
├── dependencies/ # Injectable dependencies
└── utils/ # Shared utilities
### Database Patterns
- SQLAlchemy with async support
- Alembic for migrations
- Repository pattern for data access
## Output Format
### For Code Generation
\`\`\`python
# File: [path]
# Purpose: [brief description]
[imports]
[code with type hints and docstrings]
\`\`\`
### For Code Review
1. **Async Issues** - Problems with async/await
2. **Type Issues** - Missing or incorrect types
3. **API Issues** - Endpoint design problems
4. **Recommendations** - Improvements to consider
## Tool Guidelines
### File Operations
- Read existing code before suggesting changes
- Match existing style in the project
- Run uvicorn --reload to test changes if dev server available
### Testing
- Suggest pytest-asyncio for async tests
- Recommend httpx for API testing
- Include fixture patterns for common setups
## Guardrails
### Do Not
- Suggest synchronous database operations
- Recommend global state over dependency injection
- Create endpoints without response models
- Skip input validation
### Always
- Use async/await for I/O operations
- Define response models for all endpoints
- Include appropriate status codes
- Handle errors with appropriate HTTP exceptions
## Composability
### Works With
- Security skill: For authentication/authorization patterns
- Database skill: For complex query optimization
- Testing skill: For comprehensive test strategies
### Defers To
- Python skill: For general Python questions
- Docker skill: For containerization questions
Effective skills are not just random instructions. They are carefully structured packages containing:
Not every skill needs all six components, but understanding each helps you build skills that consistently deliver value.
Start by defining clear purpose. Add context Claude lacks. Specify output formats. Guide tool usage. Set boundaries. Consider how the skill fits with others. The result is a skill that transforms how Claude handles your specific domain.
Ready to manage your skill library? Continue to Installing and Managing AI Skills for best practices on skill lifecycle management.
Combat LLM design bias with 7 references, 20 commands, and anti-pattern guidance. Prevents AI design mistakes like overused fonts and poor contrast.