{"slug": "skill-extractor", "title": "Skill Extractor", "summary": "A developer released skill-extractor, an open-source tool that mines coding agent transcripts to generate reusable skills, scoring candidates by confidence and utility while redacting secrets and requiring user approval before installation. The tool runs locally, supports VS Code and CLI review, and aims to eliminate repetitive agent instructions without sending sensitive data to remote models by default.", "body_md": "Mine **reusable skills** from your coding agents' transcripts. Works with\n**Claude Code**, **OpenAI Codex CLI**, and **any other agent** via a small\nexporter. Every candidate is scored by **confidence** and **utility**, weighted\nby how the trace it came from actually turned out (successful / meh / failed),\nand only the strong, novel ones are surfaced for your review. You approve,\nedit, or reject each one from a **VS Code panel** or the ** /review-skills**\ncommand. Approved skills are written as real\n\n`SKILL.md`\n\nfiles; every candidate,\napproved or not, is kept so mining keeps improving.I kept telling my coding agent the same things: run the tests before saying it's done, stop hardcoding ports in parallel test suites, reuse fixes we had already worked out. By the next session, those patterns were gone. Skills solve this, but writing one by hand after finishing a task is extra work most people skip.\n\nAgent platforms usually answer with built-in memory: the agent learns from your sessions, its behavior changes, and you don't see exactly what it learned. I didn't want that running over transcripts with my code, infrastructure details, and occasional pasted secrets.\n\nskill-extractor makes that process visible. It runs on your machine, keeps state as plain JSONL, pattern-redacts secrets before anything reaches a model, and only installs a persistent instruction after risk lint and your approval. The result is a markdown skill you can open, edit, or delete.\n\nFor one developer, it turns repeated fixes into reusable skills. For a team,\nit produces reviewable material for a\n[shared skill catalog](#using-this-on-a-team).\n\n```\n./install.sh     # macOS: launchd timer + VS Code panel + /review-skills\n# then in VS Code: Cmd+Shift+P -> \"Developer: Reload Window\"\n```\n\nNot on macOS? The engine is portable; run it under any supervisor:\n\n```\npython3 engine/extractor.py --loop 1800    # mine every 30 min, forever\n```\n\nReview from wherever you work: the VS Code panel pops up when skills are\ndiscovered, `/review-skills`\n\nruns the same flow in Claude Code, and\n`python3 engine/review.py list`\n\nis the raw CLI. Interval, model, scope, and\nsources live in `config.json`\n\n(`SKILL_EXTRACTOR_INTERVAL=900 ./install.sh`\n\nchanges the timer).\n\nBe clear-eyed about what this tool is. It is a loop with three powerful parts:\n\n-\n**It mines your private agent traces.** Your transcripts contain your code, your infrastructure names, your mistakes, and sometimes pasted secrets. Reading and segmentation happen entirely on your machine; state files are created`0600`\n\nin`0700`\n\ndirectories. Keep projects you cannot afford to leak out of mining altogether with`scope`\n\n/`exclude_projects`\n\n. -\n**It may send excerpts to a remote LLM.** The mining prompt (transcript excerpts: user messages, tool inputs and outputs) goes to the backend you configure. Secret redaction is on by default: private keys, JWTs, AWS/API keys, bearer tokens,`SECRET=`\n\n/`TOKEN=`\n\nenv lines, and URL-embedded passwords become`[redacted:...]`\n\nbefore any prompt leaves the process. Redaction is pattern-based and best-effort, not a guarantee. The default backend is your local`claude`\n\nCLI, which means Anthropic's API; any other backend requires an explicit`ack_command_backend: true`\n\n. For**zero egress**, point the command backend at a local model:\n\n```\n\"mining_backend\": \"command\",\n\"mining_command\": [\"ollama\", \"run\", \"llama3\"],\n\"ack_command_backend\": true\n```\n\n-\n**Installed skills change your agent's future behavior.** A mined skill is model output; once installed it is a persistent instruction your agent will follow in later sessions. Every install therefore runs a risk lint (pipe-to-shell bootstraps, credential-file access, disabled safety flags, exfiltration shapes, hidden persistence, prompt-injection phrasing, broad destructive commands). Flagged skills refuse to install until you explicitly acknowledge the findings (`--acknowledge-risk`\n\non the CLI, a modal confirmation in VS Code), and the acknowledgement is recorded in`decisions.jsonl`\n\n. The lint surfaces risk; it does not certify safety. Installing a skill is closer to merging code than dismissing a notification. Treat it that way.\n\nPrivate traces in, model in the middle, agent instructions out. The defaults\nare privacy-first, but the loop is only as safe as your review of what you\ninstall and your choice of what to mine. Details: [SECURITY.md](/surenode-ai/skill-extractor/blob/main/SECURITY.md).\n\n**Multiple agents, one queue.** Pluggable trace sources share one cursor, one budget, and one review queue:`claude_code`\n\n,`codex`\n\n(project identity from the session`cwd`\n\n, imported sessions skipped to avoid double-mining, exec exit codes feed outcome scoring), and`jsonl_dir`\n\nfor any other agent via a ~30-line exporter to the canonical record shape.**Six skill categories**, not just technical procedures: techniques, workflows, standing preferences, guardrails learned from failures, automations, domain knowledge.**Outcome-weighted scoring.** Candidates from traces that demonstrably worked score higher; failures still teach guardrails.**A learning loop.** Your install/reject decisions (with comments) calibrate future mining prompts and score priors toward your taste.**Incremental and cheap.** Byte cursors and segment fingerprints mean idle runs make zero LLM calls;`max_segments_per_run`\n\ncaps spend.**Any scheduler, any mining LLM.** launchd installer on macOS;`--loop`\n\nanywhere; systemd/cron/Task Scheduler recipes and non-Claude mining backends in[docs/PORTABILITY.md](/surenode-ai/skill-extractor/blob/main/docs/PORTABILITY.md).\n\n```\npython3 engine/extractor.py            # run a mining pass now\npython3 engine/extractor.py --status   # counts: scratch / pending / installed / decided\npython3 engine/extractor.py --full     # ignore cursor, re-scan all history\npython3 engine/extractor.py --self-test    # sanity-check the pipeline, no traces needed\n\npython3 engine/review.py list          # pending candidates (JSON, with risk labels)\npython3 engine/review.py show <id>     # full candidate\npython3 engine/review.py install <id> [--edits edits.json] [--acknowledge-risk]\npython3 engine/review.py reject  <id> --comment \"why\"\n```\n\nEnable more sources in `config.json`\n\n:\n\n```\n\"sources\": [\"claude_code\", \"codex\"],   // default: claude_code only\n\"jsonl_dirs\": [\"~/my-agent-traces\"]    // any agent, via canonical JSONL\n```\n\n| Category | What it captures | Outcome weight* |\n|---|---|---|\n`technique` |\nconcrete technical procedures (commands, debugging recipes) | 0.45 |\n`workflow` |\nmulti-step ways of organizing work | 0.40 |\n`preference` |\nstanding instructions and repeated corrections you keep expressing | 0.15 |\n`guardrail` |\nwhat-to-avoid learned from failures | 0.10 |\n`automation` |\nrepeated manual sequences that could be one skill | 0.35 |\n`domain` |\nreusable domain knowledge / heuristics | 0.30 |\n\n*How much the source trace's outcome scales utility. A `technique`\n\nfrom a\nfailed trace is suspect; a `preference`\n\nor `guardrail`\n\nexpressed in a failed\ntrace is just as valid. Conversation-heavy segments are mined too; that is\nwhere preferences hide.\n\n**Scoring**: `confidence`\n\n(is this real and generalizable?) and `utility`\n\n(how valuable if reused?), blended with measured outcome quality: tool error\nrate, user sentiment, and the next task's opening message as trailing\nfeedback. Only candidates clearing the thresholds in `config.json`\n\nsurface\nfor review; everything else stays in scratch, never deleted.\n\n**Learning**: every decision feeds back twice. The miner sees your recent\ninstalls and rejections with your stated reasons (propose more like these,\nnone like those), and per-category approval rates nudge scores toward your\ndemonstrated taste, capped so a few decisions cannot swing everything. This is\nwhy rejections ask for a comment: \"too project-specific\" teaches the miner\nmore than a silent dismissal.\n\n```\n trace sources (adapters)          claude_code | codex | jsonl_dir\n            │\n            ▼\n extractor.py: incremental read -> segment by task -> heuristic outcome\n   -> redact -> mine (your LLM backend) -> score -> dedupe\n   -> candidates.jsonl (scratch) -> pending.json (surfaced)\n            │\n            ├─ VS Code panel / /review-skills / review.py\n            ├─ install -> ~/.claude/skills/<name>/SKILL.md + decisions.jsonl\n            └─ reject  -> decisions.jsonl (comment kept for learning)\n```\n\n| Piece | Path |\n|---|---|\n| Miner | `engine/extractor.py` |\n| Core lib (parsing, scoring, state) | `engine/lib.py` |\n| Trace-source adapters | `engine/adapters.py` |\n| Review CLI | `engine/review.py` |\n| VS Code panel | `vscode-extension/` |\n`/review-skills` flow |\n`skills/review-skills/` |\n\nState lives in `~/.claude/skill-extractor/state/`\n\n: `candidates.jsonl`\n\n(every\nmined candidate, never deleted), `pending.json`\n\n(awaiting review),\n`decisions.jsonl`\n\n(your calls + comments), `cursor.json`\n\n(incremental reads).\n\nEmbedding this in your own application? [docs/INTEGRATION.md](/surenode-ai/skill-extractor/blob/main/docs/INTEGRATION.md)\nhas the Python API, CLI/JSON contracts, and data schemas, with a runnable\n[examples/embed_minimal.py](/surenode-ai/skill-extractor/blob/main/examples/embed_minimal.py).\n\nskill-extractor installs approved skills locally, for you. If your team needs\nmined skills to flow through shared review, risk scanning, policy checks, and\nan audit trail before anyone's agent uses them, that governance layer is what\n[Surenode](https://surenode.ai) builds on top of this engine: same mining, with\na governed catalog instead of a local folder.\n\n**Python 3.9+**(the engine is stdlib only, no pip installs)- A mining LLM: the\n**Claude Code CLI** by default (no API key needed), or any command backend, including fully local models - macOS for the bundled installer; any OS for the engine itself\n**VS Code** optional (`/review-skills`\n\nand the CLI work without it)\n\n```\npython3 -m pytest tests/\n```\n\nSee [CONTRIBUTING.md](/surenode-ai/skill-extractor/blob/main/CONTRIBUTING.md): the engine stays stdlib-only, new\nagents arrive as adapters, and commits are signed off (DCO).\n\n```\n./uninstall.sh           # removes timer/hook/extension/skill, keeps mined state\n./uninstall.sh --purge   # also deletes the state store\n```\n\n", "url": "https://wpnews.pro/news/skill-extractor", "canonical_source": "https://github.com/surenode-ai/skill-extractor", "published_at": "2026-07-08 20:03:16+00:00", "updated_at": "2026-07-08 20:12:48.151098+00:00", "lang": "en", "topics": ["developer-tools", "ai-agents", "ai-tools", "ai-products"], "entities": ["skill-extractor", "Claude Code", "OpenAI Codex CLI", "VS Code", "Anthropic"], "alternates": {"html": "https://wpnews.pro/news/skill-extractor", "markdown": "https://wpnews.pro/news/skill-extractor.md", "text": "https://wpnews.pro/news/skill-extractor.txt", "jsonld": "https://wpnews.pro/news/skill-extractor.jsonld"}}