Problem
SkillKit has no way to pin skill versions or ensure reproducible installs:
- npm has
package-lock.json, pip has requirements.txt, cargo has Cargo.lock
- Two developers running
skillkit install at different times get different skill versions
- No rollback mechanism — can't revert to a known-good skill version
- Product Hunt users flagged "embedding drift" as a concern when the semantic store grows
Proposed Solution
skillkit.lock
Auto-generated lock file tracking installed skill versions:
{
"lockfileVersion": 1,
"skills": {
"pdf": {
"source": "anthropics/skills",
"version": "2.1.0",
"integrity": "sha256-...",
"installedAt": "2026-04-07T...",
"agents": ["claude-code", "cursor"]
}
}
}Commands
skillkit install — auto-generates/updates lock fileskillkit install --frozen — install from lock file only (CI mode), fail if lock is staleskillkit update — updates lock file after re-fetchingskillkit pin <skill> --version <version> — pin specific version
Versioning
References
Problem
SkillKit has no way to pin skill versions or ensure reproducible installs:
package-lock.json, pip hasrequirements.txt, cargo hasCargo.lockskillkit installat different times get different skill versionsProposed Solution
skillkit.lock
Auto-generated lock file tracking installed skill versions:
{ "lockfileVersion": 1, "skills": { "pdf": { "source": "anthropics/skills", "version": "2.1.0", "integrity": "sha256-...", "installedAt": "2026-04-07T...", "agents": ["claude-code", "cursor"] } } }Commands
skillkit install— auto-generates/updates lock fileskillkit install --frozen— install from lock file only (CI mode), fail if lock is staleskillkit update— updates lock file after re-fetchingskillkit pin <skill> --version <version>— pin specific versionVersioning
skillkit outdated— show skills with newer versions availableReferences