Antigravity Awesome Skills 11.11.0 Shows Skill Catalogs Becoming Agent Infrastructure

antigravity-awesome-skills v11.11.0 is easy to dismiss as a catalog update. A new skill, some installer guidance, MiniMax docs, generated registry assets, Dependabot cleanup. Nothing here looks like the dramatic future of software development if your mental model of agentic coding is still “model writes code in my editor.”

That mental model is already out of date. Skills are becoming the package manager for agent behavior. The release matters because it shows a large, installable skill library behaving less like a prompt collection and more like shared runtime infrastructure — with all the value and all the supply-chain problems that phrase implies.

The June 2 release updates an installable GitHub library for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and related coding assistants. The project’s README describes a catalog of more than 1,494 reusable SKILL.md playbooks, installable through host-specific targets such as --claude, --cursor, --codex, --gemini, --antigravity, --agy, and --kiro. At research time, the repository showed roughly 39,451 stars and 6,404 forks. That is not a private prompt stash. That is ecosystem gravity.

Reusable agent behavior is now something teams install

The useful thing about skills is obvious to anyone who has tried to make coding agents behave consistently. You do not want every engineer copy-pasting a bespoke prompt about how to write tests, review migrations, triage issues, use a deployment tool, preserve product rationale, or avoid unsafe commands. You want repeatable operating instructions that can be reviewed, versioned, installed, pinned, updated, and shared across agent hosts.

A good skill compresses local expertise into an activation unit. It tells the agent how to approach a domain, what files matter, what commands are appropriate, what format to produce, what failure modes to check, and what decisions should be escalated to a human. That is a real productivity primitive. It also makes agent behavior less dependent on whichever human happened to phrase the initial prompt best that morning.

The cross-host part is important. The same catalog targets Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, Kiro, OpenCode, GitHub Copilot, and other assistants. That reflects the market we actually have: teams will not standardize on one agent surface overnight. They will accumulate tools. Skills become one of the few portable layers across that mess.

That portability is useful precisely because it is dangerous.

A skill catalog is a supply-chain object

A 1,494-skill catalog is not “just prompts.” Every skill can shape tool use, context gathering, output format, memory writes, review behavior, shell discipline, and sometimes the conditions under which an agent reaches for external systems. A malicious npm package can execute code. A malicious or sloppy skill may not need to execute code directly; it can steer an agent toward over-broad reads, unsafe writes, secret exposure, misleading confidence, unreviewed deployment steps, or context leakage.

The threat model is different from traditional dependencies, but the review burden is real. Prompt injection taught the industry that natural language can be an attack surface. Skills make that attack surface durable and installable. The moment a team says “install this catalog so the bots know how we work,” it has created a policy distribution channel. That channel needs provenance, pinning, review, scope control, and rollback.

The release’s Dependabot note is a useful signal. The maintainers say the web app Vitest stack was bumped to close critical Dependabot alerts and that npm audit returned zero open vulnerabilities. Good. But it also proves the point: skill catalogs now ship installers, registries, generated compatibility reports, plugin mirrors, web assets, docs, sitemaps, and release artifacts. They are software projects with normal software risks, not markdown museums.

Practitioners should install skills like adults. Pin release tags instead of tracking whatever is latest. Start with bundles relevant to your workflows rather than dumping an entire catalog into every context window. Review skills that influence security, infrastructure, CI, deployment, data access, or memory. Separate read-only guidance skills from skills that encourage tool calls or filesystem writes. Keep an allowlist of approved skills for production repos. Treat skill upgrades as code changes: diff them, test them, and roll them out intentionally.

Project memory is valuable, and therefore risky

The headline addition in v11.11.0 is user-thoughts, described as project-local mdbase memory for persisting user decisions, constraints, UI/UX rationale, backlog items, and project preferences across sessions and agents. That is exactly the kind of thing long-running agentic coding needs.

Agents forget. Humans hate re-explaining why the settings page uses a weird layout, why the migration must avoid one customer segment, why a seemingly obvious library was rejected last quarter, or why a backlog item is intentionally deferred. Project-local memory can preserve product intent across sessions and across agents. Used well, it turns “please rediscover the context” into “read the decision log and continue.”

But durable memory is also a governance surface. What belongs there? What must never be stored? Who can edit it? How do stale decisions expire? Can a future agent distinguish a firm architectural constraint from a tentative thought written during debugging? Does memory contain customer names, secrets, security assumptions, private strategy, or personal data? Is there a review path for memory edits?

The worst version of agent memory is an invisible junk drawer with authority. The best version is explicit, local, auditable, and scoped. Teams should create rules: store decisions, constraints, rationale, and open questions; do not store secrets, credentials, private customer data, or one-off emotional commentary; timestamp entries; link to issues or PRs; mark assumptions as assumptions; periodically prune stale context. Memory should help agents inherit intent, not launder old guesses into permanent truth.

Installer layout is not cosmetic

The release also fixes Antigravity agy installer guidance so installs use directory-based skill layouts instead of flat markdown files. That sounds small unless you have ever migrated agent tooling and wondered why half your instructions stopped activating. Host-specific discovery rules matter. If Antigravity expects skill-id/SKILL.md and an installer drops a flat pile of markdown files, the result is not merely untidy; skills may silently fail to load or activate incorrectly.

This is the kind of migration detail that determines whether teams trust the new runtime. Google’s Antigravity/Gemini ecosystem, Codex, Claude Code, and other hosts are all converging on skills, sessions, MCP, and agent-specific memory. The glue code — paths, names, registry metadata, compatibility reports — becomes operational infrastructure. A wrong directory layout can break a workflow just as effectively as a bad API version.

The recommendation is pragmatic: use skill catalogs, but do not treat them as stickers for your agent. Pin versions. Verify install paths. Test activation. Review memory behavior. Prefer small approved bundles over a giant everything-pack. Keep security and deployment skills under stricter review. And if you migrate from Gemini CLI to Antigravity or any other host, validate the directory layout before deleting old configs. “The installer ran” is not the same as “the runtime found the right behavior.”

antigravity-awesome-skills v11.11.0 is not news because one new memory skill shipped. It is news because skills have crossed from prompt convenience into agent infrastructure. That is good. It means teams can package and reuse hard-won operating knowledge. It also means they need package-management discipline: provenance, pinning, review, auditability, memory hygiene, and rollback. The future of agentic coding will have skill registries. The competent teams will treat them like code, not vibes.

Sources: antigravity-awesome-skills release, repository README, user-thoughts PR, Google agents-cli docs