Skills

The problem skills solve is context pollution. As you add more instructions to a system prompt, the model's attention gets distributed across everything. It tries to be a security auditor, a code reviewer, a documentation writer, and a deployment engineer all at once, and it ends up doing each of those things less well than it would if it focused on just one. Skills address this by packaging domain expertise as separate, loadable modules. Each skill has a name, a description of when to use it, and the actual instructions the agent should follow. Anthropic formalized this pattern in an October 2025 engineering post and built it into Claude Code as slash commands.

When you type /review-pr in Claude Code, a skill file is injected into the agent's context. That file might specify what to look for (logic errors, test coverage, security issues), what output format to use, and what questions to ask before marking a review complete. The agent does not figure this out fresh every time. It reads the skill and follows it. You can also parameterize skills, passing in branch names, severity thresholds, or specific areas to focus on. The skill becomes a documented, repeatable workflow that your whole team can rely on.

Composability is where skills get interesting. A skill can be invoked standalone or chained inside a loop. You can run /loop 6h /security-audit and let the agent spend an afternoon finding issues across the codebase. Skills compose with multi-agent setups too, where one agent orchestrates others by invoking their respective skills. The failure mode I have run into is skill drift: you update the project structure but forget to update the skill file, and the agent starts following outdated instructions confidently. Treating skill files like code, and reviewing them in pull requests, is the mitigation.