feat(skills): render full skill directories

[k11kirky]

Problem

The Skills tab only rendered SKILL.md from each skill directory and had no awareness of companion files (references/, scripts/, assets). There was also no way to distinguish editable skills (user/repo) from read-only ones (bundled/marketplace) in the UI.

Changes

Shared types

• Added editable: boolean to SkillInfo — computed server-side based on source, not in the UI.
• Added SkillFileEntry type (path, size) to @posthog/shared.

Backend (workspace-server)

• Added listSkillFiles() to skill-discovery.ts: recursively walks a skill directory, skips symlinks (preventing path escape via crafted skills), sorts with SKILL.md first, and respects a file cap.
• Added isEditableSource() helper; readSkillMetadataFromDir now sets editable on each SkillInfo.
• Added getSkillContents(skillPath) and readSkillFile(skillPath, filePath) to SkillsService. Both validate the requested path against the known discovery roots before touching the filesystem — getSkillContents checks the skill directory is directly under a known root and contains SKILL.md; readSkillFile additionally checks the resolved file path stays within the skill directory, rejecting ../ traversal and absolute paths.
• Refactored listSkills to derive skill roots via a shared getSkillRoots() helper used by all three methods.
• Added Zod schemas (skillContentsInput/Output, readSkillFileInput/Output, skillFileEntry) to schemas.ts.

Router (host-router)

• Exposed skills.contents and skills.readFile tRPC query procedures as one-line forwards to SkillsService.

UI

• SkillDetailPanel: replaced the single useAbsoluteFileContent call with useSkillContents + useSkillFile. When a skill has more than one file, a collapsible file tree appears above the content area. SKILL.md continues to render as markdown; all other files open in a read-only CodeMirror editor. A "Read-only" lock badge is shown for non-editable skills.
• Added SkillFileTree component: builds a nested directory tree from flat SkillFileEntry[] and renders it using the existing TreeDirectoryRow/TreeFileRow primitives with expand/collapse state.
• Added useSkillContents / useSkillFile hooks backed by the new tRPC procedures.
• Added a key={selectedSkill.path} to SkillDetailPanel in SkillsView so state resets when switching between skills.
• Added an implementation plan document (docs/plans/skills-tab.md) covering the full seven-PR roadmap for the Skills tab.

How did you test this?

• Added unit tests for listSkillFiles: nested directory walking with size reporting, symlink skipping, and file-cap enforcement.
• Added unit tests for readSkillMetadataFromDir: verifies editable is true for user/repo sources and false for bundled/marketplace.
• Added a new skills.test.ts covering SkillsService end-to-end against a real temp directory: listSkills editable flags, getSkillContents full file listing, path-traversal rejection on both getSkillContents and readSkillFile, absolute path rejection, empty path rejection, and null return for missing files.

Automatic notifications

• Publish to changelog?
• Alert Sales and Marketing teams?

[k11kirky]

• refactor(skills): apply simplify-pass cleanups across the stack #2612
• feat(skills): Codex unification — bring your skills, use them anywhere #2611
• feat(skills): publish skills to the team and install team skills locally #2610
• feat(skills): PostHog cloud team skills — read path #2609
• feat(skills): skills.sh marketplace browse and install #2608
• feat(skills): validation and shadowing signals #2607
• feat(skills): live refresh from the filesystem #2606
• feat(skills): create, edit, and delete user and repo skills #2605
• feat(skills): render full skill directories #2604 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

React Doctor could not complete this scan.

No React dependency found in /tmp/react-doctor-baseline-p7tPRP/package.json. Add "react" to dependencies (or peerDependencies) and re-run.

_{Reviewed by React Doctor for commit abb385b.}

[greptile-apps]

Security Review

• Symlink traversal in readSkillFile (skills.ts line 60): fs.promises.stat follows symbolic links. A symlink placed inside a skill directory and pointing to an arbitrary file passes the path-containment check but allows the endpoint to read the symlink target. listSkillFiles already skips symlinks for this reason; readSkillFile should use lstat and reject symlink entries.

Prompt To Fix All With AI

Fix the following 2 code review issues. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 2
packages/workspace-server/src/services/skills/skills.ts:59-61
`readSkillFile` uses `fs.promises.stat`, which follows symbolic links. If a skill directory contains a symlink pointing outside itself, the resolved path passes the `startsWith(skillDir + path.sep)` check because the symlink's own path is within the skill dir — but `stat` follows the link and `readFile` reads the target. `listSkillFiles` intentionally skips symlinks to prevent this exact escape; `readSkillFile` needs the same protection. Using `lstat` is the minimal fix: it does not follow the final symlink, so `isFile()` returns false for any symlink entry.

```suggestion
    try {
      const stat = await fs.promises.lstat(resolved);
      if (stat.isSymbolicLink() || !stat.isFile() || stat.size > MAX_SKILL_FILE_BYTES) return null;
```

### Issue 2 of 2
packages/workspace-server/src/services/skills/skills.ts:103
`fs.existsSync` is a synchronous call inside an otherwise fully-async method, blocking the event loop while it hits the filesystem. The rest of the service consistently uses `fs.promises.*`. `fs.promises.access` (or a `stat` call that is already needed) should be used instead.

```suggestion
    const skillMdExists = await fs.promises
      .access(path.join(resolved, "SKILL.md"))
      .then(() => true)
      .catch(() => false);
    if (!isUnderKnownRoot || !skillMdExists) {
```

_{Reviews (1): Last reviewed commit: "docs: add the Skills tab v2 implementati..." | Re-trigger Greptile}

[k11kirky]

Merge activity

• Jun 12, 11:31 AM UTC: A user started a stack merge that includes this pull request via Graphite.
• Jun 12, 11:31 AM UTC: @k11kirky merged this pull request with Graphite.