vercel/list-npm-package-contentv1.0

list-npm-package-content

List the contents of an npm package tarball before publishing. Use when the user wants to see what files are included in an npm bundle, verify package contents, or debug npm publish issues.

global

internal:true

0installs0uses—~244

v1.0Saved May 2, 2026

List npm Package Content

This skill lists the exact contents of an npm package tarball - the same files that would be uploaded to npm and downloaded by users.

Usage

Run the script from the package directory (e.g., packages/ai):

bash scripts/list-package-files.sh

The script will build the package, create a tarball, list its contents, and clean up automatically.

Understanding Package Contents

The files included are determined by:

files field in package.json - explicit allowlist of files/directories
.npmignore - files to exclude (if present)
.gitignore - used if no .npmignore exists
Always included: package.json, README, LICENSE, CHANGELOG
Always excluded: .git, node_modules, .npmrc, etc.

Files2

2 files · 694 B

Select a file to preview

Overall Score

76/100

Grade

Good

Safety

Quality

Clarity

Completeness

Summary

This skill lists the exact contents of an npm package tarball before publishing. It builds the package, creates a tarball, displays its contents via tar inspection, and cleans up. Users run it to verify what files will be included in an npm bundle, debug publish issues, or confirm package.json file configurations are correct.

Detected Capabilities

Execute build commands (pnpm build)Create package tarballs (pnpm pack)Inspect tarball contents (tar -tzf)Clean up temporary files (rm)

Trigger Keywords

Phrases that MCP clients use to match this skill to user intent.

verify npm package contentsinspect tarball before publishdebug npm publishcheck package.json files fieldaudit npm bundle

Risk Signals

INFO

Temporary tarball cleanup via rm without explicit error handling

scripts/list-package-files.sh:9

WARNING

set -e causes script to exit on build or pack failure, preventing cleanup of tarball

scripts/list-package-files.sh:3

Referenced Domains

External domains referenced in skill content, detected by static analysis.

www.apache.org

Use Cases

Verify npm package contents before publishing to registry
Debug what files are included in an npm tarball
Confirm package.json 'files' field and .npmignore configuration
Audit package contents for accidental inclusion of sensitive files

Quality Notes

Skill scope is well-defined and tightly scoped to a single task: inspecting npm package contents
Clear explanation of what determines package contents (files field, .npmignore, .gitignore, defaults)
Script is simple and straightforward with appropriate use of set -e for safety
Minor: Script does not document what to do if build or pack fails; tarball cleanup is skipped on error
Minor: No error handling or informative output messages guide the user through the process
Good: Skill correctly uses 'internal: true' metadata, indicating this is a supporting utility

Model: claude-haiku-4-5-20251001Analyzed: May 2, 2026

Reviews

Add this skill to your library to leave a review.

No reviews yet

Be the first to share your experience.

Add vercel/list-npm-package-content to your library and activate them in your IDE via MCP.

Get Started Free