If you want to call a third party API from a skill you can use instructions like this:
To access the GitHub API, use curl
to make requests to api.GitHub.com
and pass the GITHUB_API_KEY
environment variable in the
Authorization: Bearer header
The "everything is a prompt" thing is interesting, but do we lose some deterministic behavior of MCP plumbing and execution for when the LLM simply doesn't want to follow the 'rules' and possibly hallucinates while processing the skill prompt? How do we make it consistent?
It can if you are running it through Claude Code on your own machine.
The https://claude.ai environment has very limited network access - it can install packages from PyPI and NPM and clone repositories from github.com but it can't access any other domain, including api.github.com.
;-) Confirmed by trying. I'm working on an AI-frontend "documents-as-code" tool, and having this as a skill that works across all Claude surfaces would be a huge win. Unfortunately it looks like that's not gonna happen today because ^^ ...
Looks like Claude Desktop and/or Claude Code + a non-big-fat-pig MCP (aka "not GitHub's official version") will be needed.
Here's hoping that Anthropic solves "safe external access / auth from code execution tool" soon.
It also means that any tool that knows how to read AGENTS.md could start using skills today.
"if you need to create a PDF file first read the file in skills/pdfs/SKILL.md"