Skip to content
// Stacks for Microsoft APM

npm for agentic artifacts.

A curated library of stacks for the Agent Package Manager (APM) — so engineering teams share skills, agents, hooks, and coding standards once, and every teammate gets the same setup, whether they use Claude Code, Copilot, Cursor, or OpenCode.

APM is an open-source project hosted under Microsoft's OSS org, created and maintained by Daniel Meppiel. This repo curates the stacks we run on top of it.

Get started on GitHub How it works Browse 21 stacks What is APM? ↗
apm.yml 
# apm.yml
name: my-project
version: 1.0.0

dependencies:
  apm:
    - thinkjones/awesome-apm-stacks/code-core
    - thinkjones/awesome-apm-stacks/code-python
    - thinkjones/awesome-apm-stacks/security-core
    - thinkjones/awesome-apm-stacks/test-core
$ apm install && apm compile → one setup, every agent
21
Curated stacks
10
Battle-tested sources
300K+
Combined GitHub stars
5
Supported agents
Production-ready
// Workflow

Three commands. Any agent.

Author once in open formats — Agent Skills, AGENTS.md, MCP — and APM compiles to whichever runtime your team is using this quarter.

01

Declare

List the stacks your project needs in a single apm.yml — skills, agents, hooks, MCP servers, instructions.

dependencies:
  apm:
    - code-core
    - security-core
02

Install

apm install fetches packages, scans for hidden Unicode or compromised deps, and caches them locally.

$ apm install

✓ resolved 7 packages
✓ security scan clean
03

Compile

apm compile emits the right shape for your agent — CLAUDE.md, AGENTS.md, .cursor/, .opencode/.

$ apm compile

→ CLAUDE.md
→ AGENTS.md
→ .cursor/
// Why Teams Adopt This

Different teammates.
Different agents.
Same standards.

Reproducible across teammates

git clone && apm install and every developer gets the exact same agent setup. No more "works on my machine" for AI tooling.

Portable across runtimes

Switch from Claude Code to Copilot to Cursor without rewriting a single skill. Same apm.yml, re-compile, done.

Composable by concern

Small focused packages combine via transitive deps, just like npm. Pull in only what each project needs.

Versioned like real software

Pin exact versions, lock files, audit history. Treat agent config with the same discipline as application code.

Secure by default

apm install scans for hidden Unicode and compromised packages before your agent ever reads them.

Battle-tested sources only

Every dependency comes from a repo with 1,000+ GitHub stars. Most have 10K+. No abandoned forks, no homemade scripts.

// 21 Stacks, Six Concerns

Pick your stacks.
Compose like npm.

Each package is a small, opinionated bundle — 30 lines of YAML composing battle-tested dependencies from repos with 1,000+ GitHub stars. Open any apm.yml and comment out what you don't need.

Foundation

02
user-core

Skill discovery, verification, CLAUDE.md management, task automation
code-core

TDD, code review, PR toolkit, git workflows, semantic code search

Language stacks

07
code-python

Python, FastMCP, pytest, debugging
code-typescript

TS/Node, React, NestJS, TS MCP SDK
code-go

Go, go-sdk MCP, debugging
code-java

Java, Spring Boot, Maven/Gradle, MCP
code-rust

Rust, systems programming, cargo, MCP
code-csharp

C#/.NET, ASP.NET, MCP servers
code-mobile

Flutter, Swift, Kotlin, mobile MCP

Architecture & infrastructure

04
architect-devops

Docker, CI/CD, Terraform, incident triage
architect-dataops

PostgreSQL, SQL, CSV analysis, data pipelines
architect-mlops

LLM observability, eval pipelines, Arize
architect-cloud

Azure/AWS IaC, serverless, cost optimization

Quality gates

02
security-core

OWASP, secure coding, vulnerability scanning, agent safety
test-core

E2E, integration testing, Playwright, polyglot test agents

Design & planning

03
design-frontend

UI/UX, React design, theming, accessibility
plan-core

PRD, requirements, epics, QA, task breakdown
plan-docs

docx/pdf/pptx/xlsx, co-authoring, brand, comms

Agents & business

03
ai-agents

Agent swarms, orchestration, MCP builder, LangGraph
ai-tooling

Retrofit existing skills repos into APM-compliant packages
business-core

Business workflow tooling
// For Skill Authors

Already maintain a skills repo?
Make it APM-compliant in three steps.

Microsoft APM ships apm init, but it's deliberately minimal — it drops a stub manifest without looking at what's actually in your repo. The ai-tooling package fills that gap. The apm-retrofit skill walks your repo, classifies every SKILL.md, plugin.json, AGENTS.md, MCP manifest, hook, command, and sub-agent it finds, then proposes a correctly-shaped apm.yml for you to review.

01

Install APM

One-line install of the Agent Package Manager. Works on macOS, Linux, and Windows.

$ curl -sSL https://aka.ms/apm-unix | sh
02

Install the skill

Inside the repo you want to retrofit, declare ai-tooling as a project dep and compile. This stages the apm-retrofit skill into .claude/ (or .github/, .cursor/, etc.) so your agent picks it up.

$ cd your-repo && apm init -y
$ apm install \
    thinkjones/awesome-apm-stacks/ai-tooling
$ apm compile
03

Retrofit your repo

From inside your skills repo, invoke the skill. It inventories every primitive, proposes an apm.yml, and dry-runs the result before you commit.

> /apm-retrofit

✓ found 4 primitives
✓ wrote apm.yml
✓ apm install --dry-run OK

What the skill actually does

It inventories primitives from every layout APM recognises — root SKILL.md, skills/*/SKILL.md, .claude/, .github/plugin/, .cursor-plugin/, .mcp.json, hooks.json, commands/, agents/, AGENTS.md, CLAUDE.md. It auto-detects target: from the directories present, infers type: from the primitive mix, and derives name/version/description from existing signals — never inventing values.

Before writing, it diffs against any existing apm.yml and asks for confirmation. After writing, it validates with apm install --dry-run. It never deletes existing files. It never pushes anything.

// Your goto stack belongs here

Got a stack
your team can't live without?

These 21 stacks are a starting point, not an endpoint. If you've wired up something your team runs every day — a niche language bundle, a domain-specific skill set, an eval-driven agent workflow, a vertical-specific hook stack — put it in front of everyone else running APM.

Open an issue to propose it first if you'd like feedback on scope, or send a pull request straight in if it's ready to land. Either path works.

Propose a stack Open a pull request Browse open issues ↗
// What we're looking for
  • Battle-tested. At least one team running it in real work.
  • Upstream sources. Dependencies from repos with real maintainers — not one-off scripts or forks.
  • Focused. One concern per stack. Compose rather than bundle everything.
  • Short apm.yml. ~30 lines of YAML. If it needs more, split it.