I built SkillCatalog to solve this without a SaaS dependency. Skills live in Git repositories the team already controls. The desktop app provides authoring, organization, and delivery on top of Git. Access control is Git access. There is no server to run and no data leaves the machine unless you push it.
The model is different from Microsoft's APM, which takes a package-manager approach (declare in apm.yml, everyone installs the same set). I think skills are closer to editor preferences than packages: there is a shared team baseline, but individuals layer their own selections on top. A project profile might install the team's backend bundle for everyone, while one engineer adds a personal stack for performance profiling and another adds one for accessibility auditing. Neither edits the shared catalog.
Catalogs contain skills (Markdown with frontmatter) that compose into stacks (ordered lists of skills) that compose into bundles (ordered lists of stacks). Profiles pick what gets delivered. Home profiles apply everywhere; project profiles inherit from them with project-specific selections taking priority. The app detects drift if someone hand-edits a delivered file, which helps when debugging unexpected AI behavior.
Stack: Rust Tauri v2 desktop app with React frontend, a skc CLI for scripting and CI. macOS via Homebrew for now, Linux and Windows coming.
Happy to answer questions. Particularly interested in hearing from teams who are currently managing these files in other ways.