Agent Skill Marketplace Plugin

Type: Local SDK / MCP Plugin

Value: Lets agents discover, inspect, install, verify, and run trusted skills from a local registry-style capability layer.

Current Status

Complete as a local SDK / MCP plugin slice. It supports a local registry, durable installed-skill manifests, checksum verification, and permission-gated local execution.

Shipped Local Scope

• Built-in starter registry with format-json, word-count, base64, and timestamp
• SDK APIs for discovery, manifest validation, install, uninstall, load, run, and cache inspection
• Durable local installed-skill store with configurable path
• Local file: skill loading and HTTPS skill loading with SHA256 checksum verification
• Permission gates for declared skill permissions: network, filesystem, secrets, shell, none
• MCP tools for listing, inspecting, installing, uninstalling, and running skills
• Package bin and subpath exports for running the MCP server locally

Install And Run

npm install
npm test
npm run mcp

After build, the package exposes:

agent-skill-marketplace-mcp

MCP client configuration can point at the built server:

{
  "mcpServers": {
    "agent-skill-marketplace": {
      "command": "node",
      "args": ["dist/mcp/server.js"],
      "env": {
        "AGENT_SKILL_MARKETPLACE_STORE_PATH": "./.agent-skill-marketplace/installed-skills.json"
      }
    }
  }
}

Local Store

By default, installed skill manifests are stored at:

.agent-skill-marketplace/installed-skills.json

Override with either:

AGENT_SKILL_MARKETPLACE_STORE_PATH=/path/to/installed-skills.json
AGENT_SKILL_MARKETPLACE_STORE=/path/to/installed-skills.json

The store is versioned JSON:

{
  "version": 1,
  "installed": []
}

SDK Surface

import {
  installSkill,
  listSkills,
  runSkill,
  uninstallSkill
} from '@blair/agent-skill-marketplace';

const manifest = {
  id: 'upper-case',
  name: 'Upper Case',
  version: '1.0.0',
  description: 'Uppercase local text.',
  author: 'CertaWorks',
  permissions: ['none'],
  url: 'file:///absolute/path/upper-case.mjs',
  checksum: '64-character-sha256-hex-digest',
  tags: ['text', 'local']
};

await installSkill(manifest, { storePath: './installed-skills.json' });
const skills = await listSkills({ query: 'upper', storePath: './installed-skills.json' });
const result = await runSkill('upper-case', { text: 'ship it' }, [], { storePath: './installed-skills.json' });
await uninstallSkill('upper-case', { storePath: './installed-skills.json' });

Manifest Format

type SkillPermission = 'network' | 'filesystem' | 'secrets' | 'shell' | 'none';

interface SkillManifest {
  id: string;
  name: string;
  version: string;
  description: string;
  author: string;
  permissions: SkillPermission[];
  url: string;
  checksum: string;
  tags: string[];
  loaderVersion?: string;
}

Installed manifests are validated before they are persisted. Skill code is read only at load/run time and must match the manifest checksum. A manifest that declares permissions other than none requires explicit permission grants at runtime.

MCP Tools

• list_skills
• skill_info
• install_skill
• installed_skills
• uninstall_skill
• run_skill
• loaded_skills

Current Limits

• This is a local product slice, not a public marketplace network.
• There is no public npm publication, live checkout, accounts, ratings, payments, take-rate billing, hosted registry moderation, or hosted install analytics.
• Permission checks are manifest gates, not a sandbox. Remote or local skill code still executes inside the current Node process.
• HTTPS remote skills are checksum-verified, but remote registry caching and signed publisher identity are future work.
• Prefer file: skills or pinned immutable HTTPS URLs for local testing.

Verification

Fresh suite verification on 2026-05-28:

• npm test passed, 33/33 tests across the registry, marketplace install, MCP, and package contract suites.
• npm run build passes.
• Package dry-run verifies only runtime artifacts and README are included.