Get started · 5 minutes

Run one skill across two agents.

By the end of this page you'll have a local vault, a validated skill, and the same skill running from both Claude Code and Codex with zero forks.

Time

5 min

Disk

12 MB

Required

node ≥ 20

~ — autovault — bash

Step 1 — Install the local vault

The installer drops a single binary at ~/.autovault/bin/autovault, generates an ed25519 keypair, and symlinks each agent's skill profile directory into the rendered output of the vault. Nothing runs as a daemon — the CLI does sync on demand and a drift check on shell startup.

bash

$ curl -fsSL autovault.sh | sh
# macOS: also available via brew
$ brew install autoworks-ai/tap/autovault

Privacy. The installer does not phone home. autovault.sh redirects to the GitHub release artifact; you can audit the script before piping it. The signing key is fetched from autovault.dev/.well-known/keys.json with TOFU-pinning.

Step 2 — Add your first skill

Skills enter the vault through a source adapter. Each adapter knows how to fetch from one origin (GitHub repo, local path, HTTPS bundle, ClawdHub mirror with reduced trust) and hand the raw skill to the validation gate. Whatever the source, the gate runs the same five checks before admission.

bash

$ autovault add github:autoworks-ai/skills/extract-pdf

You'll see the gate run live in your terminal — yaml-repair, denylist, capability/behavior, dedup, sign. If any step fails, the skill is rejected and never touches your vault.

What gets rejected. About 11% of submissions in private beta were rejected. Most common reasons: declared tools the skill never actually uses (capability/behavior mismatch), or near-duplicates of a skill already in the vault. Both surface clear error messages with diff output.

Step 3 — Scope it to your context

By default a freshly-added skill is unscoped — admitted to the vault, but not visible to any caller. Scope it explicitly to the agents and projects that should see it. The four-axis permission system means dev-machine skills don't leak into prod, and client work doesn't bleed across project boundaries.

bash

$ autovault scope extract-pdf \
--agent claude-code,codex \
--project autovault-website \
--device $(hostname)

Each scope rule is additive. A caller sees a skill only if it matches at least one rule on every axis it requests. Unspecified axes default to "any."

Step 4 — Run it from your agent

The skill is now installed, validated, scoped, and rendered for each target agent. Open whichever agent you use most — the same skill name works in all of them, but the underlying tool calls have been transformed to match each agent's vocabulary.

claude code# in Claude Code

> use extract-pdf to summarize report.pdf
✓ tool resolved: chrome-devtools, read
# extracting...
 "This 24-page report covers Q1 platform metrics, with three..."

Where to next

You've completed the install + add + scope + run loop. From here, most people branch into one of three places:

→ Author your own

Write a SKILL.md, attach a transformation manifest, propose it through the gate.

→ Browse skills

241 community skills, all signed and gated.

→ Security model

Provenance chain, denylist sources, what we sign and why.

→ Concepts

The five-step gate, four-axis scoping, transformation manifest in depth.