Reference · v0.2.0 · 2026-05

Three surfaces. One vocabulary.

AutoVault exposes the same primitives — load, render, verify — through three interfaces: a CLI for humans, a library for programs, and an HTTP/MCP endpoint for remote agents. They're versioned together; if a name appears here, it works the same way in all three.

CLI

[email protected] npm · brew · cargo

Library

@autovault/[email protected] node, deno, bun

HTTP

/api/v1 + MCP 2024-11-05

CLI

six commands · everything else is a flag

The CLI is the canonical surface. Library and HTTP are thin wrappers over the same machinery. If a workflow can't be expressed as a CLI invocation, it can't be expressed at all.

autovault init

stablesince 0.1.0

Scaffold a new vault in the current directory. Generates a signing key, creates the .autovault/ directory, and writes a starter vault.toml.

$ autovault init [--key <path>] [--anchor <url>] [--no-key]

FlagTypeDescription

--key optpathExisting Ed25519 private key to import. If omitted, a new key is generated and written to .autovault/key.pem.

--anchor opturl = autovault.devTrust anchor URL. Override to point at a private vault for self-hosted deployments.

--no-key optflagSkip key generation. Use this if you only intend to consume skills, not publish them.

# in a fresh repo

$ autovault init

✓ generated key:0x9af4…2c81

✓ .autovault/ created

✓ anchored to autovault.dev (root)

autovault add <skill>

stablesince 0.1.0

Resolve, fetch, verify, and install a skill into the current vault. Renders the appropriate transformation for each agent declared in vault.toml's [targets].

$ autovault add <skill> [@<version>] [--target <agent>] [--dry-run]

ArgumentTypeDescription

skill *stringFully-qualified name: org/name. Can include @version suffix; otherwise resolves to latest signed version.

--target optenumRestrict installation to a specific agent: claude-code, codex, cursor, autohub. Repeatable.

--dry-run optflagVerify and render without writing any files. Useful in CI gates.

$ autovault add autoworks-ai/extract-pdf

✓ resolved @1.4.0

✓ verified ed25519 sig

✓ rendered → CLAUDE.md, AGENTS.md, .cursorrules

autovault list

stablesince 0.1.0

Print the installed skills in this vault, their versions, and the last verification timestamp. Adds --json for machine output.

$ autovault list [--json] [--stale]

autovault publish <path>

stablesince 0.2.0

Submit a SKILL.md to the configured anchor. Runs the gate locally first; the server re-runs it independently and only signs if both verdicts match.

$ autovault publish [--draft] [--reason ]

autovault verify

stablesince 0.3.0

Walk the provenance chain for a skill. Resolves the latest version, fetches the signature bundle, and verifies every link from author through mirror.

$ autovault verify [--chain] [--offline]

autovault import

betasince 0.4.0

Migrate skills from RawHub, ForkFlow, or hand-maintained CLAUDE.md / AGENTS.md / .cursorrules. Each importer parses, normalizes, and runs the gate before anything lands.

$ autovault import [options]

Library

@autovault/sdk · TypeScript-first

The library is what the CLI calls under the hood. Every CLI command is a thin wrapper. Use it directly when you want skill resolution inside your own tooling — agent harnesses, CI checks, custom inspectors.

loadSkill(spec, options?)

stablesince 0.2.0

Resolve and verify a signed skill bundle. Returns the canonical SKILL.md plus its frontmatter, transformations, and provenance chain.

async function loadSkill(

spec: string, // "org/name@version" or "org/name"

options?: LoadOptions

): Promise<SignedSkill>

FieldTypeDescription

options.anchor optstring = "autovault.dev"Trust anchor URL. Skill must chain to a key trusted by this anchor.

options.cache opt"prefer" | "none"Whether to use the local cache. "none" forces a network round-trip.

options.signal optAbortSignalStandard cancellation signal.

import { loadSkill } from "@autovault/sdk";

const skill = await loadSkill("autoworks-ai/extract-pdf");

// skill.frontmatter.version === "1.4.0"

renderForTarget(skill, target)

stablesince 0.2.0

Pure function. Takes a verified skill and a target identifier; returns the agent-specific output string.

function renderForTarget(skill: SignedSkill, target: "claude-code" | "codex" | "cursor" | "autohub"): string

verifyChain(bundle)

stablesince 0.3.0

Verify a provenance chain offline. Takes a bundle from loadSkill(); returns a structured verdict with which links passed, which failed, and why.

function verifyChain(bundle: SignedSkill): VerifyResult

HTTP & MCP

remote endpoint · for sandboxed agents

Use the HTTP surface when an agent runs in an environment without local CLI access — mobile, hosted notebooks, browser-only runtimes. The MCP server bundled with the vault speaks both the vanilla HTTP API below and the MCP protocol on the same port.

GET /api/v1/skill/{org}/{name}

stablesince 0.3.0

Fetch a signed skill bundle. Response is signed JSON; clients should verify the signature with the public key from the trust anchor before consuming the body.

GET /api/v1/skill/{org}/{name}?version=1.4.0&target=claude-code

ParamTypeDescription

org *pathPublisher org, e.g. autoworks-ai.

name *pathSkill name within the org.

version optquerySpecific version. Omit for latest signed.

target optqueryPre-render the transformation for this target. Reduces caller-side work.

$ curl https://vault.autovault.dev/api/v1/skill/autoworks-ai/extract-pdf

{

"name": "extract-pdf",

"version": "1.4.0",

"signature": "ed25519:9af42c81…7e7e"

}

POST /api/v1/resolve

stablesince 0.3.0

Batch-resolve a list of skill specs to their latest signed versions. Useful for vaults that want to refresh many skills in one round-trip.

POST /api/v1/resolve

{ "specs": ["autoworks-ai/extract-pdf"], "target": "claude-code" }

POST /api/v1/verify

betasince 0.4.0

Server-side reproducible verification. Send a bundle; the vault re-runs the gate and returns whether its verdict matches what the bundle claims.

POST /api/v1/verify

// body: a SignedSkill bundle