Runtime and Registry for Agent Skills
Discover, verify, and execute capabilities on demand.
Enact packages tools as portable skill bundles and runs them securely — locally, in containers, or remotely — with policy enforcement and cryptographic verification.
Agents shouldn't ship with every tool preinstalled. They should acquire capabilities when needed.
Discover by capability — Search the registry for skills that solve the task:
enact search "resize images"Run instantly — Execute without manual setup or environment wiring:
enact run alice/resizer:resize -a '{"width": 800}'Know what's available — Agents and developers can inspect installed capabilities:
enact listTraditional package managers deliver code to developers. Enact delivers capabilities to autonomous systems with guarantees.
| Without Enact | With Enact |
|---|---|
| Manual integration | Drop-in execution |
| Implicit trust | Verified signatures |
| Environment drift | Reproducible runtime |
| Secrets in code | Secure injection |
| Static installs | On-demand capabilities |
npx launches code. A runtime governs execution.
The model decides what to run. Enact decides whether and how it runs.
Model (Claude, GPT, etc.)
↓
Host (Claude Code, Cursor, VS Code, etc.)
↓
Tool Call (MCP or CLI)
↓
Enact Runtime
├── Signature verification (Sigstore)
├── Trust policy enforcement
├── Backend selection (local / docker / remote)
├── Secret injection
└── Isolated execution
Before execution, Enact:
- Verifies signatures via Sigstore
- Applies trust policies per your configuration
- Selects an execution backend based on policy and environment
- Injects secrets securely without exposing them to the agent
- Runs in isolation when needed
Skills are portable across environments. Write once, run anywhere.
| Backend | When to use |
|---|---|
| Local | Fast, trusted workflows |
| Docker | Isolation for untrusted code, reproducible environments |
| Remote | No local runtime required |
Enact automatically chooses the safest available option based on policy and environment.
# ~/.enact/config.yaml
execution:
default: docker
fallback: remote
trusted_scopes: ["my-org/*"]A skill is just agent-facing documentation, a runtime manifest, and implementation code. No special framework required.
my-skill/
├── SKILL.md # Agent-facing documentation
├── skill.package.yml # Runtime manifest
└── code/
skill.package.yml defines identity, execution, and secrets:
enact: "2.0.0"
name: acme/scraper
version: "1.0.0"
description: Scrape URLs and convert web pages to clean markdown
from: python:3.12-slim
hooks:
build:
- pip install -r requirements.txt
env:
API_KEY:
secret: true
scripts:
scrape: "python /workspace/scrape.py {{url}}"SKILL.md teaches the agent how to use the skill — plain markdown, no special syntax.
Package anything from a small script to a full application.
Every published skill is cryptographically signed and transparently verified.
- Publisher identity validation — who signed this package
- Tamper detection — the package hasn't been modified since publishing
- Transparency logs — signatures are logged to a public ledger
- Configurable trust policies — enforce, warn, or skip per your needs
# ~/.enact/config.yaml
trust:
policy: enforce
auditors: ["my-org"]Use public registries, private registries, or fully self-hosted deployments.
Skills declare what they need in the manifest — secrets are injected at runtime without being exposed in logs, manifests, or to the agent.
# skill.package.yml
env:
FIRECRAWL_API_KEY:
secret: trueenact env set FIRECRAWL_API_KEY fc-your-key --secret --namespace enactThe skill sees a normal environment variable. The agent never sees the value.
Enact integrates with the Model Context Protocol, allowing AI clients to discover and execute skills dynamically through a standardized interface. No preconfiguration required.
Setup for Claude Code:
claude mcp add enact -- npx -y @enactprotocol/mcp-serverRun enact mcp install for setup instructions for Claude Desktop, Cursor, VS Code, and other clients.
Agents can:
- Search for capabilities
- Read documentation
- Execute tools
- Install frequently used skills
| Tool | Description |
|---|---|
enact_search |
Find skills by keyword or capability |
enact_learn |
Read a skill's documentation and usage |
enact_run |
Execute a skill from the registry |
enact_install |
Cache a skill locally for faster runs |
Example:
User: "Scrape the Anthropic homepage and summarize it"
Agent searches → finds enact/firecrawl
Agent learns → reads docs, sees it needs FIRECRAWL_API_KEY
Agent runs → enact/firecrawl:scrape with url: "https://anthropic.com"
Agent summarizes the returned markdown
Manage skills from the terminal.
enact search "pdf parser" # Find skills
enact learn alice/parser # Read docs
enact run alice/parser:parse # Execute
enact install alice/parser # Cache locally
enact publish # Share your skillenact init # Scaffold a new skill
enact run ./ # Test locally
enact login # Authenticate
enact publish # Publish to registryRun your own registry with a single command, or use the public ecosystem.
enact serve --port 8080 --data ./registry-dataenact config set registry http://localhost:8080- No external dependencies — SQLite + local file storage
- Local or private deployments
- Mirror or curate skills
- Full control over trust policies
A public registry is available at enact.tools.
| Portable | Skills run across environments without modification |
| Secure by default | Verification and policy enforcement before execution |
| Agent-native | Designed for dynamic capability discovery |
| Flexible | Works locally, in containers, or remotely |
| Open | Self-host, extend, or integrate into your stack |
Install the CLI and run your first skill in seconds.
npm install -g @enactprotocol/cli
enact search scraper
enact run enact/firecrawl:scrape -a '{"url":"https://example.com"}'Packages are scope/name. Scripts within a package are scope/name:script.
- Getting Started — Installation and first skill
- Protocol Spec — The
skill.package.ymlformat and execution semantics - API Reference — Registry API
- Trust & Signing — Sigstore-based verification
- Dev Setup — Contributing to Enact
packages/
├── api # Registry API client
├── cli # Command-line interface
├── execution # Pluggable execution backends (local, docker, dagger, remote)
├── mcp-server # MCP server for AI agents
├── registry # Self-hosted registry backend (SQLite)
├── secrets # Secure credential storage
├── shared # Core types, manifest parsing, config
├── trust # Sigstore signing and verification
└── web # Web UI (enact.tools)
- Fork the repository
- Create a feature branch
- Run
bun run lintandbun test - Submit a pull request
See DEV-SETUP.md for full instructions.
Apache-2.0 — see LICENSE.
- Registry: enact.tools
- Discord: discord.gg/mMfxvMtHyS
- Issues: GitHub