skillox init

Scaffold a new SKILL.md with secure-by-default frontmatter. Three templates, no network egress by default, scoped reads. The fastest way to start clean.

Usage

# In the current directory (creates ./SKILL.md)
skillox init

# Create a new folder with the skill inside
skillox init my-skill

# Pick a template
skillox init my-skill --template knowledge

# Override the name in the frontmatter
skillox init my-skill --name "@org/my-skill"

# Overwrite an existing SKILL.md (otherwise errors with exit 1)
skillox init --force

Templates

Three opinionated templates, each tuned to a different shape of skill. All declare capabilities explicitly so the scanner has something to audit; none grant network egress by default.

• tool (default) — a code-modifying skill. Reads ./src/**, no writes, no network. For skills that analyze or suggest but don't mutate.
• knowledge — best-practice rules / read-only docs. Reads ./src/** and ./app/**, no writes, no network. For skills that guide code generation without producing files.
• workflow — multi-step orchestration. Scoped reads + writes to ./src/** and ./tests/**, no network. For skills that actually generate or modify files end-to-end.

What gets generated

my-skill/
├── SKILL.md                 # frontmatter + body, secure-by-default
└── tests/
    └── prompt-suite.md      # starter prompts for skillox test (coming soon)

Example: the tool template

---
name: my-skill
version: 0.1.0
description: |
  One-line description of what this skill does.
capabilities:
  filesystem:
    read: ["./src/**"]
---

# my-skill

What this skill does. Be specific — agents read this to decide when to invoke you.

## When to use

Describe the trigger conditions: file types, user intents, project shape.

## Behavior

Step-by-step what happens when the agent invokes the skill.

## Out of scope

What this skill explicitly does NOT do. Helps the agent route correctly.

What "secure-by-default" means here

Every template lands clean against the SkillOx scanner — zero findings, grade A. The choices baked in:

• Capabilities are declared. The scanner refuses to give an A to skills with no manifest.
• No network egress by default. If you need it, you have to add it explicitly — and explain why in the body.
• Reads scoped to ./src (or ./src + ./app) — never ./**, never ~/**.
• Writes only in the workflow template — and even then, scoped to ./src and ./tests.
• No shell commands in the body — no chmod 777, no curl | sh, no rm -rf.

Exit codes

• 0 — files created successfully
• 1 — target SKILL.md exists (use --force to overwrite)
• 2 — invalid template flag

Next step

Edit the generated SKILL.md to describe what your skill actually does, then run skillox lint to audit your work before committing.