skillox policy

Defines what your org will and won't install. Reads a YAML policy file, evaluates every skill in the repo (or in the inventory), and exits non-zero on violation. Designed to sit in front of every PR that touches a SKILL.md.

Policy file shape

# .skillox/policy.yaml — checked into the repo
version: 1
min_grade: B                        # block C/D/F
allow_unsigned: false               # require signed releases
allowed_creators:                   # at least one must match
  - level: 4                        # L4 = verified org
  - id: "skillox-trusted-creators"  # named allowlist
denied_rules: [obfuscation, force-pushes-recent]
egress:
  allow: ["api.stripe.com", "api.openai.com"]
  block: ["analytics.*"]
agents:
  claude-code: { enabled: true }
  cursor: { enabled: true }
  codex: { enabled: false }         # disabled for this org

Usage

# Check a single skill
skillox policy check ./SKILL.md

# Check the whole inventory
skillox policy check --inventory

# In CI:
- name: Skill policy gate
  run: skillox policy check --inventory --policy=.skillox/policy.yaml

Output

✗ @acme/db-migrate@2.4.1
  · grade F (policy min: B)
  · creator unverified (policy: L4 required)
  · obfuscation rule fired (policy: denied)

✓ @stripe/checkout-skill@1.4.2

1 violation · exit code 1

Org-wide policy

For now the policy file lives in the repo. Later, with the Team tier, policies are centrally managed: the policy file is signed by the security team, distributed via git.skillox.io, and overrides repo-local policies. CI fetches the latest before each check.