Docs

Skills & versions

Imports, the version lifecycle, reviews and security scans.

Importing skills

A skill is a folder with a SKILL.md manifest. Import one from Skills → Import:

  • Upload a folder or ZIP containing the SKILL.md.
  • Scan a public GitHub repository — the workspace finds the skills inside and imports them with their provenance attached (see Collections & sources).
  • Create from a connected AI client — ask Claude, Codex, ChatGPT, Claude Code or another connected MCP client to author the package and save it to Codenskills. save_skill_draft validates the expanded files and creates a Draft; it does not make the version Ready.

In a company Workspace, every member can import skills, manage versions they authored and submit their own drafts. Owners and admins can manage other people's content, sources and collections. Reviewers can approve assigned submissions, but reviewer scope by itself adds no authoring or curation rights.

Importing always creates a new skill. If the name matches a skill that already exists, the import is rejected rather than overwriting it. To add a version to an existing skill, open that skill and use New version: the editor opens with the latest version's SKILL.md and package so you can edit it directly, and the uploaded package must share the skill's name.

A skill keeps one open draft at a time. Uploading a new version while a draft is already open updates that draft instead of piling up a second one, and while a version is in review new uploads are blocked until the reviewer decides. When you scan a GitHub repo, any skill whose name is already taken by another source is flagged in the review list and skipped, so an import never quietly overwrites an existing skill.

The version lifecycle

Every import produces versions that move through explicit states. Agents use granted Ready versions by default; an author may explicitly test only their own current Draft before review. A newer Ready version supersedes the previous one without rewriting history.

StateMeaning
DraftJust imported or edited. Visible in the workspace; its author alone may explicitly inspect/test it from MCP as Unreviewed.
ReviewSubmitted for approval in the company Workspace. Waits for a reviewer.
ReadyApproved and served to agents.
SupersededReplaced by a newer Ready version. Kept for history.

The automated gate runs before a version enters human review. Medium risk requires a reviewer approval note; high or critical risk blocks submission. The Workspace overview and Skills page show Draft, Review and Ready status; use the status filters on the Skills page to focus on a specific stage.

Testing your Draft from an agent

The ChatGPT/Claude interactive view includes Drafts for packages you authored. Search that list, open a Draft and select Test draft to prepare the same 15-minute signed ZIP used by normal installs. Direct MCP clients can ask for the equivalent my_draft target.

This is a private workflow state, not personal ownership or publication:

  • only skill_versions.created_by can inspect or install the Draft, even when another workspace member is an owner or admin;
  • a different key or connector for the same author may use it;
  • the package still belongs to the company Workspace;
  • it is labelled draft, author_only and unreviewed, with no trusted report;
  • it never appears in collections or update checks; and
  • every edit, deletion, review submission or Ready release invalidates the old link, so create a new test session after changing the package.

Testing does not scan, approve, share or make the version Ready. Once approved, normal user, group or whole-workspace grants still decide who can install it.

Deleting skills

Owners and admins can delete a skill from the skill detail page. A member can delete a skill they imported while it has never been approved. Deleting a skill removes its versions, grants, source links and collection membership. It does not edit approved versions in place; it removes the skill record itself.

Reviews

Company Workspaces route versions through an approval flow: submitted versions wait in Reviews until an assigned reviewer approves them; only then do they become Ready. Reviewers can be assigned to the whole workspace, to a collection or to a single skill — see Workspace governance. After submission, the skill page shows a persistent Review pending state with a shortcut to the review queue. If the automated scan cannot complete, the skill page shows a visible failure state and no review is created. The person who submitted a pending review, or a workspace owner/admin, can cancel it before a decision. Cancellation returns the version to Draft.

Security profile

Every new Ready release runs a full automated security scan of the exact package snapshot. The resulting security profile is shown on the skill page before the version can be released or reviewed. High-risk findings block release. Medium risk requires a reviewer approval note.

See Skill security for the complete validation, scan, attestation, risk-gate and signed-install flow.

When a scan exists, select its Security profile to open the full report. The same exact report is available from the pending review and from the version's row in Version history. The report includes every finding and recommendation, built-in category checks, the organization-policy snapshot, and collapsed attestation details. Each link is bound to that scan — it does not silently switch to a newer result.

Company Workspaces may add organization security criteria. They run independently from the built-in scan: watch violations appear as low-risk findings, blocking violations prevent submission, and inconclusive criteria become medium risk. Every review is bound to the exact trusted scan and policy revision used when it was submitted.

When a version is blocked, the skill page keeps a Blocked state visible with each blocking finding: which file triggered it and what to change, with a direct link to that file in Package contents. To resolve it, fix the flagged files, import the corrected package (it becomes the new draft of the same skill) and scan or submit it again. The blocked state clears as soon as new package content replaces the scanned draft.

For large document or spreadsheet skills, bundled reference assets such as Office schemas are inventoried and hashed rather than expanded in full inside the model profile. The scanner still reviews the package structure, instructions and scripts, but large machine-readable assets should not make a normal review fail just because they are big.