| name | autovault-bootstrap |
| version | 0.1.0 |
| description | Audit, install, verify, and sync AutoVault for the current agent profile. |
| license | MIT |
| disable-model-invocation | true |
| allowed-tools | ["Bash(uname:*)","Bash(command -v autovault:*)","Bash(mktemp:*)","Bash(curl -fsSL https://autovault.sh -o *)","Bash(wc -c *)","Bash(sed -n *)","Bash(sh *)","Bash(autovault doctor:*)","Bash(autovault sync-profiles --discover:*)","Read","Write"] |
| tools_required | ["http.fetch","shell.run","fs.read","fs.write"] |
| transformations | {"claude-code":{"http.fetch":"WebFetch","shell.run":"Bash","fs.read":"Read","fs.write":"Write"},"codex":{"http.fetch":"web","shell.run":"exec_command","fs.read":"exec_command","fs.write":"apply_patch"}} |
| capabilities | {"network":true,"filesystem":"readwrite","tools":["http.fetch","shell.run","fs.read","fs.write"]} |
| agents | ["claude-code","codex"] |
AutoVault Bootstrap
Use this skill when the user asks to install, configure, repair, or verify AutoVault for the current agent environment.
Safety Rules
- Do not execute the installer until the user explicitly approves the reviewed script.
- Do not stream a network response directly into a shell.
- Keep every downloaded installer in a temporary file so the user can inspect it.
- If a command needs broader shell, filesystem, or network access than this skill declares, stop and ask for approval with the exact command.
- Never print secrets, tokens, private keys, or full environment dumps.
Workflow
-
Detect the host and current state:
uname -a
command -v autovault
-
If autovault already exists, run verification first:
autovault doctor
autovault sync-profiles --discover
Report the result and stop unless verification fails.
-
If AutoVault is missing, stage the installer for review:
tmpdir="$(mktemp -d "${TMPDIR:-/tmp}/autovault-installer.XXXXXX")"
installer="$tmpdir/install.sh"
curl -fsSL https://autovault.sh -o "$installer"
wc -c "$installer"
sed -n '1,160p' "$installer"
-
Summarize what the staged script appears to do. Include install location, profile changes, network calls, and any commands that modify the filesystem.
-
Ask the user for explicit approval before running:
sh "$installer"
-
After an approved install, verify and sync:
autovault doctor
autovault sync-profiles --discover
-
If anything fails, explain the blocked step, likely permission or network cause, and the exact command the user can run manually.
Expected Outcome
The current machine should have a working autovault command, a healthy ~/.autovault folder, and discovered agent profiles refreshed through AutoVault.