Releases: cobibean/shared-skills-registry-mcp
Release list
Open SSR v0.1.0a2
Open SSR v0.1.0a2
Open SSR v0.1.0a2 is the second public alpha of Shared Skills Registry MCP, the first published to PyPI, and the first with optional bearer-token authentication. The registry schema, tool contracts, install guardrails, and audit format are unchanged.
This remains a prerelease for loopback or controlled private-network evaluation.
What changed since v0.1.0a1
-
PyPI publication. The package installs directly:
pipx install --pip-args=--pre shared-skills-registry-mcp # or: uv tool install --prerelease=allow shared-skills-registry-mcp # or: pip install --pre shared-skills-registry-mcp
-
Optional bearer-token authentication. Setting
SSR_MCP_AUTH_TOKENon the HTTP service requiresAuthorization: Bearer <token>(constant-time compared) on all/tools/...,/registry/..., and/audit/...routes;/healthzand the static UI stay open. Failures return 401 and are audited without recording the supplied value. The newshared-skills-registry-generate-tokencommand emits a ready-to-paste.envline; the stdio adapter forwards the same env var as its auth header; the UI gained a Token button that stores the token in browser localStorage only. When the variable is unset, behavior is identical tov0.1.0a1, and the launcher now warns on non-loopback binds without a token. -
Tag-triggered release automation.
.github/workflows/release.ymlbuilds and verifies the wheel/sdist, publishes to PyPI via OIDC trusted publishing (no long-lived tokens), and attaches checksummed artifacts to the GitHub release. -
Zero-friction quickstart. README now leads with the PyPI install path and a copy-paste Claude Code
claude mcp addsnippet;docs/MCP-CLIENT-CONFIG.mdgained pipx/uv and Claude Code sections. -
Sharpened positioning. README leads with what Open SSR uniquely is: a runtime-neutral, self-hosted skill registry any MCP client can pull from, with checksums and an audit trail.
-
No changes to the registry schema, HTTP/MCP tool contracts, install validation, or audit format.
Security boundary
Open SSR now offers optional shared-token HTTP authentication, but still has no authorization model, TLS, CSRF protection, rate limiting, publisher signatures, sandbox, or multi-tenant isolation. Without SSR_MCP_AUTH_TOKEN, any client that can reach the HTTP service can reach its tool, registry-editing, and audit routes; with it, every token holder has full authority and the token crosses the network in plaintext.
Use the packaged launcher on loopback for ordinary evaluation. For cross-machine use, supply a controlled private network and/or authenticated TLS proxy with route policy. Direct public-Internet exposure is unsupported.
Checksums detect mismatches; they do not prove publisher identity or make skill content benign. Retrieval and installation do not execute bundle content, but an agent may later follow instructions or run scripts from an installed skill.
Read before deployment:
Attached artifacts
The prerelease attaches:
shared_skills_registry_mcp-0.1.0a2-py3-none-any.whlshared_skills_registry_mcp-0.1.0a2.tar.gzSHA256SUMS
Verify downloads before installation:
sha256sum -c SHA256SUMSPyPI installation is the recommended path; the attached artifacts exist for offline verification and provenance.
Verification performed
The release candidate is required to pass:
- full source suite and real generic MCP stdio smoke;
- clean wheel and sdist builds and installs;
- archive, metadata, license, notice, and packaged-resource checks;
- caller-local installation and audit evidence;
- Python 3.11 and 3.14 hosted source/artifact matrix;
- post-publication
pip install --prefrom PyPI plus UI, MCP, install, and audit smoke.
Reporting vulnerabilities
Do not open a public issue for an undisclosed vulnerability. Use GitHub private vulnerability reporting.
Open SSR v0.1.0a1
Open SSR v0.1.0a1
Open SSR v0.1.0a1 is the first public alpha of Shared Skills Registry MCP: a self-hosted registry, control panel, HTTP tool surface, and MCP stdio adapter for reusable AI-agent skills.
This is a GitHub prerelease for loopback or controlled private-network evaluation. It is not published to PyPI.
Highlights
- Curated 14-entry starter catalog with source, owner, lifecycle, and applicability metadata.
- Five HTTP and MCP operations: list, search, describe, retrieve, and install.
- Caller-local installation beneath an explicitly configured skills root.
- Path, frontmatter, size, and SHA-256 validation before writes.
- Staged whole-bundle replacement that removes stale files and attempts rollback when possible.
- Zero-build registry UI with search, detail, bundle inspection, activity, and metadata editing.
- Server and caller-local JSONL activity records.
- Packaged
shared-skills-registry-httpandshared-skills-registry-stdiocommands. - Python 3.11 through 3.14 source, wheel, and sdist verification.
Security boundary
Open SSR has no built-in HTTP authentication, authorization, TLS, CSRF protection, rate limiting, publisher signatures, sandbox, or multi-tenant isolation. Any client that can reach the HTTP service can reach its tool, registry-editing, and audit routes.
Use the packaged launcher on loopback for ordinary evaluation. For cross-machine use, supply a controlled private network and/or authenticated TLS proxy with route policy. Direct public-Internet exposure is unsupported.
Checksums detect mismatches; they do not prove publisher identity or make skill content benign. Retrieval and installation do not execute bundle content, but an agent may later follow instructions or run scripts from an installed skill.
Read before deployment:
Attached artifacts
The prerelease attaches:
shared_skills_registry_mcp-0.1.0a1-py3-none-any.whlshared_skills_registry_mcp-0.1.0a1.tar.gzSHA256SUMS
Verify downloads before installation:
sha256sum -c SHA256SUMSCreate a clean environment and install one attached Python artifact:
python -m venv .venv
. .venv/bin/activate
pip install ./shared_skills_registry_mcp-0.1.0a1-py3-none-any.whl
shared-skills-registry-httpThen open http://127.0.0.1:8765/ui. If that port is occupied:
SSR_MCP_PORT=18765 shared-skills-registry-httpVerification performed
The release candidate is required to pass:
- full source suite and real generic MCP stdio smoke;
- clean wheel and sdist builds and installs;
- archive, metadata, license, notice, and packaged-resource checks;
- caller-local installation and audit evidence;
- Python 3.11 and 3.14 hosted source/artifact matrix;
- public README/GIF/link rendering;
- post-publication download, checksum, clean install, UI, MCP, install, and audit smoke.
Reporting vulnerabilities
Do not open a public issue for an undisclosed vulnerability. Use GitHub private vulnerability reporting.