Comment by twalla
3 days ago
It seems like you’re dramatically overcomplicating what could be a 2 bash scripts and a single LLM call. Natural language and LLMs are great for searching the problem space to find a solution, once you find the solution, shrink the stochastic parts (the MD saying “check GitHub” or whatever) and grow the deterministic parts (a bash script) as much as possible.
That's a fair comment. I sorta feel you're describing my thesis, "shrink the stochastic, grow the deterministic" is the point. Where we differ, maybe, is what the deterministic part is made of.
The problem I'm trying to solve for me is a step removed. The agent is the one writing the script, and I want it to run unattended against my systems every morning. I can't let it write and run bash. Even though my agent lives in a container (NanoClaw), I still need it to reach out to other systems. Github, my other servers, MCPs, etc.
Skillscript is how I let it reach out without holding the keys. It can invoke a skillscript that hits GitHub, but it never runs the raw command or holds the token itself. The runtime holds the credential and only lets it through the skillscript I approved.
It's fair to say a skillscript basically is your two bash scripts and an LLM call, but fenced in.
> The runtime holds the credential and only lets it through the skillscript I approved.
What about skillscript is unique that couldn't be done with bash or python as a permissioned tool? (Trying to understand where you see the difference.)
---
My original impression from the repo was that the language/toolkit is overengineered, but then I saw on the website that the intention is for the agents to write their own tools. That helps explain some of the complexity.
I think the rest of the perceived complexity is the over-explaining in the README.
I don't think anyone's going to really engage with all of that so you might have better luck chopping it down 80% to only highlight the stuff that matters.
What's the difference? if you're the one writing the Python and approving each script, probably little. The difference shows up when the agent writes it unattended, over and over. Skillscript can only reach the binaries and tools I allowlisted, where I allowlisted them. An agent can't escalate by writing something clever that get by me.
I think you're right on. I let the readme get out of hand. It became a README, changelog mash-up. Going to rewrite it, and the 80% metric is a good one. Is there an example of what you consider the perfect readme?
3 replies →