Comment by christoff12

3 days ago

> The runtime holds the credential and only lets it through the skillscript I approved.

What about skillscript is unique that couldn't be done with bash or python as a permissioned tool? (Trying to understand where you see the difference.)

---

My original impression from the repo was that the language/toolkit is overengineered, but then I saw on the website that the intention is for the agents to write their own tools. That helps explain some of the complexity.

I think the rest of the perceived complexity is the over-explaining in the README.

I don't think anyone's going to really engage with all of that so you might have better luck chopping it down 80% to only highlight the stuff that matters.

What's the difference? if you're the one writing the Python and approving each script, probably little. The difference shows up when the agent writes it unattended, over and over. Skillscript can only reach the binaries and tools I allowlisted, where I allowlisted them. An agent can't escalate by writing something clever that get by me.

I think you're right on. I let the readme get out of hand. It became a README, changelog mash-up. Going to rewrite it, and the 80% metric is a good one. Is there an example of what you consider the perfect readme?

  • Re: difference -- Ok, I think I understand. Ultimately, we need a "permissions" layer and you've built a solve for that.

    Re: README -- I can't recall a specific repo with one off the top of my head so took a stab at editing yours[1] instead of hunting around. It's not perfect -- I'd want to trim the bullet lists further, for example -- but is much more scannable in my opinion.

    ---

    [1] https://gist.github.com/thedatadavis/fbbe556348eb43731659456...

    • Oh wow. Talking about going above and beyond! Thanks for this. I'll use it as a template for sure. You might have guessed, first time building in public per se. Everything else I do is pretty much for clients and C/C++ work.

      1 reply →