sleuth-io/sx

Source: https://github.com/sleuth-io/sx

sx is your team’s private npm for AI assets - skills, MCP configs, commands, and more.

Capture what your best AI users have learned and spread it to everyone automatically.

⭐ Star this repo · 🌐 Website · 📋 Changelog · 📄 License

Why sx?

Your best developers have figured out how to make AI assistants incredibly productive - custom skills, MCP configs, slash commands, proven patterns. But that knowledge is stuck on their machines.

Current workarounds don’t scale:

• Copy into each repo - Duplication nightmare, no central updates, version drift
• Global config - Bloats context for projects/tasks that don’t need those skills
• Client plugins - Manually install each one, locked to one AI client, no bundling

sx solves this by:

• Sharing expertise - Turn individual discoveries into team assets
• Instant onboarding - New devs inherit the team’s AI playbook on day one
• Central updates - Change once in your vault, everyone gets the update
• Scoped installation - Right assets for each org, team, bot, repo or person, no context bloat
• Works with any AI client - Claude Code, Cursor, GitHub Copilot, Gemini, Kiro, and more, plus claude.ai and chatgpt.com via the cloud relay

Quickstart

Install via Homebrew (macOS/Linux):

brew tap sleuth-io/tap
brew install sx

Or via shell script:

curl -fsSL https://raw.githubusercontent.com/sleuth-io/sx/main/install.sh | bash

Then

# Initialize
sx init

# Add an asset from your vault
sx add /path/to/my-skill

# Install assets to your current project
sx install

Multiple vaults? Use profiles to switch between them:

sx profile add work        # Add a new profile
sx profile use work        # Switch to it
sx profile list            # See all profiles

Install targets — pick who sees which asset:

sx install my-skill --org                         # everyone in the vault
sx install my-skill --repo github.com/acme/infra  # only inside that repo
sx install my-skill --path github.com/acme/infra#docs/  # one path in a repo
sx install my-skill --team platform               # every member of a team
sx install my-skill --user [email protected]         # a single user (must be the caller)
sx install my-skill --bot python-backend          # a bot identity (CI runner, agent)

See docs/scoping.md for the full overview and links to a per-scope doc for each install target.

Preview — see what sx install would resolve for you, the pip freeze analogue, without downloading or writing anything:

sx install --dry-run

Use your vault from claude.ai or chatgpt.com — expose it as an MCP endpoint via the skills.new relay:

sx cloud connect       # opens skills.new, paste back the attach line
sx cloud serve         # keep this running — Ctrl+C exits
sx cloud status        # prints the MCP URL to paste into claude.ai / chatgpt.com

The relay forwards requests over a WebSocket your machine opens — vault content stays local. See docs/cloud-relay.md.

Usage analytics & audit:

sx stats                                   # adoption dashboard
sx stats --since 7d --json                 # machine-readable
sx audit                                   # recent team/install mutations
sx audit --actor [email protected] --since 30d --event install.set

Already using Claude Code?

If you’ve built up skills, plugins, or MCP configs in your .claude directory, sx helps you version, sync across machines, and share with teammates.

# Add your existing skills/commands (sx auto-detects the type)
sx add ~/.claude/commands/my-command
sx add ~/.claude/skills/my-skill
sx add code-review@claude-plugins-official

Your prompt files stay exactly as they are - sx just wraps them with metadata for versioning.

What can you build and share?

• Skills - Custom prompts and behaviors for specific tasks
• Rules - Coding standards and guidelines that apply to specific file types or paths
• Agents - Autonomous AI agents with specific goals
• Commands - Slash commands for quick actions
• Hooks - Automation triggers for lifecycle events
• MCP Servers (experimental) - Model Context Protocol (MCP) servers for external integrations
• Plugins - Claude Code plugin bundles with commands, skills, and more

skills.sh support

sx integrates with skills.sh, a community directory of 85k+ agent skills.

sx add anthropics/skills/frontend-design  # Add a specific skill
sx add vercel-labs/agent-skills           # Browse skills in a repo
sx add --browse                           # Search and browse the full directory

Distribution models

Choose the right distribution model for your team:

Local (Personal)

Perfect for easily sharing personal tools across multiple personal projects

sx init --type path --path my/vault/path

Git vault (Small teams)

Share assets through a shared git vault

sx init --type git --repo [email protected]:yourteam/skills.git

Skills.new (Large teams and enterprise)

Centralized management with a UI for discovery, creation, sharing, and usage analytics

sx init --type sleuth

How it works

sx follows the manifest-and-lock pattern used by npm, cargo, and uv:

1. Manifest (sx.toml) — the vault’s source of truth. Lists every managed asset, its install scopes (org, repo, path, team, bot, user), and team definitions (members, admins, repositories). Committed to git / path vaults. See docs/manifest-spec.md.
2. Lock file — a per-user resolved artifact. sx install reads the manifest, resolves team and user scopes against the caller’s git identity, and writes the result to the user’s cache directory (~/<cache>/sx/lockfiles/). When the resolved lock changes, the previous file is rotated with a timestamp so old installs stay reproducible.
3. Audit + usage streams — every team/install mutation appends an audit entry to .sx/audit/YYYY-MM.jsonl; usage events append to .sx/usage/YYYY-MM.jsonl. Query them with sx audit / sx stats.

High level: create assets with metadata, share to your vault, install globally, per repo, per path, per team, per bot, or per user, auto-install on new Claude Code sessions, stay synchronized — everyone gets the same tools automatically.

Supported Clients

Roadmap

• ✅ Local, Git, and Skills.new vaults
• ✅ Claude Code support
• ✅ Cline support
• ✅ Cursor support
• ✅ GitHub Copilot support
• ✅ Gemini support
• ✅ Codex support
• ✅ Kiro support
• ✅ Openclaw support
• ✅ claude.ai and chatgpt.com support via the skills.new cloud relay
• ✅ Org, Team, Bot, Repository & Personal installation targets for all vault types
• ✅ Skill discovery - Use Skills.new to discover relevant skills from your code and architecture
• ✅ Analytics - Track skill usage and impact
• RBAC and change request flow - Support a gated skill update flow

License

See LICENSE file for details.

Development

# Install gvm
bash < <(curl -s -S -L https://raw.githubusercontent.com/moovweb/gvm/master/binscripts/gvm-installer)

# Install Go (use go1.4 as bootstrap if needed)
gvm install go1.4 -B
gvm use go1.4
export GOROOT_BOOTSTRAP=$GOROOT
gvm install go1.25
gvm use go1.25 --default

make init           # First time setup (install tools, download deps)
make build          # Build binary
make install        # Install to GOPATH/bin

make test           # Run tests with race detection
make format         # Format code with gofmt
make lint           # Run golangci-lint
make prepush        # Run before pushing (format, lint, test, build)

git tag v0.1.0
git push origin v0.1.0