Skill Arbiter
The St. Peter of skills.
Author: Edward Silvia
License: MIT
Use this skill to decide which skills get admitted and which get quarantined.
Run
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ doc screenshot security-best-practices security-threat-model playwright \ --window 10 --threshold 3 --max-rg 3
For personally-created skills:
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ my-new-skill \ --source-dir "$CODEX_HOME/skills" \ --window 10 --threshold 3 --max-rg 3 \ --promote-safe
For personal lockdown mode:
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ my-new-skill \ --source-dir "$CODEX_HOME/skills" \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown
Behavior
- •Install each candidate skill one-by-one from curated source.
- •Sample
rg.exeprocess count once per second. - •Remove and blacklist offenders automatically.
- •Treat blacklisted skills as permanently denied and delete them if present.
- •Respect local whitelist entries in
<dest>/.whitelist.localand skip arbitration for approved skills. - •Respect local immutable entries in
<dest>/.immutable.local; immutable skills are never removed/blacklisted. - •Third-party (repo-based) skills are deny-by-default and deleted unless
--promote-safeis used. - •
--promote-safeauto-adds passing skills to whitelist + immutable files. - •Emit optional JSON evidence via
--json-out. - •
--personal-lockdownrequires local--source-dir, forces whitelist+immutable promotion, and rejects symlinked control files.
Safe Modes
- •Use
--dry-runto preview actions without modifying files. - •Use
--destto test in an isolated skills directory.
Mass-Index Skill Admission
Use this command to admit the bounded no-rg indexing skill family:
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ safe-mass-index-core repo-b-mass-index-ops repo-d-mass-index-ops repo-c-mass-index-ops \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/mass-index-arbiter.json
Expected acceptance:
- •
action=kept - •
persistent_nonzero=false - •
max_rg=0target for each skill
Usage-Watcher Admission
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ usage-watcher \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/usage-watcher-arbiter.json
REPO_B Local Bridge Orchestrator Admission
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ repo-b-local-bridge-orchestrator \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/repo-b-local-bridge-orchestrator-arbiter.json
REPO_B MCP Comfy Bridge Admission (Canonical)
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ repo-b-mcp-comfy-bridge \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/repo-b-mcp-comfy-bridge-arbiter.json
REPO_B Local Comfy Orchestrator Admission (Legacy Wrapper)
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ repo-b-local-comfy-orchestrator \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/repo-b-local-comfy-orchestrator-arbiter.json
Meta-Governance Skill Pack Admission
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ skill-cost-credit-governor skill-dependency-fan-out-inspector \ skill-cold-start-warm-path-optimizer skill-blast-radius-simulator skill-trust-ledger \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/skill-meta-governance-arbiter.json
Cross-Repo Radar Admission
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ skills-cross-repo-radar \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/skills-cross-repo-radar-arbiter.json
Common-Sense Engineering Admission
python3 "$CODEX_HOME/skills/skill-arbiter/scripts/arbitrate_skills.py" \ skill-common-sense-engineering \ --source-dir skill-candidates \ --window 10 --threshold 3 --max-rg 3 \ --personal-lockdown \ --json-out /tmp/skill-common-sense-engineering-arbiter.json
Release Workflow
For release-impacting changes (for example scripts/, SKILL.md, or non-doc files):
python3 scripts/prepare_release.py --part patch
Then refine the new CHANGELOG.md entry for the PR.
CI enforces this on pull requests with:
python3 scripts/check_release_hygiene.py
Privacy Lock
This repo is public-shape only. Do not commit private repo identifiers or user-specific absolute paths.
Local/staged check:
python3 scripts/check_private_data_policy.py --staged
CI check:
python3 scripts/check_private_data_policy.py
Skill Level-Up Declaration
When this workflow creates or improves a skill, include this exact two-line declaration in the response:
New Skill Unlocked: <SkillName> <SkillName> Leveled up to <LevelNumber>