Everything Stout can do
A universal package registry with built-in supply chain security, community review, and first-class AI agent support.
AI Agent Registry
NewThe first package registry with native support for AI agents, MCP servers, and skill bundles — with guardrail scanning built in.
agent.yaml Manifest
Declare kind (skill, mcp-server, agent-bundle), permission tier, dependencies, and entry points in a structured manifest.
LLM Guardrail Scanning
Every submission scanned for prompt injection, unicode trojans, and code obfuscation. Critical findings block publication.
MCP Server Support
Native mcp-server kind with permission tier filtering. Clients inspect requirements before install.
Permission Tiers
Five tiers from readonly to full. Tool declarations validated against tier — Bash requires execute, Write requires filesystem.
Agent Security Checks
Post-build scanning for credential harvesting patterns, data exfiltration attempts, and suspicious file access in entry points.
Publisher Verification
OAuth-linked publishers are verified against GitHub, GitLab, or Google. Verification status shown on every agent listing.
$ skillctl publish myorg https://github.com/myorg/my-agent v1.0.0
Validating agent.yaml manifest...
Scanning for guardrail violations... clean
Validating permission tier (network)...
Running agent security checks... passed
Signing with Sigstore (keyless)...
Published myorg/my-agent@1.0.0 (kind: mcp-server, tier: network)
Universal Package Registry
Seven package formats, one server. Native protocol support means your existing tools work without changes.
Go Modules
Full GOPROXY protocol. Set GOPROXY to your Stout instance and go get works out of the box.
npm Packages
Complete npm registry protocol with packument serving, scoped packages, and search.
Helm Charts
Native Helm chart repository with index.yaml, per-owner namespacing, and ETag caching.
Docker / OCI Images
Full OCI Distribution spec. Push source, get a signed container image. Works with docker pull.
Ruby Gems
Compact index and JSON API for RubyGems. Dependency resolution and gemspec metadata included.
Python Packages
PEP 503 Simple Repository API with wheels and sdists. pip install just works.
Agent / Skill Packages
First-class agent.yaml manifest format for AI skills, MCP servers, and agent bundles.
Supply Chain Security
Every artifact is built from source in a sandbox, scanned, signed, and given an SBOM — before it's published.
Sigstore Signing
Keyless signing via Fulcio with transparency log entries in Rekor. Verify provenance without managing keys.
Dual Vulnerability Scanning
Every build is scanned with both Grype and Trivy. Critical and high severity CVEs block publication.
SBOM Generation
Automatic Software Bill of Materials in both CycloneDX and SPDX formats via Syft, attached to every artifact.
Reproducible Builds
Artifacts are rebuilt from source a second time and SHA-256 digests compared. Mismatches block publication.
Source-Only Publishing
All formats reject pre-built artifact uploads. Every package is built from source in a sandboxed environment.
OpenTelemetry Tracing
Every pipeline step is traced with OTLP spans — from clone to publish. Full observability into every build.
Community & Trust
A reputation-weighted review system where verified humans score packages on security, quality, and documentation.
3-Dimensional Reviews
Community reviewers score packages on three axes: security posture, code quality, and documentation.
Reviewer Reputation
Reviewers earn reputation through helpful votes. Higher reputation means more weight in aggregate scores.
Identity Verification
KYC verification via Veriff ensures reviewers are real people. Required before submitting reviews.
Review Policies
Configurable per package type — minimum reviews, score thresholds, auto-publish rules, and stale review expiry.
Trust Levels
Four trust tiers — unverified, verified, trusted, and admin — control what actions users can perform.
License & Compliance
Automatic license detection and configurable policy enforcement across all your dependencies.
SPDX License Detection
Automatic license detection from go.sum, package-lock.json, and Chart.yaml across every dependency.
Policy Enforcement
YAML-configurable deny/warn/allow lists for SPDX license IDs. AGPL, SSPL, and BUSL blocked by default.
Developer Experience
A CLI, scoped tokens, organizations, OAuth login, and audit logging — everything you need to manage packages at scale.
skillctl CLI
Full-featured CLI with login, search, install, publish, verify, and review commands. Installs agents by kind.
Scoped API Tokens
Generate tokens with publish or admin scopes. SHA-256 hashed storage, expiry dates, and last-used tracking.
Organizations
Create org namespaces with owner, admin, member, and read-only roles. Publish under @org/ prefixes.
OAuth Login
Sign in with GitHub, GitLab, or Google. Link multiple providers to one account for publisher verification.
Audit Logging
Every action recorded server-side with actor, resource, and metadata. Client-side install audit log included.
Rate Limiting
Three-tier rate limiting — public, auth, and authenticated — protects the registry from abuse.
Ready to get started?
Join the waitlist for early access to Stout Cloud, or self-host the open-source version today.