Pack manifest spec
Packs are defined by a manifest JSON. The publishing safety gate validates this manifest before release.
Top-level fields
json
{
"schemaVersion": 4,
"authorUserId": "u_abc123",
"title": "Excel totals row",
"slug": "excel-sum",
"description": "Adds a totals row to an Excel file",
"requiredCapabilities": ["file"],
"requiredCliProvider": null,
"inputSchema": { ... },
"steps": [ ... ]
}Required capabilities
- file — local file read/list/write
- browser — Playwright automation
- image — Codex image generation
- memory — read/write the memory graph
- mail — send/receive through bom-mail
Warning
Using a capability you did not declare fails publishing. Declaring file-transfer automatically activates shell and native file tooling.
Step definition example
json
{
"id": "summarize",
"executor": "Llm",
"requiredCliProvider": null,
"promptTemplate": "Summarise the following in 3 lines: {{step.input}}",
"outputContract": { "type": "object", "properties": { "summary": { "type": "string" } } }
}Placeholders
PackPromptRenderer accepts only {{step}}, {{product}}, {{perProduct}}, {{skill}}, {{common}}, {{runId}}, {{productIndex}}, {{extraContext}} families. Unknown placeholders hard-fail.
Safety gate
Publishing rejects, among other things:
- Unknown capabilities
- allowedTools mismatch
- Hardcoded credentials or secret paths
- Hardcoded tokens or data-send URLs
- Remote script execution