Integrate downloads

Every entity has a one-click download. What you get and what to do with it depends on the type.

Skill

• skill.md — Markdown body. Inject as a system-prompt block in your agent. Compatible with every framework that takes prose context.
• manifest.json — signed manifest. Verify provenance before injecting.

# Download via the CLI:
npx @amitte-ai/cli install <publisher>/<name> --to ./skills/

Agent

• agent.md — system prompt + invocation guidance.
• manifest.json — same shape as skills, plus an endpoints[0] entry describing the model contract.
• input.schema.json, output.schema.json — JSON Schema for the agent's I/O. The SDK validates against these before/after invocation.

import { Skills } from '@amitte-ai/sdk';
const skills = new Skills();
const result = await skills.invokeAgent('<publisher>/<name>', input, {
  provider: 'anthropic',
  model: 'claude-sonnet-4-6',
  apiKey: process.env.ANTHROPIC_API_KEY!,
});

MCP server

The download dropdown produces a JSON config snippet pre-filled for the target MCP client (Claude Desktop, Cursor, VS Code). Drop the JSON into the file path the dropdown shows and restart your client.

# Or fetch the snippet via curl:
curl 'https://registry.amitte.com/mcp/connect/<publisher>/<name>?client=claude-desktop' | jq .snippet

Verifying signatures (all types)

Every download includes a Sigstore bundle in the manifest. To verify:

npx @amitte-ai/cli verify <publisher>/<name>@<version>

Verification checks the Rekor inclusion proof, the cert chain, and the artifact hash. Any failure prints a structured error and exits non-zero.

Bulk download (CLI)

# Pull every entity in a repo into ./bundle/
npx @amitte-ai/cli pull <publisher>/<repo> --to ./bundle/

Streams each member's artifact + manifest + signatures into a folder named after the entity id. Useful when staging an offline mirror.