Composable skill packets, harvests, workflow routing, and release/audit rubrics over MCP.
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Composable skill packets, harvests, workflow routing, and release/audit rubrics over MCP.