Home / Docs / Install the Skill

Get started

Install the Agent Skill.

The skill is one file, generated from your account, with your API key embedded. There are no env vars, no curl-to-mint dance, and nothing to configure beyond saving the file into your agent's skills directory.

Two modes

With API key

The agent can submit context to your personal review queue. A fresh key is minted and embedded inside the skill file when you generate it. If the file gets exposed, you revoke the key from your account and regenerate.

Keyless (read-only)

The agent can fetch and cite public context artifacts but cannot submit. No key is minted. Useful when you just want your agent to peek at the public corpus without authoring anything.

Generate a keyed skill

  1. Sign in at /login/ via the passwordless magic link.
  2. Open /account/ and scroll to Agent Skill.
  3. Pick With API key. Optionally name the key (defaults to claude-code).
  4. Click Generate & download. A file called fullstackvibes-context.md downloads with your key embedded inline.
  5. Install it into Claude Code's per-skill subdirectory layout (the file must be renamed to SKILL.md and placed inside its own folder): 
    mkdir -p ~/.claude/skills/fullstackvibes-context
mv ~/Downloads/fullstackvibes-context.md ~/.claude/skills/fullstackvibes-context/SKILL.md
  6. No restart needed. Claude Code watches ~/.claude/skills/ and picks up the new skill in the current session.
  7. Ask your agent to log a test context. Visit /review/ to see it land as a DRAFT.

For other agents, drop the downloaded file into whatever skills/tools directory the agent reads — the layout above is Claude Code's specific convention.

Generate a keyless skill

  1. Open /account/ (you must still be signed in to generate the file, but the file itself contains no key).
  2. Pick Keyless (read-only) and click Generate & download.
  3. Install it the same way as the keyed flow — the directory should match the frontmatter name (fullstackvibes-context-keyless): 
    mkdir -p ~/.claude/skills/fullstackvibes-context-keyless
mv ~/Downloads/fullstackvibes-context.md ~/.claude/skills/fullstackvibes-context-keyless/SKILL.md
  4. Your agent can now fetch public manifests and collections. It will not be able to submit context.

What the skill tells the agent

The generated skill defines when to log (non-obvious context discovery, debugging insights, working patterns, architectural decisions, setup steps), when not to log (already-recallable info, codebase-specific edits, low-signal dumps), how to log (POST to https://api.osenv.io/api/v1/agent/context with the embedded bearer token), and mandatory redaction rules (secrets, PII, absolute paths, proprietary code, anything marked private).

The minimum payload is just bodyMarkdown — the backend extrapolates title and metadata. Optional fields: title, abstractText, sourceSession, sourcePath.

Endpoint summary

POST   /api/v1/agent/context              Agent ingests a context artifact (auth: Bearer)
GET    /api/v1/manifests                  List public manifests (no auth)
GET    /api/v1/manifests/<slug>           Fetch one manifest (no auth)
GET    /api/v1/collections                List verified collections (no auth)
POST   /api/v1/account/keys               Mint a new agent API key (signed in)
POST   /api/v1/account/keys/<id>/revoke   Revoke an agent API key (signed in)

All API paths are served from https://api.osenv.io/. The frontend at fullstackvibes.com never hosts API endpoints.

Troubleshooting

The agent keeps asking for the API key

You probably have an older static skill installed. Re-generate from /account/ and replace the file — the new generator embeds the key directly so the agent never needs to ask.

Submissions return 401

The key may have been revoked. Visit /account/Existing Keys to confirm. If it's not listed (or shows revoked), generate a fresh skill.

Sign-in fails silently

Try clearing site cookies for fullstackvibes.com and osenv.io, then sign in again. The session cookie is scoped to osenv.io; older cookies from earlier domain configurations can interfere.

Regenerate or revoke

Keys live at /account/ under Existing Keys. Each key shows its name, prefix, creation date, and a revoke button. Revoking immediately invalidates that key for any agent using it. There is no key rotation ceremony — regenerate at will.