skillz
Verified Safeby Algiras
Overview
Skillz enables AI agents to dynamically build, manage, and execute custom tools at runtime using WebAssembly and scripts, with features like persistent memory, Docker service orchestration, and external MCP server integration.
Installation
skillzEnvironment Variables
- TOOLS_DIR
- SKILLZ_ROOTS
- SKILLZ_SANDBOX
- SKILLZ_SANDBOX_NETWORK
Security Notes
The server implements robust security measures including a fully sandboxed WebAssembly runtime for Rust tools, and optional Linux sandboxing (bubblewrap, firejail, nsjail) for script tools. Environment variables passed to tools are strictly filtered, with `SKILLZ_*` prefixed variables forwarded for secrets. Tool imports from Git/Gist are supported, with the imported code subject to the same sandboxing. Docker services add a dependency on Docker's security model, but are managed within a dedicated network and prefixed volumes. No 'eval' or direct obfuscation patterns were observed; the codebase is transparent Rust.
Similar Servers
codex-mcp-skills
Manages, validates, analyzes, and synchronizes AI skills and configurations for Claude Code and Codex CLI, also serving them to MCP clients and running subagents.
octomind
Session-first AI development assistant with built-in Model Context Protocol (MCP) tools and multi-provider LLM support for interactive coding, file management, and web research.
mcp-framework
A Rust framework for building AI agents with built-in Model Context Protocol (MCP) support, multi-LLM integration, and a web-based inspector for debugging.
codex-mcp-rs
This server acts as an MCP (Model Context Protocol) wrapper for the Codex CLI, enabling AI-assisted coding tasks through compatible clients like Claude Code.