ConnectOnionConnectOnion
DocsFeaturesSkills

Skills

Pre-packaged workflows with snapshot/restore permission management

Quick Start

main.py
1from connectonion import Agent 2from connectonion.useful_tools import FileTools 3from connectonion.useful_plugins import skills, tool_approval 4 5file_tools = FileTools() 6agent = Agent( 7 "assistant", 8 tools=[file_tools], 9 plugins=[skills, tool_approval] # skills must come before tool_approval 10) 11 12# User types: /commit 13# → Skills plugin loads commit skill 14# → Takes snapshot of current permissions 15# → Grants temporary git permissions 16# → Agent executes with auto-approved tools 17# → Restores snapshot when turn ends

What Skills Do

Instant Invocation

/command detected in @after_user_input, no LLM overhead

Snapshot/Restore

Preserves user approvals while granting temporary permissions

Security

Permissions auto-clear after turn completes

Unified Permission Structure

Skills use the same 4-field permission structure as all other permission sources:

allowed

True - Tool is permitted

source

"skill" - From skill invocation

reason

"commit skill (turn 5)"

expires

{"type": "turn_end"}

main.py
1# Skills grant permissions like this: 2session['permissions']['Bash(git status)'] = { 3 'allowed': True, 4 'source': 'skill', 5 'reason': 'commit skill (turn 5)', 6 'expires': {'type': 'turn_end'} 7}

Snapshot/Restore Flow

Skills preserve user approvals using a snapshot → grant → restore pattern:

1

📸 Snapshot

Before granting skill permissions, save current state:

snapshot = deepcopy(session['permissions'])
2

➕ Grant

Add skill permissions to existing permissions:

session['permissions']['Bash(git *)'] = {...}
3

⚡ Execute

Agent runs with both user and skill permissions active

4

🔄 Restore

When turn ends, restore the snapshot:

session['permissions'] = snapshot

Result: User Approvals Never Lost

  • ✅ User's session approvals preserved across skill invocations
  • ✅ Skill permissions cleanly added and removed
  • ✅ No permission contamination between turns
  • ✅ Predictable, testable permission lifecycle

Example Skill

code
1--- 2name: commit 3description: Create git commits with good messages 4tools: 5 - Bash(git status) 6 - Bash(git diff *) 7 - Bash(git commit *) 8 - Bash(git add *) 9 - read_file 10 - glob 11--- 12 13Create a well-formatted git commit for staged changes. 14 151. Check status: `git status` 162. Review changes: `git diff --staged` 173. Create commit with descriptive message

User types: /commit → git commands auto-approved → commit created → permissions restored

Permission Patterns

Skills support flexible pattern matching for tool permissions:

Exact Match

Bash(git status)

Only matches "git status"

Wildcard Args

Bash(git diff *)

Any git diff command

Command Prefix

Bash(git *)

All git commands

Tool Name

read_file

Any read_file call

code
1tools: 2 - Bash(git status) # Exact: only "git status" 3 - Bash(git diff *) # Wildcard: any git diff command 4 - Bash(git *) # Prefix: all git commands 5 - read_file # Tool name (any arguments) 6 - glob # Tool name 7 - grep # Tool name

Security Model - One Turn Only

Turn-Based Expiration

Turn 3: User approves write for session (tool-level)
permissions['write'] = {source: 'user', expires: 'session_end'}
Turn 5: /commit skill invoked
→ Snapshot taken (write saved)
→ Grant: permissions['bash'] = {source: 'skill', when: {command: 'git *'}, expires: 'turn_end'}
During turn 5:
→ git status ✓ (skill permission with when:{command: 'git *'})
→ write("foo.txt") ✓ (user permission, tool-level)
Turn 5 ends (@on_complete):
→ Restore snapshot
→ bash permissions cleared ✓
→ write preserved ✓
Turn 6: Normal operation
→ bash commands require approval ✗
→ write still works ✓

Creating Skills

Project-Level (.co/skills/)

code
1mkdir -p .co/skills/deploy 2cat > .co/skills/deploy/SKILL.md <<'EOF' 3--- 4name: deploy 5description: Deploy to PyPI 6tools: 7 - Bash(pytest *) 8 - Bash(python -m build) 9 - Bash(python -m twine *) 10--- 11 12Deploy package to PyPI after running tests. 13 141. Run tests to ensure quality 152. Build the package 163. Upload to PyPI 17EOF

User-Level (~/.co/skills/)

code
1mkdir -p ~/.co/skills/review 2cat > ~/.co/skills/review/SKILL.md <<'EOF' 3--- 4name: review 5description: Code review workflow 6tools: 7 - Bash(git diff *) 8 - Bash(git log *) 9 - read_file 10 - glob 11 - grep 12--- 13 14Review recent code changes and provide feedback. 15 161. Check recent commits 172. Review diffs 183. Identify issues and suggestions 19EOF

Related

Permissions

Complete permission system overview

Skills Concepts

Detailed skills documentation

Previous
Permissions
Next
Audio Transcription

Enjoying ConnectOnion?

⭐ Star us on GitHub = ☕ Coffee chat with our founder. We love meeting builders.