# Skill Resource Protocol > The build standard for everything a skill ships **besides** its `SKILL.md` prose: > the `scripts/`, `assets/`, and `references/` directories. One contract, so that a > script in `mac-ops` behaves like a script in `supply-chain-defense` — predictable > streams, predictable exit codes, predictable help. **Scope.** This document governs skill *resources* — the resource layer of the [Skill Creation Protocol](SKILL-CREATION-PROTOCOL.md) (Step 4). Frontmatter, naming, and body structure live elsewhere — see [naming-conventions.md](../rules/naming-conventions.md), [SKILL-SUBAGENT-REFERENCE.md](SKILL-SUBAGENT-REFERENCE.md), and the [Agent Skills spec](https://agentskills.io/specification). Terminal/TTY output is [TERMINAL-DESIGN.md](TERMINAL-DESIGN.md) (`skills/_lib/term.sh`). **Why it exists.** Claude executes these scripts mid-task and parses their output. Inconsistent interfaces mean wasted tokens (the agent re-derives usage), broken pipes (status text pollutes `| jq`), and silent failures (exit 0 on bad input). Of the many skill scripts in this repo, the strong ones already follow this — `supply-chain-defense/scripts/preinstall-check.sh` is the canonical exemplar. --- ## 1. Directory roles ``` / ├── SKILL.md # prose: routing + 80/20 patterns + pointers ├── scripts/ # runnable code the agent executes rather than re-derives ├── references/ # deep docs loaded on demand (one concept per file) └── assets/ # templates, reference data, starter files to copy ``` | Resource | Ship one when… | |---|---| | `scripts/*` | The agent would re-derive the same logic every task, OR the invocation has >3 flags, OR it's a known-good decoder/validator/verifier | | `references/*.md` | A sub-topic is too long for the SKILL.md body (keep body < 500 lines); one concept per file, kebab-case, TOC if > 300 lines | | `assets/*` | A task needs a known-good scaffold — a config template, a starter schema, canonical lookup data | Every reference and asset MUST be cited from `SKILL.md` with enough context that the agent knows *when* to load it. An unreferenced resource is dead weight the router never finds. --- ## 2. The script contract (hard rules) A script under `scripts/` is an **agent-facing tool**. It MUST satisfy all of: 1. **Shebang + first-comment-block contract** (§3) — readable via `head -25`. 2. **`chmod +x`**, and the right extension (`.sh` bash, `.py` python3 — the agent reads the extension to know the runtime). 3. **`--help` / `-h`** → usage + options + an **EXAMPLES** section, exit 0, to stdout. 4. **Stream separation** (§4) — stdout is data only; everything else is stderr. 5. **Semantic exit codes** (§5) — distinct codes per failure class. 6. **Bash:** `set -uo pipefail` (use `-e` only when every failure is fatal), all expansions quoted. **Python:** passes `python -m py_compile`, `argparse` for args. 7. **Agent safety** (§6) — validate inputs; never `shell=True` with agent-supplied data. 8. **Cited from `SKILL.md`** with a complete worked invocation, not a bare path. Default to **stdlib + common shell tools** (`jq`, `git`, `curl`). Check optional tools with `command -v` and exit `5` (missing-dep) with an install hint, never a stack trace. --- ## 3. First-comment-block contract The first comment block is the script's machine-readable contract. The agent reads it with `head -25` before running. ```bash #!/usr/bin/env bash # # # Usage: