Introduction#

What is AgentPM™ and how it fits into your agent stack.

What is AgentPM™?#

AgentPM is the package layer for agent systems: a spec, a registry, a CLI, and SDKs that make tool, skill, knowledge, agent, and template packages portable across runtimes and host languages.

  • The spec (agent.json). A single manifest format for executable tool artifacts, procedural skill artifacts, prepared Knowledge artifacts, compositional agent artifacts, and reusable template artifacts.
  • The package manager & registry. Publish signed package artifacts and install them deterministically with integrity and provenance.
  • The CLI. agentpm init/lint/login/publish/install/new/whoami; verify and eval coming soon.
  • SDKs (Node & Python). Load tools by name/version, or load installed agents, skills, and Knowledge packages as inspectable metadata plus resolved package refs. Tools execute in a managed subprocess (with timeouts, env, and resource limits), so there’s no lock-in and no in-process dependency tangle.

Why AgentPM?#

Because agent systems need reusable, versioned building blocks they can trust across stacks and languages. AgentPM gives you:

  • tool artifacts for executable capabilities,
  • skill artifacts for reusable operational know-how,
  • Knowledge artifacts for prepared context and retrieval corpora,
  • agent artifacts for portable composition,
  • deterministic installs with provenance, and
  • adapters/SDKs so one package can move across different agent runtimes and host languages without hand-rolled glue.

Key features#

  • agent.json spec for kind: "tool", kind: "skill", kind: "knowledge", kind: "agent", and kind: "template".
  • Language-agnostic packaging. Write tools in Node or Python and call them from either SDK.
  • Agent package install + load. Install published agent packages and inspect their resolved tool references from the SDKs.
  • Load → callable. SDKs turn a tool into a function you can hand to your agent (or call directly).
  • Deterministic installs. Versioned artifacts with declared runtime requirements and required environment variables—making agent deployments repeatable.
  • Security & provenance. Checksums and signing surfaced in CLI/registry.
  • Namespaces & scopes. Public and private namespaces with tokens/MFA.
  • Modern search & discovery. Registry search and package pages span tools, skills, Knowledge packages, agents, templates, and namespaces.
  • Current dependency model. Agents can resolve tools, skills, and knowledge; skills can resolve tools; templates can reference tools, agents, skills, and knowledge. memory and profiles remain reserved for future package kinds.
  • Verify (coming soon). Manifest-driven contract tests (schema conformance, example runs, invariants, portability matrix, and SLOs). Produces a signed report that gates publish.
  • Evals (coming soon). Scenario-level scorecards (accuracy/robustness/latency/cost) that complement verify; results appear on the registry for transparent comparison.

Artifact kinds#

  • Tool artifact. Executable package with entrypoint, runtime, inputs/outputs, and packaged files. Tools are what the SDKs actually invoke.
  • Skill artifact. Procedural package with a primary SKILL.md entrypoint plus optional references, scripts, and descriptive compatibility metadata.
  • Knowledge artifact. Prepared context package for direct context injection or local vector retrieval, depending on knowledge.mode.
  • Agent artifact. Composition package that captures tool dependencies, example prompts, and package metadata for a reusable agent definition.
  • Template packages. Publishable package kinds for reusable workflow starters.

Install the CLI#

macOS & Linux#

Homebrew
brew tap agentpm-dev/tap
brew install agentpm

Windows#

Scoop
scoop bucket add agentpm https://github.com/agentpm-dev/scoop-bucket
scoop install agentpm
Open-source first

The core of AgentPM—the spec, CLI, and SDKs—is open source. Many tools will be open source too, but you can also publish closed-source tools to the public registry (users can install and run them) and to private namespaces for your account or org. The goal is simple: make trustworthy, reusable tools discoverable—OSS or proprietary.