Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions skills/agent-package-manager/SKILL.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,8 @@ metadata:
7. If the repository needs MCP discovery or selection, use `apm mcp list`, `apm mcp search <query>`, and `apm mcp show <server>` before editing MCP entries by hand.
8. If installation output reports collisions or skipped files, read `references/troubleshooting.md` before retrying with forceful options.
9. If the repository consumes packages from itself (self-referencing dependency), remind the user that changes must be committed and pushed before APM can fetch them. Read `references/troubleshooting.md` for the "Self-referencing dependencies" section.
10. Note that `apm install` scans packages for security threats before deployment, including hidden Unicode and content hash verification. If the scan raises warnings or blocks installation, address the flagged content rather than bypassing the check.
11. If the repository is in an organization that enforces `apm-policy.yml`, policy is applied at install time and can block transitive MCP servers or restrict dependency sources. If install is blocked by policy, inspect the policy file or contact the org administrator; do not attempt to bypass the enforcement.
10. Note that `apm install` scans packages for security threats before deployment, including hidden Unicode and content hash verification. It also blocks transitive MCP servers by default unless they are explicitly declared in `dependencies.mcp` or trusted; no opt-in is required. If the scan raises warnings or blocks installation, address the flagged content rather than bypassing the check.
11. If the repository is in an organization that enforces `apm-policy.yml`, policy is applied at install time and can add further restrictions on top of the default transitive MCP block, including restricting dependency sources. If install is blocked by policy, inspect the policy file or contact the org administrator; do not attempt to bypass the enforcement.

**Step 4: Compile and validate only when it adds value**
1. Read `references/command-workflows.md` before changing compilation strategy or target selection.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,12 @@ Operational consequences:

## Policy governance

`apm-policy.yml` is an optional file that applies install-time policy, including transitive MCP server gating. Inheritance flows enterprise → org → repo and is tighten-only (a downstream policy can only add restrictions, never relax them).
APM enforces two layers of MCP server security:

1. **Default behavior (no configuration needed):** `apm install` blocks transitive MCP servers by default — any MCP server introduced by a package dependency but not explicitly listed in `dependencies.mcp` is blocked before it reaches disk. No opt-in is required.
2. **Policy layer (optional, org-level):** `apm-policy.yml` can add further restrictions on top of the default block, such as limiting which MCP registries or dependency sources are allowed.

`apm-policy.yml` inheritance flows enterprise → org → repo and is tighten-only (a downstream policy can only add restrictions, never relax them).

Key points:
* Policy is enforced automatically at `apm install`; no extra command is needed.
Expand Down