Skip to main content

Documentation Index

Fetch the complete documentation index at: https://agentvolumes.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Agent Volumes Organization logo banner Agent Volumes defines a runtime-neutral packaging and distribution standard for AI agent components. AI agent runtimes — Claude Code, Codex, Gemini CLI, Cursor, and others — increasingly rely on skills, tools, hooks, MCP servers, and LSP servers to extend their capabilities. Agent Volumes gives those components a shared package format, identity model, versioning model, and verification path. Use the version selector to jump to a published release archive, or use this page to understand the standard before browsing the current release candidate. Release-specific reference pages live under immutable /spec/<version>/... archive paths.

Release archives

Open the archive index for release evidence, citations, and historical lookup.

Latest release

Browse the current non-draft archive for Agent Volumes v0.1.0-rc.1.

Quickstart

Create your first volume and understand the validation path before publishing.

Implementers guide

Map the v0.1.0-rc.1 artifacts to client, bibliotheca, validator, and exporter work.

Contributor guide

Route specification feedback, pull requests, security reports, and community conduct concerns.

Registry API

Read the current Registry API orientation, then follow the frozen release archive for details.

What Agent Volumes is

Agent Volumes functions analogously to established package ecosystems such as npm for JavaScript, PyPI for Python, and crates.io for Rust. The difference is that instead of packaging libraries or binaries, you package agent components — the skills, tools, agents, hooks, commands, MCP servers, and LSP servers that run inside AI agent runtimes. The distribution unit is a volume: a versioned package that usually exports agent components, or that can bundle dependencies without mandatory components when it uses role = "meta". Registries that host and serve volumes are called bibliothecas. You interact with them using compatible client tooling such as the shelf CLI. 
shelf add research-agent-pack

The three problems Agent Volumes solves

Fragmentation

Each runtime defines its own component layout. Developers rewrite the same skill, tool, or MCP server for every runtime they want to support. Agent Volumes gives you one package format that compatible runtimes can consume.

No supply chain identity

Agent components have no standard identifier, versioning model, or provenance chain. Organizations cannot audit what runs inside their agent systems. Agent Volumes assigns every volume and component a globally unique, purl-compatible identifier.

No shared trust model

Without content integrity verification or publisher identity, every installation is an implicit trust decision with no revocation or advisory mechanism. Agent Volumes treats supply chain integrity as a first-class concern.

Key terminology

TermDescription
Agent VolumesThis specification. The open standard for packaging and distributing AI agent components.
VolumeThe distribution unit. A versioned package that usually exports agent components, or a dependency bundle when role = "meta". Analogous to an npm package or Python wheel.
BibliothecaA registry that indexes, hosts, and serves volumes. Analogous to npmjs.com or PyPI.
volume.tomlThe package manifest file. Declares the volume’s metadata, components, dependencies, and compatibility. Analogous to package.json or Cargo.toml.
pkg:volume/…The purl-compatible identifier scheme for volumes and components. For example: pkg:volume/research-agent-pack@1.4.0.

The seven component types

Volumes that export components use one or more of seven component types:

Agent

An autonomous runtime actor with a system prompt, tool bindings, and the ability to make multi-step decisions independently.

Skill

Instructional knowledge loaded into an agent’s context. Teaches the runtime how to perform a specific task without executing code directly.

Command

A user-invokable slash command, such as /review. Triggered explicitly by the user, not called programmatically by the agent.

Tool

A function-call endpoint the agent calls programmatically during task execution. Has defined inputs and outputs and is stateless per invocation.

Hook

A lifecycle event handler triggered automatically by the runtime at specific points, such as PreToolUse, SessionStart, or FileChanged.

MCP Server

A service endpoint implementing the Model Context Protocol. Runs as a long-running process communicating over stdio, SSE, or streamable HTTP.

LSP Server

A service endpoint implementing the Language Server Protocol. Provides code intelligence for language-aware runtime operations.
For full semantics, invocation rules, and entrypoint formats for each type, see Component Types.

Release and archive routes

  • /spec/latest/ and /spec/current/ redirect to the latest non-draft release archive.
  • The current non-draft release archive is /spec/0.1.0-rc.1/.
  • The archive selector is /spec/.
  • Older non-draft release archives remain reachable after newer releases are published.
  • Use versioned archive pages as durable citation targets. /spec/latest/ and /spec/current/ are convenience aliases only.

Implementation projects

The shelf CLI is the reference client implementation maintained by Windlass. It is intended to demonstrate the Agent Volumes client contract, including publishing volumes, resolving dependencies, verifying content integrity, and managing trust metadata. The Alexandria bibliotheca is the reference registry implementation, also maintained by Windlass. It is intended to demonstrate the Agent Volumes Registry API, including package operations, version discovery, trust upload, and capability metadata endpoints.
shelf and Alexandria are downstream implementation projects, not governance artifacts of the Agent Volumes Organization. They demonstrate the specification in practice but do not define it.
Agent Volumes builds on and integrates with established standards rather than reinventing them:
StandardRelationship
Package URL (purl)Volume identifiers are purl-compatible using the volume type.
Semantic Versioning 2.0.0All volume versions follow SemVer.
CycloneDXThe normative BOM exchange format for Agent Volumes interoperability.
SLSAThe baseline provenance model for publish and verification workflows.
SigstoreThe baseline trust mechanism for signing and verifying provenance-attached artifacts.
Model Context Protocol (MCP)MCP Server is a first-class component type; protocol compatibility declarations reference MCP versions.
Language Server Protocol (LSP)LSP Server is a first-class component type.
Agent Skills SpecificationSkill component entrypoints follow the Agent Skills SKILL.md format. volume.toml is a package-level addition, not a replacement.

Explore the current documentation

Core concepts

Understand volumes, component types, bibliothecas, and the identity scheme.

Manifest reference

Read the frozen volume.toml manifest reference for v0.1.0-rc.1.

Implementers guide

Build an experimental client, bibliotheca, validator, exporter, or runtime adapter from the canonical artifacts.

Contributors

Learn how to propose specification changes, route issues, report vulnerabilities, and participate respectfully.

Component types

Learn about agents, skills, commands, tools, hooks, MCP servers, and LSP servers in the release archive.

Conformance

Use the archived fixture corpus and role-scoped requirements without treating them as certification.