# AutoVault Quick Start Install AutoVault, verify the local vault, add a local signed skill bundle, sync profiles, and run it from an agent. ## Install ```bash npm install -g @autoworks-ai/autovault curl -fsSL https://autovault.sh | sh brew install autoworks-ai/tap/autovault autovault skill list ``` Any of the three channels works: npm publishes the same release as @autoworks-ai/autovault for Node 24+ environments, the Homebrew tap is convenient for macOS workstations, and the installer script additionally provisions ~/.autovault end-to-end. Installer and setup flows preserve the vault as user-owned storage and bootstrap bundled skills unless AUTOVAULT_NO_BOOTSTRAP=1 is set. The current public package is v0.4.0; AutoVault remains pre-1.0. ## Agent-assisted setup Give Claude Code this prompt when you want the agent to install its own bootstrap skill after review: ```text Fetch https://autovault.dev/skill.md, show me what it will do, install it into ~/.claude/skills/autovault-bootstrap/SKILL.md if approved, then run /autovault-bootstrap. ``` The skill is opt-in. It stages the installer for inspection, asks before shell execution, then runs doctor and profile sync after approval. ## Run the setup wizard ```bash autovault setup --review ``` The setup wizard scans the vault, bundled skills, and any native agent skill roots it discovers (~/.claude/skills, ~/.codex/skills, ~/.cursor/skills), then asks per skill how to adopt it: `augment` (default, leaves native dirs in place and refreshes profile symlinks), `backup` (moves the native dir to .bak before admitting bytes — the typical "import my existing skills" choice), or `in-place` (admits bytes and replaces the native dir with a symlink — destructive). Re-run any time. If you installed AutoVault via Claude Code or another agent's shell tool, the install ran without a TTY and the wizard was skipped — open a real terminal and run `autovault setup` to finish onboarding. See Troubleshooting if your existing ~/.claude/skills did not import; picking `backup` (not the default `augment`) is the common fix. ## Verify ```bash autovault doctor ``` Doctor confirms the binary, vault folder, signing key, bundled skill index, and discovered agent profiles. ## Add a skill source ```bash autovault add ./skills/skill-author --sync-profiles --yes autovault add ~/.agents/skills/copilot-review --source local --sync-profiles --yes autovault add autoworks-ai/autovault:skills/skill-author/SKILL.md --sync-profiles --yes autovault add https://example.com/SKILL.md --source url --no-sync-profiles --yes ``` `autovault add` hands local paths, GitHub identifiers or URLs, agentskills slugs, and direct `SKILL.md` URLs to the same gate used by MCP install paths: frontmatter repair, schema validation, denylist scan, capability/behavior check, deduplication, and Ed25519 signing. Pass `--source local` when a path needs explicit local-source provenance and `--agent` when a remote skill does not declare target agents. ## Vault anatomy The vault is a normal ~/.autovault folder. The current implementation layout includes config.toml, autovault.sqlite, .signing-key.json, source skills under skills/, .autovault-source.json, .autovault-manifest, rendered variants, profiles/, and optional profiles.config.json. Agent profiles read generated files from the vault rather than maintaining hand-edited forks. ## Scope and run ```bash autovault sync-profiles --discover autovault skill search code-review --top-k 5 ``` Profile policy decides which agents, named profiles, tags, and profile links can load a signed skill. The skill name stays stable while transforms render caller-specific tool names. ## Remove a skill ```bash autovault remove skill-author --json ``` Use `autovault remove ` to delete a vaulted skill, delete its vault-local transforms, and prune AutoVault-managed profile symlinks; native host root discovery is on by default, `--no-discover` skips discovered roots, and `--link agent=/path` targets a custom root.