cc @dsp @simonw @jspahrsummers

This PR addresses the non-deterministic tool selection problem that becomes critical as MCP tool registries scale beyond 50-100 definitions. The core insight: when tools have semantic overlap, LLMs choose inconsistently across invocations, not due to temperature, but attention mechanics over large, similar definitions.

The solution is a hierarchical composition system that reduces decision complexity at each level:

• Level 1 (Atomic): Single operations like web-search
• Level 2 (Composite): Combined operations like research = web-search + pdf-save
• Level 3 (Workflow): Orchestration with decision logic

This keeps tool sets small at each decision point, enables self-recursion for divide-and-conquer patterns, and propagates safety classifications (READ/WRITE/TRANSFORM) through the hierarchy.

Would welcome feedback on the architecture, particularly whether this aligns with where you see MCP tooling evolving.

cc @fabiopelosin - This PR directly addresses the concerns you raised in #11 ("Skill composition without context bloat").

How this PR maps to your proposal:

Additional features addressing your concerns:

1. Epistemic requirements - requires_source, requires_rationale prevent models from inventing data
2. Range constraints - range: [0, 1] for numeric outputs
3. Build-time validation - Catch composition errors before runtime

Showcase example: The trip-optimizer demonstrates all 3 levels with typed contracts.

Would welcome your feedback on whether this addresses your design questions, particularly around whether composition should be spec-level (as implemented here) vs runtime-only.

Community Validation: Related Issues in anthropics/skills

Researching the broader ecosystem, I found two open issues in anthropics/skills that validate the need for this PR:

anthropics/skills#150: Allow "dependencies" in skill metadata

"There's a discrepancy between documentation and implementation regarding skill dependencies... the validation script defines ALLOWED_PROPERTIES = {'name', 'description', 'license', 'allowed-tools', 'metadata'} - the 'dependencies' field is not included."

How this PR addresses it: Our composes field provides explicit dependency declarations with the additional benefit of static type checking across the composition chain.

anthropics/skills#132: Make skills spec future proof

"SKILLS should be defined as a contract, not an implementation... support query-based skill discovery for systems managing thousands of skills."

How this PR addresses it:

• Typed contracts: inputs/outputs with schemas define the skill's interface
• Hierarchical discovery: L1→L2→L3 levels enable filtering by composition tier
• Static validation: skills-ref typecheck validates contracts before runtime

These upstream issues demonstrate that the community is independently arriving at the same conclusions: skills need dependency management and typed contracts. This PR provides a concrete, backwards-compatible implementation.

cc @gattimassimo @rahimnathwani @omnisci3nce - Given your engagement with Issue #11, you may find this PR relevant.

TL;DR: This PR implements the composable skills architecture that @fabiopelosin described, with:

• Explicit composition: composes field declares skill dependencies
• Typed contracts: inputs/outputs with schemas (string, number, date, custom types)
• Static validation: skills-ref typecheck catches errors before runtime
• Epistemic requirements: requires_source, requires_rationale prevent hallucination

The trip-optimizer showcase demonstrates all 3 composition levels with 12 skills.

Would welcome your thoughts on whether this addresses the composition challenges you've encountered.

cc @elmariachi111 @remygendron - Your issues in anthropics/skills are directly relevant here:

@elmariachi111 (#150): You requested a dependencies field in skill metadata. This PR implements composes which provides exactly that, plus static type checking to validate the dependency chain:

composes:
  - web-search
  - pdf-save

@remygendron (#132): You proposed "SKILLS should be defined as a contract, not an implementation." This PR adds typed inputs/outputs that define the skill's contract:

inputs:
  - name: query
    type: string
    required: true
outputs:
  - name: answer
    type: string
    requires_source: true

The skills-ref typecheck command validates these contracts at build time, enabling the "query-based skill discovery" and "versioning for approval workflows" you described.

Would value your input on whether this approach addresses your use cases.

cc @Christian-Blank - Your work on task orchestration methodology articulates the same problem this PR addresses. Specifically, your principle:

"We automate what we can deterministically, use AI for bounded determinism, and keep humans for high-value judgment."

This PR implements that layered approach for skills:

Your event-sourcing pattern (.ledger.jsonl) and our typed inputs/outputs serve the same goal: making agent coordination auditable and reproducible.

Related industry validation: Salesforce's Agent Graph work calls this "guided determinism" - separating LLM reasoning from explicit choreography. Our composes field + type system achieves this at the skill level.

Would welcome your perspective on whether this aligns with the SyntropicSystems vision.

Alignment with @maheshmurag's Vision for Agent Skills

In his AI Engineer Summit talk and Anthropic engineering blog, Mahesh articulated core challenges this PR addresses:

Problems Identified by Mahesh

Key Quote

"Sorting a list via token generation is far more expensive than simply running a sorting algorithm."

This insight applies directly to skill composition: declaring dependencies statically (composes field) is more reliable than letting the LLM discover and select tools at runtime.

The "One Agent, Many Skills" Architecture

Mahesh advocates for "one universal agent powered by domain-specific skills" rather than multi-agent orchestration. Our hierarchical composition (L1 Atomic → L2 Composite → L3 Workflow) implements exactly this: a single agent selects high-level skills, and composition handles the rest deterministically.

What you're actually describing is MCPs executed in code

Skills inherently are of non-deterministic nature and through means of the sandbox environment they run in and the apis they expose via scripts, is what tightens that non-determinism

Hate to break it to you but this is too dense a PR where there already is a widely regarded solution to solve this problem:

https://www.anthropic.com/engineering/code-execution-with-mcp

That is where you should consider your efforts IMO

@numman-ali Is there an implementation of this pattern that you'd recommend?

Maybe one of these two?

• https://github.com/elusznik/mcp-server-code-execution-mode
• CloudFlare Agent SDK 'Code Mode': https://blog.cloudflare.com/code-mode/

@rahimnathwani I am still spending time deciding on an approach but at a minimum, any MCP I want to use, I simply extra the API commands I care about into a skill using skill-creator:
https://github.com/anthropics/skills/tree/main/skills/skill-creator

here are some additional links to explore:

https://github.com/steipete/mcporter

https://github.com/universal-tool-calling-protocol/code-mode

https://github.com/jx-codes/lootbox

If you tell me your use case, I can likely give better advice

Thanks for engaging, @numman-ali. Let me make sure I understand your position before responding:

Your argument (as I understand it):

1. Skills are "inherently non-deterministic" by nature
2. MCP code execution (sandbox + APIs) is the established solution
3. This PR is "too dense" given that solution exists

I appreciate the directness. Here's where I'd respectfully push back:

1. "Skills inherently are of non-deterministic nature": is this physics, or an arbitrary philosophical choice?

Barry Zhang (Anthropic, co-creator of Agent Skills) wrote in Making Peace with LLM Non-determinism:

"Reduce unnecessary non-determinism... Some examples are seeding, greedy sampling, and using more code components."

The skill-creator skill itself says:

"Low freedom (specific scripts, few parameters): Use when operations are fragile and error-prone, consistency is critical."

The question isn't whether skills CAN be non-deterministic; it's whether they SHOULD be for production workflows. This PR provides the "code components" Barry recommends, but at the composition layer.

2. MCP Code Execution has documented limitations

From Anthropic's engineering post and the a16z deep dive:

Static type checking at composition time catches errors BEFORE code generation, reducing the debugging burden.

3. This is fully optional and backwards-compatible

To be clear: this PR doesn't change how existing skills work. All new fields (level, operation, composes, inputs, outputs) are optional. Skills without these fields continue to function exactly as before.

This is an opt-in enhancement for teams who need deterministic composition. If your use case doesn't require it, you can ignore these features entirely. The spec explicitly states: "Teams can adopt composability incrementally."

4. This isn't just about client-side tool calling

You may be viewing this from the client perspective. But consider the gateway MCP pattern, which is increasingly common in production:

┌─────────────────────────────────────────────────────────────────┐
│                         HOST / CLIENT                           │
│  ┌─────────┐                                                    │
│  │   LLM   │  ◄── Needs typed skill contracts for reasoning     │
│  └────┬────┘                                                    │
│       │                                                         │
│       ▼                                                         │
│  ┌─────────────────┐                                            │
│  │  Gateway MCP    │  ◄── Aggregates tools, routes requests     │
│  │  (Proxy/Router) │      Needs composition graph for routing   │
│  └────┬───────────┬┘                                            │
│       │           │                                             │
│       ▼           ▼                                             │
│  ┌─────────┐ ┌─────────┐                                        │
│  │ MCP     │ │ MCP     │  ◄── May contain LLMs processing       │
│  │ Server A│ │ Server B│      requests internally               │
│  └─────────┘ └─────────┘                                        │
└─────────────────────────────────────────────────────────────────┘

Why gateways need typed composition:

Skill composability applies at every layer:

• Client-side: User's agent selecting skills
• Gateway: Routing and aggregating across MCP servers (mcp-proxy, pluggedin-mcp-proxy)
• Server-side: Internal LLM reasoning within each MCP server

A typed composition graph is a "mental model" LLMs can use at ALL these layers, not just a runtime constraint. Is it possible you're considering this only from the user/client side rather than more holistically?

5. Genuine question: What's the most complex production system you've built with MCP code execution?

I ask sincerely because I'd love to understand how you've achieved mission-critical reliability. Specifically:

• How many chained tool calls across multiple MCP servers?
• What's your error rate in production?
• How do you handle the debugging challenges a16z describes?

@rahimnathwani asked a similar question and you mentioned you're "still spending time deciding on an approach." That's fair; this is new territory. But that's precisely why exploring multiple approaches, including typed composition, benefits the community.

The core disagreement

If we accept that skills must be non-deterministic, we're making an arbitrary philosophical choice that limits what agents can reliably accomplish. The SyntropicSystems methodology captures this:

"We automate what we can deterministically, use AI for bounded determinism, and keep humans for high-value judgment."

This PR implements that layered approach as an optional extension. My mission is to solve for LLM reliability and efficiency by providing "mental models" that help LLMs reason better than their present "best efforts."

Dude @edu-ap sorry, but if you're going to reply with a wall of text it's obvious you're using a tonne of AI

You're not being thoughtful in your response - this is an open source protocol, people give their spare time to contribute

I read your first point and saw thats a blog post from April 2024, things change

Please come with a hand written response, based on your personal experience, and of real world user experience not copy paste of random facts

Thanks for the pushback, @numman-ali. Point taken on the HOW; but I'd argue it shouldn't distract from the WHAT.

I took a look at openskills; nice work on the universal CLI loader!

I see these as complementary: openskills solves distribution (getting skills to agents); this PR addresses composition (what skills contain and how they fit together). A typed composition graph could actually help loaders like openskills optimise what to load and when.

Would you consider opening PRs to agentskills for:

1. Directory structure conventions (references/, scripts/, assets/)
2. Progressive disclosure guidance in the spec

The format benefits from diverse perspectives. Your loader experience is valuable here.

@edu-ap so sorry, had to force push and this PR got auto-closed. You may need to rebase and re-push it, and link back to this for discussion. Apologies for the hassle!

No worries, it happens. I'll do that tomorrow 🙏🏼

@maheshmurag Following your note about the force push, I've rebased and opened a new PR:

→ PR #29: Quasi-deterministic LLM agents through composable skills with static type checking

All discussion from this PR is preserved here for reference. The new PR includes updated acknowledgements and links to community validation from related issues.

Thanks for the heads up!