Discover
Listings, creator profiles, collections, discovery, and trust signals stay separate from package delivery.
Docs
Architecture
OlyWork is the secure install layer for AI capabilities.
How public discovery, protected package artifacts, buyer entitlements, and CLI install fit together.
Layers
Package registry
Products, manifests, versions, artifacts, sources, and install targets form the internal package registry.
DRM access
Access tokens are linked to one buyer entitlement and one product, then checked on every sync attempt.
Secure delivery
The Oly CLI calls `/api/v1/sync`; the API validates access and returns install payloads without source URLs.
MCP gateway
Premium MCP access can go through OlyWork proxy routes so creator runtime/source details stay hidden.
Universal capability model
Capability-first, not file-first
Every publish flow creates a capability package: public listing, product registry record, manifest, version, encrypted artifact, install target, compatibility metadata, and security metadata.
GitHub is source metadata
Private repositories can feed OlyWork server-side ingestion, but buyer delivery remains the sync API and Oly CLI. Raw source URLs are not part of public package contracts.
Type-specific systems
Skills
Skills store editor/context metadata: SKILL.md, AGENTS.md, Cursor rules, supported editors, context injection, token footprint, behavior tags, and model compatibility.
MCP packages
MCP packages track transport, protocol hints, tools, auth requirements, runtime requirements, install config, compatible clients, and future health checks.
Agents
Agents track prompts, tools, memory, orchestration model, supported providers, autonomous level, vector/runtime dependencies, and human approval mode.
Workflows
Workflows track graphs, triggers, scheduling, retry/state hints, integrations, execution runtime, event sources, and future visualization metadata.
Design principles
GitHub is a source, not the paid delivery layer
Creators can import from GitHub, but premium buyers install through OlyWork secure sync.
Stable buyer contract
The public buyer interface stays simple: get access, open Library, run `oly install <token>`.