stacklok / toolhive / 22226885244

push

github

Add OCI pull-based install flow for skills (#3898)

* Add OCI pull-based install flow for skills (#3650)

When the Install() Name field contains an OCI reference (detected by
the presence of '/', ':', or '@'), the service pulls the artifact from
the remote registry, extracts metadata and layer data, then feeds it
through the existing extraction pipeline.

The two-step detection uses a structural pre-check
(strings.ContainsAny) followed by go-containerregistry's
ParseReference to distinguish OCI references from plain skill names.
The character sets are provably disjoint since skill names only allow
lowercase alphanumeric and hyphens.

Security hardening:
- 5-minute context timeout on registry pulls
- Name mismatch between artifact config and OCI reference repository
  is a hard error (supply chain defense per Agent Skills spec)
- Compressed layer size limit (50MB) before loading into memory
- Layer media type validation (must be tar+gzip)
- ValidateSkillName on the config-extracted name
- All existing extraction protections apply (decompression bomb limit,
  path traversal, symlink rejection, permission sanitization)

Closes #3650

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Refine OCI install handling

Add OCI ref helper, clarify optional version, and document single-layer assumptions. Improve pull error status and cover oversized layers in tests.

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

116 of 148 new or added lines in 1 file covered. (78.38%)

46293 of 73737 relevant lines covered (62.78%)

76.2 hits per line