Skill Fabric Introduction
Define a capability once. Reuse it everywhere. Prove it every time.
Agents orchestrate business work; skills are the governed capability contracts they call — typed inputs and outputs, an evidence schema, source-system dependencies, policy boundaries, and deterministic execution. Business logic lives in one inspectable place instead of being copy-pasted into every agent, so the same capability stays consistent, governed, and replayable across missions.
Why this matters
Without a skill fabric
- Every agent re-implements the same logic: duplicate detection, tolerance checks, policy lookups
- Logic drifts — two agents reach different verdicts on the same invoice
- No shared contract; inputs, outputs, and evidence differ per agent
- Hard to audit: which version of the rule ran, and on what evidence?
With Skill Fabric
- Each capability is defined once as a governed contract and reused by every agent
- One shared deterministic core — the agent and the skill cannot disagree
- Typed inputs and outputs, an evidence schema, and an autonomy ceiling on every skill
- Every execution is replayable with its policy, evidence, and outcome
What Skill Fabric means
A skill is not just a prompt or one Python function. In Sphere, a skill is a governed capability contract that agents can invoke and supervisors can inspect.
Business contract
- Skill ID and name
- Mission and domain
- Roles and triggers
- Ontology objects such as invoice, PO, journal, or customer
Execution contract
- Required inputs
- Required outputs
- Output schema
- Deterministic executor or generic executor category
Assurance contract
- Evidence requirements
- SOR/API/table dependencies
- Autonomy ceiling
- Policy sensitivity and lifecycle stage
Live proof — this skill ran when the page loaded
An introduction is only credible if the capability it describes actually runs. The block below is the real, deterministic output of the duplicate-invoice skill against a worked example — not a screenshot.
How the skill infrastructure is structured
Example: Duplicate Invoice Detection Agent and duplicate invoice skill
The important design choice is that the agent and the skill are not pretending to be the same object. They are two governed runtime surfaces over one shared deterministic matcher. The agent does not copy matching logic, and the skill is no longer a count/amount stub.
| Layer | Concrete object | Connection | Credibility proof |
|---|---|---|---|
| Business agent | iaf-duplicate-leakage-agentDuplicateLeakageAgent | Runs in the governed agent runtime, loads invoice/vendor/payment context, applies policy and HITL boundaries. | Registered as Duplicate Invoice Detection Agent, implemented by iris_sor.agents.duplicate_leakage_agent, L3 autonomy with duplicate/payment policies. |
| Skill Fabric skill | finance.p2p.duplicate_invoice_detection | Runs through SkillFabricService.execute_skill() and returns schema-bound duplicate outputs to any agent or UI flow. | Skill registry names the same business capability, binds iaf-duplicate-leakage-agent, declares deterministic evidence, AL-3 ceiling, and package path finance/p2p/duplicate_invoice_detection. |
| Shared matcher | duplicate_invoice_matcher.py | The agent delegates pair scoring to score_invoice_pair(); the skill delegates candidate generation and summary to find_duplicate_invoice_candidates() and summarize_duplicate_candidates(). | One deterministic source of truth prevents agent/skill drift and returns matched IDs, matched fields, risk level, exposure, confidence, and recommended action. |
| Runtime runner | AgentRunner._invoke_skill() | Generic runtime paths can invoke the skill directly when duplicate observations are produced outside the dedicated agent lifecycle. | The skill still uses the same matcher and emits evidence hash/replay-ready outputs, so the result is auditable even when the full agent class is not instantiated. |
Before
- Skill was a stub: flagged duplicates only if the caller already passed a non-zero count
- Returned ad-hoc keys that did not match its own declared output schema
- Robust matching lived only inside the agent — the skill and agent could drift
After
- Skill performs real pairwise vendor-grouped matching and honours its output + evidence schema
- Agent and skill both delegate to one shared matcher (duplicate_invoice_matcher.py)
- Output is contract-bound: matched IDs, matched fields, risk level, exposure, evidence hash
| Runtime part | Concrete implementation | What it proves |
|---|---|---|
| Domain agent | DuplicateLeakageAgent | Loads business context and participates in governed agent runtime. |
| Reusable skill | finance.p2p.duplicate_invoice_detection | Exposes duplicate matching as an inspectable, schema-bound skill. |
| Shared logic | duplicate_invoice_matcher.py | Keeps agent and skill scoring consistent. |
| Returned proof | matched_invoice_ids, matched_fields, duplicate_risk_level, total_exposure | Shows why the case was flagged and what evidence supports it. |
How to add or modify a skill
Add a skill
- Create config/skills/<domain>/<mission>/<skill_name>/skill.yaml
- Add SKILL.md and role_variants/default.md
- Register the skill in skill_registry.yaml
- Wire executor or select a generic category executor
- Complete SOR/API/table/permission binding in skill_source_dependency_matrix.yaml
Modify a skill
- Contract or schema change: edit skill.yaml and tests
- Discovery change: edit skill_registry.yaml
- Behavior change: update executor or shared deterministic service
- Role wording change: edit role variants
- Source binding change: update dependency matrix and keep candidate-only until BP validates
What BP can inspect live
Registry and package
Open the skill contract to inspect mission, roles, triggers, inputs, outputs, package path, role variants, owner, autonomy, and evidence requirements.
Dependency workbench
Open the Skill Fabric admin page to see local SOR/FIM-ready mappings, BP production validation fields, permission class, and exportable workshop matrix.
Execution replay
Run the duplicate skill sample to see structured duplicate candidates, matched fields, matched invoice IDs, evidence hash, and execution telemetry.