@aion0/forge 0.10.85 → 0.10.87

package/RELEASE_NOTES.md

@@ -1,11 +1,14 @@
-# Forge v0.10.85
+# Forge v0.10.87
 
-Released: 2026-06-16
+Released: 2026-06-17
 
-## Changes since v0.10.84
+## Changes since v0.10.86
 
 ### Other
-- feat(home): three-pane Home view with web chat + activity rail
+- feat(pipeline): log attached skills in task init line
+- feat(skills): per-skill source badge in marketplace (#354)
+- feat(skills): multi-source sync + install (enterprise + public) — #354
+- feat(pipeline): workflow-level skills: field + template _skills auto-install
 
 
-**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.10.84...v0.10.85
+**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.10.86...v0.10.87

package/app/api/connectors/import-config-template/route.ts

@@ -219,6 +219,8 @@ async function apply(template: any, values: Record<string, string>): Promise<{
   fields_preserved: Array<{ connector: string; field: string; reason: string }>;
   fields_left_empty: Array<{ connector: string; field: string }>;
   agents_applied?: string[];
+  skills_installed?: string[];
+  skills_failed?: Array<{ name: string; error: string }>;
 }> {
   // Auto-inject user identity from settings so connectors (e.g. tp.username)
   // can use {user_name} / {user_email} without prompting the user again.
@@ -359,6 +361,30 @@ async function apply(template: any, values: Record<string, string>): Promise<{
     }
   }
 
+  // ─── _skills block — auto-install marketplace skills to global ─────
+  //
+  // Template declares `"_skills": ["prelude", ...]`. On apply we sync the
+  // marketplace registry once, then installGlobal each — so e.g. the fortinet
+  // template pulls prelude into ~/.claude/skills/ at setup time. installGlobal
+  // always resolves the registry's latest version, so "0.2.0 and later" tracks
+  // automatically. Failures are collected, never abort the rest of the apply.
+  const skillsInstalled: string[] = [];
+  const skillsFailed: Array<{ name: string; error: string }> = [];
+  const skillsList = Array.isArray((template as any)._skills) ? (template as any)._skills : [];
+  if (skillsList.length > 0) {
+    const { syncSkills, installGlobal } = await import('@/lib/skills');
+    // syncSkills populates the local skills DB that installGlobal reads from.
+    // If it fails (offline), installGlobal will likely fail too (it downloads
+    // files from GitHub) — that surfaces per-skill in skills_failed, never aborts.
+    try { await syncSkills(); } catch { /* non-fatal — per-skill install still attempted */ }
+    for (const raw of skillsList) {
+      const name = typeof raw === 'string' ? raw.trim() : '';
+      if (!name) continue;
+      try { await installGlobal(name); skillsInstalled.push(name); }
+      catch (e: any) { skillsFailed.push({ name, error: e?.message || String(e) }); }
+    }
+  }
+
   return {
     applied,
     installed_from_registry: installedFromRegistry,
@@ -367,6 +393,8 @@ async function apply(template: any, values: Record<string, string>): Promise<{
     fields_preserved: preserved,
     fields_left_empty: leftEmpty,
     agents_applied: agentsApplied,
+    skills_installed: skillsInstalled,
+    skills_failed: skillsFailed,
   };
 }
 

package/app/api/schedules/[id]/route.ts

@@ -116,29 +116,36 @@ export async function PATCH(req: Request, { params }: { params: Promise<{ id: st
     }
     patch.action_config = body.action_config;
   }
-  const effectiveActionKind = patch.action_kind ?? existing.action_kind;
-  const effectiveActionConfig = patch.action_config ?? existing.action_config ?? {};
-  if (effectiveActionKind === 'chat') {
-    const sid = typeof effectiveActionConfig.session_id === 'string' ? effectiveActionConfig.session_id.trim() : '';
-    if (!sid) return NextResponse.json({ error: 'action_kind=chat requires action_config.session_id' }, { status: 400 });
-  }
-  if (effectiveActionKind === 'email') {
-    const toRaw = effectiveActionConfig.to;
-    const to = Array.isArray(toRaw)
-      ? toRaw.filter((x) => typeof x === 'string' && x.trim())
-      : (typeof toRaw === 'string' && toRaw.trim() ? [toRaw] : []);
-    if (to.length === 0) {
-      return NextResponse.json({ error: 'action_kind=email requires action_config.to (recipient address or array)' }, { status: 400 });
+  // Cross-field validation runs ONLY for the section being patched.
+  // Toggling unrelated fields (e.g. `enabled` from the Pause/Resume button)
+  // must not re-validate sections the user isn't touching — a schedule with a
+  // pre-existing quirk in its action_config would otherwise refuse to pause.
+  if (patch.action_kind !== undefined || patch.action_config !== undefined) {
+    const effectiveActionKind = patch.action_kind ?? existing.action_kind;
+    const effectiveActionConfig = patch.action_config ?? existing.action_config ?? {};
+    if (effectiveActionKind === 'chat') {
+      const sid = typeof effectiveActionConfig.session_id === 'string' ? effectiveActionConfig.session_id.trim() : '';
+      if (!sid) return NextResponse.json({ error: 'action_kind=chat requires action_config.session_id' }, { status: 400 });
+    }
+    if (effectiveActionKind === 'email') {
+      const toRaw = effectiveActionConfig.to;
+      const to = Array.isArray(toRaw)
+        ? toRaw.filter((x) => typeof x === 'string' && x.trim())
+        : (typeof toRaw === 'string' && toRaw.trim() ? [toRaw] : []);
+      if (to.length === 0) {
+        return NextResponse.json({ error: 'action_kind=email requires action_config.to (recipient address or array)' }, { status: 400 });
+      }
     }
   }
 
-  // Cross-field consistency
-  const effectiveKind = patch.schedule_kind ?? existing.schedule_kind;
-  if (effectiveKind === 'cron' && !(patch.schedule_cron ?? existing.schedule_cron)) {
-    return NextResponse.json({ error: 'schedule_cron is required when schedule_kind=cron' }, { status: 400 });
-  }
-  if (effectiveKind === 'once' && !(patch.schedule_at ?? existing.schedule_at)) {
-    return NextResponse.json({ error: 'schedule_at is required when schedule_kind=once' }, { status: 400 });
+  if (patch.schedule_kind !== undefined || patch.schedule_cron !== undefined || patch.schedule_at !== undefined) {
+    const effectiveKind = patch.schedule_kind ?? existing.schedule_kind;
+    if (effectiveKind === 'cron' && !(patch.schedule_cron ?? existing.schedule_cron)) {
+      return NextResponse.json({ error: 'schedule_cron is required when schedule_kind=cron' }, { status: 400 });
+    }
+    if (effectiveKind === 'once' && !(patch.schedule_at ?? existing.schedule_at)) {
+      return NextResponse.json({ error: 'schedule_at is required when schedule_kind=once' }, { status: 400 });
+    }
   }
 
   updateSchedule(id, patch);

package/app/api/schedules/extract/route.ts

@@ -19,6 +19,8 @@ import { inferAdapter, pickApiKey, pickBaseUrl } from '@/lib/chat/agent-loop';
 import { makeAnthropicClient } from '@/lib/chat/llm/anthropic';
 import { listAgents } from '@/lib/agents';
 import { scanProjects } from '@/lib/projects';
+import { createOpenAI } from '@ai-sdk/openai';
+import { generateText } from 'ai';
 
 interface Extracted {
   name: string;
@@ -116,15 +118,9 @@ export async function POST(req: Request) {
     ? profiles[preferredId]
     : candidates[0]![1];
   const adapter = inferAdapter(profile.provider);
-  if (adapter !== 'anthropic') {
-    return NextResponse.json({
-      ok: false,
-      error: 'extractor currently supports anthropic profiles only (openai is a follow-up)',
-    }, { status: 400 });
-  }
   const apiKey = pickApiKey(profile, adapter);
   const baseUrl = pickBaseUrl(profile, adapter);
-  const model = profile.model || 'claude-sonnet-4-6';
+  const model = profile.model || (adapter === 'anthropic' ? 'claude-sonnet-4-6' : 'gpt-4o-mini');
 
   const cliAgents = listAgents().filter((a: any) => a.backendType !== 'api');
   const availableAgentIds = cliAgents.map((a: any) => a.id);
@@ -134,15 +130,26 @@ export async function POST(req: Request) {
 
   let raw = '';
   try {
-    const client = makeAnthropicClient(apiKey, baseUrl);
-    const resp = await client.messages.create({
-      model,
-      max_tokens: 1500,
-      system,
-      messages: [{ role: 'user', content: text }],
-    });
-    for (const block of resp.content) {
-      if (block.type === 'text') raw += block.text;
+    if (adapter === 'anthropic') {
+      const client = makeAnthropicClient(apiKey, baseUrl);
+      const resp = await client.messages.create({
+        model,
+        max_tokens: 1500,
+        system,
+        messages: [{ role: 'user', content: text }],
+      });
+      for (const block of resp.content) {
+        if (block.type === 'text') raw += block.text;
+      }
+    } else {
+      // OpenAI / OpenAI-compatible — non-streaming one-shot via @ai-sdk/openai.
+      const provider = createOpenAI({ apiKey, baseURL: baseUrl });
+      const resp = await generateText({
+        model: provider.chat(model),
+        system,
+        messages: [{ role: 'user', content: text }],
+      });
+      raw = resp.text;
     }
   } catch (e: any) {
     return NextResponse.json({

package/components/SchedulesView.tsx

@@ -145,11 +145,17 @@ export default function SchedulesView({ onViewPipeline }: Props) {
 
   async function togglePaused(s: Schedule) {
     try {
-      await fetch(`/api/schedules/${encodeURIComponent(s.id)}`, {
+      const res = await fetch(`/api/schedules/${encodeURIComponent(s.id)}`, {
         method: 'PATCH',
         headers: { 'Content-Type': 'application/json' },
         body: JSON.stringify({ enabled: !s.enabled }),
       });
+      if (!res.ok) {
+        // Surface backend validation errors — otherwise the button looks dead.
+        const body = await res.json().catch(() => ({}));
+        setErr(`Toggle failed (${res.status}): ${body?.error || res.statusText}`);
+        return;
+      }
       void refresh();
     } catch (e) { setErr(`Toggle failed: ${e instanceof Error ? e.message : String(e)}`); }
   }

package/components/SkillsPanel.tsx

@@ -26,6 +26,8 @@ interface Skill {
   installedProjects: string[];
   deletedRemotely: boolean;
   source?: 'registry' | 'local';
+  sourceId?: string;
+  isEnterprise?: boolean;
 }
 
 interface ProjectInfo {
@@ -584,6 +586,15 @@ export default function SkillsPanel({ projectFilter }: { projectFilter?: string
                 >
                   <div className="flex items-center gap-2">
                     <span className="text-[11px] font-semibold text-[var(--text-primary)] truncate flex-1">{skill.displayName}</span>
+                    {/* Source badge: enterprise skills (synced from an enterprise
+                        repo, winning over a same-name public skill) get a 🔒 chip
+                        with the tenant id; public skills stay unmarked. */}
+                    {skill.isEnterprise && (
+                      <span
+                        className="text-[8px] px-1 rounded font-medium bg-amber-500/20 text-amber-500 shrink-0"
+                        title={`Enterprise source: ${skill.sourceId?.replace(/^enterprise-/, '') || ''}`}
+                      >🔒 {skill.sourceId?.replace(/^enterprise-/, '') || 'enterprise'}</span>
+                    )}
                     <span className="text-[8px] text-[var(--text-secondary)] font-mono shrink-0">v{skill.version}</span>
                     {skill.rating > 0 && (
                       <span className="text-[8px] text-[var(--yellow)] shrink-0" title={`Rating: ${skill.rating}/5`}>

package/lib/pipeline.ts

@@ -10,8 +10,8 @@ import { existsSync, readdirSync, readFileSync, writeFileSync, mkdirSync, statSy
 import { execSync } from 'node:child_process';
 import { join } from 'node:path';
 import YAML from 'yaml';
-import { createTask, getTask, onTaskEvent, taskModelOverrides, taskAppendSystemPromptOverrides, cancelTask } from './task-manager';
-import { getProjectInfo, resolveOrCloneProject, getProjectWorktreeRoot, ensureScratchProject } from './projects';
+import { createTask, getTask, onTaskEvent, taskModelOverrides, taskAppendSystemPromptOverrides, taskSkillsOverrides, cancelTask } from './task-manager';
+import { getProjectInfo, resolveOrCloneProject, resolveProjectStrict, getProjectWorktreeRoot, ensureScratchProject } from './projects';
 import { loadSettings } from './settings';
 import { getAgent, listAgents } from './agents';
 import type { Task } from '../src/types';
@@ -172,6 +172,23 @@ export interface Workflow {
   /** Declares the pipeline pushes to git. Enables an up-front OTP/2FA preflight
    *  so a 2fa_verify wall aborts BEFORE any code work instead of at push time. */
   git_push?: boolean;
+  /** Declares the pipeline needs a real git checkout to operate (e.g. it will
+   *  cd into the project and run `git`, `glab`, build/test commands). When
+   *  true, startPipeline runs the strict resolver (resolveProjectStrict) and
+   *  aborts the whole run with a clear error if no project can be resolved —
+   *  instead of silently falling back to scratch, which causes downstream
+   *  shell nodes to crash with "fatal: not a git repository".
+   *
+   *  Default: false (preserves the scratch fallback for connector-only / chat
+   *  pipelines that don't touch a repo). */
+  requires_real_project?: boolean;
+  /** Skills auto-attached to every task this workflow spawns, declared in the
+   *  workflow YAML. Merged (deduped) with any skills the dispatching
+   *  Job/Schedule/chat passes at runtime — so a pipeline can carry a default
+   *  skill (e.g. prelude) regardless of how it's triggered, including manual
+   *  Fire which passes no opts.skills. Composed into each task's
+   *  --append-system-prompt via renderSkillsAppendPrompt + auto-installed. */
+  skills?: string[];
   /** Default execution backend for every node's task. 'tmux' runs interactive
    *  claude in a per-node tmux session (subscription billing); 'headless' /
    *  omitted uses default `claude -p`. Per-node `backend:` overrides this. */
@@ -517,6 +534,17 @@ export function parseWorkflow(raw: string): Workflow {
     for_each,
     conversation,
     backend: parsed.backend === 'tmux' || parsed.backend === 'headless' ? parsed.backend : undefined,
+    // Top-level boolean flag — must be explicitly passed through; the return is
+    // a literal, so any field omitted here is silently dropped from the parsed
+    // workflow. NOTE: `git_push` has the SAME latent issue (it's declared in
+    // the interface + read at startPipeline but never parsed here, so its OTP
+    // preflight has never actually fired). Left as-is on purpose: wiring it up
+    // would newly enable the preflight on existing fortinet pipelines, an
+    // unrelated behavior change that belongs in its own commit.
+    requires_real_project: parsed.requires_real_project === true,
+    skills: Array.isArray(parsed.skills)
+      ? parsed.skills.filter((s: any) => typeof s === 'string' && s.trim()).map((s: string) => s.trim())
+      : undefined,
   };
 }
 
@@ -1075,12 +1103,39 @@ export function startPipeline(
     nodes,
     nodeOrder,
     createdAt: new Date().toISOString(),
-    skills: opts.skills && opts.skills.length ? [...opts.skills] : undefined,
+    skills: (() => {
+      const merged = [...(workflow.skills || []), ...(opts.skills || [])];
+      return merged.length ? [...new Set(merged)] : undefined;
+    })(),
     // Runtime override (e.g. chat "use tmux") wins over the workflow's declared default.
     backend: opts.backend ?? workflow.backend,
     forEach: forEachState,
   };
 
+  // Strict project resolution — only for pipelines that declared they need a
+  // real git checkout. MUST run BEFORE ensurePipelineTmpDir: the lenient
+  // resolver inside that helper falls back to scratch (building tmp_dir in the
+  // wrong place) and downstream `git` / `glab` commands then crash with
+  // "fatal: not a git repository". The strict resolver instead clones/locates
+  // the real repo (or returns a structured error we surface here), and seeds
+  // input.project so the tmp_dir lands inside that repo.
+  if (workflow.requires_real_project) {
+    const r = resolveProjectStrict(input.project || '');
+    if ('error' in r) {
+      pipeline.status = 'failed';
+      pipeline.error = r.message;
+      pipeline.completedAt = new Date().toISOString();
+      savePipeline(pipeline);
+      finalizePipeline(pipeline);
+      return pipeline;
+    }
+    // Seed the resolved project name into input so ensurePipelineTmpDir and
+    // every node's lenient resolveOrCloneProject hit it immediately as
+    // 'existing' (no redundant scan/clone). pipeline.input === input here
+    // (same ref from construction), so an in-place mutation updates both.
+    if (r.project.name) input.project = r.project.name;
+  }
+
   ensurePipelineTmpDir(pipeline);
 
   // Git OTP/2FA preflight — abort the whole run up front so a push wall never
@@ -1232,7 +1287,10 @@ function scheduleNextConversationTurn(pipeline: Pipeline, contextForAgent: strin
   pipelineTaskIds.add(task.id);
   {
     const skillsAppend = renderSkillsAppendPrompt(pipeline.skills);
-    if (skillsAppend) taskAppendSystemPromptOverrides.set(task.id, skillsAppend);
+    if (skillsAppend) {
+      taskAppendSystemPromptOverrides.set(task.id, skillsAppend);
+      taskSkillsOverrides.set(task.id, pipeline.skills!);
+    }
   }
 
   // Add pending message
@@ -2115,6 +2173,7 @@ async function scheduleReadyNodes(pipeline: Pipeline, workflow: Workflow) {
     const skillsAppend = renderSkillsAppendPrompt(pipeline.skills);
     if (skillsAppend) {
       taskAppendSystemPromptOverrides.set(task.id, skillsAppend);
+      taskSkillsOverrides.set(task.id, pipeline.skills!);
     }
     // Pipeline tasks use the same model selection as normal tasks
     // (per-task override > agent scene model > agent default).

package/lib/projects.ts

@@ -1,4 +1,4 @@
-import { readdirSync, existsSync, statSync, readFileSync, mkdirSync, writeFileSync } from 'node:fs';
+import { readdirSync, existsSync, statSync, readFileSync, mkdirSync, writeFileSync, accessSync, constants as fsConstants } from 'node:fs';
 import { execSync } from 'node:child_process';
 import { join, resolve, isAbsolute, parse } from 'node:path';
 import { homedir } from 'node:os';
@@ -231,6 +231,159 @@ export interface ResolveResult {
   clone_url?: string;
 }
 
+// ─── Container mode + auto-root ───────────────────────────────────
+
+const CONTAINER_DEFAULT_ROOT = '/data/project';
+
+/** True when Forge is running inside a Docker/container deployment.
+ *  Two-channel detection (per user choice C):
+ *    1. FORGE_CONTAINER=1 env var (set by entrypoint)
+ *    2. /data/project exists AND is writable (probe; covers ad-hoc mounts)
+ *  Either signal is enough. */
+export function detectContainerMode(): boolean {
+  if (process.env.FORGE_CONTAINER === '1') return true;
+  try {
+    accessSync(CONTAINER_DEFAULT_ROOT, fsConstants.W_OK);
+    return true;
+  } catch { return false; }
+}
+
+/** In container mode, register `/data/project` as a project root if no roots
+ *  are configured yet. Idempotent: returns the path that was added (or
+ *  already present), or null when we're not in container mode / the path
+ *  isn't writable. Auto-add (user choice 3) so subsequent runs use it without
+ *  re-triggering this path.
+ *
+ *  Persists to settings so the path also appears in Settings → Projects. */
+export function ensureContainerRoot(): string | null {
+  if (!detectContainerMode()) return null;
+  try {
+    mkdirSync(CONTAINER_DEFAULT_ROOT, { recursive: true });
+    accessSync(CONTAINER_DEFAULT_ROOT, fsConstants.W_OK);
+  } catch { return null; }
+  const settings = loadSettings();
+  const roots = settings.projectRoots || [];
+  if (roots.includes(CONTAINER_DEFAULT_ROOT)) return CONTAINER_DEFAULT_ROOT;
+  settings.projectRoots = [...roots, CONTAINER_DEFAULT_ROOT];
+  saveSettings(settings);
+  invalidateProjectScan();
+  return CONTAINER_DEFAULT_ROOT;
+}
+
+// ─── Strict resolver (for pipelines that declare requires_real_project) ───
+
+export type StrictResolveError =
+  | 'no_repo_specified'
+  | 'clone_failed';
+
+export interface StrictResolveResult {
+  project: LocalProject;
+  source: 'existing' | 'gitlab-cloned';
+  clone_url?: string;
+}
+
+/**
+ * Strict project resolver — used by pipelines that declare
+ * `requires_real_project: true`. Differs from resolveOrCloneProject in that
+ * it NEVER falls back to scratch; on any failure it returns a structured
+ * error so the caller (startPipeline) can abort the run with a clear message
+ * instead of letting git commands inside the task crash with
+ * "fatal: not a git repository".
+ *
+ * Flow (matches the user's spec):
+ *   1. Existing project by name / owner-repo / fuzzy → use it
+ *   2. Otherwise figure out the target repo URL:
+ *      - input name contains '/' → treat as owner/repo
+ *      - else gitlab connector default_project_path
+ *      - else → error('no_repo_specified')
+ *   3. Re-scan locally for a checkout whose origin matches the target → use it
+ *   4. Clone via tryGitlabClone — writes to the Forge-managed cache
+ *      (<dataDir>/cloned-projects), which is ALWAYS writable and does NOT
+ *      need a configured projectRoot. We best-effort register the container
+ *      root (/data/project) so manually-placed checkouts there get scanned,
+ *      but never block the clone on it.
+ *      - gitlab connector missing → error('no_repo_specified')
+ *      - clone failed → error('clone_failed')
+ */
+export function resolveProjectStrict(name: string | undefined): StrictResolveResult | { error: StrictResolveError; message: string } {
+  const trimmed = (name || '').trim();
+
+  // Step 1: existing match — reuse the lenient resolver's match logic by
+  // delegating, but discard its scratch fallback.
+  if (trimmed) {
+    const hit = getProjectInfo(trimmed);
+    if (hit) return { project: hit, source: 'existing' };
+
+    const projects = scanProjects();
+    if (trimmed.includes('/')) {
+      const want = normalizeRepoPath(trimmed) || trimmed.toLowerCase().replace(/^\/+|\/+$/g, '');
+      const wantBase = want.split('/').pop()!;
+      const byRepo = projects.filter((p) => p.repo && p.repo === want);
+      if (byRepo.length === 1) return { project: byRepo[0], source: 'existing' };
+      const byRepoBase = projects.filter((p) => p.repo && p.repo.split('/').pop() === wantBase);
+      if (byRepoBase.length === 1) return { project: byRepoBase[0], source: 'existing' };
+    }
+    const base = trimmed.split('/').pop()!.trim();
+    const ownerRepo = trimmed.replace(/\//g, '-');
+    const cands = projects.filter((p) =>
+      p.name === base || p.name === ownerRepo || p.name.toLowerCase() === base.toLowerCase());
+    if (cands.length === 1) return { project: cands[0], source: 'existing' };
+  }
+
+  // Step 2: derive target repo path
+  const gl = readGitlabConnector();
+  const targetPath = trimmed && trimmed.includes('/')
+    ? trimmed
+    : (gl?.default_project_path || '').trim();
+  if (!targetPath) {
+    return {
+      error: 'no_repo_specified',
+      message: trimmed
+        ? `Could not resolve project "${trimmed}". Pass an owner/repo path, or set GitLab connector's default_project_path.`
+        : 'No repository specified. Set `project: owner/repo` in pipeline input, or set GitLab connector\'s default_project_path.',
+    };
+  }
+
+  // Step 3: scan locally by origin remote
+  if (gl) {
+    const projects = scanProjects();
+    const want = normalizeRepoPath(targetPath) || targetPath.toLowerCase().replace(/^\/+|\/+$/g, '');
+    const wantBase = want.split('/').pop()!;
+    const localHit =
+      projects.find((p) => p.repo && p.repo === want) ||
+      projects.find((p) => p.repo && p.repo.split('/').pop() === wantBase) ||
+      projects.find((p) => p.name.toLowerCase() === wantBase.toLowerCase());
+    if (localHit) return { project: localHit, source: 'existing' };
+  }
+
+  // Step 4: clone. tryGitlabClone writes to <dataDir>/cloned-projects (always
+  // writable) — it does NOT use projectRoots, so there's no "no project root"
+  // failure here: as long as the gitlab connector is configured, a clone has
+  // somewhere to land. Best-effort register the container root so manual
+  // checkouts under /data/project are discoverable on the next scan; ignore
+  // its result — it must never block the clone.
+  ensureContainerRoot();
+
+  if (!gl) {
+    return {
+      error: 'no_repo_specified',
+      message: `GitLab connector is not configured; cannot clone "${targetPath}". Install + configure the GitLab connector first.`,
+    };
+  }
+  const cloned = tryGitlabClone(targetPath);
+  if (!cloned) {
+    return {
+      error: 'clone_failed',
+      message: `Failed to clone ${gl.base_url}/${targetPath}. Check GitLab connectivity, credentials, and that the path exists.`,
+    };
+  }
+  return {
+    project: cloned,
+    source: 'gitlab-cloned',
+    clone_url: `${gl.base_url}/${targetPath.replace(/^\/+|\/+$/g, '')}.git`,
+  };
+}
+
 /**
  * Pick a writable directory to clone into, in priority order:
  *   1. settings.projectRoots[0] — what the user already trusts

package/lib/skills.ts

@@ -9,6 +9,7 @@ import { getDb } from '../src/core/db/database';
 import { getDbPath } from '../src/config';
 import { loadSettings } from './settings';
 import { getClaudeDir } from './dirs';
+import { listSources, fetchSourceFile, type SourceMeta } from './connectors/sync';
 
 type ItemType = 'skill' | 'command';
 
@@ -30,6 +31,11 @@ interface SkillItem {
   deletedRemotely: boolean;
   /** 'registry' (synced from forge-skills) or 'local' (uploaded). */
   source: 'registry' | 'local';
+  /** Which marketplace source the registry row came from: 'public' or an
+   *  'enterprise-<tenant>' id. Lets the UI show a per-skill source badge. */
+  sourceId: string;
+  /** True when sourceId is an enterprise source (for the 🔒 badge). */
+  isEnterprise: boolean;
 }
 
 function db() {
@@ -49,6 +55,40 @@ function getRepoInfo(): { owner: string; repo: string; branch: string } {
   return { owner: 'aiwatching', repo: 'forge-skills', branch: 'main' };
 }
 
+// ─── Multi-source (#354) ──────────────────────────────────────
+//
+// Skills sync from the same source set as connectors: enterprise sources
+// (by priority) layered OVER the public marketplace. We reuse the connector
+// module's SourceMeta + fetchSourceFile (it already handles raw vs github_api
+// + private-repo PAT auth), but the PUBLIC source must point at forge-skills,
+// not forge-connectors — so we take the enterprise entries from listSources()
+// and swap in the skills public base.
+
+/** Ordered skill sources, highest priority first, public last. */
+function listSkillSources(): SourceMeta[] {
+  const enterprise = listSources().filter((s) => s.is_enterprise);
+  const publicSrc: SourceMeta = {
+    id: 'public',
+    display_name: 'Public',
+    is_enterprise: false,
+    priority: enterprise.length,
+    fetch_mode: 'raw',
+    base_url: getBaseUrl(),
+  };
+  return [...enterprise, publicSrc];
+}
+
+function sourceById(id: string): SourceMeta | undefined {
+  return listSkillSources().find((s) => s.id === id);
+}
+
+/** "owner/repo" for a source — for the source_repo DB column. */
+function sourceRepoOf(s: SourceMeta): string {
+  if (s.is_enterprise) return (s.repo_url || '').replace(/^github\.com\//, '');
+  const r = getRepoInfo();
+  return `${r.owner}/${r.repo}`;
+}
+
 function compareVersions(a: string, b: string): number {
   const pa = (a || '0.0.0').split('.').map(Number);
   const pb = (b || '0.0.0').split('.').map(Number);
@@ -64,85 +104,112 @@ function compareVersions(a: string, b: string): number {
 /** Max info.json enrichments per sync (incremental) */
 const ENRICH_BATCH_SIZE = 10;
 
+function parseRegistryItems(data: any): any[] {
+  if (data && data.version === 2) {
+    return [
+      ...(data.skills || []).map((s: any) => ({ ...s, type: s.type || 'skill' })),
+      ...(data.commands || []).map((c: any) => ({ ...c, type: c.type || 'command' })),
+    ];
+  }
+  return (data?.skills || []).map((s: any) => ({ ...s, type: s.type || 'skill' }));
+}
+
 export async function syncSkills(): Promise<{ synced: number; enriched: number; total?: number; remaining?: number; error?: string }> {
   console.log('[skills] Syncing from registry...');
   const baseUrl = getBaseUrl();
+  const cacheBust = `_t=${Date.now()}`;
 
   try {
-    // Step 1: Fetch registry.json (always fresh)
-    const controller = new AbortController();
-    const timeout = setTimeout(() => controller.abort(), 10000);
-    const cacheBust = `_t=${Date.now()}`;
-    const res = await fetch(`${baseUrl}/registry.json?${cacheBust}`, {
-      signal: controller.signal,
-      headers: { 'Accept': 'application/json', 'Cache-Control': 'no-cache' },
-    });
-    clearTimeout(timeout);
-
-    if (!res.ok) return { synced: 0, enriched: 0, error: `Registry fetch failed: ${res.status}` };
+    // Step 1+2: fetch + upsert from EVERY source. Process lowest-priority
+    // first (public), then enterprise — so an enterprise skill of the same
+    // name overwrites the public one on INSERT OR REPLACE (enterprise wins,
+    // matching connector/pipeline precedence). Each row records which source
+    // it came from so installGlobal knows where (and with what auth) to pull.
+    const ordered = [...listSkillSources()].reverse(); // public → … → highest enterprise
 
-    const data = await res.json();
-
-    // Parse registry items (v1 + v2 support)
-    let rawItems: any[] = [];
-    if (data.version === 2) {
-      rawItems = [
-        ...(data.skills || []).map((s: any) => ({ ...s, type: s.type || 'skill' })),
-        ...(data.commands || []).map((c: any) => ({ ...c, type: c.type || 'command' })),
-      ];
-    } else {
-      rawItems = (data.skills || []).map((s: any) => ({ ...s, type: s.type || 'command' }));
-    }
-
-    // Step 2: Upsert all items from registry.json directly (fast, no extra fetch)
     const upsertStmt = db().prepare(`
-      INSERT OR REPLACE INTO skills (name, type, display_name, description, author, version, tags, score, rating, source_url, archive, synced_at,
+      INSERT OR REPLACE INTO skills (name, type, display_name, description, author, version, tags, score, rating, source_url, archive,
+        source_id, source_repo, source_branch, synced_at,
         installed_global, installed_projects, installed_version)
       VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
+        ?, ?, ?,
         COALESCE((SELECT synced_at FROM skills WHERE name = ?), datetime('now')),
         COALESCE((SELECT installed_global FROM skills WHERE name = ?), 0),
         COALESCE((SELECT installed_projects FROM skills WHERE name = ?), '[]'),
         COALESCE((SELECT installed_version FROM skills WHERE name = ?), ''))
     `);
 
-    const tx = db().transaction(() => {
-      for (const s of rawItems) {
-        upsertStmt.run(
-          s.name || '', s.type || 'skill',
-          s.display_name || '', s.description || '',
-          (s.author?.name || s.author || '').toString(), s.version || '',
-          JSON.stringify(s.tags || []),
-          s.score ?? 0, s.rating ?? 0, s.source?.url || s.source_url || '',
-          '', // archive
-          s.name || '', s.name || '', s.name || '', s.name || ''
-        );
+    const registryNames = new Set<string>();
+    const sourceErrors: string[] = [];
+    let syncedTotal = 0;
+    let anyOk = false;
+
+    for (const source of ordered) {
+      let items: any[];
+      try {
+        // fetchSourceFile busts cache internally (raw appends ?_t, github_api
+        // appends &_t) — pass the bare path so we don't double the query string.
+        const text = await fetchSourceFile(source, 'registry.json');
+        items = parseRegistryItems(JSON.parse(text));
+      } catch (e) {
+        // One source down (offline / PAT issue) must not wipe the others.
+        sourceErrors.push(`${source.id}: ${e instanceof Error ? e.message : String(e)}`);
+        continue;
       }
-    });
-    tx();
-
-    // Step 3: Handle items no longer in registry
-    // Skip 'local'-source rows entirely — they were uploaded by the
-    // user via /api/skills/install-local and have no upstream
-    // counterpart, so absence from registry.json is expected.
-    const registryNames = new Set(rawItems.map((s: any) => s.name));
-    const dbItems = db().prepare('SELECT name, installed_global, installed_projects, source FROM skills').all() as any[];
-    for (const row of dbItems) {
-      if (row.source === 'local') continue;
-      if (!registryNames.has(row.name)) {
-        const hasLocal = !!row.installed_global || JSON.parse(row.installed_projects || '[]').length > 0;
-        if (hasLocal) {
-          db().prepare('UPDATE skills SET deleted_remotely = 1 WHERE name = ?').run(row.name);
-        } else {
-          db().prepare('DELETE FROM skills WHERE name = ?').run(row.name);
+      anyOk = true;
+      const repo = sourceRepoOf(source);
+      const branch = source.is_enterprise ? 'main' : getRepoInfo().branch;
+      const tx = db().transaction(() => {
+        for (const s of items) {
+          if (!s.name) continue;
+          upsertStmt.run(
+            s.name, s.type || 'skill',
+            s.display_name || '', s.description || '',
+            (s.author?.name || s.author || '').toString(), s.version || '',
+            JSON.stringify(s.tags || []),
+            s.score ?? 0, s.rating ?? 0, s.source?.url || s.source_url || '',
+            '', // archive
+            source.id, repo, branch,
+            s.name, s.name, s.name, s.name
+          );
+          registryNames.add(s.name);
+        }
+      });
+      tx();
+      syncedTotal += items.length;
+    }
+
+    if (!anyOk) {
+      // Every source failed (typically offline) — leave the DB untouched.
+      return { synced: 0, enriched: 0, error: sourceErrors.join('; ') || 'all sources unreachable' };
+    }
+
+    // Step 3: prune items no longer in ANY registry — but ONLY when every
+    // source synced cleanly. If an enterprise source was transiently down,
+    // skipping this avoids wrongly deleting its (still-valid) skills.
+    // 'local'-source rows are never pruned (user uploads, no upstream).
+    if (sourceErrors.length === 0) {
+      const dbItems = db().prepare('SELECT name, installed_global, installed_projects, source FROM skills').all() as any[];
+      for (const row of dbItems) {
+        if (row.source === 'local') continue;
+        if (!registryNames.has(row.name)) {
+          const hasLocal = !!row.installed_global || JSON.parse(row.installed_projects || '[]').length > 0;
+          if (hasLocal) {
+            db().prepare('UPDATE skills SET deleted_remotely = 1 WHERE name = ?').run(row.name);
+          } else {
+            db().prepare('DELETE FROM skills WHERE name = ?').run(row.name);
+          }
         }
       }
     }
 
-    // Step 4: Incremental enrichment — fetch info.json for oldest-synced items
-    // Pick items whose synced_at is oldest (or version changed since last enrich)
+    // Step 4: Incremental enrichment from info.json — PUBLIC source only.
+    // Enterprise registry.json entries are authored in full (version, tags,
+    // description), so they need no enrichment; and their info.json lives in a
+    // private repo that the plain fetch() below can't read anyway.
     const staleItems = db().prepare(`
       SELECT name, type, version FROM skills
-      WHERE deleted_remotely = 0
+      WHERE deleted_remotely = 0 AND source_id = 'public'
       ORDER BY synced_at ASC
       LIMIT ?
     `).all(ENRICH_BATCH_SIZE) as any[];
@@ -190,8 +257,16 @@ export async function syncSkills(): Promise<{ synced: number; enriched: number;
 
     const totalCount = (db().prepare('SELECT count(*) as c FROM skills WHERE deleted_remotely = 0').get() as any).c;
     const remaining = totalCount - ENRICH_BATCH_SIZE; // approximate items not yet enriched this round
-    console.log(`[skills] Synced ${rawItems.length} items, enriched ${enriched}/${staleItems.length} from info.json`);
-    return { synced: rawItems.length, enriched, total: totalCount, remaining: Math.max(0, remaining) };
+    console.log(`[skills] Synced ${syncedTotal} items across ${ordered.length} source(s), enriched ${enriched}/${staleItems.length} from info.json`);
+    return {
+      synced: syncedTotal,
+      enriched,
+      total: totalCount,
+      remaining: Math.max(0, remaining),
+      // Surface a partial-failure note (e.g. one enterprise source down) while
+      // still reporting success for the sources that did sync.
+      error: sourceErrors.length ? `partial: ${sourceErrors.join('; ')}` : undefined,
+    };
   } catch (e) {
     const msg = e instanceof Error ? e.message : String(e);
     // Corp networks routinely can't reach GitHub raw — this is expected
@@ -226,6 +301,8 @@ export function listSkills(): SkillItem[] {
       hasUpdate: isInstalled && !!registryVersion && !!installedVersion && compareVersions(registryVersion, installedVersion) > 0,
       deletedRemotely: !!r.deleted_remotely,
       source: r.source === 'local' ? 'local' : 'registry',
+      sourceId: r.source_id || 'public',
+      isEnterprise: typeof r.source_id === 'string' && r.source_id.startsWith('enterprise-'),
     };
   });
 }
@@ -269,6 +346,59 @@ async function downloadFile(url: string): Promise<string> {
   return res.text();
 }
 
+/** Recursively list a directory in a private enterprise repo via the GitHub
+ *  contents API (PAT-authenticated). Returns repo-relative file paths. */
+async function listEnterpriseDir(source: SourceMeta, dirPath: string): Promise<string[]> {
+  const repo = (source.repo_url || '').replace(/^github\.com\//, '');
+  const out: string[] = [];
+  async function recurse(path: string): Promise<void> {
+    const url = `https://api.github.com/repos/${repo}/contents/${path}?ref=main`;
+    const res = await fetch(url, {
+      headers: {
+        Authorization: `Bearer ${source.github_pat}`,
+        Accept: 'application/vnd.github.v3+json',
+        'User-Agent': 'forge-skills-sync/1.0',
+      },
+    });
+    if (!res.ok) return;
+    const items = await res.json();
+    if (!Array.isArray(items)) return;
+    for (const it of items) {
+      if (it.type === 'file') out.push(it.path);
+      else if (it.type === 'dir') await recurse(it.path);
+    }
+  }
+  await recurse(dirPath);
+  return out;
+}
+
+/** Source-aware fetch of all files for a skill/command. Public skills use the
+ *  unauthenticated GitHub contents API; enterprise skills list + download via
+ *  the recorded source's PAT (private repos). Returns local-relative paths. */
+async function fetchSkillFiles(name: string, type: ItemType, sourceId: string): Promise<{ path: string; content: string }[]> {
+  const source = sourceById(sourceId);
+  // Public (or a source no longer configured) → legacy unauthenticated path.
+  if (!source || !source.is_enterprise) {
+    const files = await listRepoFiles(name, type);
+    const out: { path: string; content: string }[] = [];
+    for (const f of files) out.push({ path: f.path, content: await downloadFile(f.download_url) });
+    return out;
+  }
+  // Enterprise → private repo: list with PAT, fetch each via fetchSourceFile.
+  const dirs = type === 'skill' ? ['skills', 'commands'] : ['commands', 'skills'];
+  for (const dir of dirs) {
+    const repoPaths = await listEnterpriseDir(source, `${dir}/${name}`);
+    if (repoPaths.length === 0) continue;
+    const stripRe = new RegExp(`^${dir}/${name}/`);
+    const out: { path: string; content: string }[] = [];
+    for (const p of repoPaths) {
+      out.push({ path: p.replace(stripRe, ''), content: await fetchSourceFile(source, p) });
+    }
+    return out;
+  }
+  return [];
+}
+
 // ─── Install ─────────────────────────────────────────────────
 
 function getClaudeHome(): string {
@@ -290,15 +420,14 @@ export async function installGlobal(name: string): Promise<void> {
   const subdir = type === 'skill' ? 'skills' : 'commands';
   const targetDir = join(claudeHome, subdir, name);
 
-  const files = await listRepoFiles(name, type);
+  const files = await fetchSkillFiles(name, type, skill.source_id || 'public');
   if (files.length === 0) throw new Error(`No files found for ${name}`);
 
   mkdirSync(targetDir, { recursive: true });
   for (const f of files) {
-    const content = await downloadFile(f.download_url);
     const targetPath = join(targetDir, f.path);
     mkdirSync(dirname(targetPath), { recursive: true });
-    writeFileSync(targetPath, content);
+    writeFileSync(targetPath, f.content);
   }
 
   // Update installed state
@@ -333,15 +462,14 @@ export async function installProject(name: string, projectPath: string): Promise
   const subdir = type === 'skill' ? 'skills' : 'commands';
   const targetDir = join(projectPath, '.claude', subdir, name);
 
-  const files = await listRepoFiles(name, type);
+  const files = await fetchSkillFiles(name, type, skill.source_id || 'public');
   if (files.length === 0) throw new Error(`No files found for ${name}`);
 
   mkdirSync(targetDir, { recursive: true });
   for (const f of files) {
-    const content = await downloadFile(f.download_url);
     const targetPath = join(targetDir, f.path);
     mkdirSync(dirname(targetPath), { recursive: true });
-    writeFileSync(targetPath, content);
+    writeFileSync(targetPath, f.content);
   }
 
   // Update installed state

package/lib/task-manager.ts

@@ -69,6 +69,19 @@ export const taskModelOverrides = new Map<string, string>();
  */
 export const taskAppendSystemPromptOverrides = new Map<string, string>();
 
+/**
+ * Skill names attached to a task (parallel to the append-system-prompt
+ * override above). Purely for observability — surfaced in the task's
+ * init log so a pipeline run shows which skills it loaded.
+ */
+export const taskSkillsOverrides = new Map<string, string[]>();
+
+/** ` | Skills: a, b` for the init log, or '' when none attached. */
+function skillsLogSuffix(taskId: string): string {
+  const s = taskSkillsOverrides.get(taskId);
+  return s && s.length ? ` | Skills: ${s.join(', ')}` : '';
+}
+
 // ─── CRUD ────────────────────────────────────────────────────
 
 export function createTask(opts: {
@@ -538,7 +551,7 @@ function executeTmuxBackendTask(task: Task): Promise<void> {
 
   updateTaskStatus(task.id, 'running');
   db().prepare('UPDATE tasks SET started_at = datetime(\'now\') WHERE id = ?').run(task.id);
-  appendLog(task.id, { type: 'system', subtype: 'init', content: `Agent: ${(task as any).agent || 'claude'} | Backend: tmux`, timestamp: new Date().toISOString() });
+  appendLog(task.id, { type: 'system', subtype: 'init', content: `Agent: ${(task as any).agent || 'claude'} | Backend: tmux${skillsLogSuffix(task.id)}`, timestamp: new Date().toISOString() });
 
   return executeTmuxTask(task, {
     appendLog: (entry) => appendLog(task.id, entry),
@@ -670,7 +683,7 @@ function executeTask(task: Task): Promise<void> {
     console.log(`[task] ${task.projectName} [${agentName}${supportsModel && model ? '/' + model : ''}]: "${task.prompt.slice(0, 60)}..."`);
 
     // Log agent info as first entry
-    appendLog(task.id, { type: 'system', subtype: 'init', content: `Agent: ${agentName}${supportsModel && model && model !== 'default' ? ` | Model: ${model}` : ''}`, timestamp: new Date().toISOString() });
+    appendLog(task.id, { type: 'system', subtype: 'init', content: `Agent: ${agentName}${supportsModel && model && model !== 'default' ? ` | Model: ${model}` : ''}${skillsLogSuffix(task.id)}`, timestamp: new Date().toISOString() });
 
     const needsTTY = adapter.config.capabilities?.requiresTTY;
     let child: any;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aion0/forge",
-  "version": "0.10.85",
+  "version": "0.10.87",
   "description": "Unified AI workflow platform — multi-model task orchestration, persistent sessions, web terminal, remote access",
   "type": "module",
   "scripts": {

package/src/core/db/database.ts

@@ -246,6 +246,13 @@ function initSchema(db: Database.Database) {
   // Local skills are kept across syncs (they're not in the remote registry,
   // so the deleted_remotely housekeeping would otherwise wipe them).
   migrate("ALTER TABLE skills ADD COLUMN source TEXT NOT NULL DEFAULT 'registry'");
+  // Multi-source skill sync (#354): which marketplace source a registry skill
+  // came from, so installGlobal knows where (and with what auth) to fetch its
+  // files. 'public' = the public forge-skills repo; otherwise an enterprise
+  // tenant_id. source_repo is "owner/repo", source_branch the ref.
+  migrate("ALTER TABLE skills ADD COLUMN source_id TEXT NOT NULL DEFAULT 'public'");
+  migrate("ALTER TABLE skills ADD COLUMN source_repo TEXT NOT NULL DEFAULT ''");
+  migrate("ALTER TABLE skills ADD COLUMN source_branch TEXT NOT NULL DEFAULT 'main'");
   migrate('ALTER TABLE project_pipelines ADD COLUMN last_run_at TEXT');
   migrate('ALTER TABLE pipeline_runs ADD COLUMN dedup_key TEXT');
   migrate("ALTER TABLE tasks ADD COLUMN agent TEXT DEFAULT 'claude'");