Skip to main content

An MCP server gatekeeper runtime that enforces step-by-step AI skill execution with output verification, ensuring stable and reliable agent workflows regardless of LLM compliance.

Project description

StepLock

PyPI version Python License: MIT

An MCP server gatekeeper runtime that enforces step-by-step AI skill execution with output verification.

AI agents skip steps. They mis-sequence workflows. They accept incorrect output and keep going. StepLock fixes that by sitting between your agent and its skill definitions — delivering one step at a time, requiring submitted output, and running verification scripts before advancing. Reliable, auditable execution regardless of LLM compliance.


How it works

Agent  ──►  StepLock (MCP)  ──►  Step 1 instruction
                │
         Agent submits output
                │
         Verification script runs
                │
         ✔ Pass → next step    ✗ Fail → guidance returned, agent retries

StepLock exposes four MCP tools to the agent:

Tool Purpose
list_skills Discover available skills by name and description
start_skill Begin execution — returns session ID, first step, and available helpers
submit_step_output Submit output for the current step and receive the next
run_helper_script Run a helper script declared on the current step

Quick start

VS Code / Copilot

Add to .vscode/mcp.json (workspace-scoped) or open MCP: Open User Configuration from the Command Palette:

{
  "servers": {
    "steplock": {
      "type": "stdio",
      "command": "uvx",
      "args": ["steplock"]
    }
  }
}

Verify the server is running: open Copilot Chat → Select tools → confirm list_skills, start_skill, submit_step_output, and run_helper_script are listed.


Defining a skill

my-skill/
├── SKILL.yaml
├── steps/
│   ├── step1.md
│   └── step2.md
└── scripts/
    ├── verify_step1.py
    └── get_context.py

SKILL.yaml

name: my-skill
description: When and why to use this skill.

steps:
  - id: step-1
    instruction: steps/step1.md     # file path or inline string
    verify: scripts/verify_step1.py # optional
    on_fail: retry                  # retry | abort (default: abort)
    helpers:                        # optional list of helper scripts
      - scripts/get_context.py

  - id: step-2
    instruction: steps/step2.md
    # no verify — output is accepted immediately

Verification scripts receive the agent's submitted output via stdin and exit with:

  • 0 — output accepted, execution advances
  • non-zero — output rejected; anything printed to stdout/stderr is returned to the agent as guidance

Helper scripts are utility scripts the agent can run during a step via run_helper_script to gather context or perform preparatory work. They are declared per-step with the helpers list and identified by filename without extension. They receive optional string arguments via sys.argv and return stdout, stderr, and exit_code.


Registering skills

StepLock discovers skills through registry files in two locations, merged together:

Registry Created automatically Purpose
~/.steplock/skills-registry.yaml Yes — on first run User-wide skills available in every project
./.steplock/skills-registry.yaml No Project-local skills, placed in the project root where the MCP server is running
# ~/.steplock/skills-registry.yaml  (or ./.steplock/skills-registry.yaml)
skills:
  - /home/user/my-skills/my-skill
  - /home/user/my-skills/another-skill

Each path must point to a directory containing a SKILL.yaml file. Filesystem paths are never exposed to the agent — only skill names.

If only the home-dir registry is needed, no project-level file is required. If a .steplock/skills-registry.yaml file is present in the working directory where the MCP server starts, its skills are automatically added to the available set.


Skill definition reference

Field Required Description
name Unique skill name exposed to the agent
description When and why the agent should use this skill
steps[].id Unique step identifier
steps[].instruction File path (relative to skill dir) or inline string
steps[].verify Path to a verification script
steps[].on_fail retry or abort (default: abort)
steps[].helpers List of helper script paths (relative to skill dir)

Backward compatibility: a single-step skill with no verify behaves identically to an Anthropic-model skill. Existing skills adopt with zero changes.


Development setup

git clone https://github.com/l0kifs/steplock-ai-skill-executor.git
cd steplock-ai-skill-executor
uv sync

Connect to VS Code / Copilot from a local checkout — add to .vscode/mcp.json:

{
  "servers": {
    "steplock": {
      "type": "stdio",
      "command": "uv",
      "args": ["run", "python", "-m", "steplock.entry_points.main"],
      "cwd": "${workspaceFolder}"
    }
  }
}

Run tests:

uv run pytest tests/e2e/ -v

Tests use an in-memory transport — no running server instance required.


Contributing

Bug reports and pull requests are welcome. Before opening a PR:

  1. Fork the repo and create a feature branch
  2. Run uv run pytest — all tests must pass
  3. Run uv run ruff check src/ — no lint errors
  4. Open a pull request with a clear description of the change

For larger features, open an issue first to discuss the approach.


License

MIT © Sergei Konovalov

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

steplock-0.2.0.tar.gz (11.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

steplock-0.2.0-py3-none-any.whl (18.3 kB view details)

Uploaded Python 3

File details

Details for the file steplock-0.2.0.tar.gz.

File metadata

  • Download URL: steplock-0.2.0.tar.gz
  • Upload date:
  • Size: 11.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for steplock-0.2.0.tar.gz
Algorithm Hash digest
SHA256 ba63038e44103d0f0b5e972cce22d691f4e64fdce3eae7991b6de1e557e3fc16
MD5 b6cd970f6f9f699c0fb81f207b210e93
BLAKE2b-256 6c02dbdea46e8d00a9a62661992abbf407d4e2bf390670b5a599de1a50d4b932

See more details on using hashes here.

Provenance

The following attestation bundles were made for steplock-0.2.0.tar.gz:

Publisher: publish-to-pypi.yml on l0kifs/steplock-ai-skill-executor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file steplock-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: steplock-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 18.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for steplock-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 87846880b323c65959ea4151c065058f46fb356be57a54e6c61ec07ec34bfbff
MD5 44dcbf80dd37ef9cdea1e0a0a843e7cf
BLAKE2b-256 59462dfffda754aa6a6afb9b6a76af9e426400b0aed7f2d711db87d61ec0158d

See more details on using hashes here.

Provenance

The following attestation bundles were made for steplock-0.2.0-py3-none-any.whl:

Publisher: publish-to-pypi.yml on l0kifs/steplock-ai-skill-executor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page