Skip to main content

An MCP server gatekeeper runtime that enforces step-by-step AI skill execution with output verification, ensuring stable and reliable agent workflows regardless of LLM compliance.

Project description

StepLock

PyPI version Python License: MIT

An MCP server gatekeeper runtime that enforces step-by-step AI skill execution with output verification.

AI agents skip steps. They mis-sequence workflows. They accept incorrect output and keep going. StepLock fixes that by sitting between your agent and its skill definitions — delivering one step at a time, requiring submitted output, and running verification scripts before advancing. Reliable, auditable execution regardless of LLM compliance.


How it works

Agent  ──►  StepLock (MCP)  ──►  Step 1 instruction
                │
         Agent submits output
                │
         Verification script runs
                │
         ✔ Pass → next step    ✗ Fail → guidance returned, agent retries

StepLock exposes four MCP tools to the agent:

Tool Purpose
list_skills Discover available skills by name and description
start_skill Begin execution — returns session ID, first step, and available helpers
submit_step_output Submit output for the current step and receive the next
run_helper_script Run a helper script declared on the current step

Quick start

VS Code / Copilot

Add to .vscode/mcp.json (workspace-scoped) or open MCP: Open User Configuration from the Command Palette:

{
  "servers": {
    "steplock": {
      "type": "stdio",
      "command": "uvx",
      "args": ["steplock"]
    }
  }
}

Verify the server is running: open Copilot Chat → Select tools → confirm list_skills, start_skill, submit_step_output, and run_helper_script are listed.


Defining a skill

my-skill/
├── SKILL.yaml
├── steps/
│   ├── step1.md
│   └── step2.md
└── scripts/
    ├── verify_step1.py
    └── get_context.py

SKILL.yaml

name: my-skill
description: When and why to use this skill.

steps:
  - id: step-1
    instruction: steps/step1.md     # file path or inline string
    verify: scripts/verify_step1.py # optional
    on_fail: retry                  # retry | abort (default: abort)
    helpers:                        # optional list of helper scripts
      - scripts/get_context.py

  - id: step-2
    instruction: steps/step2.md
    # no verify — output is accepted immediately

Verification scripts receive the agent's submitted output via stdin and exit with:

  • 0 — output accepted, execution advances
  • non-zero — output rejected; anything printed to stdout/stderr is returned to the agent as guidance

Helper scripts are utility scripts the agent can run during a step via run_helper_script to gather context or perform preparatory work. They are declared per-step with the helpers list and identified by filename without extension. They receive optional string arguments via sys.argv and return stdout, stderr, and exit_code.


Registering skills

StepLock discovers skills through registry files in two locations, merged together:

Registry Created automatically Purpose
~/.steplock/skills-registry.yaml Yes — on first run User-wide skills available in every project
./.steplock/skills-registry.yaml No Project-local skills, placed in the project root where the MCP server is running
# ~/.steplock/skills-registry.yaml  (or ./.steplock/skills-registry.yaml)
skills:
  - /home/user/my-skills/my-skill
  - /home/user/my-skills/another-skill

Each path must point to a directory containing a SKILL.yaml file. Filesystem paths are never exposed to the agent — only skill names.

If only the home-dir registry is needed, no project-level file is required. If a .steplock/skills-registry.yaml file is present in the working directory where the MCP server starts, its skills are automatically added to the available set.


Skill definition reference

Field Required Description
name Unique skill name exposed to the agent
description When and why the agent should use this skill
steps[].id Unique step identifier
steps[].instruction File path (relative to skill dir) or inline string
steps[].verify Path to a verification script
steps[].on_fail retry or abort (default: abort)
steps[].helpers List of helper script paths (relative to skill dir)

Backward compatibility: a single-step skill with no verify behaves identically to an Anthropic-model skill. Existing skills adopt with zero changes.


Development setup

git clone https://github.com/l0kifs/steplock-ai-skill-executor.git
cd steplock-ai-skill-executor
uv sync

Connect to VS Code / Copilot from a local checkout — add to .vscode/mcp.json:

{
  "servers": {
    "steplock": {
      "type": "stdio",
      "command": "uv",
      "args": ["run", "python", "-m", "steplock.entry_points.main"],
      "cwd": "${workspaceFolder}"
    }
  }
}

Run tests:

uv run pytest tests/e2e/ -v

Tests use an in-memory transport — no running server instance required.


Contributing

Bug reports and pull requests are welcome. Before opening a PR:

  1. Fork the repo and create a feature branch
  2. Run uv run pytest — all tests must pass
  3. Run uv run ruff check src/ — no lint errors
  4. Open a pull request with a clear description of the change

For larger features, open an issue first to discuss the approach.


License

MIT © Sergei Konovalov

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

steplock-0.2.1.tar.gz (11.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

steplock-0.2.1-py3-none-any.whl (18.5 kB view details)

Uploaded Python 3

File details

Details for the file steplock-0.2.1.tar.gz.

File metadata

  • Download URL: steplock-0.2.1.tar.gz
  • Upload date:
  • Size: 11.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for steplock-0.2.1.tar.gz
Algorithm Hash digest
SHA256 941f5b95528c4ba3a9853205da47ea0c5e6c18c7616fc00f1d297ba132bdc4b5
MD5 cf50d1614b2f0a18f7b7f1dcd8bdac85
BLAKE2b-256 762dd65522970fe6239f0fae933e996c699e8fe7c85eb1690d7efef8effd9f27

See more details on using hashes here.

Provenance

The following attestation bundles were made for steplock-0.2.1.tar.gz:

Publisher: publish-to-pypi.yml on l0kifs/steplock-ai-skill-executor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file steplock-0.2.1-py3-none-any.whl.

File metadata

  • Download URL: steplock-0.2.1-py3-none-any.whl
  • Upload date:
  • Size: 18.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for steplock-0.2.1-py3-none-any.whl
Algorithm Hash digest
SHA256 4a7f9e9f8c8ffe9e3e65543c9a679c16f8ac1c44ca19f00ca30ef5fa3d54f5db
MD5 4410f24291df5e99194acd197a3e8f7d
BLAKE2b-256 4374e12e04953546e9e442311cc2a0be025a66e0ea6cc3ebc47ea09189f22139

See more details on using hashes here.

Provenance

The following attestation bundles were made for steplock-0.2.1-py3-none-any.whl:

Publisher: publish-to-pypi.yml on l0kifs/steplock-ai-skill-executor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page