Show HN: GitAgent – An open standard that turns any Git repo into an AI agent

This seems very nice! Only downside is that the repo hadn't any updates in two weeks and they seem to have shifted development to 'Gitclaw' which is basically the same just with the shitty claw name - that gives one immediately security nightmare notions. For professional users not a good branding in my opinion.

The bottleneck isn't "how do I define my agent." It's "how do agents find the right tool for their task."

I run a search service that 110+ agents use. They don't browse catalogs or read specs. They describe what they need ("MCP server for Postgres") and expect results back immediately. The definition format matters far less than whether the description is good and whether something can find it.

SKILL.md, AGENTS.md, SOUL.md, they're all converging on the same idea. That's fine. But the portability win only kicks in once there's a discovery layer that can index all of them. Without that, these files are just README.md with a new name.

> Secret Management via .gitignore

> Agent tools that need API keys or credentials read from a local .env file — kept out of version control via .gitignore. Agent config is shareable, secrets stay local.

Amazing! Welcome to 2026, where the only thing standing between your plaintext secrets and the rest of the world is a .gitignore rule.

This is hope-based security.

Love the concept and agree it can become a thing. On the schema, not sure about skillflows, tools, knowledge, memory - those aren't much standardized today, but agree they help as additional primitives, and standardizing would help.

I built Agent Package Manager at Microsoft - wondering if it may supercharge GitAgents with dependency modules so that they can become composable, same as for classic software. Many common core ideas on the paradigm, curious on your take https://github.com/microsoft/apm

Similar idea (rooted on "agents as markdown") but on the outer loop is taking shape at GitHub with GitHub Agentic Workflows.

We do something similar at work, called metadev. It sits above all repos and git submodules othe repos in, and works with multiple changes with multiple sessions with worktrees, and stores long term knowledge in /learnings. Our trick has been to put domain specific prompts in the submodules, and developer process in metadev. Because of the way Claude hierarchically includes context, the top repo is not polluted with too much domain specifics.

The version control angle is interesting. One thing worth thinking about — SOUL.md and SKILL.md are essentially prompt injections by design. They define what the agent does. If the ecosystem grows to where people fork and share agent repos, those files become an attack surface that doesn't get the same review scrutiny as code.

Does GitAgent validate check prompt definitions for suspicious patterns? Instructions to access filesystems, exfiltrate env vars, call external endpoints? Seems like a natural extension if you're already running validation in CI.

I have attempted to read the documentation for this page and the post and I have no idea what this does. I use agents every day in my work and I don't know what this contributes other than adding a lot of noise to my repo.

8 frameworks except the only decent looking one (opencode) seems a very weird choice, especially as the claw naming is mentioned too much on this page to my liking (Which would be zero times). Also the choice of naming an agent prompt SOUL.md for any harness level stuff is just cringe, not sure if people understand that a SOUL.md is not just injected in context but used in post-training or similar more involved steps and part of the model at a much more fundamental level and this looks like trying to cosplay being serious AI tech when its just some cli.

wait I have a huge repo that's a platform for agents that acts as a firewall between agent actions and production systems. so you're saying I can have my agent platform be an agent on my agent platform?

The three-file split is a clean design — separating personality from capabilities from config mirrors how most frameworks model agents internally, which probably makes the export layer more natural. Curious how you handle the capability gap when exporting though: if I define a SKILL.md that relies on tool-use patterns CrewAI supports but Claude Code doesn't (or vice versa), does the export silently drop it, or does `gitagent validate` catch that mismatch? That's where I've found portability across frameworks gets genuinely hard — the abstractions don't line up 1:1. I've been working on related problems from the dependency-management angle (github.com/microsoft/apm), more about making agent configuration reproducible across a team than portable across frameworks, and the framework divergence keeps being the hardest part.

Interesting approach! I’m currently exploring the intersection of AI agents and server security. Seeing more 'active' agents that can interact with the environment rather than just suggesting code snippets is definitely where the industry is heading. Great job on this

The .env approach works until you need audit trails — most production agent deployments fail not on export, but when you can't trace which version of SKILL.md called which API key in staging vs prod. Consider that framework exporters (Claude→CrewAI translation) have to solve the tool schema impedance problem each time; a spec helps, but the real win is whether you're baking in observability hooks so agent decisions stay debuggable across runtimes. That's where most standards flatten out.

Protocols for agent interop are important, but beyond message passing you also need state coordination.

Two agents agreeing on a protocol doesn't prevent them from corrupting shared state through concurrent writes. You need an additional coordination layer — atomic propose/validate/commit — on top of whatever protocol you use.

We built this as a framework-agnostic layer supporting 14 frameworks including MCP and A2A: https://github.com/Jovancoding/Network-AI

Treating an agent as a versioned repo artifact is a neat idea, especially being able to diff prompt/behavior changes like normal code.

One thing I’m wondering,how opinionated is the spec about runtime execution? If the repo defines config + skills, does the adapter layer basically translate that into frameworks like LangChain or CrewAI at run time?

Feels similar to how container specs standardized deployment across runtimes. Curious how far you think the portability can realistically go given how quickly agent frameworks change.

The main problem I see with this is that it's too much data for the agent to hold on to.

I experimented with a similar git storage approach, but instead each piece of data is weighted based on importance and gets promoted or demoted in a queue.

The most important data gets surfaced every single time the agent replies, so it never leaves the context window.

Defining agents as files in a repo makes a lot of sense from a versioning and portability perspective.

Do you see this spec eventually supporting environments like Codex or VS Code–style agent integrations such as Antigravity as well?

we're talking about md files in a git repo, right?

What do we gain and lose by treating AI agents like software projects in Git?

Guys do check out https://registry.gitagent.sh - contribute your sharable agents here.

We built a very similar thing! Also with git, very nice- if you’re looking for an enterprise ready version of this, hit me up

Love to discuss and see how we can make this more standard

Made an agent for https://github.com/pageman/sutskever-30-implementations/ - it's in https://github.com/pageman/Sutskever-Agent - give it a try and star it please! :)

very cool. I think I use many of those patterns in my repos. But I think having more standardized way is interesting.I will see if I can fit it in at my project https://sublimated.com/ that also have some opinions how to make git even more agents friendly.

[dead]

[dead]

[dead]

[dead]

[dead]

[dead]

[dead]

[flagged]

[flagged]