Skip to main content

What a Bundle Is

A skill bundle is a self contained directory that a miner unpacks, analyses, and (for runtime types) detonates in a sandbox. The validator dispatches the bundle bytes plus a nonce. The miner extracts the bundle, runs their pipeline against it, and returns an SSSA. For all types the validator delivers the bundle as gzipped tar bytes inside the PhylaxSynapse.bundle field, with PhylaxSynapse.bundle_sha256 carrying the hash.

Common Conventions

FileRequired forWhat it carries
manifest.json or manifest.yamlAll typesSkill metadata: name, version, declared capabilities, entry point
README.mdOptionalOperator documentation. Not used by analysis.
LICENSEOptionalLicense text
All other files are skill type specific. The miner must accept arbitrary nested directory structure and not assume any particular layout beyond the manifest.

rag_knowledge Bundles

ContentsNotes
docs/*.md, docs/*.txt, docs/*.jsonlThe corpus to scan
embeddings.npzOptional pre computed embeddings
manifest.jsonDeclares document encoding and retrieval interface
Canary handling: the validator may inject a marker into one of the documents. The marker is a hidden instruction encoded per the task’s canary_spec. The miner must detect and flag it.

declarative Bundles

ContentsNotes
prompt.txtThe instructions
manifest.jsonDeclares agent role, allowed tools
The bundle is small (often under a few KB). No file tree of meaningful depth. Canary handling: a hidden instruction may be appended or interpolated. The miner must detect it.

executable_python Bundles

ContentsNotes
src/<package>/*.pySource tree
pyproject.toml or setup.pyPackage metadata
requirements.txt or pyproject.toml depsDependency list
manifest.jsonDeclares entry point function and signature
The manifest must point at an entry point: a module path plus a function name. The miner calls that function inside the sandbox.

executable_script Bundles

ContentsNotes
*.sh filesScripts to analyse and run
manifest.jsonDeclares the entry script
Scripts are run with /bin/bash (or sh if the manifest declares it).

mcp_server Bundles

ContentsNotes
MCP server sourceVariable, depends on language
manifest.json or mcp.jsonMCP manifest: tools, schema, server entry
DockerfileOptional, used by miners that build per task
Dependency declarationsPer language convention
The miner starts the MCP server inside the sandbox (in process or via Docker), connects an MCP client, enumerates tools, and exercises them. The manifest is checked for tampering as part of ψ scoring.

agent_composition Bundles

ContentsNotes
composition.yamlThe composition manifest
subskills/<name>/One nested bundle per child skill
manifest.jsonTop level metadata
The composition manifest declares the call graph: which child skill is called by which other child skill, with what inputs and outputs. The miner does not necessarily run every child themselves. They may dispatch child analysis to generalist sub-miners through the network’s routing layer. Either way, the resulting transitive risk score must reflect the aggregate of child risks.

How the Miner Reads a Bundle

A typical miner pipeline does this: 
1. extract bundle bytes to a temp directory
2. read manifest, identify skill type and entry point
3. dispatch to per type analyser
4. analyser produces SSSA
5. cleanup temp directory
The miner image at ghcr.io/praxi-labs/phylax-miner:latest ships a reference implementation that does this for all six types. Operators can replace any of the per type analysers without changing the rest of the pipeline.

Bundle Size Limits

LimitValue
Raw bundle bytes50 MB compressed
Decompressed bundle250 MB
Max files in bundle10,000
Max path depth64
Bundles exceeding these limits are dropped at the synapse layer. Miners do not need to enforce limits themselves.

What’s Next

SSSA Schema

What the miner returns.

Scoring

Per type Q formulas.

Probe Events

What the validator embeds inside the bundle alongside the canary.

Miner Setup

Start mining.