Log inSign up
c15r

c15r

ContextualLite

Public
Like
ContextualLite
Code
4
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data – all from the browser, and deployed in milliseconds.
Sign up now
Code
/
SKILL_EXECUTION_FIX.md
Search
7/5/2025
Viewing readonly version of main branch: v494
View latest version
SKILL_EXECUTION_FIX.md

Skill Execution Namespace Fix - Root Cause Analysis & Solution

Problem Summary

System skills were failing to execute with the error:

SyntaxError: Unexpected identifier 'not'

This occurred because the skill execution system was trying to execute the string "File not found" as JavaScript code.

Root Cause Analysis

The Problem Flow:

  1. User registers a skill in their namespace (e.g., ns_k0ro71) with fileKey: "my-skill.js"
  2. Admin promotes the skill to system-wide availability
  3. System skill is stored with the original fileKey: "my-skill.js" (from the user's namespace)
  4. Another user tries to execute the system skill
  5. Skill execution calls handleCodeExec({ key: skill.fileKey, input: args }, authContext)
  6. File retrieval fails because it tries to fetch "my-skill.js" from the current user's namespace, not the original user's namespace where the file actually exists
  7. Files handler returns "File not found" as the content
  8. Code execution tries to execute the string "File not found" as JavaScript code
  9. VM throws syntax error SyntaxError: Unexpected identifier 'not' because "File not found" is not valid JavaScript

The Core Issue:

System skills store the original user's fileKey, but when executed, they try to fetch the file from the current user's namespace instead of the original user's namespace.

Implemented Solution

Option 1: Copy File Content to System Storage (Implemented)

Approach: When promoting a skill, copy the file content and store it in the system folder (system/skills/skillName.js)

Benefits:

  • ✅ Complete isolation from original user
  • ✅ System skills work independently
  • ✅ No namespace confusion
  • ✅ Consistent with system-wide availability concept
  • ✅ Files are accessible to all users via system folder

Trade-offs:

  • File content is duplicated
  • Updates require explicit admin action via admin-update-promoted-skill

Implementation Details

Modified Files:

  1. src/storage/skill-registry.ts:

    • Updated promoteSkillToSystem() to accept a filesStore parameter
    • Added file copying logic to copy skill file to system/skills/skillName.js
    • Updated fileKey in promoted skill to point to system folder
    • Updated updatePromotedSkill() to sync file content from original user
    • Updated demoteSkillFromSystem() to clean up system files

  2. src/tools/handlers/admin-tools.ts:

    • Updated constructor to accept S3 client and bucket name
    • Modified admin handlers to create NamespacedFilesStore instances
    • Updated promotion/demotion/update handlers to pass files store to skill registry

  3. src/mcp/handler.ts:

    • Updated admin handler instantiation to pass S3 client and bucket name

Key Changes:

File Copying During Promotion:

// Copy the skill file to system folder
systemFileKey = `system/skills/${skillName}.js`;

// Store the file content in the system folder using admin context
await filesStore.putWithSystemFolder(
  systemFileKey,
  originalFile.content,
  originalFile.contentType || 'application/javascript',
  {
    originalFileKey: userSkill.fileKey,
    originalNamespace: userNamespace,
    promotedBy: authContext.namespace,
    promotedAt: new Date().toISOString(),
    skillName: skillName
  },
  authContext
);

Updated Skill Definition:

const promotedSkillDefinition: SkillDefinition = {
  ...userSkill,
  fileKey: systemFileKey, // Use the system file key instead of original
  isSystemSkill: true,
  promotedFrom: userNamespace,
  promotedAt: now,
  promotedBy: authContext.namespace,
  updatedAt: now,
};

Verification

The fix has been implemented and the server compiles successfully. The system now:

  1. Promotes skills correctly: Copies file content to system folder during promotion
  2. Executes system skills reliably: Uses system folder files that are accessible to all users
  3. Updates promoted skills: Syncs latest content from original user to system folder
  4. Cleans up properly: Removes system files when skills are demoted

Usage

Promoting a Skill:

curl -X POST https://your-server/mcp \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer your-admin-key" \
  -d '{
    "jsonrpc": "2.0",
    "method": "tools/call",
    "params": {
      "name": "admin-promote-skill",
      "arguments": {
        "userNamespace": "user123",
        "skillName": "my-skill"
      }
    },
    "id": 1
  }'

Updating a Promoted Skill:

curl -X POST https://your-server/mcp \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer your-admin-key" \
  -d '{
    "jsonrpc": "2.0",
    "method": "tools/call",
    "params": {
      "name": "admin-update-promoted-skill",
      "arguments": {
        "skillName": "my-skill"
      }
    },
    "id": 1
  }'

Result

System skills now execute reliably without namespace-related file access issues. The file isolation ensures that promoted skills work consistently for all users, regardless of the original user's namespace or file availability.

FeaturesVersion controlCode intelligenceCLIMCP
Use cases
TeamsAI agentsSlackGTM
DocsShowcaseTemplatesNewestTrendingAPI examplesNPM packages
PricingNewsletterBlogAboutCareers
We’re hiring!
Brandhi@val.townStatus
X (Twitter)
Discord community
GitHub discussions
YouTube channel
Bluesky
Open Source Pledge
Terms of usePrivacy policyAbuse contact
© 2026 Val Town, Inc.