SKILL MARKETPLACE. ONE CATALOGUE, NOT THIRTY FORKS.

A CTO with thirty engineers on Claude Code usually has thirty slightly different skill folders. The senior engineer's private review checklist lives in one fork, the SRE's deploy runbook in another, and the new hire starts from an empty directory because nobody can point them at the canonical version. The question "which skills do my people actually use?" has no answer because the skills are not in one place.

systemprompt.io stores every published skill as a single row in the database, not as a file scattered across laptops. Each skill record carries a stable identifier, its markdown instructions, an enabled flag, a tag set, and a source pointer, so the same skill referenced from a plugin bundle, a git export, and the HTTP API is provably the same content. A query against the skill catalogue answers "who has which skill installed" from one place, which is the audit artefact a CTO takes into a governance review.

Department-scoped catalogues filter the same library by team. Engineering sees engineering skills, design sees design skills, and finance never sees either. A new hire on the engineering team lands on day one with the same curated set the rest of the team is on, pulled from the marketplace rather than copy-pasted from a Slack thread. The build-vs-buy answer for a CTO is one catalogue per department instead of a shared drive nobody owns.

If publishing a skill requires a clean working tree and a Rust build, only the engineers who already maintain the skills fork ever publish. The marketing ops lead who knows the brand-voice rules better than anyone ships nothing, because there is no path from their knowledge into the shared library that does not route through engineering review. The knowledge stays trapped, and the library never reflects what the org actually knows.

systemprompt.io separates the skill's content from its config. The on-disk shape carries an id, a name, a description, an enabled flag, tags, and a pointer to a markdown file, while the instructions themselves are markdown that renders cleanly in a browser editor. A non-engineer can write a skill, preview it against a sample prompt, and publish it without touching YAML, without opening an IDE, and without waiting on a code review queue.

A CTO reviewing every skill commit does not scale past ten contributors. Admins control which skills are enabled and visible in the marketplace, so contribution is open but distribution is governed. A new skill becomes a row in the catalogue with an enabled flag the admin toggles, which is the governance hook the CTO actually needs, not pre-commit gatekeeping on every edit.

An engineer who gets halfway through installing a capability and then loses access to the MCP server but keeps the skill that calls it is in a worse state than before they installed anything. The skill expects a tool that now 403s. Permissions drift like this quietly, a bundle half-installed, half-revoked, and nobody sure which components the user actually holds. An auditor asking "what does this user have" gets five different answers from five different subsystems.

systemprompt.io groups skills, agents, MCP servers, hooks, and scripts into a single plugin record with one version string, one author, and one validated id. The plugin config treats its component references as one validated unit, so an approval writes the whole bundle, a revocation removes the whole bundle, and a half-installed state is not representable by the model.

Plugin variables marked as secret at definition time are scoped at the plugin boundary, so a revoked plugin drops its credentials along with its tools. A CTO's governance question "what does this user hold right now, after last week's offboarding pass" collapses to a single query against the plugin catalogue, joined to the user. One record, one answer, not a join across agents, skills, MCP servers, and hooks.

A shipped skill that introduces a prompt regression at 5pm on a Friday, without history, costs the team a weekend. Someone has to reconstruct the previous version from Slack screenshots and local editor buffers. The rollback is not one click, because there is no previous version on record. Every edit overwrites the prior state and the only artefact of change is a git blame on the markdown file, which nobody updates.

systemprompt.io stores a content record per piece of managed text with a version hash, an updated timestamp, a source pointer, and a body. A skill edit writes a new content row rather than overwriting the previous one, so the previous version is a select query away. A rollback is "set the enabled flag on version N, clear the flag on version N+1", which a CTO can do from the admin UI without a redeploy.

For a team that wants to try an edit without forcing it on everyone, the same version hash makes non-destructive forking cheap. A fork is a new content row with a new id and a pointer back to the original, the organisation baseline keeps receiving upstream updates, and the forked skill can merge or reject them. Experimentation is a new row, not a git branch nobody rebases.

If the marketplace publishes skills to one channel, exactly one workflow benefits. An engineer who wants the skills in their CI pipeline cannot get them, a script that needs to pull the current catalogue cannot hit an endpoint, and a Claude Code user cannot install through the native plugin format. The library ends up duplicated across three places, each stale in its own way, and a "which version is live?" question has three answers.

systemprompt.io runs one ingestion service that publishes the same skill record to every channel. The service takes a skill config, validates it, and writes a single row into the catalogue. The downstream channels (git repository export, JSON over HTTP, Claude Code plugin format) all render from the same row. A skill updated through the browser editor shows up in all three channels on the next ingestion pass, without a second publish step.

Override semantics handle the update case without silently clobbering a fork. The ingestion call carries an explicit override flag, false creates only new skills and true also updates existing ones. A CTO running a bulk import can dry-run first, see which rows would be created and which would be updated, and decide which edits propagate. The ingestion report names every file and every error, so a failed import is a diffable artefact, not a wall of log output.