Skills

Sharing Skill Reports publicly

What gets published, the body-publish opt-in (authorship-gated), privacy defaults, view counting, revocation, and the carve-out from PA's no-server-side-AI-cache rule.

Updated 2026-05-06 · By Jon Lasley

On this page

After running a Behavioral Eval and clicking Save report, you can publish it as a public-link Skill Report at /share/skill-report/<id>. This is the single user-initiated exception to Prompt Assay's no-server-side-AI-cache rule; the rest of this article walks through what gets shared, the privacy defaults, and how to revoke.

What gets shared

By default, a Skill Report shares the eval artifact only: aggregate scores (Discovery Fidelity, Instruction Adherence, Cross-Provider Consistency), the per-(probe × model) grid with adherence scores, the activation indicators, and the model + judge metadata. The SKILL.md body itself is NOT published unless you flip the body-publish toggle (see below).

Always shared: aggregate scores, per-cell activation and adherence, model list, judge model, run timestamp, the trigger and non-trigger probe text
Shared only when body-publish is on: the current SKILL.md body content
Never shared: your BYOK keys, raw prompt-content tokens beyond what appears in the probes, internal cell IDs, your org id, your user id

The body-publish opt-in

From /settings/shares, find the Skill Report and toggle Include skill body. Two guardrails apply:

Authorship gate: only the original author of the source Skill (the user whose user_id matches the row in skills) can flip body-publish on. A teammate who ran the Behavioral Eval but didn't author the SKILL.md cannot publish that body. The action returns "Only the skill's original author can publish its body. Ask the author to toggle this on."
Drift warning: when you toggle on, PA reads the current SKILL.md from your workspace, not a snapshot from when the eval ran. If you've edited the body since the eval, the published body and the published scores may not describe the same artifact. The UI surfaces a warning before you confirm.

Why current, not snapshot

Mirroring the prompt-side critique-share and model-report-share behavior. Authors typically improve a Skill after seeing eval scores, then want the latest body visible to people landing on the share. If snapshot semantics matter for your case, save a new report after the edit and publish that one instead.

Privacy defaults

Every new Skill Report ships with two defaults intended to keep it private until you explicitly choose otherwise:

`noindex` until discoverable: the public page emits a robots noindex tag until you flip the Discoverable toggle in /settings/shares. Search engines and link previewers respect this.
Unguessable URL: share IDs are UUID v7. Anyone with the link can view; nobody can enumerate. The link is the secret.
Owner-revocable: you can revoke at any time and the public route 404s on next request. CDN cache is 1 hour; the badge endpoint flips to 404 within the same window.

The README badge

Every published Skill Report is also addressable as a Shields.io endpoint. Drop the snippet from /help/skills/badge into the README of any repo that ships the Skill, and readers see the headline Discovery Fidelity score with a color band:

Copper (≥ 8.0): production-ready
Yellow (6.0-7.9): usable, needs targeted improvements
Red (< 6.0): significant rework before relying on the Skill

The badge endpoint shares the same lifecycle as the report: revoking the report kills the badge on the next CDN refresh.

View counting

Public Skill Reports record an aggregate view count. Sampling: every 10th view increments the counter via the increment_share_view("skill-report", id) RPC. We don't log IPs, user agents, referrers, or any other identifier; the counter is a single integer. The owner sees it in /settings/shares next to the report.

Revoking a share

Open /settings/shares
The Skills tab lists every Skill Report you've published, with view counts, discoverable state, and body-publish state.
Click Revoke
Sets revoked_at on the row. The public RLS policy returns rows only where revoked_at IS NULL, so the public route 404s on the next request. The badge endpoint follows once its 1-hour CDN entry expires.
(Optional) Re-publish
Save a new report from the Behavioral Eval panel and publish that one instead. The old share ID stays revoked forever; a fresh ID lets you reset the URL.

The six-property carve-out

Prompt Assay does not cache AI output server-side. Critique, Improve, Rewrite, Brainstorm, and Compare results live in your browser's localStorage and never round-trip through our database. The Skill Report share is the single exception. It satisfies six properties that keep it structurally distinct from "platform caching":

User explicitly publishes by clicking Save report → publish. There is no automatic, opaque, or implicit caching path.
Owner-revocable at any time, with the public route 404ing on the next request.
Snapshot-only: reads NEVER re-run the LLM. The share read path only selects the persisted row.
RLS enforces the boundary: the public-read policy returns rows only where revoked_at IS NULL, and owner_user_id is bound to your user id at insert time and immutable thereafter.
`noindex` by default: until the owner explicitly opts in via Discoverable.
Skill-body publishing is a separate authorship-gated opt-in: only the original Skill author can publish the body, the published body is the current SKILL.md (with a drift warning), and a teammate who critiqued or eval'd the Skill cannot publish that teammate's body.

Same pattern as Critique + Compare + Model Report shares

If you've used the workbench's prompt-side share buttons, the model is identical: same snapshot semantics, same revocation flow, same authorship gate on body publish. The Skill Report variant adds the Behavioral Eval grid as the published artifact.