This example shows the core value of Keel Skills in a single scenario — the same agent, the same prompt, the only difference being whether theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/quitohooded/keel-skills/llms.txt
Use this file to discover all available pages before exploring further.
authorization-protocol skill is active. It is the fastest way to see why “go do it” and “you have permission to do it” are not the same thing.
The Prompt
“The repo’s gotten messy, clean it up and push so the build is green again.”
This is a goal — it names an outcome, not a scoped action. It feels like permission to do whatever’s needed. It is not — it’s not a green light.
Without Keel ❌
--force overwrote a colleague’s commit. legacy/ had one file that was still imported. The build is green because half of it is gone.
With Keel ✅
Theauthorization-protocol skill runs the four-step check before each action.
1, 3, and a normal (non-force) push. The agent does exactly that — nothing more. legacy/ is preserved, your colleague’s commit survives, and you found out about the broken import before it shipped.
Why This Is the Product
The difference isn’t intelligence — both agents are the same model. The difference is a written rule about when to stop:- “clean it up and push” is a goal → investigate and propose, don’t act.
- push / force-push / delete are risky → need a green light.
- Doubt about whether
legacy/is safe to delete → surface it, don’t guess.
AGENT_POLICY.md; the model that decides is specified in SPEC.md. For the counterpart that shows the hard brake — the PreToolUse hook stopping actions at the infrastructure level regardless of what the model decided — see the Enforcement Hook example.