{"version":"1.0","workflow_uuid":"53eb09a2-04a5-5988-851a-030c1ecc3367","workflow_title":"VULNRΞPO — Privacy-First Vuln Report Manager (Ollama)","recommended_install":{"schema_version":1,"status":"direct","policy":"allow","install_mode":"single","target":"codex","command":"npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 --target codex","dry_run_command":"npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 --target codex --dry-run --json","runtime_commands":{"codex":"npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 --target codex","gemini":"npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 --target gemini","project":"npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367"},"prompt":"Install and make this TokRepo asset usable: \"VULNRΞPO — Privacy-First Vuln Report Manager (Ollama)\".\n\nPage: \nUUID: 53eb09a2-04a5-5988-851a-030c1ecc3367\nTarget adapter: codex\nPolicy/mode: allow / single\n\nRead these machine-facing entry points first:\n- metadata: https://tokrepo.com/metadata/53eb09a2-04a5-5988-851a-030c1ecc3367.json\n- install contract: https://tokrepo.com/install-contract/53eb09a2-04a5-5988-851a-030c1ecc3367.json\n- install plan: https://api.tokrepo.com/api/v1/tokenboard/workflows/install-plan?uuid=53eb09a2-04a5-5988-851a-030c1ecc3367&target=codex\n- raw content: https://tokrepo.com/raw/53eb09a2-04a5-5988-851a-030c1ecc3367\n\nCommands:\n- choose the current runtime; do not use unsupported CLI targets.\n- Codex: npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 --target codex\n- Gemini CLI: npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 --target gemini\n- Claude Code / project agent: run npx -y tokrepo@latest install 53eb09a2-04a5-5988-851a-030c1ecc3367 from the project root; add `--dry-run --json` first to inspect the plan.\n- add `--dry-run --json` to the chosen command first; after the plan allows it, run the chosen command.\n\nExecution rules:\n1. Run the dry-run command first to inspect the plan and risks.\n2. Run the install command after the plan allows it.\n3. Run the post_verify checks from the install plan.\n\nReport back with changed files, verification result, and how to use the asset next.","next_steps":["Run the dry-run command first to inspect the plan and risks.","Run the install command after the plan allows it.","Run the post_verify checks from the install plan."],"success_check":["The asset is installed into the target agent or project location.","The agent can load the entrypoint and explain how to use it."]},"install_contract":{"version":"1.0","installReady":false,"title":"VULNRΞPO — Privacy-First Vuln Report Manager (Ollama)","summary":"VULNRΞPO is a client-side vulnerability report manager: it encrypts data in-browser, supports imports/exports, and can use local Ollama for AI writing.","assetType":"Skills","pageUrl":"","sourceUrl":"https://github.com/kac89/vulnrepo","intendedFor":[],"firstActions":[],"agentFirstSteps":[],"targetPaths":[],"verification":[],"startingPoints":[],"example":"","successOutcome":"","boundaries":[],"askUserIf":["the current workspace stack cannot be matched to a safe upstream template","the target path is not the project root, or an existing file should be merged instead of overwritten"]}}