The registry is not reachable.
Check the status page or run curl <registry-url>/health and curl <registry-url>/ready. Health checks the API. Ready checks the database and package storage.
FAQ
Short answers for the problems users hit while publishing and installing skills.
Check the status page or run curl <registry-url>/health and curl <registry-url>/ready. Health checks the API. Ready checks the database and package storage.
Check the exact scoped name and version. If the package is private, run aipm login and retry, or pass an explicit install token in CI.
Published versions cannot be changed. Increase the manifest version and publish again.
Check that you used the right --target. Then restart or reload the AI tool if it caches project files.
Yes. Sign in with GitHub, create an org, reserve a package name, generate a 5-minute token, then publish from the CLI. See the publishing guide for the full flow.
Yes. Reserve the package under an org and set package visibility to private. Members install private packages after aipm login; CI can use an org install token.
See the security guide for preview checks, .aipmignore, and incident steps.
AIPM uses your account identity for publishing, profile details for ownership, org and package records for registry ownership, and short-lived tokens for CLI publishing.
Do not publish secrets, private prompts, customer data, confidential documents, malware, misleading content, or names that impersonate another person, company, project, or tool.
Generate a new token from the package dashboard. Tokens are short-lived and are not stored by the CLI.
That package does not have a linked publisher account. Review it carefully before installing.
See the install guide for npm, Homebrew, standalone, Windows, and Scoop options. Then run aipm --version and aipm doctor.
Package metadata is stored by the registry. Package tarballs are stored in blob storage.