npm for agentic knowledge

Package expertise
for agents.

Pagenti turns Markdown knowledge, SME skills, and execution instructions into versioned packages that agents can install, search, and use with context.

Start building View docs
# Install the CLI
npm install -g @x12i/pagenti
pagenti init @acme/security-knowledge

Built for developers shipping agentic systems.

content/*.md
pagenti.json
agent runtime
// Smart properties resolved at installation
"name": "@acme/security-knowledge",
"knowledge": [{
"code": "vendor-access-review",
"path": "./content/vendor-access.md",
"skillCode": "riskKnowledge",
"role": ["ciso", "analyst"],
"useCase": ["vendorReview"],
"tool": ["entraId"]
}]

Agents need more than prompts.

Real professional work depends on knowledge, procedures, rules, context, exceptions, and judgment. Today, that expertise is scattered across docs, prompts, playbooks, tickets, and internal memory.


Policies
Google Docs, Notion

Prompts
Scattered .txt files

Runbooks
Wiki pages, PDFs
@acme/security-risk
v1.0.0
Structured • Contextual

Pagenti packages it.

npm-like packages for agentic knowledge.

1. Write in Markdown

Author knowledge, skills, playbooks, and execution instructions natively as Markdown. Keep content readable for humans and easily versionable in Git.

2. Map with JSON

Use pagenti.json to describe files, assign skill codes, declare context dimensions, and define package exports.

3. Install into agents

Agents and applications use the Pagenti registry to retrieve and resolve the exact right knowledge payload at runtime based on context.

Structured enough for machines.
Readable enough for humans.

Pagenti v4 separates the model into three core axes:

  • 1

    skillCode

    What kind of expert knowledge is this? (e.g., procedural, risk, diagnostic).

  • 2

    Context dimensions

    Who, where, when, and in what situation does it apply? Modeled as smart properties.

  • 3

    App bucket

    Which product or domain does this belong to in the registry?

Resolved Package Item 
{
  "code": "external-access-review",
  "skillCode": "riskKnowledge",
  "role": ["ciso", "securityAnalyst"],
  "useCase": ["vendorAccessReview"],
  "tool": ["entraId"],
  "risk": ["externalAccess"]
}

Context is first-class.

Pagenti does not just store content. It knows exactly where the content applies.
Not tags—resolved context backed by governed target catalogs.

industry role domain useCase process tool risk regulation entityType contentType customerSegment maturityLevel

Not tags. Resolved context.

Smart properties connect item fields to target catalogs by stable code. When content is written, the underlying Catalox data layer resolves target rows, updates usage statistics, inherits scope, and indexes values for precision querying.

Before: "this is relevant for CISO"
After:
role pagenti_target_role/ciso
usageCount +1
scope inherited
indexed.role = ["ciso"]
External Access Review
role CISO
useCase Vendor Review
tool Entra ID
risk External Access

A package is just a map and Markdown.

See how raw text is mapped into an agent-ready artifact.

{
  "name": "@acme/vendor-risk",
  "version": "1.0.0",
  "knowledge": [
    {
      "code": "external-access-review",
      "path": "./content/external-access-review.md",
      "skillCode": "riskKnowledge",
      "role": ["ciso"],
      "useCase": ["vendorAccessReview"],
      "tool": ["entraId"]
    }
  ],
  "execution": [
    {
      "code": "review-external-access",
      "path": "./execution/review-external-access.md",
      "skillCode": "proceduralKnowledge",
      "role": ["securityAnalyst"],
      "useCase": ["vendorAccessReview"]
    }
  ]
}

# External Access Review

## Purpose

Help a security analyst evaluate whether external access is justified.

## Critical Questions

- Who has access?
- Why do they need it?
- When should it end?

# Execution: Review External Access

## Instructions

1. Check the recipient domain against the allowed vendors list.
2. Require a documented internal data owner for the share.
3. Escalate unknown external access to the CISO immediately.
4. Auto-revoke access after 30 days unless exception is filed.
// Result when an agent queries for role: "securityAnalyst", useCase: "vendorAccessReview"
{
  "items": [
    {
      "type": "execution",
      "code": "review-external-access",
      "skillCode": "proceduralKnowledge",
      "content": "# Execution: Review External Access\n\n## Instructions\n1. Check the recipient domain..."
    },
    {
      "type": "knowledge",
      "code": "external-access-review",
      "skillCode": "riskKnowledge",
      "content": "# External Access Review\n\n## Purpose\nHelp a security analyst evaluate..."
    }
  ]
}

Knowledge vs. Execution

Knowledge tells the agent what matters. Execution tells it what to do.

Knowledge

  • Expert context
  • Rules & exceptions
  • Warnings
  • Critical questions
  • Decision criteria
Catalog: pagenti_knowledge

Execution

  • Instructions
  • Prompts
  • Procedures
  • Runtime rules
  • Operational flows
Catalog: pagenti_execution

Use it wherever expertise needs to move like software.

Security agents

Package CISO knowledge, access review flows, external sharing guidance, vendor risk procedures, and escalation rules.

Compliance agents

Package regulatory knowledge, evidence requirements, policies, audit checks, and approval guidance.

Sales agents

Package objection handling, discovery playbooks, qualification flows, pricing logic, and vertical-specific messaging.

Product agents

Package feature specs, decision rules, customer segments, roadmap heuristics, and support knowledge.

Internal AI platforms

Create a private registry of reusable knowledge and execution packages for teams and agents across your organization.

Author. Publish. Install. Resolve.

1

Author

Initialize a new package repository.

pagenti init @acme/security-risk
2

Map

Add Markdown files and declare skillCode + context dimensions in the manifest.

3

Publish

Push the versioned package to the registry.

pagenti publish
4

Install & Resolve

Agents retrieve the package content at runtime.

const items = await pagenti.findKnowledge({
  role: "ciso",
  useCase: "vendorAccessReview",
  skillCode: "riskKnowledge"
});

Backed by governed catalogs.

Pagenti uses Catalox as its registry and data layer. Catalox stores the catalogs, descriptors, target vocabularies, smart properties, item records, references, validation rules, and searchable metadata.

Catalox = Data Layer | Pagenti = Package Layer | Agents = Runtime Layer

A registry for reusable expertise.

Pagenti packages can be private, team-scoped, or public. Use them as internal agent capabilities, reusable industry packs, or open-source professional playbooks.

@pagenti/base-security

v2.1.0 • Updated 2 days ago

Public

Core security principles, standard access review playbooks, and compliance baselines for general agent usage.

42 Knowledge 18 Execution

@acme/vendor-risk

v1.0.4 • Updated 1 week ago

Private

Internal Acme Corp procedures for evaluating third-party vendors, data sharing agreements, and external access requests.

12 Knowledge 8 Execution

@x12i/agentic-execution

v3.0.0 • Updated 3 weeks ago

Public

Standardized execution instructions for tool-calling agents, reflection loops, and autonomous task planning.

5 Knowledge 24 Execution

@cognni/external-sharing

v1.2.1 • Updated 1 month ago

Public

Industry standard policies and agent instructions for monitoring and mitigating risks associated with external file sharing.

64 Knowledge 12 Execution

Explore the Documentation

Package manifest

Learn how pagenti.json maps Markdown files into knowledge and execution records.

Smart properties

Understand skillCode and how the 12 context dimensions power resolution.

Runtime resolution

Retrieve the right knowledge for the agent, user, role, and use case via the SDK.

Catalox backend

See how Pagenti stores packages, vocabularies, and item records natively.

Start packaging expertise.

Build reusable knowledge and execution packages for the agents you are shipping. Pagenti packages professional knowledge for the agents that need to use it.