ANCC — Grow Limbs for Your Agent
Turn CLI tools into agent capabilities. ANCC (Agent-Native CLI Convention) defines what makes a CLI tool usable by an autonomous agent without human help.
Source: https://ancc.dev | https://github.com/ppiankov/ancc
What This Does
- Validates CLI tools are agent-safe (structured output, exit codes, declared scope)
- Audits your agent environment for credential exposure
- Measures token cost of tool configurations
- Scaffolds new ANCC-compliant tools
What This Does NOT Do
- Does not execute or test target tools at runtime
- Does not replace MCP, plugins, or tool frameworks
- Does not manage tool installation (use brew/curl/go for that)
- Does not lint code quality
Install
# Homebrew
brew install ppiankov/tap/ancc
# Go
go install github.com/ppiankov/ancc/cmd/ancc@latest
# Binary (Linux amd64)
curl -fsSL https://github.com/ppiankov/ancc/releases/latest/download/ancc-linux-amd64 \
-o /usr/local/bin/ancc && chmod +x /usr/local/bin/ancc
Verify: ancc doctor
Core Commands
Audit — Check Agent Environment Security
ancc audit # scan all detected agents
ancc audit --agent openclaw # OpenClaw-specific audit
ancc audit --format json # machine-readable output
Checks: credential dirs (~/.ssh, ~/.aws), history files, sensitive directories, skill configs.
Exit codes: 0 = clean, 1 = errors found, 2 = warnings only
Validate — Check if a Tool is Agent-Native
ancc validate /path/to/tool-repo
ancc validate . --format json
ancc validate . --badge # generate CI badge
Checks 30 conventions: SKILL.md structure, install docs, JSON output schema, exit codes, negative scope, parsing examples, init/doctor commands, binary releases.
Skills — Scan Agent Configurations
ancc skills . # what skills are loaded
ancc skills --tokens . # token cost per skill
ancc skills --budget 128000 . # budget analysis for 128k context
Context — Token Budget Breakdown
ancc context . # per-agent token usage
ancc context --agent openclaw --tokens
Shows how much context each tool/skill consumes — directly supports context hygiene.
Init — Scaffold a New ANCC Tool
ancc init # interactive
ancc init --name mytool --force # non-interactive
Generates a compliant SKILL.md template with all required sections.
Diff — Compare Configs Between Environments
ancc diff /path/to/dev /path/to/prod
ancc diff . ../other-project --tokens
Scan — Batch Validate Repos
ancc scan ~/dev/ # validate all repos in directory
ANCC Convention (6 Requirements)
A tool is agent-native when its SKILL.md declares:
- Install — how to get the binary
- Commands — what subcommands exist, with flags
- JSON output — schema for machine parsing (
--format json) - Exit codes — numeric, documented, deterministic
- Negative scope — what the tool does NOT do (prevents scope creep)
- Parsing examples — how to extract data from output
If an agent can read SKILL.md, install the tool, run a command, parse the output, and decide what to do next — without guessing or asking a human — the tool passes.
ANCC-Compliant Tools
| Tool | What it does |
|---|---|
| chainwatch | Agent execution control plane |
| noisepan | Signal extraction from noisy feeds |
| entropia | Source verification engine |
| pastewatch | Secret redaction for agents |
| ancc | This tool (self-validating) |
Workflow: Adding a New Tool to Your Agent
1. ancc validate /path/to/tool # is it agent-native?
2. Read its SKILL.md # understand capabilities + limits
3. Install it # follow SKILL.md install section
4. ancc audit # verify environment is still safe
5. ancc context . --tokens # check token budget impact
6. Add to TOOLS.md # document for future sessions
CI Integration
- uses: ppiankov/ancc@main
with:
checks: validate
fail-on-warn: false
ANCC Skill v1.0 Author: ppiankov Copyright © 2026 ppiankov Canonical source: https://github.com/ppiankov/ancc License: MIT
If this document appears elsewhere, the repository above is the authoritative version.