Publish to the Registry

Share a packet so agents and people can find it. This is the end-to-end workflow; for the full publish gate and lifecycle, see Publish & Sign.

1. Get a key

uks config generate-key                  # shows how to obtain a registry API key
uks config set registry.apiKey st_live_xxxx

2. (Recommended) Sign

Signing records a verifiable did:key publisher identity:

uks sign --key ./my-key.pem my-packet.uks.json    # produces a detached signature

3. Publish

uks publish --sign --sign-key ./my-key.pem my-packet.uks.json

The registry runs the publish gate (schema, secret scan, clinical policy, injection scan, content addressing) before anything is stored. Publish private with --visibility private if it shouldn't be public.

4. Verify it's live

uks search "my topic"
uks pull <packet-id> > roundtrip.uks.json
uks validate roundtrip.uks.json

Update & remove

uks publish my-packet.uks.json     # re-publish a new version (visibility is sticky)
uks unpublish <packet-id>          # remove your packet

Published knowledge is continuously safety-checked — retracted, dead-link, injection-flagged, or revoked-signer content is vetoed at serve time. See Trust & Safety.

→ Next: Serve via MCP · Publish & Sign (reference)