codewithbehnam/proof
skills/content-research/proof/SKILL.md
Create, edit, comment on, and share markdown documents via Proof's web API and local bridge. Use when asked to "proof", "share a doc", "create a proof doc", "comment on a document", "suggest edits", "review in proof", or when given a proofeditor.ai URL.
$ install --global
skillsauthnpx skillsauth add codewithbehnam/cc-docs proofInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 2:19 PM5.4s1 file scanned
SKILL.md
- name:
- proof
- description:
- Create, edit, comment on, and share markdown documents via Proof's web API and local bridge. Use when asked to "proof", "share a doc", "create a proof doc", "comment on a document", "suggest edits", "review in proof", or when given a proofeditor.ai URL.
Proof - Collaborative Markdown Editor
Proof is a collaborative document editor for humans and agents. It supports two modes:
- Web API - Create and edit shared documents via HTTP (no install needed)
- Local Bridge - Drive the macOS Proof app via localhost:9847
Web API (Primary for Sharing)
Create a Shared Document
No authentication required. Returns a shareable URL with access token.
curl -X POST https://www.proofeditor.ai/share/markdown \
-H "Content-Type: application/json" \
-d '{"title":"My Doc","markdown":"# Hello\n\nContent here."}'
Response format:
{
"slug": "abc123",
"tokenUrl": "https://www.proofeditor.ai/d/abc123?token=xxx",
"accessToken": "xxx",
"ownerSecret": "yyy",
"_links": {
"state": "https://www.proofeditor.ai/api/agent/abc123/state",
"ops": "https://www.proofeditor.ai/api/agent/abc123/ops"
}
}
Use the tokenUrl as the shareable link. The _links give you the exact API paths.
Read a Shared Document
curl -s "https://www.proofeditor.ai/api/agent/{slug}/state" \
-H "x-share-token: <token>"
Edit a Shared Document
All operations go to POST https://www.proofeditor.ai/api/agent/{slug}/ops
Note: Use the /api/agent/{slug}/ops path (from _links in create response), NOT /api/documents/{slug}/ops.
Authentication for protected docs:
- Header:
x-share-token: <token>orAuthorization: Bearer <token> - Token comes from the URL parameter:
?token=xxxor theaccessTokenfrom create response
Comment on text:
{"op": "comment.add", "quote": "text to comment on", "by": "ai:<agent-name>", "text": "Your comment here"}
Reply to a comment:
{"op": "comment.reply", "markId": "<id>", "by": "ai:<agent-name>", "text": "Reply text"}
Resolve a comment:
{"op": "comment.resolve", "markId": "<id>", "by": "ai:<agent-name>"}
Suggest a replacement:
{"op": "suggestion.add", "kind": "replace", "quote": "original text", "by": "ai:<agent-name>", "content": "replacement text"}
Suggest a deletion:
{"op": "suggestion.add", "kind": "delete", "quote": "text to delete", "by": "ai:<agent-name>"}
Bulk rewrite:
{"op": "rewrite.apply", "content": "full new markdown", "by": "ai:<agent-name>"}
Known Limitations (Web API)
suggestion.addwithkind: "insert"returns Bad Request on the web ops endpoint. Usekind: "replace"with a broader quote instead, or userewrite.applyfor insertions.- Bridge-style endpoints (
/d/{slug}/bridge/*) require client version headers (x-proof-client-version,x-proof-client-build,x-proof-client-protocol) and return 426 CLIENT_UPGRADE_REQUIRED without them. Use the/api/agent/{slug}/opsendpoint instead.
Local Bridge (macOS App)
Requires Proof.app running. Bridge at http://localhost:9847.
Required headers:
X-Agent-Id: claude(identity for presence)Content-Type: application/jsonX-Window-Id: <uuid>(when multiple docs open)
Key Endpoints
| Method | Endpoint | Purpose |
|--------|----------|---------|
| GET | /windows | List open documents |
| GET | /state | Read markdown, cursor, word count |
| GET | /marks | List all suggestions and comments |
| POST | /marks/suggest-replace | {"quote":"old","by":"ai:<agent-name>","content":"new"} |
| POST | /marks/suggest-insert | {"quote":"after this","by":"ai:<agent-name>","content":"insert"} |
| POST | /marks/suggest-delete | {"quote":"delete this","by":"ai:<agent-name>"} |
| POST | /marks/comment | {"quote":"text","by":"ai:<agent-name>","text":"comment"} |
| POST | /marks/reply | {"markId":"<id>","by":"ai:<agent-name>","text":"reply"} |
| POST | /marks/resolve | {"markId":"<id>","by":"ai:<agent-name>"} |
| POST | /marks/accept | {"markId":"<id>"} |
| POST | /marks/reject | {"markId":"<id>"} |
| POST | /rewrite | {"content":"full markdown","by":"ai:<agent-name>"} |
| POST | /presence | {"status":"reading","summary":"..."} |
| GET | /events/pending | Poll for user actions |
Presence Statuses
thinking, reading, idle, acting, waiting, completed
Workflow: Review a Shared Document
When given a Proof URL like https://www.proofeditor.ai/d/abc123?token=xxx:
- Extract the slug (
abc123) and token from the URL - Read the document state via the API
- Add comments or suggest edits using the ops endpoint
- The author sees changes in real-time
# Read
curl -s "https://www.proofeditor.ai/api/agent/abc123/state" \
-H "x-share-token: xxx"
# Comment
curl -X POST "https://www.proofeditor.ai/api/agent/abc123/ops" \
-H "Content-Type: application/json" \
-H "x-share-token: xxx" \
-d '{"op":"comment.add","quote":"text","by":"ai:compound","text":"comment"}'
# Suggest edit
curl -X POST "https://www.proofeditor.ai/api/agent/abc123/ops" \
-H "Content-Type: application/json" \
-H "x-share-token: xxx" \
-d '{"op":"suggestion.add","kind":"replace","quote":"old","by":"ai:compound","content":"new"}'
Workflow: Create and Share a New Document
# 1. Create
RESPONSE=$(curl -s -X POST https://www.proofeditor.ai/share/markdown \
-H "Content-Type: application/json" \
-d '{"title":"My Doc","markdown":"# Title\n\nContent here."}')
# 2. Extract URL and token
URL=$(echo "$RESPONSE" | jq -r '.tokenUrl')
SLUG=$(echo "$RESPONSE" | jq -r '.slug')
TOKEN=$(echo "$RESPONSE" | jq -r '.accessToken')
# 3. Share the URL
echo "$URL"
# 4. Make edits using the ops endpoint
curl -X POST "https://www.proofeditor.ai/api/agent/$SLUG/ops" \
-H "Content-Type: application/json" \
-H "x-share-token: $TOKEN" \
-d '{"op":"comment.add","quote":"Content here","by":"ai:compound","text":"Added a note"}'
Safety
- Use
/statecontent as source of truth before editing - Prefer suggest-replace over full rewrite for small changes
- Don't span table cells in a single replace
- Always include
byfield for attribution tracking
Related Skills
codewithbehnam/steer
tools
VerifiedTrustedCommunity
macOS GUI automation CLI. Use steer to see the screen, click elements, type text, send hotkeys, scroll, drag, manage windows and apps, run OCR on Electron apps, and wait for UI conditions.
1SKILL.mdUpdated Apr 18, 2026
codewithbehnam/ship
testing
VerifiedTrustedCommunity
Ship workflow: merge main, run tests, review diff, bump VERSION, update CHANGELOG, commit, push, create PR.
1SKILL.mdUpdated Apr 18, 2026
codewithbehnam/setup-browser-cookies
testing
VerifiedTrustedCommunity
Import cookies from your real browser (Comet, Chrome, Arc, Brave, Edge) into the headless browse session. Opens an interactive picker UI where you select which cookie domains to import. Use before QA testing authenticated pages.
1SKILL.mdUpdated Apr 18, 2026
codewithbehnam/retro
development
VerifiedTrustedCommunity
Weekly engineering retrospective. Analyzes commit history, work patterns, and code quality metrics with persistent history and trend tracking. Team-aware: breaks down per-person contributions with praise and growth areas.
1SKILL.mdUpdated Apr 18, 2026