indigoai-us/hq-cowork-files
core/packages/hq-pack-cowork/skills/hq-cowork-files/SKILL.md
Read and inspect HQ vault objects from a sandboxed Claude Code plugin host (Cowork) without a full sync, via the host-side `mcp__hq__hq_files` tool. Actions — browse (list), cat (read one object), acl (show access list), search (match object keys), shared-with-me (grants to you), get (materialize into local HQ). Same capability as `/hq-files`, routed through hq-pack-cowork's MCP server.
$ install --global
skillsauthnpx skillsauth add indigoai-us/hq-core hq-cowork-filesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 4, 2026, 3:11 AM17.2s1 file scanned
SKILL.md
- name:
- hq-cowork-files
- description:
- Read and inspect HQ vault objects from a sandboxed Claude Code plugin host (Cowork) without a full sync, via the host-side `mcp__hq__hq_files` tool. Actions — browse (list), cat (read one object), acl (show access list), search (match object keys), shared-with-me (grants to you), get (materialize into local HQ). Same capability as `/hq-files`, routed through hq-pack-cowork's MCP server.
- allowed-tools:
- mcp__hq__hq_files
/hq-cowork-files — Inspect HQ vault objects from a sandboxed agent
Reads vault objects on demand from inside Cowork, where the hq CLI and the
local sync index aren't reachable. Routes through the host-side MCP server.
Args: $ARGUMENTS — an action plus its target. Infer the action from
intent if not explicit.
| Action | Purpose | Needs |
|---|---|---|
| browse | List objects under a vault path | path optional (defaults to root) |
| cat | Stream one object to text | path required |
| acl | Show the access-control list for a prefix | path required |
| search | Match vault object keys by path/name (NOT content) | query (or path) required |
| shared-with-me | List grants made to you | — |
| get | Materialize a file/prefix into local HQ on the host | path required; into optional |
Call the tool
{
"action": "cat",
"path": "companies/foo/knowledge/x.md",
"company": "<slug>", // omit to parse from path
"personal": false,
"into": "<dir>" // action=get only
}
Call mcp__hq__hq_files. For search, pass the query as query (or path).
Notes
searchmatches keys, not content. It's a path/name match over vault object keys — not full-text search. For content search use/hq-cowork-search(qmd), which is a different index.getwrites to the host's local HQ, not into the sandbox. The sandboxed agent won't see the materialized files unless the mounted HQ folder is shared. Prefercatto read content directly into the session.- Cross-company isolation.
companydefaults to the slug parsed from the path; pass it explicitly when that's ambiguous. Never operate across a company boundary you weren't asked to.
When to use this instead of /hq-files
Only inside Cowork or another sandboxed plugin host. On a host-side session,
prefer the unprefixed /hq-files (or hq files).
Why this skill exists
hq files authenticates with the user's Cognito session under ~/.hq and
reads the cloud vault — neither is visible from Cowork's Linux VM. The
host-side MCP server runs the real hq files <action> and returns output to
the sandboxed agent.
Related Skills
indigoai-us/hq-cowork
tools
VerifiedTrustedCommunity
Discovery + dispatch entry point for native HQ inside Cowork (or any sandboxed Claude Code plugin host). Enumerates every HQ capability available through hq-pack-cowork's host-side MCP server (identity, sync, qmd/search, secrets, vault files, team & membership, packages & modules, meeting intelligence, feedback, schema-backed runs, guarded long-tail CLI) and routes to the right `mcp__hq__*` tool while preserving default HQ behavior through a different transport. Use when the agent needs HQ but `hq`/`qmd` aren't reachable from its bash sandbox and isn't sure which tool to call.
39SKILL.mdUpdated Jun 4, 2026
indigoai-us/hq-cowork-sync
tools
VerifiedTrustedCommunity
Run a full HQ sync (all cloud-backed companies, bidirectional) from a sandboxed Claude Code plugin host (Cowork) by calling the host-side `hq_sync` MCP tool. Same engine as AppBar HQ Sync and the `/hq-sync` skill, but routed through the hq-pack-cowork MCP server so it works even when the `hq` binary and `~/.hq` auth are not reachable from the agent's bash sandbox.
39SKILL.mdUpdated Jun 4, 2026
indigoai-us/hq-cowork-share
tools
VerifiedTrustedCommunity
Share an HQ vault path from a sandboxed Claude Code plugin host (Cowork) by calling the host-side `hq_share` MCP tool. Without `--with`, mints an encrypted single-use share-session URL (default 15-min expiry). With `--with`, grants direct ACL access to a person, group, or `@all`. Same capability as `/hq-share`, routed through hq-pack-cowork's MCP server so it works from a sandboxed agent.
39SKILL.mdUpdated Jun 4, 2026
indigoai-us/core/packages/hq-pack-cowork/skills/hq-cowork-secrets
tools
VerifiedTrustedCommunity
--- name: hq-cowork-secrets description: Use HQ secrets from a sandboxed Claude Code plugin host (Cowork). The host-side MCP server never returns a secret value itself: `mcp__hq__hq_secrets_exec` runs a command on the host with named secrets injected as env vars (only the command's output returns), and refuses to launch a shell or value-printing binary; `mcp__hq__hq_secrets_list` lists secret NAMES/metadata only. These tools run host commands with the user's privileges, so treat them as host-tru
39SKILL.mdUpdated Jun 4, 2026