Install Extensions
Install, discover, enable, disable, update, and inspect AGH extensions from local directories or configured registries.
- Audience
- Operators running durable agent work
- Focus
- Extensions guidance shaped for scanability, day-two clarity, and operator context.
Extensions are installable packages that add static resources or runtime capabilities to AGH. An extension can bundle skills, agent definitions, hooks, bundles, MCP servers, bridge adapters, memory backends, and subprocess services.
AGH stores installed extensions in the global registry and copies managed installs into
<AGH_HOME>/extensions/<name>.
Extension lifecycle is agent-manageable. The agh__extensions toolset and the parallel
agh extension CLI reach the same registry, marketplace, install, update, remove, enable, and
disable services:
| Action | Tool | CLI |
|---|---|---|
| Search marketplace | agh__extensions_search | agh extension search |
| List installed | agh__extensions_list | agh extension list |
| Inspect one | agh__extensions_info | agh extension status |
| Install | agh__extensions_install | agh extension install |
| Update | agh__extensions_update | agh extension update |
| Remove | agh__extensions_remove | agh extension remove |
| Enable / disable | agh__extensions_enable/_disable | agh extension enable/disable |
Tool mutations require approval and pass through the same source-trust filter as the CLI.
Deterministic denials include EXTENSION_SOURCE_FORBIDDEN, EXTENSION_APPROVAL_REQUIRED,
EXTENSION_NOT_INSTALLED, and EXTENSION_VALIDATION_FAILED. Marketplace trust roots and raw
marketplace credentials stay on operator surfaces and are not exposed as tool inputs.
Install From A Local Directory
A local extension directory must contain extension.toml or extension.json.
prompt-enhancer/
extension.toml
package.json
dist/
index.jsInstall it:
agh extension install ./prompt-enhancerIf the daemon is running, the CLI sends the path and checksum to the daemon over UDS. The daemon copies the directory into the managed extension root, persists the registry row, reloads extensions, rebuilds hooks, reconciles bundles, and returns the current status.
If the daemon is not running, the CLI writes the local registry directly. The extension is discovered on the next daemon start.
Declare Required Environment
Extensions that need process environment variables declare the variable names in their manifest:
[extension]
name = "daytona"
version = "1.2.3"
min_agh_version = "0.5.0"
requires_env = ["DAYTONA_API_KEY", "DAYTONA_ORGANIZATION_ID"]AGH validates requires_env as environment variable names during install and status loading.
Diagnostics report only names, never values. If a required variable is unset or empty,
agh extension list, agh extension status, the API, and the settings page surface it through
missing_env.
List And Inspect Installed Extensions
agh extension list
agh extension status prompt-enhancerstatus returns both registry and runtime information:
| Field | Meaning |
|---|---|
name, version, source | Registry identity and install source. |
type | resource when no subprocess is required; subprocess when runtime capabilities, actions, or subprocess command exist. |
enabled | Registry flag. Disabled extensions are skipped by the manager. |
state | disabled, enabled, registered, active, or error. |
health | unknown, healthy, or unhealthy. |
capabilities, actions | Manifest-declared provide surfaces and Host API methods. |
requires_env | Manifest-declared environment variable names required by the extension. |
missing_env | Required environment variable names that are unset or empty in the current AGH process environment. |
bundles | Bundle summaries packaged by the extension. |
list and status use the daemon when it is running and fall back to the local registry when it is
offline.
Enable Or Disable
agh extension disable prompt-enhancer
agh extension enable prompt-enhancerWhen the daemon is running, enable and disable reload the extension manager, rebuild the hook registry, and reconcile bundles. When the daemon is offline, the commands update the registry flag; the next daemon start applies the new state.
Disabling is rejected while the extension has active bundle activations. Remove or deactivate those bundle activations first, then disable the extension.
Remove An Extension
agh extension remove prompt-enhancerRemoval deletes the managed install directory and registry row with rollback handling. Like disable, removal is rejected while active bundle activations still depend on the extension.
Configure Marketplace Installs
Marketplace settings live under [extensions.marketplace]:
[extensions.marketplace]
registry = "github"
# Optional. Empty uses the GitHub API default.
base_url = "https://api.github.com"registry = "github" is the only accepted registry value today. base_url may use https or
http; http logs an insecure-scheme warning. The GitHub client also reads GITHUB_TOKEN from the
daemon or CLI environment for authenticated release access.
Search Marketplace Sources
The CLI exposes a search command:
agh extension search prompt --limit 20Current caveat: the built-in GitHub registry source supports release lookup and download, but it does not implement full-text search. A GitHub-only marketplace configuration can install a known slug, but search may return no results until a searchable source is configured.
Use --from when multiple marketplace sources exist:
agh extension search bridge --from githubInstall From A Registry
Install a known marketplace slug:
agh extension install owner/repoInstall a specific version or asset:
agh extension install owner/repo --version v0.3.1
agh extension install owner/repo --asset agh-extension-linux-amd64.tar.gzRegistry flags are valid only for registry installs. If the argument is an existing local directory,
--from, --version, and --asset are rejected.
Marketplace install flow:
- AGH downloads the release archive into a staging directory.
- The installer extracts the archive and locates
extension.toml. - The installer accepts a manifest at archive root or inside one top-level directory.
- AGH validates the manifest and computes the install checksum.
- AGH moves the package to
<AGH_HOME>/extensions/<name>. - AGH persists registry metadata: source tier
marketplace, slug, registry name, and remote version.
Managed installs do not allow runtime dependency symlinks to escape the extracted extension root.
If a packaged node_modules or runtime dependency symlink resolves outside that root, installation
fails instead of copying content from the host filesystem.
After install, restart the daemon to activate the new extension if it is already running.
Check For Updates
Check one marketplace extension:
agh extension update prompt-enhancer --checkUpdate one marketplace extension:
agh extension update prompt-enhancerCheck or update all marketplace-installed extensions:
agh extension update --all --check
agh extension update --allUpdate only works for extensions installed from a registry with slug metadata. Local extensions are not update targets. A successful update replaces the managed install directory, updates the registry row, and prints a restart message.
Source Tiers And Marketplace Security
Extensions have one source tier:
| Source | Typical origin | Capability policy |
|---|---|---|
bundled | Built into AGH | Trusted tier. |
user | Locally installed user package | Trusted tier. |
workspace | Workspace-owned package | Trusted tier. |
marketplace | Registry install | Restricted tier. |
Trusted tiers receive the actions and security grants requested by their manifests. Marketplace
extensions are constrained to a read-oriented ceiling: memory.read, observe.read, session.read,
skills.read, and tool.read. Host API actions are filtered to methods whose required capability
fits that ceiling.
Troubleshooting
| Symptom | Cause | Fix |
|---|---|---|
extensions marketplace is not configured | [extensions.marketplace] is absent or empty. | Add registry = "github" or install from a local path. |
extensions.marketplace.registry must be "github" | Unsupported registry value. | Use github. |
Extension appears as enabled but not active | Daemon is offline, disabled, or runtime failed before activation. | Start the daemon and inspect agh extension status <name>. |
| Disable/remove returns a conflict | Active bundle activations depend on the extension. | Remove or deactivate those bundle activations first. |
| Registry install succeeds but does not activate | Marketplace install wrote local registry state while daemon was already running. | Restart the daemon to load the new package. |
Related references: