Encryption & IP Protection

Your Skill logic is your core asset. OpenClacky's encryption ensures it cannot be reverse-engineered or copied.

How Encryption Works

The heart of a Skill is SKILL.md — your methodology, workflow, and prompts live there.

Unencrypted Skill (open-source mode): Anyone can read SKILL.md and copy your design.

Encrypted Skill: SKILL.md is compiled into SKILL.md.enc — a binary file encrypted with your License Key. The client's Clacky decrypts it locally at runtime, but the plaintext is never stored on the client's machine.

What Does Encryption Protect?

✅ Prompt wording and structure

✅ Workflow logic and decision rules

✅ Your accumulated professional heuristics

✅ Tool call sequences and parameters

❌ Skill name and description (visible to users for marketplace display)

How to Encrypt

openclacky

# Encrypt a Skill directory
/encrypt ./my-skill

# Output:
# ✅ SKILL.md.enc generated successfully
# Your original SKILL.md stays local — never uploaded

Only the .enc file is uploaded to OpenClacky. Your original SKILL.md never leaves your machine — even the platform can't read it.

License Binding

Every encrypted Skill is tied to a License Key:

  1. Client purchases → receives a unique License Key
  2. Client activates → Clacky verifies Key validity with the server
  3. Runtime decryption → Skill executes locally; decryption happens in memory only
  4. Expiry / revocation → Next startup validation fails; Skill stops working

When Does a License Become Invalid?

  • License expired (based on your configured duration)
  • License revoked (you manually revoke, e.g., for a refund)
  • Device anomaly (same Key used on too many devices triggers protection)

Offline Grace Period

Clacky supports offline work with a 3-day grace period for license validation. Even without network access, clients can continue using their Skills for up to 3 days before re-verification is required.

Brand Customization
Publish to Marketplace