Files Are the New API — But Who's Checking the Files?

Source: Dev.to

Files as the New API

LLM context windows are ephemeral—they’re whiteboards that get erased after every session. Files solve this elegantly: write context to disk, read it back later. No API orchestration, no vendor lock‑in, no complex infrastructure.

• CLAUDE.md gives your agent project context.
• .cursorrules gives it coding preferences.
• aboutme.md gives it your identity.

Simple, portable, powerful.

Anthropic took this further with Agent Skills (SKILL.md), now adopted by Microsoft, OpenAI, GitHub, and Cursor. Write a skill once, use it everywhere. The file format is the API.

The Hidden Risk: Unsanitized Files

These files are unsanitized inputs to language models.

• A CLAUDE.md with a hidden prompt injection can hijack your coding agent.
• A persona file with embedded instructions can exfiltrate data.
• A shared skill file from an unknown author can contain anything.

ETH Zürich’s recent research found that context files can actually decrease task success rates and increase inference costs by 20 %+. Their conclusion wasn’t “don’t use files” — it was that poorly written context files make agents worse.

The Core Problem

Nobody’s checking the files.

SoulScan – Static Analysis for Agent Files

We built SoulScan — a static analysis engine for AI agent configuration files.

• 55+ security rules covering prompt injection detection, PII exposure, credential leakage, and structural quality.
• Think ESLint, but for your agent’s identity files.

If files are the new API, they need the same rigor we apply to any other API: validation, security scanning, and quality gates.

Soul Spec – Portable Agent Personas

Right now we have CLAUDE.md, AGENTS.md, .cursorrules, copilot-instructions.md, and more — all doing roughly the same thing with different names and no interoperability.

SKILL.md standardizes what agents can do. Soul Spec standardizes who agents are.

• Structured format: soul.json + SOUL.md + IDENTITY.md.
• Any framework can read it.
• Write your agent’s identity once, use it across every tool.

Swarm Memory – Distributed Sync for Files

The Unsolved Scenario

You have an AI agent on your laptop and another on your workstation. Both accumulate memory, preferences, and context in local files. How do you sync them?

• Copy‑paste? Breaks when both machines modify the same file.
• Cloud sync? Creates conflicts with no resolution strategy.
• Central database? Defeats the purpose of file‑based local‑first architecture.

This is a distributed systems problem disguised as a file‑management problem, compounded by encryption (sensitive data) and multi‑user collaboration (team sharing).

Our Solution

Swarm Memory provides:

• Git‑based distributed sync with semantic conflict detection.
• End‑to‑end encryption (using age).
• LLM‑assisted merge resolution.

Your agent’s files stay local, stay encrypted, and stay in sync. (Patent pending: KR 10‑2026‑0038525)

The Needed Stack

1. Portable identity standard – so agent personas move between tools (Soul Spec).
2. Security/quality scanner – so files are validated before they reach the model (SoulScan).
3. Distributed sync layer – so files work across machines and teams (Swarm Memory).

The file is the interface. What we build around the file determines whether AI agents become reliable teammates or unpredictable liabilities.

Call to Action

We’re building this stack at ClawSouls. Soul Spec is open, SoulScan is free for open‑source, and everything runs local‑first. If you’re working on similar problems, we’d love to hear from you.

Originally published at blog.clawsouls.ai