RigBundle
File: .rigbundle archive
A portable archive that bundles a RigSpec plus all vendored AgentSpecs into a single shareable file. Machine-to-machine portability with integrity verification.
What a bundle contains
Inside a .rigbundle
A .rigbundle is a tar.gz archive. Here's what an adversarial review bundle looks like unpacked:
The manifest
# bundle.yaml
schema_version: 2
name: adversarial-review
version: "1.0.0"
created_at: "2026-04-01T12:00:00Z"
rig_spec: rig.yaml
culture_file: culture.md
agents:
- name: reviewer
version: "1.0.0"
path: agents/reviewer
original_ref: "local:agents/reviewer"
hash: "a1b2c3d4..."
import_entries: []
- name: orchestrator
version: "1.0.0"
path: agents/orchestrator
original_ref: "local:agents/orchestrator"
hash: "e5f6a7b8..."
import_entries: []
integrity:
algorithm: sha256
files:
rig.yaml: "abc123..."
agents/reviewer/agent.yaml: "345678..."
# ... every file checksummedWhy bundles exist
A RigSpec references AgentSpecs by local path. If you send just the spec to another machine, it can't resolve those references. A bundle vendors everything — the recipient doesn't need to find external files.
Harness frameworks like G-Stack or GSD are just folders of files. Turn them into a multi-harness topology and share the whole thing as a rig bundle. Anyone can import it and boot it.
The topology definition with agent_ref values rewritten to bundle-local paths.
All referenced AgentSpecs with their full resource trees — skills/, guidance/, hooks/, startup files.
Rewriting—agent_ref: local:agents/reviewer becomes agent_ref: bundled:reviewerIncludes—All files referenced by the spec: SKILL.md files, guidance docs, hook scripts, startup templates.bundle.yaml manifest with per-file SHA-256 checksums. Verified on import — any tampering is caught.