Skill Description Language (SDL) Overview
- Skill Description Language (SDL) is a family of formalisms that represent skills as explicit, machine-readable artifacts instead of informal descriptions.
- SDL approaches include ontology-based constraints in manufacturing, executable DSLs in robotics, and structured JSON representations in agent systems.
- Recent research emphasizes balancing high recall with precision and reinforces the need for robust security strategies against adversarial attacks.
Searching arXiv for recent and foundational papers on Skill Description Language and related structured skill representations. Skill Description Language (SDL) denotes a family of formalisms for representing skills as machine-usable artifacts rather than as purely informal prose. In the literature, the term does not refer to a single universally adopted standard. Instead, it spans ontology-based capability descriptions for flexible manufacturing, domain-specific and formal languages for robotic motor control and acting, typed intermediate representations for agent skills, and Datalog-style audit schemas for hybrid prose-and-code skill packages. Across these variants, the common objective is to make a skill explicit enough to support matching, planning, execution, verification, retrieval, or security analysis (Himmelhuber et al., 2021, Ingrand, 2024, Liang et al., 27 Apr 2026, Wen et al., 1 May 2026).
1. Terminological scope and conceptual boundaries
In current research, SDL is best understood as a concept class rather than a single specification. Some papers introduce explicit languages, such as PROSKILL for robotic acting and Semia’s Datalog-based SDL for agent-skill auditing. Others pursue SDL-like functionality without defining a new language, for example by representing skills as OWL class expressions in manufacturing or by structuring free-text skills against ESCO concepts. SSL similarly presents itself as a structured representation for agent skills, but explicitly not as a finished standard (Ingrand, 2024, Wen et al., 1 May 2026, Himmelhuber et al., 2021, Li et al., 2023, Liang et al., 27 Apr 2026).
| Domain | Representation | Status in the literature |
|---|---|---|
| Flexible production | OWL class expressions in Manchester syntax | SDL-like formalization of machine skills |
| Motor-skill robotics | High-level AMARSi DSL plus Component DSL and Graph DSL | Domain-specific language family |
| Robotic acting | PROSKILL | Formal skill language |
| Agent-skill structure | SSL typed JSON graph | Structured precursor, not a finished standard |
| Agent-skill auditing | Semia SDL as Datalog fact base | Custom audit language |
| Skill extraction and routing | ESCO mapping or natural-language descriptions | Adjacent to SDL, not a formal SDL |
A recurrent source of confusion is acronym overload. Outside skill-centric work, SDL also denotes the ITU Specification and Description Language used for formal validation of communicating systems, such as node monitoring protocols in mobile ad hoc networks. That usage is historically important but semantically distinct from skill-description formalisms for machines, robots, and agents (Giridharan et al., 2015).
2. Core representation paradigms
A first paradigm treats a skill as a logical description of capability constraints. In flexible production, a skill description is a set of OWL restrictions over materials, positions, orientations, and related ontology entities. The learning formulation combines log-derived individuals with ontology background knowledge into a knowledge base , and seeks a learned description drawn from a candidate set . The intended target is the manually authored , with candidate expressions written in Manchester syntax such as involvesMaterial only (MaterialProductBase or BottomPart1) (Himmelhuber et al., 2021).
A second paradigm treats a skill as an executable operational program with a formal semantics. PROSKILL follows this model. Its primitive objects are state variables, events, basic skills, and composite skills, and each source program is translated “fully, and unequivocally” into Fiacre and then TTS. The resulting formal model can be analyzed offline with TINA tools and executed online by Hippo, so the same specification supports programming, verification, and runtime execution (Ingrand, 2024).
A third paradigm treats skills as structured intermediate representations for large-scale agent systems. SSL defines a typed JSON graph with three linked levels—Scheduling, Structural, and Logical—formalized as . The scheduling layer captures intent signatures, inputs, outputs, dependencies, and control-flow features; the structural layer captures scenes and transitions; the logical layer captures atomic actions, effects, and resource use. Semia’s SDL is even more relational: it lifts a skill into Datalog facts such as skill(s), action(a, s), call(c, a, ε), call_input, call_output, barrier_gate, and doc_claim, enabling security properties to be expressed as reachability queries (Liang et al., 27 Apr 2026, Wen et al., 1 May 2026).
These paradigms differ in execution model, but they share a notable architectural tendency: the skill is decomposed into at least three kinds of information—interface or invocation conditions, internal structure or control flow, and concrete effects or constraints. This suggests that modern SDL research increasingly treats a skill as more than a label or short textual capability claim.
3. Ontology-based SDL in flexible production systems
In flexible production systems, formal skill descriptions are required so that planning systems can compare a product’s skill requirements with a machine’s skill offer. The difficulty is that these descriptions are often absent, incomplete, or implicit in engineering know-how, and manual creation is labor-intensive, error-prone, and dependent on substantial domain expertise. The ontology-based workflow in flexible manufacturing addresses this bottleneck by learning candidate formal constraints from production logs and industrial ontologies through inductive logic programming, more specifically class expression learning with DL-Learner and CELOE (Himmelhuber et al., 2021).
The workflow is explicitly divided into preprocessing, recommender, and postprocessing. Preprocessing converts production logs into individuals in a knowledge base and enriches them with ontology facts. The recommender generates ranked candidate class expressions from positive examples and background ontology knowledge. Postprocessing filters and validates these expressions according to completeness, accuracy, and human understandability. The system is therefore semi-automatic rather than end-to-end automatic: the domain expert selects a useful subset from the top 20 suggestions (Himmelhuber et al., 2021).
The paper’s running example, AssembleItemByModule1, uses a ground truth composed of three OWL-style constraints: material involved has to be MaterialProductBase or BottomPart; object has Position Parameter Position 1 or Position 2; and object has Orientation Parameter hundredeighty or zero. In the recommender list, the true constraints appear among the top suggestions, but many low-value candidates also appear, including overly generic expressions such as Thing and several involvesMaterial max 1 X variants. This illustrates the central trade-off: high recall can coexist with poor precision, preserving utility while retaining a strong requirement for human judgment (Himmelhuber et al., 2021).
The reported results over four skills are as follows:
| Skill | Recall | Precision |
|---|---|---|
| AssembleItemByModule1 | 1 | 0.15 |
| AssembleItemByModule2 | 0.67 | 0.10 |
| DismantleProductByModule3 | 1 | 0.10 |
| ChargeProductBaseByModule4 | 1 | 0.15 |
The authors interpret these results to mean that in three out of four cases all relevant class expressions were found within the top 20 suggestions, so no additional manual creation would be needed for completeness. Precision remains low because only a few of the 20 suggestions correspond to actual target constraints, but selecting 2–3 correct constraints from 20 suggestions is still easier than authoring the whole description from scratch. A major limitation is dependence on ontology quality: missing or incorrect background facts degrade the learned descriptions (Himmelhuber et al., 2021).
4. SDL-like representations in agent ecosystems: standardization, routing, and collision
In agent systems, natural-language skill descriptions often function as the routing interface by which planners or retrievers decide which skill should handle a query. Not all such systems define a formal SDL. SkillGPT is an important counterexample: it presents a RESTful API for skill extraction and standardization from free-style job descriptions and user profiles, but it does not define a new Skill Description Language. Its operational ontology is ESCO, with concept types Skill, Occupation, and Occupation group. The pipeline uses Vicuna-13B for summarization or skill distillation, then embeddings and vector similarity search over a precomputed ESCO index. The standardization step is retrieval-based rather than direct code generation, specifically to reduce hallucinated or non-existent taxonomy items (Li et al., 2023).
Enterprise agent routing exposes a different SDL-like problem: description quality itself becomes a systems bottleneck. Production work on skill-description optimization defines skill collision as the failure mode in which two skills with overlapping descriptions compete for the same query population. In a production enterprise group chat agent with 9 skills and 372 synthetic regression cases, an automated optimization pipeline reached 79.2% F1, essentially matching manually tuned descriptions at 79.4% F1; the average per-skill difference was , within a multi-seed noise floor. The same work reports a reduction in per-skill engineering effort from 120 minutes to 3.8 minutes, a 32 times speedup. Systematic ablation further shows that a single LLM rewrite using available false-positive and false-negative cases captures most of the available improvement, while iteration budget, feedback composition, dual editing, and training set size each affect final F1 by less than 0.5% (Zhou et al., 29 Jun 2026).
This line of work also distinguishes between overlapping descriptions and genuinely overlapping skill scopes. The former can be mitigated by text rewriting; the latter cannot. A large train-validation F1 gap is proposed as a diagnostic for the second case, indicating that architectural intervention rather than textual refinement may be required. This distinction is central for SDL design: a language can sharpen boundaries only when the underlying capability partition is itself coherent (Zhou et al., 29 Jun 2026).
5. Security and adversarial semantics of skill descriptions
Once skill descriptions are used directly for discovery or routing, they become an attack surface. In Internet of Agents systems, routing typically embeds a user query and a registry of skill descriptions 0 through an embedding function 1, computes scores 2, and selects the top-3 agents. The Skill Description Deception (SDD) attack exploits the assumption that descriptions faithfully reflect capabilities: a malicious agent rewrites its self-declared description to semantically resemble benign specialists in a target domain and thereby attract routing traffic (He et al., 11 May 2026).
The reported results are severe. Using 527 real-world tools or agents from LiveMCPBench plus 1 malicious agent, and 900 queries sampled from nine MMLU domains, the paper evaluates BM25, E5, BGE, Qwen Embedding 8B, and BCE. The strongest result is up to 98% attack success rate in the algebra domain under BGE. The paper also reports that its LLM-guided deceptive rewriting consistently outperforms simpler heuristics such as capability exaggeration, keyword stuffing, generic domain description, and impersonation (He et al., 11 May 2026).
Semia studies a complementary security problem: auditing hybrid agent skills whose structured half declares tools and parameters while the prose half specifies when and how those interfaces fire. Its SDL is a finite Datalog fact base over predicates such as action_trigger, call, call_target_trusted, secret_var, barrier_gate, and doc_claim. Security properties including Missing Human Gate, Unsanitized Context Ingestion, Secret Leakage, Confused Deputies, Behavior-Claim Contradiction, and Dormant Malicious Payload are reduced to Datalog reachability queries. Over 13,728 real-world skills from public marketplaces, Semia renders all of them auditable and reports that more than half carry at least one critical semantic risk. On a stratified sample of 541 expert-labeled skills, it achieves 97.7% recall and 90.6% F1, substantially outperforming signature-based scanners and LLM baselines; it also reports 17 critical exploitable zero-day vulnerabilities (Wen et al., 1 May 2026).
Taken together, these results establish a major shift in the role of SDL. Skill descriptions are not merely documentation. In open or weakly curated agent ecosystems they can act as control surfaces for routing, authorization, and sink exposure, and therefore require adversarially robust semantics rather than similarity-driven trust alone.
6. Robotics, executable skill languages, and structured skill knowledge
Robotics provides two of the clearest explicit SDL formulations. The AMARSi work defines a highest-level DSL for rich motor skill architectures as part of a modular language family. Its central concepts are Spaces, Adaptive Modules, Adaptive Components, and Mappings or Transformations. The DSL abstracts motor-control semantics for the architect, while a Component DSL handles software architecture and a Graph DSL handles visualization. The top-level language can generate GraphML visualizations and C++ code targeting the Compliant Control Architecture and Robot Control Interface libraries. Its case study remaps four originally incompatible motor-control blueprints into a common vocabulary, making similarities and differences identifiable (Nordmann et al., 2013).
PROSKILL addresses the acting layer of autonomous robots, situated between planning and the robotic platform. It supports refinement, local recovery, temporal dispatching, external asynchronous events, command execution, interrupt handling, and runtime verification. A basic skill can declare preconditions, invariants, start effects, a time interval, interrupt behavior, success modes, failure modes, and postconditions. Composite skills add sequencing, waiting, branching, loops, parallel branches, and interrupts. The same specification is compiled into Fiacre and then TTS, checked offline, and executed online on the robot. In the UAV survey-mission example, the generated model contains seven state-variable processes, ten event processes, six basic skills, one monitor, one composite skill, two parallel-branch processes, one watchdog, and one environment process, compiling to a TTS with 97 places and 153 transitions (Ingrand, 2024).
A more recent agent-oriented analogue is SSL, which is not introduced as a language for direct execution but as a source-grounded structured representation for text-heavy skill artifacts such as SKILL.md. SSL decomposes a skill into Scheduling, Structural, and Logical layers. Its scheduling layer exposes skill_goal, intent_signature, expected_inputs, expected_outputs, dependencies, and control_flow_features; its structural layer defines scenes with types such as PREPARE, ACQUIRE, REASON, [ACT](https://www.emergentmind.com/topics/attention-calibration-technique-act), VERIFY, RECOVER, and FINALIZE; and its logical layer uses restricted act_type values such as READ, SELECT, COMPARE, VALIDATE, INFER, WRITE, CALL_TOOL, and TERMINATE, together with explicit resource_scope fields (Liang et al., 27 Apr 2026).
SSL’s empirical evaluation indicates the practical value of explicit structure. In Skill Discovery over 6,184 skills and 403 queries, Desc_only yields MRR 0.573, whereas Desc + SSL-Rich yields 0.707. In Risk Assessment over 500 skills and six dimensions, full SKILL.md alone yields macro F1 0.744, while MD + SSL reaches 0.787. The authors explicitly caution, however, that SSL should be understood as a practical step toward more inspectable and reusable skill representations rather than as a finished standard or an end-to-end execution language (Liang et al., 27 Apr 2026).
A plausible implication, rather than an explicit claim, is that learned latent skill vocabularies may eventually intersect with explicit SDL design. LISA learns a finite codebook of discrete skill codes from language-conditioned demonstrations, and these codes are reported to be highly correlated with language instructions and induced behaviors. Because they can be composed for unseen long-range instructions, they function somewhat like a latent skill lexicon, even though the paper does not present them as a formal SDL (Garg et al., 2022).
7. Evaluation criteria, recurrent limitations, and research directions
SDL research is evaluated against very different criteria depending on the role assigned to the skill artifact. In manufacturing, the operative measures are recall and precision over recovered logical constraints rather than predictive accuracy over unseen instances, because the goal is concise and complete planning-compatible descriptions rather than general classification (Himmelhuber et al., 2021). In agent-skill retrieval and review, SSL is evaluated by MRR and macro F1 improvements over text baselines (Liang et al., 27 Apr 2026). In enterprise routing, the main metric is routing F1 over skill-selection decisions, together with operational cost and regression stability (Zhou et al., 29 Jun 2026). In adversarial routing, the emphasis is attack success rate, Hit@K, and mean rank (He et al., 11 May 2026). In auditing, Semia reduces evaluation to detector precision, recall, and F1 over expert-labeled skill corpora (Wen et al., 1 May 2026).
Several limitations recur across otherwise dissimilar SDL variants. First, representation quality depends strongly on background structure. In ontology-based manufacturing SDL, poor ontologies degrade learned constraints (Himmelhuber et al., 2021). In SkillGPT, summarizing an entire document into one text can lose subtle skills, non-English performance is weaker, and generation randomness affects stability (Li et al., 2023). In production description optimization, rewriting cannot solve genuinely overlapping intended scopes (Zhou et al., 29 Jun 2026). In SSL, static artifacts may understate risks when semantics depend on generated code or runtime behavior rather than directly observable skill text (Liang et al., 27 Apr 2026). In Semia, synthesis fidelity and third-party surface inlining bound the accuracy of downstream auditing (Wen et al., 1 May 2026).
A second recurrent theme is that the most useful SDL is not necessarily the most verbose one. The manufacturing pipeline limits experts to the top 20 candidate expressions for usability (Himmelhuber et al., 2021). SkillGPT deliberately uses summarization followed by retrieval rather than direct generative standardization (Li et al., 2023). Production description optimization finds that a single rewrite often suffices (Zhou et al., 29 Jun 2026). SSL uses closed vocabularies and conservative source-grounded normalization rules, preferring empty or coarse values over hallucinated detail (Liang et al., 27 Apr 2026). Semia similarly constrains synthesis through structural invariants and a coverage-based fidelity threshold (Wen et al., 1 May 2026).
The literature therefore points toward a relatively consistent research agenda. SDLs are moving away from free-form capability blurbs and toward representations that separate invocation conditions, structural phases, and effect-level evidence; support both automation and human inspection; and remain auditable under adversarial conditions. What remains unsettled is standardization itself. The current record suggests not convergence on one universal Skill Description Language, but the emergence of a shared design space in which logical constraints, executable control structure, typed metadata, and security-relevant semantics are becoming first-class components of skill representation.