@aikdna/kdna-cli 0.17.0 → 0.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +120 -101
- package/SECURITY.md +1 -1
- package/package.json +6 -4
- package/skills/kdna-loader/SKILL.md +23 -22
- package/src/agent.js +290 -159
- package/src/cli.js +117 -67
- package/src/cmds/_common.js +40 -18
- package/src/cmds/badge.js +14 -9
- package/src/cmds/changelog.js +32 -12
- package/src/cmds/cluster.js +80 -85
- package/src/cmds/doctor.js +10 -27
- package/src/cmds/domain.js +114 -427
- package/src/cmds/explain.js +119 -0
- package/src/cmds/governance.js +111 -42
- package/src/cmds/legacy.js +8 -9
- package/src/cmds/license.js +491 -26
- package/src/cmds/quality.js +10 -3
- package/src/cmds/registry.js +15 -67
- package/src/cmds/studio.js +99 -47
- package/src/cmds/test.js +9 -6
- package/src/cmds/trace.js +11 -7
- package/src/compare.js +41 -22
- package/src/diff.js +38 -24
- package/src/identity.js +9 -7
- package/src/init.js +2 -2
- package/src/install.js +147 -459
- package/src/loader.js +10 -10
- package/src/package-store.js +232 -0
- package/src/paths.js +44 -0
- package/src/publish.js +150 -51
- package/src/registry.js +81 -9
- package/src/setup.js +19 -20
- package/src/verify.js +293 -140
- package/src/version.js +15 -7
- package/templates/minimal-domain/kdna.json +7 -7
- package/templates/standard-domain/README.md +10 -10
- package/templates/standard-domain/kdna.json +7 -3
- package/validators/kdna-lint.js +45 -11
- package/src/cmds/encrypt.js +0 -199
package/README.md
CHANGED
|
@@ -1,14 +1,18 @@
|
|
|
1
1
|
# @aikdna/kdna-cli
|
|
2
2
|
|
|
3
|
+
> **KDNA Ecosystem:** [`kdna`](https://github.com/aikdna/kdna) — the protocol. [KDNAChat](https://github.com/AhaSparkCoach/kdnachat) — the consumption client. [KDNaStudio](https://github.com/AhaSparkCoach/kdnastudio) — the authoring tool. [KDNAWork](https://github.com/AhaSparkCoach/kdnawork) — the workbench. **You are here → kdna-cli** — the toolchain. [Registry](https://github.com/aikdna/kdna-registry) — the catalog.
|
|
4
|
+
|
|
5
|
+
**Role**: kdna-cli is the **runtime control plane** — the official reference implementation for domain validation, loading, packaging, comparison, and agent-facing runtime workflows. It bridges Studio output to Chat/Work consumption.
|
|
6
|
+
|
|
3
7
|
**KDNA CLI is the official open-source reference implementation for KDNA validation, loading, packaging, comparison, registry access, and agent-facing runtime workflows.**
|
|
4
8
|
|
|
5
9
|
It is the runtime control plane for loading, validating, composing, testing, and governing domain judgment for AI agents.
|
|
6
10
|
|
|
7
11
|
KDNA CLI 是 KDNA 验证、加载、打包、比较、注册表访问和 Agent 运行时工作流的官方开源参考实现,也是 AI Agent 加载、验证、组合、测试和治理领域判断的运行控制平面。
|
|
8
12
|
|
|
9
|
-
The CLI is how a KDNA
|
|
13
|
+
The CLI is how a KDNA domain judgment package becomes usable by agents. It installs KDNA domains, verifies their structure and trust metadata, loads them into agent-readable form, compares judgment paths with and without KDNA, and records traces for audit.
|
|
10
14
|
|
|
11
|
-
KDNA CLI
|
|
15
|
+
KDNA CLI 让一个领域判断资产真正被 Agent 使用。它负责安装 KDNA、验证结构与信任信息、把 KDNA 转换成 Agent 可加载的形式、对比加载前后的判断路径,并记录可审计的使用痕迹。
|
|
12
16
|
|
|
13
17
|
Part of the [KDNA](https://github.com/aikdna/kdna) ecosystem.
|
|
14
18
|
|
|
@@ -30,109 +34,122 @@ kdna compare @aikdna/writing --input "help me improve this post"
|
|
|
30
34
|
kdna doctor --agents
|
|
31
35
|
```
|
|
32
36
|
|
|
33
|
-
## Commands
|
|
37
|
+
## The 6 Commands You Actually Need
|
|
38
|
+
|
|
39
|
+
| Command | What it does |
|
|
40
|
+
| ------------------------------------- | -------------------------------------------------- |
|
|
41
|
+
| `kdna setup` | Initialize ~/.kdna, install the agent skill loader |
|
|
42
|
+
| `kdna install <domain>` | Install a domain from the registry |
|
|
43
|
+
| `kdna list` | Show installed domains with quality info |
|
|
44
|
+
| `kdna verify <domain>` | 3-layer check: structure + trust + judgment |
|
|
45
|
+
| `kdna compare <domain> --input "..."` | Compare with/without KDNA judgment |
|
|
46
|
+
| `kdna doctor --agents` | Check agent integration health |
|
|
47
|
+
|
|
48
|
+
## All Commands by Role
|
|
34
49
|
|
|
35
50
|
### Domain Authoring
|
|
36
51
|
|
|
37
|
-
| Command
|
|
38
|
-
|
|
39
|
-
| `kdna init <name>`
|
|
40
|
-
| `kdna validate <path>`
|
|
41
|
-
| `kdna
|
|
42
|
-
| `kdna
|
|
43
|
-
| `kdna
|
|
44
|
-
| `kdna
|
|
45
|
-
| `kdna inspect <
|
|
46
|
-
| `kdna publish <path>`
|
|
47
|
-
| `kdna publish --check <path>`
|
|
48
|
-
| `kdna version bump <level> [path]` | Beta
|
|
52
|
+
| Command | Status | Description |
|
|
53
|
+
| ---------------------------------- | ------------ | ----------------------------------------------- |
|
|
54
|
+
| `kdna init <name>` | Beta | Scaffold a new domain from template |
|
|
55
|
+
| `kdna dev validate <path>` | Stable | Validate a non-canonical dev source directory |
|
|
56
|
+
| `kdna dev pack <path>` | Beta | Build a dev source directory into a .kdna asset |
|
|
57
|
+
| `kdna dev unpack <file>` | Beta | Unpack .kdna into a dev source directory |
|
|
58
|
+
| `kdna dev inspect <path>` | Beta | Inspect a non-canonical dev source directory |
|
|
59
|
+
| `kdna dev card <path>` | Beta | Display KDNA Card from a dev source directory |
|
|
60
|
+
| `kdna inspect <file.kdna>` | Beta | Inspect a .kdna asset |
|
|
61
|
+
| `kdna publish <path>` | Experimental | Pack + sign + publish to registry |
|
|
62
|
+
| `kdna publish --check <path>` | Experimental | Quality gate check only |
|
|
63
|
+
| `kdna version bump <level> [path]` | Beta | Bump domain version |
|
|
49
64
|
|
|
50
65
|
### Agent Runtime
|
|
51
66
|
|
|
52
|
-
| Command
|
|
53
|
-
|
|
54
|
-
| `kdna available [--json]`
|
|
55
|
-
| `kdna match "<task>" [--json]`
|
|
56
|
-
| `kdna load <name> [--as=prompt\|json\|raw]` | Beta
|
|
57
|
-
| `kdna postvalidate <name> --output <file>`
|
|
67
|
+
| Command | Status | Description |
|
|
68
|
+
| ------------------------------------------------------ | ------ | --------------------------------------- |
|
|
69
|
+
| `kdna available [--json]` | Beta | List installed domains with v2.1 fields |
|
|
70
|
+
| `kdna match "<task>" [--json]` | Beta | Signal matching — find relevant domains |
|
|
71
|
+
| `kdna load <name\|file.kdna> [--as=prompt\|json\|raw]` | Beta | Emit asset in agent-ready format |
|
|
72
|
+
| `kdna postvalidate <name> --output <file>` | Beta | Post-generation judgment check |
|
|
58
73
|
|
|
59
74
|
### Testing & Verification
|
|
60
75
|
|
|
61
|
-
| Command
|
|
62
|
-
|
|
63
|
-
| `kdna verify <name>`
|
|
64
|
-
| `kdna compare <name> --input "..."`
|
|
65
|
-
| `kdna compare <name> --input "..." --report-md`
|
|
66
|
-
| `kdna compare <name> --input "..." --report-json` | Beta
|
|
67
|
-
| `kdna diff <name>@<v1> <name>@<v2>`
|
|
76
|
+
| Command | Status | Description |
|
|
77
|
+
| ------------------------------------------------------------ | ------ | ------------------------------------- |
|
|
78
|
+
| `kdna verify <name\|file.kdna>` | Beta | 3-layer: structure + trust + judgment |
|
|
79
|
+
| `kdna compare <name\|file.kdna> --input "..."` | Beta | With/without KDNA reasoning diff |
|
|
80
|
+
| `kdna compare <name\|file.kdna> --input "..." --report-md` | Beta | Markdown report with scoring |
|
|
81
|
+
| `kdna compare <name\|file.kdna> --input "..." --report-json` | Beta | JSON report with scoring |
|
|
82
|
+
| `kdna diff <name>@<v1> <name>@<v2>` | Beta | Judgment-level diff between versions |
|
|
68
83
|
|
|
69
84
|
### Diagnostics & Trace
|
|
70
85
|
|
|
71
|
-
| Command
|
|
72
|
-
|
|
73
|
-
| `kdna doctor`
|
|
74
|
-
| `kdna doctor --agents`
|
|
75
|
-
| `kdna doctor --json`
|
|
76
|
-
| `kdna trace`
|
|
77
|
-
| `kdna trace --json`
|
|
78
|
-
| `kdna trace --export <file>`
|
|
79
|
-
| `kdna trace --since 7d\|30d\|90d` | Experimental | Filter by time range
|
|
80
|
-
| `kdna history`
|
|
81
|
-
| `kdna history --stats`
|
|
82
|
-
| `kdna history --domain <name>`
|
|
86
|
+
| Command | Status | Description |
|
|
87
|
+
| --------------------------------- | ------------ | ------------------------------------------------------------- |
|
|
88
|
+
| `kdna doctor` | Beta | System health check |
|
|
89
|
+
| `kdna doctor --agents` | Beta | Agent integration check (Codex/Claude/OpenCode/Cursor/Gemini) |
|
|
90
|
+
| `kdna doctor --json` | Beta | Machine-readable health report |
|
|
91
|
+
| `kdna trace` | Experimental | View recent load/postvalidate traces |
|
|
92
|
+
| `kdna trace --json` | Experimental | Machine-readable trace output |
|
|
93
|
+
| `kdna trace --export <file>` | Experimental | Export traces for audit |
|
|
94
|
+
| `kdna trace --since 7d\|30d\|90d` | Experimental | Filter by time range |
|
|
95
|
+
| `kdna history` | Experimental | Recent domain usage (last 20) |
|
|
96
|
+
| `kdna history --stats` | Experimental | Aggregate by domain and agent |
|
|
97
|
+
| `kdna history --domain <name>` | Experimental | Filter by domain |
|
|
83
98
|
|
|
84
99
|
### License & Authorization
|
|
85
100
|
|
|
86
|
-
| Command
|
|
87
|
-
|
|
88
|
-
| `kdna license generate <domain> --to <email>`
|
|
89
|
-
| `kdna license install <license.json>`
|
|
90
|
-
| `kdna license
|
|
91
|
-
| `kdna license
|
|
92
|
-
| `kdna license
|
|
101
|
+
| Command | Status | Description |
|
|
102
|
+
| ----------------------------------------------------------- | ------------ | -------------------------------------------------------------- |
|
|
103
|
+
| `kdna license generate <domain> --to <email>` | Experimental | Generate signed license |
|
|
104
|
+
| `kdna license install <license.json>` | Experimental | Register license for auto-decrypt |
|
|
105
|
+
| `kdna license activate <domain> --key <key> --server <url>` | Experimental | Activate a license from entitlement source |
|
|
106
|
+
| `kdna license sync [domain] [--server <url>]` | Experimental | Refresh entitlement and revocation status |
|
|
107
|
+
| `kdna license verify <license.json>` | Experimental | Verify license signature and validity |
|
|
108
|
+
| `kdna license bind <license.json>` | Experimental | Bind license to this machine |
|
|
109
|
+
| `kdna license show <license.json>` | Experimental | Display license details |
|
|
110
|
+
| `kdna license status [domain] [--json]` | Experimental | Show installed license activation status without exposing keys |
|
|
93
111
|
|
|
94
112
|
### Cluster Composition
|
|
95
113
|
|
|
96
|
-
| Command
|
|
97
|
-
|
|
114
|
+
| Command | Status | Description |
|
|
115
|
+
| -------------------------- | ------- | ------------------------- |
|
|
98
116
|
| `kdna cluster lint <path>` | Planned | Validate cluster manifest |
|
|
99
117
|
|
|
100
118
|
### Registry & Distribution
|
|
101
119
|
|
|
102
|
-
| Command
|
|
103
|
-
|
|
104
|
-
| `kdna install <name>`
|
|
105
|
-
| `kdna install
|
|
106
|
-
| `kdna
|
|
107
|
-
| `kdna
|
|
108
|
-
| `kdna
|
|
109
|
-
| `kdna
|
|
110
|
-
| `kdna
|
|
111
|
-
| `kdna
|
|
112
|
-
| `kdna registry refresh` | Beta | Refresh registry cache |
|
|
120
|
+
| Command | Status | Description |
|
|
121
|
+
| ------------------------- | ------ | ------------------------------------- |
|
|
122
|
+
| `kdna install <name>` | Beta | Install domain from registry |
|
|
123
|
+
| `kdna install file.kdna` | Beta | Install from local .kdna asset |
|
|
124
|
+
| `kdna remove <name>` | Beta | Uninstall a domain |
|
|
125
|
+
| `kdna update <name>` | Beta | Update installed domain |
|
|
126
|
+
| `kdna info <name>` | Beta | Show domain metadata and trust status |
|
|
127
|
+
| `kdna list [--available]` | Beta | List installed or available domains |
|
|
128
|
+
| `kdna search <keyword>` | Beta | Search registry |
|
|
129
|
+
| `kdna registry refresh` | Beta | Refresh registry cache |
|
|
113
130
|
|
|
114
131
|
### Identity & Signing
|
|
115
132
|
|
|
116
|
-
| Command
|
|
117
|
-
|
|
118
|
-
| `kdna identity init`
|
|
119
|
-
| `kdna identity show`
|
|
120
|
-
| `kdna identity export [--out]` | Experimental | Backup private key (encrypted)
|
|
121
|
-
| `kdna identity import <file>`
|
|
133
|
+
| Command | Status | Description |
|
|
134
|
+
| ------------------------------ | ------------ | ------------------------------- |
|
|
135
|
+
| `kdna identity init` | Experimental | Generate Ed25519 signing key |
|
|
136
|
+
| `kdna identity show` | Experimental | Display public key and buyer ID |
|
|
137
|
+
| `kdna identity export [--out]` | Experimental | Backup private key (encrypted) |
|
|
138
|
+
| `kdna identity import <file>` | Experimental | Restore identity from backup |
|
|
122
139
|
|
|
123
140
|
### Setup
|
|
124
141
|
|
|
125
|
-
| Command
|
|
126
|
-
|
|
127
|
-
| `kdna setup` | Beta
|
|
142
|
+
| Command | Status | Description |
|
|
143
|
+
| ------------ | ------ | ------------------------------------------ |
|
|
144
|
+
| `kdna setup` | Beta | One-command setup: CLI + skill + data root |
|
|
128
145
|
|
|
129
146
|
---
|
|
130
147
|
|
|
131
148
|
## SPEC Compatibility
|
|
132
149
|
|
|
133
|
-
KDNA CLI follows the canonical KDNA
|
|
150
|
+
KDNA CLI follows the canonical KDNA asset structure defined in [`aikdna/kdna`](https://github.com/aikdna/kdna).
|
|
134
151
|
|
|
135
|
-
A valid KDNA domain is a
|
|
152
|
+
A valid KDNA domain is a `.kdna` asset. The internal tree of that asset may include up to six standard KDNA judgment files:
|
|
136
153
|
|
|
137
154
|
- `KDNA_Core.json`
|
|
138
155
|
- `KDNA_Patterns.json`
|
|
@@ -141,18 +158,20 @@ A valid KDNA domain is a lowercase `snake_case` folder. A complete domain may in
|
|
|
141
158
|
- `KDNA_Reasoning.json`
|
|
142
159
|
- `KDNA_Evolution.json`
|
|
143
160
|
|
|
144
|
-
The minimum valid
|
|
161
|
+
The minimum valid `.kdna` asset requires these internal entries:
|
|
145
162
|
|
|
146
163
|
- `KDNA_Core.json`
|
|
147
164
|
- `KDNA_Patterns.json`
|
|
148
165
|
|
|
149
|
-
Each file must include `meta.version`, `meta.domain`, `meta.created`, `meta.purpose`, and `meta.load_condition`.
|
|
166
|
+
Each KDNA judgment file must include `meta.version`, `meta.domain`, `meta.created`, `meta.purpose`, and `meta.load_condition`.
|
|
167
|
+
|
|
168
|
+
Source directories are dev-only authoring workspaces. Public install, inspect, verify, load, compare, and agent-facing commands consume `.kdna` assets or installed asset names, not source directories.
|
|
150
169
|
|
|
151
170
|
---
|
|
152
171
|
|
|
153
172
|
## Default Registry
|
|
154
173
|
|
|
155
|
-
By default, KDNA CLI uses the official KDNA registry. Users may override
|
|
174
|
+
By default, KDNA CLI uses the official KDNA registry. Registry schema v3 is asset-first: installable entries must publish `asset_url`, `asset_digest`, signature metadata, trust snapshot/timestamp metadata, and revocations. Expired, yanked, revoked, or digest-mismatched assets are rejected. Users may override the registry with `KDNA_REGISTRY_URL`.
|
|
156
175
|
|
|
157
176
|
```bash
|
|
158
177
|
# Use the official registry (default)
|
|
@@ -178,33 +197,33 @@ Commercial or hosted layers may include:
|
|
|
178
197
|
- Team collaboration in KDNA Studio
|
|
179
198
|
- Licensed/private judgment asset distribution
|
|
180
199
|
|
|
181
|
-
KDNA supports both open judgment assets and licensed/private judgment assets. Open
|
|
200
|
+
KDNA supports both open judgment assets and licensed/private judgment assets. Open assets remain the default path for community adoption. Licensed assets still use the `.kdna` extension; protected entries are decrypted only in memory after local license activation.
|
|
182
201
|
|
|
183
|
-
KDNA
|
|
202
|
+
KDNA 同时支持开放判断资产和授权/私有判断资产。开放资产是社区采用的默认路径;授权资产仍然使用 `.kdna` 后缀,受保护条目只会在本地 license activation 通过后以内存方式解密。
|
|
184
203
|
|
|
185
204
|
---
|
|
186
205
|
|
|
187
206
|
## Environment Variables
|
|
188
207
|
|
|
189
|
-
| Variable
|
|
190
|
-
|
|
191
|
-
| `KDNA_AGENT`
|
|
192
|
-
| `KDNA_REGISTRY_URL` | Override canonical registry URL
|
|
193
|
-
| `KDNA_IDENTITY_DIR` | Override identity key directory
|
|
208
|
+
| Variable | Purpose |
|
|
209
|
+
| ------------------- | --------------------------------------------------------------------------- |
|
|
210
|
+
| `KDNA_AGENT` | Override agent name in trace logs (e.g. `claude_code`, `codex`, `opencode`) |
|
|
211
|
+
| `KDNA_REGISTRY_URL` | Override canonical registry URL |
|
|
212
|
+
| `KDNA_IDENTITY_DIR` | Override identity key directory |
|
|
194
213
|
|
|
195
214
|
## Exit Codes
|
|
196
215
|
|
|
197
|
-
| Code | Name
|
|
198
|
-
|
|
199
|
-
| 0
|
|
200
|
-
| 1
|
|
201
|
-
| 2
|
|
202
|
-
| 3
|
|
203
|
-
| 4
|
|
204
|
-
| 5
|
|
205
|
-
| 6
|
|
206
|
-
| 7
|
|
207
|
-
| 8
|
|
216
|
+
| Code | Name | Meaning |
|
|
217
|
+
| ---- | ------------------------- | -------------------------------------------------- |
|
|
218
|
+
| 0 | `OK` | Success |
|
|
219
|
+
| 1 | `VALIDATION_FAILED` | Structure or schema validation failed |
|
|
220
|
+
| 2 | `INPUT_ERROR` | Invalid input, missing argument, not found |
|
|
221
|
+
| 3 | `TRUST_FAILED` | Signature or trust verification failed |
|
|
222
|
+
| 4 | `JUDGMENT_QUALITY_FAILED` | Judgment governance fields missing or insufficient |
|
|
223
|
+
| 5 | `REGISTRY_ERROR` | Registry lookup or network error |
|
|
224
|
+
| 6 | `PROVIDER_ERROR` | LLM provider (API key, rate limit) error |
|
|
225
|
+
| 7 | `POLICY_VIOLATION` | Publishing or governance policy violation |
|
|
226
|
+
| 8 | `HUMAN_LOCK_REQUIRED` | Human lock required but not present |
|
|
208
227
|
|
|
209
228
|
## JSON Output
|
|
210
229
|
|
|
@@ -221,15 +240,15 @@ kdna license verify --json <file>
|
|
|
221
240
|
|
|
222
241
|
## Product Matrix
|
|
223
242
|
|
|
224
|
-
| Layer
|
|
225
|
-
|
|
226
|
-
| Protocol
|
|
227
|
-
| Core Library | @aikdna/kdna-core
|
|
228
|
-
| Runtime
|
|
229
|
-
| Authoring
|
|
230
|
-
| Consumption
|
|
231
|
-
| Governance
|
|
232
|
-
| Distribution | Registry
|
|
243
|
+
| Layer | Product | Responsibility |
|
|
244
|
+
| ------------ | ----------------------- | ----------------------------------------------------------- |
|
|
245
|
+
| Protocol | KDNA SPEC | Define judgment asset format |
|
|
246
|
+
| Core Library | @aikdna/kdna-core | load / validate / compose / render |
|
|
247
|
+
| Runtime | @aikdna/kdna-cli | Agent runtime + compile + verify + test + publish + license |
|
|
248
|
+
| Authoring | KDNA Studio | Human-led judgment production |
|
|
249
|
+
| Consumption | KDNAChat | Load, use, compare |
|
|
250
|
+
| Governance | KDNA Governance Console | Approve, release, audit |
|
|
251
|
+
| Distribution | Registry | Discover, install, license, distribute |
|
|
233
252
|
|
|
234
253
|
## Development
|
|
235
254
|
|
package/SECURITY.md
CHANGED
|
@@ -31,7 +31,7 @@ We will acknowledge within 5 business days and provide a timeline for a fix.
|
|
|
31
31
|
|
|
32
32
|
## Out of Scope
|
|
33
33
|
|
|
34
|
-
- Domain content files (
|
|
34
|
+
- Domain content files (KDNA\_\*.json) — these are user-authored judgment assets
|
|
35
35
|
- Network-level attacks (man-in-the-middle on registry fetch) — use HTTPS
|
|
36
36
|
- Local filesystem access — CLI runs with user privileges
|
|
37
37
|
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aikdna/kdna-cli",
|
|
3
|
-
"version": "0.
|
|
4
|
-
"description": "KDNA CLI — create, validate, install, and manage domain
|
|
3
|
+
"version": "0.19.0",
|
|
4
|
+
"description": "KDNA CLI — create, validate, install, and manage domain judgment packages for AI agents.",
|
|
5
5
|
"type": "commonjs",
|
|
6
6
|
"bin": {
|
|
7
7
|
"kdna": "src/cli.js",
|
|
@@ -24,13 +24,15 @@
|
|
|
24
24
|
"test": "node --test tests/v07-commands.test.js tests/v012-commands.test.js",
|
|
25
25
|
"test:integration": "node --test tests/integration.test.js",
|
|
26
26
|
"test:all": "node --test tests/*.test.js",
|
|
27
|
+
"release:preflight": "node scripts/release-preflight.js",
|
|
27
28
|
"pretest": "npm install --ignore-scripts"
|
|
28
29
|
},
|
|
29
30
|
"keywords": [
|
|
30
31
|
"kdna",
|
|
31
32
|
"kdna-cli",
|
|
32
33
|
"ai-agent",
|
|
33
|
-
"domain-
|
|
34
|
+
"domain-judgment",
|
|
35
|
+
"judgment-protocol",
|
|
34
36
|
"cli"
|
|
35
37
|
],
|
|
36
38
|
"license": "Apache-2.0",
|
|
@@ -46,7 +48,7 @@
|
|
|
46
48
|
"node": ">=18"
|
|
47
49
|
},
|
|
48
50
|
"dependencies": {
|
|
49
|
-
"@aikdna/kdna-core": "^0.
|
|
51
|
+
"@aikdna/kdna-core": "^0.6.0"
|
|
50
52
|
},
|
|
51
53
|
"optionalDependencies": {
|
|
52
54
|
"ajv": "^8.17.1",
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: kdna-loader
|
|
3
|
-
description: Discover and load KDNA judgment frameworks from
|
|
3
|
+
description: Discover and load KDNA judgment frameworks from installed .kdna assets when the task requires domain-specific judgment (review, diagnosis, critique, classification, strategy) where the same input could legitimately be interpreted multiple ways. Skip for pure formatting, factual lookup, code execution, or mechanical transformations. This skill is the entire interface to KDNA — domains themselves are not separate skills.
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
# KDNA Loader
|
|
@@ -17,7 +17,7 @@ this skill provides the **routing and protocol**, KDNA provides the
|
|
|
17
17
|
**judgment material**.
|
|
18
18
|
|
|
19
19
|
This skill is the **only** KDNA-related skill. Domains themselves are
|
|
20
|
-
not registered as skills — they live
|
|
20
|
+
not registered as skills — they live as `.kdna` assets under `~/.kdna/packages/` and
|
|
21
21
|
are discovered on demand. Whether the user has 1 domain installed or
|
|
22
22
|
100, this skill is the single entry point.
|
|
23
23
|
|
|
@@ -68,8 +68,8 @@ Returns a compact JSON array — one entry per installed domain — with:
|
|
|
68
68
|
axioms), `does_not_apply_when` (flattened), `failure_risks`. Yanked
|
|
69
69
|
domains are excluded automatically.
|
|
70
70
|
|
|
71
|
-
This is your **only** discovery interface. Do not
|
|
72
|
-
or `cat`
|
|
71
|
+
This is your **only** discovery interface. Do not inspect `~/.kdna/packages/` manually, unzip `.kdna` files,
|
|
72
|
+
or `cat` internal JSON entries directly — the CLI is the supported contract
|
|
73
73
|
between this skill and the KDNA file format. The on-disk layout may
|
|
74
74
|
change; `kdna available` will not.
|
|
75
75
|
|
|
@@ -135,7 +135,7 @@ After evaluating, you should usually have:
|
|
|
135
135
|
> "Two installed domains could apply here: @aikdna/writing
|
|
136
136
|
> (structural diagnosis) and @yourorg/copy_polish (line-level
|
|
137
137
|
> polish). Which judgment frame should I use?"
|
|
138
|
-
Do **not** silently blend.
|
|
138
|
+
> Do **not** silently blend.
|
|
139
139
|
|
|
140
140
|
Never load more than one domain as primary. A secondary domain can
|
|
141
141
|
constrain (e.g. `@aikdna/agent_safety` always advises on irreversible
|
|
@@ -181,8 +181,8 @@ stages.
|
|
|
181
181
|
You have now internalized the domain's judgment surface. From this
|
|
182
182
|
point on:
|
|
183
183
|
|
|
184
|
-
1. **Adopt the axioms as your reasoning frame** — reason
|
|
185
|
-
them, not
|
|
184
|
+
1. **Adopt the axioms as your reasoning frame** — reason _from_
|
|
185
|
+
them, not _around_ them.
|
|
186
186
|
2. **Honour the boundaries** — for each axiom you'd apply, confirm
|
|
187
187
|
the task is in `applies_when` AND not in `does_not_apply_when`.
|
|
188
188
|
3. **Pre-check failure_risk** — before producing output, ask:
|
|
@@ -222,6 +222,7 @@ KDNA domains influence agent judgment. The loader MUST apply safety rules before
|
|
|
222
222
|
### Loading Priority
|
|
223
223
|
|
|
224
224
|
When KDNA is loaded, the agent MUST respect this priority order:
|
|
225
|
+
|
|
225
226
|
1. System safety policy (highest — cannot be overridden)
|
|
226
227
|
2. Legal and compliance requirements
|
|
227
228
|
3. User's explicit intent
|
|
@@ -234,12 +235,12 @@ KDNA MUST NOT override system safety policies, legal requirements, or the user's
|
|
|
234
235
|
|
|
235
236
|
Before loading a KDNA domain, check its risk level in `kdna.json` or `KDNA_CARD.json`:
|
|
236
237
|
|
|
237
|
-
| Risk Level
|
|
238
|
-
|
|
239
|
-
| **R0** (Low)
|
|
240
|
-
| **R1** (Medium)
|
|
241
|
-
| **R2** (High)
|
|
242
|
-
| **R3** (Restricted) | Reject loading unless explicitly authorized
|
|
238
|
+
| Risk Level | Loading Behavior |
|
|
239
|
+
| ------------------- | ---------------------------------------------- |
|
|
240
|
+
| **R0** (Low) | Load silently |
|
|
241
|
+
| **R1** (Medium) | Load silently; log |
|
|
242
|
+
| **R2** (High) | Warn user before loading; require confirmation |
|
|
243
|
+
| **R3** (Restricted) | Reject loading unless explicitly authorized |
|
|
243
244
|
|
|
244
245
|
### Signature & Trust Checks
|
|
245
246
|
|
|
@@ -251,6 +252,7 @@ Before loading a KDNA domain, check its risk level in `kdna.json` or `KDNA_CARD.
|
|
|
251
252
|
### Runtime Logging
|
|
252
253
|
|
|
253
254
|
Every KDNA load MUST be logged with:
|
|
255
|
+
|
|
254
256
|
- Domain name and version
|
|
255
257
|
- Risk level
|
|
256
258
|
- Signature status
|
|
@@ -262,13 +264,13 @@ This enables audit and accountability.
|
|
|
262
264
|
|
|
263
265
|
## Failure handling
|
|
264
266
|
|
|
265
|
-
| Situation
|
|
266
|
-
|
|
267
|
-
| `kdna` CLI not installed
|
|
268
|
-
| `kdna available --json` returns `[]`
|
|
269
|
-
| `kdna load <name>` exits non-zero
|
|
270
|
-
| User explicitly asks for a domain that isn't installed | Tell them, suggest `kdna install <name>`. Do not fabricate the domain.
|
|
271
|
-
| Two domains' stances directly conflict on the task
|
|
267
|
+
| Situation | What to do |
|
|
268
|
+
| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------- |
|
|
269
|
+
| `kdna` CLI not installed | Skip KDNA. Answer normally. Mention installation only if user asks about KDNA itself. |
|
|
270
|
+
| `kdna available --json` returns `[]` | No domains installed. Skip KDNA. |
|
|
271
|
+
| `kdna load <name>` exits non-zero | That domain is broken (yanked, missing files, parse error). Try next candidate or skip KDNA. The error message tells you why. |
|
|
272
|
+
| User explicitly asks for a domain that isn't installed | Tell them, suggest `kdna install <name>`. Do not fabricate the domain. |
|
|
273
|
+
| Two domains' stances directly conflict on the task | Surface to user. Do not blend. |
|
|
272
274
|
|
|
273
275
|
---
|
|
274
276
|
|
|
@@ -291,8 +293,7 @@ Otherwise, stay silent about the loading mechanics.
|
|
|
291
293
|
|
|
292
294
|
## What this skill is NOT
|
|
293
295
|
|
|
294
|
-
- Not a list of available KDNA domains (those
|
|
295
|
-
`~/.kdna/domains/`, discovered on demand)
|
|
296
|
+
- Not a list of available KDNA domains (those are installed `.kdna` assets, discovered on demand)
|
|
296
297
|
- Not a registry browser (use `kdna list --available` CLI)
|
|
297
298
|
- Not a domain creator (use `kdna init <name>` CLI)
|
|
298
299
|
- Not an auto-loader that runs on every request — you decide per
|