@aitne-sh/aitne 0.1.3 → 0.1.5

package/agent-assets/skills/notion/SKILL.native.claude.md

@@ -0,0 +1,202 @@
+---
+name: notion
+description: Load when the task touches Notion and Notion is in native mode bound to Claude (`nativeBackend === "claude"`). Use Claude's hosted Notion connector directly; the daemon does not proxy Notion. `/api/notion/databases` (label → UUID config dump) is the only daemon route still reachable.
+allowed-tools:
+  - Bash(curl *)
+  - Bash(jq *)
+  - Read
+---
+
+# Notion (native — Claude Notion connector)
+
+> **Refusal directive — read first.** Notion is in `native` mode bound
+> to Claude. Do **NOT** call any of:
+>
+> - `POST /api/integrations/notion/exec` (returns `410` with
+>   `X-Integration-Mode: native`)
+> - `POST /api/integrations/notion/reconcile` (410)
+> - `/api/notion/query`, `/api/notion/search`, `/api/notion/pages`,
+>   `/api/notion/pages/<id>/content` (each route-prefix 410 in native
+>   mode)
+>
+> Reach Notion through the `mcp__claude_ai_Notion__*` MCP tools this
+> Claude session already holds.
+>
+> The one exception: **`GET /api/notion/databases`** remains reachable
+> in every mode. It is a config dump (label → UUID map) with no Notion
+> API side-effect; native-mode gating does not apply to it.
+
+Confirm the binding via `<integration_modes>` (`notion="native"`) and
+the `<integration-routing-table>` block in the session preamble.
+
+## 1. Label resolution — read `/api/notion/databases` first
+
+Database UUIDs are unstable; user-facing labels (`"projects"`,
+`"meeting-notes"`, `"tasks"`) map to UUIDs through the daemon's
+settings store. Resolve label → UUID BEFORE any Notion call so the
+MCP arguments carry concrete UUIDs.
+
+```bash
+curl -s http://localhost:8321/api/notion/databases
+# → { "databases": { "<label>": { "id": "<uuid>", "title": "..." }, ... } }
+```
+
+This route is **not** part of the absolute deny set and is intentionally
+ungated in native mode — the agent reads the same labels in every mode.
+The `notion-fetch` tool accepts either a Notion page URL or a UUID;
+pass the UUID resolved here.
+
+## 2. Notion — Claude's hosted Notion connector (native MCP)
+
+Tool namespace: `mcp__claude_ai_Notion__`
+
+### Read-class tools
+
+| Capability | Tool | Use |
+|---|---|---|
+| `search` | `mcp__claude_ai_Notion__notion-search` | Workspace search (text + Notion query parameters). |
+| `read` | `mcp__claude_ai_Notion__notion-fetch` | Retrieve a single page / database / block by URL or UUID; returns content + child block tree. |
+| `comments` | `mcp__claude_ai_Notion__notion-get-comments` | Read comments on a page. |
+| `users` | `mcp__claude_ai_Notion__notion-get-users` | Enumerate workspace users. |
+| `teams` | `mcp__claude_ai_Notion__notion-get-teams` | Enumerate teams / teamspaces. |
+
+Canonical search call:
+
+```
+mcp__claude_ai_Notion__notion-search(
+  query="acme proposal",
+  query_type="internal",
+  data_source_url="https://www.notion.so/<workspace>/<database-uuid>"
+)
+```
+
+Canonical page read:
+
+```
+mcp__claude_ai_Notion__notion-fetch(id="<page-url-or-uuid>")
+```
+
+### Destructive tools (require explicit user confirmation)
+
+Per the registry's
+`notion.backendConnectors.claude.destructiveTools`:
+
+- `notion-create-pages` — adds new pages.
+- `notion-update-page` — mutates properties / content; **also** the
+  archive workaround (Status="Archived") — §3 below.
+- `notion-duplicate-page` — clones a page.
+- `notion-move-pages` — relocates pages between databases / parents.
+- `notion-create-comment` — posts a comment (user-visible).
+- `notion-create-database` — schema admin (creates new DB).
+- `notion-update-data-source` — schema admin (mutates DB columns).
+- `notion-create-view` — schema admin (new view on DB).
+- `notion-update-view` — schema admin (mutates view config).
+
+Apply the destructive-confirm contract every time:
+
+1. Summarise the plan in one line.
+2. Surface verbatim and wait for explicit user OK.
+3. On OK, issue the call.
+
+Schema-admin tools (`notion-create-database`, `notion-update-data-source`,
+`notion-create-view`, `notion-update-view`) are higher stakes than
+page mutations — explicitly name "this is a schema-admin change" in
+the plan you surface.
+
+The starter `deniedTools` list (typically denies the schema-admin set)
+is enforced before the call lands. The absolute-block layer continues
+to fire regardless of mode.
+
+## 3. Page archive — workaround only
+
+Claude's hosted Notion connector does **not** expose an archive /
+trash tool. `in_trash` is rejected as a property by
+`notion-update-page`. To "archive" a page:
+
+1. **Property workaround** (preferred when the page lives in a
+   database with a Status property): `notion-update-page(id=<uuid>,
+   properties={Status: {status: {name: "Archived"}}})`. The page
+   stays addressable but drops out of default views.
+2. **Move to a "Trash" page**: `notion-move-pages(...)` under a
+   top-level "Trash" page (creating it first via
+   `notion-create-pages` if absent). Reversible without admin
+   intervention.
+
+Surface either option to the user before issuing — they are
+explicitly user-visible workarounds, not silent archive equivalents.
+
+## 4. Structured database filtering
+
+For "what tasks are in status X" or any `WHERE <property> = ...`
+intent, use `notion-search` with the data-source filter and let the
+connector do the matching. Claude's connector does not expose a
+SQL-style query primitive (Codex's `notion_query_data_sources`
+covers that gap when delegated cross-backend; native-Claude has the
+search-with-filter primitive instead).
+
+## 5. Decision rules
+
+- **Hourly check is read-only.** Native variants inherit the
+  "External services are read-only this hour" constraint from
+  `routine.hourly_check.native.claude.md`. No creates, property
+  updates, content patches, or archives during the hourly pass.
+- **Mass-update — ask first.** A `notion-create-pages` call can take
+  up to 100 pages in one shot, and `notion-move-pages` /
+  `notion-update-page` batches can touch many rows. Summarise and
+  confirm any change that would touch more than ~10 pages.
+- **Schema admin — Approve-tier.** Database / view / data-source
+  mutations alter workspace structure. Surface explicitly and ask;
+  do not auto-confirm "this looks right".
+- **Comments are user-visible.** `notion-create-comment` posts to a
+  page comment thread — treat it like a send: confirm before issuing.
+
+## 6. Persisting observations from native fetches
+
+When `routine.hourly_check.native.claude.md`'s Step 0c fetches recent
+Notion edits, POST each materialised page to `/api/observations`. The
+daemon computes `contentHash` server-side via
+`@personal-agent/shared/observations-hash.ts`; pass `payload` verbatim:
+
+```bash
+curl -s -X POST http://localhost:8321/api/observations \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "source": "notion",
+    "type": "notion:lifecycle",
+    "ref": "<pageId>",
+    "actor": "user",
+    "receivedAt": "<ISO-8601 UTC>",
+    "summary_text": "<title — last edited HH:MM>",
+    "refs": {
+      "pageId": "<id>",
+      "parentDatabase": "<db-uuid-or-null>",
+      "title": "<title>"
+    },
+    "payload": <verbatim MCP page object>
+  }'
+```
+
+`/api/observations` is never gated. HTTP 409 indicates a mode-flip
+race window (§11.3.1); stop and re-read `<integration_modes>`.
+
+## 7. Owner notification (opt-in)
+
+The daemon does not auto-DM the owner. When a Notion action is
+user-visible enough to warrant an immediate awareness ping (a
+public comment, a mass-archive operation, content moved out of a
+long-lived database), call:
+
+```bash
+curl -s -X POST http://localhost:8321/api/notify \
+  -H 'Content-Type: application/json' \
+  -d '{"message": "Archived 7 stale pages under the <db> database."}'
+```
+
+Single page edits and routine reads do not need a notify.
+
+## 8. Cost / audit
+
+Native MCP calls land `agent_actions` rows of type `mcp_call` with
+`provider="claude"`, the tool name, and the parent `event_id` /
+`processKey`. The cost dashboard joins these to the registry by
+`toolNamespace` prefix for the `nativeAttribution` rollup (§14.4).

package/agent-assets/skills/notion/SKILL.native.codex.md

@@ -0,0 +1,166 @@
+---
+name: notion
+description: Load when the task touches Notion and Notion is in native mode bound to Codex (`nativeBackend === "codex"`). Use Codex's hosted Notion MCP directly; the daemon does not proxy Notion. `/api/notion/databases` (label → UUID config dump) is the only daemon route still reachable.
+allowed-tools:
+  - Bash(curl *)
+  - Bash(jq *)
+  - Read
+---
+
+# Notion (native — Codex Notion MCP)
+
+> **Refusal directive — read first.** Notion is in `native` mode bound
+> to Codex. Do **NOT** call any of:
+>
+> - `POST /api/integrations/notion/exec` (returns `410` with
+>   `X-Integration-Mode: native`)
+> - `POST /api/integrations/notion/reconcile` (410)
+> - `/api/notion/query`, `/api/notion/search`, `/api/notion/pages`,
+>   `/api/notion/pages/<id>/content` (each route-prefix 410)
+>
+> Reach Notion through the `mcp__codex_apps__notion._*` MCP tools your
+> Codex session already holds.
+>
+> Exception: **`GET /api/notion/databases`** remains reachable in every
+> mode (it is a config dump with no Notion API side-effect).
+
+Confirm the binding via `<integration_modes>` (`notion="native"`) and
+the `<integration-routing-table>` block in the session preamble.
+
+## 1. Label resolution — read `/api/notion/databases` first
+
+```bash
+curl -s http://localhost:8321/api/notion/databases
+# → { "databases": { "<label>": { "id": "<uuid>", "title": "..." }, ... } }
+```
+
+Resolve label → UUID before any Notion call. Codex's namespace
+terminates with `._`; the bare suffix below is what you write after
+the namespace (`_search` = `mcp__codex_apps__notion._search`).
+
+## 2. Notion — Codex's hosted Notion MCP (native)
+
+Tool namespace: `mcp__codex_apps__notion._`
+
+### Read-class tools
+
+| Capability | Tool | Use |
+|---|---|---|
+| `search` | `_search` | Workspace search. |
+| `read` | `_fetch` | Single page / database / block by URL or UUID; returns block tree. |
+| `comments` | `_notion_get_comments` | Read page comments. |
+| `users` | `_notion_get_users` | Enumerate workspace users. |
+| `teams` | `_notion_get_teams` | Enumerate teams. |
+| `query_data_sources` | `_notion_query_data_sources` | **SQL-style** structured filter (`WHERE <property> = ?`) — Codex-only capability, not exposed by Claude. Use it for "what tasks are in status X" intents. |
+| `query_meeting_notes` | `_notion_query_meeting_notes` | Structured filter over the user's meeting-notes data source (niche). |
+
+Canonical search call:
+
+```
+mcp__codex_apps__notion._search(
+  query="acme proposal",
+  data_source_id="<db-uuid-resolved-from-labels>"
+)
+```
+
+Canonical structured filter (Codex-only):
+
+```
+mcp__codex_apps__notion._notion_query_data_sources(
+  data_source_id="<db-uuid>",
+  filter="Status = 'Active' AND Priority = 'P1'",
+  limit=20
+)
+```
+
+Canonical page read:
+
+```
+mcp__codex_apps__notion._fetch(id="<page-url-or-uuid>")
+```
+
+### Destructive tools (require explicit user confirmation)
+
+Per the registry's `notion.backendConnectors.codex.destructiveTools`:
+
+- `_notion_create_pages`
+- `_notion_update_page` — properties, content, archive workaround.
+- `_notion_duplicate_page`
+- `_notion_move_pages`
+- `_notion_create_comment`
+- `_notion_create_database` — schema admin.
+- `_notion_update_data_source` — schema admin.
+- `_notion_create_view` — schema admin.
+- `_notion_update_view` — schema admin.
+
+Apply the destructive-confirm contract: summarise, wait for explicit
+OK, then issue. Schema-admin tools warrant an explicit "schema admin"
+label on the plan you surface. The starter `deniedTools` list is
+enforced before the call lands.
+
+## 3. Page archive — workaround only
+
+Same gap as Claude's connector — no dedicated archive tool. Use the
+property-update workaround (Status="Archived") via
+`_notion_update_page`, or move the page under a top-level Trash page
+via `_notion_move_pages`. Surface the choice to the user.
+
+## 4. Decision rules
+
+- **Hourly check is read-only** — inherits the constraint from
+  `routine.hourly_check.native.codex.md`.
+- **Mass-update — ask first.** `_notion_create_pages` can take up to
+  100 pages; `_notion_move_pages` and `_notion_update_page` batches
+  can touch many rows. Summarise and confirm anything >~10 pages.
+- **Schema admin — Approve-tier.** Database / view / data-source
+  mutations alter workspace structure. Explicit user confirmation
+  required.
+- **Comments are user-visible.** `_notion_create_comment` posts to a
+  page comment thread — treat like a send.
+- **Prefer structured filter over text search** when the user's
+  intent is property-shaped. `_notion_query_data_sources` is the
+  Codex-only capability that closes the gap Claude's connector has;
+  use it.
+
+## 5. Persisting observations from native fetches
+
+```bash
+curl -s -X POST http://localhost:8321/api/observations \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "source": "notion",
+    "type": "notion:lifecycle",
+    "ref": "<pageId>",
+    "actor": "user",
+    "receivedAt": "<ISO-8601 UTC>",
+    "summary_text": "<title — last edited HH:MM>",
+    "refs": {
+      "pageId": "<id>",
+      "parentDatabase": "<db-uuid-or-null>",
+      "title": "<title>"
+    },
+    "payload": <verbatim MCP page object>
+  }'
+```
+
+The daemon computes `contentHash` server-side. Pass `payload`
+verbatim. HTTP 409 → mode-flip race window (§11.3.1); stop and re-read
+`<integration_modes>`.
+
+## 6. Owner notification (opt-in)
+
+```bash
+curl -s -X POST http://localhost:8321/api/notify \
+  -H 'Content-Type: application/json' \
+  -d '{"message": "Archived 7 stale pages under the <db> database."}'
+```
+
+For public comments, mass archives, or content moved out of long-lived
+databases. Routine reads and single-page edits do not need a notify.
+
+## 7. Cost / audit
+
+Native MCP calls land `agent_actions` rows of type `mcp_call` with
+`provider="codex"`, the tool name, and the parent `event_id` /
+`processKey`. The cost dashboard joins these to the registry by
+`toolNamespace` prefix (§14.4 `nativeAttribution`).

package/agent-assets/skills/notion/SKILL.native.gemini.md

@@ -0,0 +1,167 @@
+---
+name: notion
+description: Load when the task touches Notion and Notion is in native mode bound to Gemini (`nativeBackend === "gemini"`). Use the user-installed Notion MCP server on Gemini CLI directly; the daemon does not proxy Notion. `/api/notion/databases` (label → UUID config dump) is the only daemon route still reachable.
+allowed-tools:
+  - Bash(curl *)
+  - Bash(jq *)
+  - Read
+---
+
+# Notion (native — Gemini, user-installed Notion MCP)
+
+> **Refusal directive — read first.** Notion is in `native` mode bound
+> to Gemini. Do **NOT** call any of:
+>
+> - `POST /api/integrations/notion/exec` (returns `410` with
+>   `X-Integration-Mode: native`)
+> - `POST /api/integrations/notion/reconcile` (410)
+> - `/api/notion/query`, `/api/notion/search`, `/api/notion/pages`,
+>   `/api/notion/pages/<id>/content` (each route-prefix 410)
+>
+> Reach Notion through the `mcp_notion_*` MCP tools your Gemini session
+> already holds via the user-installed Notion MCP server.
+>
+> Exception: **`GET /api/notion/databases`** remains reachable in every
+> mode (config dump, no Notion API side-effect).
+
+## Server-name assumption
+
+The registry assumes the user registered Notion's official MCP server
+under the literal name `notion` (`gemini mcp add notion <url>` or via
+the dashboard's MCP page). Gemini surfaces tools as
+`mcp_<server>_<tool>`, so the namespace `mcp_notion_` only resolves if
+the server is named `notion` exactly. If the user picked a different
+name, the §9.3 probe at flip time will report every required capability
+missing and the dashboard surfaces an actionable "wrong server name"
+hint. This skill body assumes the probe passed.
+
+Confirm the binding via `<integration_modes>` (`notion="native"`) and
+the `<integration-routing-table>` block in the session preamble.
+
+## 1. Label resolution — read `/api/notion/databases` first
+
+```bash
+curl -s http://localhost:8321/api/notion/databases
+# → { "databases": { "<label>": { "id": "<uuid>", "title": "..." }, ... } }
+```
+
+Resolve label → UUID before any Notion call.
+
+## 2. Notion — user-installed Notion MCP (native)
+
+Tool namespace: `mcp_notion_`
+
+The Notion MCP server exposes the same tool names as Anthropic's hosted
+Notion connector (hyphenated identifiers, e.g. `notion-search`); under
+Gemini's namespace convention they surface as `mcp_notion_<tool>`.
+
+### Read-class tools
+
+| Capability | Tool | Use |
+|---|---|---|
+| `search` | `mcp_notion_notion-search` | Workspace search. |
+| `read` | `mcp_notion_notion-fetch` | Single page / database / block by URL or UUID. |
+| `comments` | `mcp_notion_notion-get-comments` | Read page comments. |
+| `users` | `mcp_notion_notion-get-users` | Enumerate workspace users. |
+| `teams` | `mcp_notion_notion-get-teams` | Enumerate teams. |
+
+Canonical search call:
+
+```
+mcp_notion_notion-search(
+  query="acme proposal",
+  data_source_url="https://www.notion.so/<workspace>/<database-uuid>"
+)
+```
+
+Canonical page read:
+
+```
+mcp_notion_notion-fetch(id="<page-url-or-uuid>")
+```
+
+### Destructive tools (require explicit user confirmation)
+
+Per the registry's `notion.backendConnectors.gemini.destructiveTools`:
+
+- `mcp_notion_notion-create-pages`
+- `mcp_notion_notion-update-page` — properties / content / archive
+  workaround.
+- `mcp_notion_notion-duplicate-page`
+- `mcp_notion_notion-move-pages`
+- `mcp_notion_notion-create-comment`
+- `mcp_notion_notion-create-database` — schema admin.
+- `mcp_notion_notion-update-data-source` — schema admin.
+- `mcp_notion_notion-create-view` — schema admin.
+- `mcp_notion_notion-update-view` — schema admin.
+
+Apply the destructive-confirm contract every time. Schema-admin tools
+warrant an explicit "schema admin" label on the surfaced plan. The
+starter `deniedTools` list is enforced before the call lands.
+
+## 3. Page archive — workaround only
+
+Same gap as Claude / Codex hosted connectors — no dedicated archive
+tool. Use the property-update workaround (Status="Archived") via
+`mcp_notion_notion-update-page`, or move the page under a top-level
+Trash page via `mcp_notion_notion-move-pages`. Surface the choice.
+
+## 4. Decision rules
+
+- **Hourly check is read-only** — inherits the constraint from
+  `routine.hourly_check.native.gemini.md`.
+- **Mass-update — ask first.** `mcp_notion_notion-create-pages` can
+  take up to 100 pages; batches >~10 pages warrant explicit
+  confirmation.
+- **Schema admin — Approve-tier.** Database / view / data-source
+  mutations alter workspace structure.
+- **Comments are user-visible.** `mcp_notion_notion-create-comment`
+  posts to a page comment thread — treat like a send.
+- **No `_notion_query_data_sources` equivalent** on this connector.
+  For "what tasks are in status X" intents, use
+  `mcp_notion_notion-search` with the data-source filter scoping the
+  workspace and process the result client-side; Codex's SQL-style
+  query is a Codex-only feature.
+
+## 5. Persisting observations from native fetches
+
+```bash
+curl -s -X POST http://localhost:8321/api/observations \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "source": "notion",
+    "type": "notion:lifecycle",
+    "ref": "<pageId>",
+    "actor": "user",
+    "receivedAt": "<ISO-8601 UTC>",
+    "summary_text": "<title — last edited HH:MM>",
+    "refs": {
+      "pageId": "<id>",
+      "parentDatabase": "<db-uuid-or-null>",
+      "title": "<title>"
+    },
+    "payload": <verbatim MCP page object>
+  }'
+```
+
+The daemon computes `contentHash` server-side. Pass `payload`
+verbatim. HTTP 409 → mode-flip race window (§11.3.1); stop and re-read
+`<integration_modes>`.
+
+## 6. Owner notification (opt-in)
+
+```bash
+curl -s -X POST http://localhost:8321/api/notify \
+  -H 'Content-Type: application/json' \
+  -d '{"message": "Archived 7 stale pages under the <db> database."}'
+```
+
+For public comments, mass archives, or content moved out of long-lived
+databases. Routine reads and single-page edits do not need a notify.
+
+## 7. Cost / audit
+
+Native MCP calls land `agent_actions` rows of type `mcp_call` with
+`provider="gemini"`, the tool name, and the parent `event_id` /
+`processKey`. The cost dashboard joins these to the registry by
+`toolNamespace` prefix (§14.4 `nativeAttribution`).

package/agent-assets/skills/observations/SKILL.md

@@ -8,6 +8,13 @@ allowed-tools:
 
 # Observations Review & Source Access
 
+Output language: follow `<output_language_policy>`. This skill routes
+observations into other Policy B destinations (`today.md`, `roadmap.md`,
+`projects/*.md`) — write-ups inherit the destination file's policy
+(English skeleton, body in `<settings primary_language>`) via the
+`today` / `roadmap` / `context` / `project-doc` skills you call to land
+the update.
+
 ## Workflow
 
 1. Fetch pending user-originated observations:
@@ -19,8 +26,10 @@ allowed-tools:
    - Update `roadmap.md` or `projects/*.md` only for material project-state changes
    - Schedule a wake-up if the observation implies a future reminder
 5. Apply the smallest meaningful set of context updates.
-6. Mark processed observations consumed:
-   `curl -s -X POST http://localhost:8321/api/observations/consume -H 'Content-Type: application/json' -d '{"ids":[1,2],"correlationId":"<event-correlation-id>"}'`
+6. Mark processed observations consumed via the bulk endpoint
+   (`POST /api/observations/consume`) — see "POST /api/observations/consume"
+   in the API Reference below for the exact body shape and the
+   `correlationId` rule. There is no per-id variant.
 
 ## Skip Criteria
 
@@ -126,13 +135,29 @@ etc.) and are picked up by the prefix match on the GET route.
 
 ### POST /api/observations/consume
 
+Marks one or more observations consumed. **Bulk-only** — there is no
+per-id endpoint (`POST /api/observations/<id>/consume` returns 404).
+Always use this shape, even for a single id.
+
+Copy the `correlationId` value verbatim from the
+`<event_correlation_id>…</event_correlation_id>` tag in your turn
+context — do not paste the angle-bracket placeholder.
+
 ```bash
+# Example: <event_correlation_id>hourly-2026-04-23T15:00:00Z-7af3</event_correlation_id>
+# arrived in context, and observations 14 and 17 were processed.
 curl -s -X POST http://localhost:8321/api/observations/consume \
   -H 'Content-Type: application/json' \
-  -d '{"ids": [1, 2, 3], "correlationId": "<event_correlation_id>"}'
+  -d '{"ids":[14,17],"correlationId":"hourly-2026-04-23T15:00:00Z-7af3"}'
 ```
 
-Response: `{ "consumed": 3 }`
+| Field | Type | Required | Notes |
+|---|---|---|---|
+| `ids` | `number[]` | yes | Integers, not strings. `["14"]` is rejected. |
+| `correlationId` | `string` | yes | Verbatim from the `<event_correlation_id>` context tag. Non-string or missing → 400. |
+
+Response: `{ "consumed": <count> }`. Validation failures return 400
+`{"error":"validation_error"}`.
 
 ### GET /api/observations/stats
 

package/agent-assets/skills/project-doc/SKILL.md

@@ -8,6 +8,12 @@ allowed-tools:
 
 # Project Doc
 
+Output language: follow `<output_language_policy>`. Project docs are
+Policy B — H2/H3 headers from `agent-assets/templates/projects/` and
+`agent-assets/templates/git/` are skeleton (English); body prose,
+bullets, and summaries are written in `<settings primary_language>`.
+Preserve user-customized headers verbatim.
+
 Use this skill for Git-backed context documents under the unified
 repositories layout (see
 `docs/design/appendices/unified-repositories.md` §4.5):

package/agent-assets/skills/reading/SKILL.md

@@ -8,6 +8,8 @@ allowed-tools:
 
 # Reading & Highlights Tracker
 
+<output_language>english_only — `reading-taste.md` is parsed by display logic; field values and bullet text in that file are Policy A and override `<output_language_policy>`. Other user-facing prose from this skill (e.g. weekly recommendation DMs) follows `<output_language_policy>`.</output_language>
+
 The daemon stores books and reading highlights imported from Kindle
 (My Clippings.txt and the "Export Notebook" email pipeline) and manual
 entries. Data lives in `books` and `reading_highlights` tables. All

package/agent-assets/skills/roadmap/SKILL.md

@@ -8,6 +8,13 @@ allowed-tools:
 
 # roadmap.md Guide
 
+Output language: follow `<output_language_policy>`. roadmap.md is
+Policy B — the section headers (`## Annual Goals`, `## Quarterly Focus`,
+`## Long-term Plans`, `## Agent Action Plan`, `## Recurring`) are
+skeleton and stay English; items, narrative, and preparation-timeline
+prose underneath are written in `<settings primary_language>`. Preserve
+user-customized headers verbatim.
+
 `roadmap.md` is the single source of truth for **long-horizon user
 intent** — everything that does not belong in `today.md`. It aggregates
 Calendar events, pending `agent_schedule` rows, DM-captured intent,
@@ -239,6 +246,12 @@ mid-session refresh is not interleaved with a DM handler PATCH.
 
 ## roadmap.md API
 
+Body submission follows `_safety.md` "Daemon-API body submission":
+small POST / PATCH bodies use inline `-d '{...}'`; the full-file PUT
+runs multi-KB and uses the stdin heredoc `-d @- <<'JSON'` shape.
+Include `X-Lock-Id: <roadmap_write_lock_id>` on every PUT / PATCH
+when that tag is in your context.
+
 ```bash
 # Read
 curl -s http://localhost:8321/api/context/roadmap
@@ -247,19 +260,21 @@ curl -s http://localhost:8321/api/context/roadmap
 curl -s -X POST http://localhost:8321/api/context/roadmap/id \
   -H 'Content-Type: application/json' \
   -H 'X-Lock-Id: <roadmap_write_lock_id>' \
-  -d '{"creationDate": "YYYY-MM-DD"}'
+  -d '{"creationDate":"YYYY-MM-DD"}'
 
-# Full replace (roadmap refresh — include X-Lock-Id if context provides one)
+# Full replace (roadmap refresh) — multi-KB body, use heredoc.
 curl -s -X PUT http://localhost:8321/api/context/roadmap \
   -H 'Content-Type: application/json' \
   -H 'X-Lock-Id: <roadmap_write_lock_id>' \
-  -d '{"content": "# Roadmap\n..."}'
+  -d @- <<'JSON'
+{"content":"# Roadmap\n> Last synced: 2026-04-23\n\n## Annual Goals\n- ...\n\n## Quarterly Focus\n- ...\n\n## Long-term Plans\n- [2026-Q3] ...  <!-- id: rm-20260419-b8e7d4 -->\n\n## Agent Action Plan\n\n## Recurring\n- Every Friday: weekly review\n"}
+JSON
 
 # Section PATCH
 curl -s -X PATCH http://localhost:8321/api/context/roadmap \
   -H 'Content-Type: application/json' \
   -H 'X-Lock-Id: <roadmap_write_lock_id>' \
-  -d '{"section": "long_term_plans", "mode": "append", "content": "- [2026-Q3] ...\n"}'
+  -d '{"section":"long_term_plans","mode":"append","content":"- [2026-Q3] ...\n"}'
 ```
 
 Snapshotting, mtime updates, and path validation are handled by the