@appsforgood/next-supabase-kit 0.1.1 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (74) hide show
  1. package/CHANGELOG.md +33 -0
  2. package/README.md +20 -3
  3. package/REPOSITORY_SETTINGS.md +1 -0
  4. package/UPGRADE.md +9 -5
  5. package/antigravity/commands/audit.toml +16 -0
  6. package/antigravity/commands/copy.toml +16 -0
  7. package/antigravity/commands/frontend.toml +17 -0
  8. package/antigravity/commands/handoff.toml +16 -0
  9. package/antigravity/commands/plan.toml +18 -0
  10. package/antigravity/commands/security.toml +16 -0
  11. package/antigravity/commands/setup.toml +16 -0
  12. package/antigravity/commands/ship.toml +17 -0
  13. package/antigravity/commands/upgrade.toml +17 -0
  14. package/antigravity/plugin.json +58 -0
  15. package/assistant-adapters/README.md +1 -0
  16. package/assistant-adapters/antigravity.md +56 -0
  17. package/assistant-adapters/claude-code-subagents.md +1 -1
  18. package/assistant-adapters/codex-agents.md +17 -1
  19. package/assistant-adapters/cursor-agent-kit.mdc +3 -2
  20. package/assistant-adapters/cursor-frontend.mdc +16 -0
  21. package/assistant-adapters/cursor-planner.mdc +14 -0
  22. package/assistant-adapters/cursor-security.mdc +18 -0
  23. package/assistant-adapters/github-copilot-instructions.md +1 -1
  24. package/assistant-adapters/github-next-supabase.instructions.md +1 -1
  25. package/assistant-adapters/model-selection/codex-config.example.toml +3 -0
  26. package/dist/index.js +5036 -1838
  27. package/dist/index.js.map +1 -1
  28. package/dist/studio/office/assets/office.css +551 -0
  29. package/dist/studio/office/assets/office.js +1105 -0
  30. package/dist/studio/wizard/assets/wizard.css +525 -0
  31. package/dist/studio/wizard/assets/wizard.js +692 -0
  32. package/examples/next-supabase-installed/.agent-kit/manifest.json +59 -58
  33. package/examples/next-supabase-installed/.agent-kit/model-routing.json +7 -0
  34. package/examples/next-supabase-installed/.agent-kit/overrides.json +1 -7
  35. package/examples/next-supabase-installed/audit-output.json +360 -1
  36. package/examples/next-supabase-installed/tree.txt +6 -0
  37. package/model-routing/default-model-routing.json +7 -0
  38. package/package.json +13 -5
  39. package/runtime-skills/README.md +7 -0
  40. package/runtime-skills/accessibility-wcag/SKILL.md +8 -0
  41. package/runtime-skills/agent-handoff-tracing/SKILL.md +8 -0
  42. package/runtime-skills/best-practice-maturity-review/SKILL.md +8 -0
  43. package/runtime-skills/content-first-design/SKILL.md +8 -0
  44. package/runtime-skills/conversion-copywriting/SKILL.md +8 -0
  45. package/runtime-skills/deployment-observability/SKILL.md +8 -0
  46. package/runtime-skills/docs-maintainer/SKILL.md +8 -0
  47. package/runtime-skills/frontend-design-system/SKILL.md +8 -0
  48. package/runtime-skills/frontend-distinctiveness-benchmark/SKILL.md +8 -0
  49. package/runtime-skills/frontend-product-quality-rubric/SKILL.md +8 -0
  50. package/runtime-skills/landing-page-copy/SKILL.md +8 -0
  51. package/runtime-skills/nextjs-app-router/SKILL.md +8 -0
  52. package/runtime-skills/onboarding-empty-state-copy/SKILL.md +8 -0
  53. package/runtime-skills/owasp-security-review/SKILL.md +8 -0
  54. package/runtime-skills/planning-council/SKILL.md +8 -0
  55. package/runtime-skills/positioning-messaging/SKILL.md +8 -0
  56. package/runtime-skills/postgres-migrations/SKILL.md +8 -0
  57. package/runtime-skills/product-voice-tone/SKILL.md +8 -0
  58. package/runtime-skills/reference-led-design-critique/SKILL.md +8 -0
  59. package/runtime-skills/supabase-auth-rls/SKILL.md +8 -0
  60. package/runtime-skills/testing-qa/SKILL.md +8 -0
  61. package/runtime-skills/upgrade-maintenance/SKILL.md +8 -0
  62. package/runtime-skills/visual-regression-qa/SKILL.md +8 -0
  63. package/schemas/onboarding-state.schema.json +33 -0
  64. package/templates/next-supabase/.github/workflows/agent-kit-audit.yml +35 -0
  65. package/templates/next-supabase/AGENTS.md +1 -1
  66. package/templates/next-supabase/ASSISTANT_ADAPTERS.md +46 -4
  67. package/templates/next-supabase/CLAUDE.md +39 -0
  68. package/templates/next-supabase/DECISIONS.md +14 -0
  69. package/templates/next-supabase/DOCS.md +4 -0
  70. package/templates/next-supabase/MODEL_ROUTING.md +12 -0
  71. package/templates/next-supabase/QUALITY_GATES.md +4 -0
  72. package/templates/next-supabase/SPEC.md +2 -0
  73. package/templates/next-supabase/TESTING.md +3 -0
  74. package/templates/next-supabase/UPGRADE.md +4 -0
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: best-practice-maturity-review
3
+ description: Use for setup audits, release readiness, dogfood reviews, roadmap checkpoints, and best-practice maturity claims.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/best-practice-maturity-review.md` or `.agent-kit/skills/best-practice-maturity-review.md`.
7
+
8
+ Use `QUALITY_GATES.md` to name the target level and require evidence for each affected area. Treat missing evidence as incomplete, not as a passing caveat.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: content-first-design
3
+ description: Use before designing or changing user-facing product screens, dashboards, tools, marketplaces, content experiences, or AI workflow UIs.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/content-first-design.md` or `.agent-kit/skills/content-first-design.md`.
7
+
8
+ Capture audience, user needs, product category, content inventory, brand constraints, creative options, and non-goals before implementation starts.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: conversion-copywriting
3
+ description: Use for public-facing or conversion-facing headlines, CTAs, onboarding, pricing, landing pages, and UX copy.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/conversion-copywriting.md` or `.agent-kit/skills/conversion-copywriting.md`.
7
+
8
+ Use `MESSAGING.md` for audience, pain, desired outcome, proof, objections, voice, and conversion goal. Mark unsupported claims as assumptions.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: deployment-observability
3
+ description: Use for release readiness, environment variables, migration order, logs, monitoring, rollback, and post-release verification.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/deployment-observability.md` or `.agent-kit/skills/deployment-observability.md`.
7
+
8
+ Confirm deployment prerequisites, observable failures, release order, verification commands, and rollback guidance before shipping.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: docs-maintainer
3
+ description: Use after significant architecture, behavior, release, security, adapter, or workflow changes that affect living docs.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/docs-maintainer.md` or `.agent-kit/skills/docs-maintainer.md`.
7
+
8
+ Update `SPEC.md`, `DECISIONS.md`, `DOCS.md`, `QUALITY_GATES.md`, `TESTING.md`, `UPGRADE.md`, and related docs so another engineer or agent can continue safely.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: frontend-design-system
3
+ description: Use for user-facing screens and components that need design tokens, component states, responsiveness, accessibility, and anti-generic UI review.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/frontend-design-system.md` or `.agent-kit/skills/frontend-design-system.md`.
7
+
8
+ Require real content, task-first hierarchy, component states, accessibility, mobile behavior, and visual QA evidence before accepting significant frontend work.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: frontend-distinctiveness-benchmark
3
+ description: Use when significant frontend work risks looking interchangeable with a generic AI-generated product.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/frontend-distinctiveness-benchmark.md` or `.agent-kit/skills/frontend-distinctiveness-benchmark.md`.
7
+
8
+ Prove first-screen specificity, product nouns, data shapes, real actions, source-safe references, asset provenance, important states, and desktop/mobile evidence.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: frontend-product-quality-rubric
3
+ description: Use to score significant frontend work for user fit, content specificity, visual identity, IA, states, accessibility, and source safety.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/frontend-product-quality-rubric.md` or `.agent-kit/skills/frontend-product-quality-rubric.md`.
7
+
8
+ Reject critical zeroes, require at least `10/14` for acceptance, and require higher evidence for best-practice frontend claims.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: landing-page-copy
3
+ description: Use for landing-page headlines, subheads, proof, objections, CTAs, and conversion copy.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/landing-page-copy.md` or `.agent-kit/skills/landing-page-copy.md`.
7
+
8
+ Tie copy to audience, problem, outcome, differentiator, proof, objections, and one clear primary CTA. Avoid generic SaaS claims.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: nextjs-app-router
3
+ description: Use for Next.js App Router, Server Components, Client Components, Route Handlers, Server Actions, caching, forms, and metadata.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/nextjs-app-router.md` or `.agent-kit/skills/nextjs-app-router.md`.
7
+
8
+ Keep server/client boundaries explicit, preserve auth context, protect secrets from client bundles, and handle loading, error, empty, and success states.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: onboarding-empty-state-copy
3
+ description: Use for onboarding copy, first-run states, empty states, setup prompts, and guided user flows.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/onboarding-empty-state-copy.md` or `.agent-kit/skills/onboarding-empty-state-copy.md`.
7
+
8
+ Use product-specific nouns and actions, reduce cognitive load, avoid unsupported claims, and align copy with `MESSAGING.md`.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: owasp-security-review
3
+ description: Use for auth, API routes, Server Actions, external fetches, file uploads, webhooks, dependencies, and data mutations.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/owasp-security-review.md` or `.agent-kit/skills/owasp-security-review.md`.
7
+
8
+ Review broken access control, IDOR, injection, SSRF, misconfiguration, vulnerable dependencies, secret handling, validation, encoding, and safe errors.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: planning-council
3
+ description: Use for planning, roadmaps, ambiguous feature requests, core architecture changes, auth/data work, release work, and multi-agent routing.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/planning-council.md` or `.agent-kit/skills/planning-council.md`.
7
+
8
+ Classify the request, select the roster workflow, name the maturity target, map affected layers, preserve contracts, assign handoffs, and record evidence.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: positioning-messaging
3
+ description: Use for audience, pain, outcome, alternatives, differentiator, proof, objections, voice, and conversion strategy.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/positioning-messaging.md` or `.agent-kit/skills/positioning-messaging.md`.
7
+
8
+ Update `MESSAGING.md`, ask only high-impact discovery questions, and connect every public claim to real proof or an explicit assumption.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: postgres-migrations
3
+ description: Use for schema changes, constraints, indexes, SQL functions, triggers, seed data, data migrations, and rollback planning.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/postgres-migrations.md` or `.agent-kit/skills/postgres-migrations.md`.
7
+
8
+ Order migrations, protect integrity with constraints, add indexes for access patterns, and document rollback or retry guidance.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: product-voice-tone
3
+ description: Use for product voice, tone, microcopy, onboarding language, CTA style, and consistent UX copy.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/product-voice-tone.md` or `.agent-kit/skills/product-voice-tone.md`.
7
+
8
+ Keep voice grounded in product facts, audience needs, proof, objections, and `MESSAGING.md`; avoid generic AI-looking language.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: reference-led-design-critique
3
+ description: Use before accepting significant frontend work that needs references, anti-references, source safety, and design critique.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/reference-led-design-critique.md` or `.agent-kit/skills/reference-led-design-critique.md`.
7
+
8
+ Use references for lessons without copying protected source design, brand identity, copy, or assets. Record critique verdict and required changes.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: supabase-auth-rls
3
+ description: Use for Supabase Auth, SSR clients, sessions, middleware, RLS policies, Storage policies, and service-role usage.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/supabase-auth-rls.md` or `.agent-kit/skills/supabase-auth-rls.md`.
7
+
8
+ Enforce authorization in RLS, keep service-role keys server-only, test session refresh and redirects, and prevent IDOR at the SQL boundary.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: testing-qa
3
+ description: Use for unit tests, regression tests, smoke checks, Playwright coverage, visual QA, and acceptance evidence.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/testing-qa.md` or `.agent-kit/skills/testing-qa.md`.
7
+
8
+ Cover core logic, preserved behavior, critical paths, auth/data mutations, network failures, empty/error states, and explicitly document gaps.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: upgrade-maintenance
3
+ description: Use for Agent Kit, Next.js, Supabase, UI library, testing tool, release workflow, adapter, and dependency upgrades.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/upgrade-maintenance.md` or `.agent-kit/skills/upgrade-maintenance.md`.
7
+
8
+ Run `agent-kit diff`, preserve overrides, review conflicts, check release notes/migrations/codemods, run audit, and record rollback evidence.
@@ -0,0 +1,8 @@
1
+ ---
2
+ name: visual-regression-qa
3
+ description: Use for user-facing screen changes, reusable components, visual design tokens, responsive layouts, image-heavy pages, and visual acceptance.
4
+ ---
5
+
6
+ Canonical workflow: read `skills/visual-regression-qa.md` or `.agent-kit/skills/visual-regression-qa.md`.
7
+
8
+ Name the visual QA tier, capture important states and breakpoints, handle volatile regions, and keep visual checks separate from accessibility and data-boundary tests.
@@ -0,0 +1,33 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://agent-skills.dev/schemas/onboarding-state.schema.json",
4
+ "title": "Agent Kit Onboarding State",
5
+ "type": "object",
6
+ "required": [
7
+ "schemaVersion",
8
+ "depth",
9
+ "startedAt",
10
+ "lastVisitedAt",
11
+ "completedSections",
12
+ "skippedSections",
13
+ "currentSection",
14
+ "currentStep",
15
+ "wizardVersion"
16
+ ],
17
+ "additionalProperties": false,
18
+ "properties": {
19
+ "schemaVersion": { "const": 1 },
20
+ "depth": { "type": "string", "enum": ["quick", "standard", "complete", "undecided"] },
21
+ "startedAt": { "type": "string", "format": "date-time" },
22
+ "lastVisitedAt": { "type": "string", "format": "date-time" },
23
+ "completedAt": { "type": "string", "format": "date-time" },
24
+ "completedSections": { "type": "array", "items": { "type": "string" } },
25
+ "skippedSections": { "type": "array", "items": { "type": "string" } },
26
+ "currentSection": { "type": "string" },
27
+ "currentStep": { "type": "integer", "minimum": 0 },
28
+ "wizardVersion": { "type": "string" },
29
+ "ideSurface": { "type": "string", "enum": ["cursor", "copilot", "claude", "codex", "other"] },
30
+ "ideVerifiedAt": { "type": "string", "format": "date-time" },
31
+ "visualQaTier": { "type": "string", "enum": ["baseline", "strong", "mature"] }
32
+ }
33
+ }
@@ -0,0 +1,35 @@
1
+ name: Agent Kit Audit
2
+
3
+ on:
4
+ pull_request:
5
+ push:
6
+ branches:
7
+ - main
8
+ workflow_dispatch:
9
+
10
+ permissions:
11
+ contents: read
12
+
13
+ jobs:
14
+ audit:
15
+ name: Agent kit readiness
16
+ runs-on: ubuntu-latest
17
+ timeout-minutes: 10
18
+
19
+ steps:
20
+ - name: Checkout
21
+ uses: actions/checkout@v6
22
+ with:
23
+ persist-credentials: false
24
+
25
+ - name: Setup Node
26
+ uses: actions/setup-node@v6
27
+ with:
28
+ node-version: "24"
29
+ cache: npm
30
+
31
+ - name: Install dependencies
32
+ run: npm ci
33
+
34
+ - name: Run baseline audit gate
35
+ run: npx agent-kit audit --json --min-readiness baseline-setup
@@ -2,7 +2,7 @@
2
2
 
3
3
  This project uses explicit agent roles so implementation, security, quality, and documentation do not collapse into one vague assistant.
4
4
 
5
- Use `.agent-kit/agent-roster.json` as the default council contract. Use `MODEL_ROUTING.md` and `.agent-kit/model-routing.json` to choose model profiles for each agent. Before meaningful work, read `.agent-kit/project-context.json` and `.agent-kit/project-context.md` when present, then apply active corrections from `.agent-kit/corrections/project-rules.json` and `.agent-kit/corrections/agent-rules.json`. When a request is ambiguous, planning-oriented, or cross-layer, start with Planner and follow the matching workflow in `AGENT_ROSTER.md`. Use `ASSISTANT_ADAPTERS.md` to confirm which AI coding tools load these instructions and how model selection is handled. Record meaningful council sessions in `COUNCIL.md` or the local Agent Studio files under `.agent-kit/council-sessions/`.
5
+ Use `.agent-kit/agent-roster.json` as the default council contract. Use `MODEL_ROUTING.md` and `.agent-kit/model-routing.json` to choose model profiles for each agent. Before meaningful work, read `.agent-kit/project-context.json`, `.agent-kit/project-context.md`, and `.agent-kit/agent-briefs.md` when present, then apply active corrections from `.agent-kit/corrections/project-rules.json` and `.agent-kit/corrections/agent-rules.json`. When a request is ambiguous, planning-oriented, or cross-layer, start with Planner and follow the matching workflow in `AGENT_ROSTER.md`. Use `ASSISTANT_ADAPTERS.md` to confirm which AI coding tools load these instructions and how model selection is handled. Record meaningful council sessions in `COUNCIL.md` or the local Agent Studio files under `.agent-kit/council-sessions/`.
6
6
 
7
7
  ## Planner
8
8
 
@@ -26,10 +26,11 @@ Canonical source of truth:
26
26
 
27
27
  | Tool | Instruction surface | Instruction status | Model-selection status | Enforcement | Evidence | Notes |
28
28
  | --- | --- | --- | --- | --- | --- | --- |
29
- | Codex / AGENTS.md-compatible tools | `AGENTS.md`, optional `.codex/config.toml`, optional `.codex/agents/*.toml` | TBD | TBD | Partial | TBD | Confirm the tool loads root `AGENTS.md`, follows council routing, and uses `MODEL_ROUTING.md` for model choice. |
30
- | GitHub Copilot / VS Code | `.github/copilot-instructions.md` and `.github/instructions/*.instructions.md` | TBD | TBD | Advisory | TBD | Use `.agent-kit/assistant-adapters/github-copilot-instructions.md`, `github-next-supabase.instructions.md`, and `model-selection/github-copilot-model-selection.md` as starting points. |
31
- | Cursor | `.cursor/rules/cursor-agent-kit.mdc` and `.cursor/rules/cursor-model-selection.mdc` | Active on init | Advisory | Advisory | `agent-kit init` copies canonical rules from `.agent-kit/assistant-adapters/`; verify in Cursor Settings > Rules that both rules load. | `agent-kit init` installs `.cursor/rules/cursor-agent-kit.mdc` and `.cursor/rules/cursor-model-selection.mdc`. Re-run `agent-kit diff` after kit updates if the canonical adapter files changed. |
32
- | Claude Code | `.claude/agents/*.md` and optional `CLAUDE.md` | TBD | TBD | Partial | TBD | Use `.agent-kit/assistant-adapters/claude-code-subagents.md` and `model-selection/claude-code-subagents-with-models.md` as starting points. |
29
+ | Codex / AGENTS.md-compatible tools | `AGENTS.md`, `.codex/config.toml`, `.codex/agents/*.toml` | TBD | TBD | Partial | TBD | Run `agent-kit init --activate codex` to generate council custom agents and copy `.codex/config.toml`. |
30
+ | GitHub Copilot / VS Code | `.github/copilot-instructions.md` and `.github/instructions/*.instructions.md` | TBD | TBD | Advisory | TBD | Run `agent-kit init --activate copilot` to promote Copilot instruction files. |
31
+ | Cursor | `.cursor/rules/*.mdc`, `.cursor/agents/*.md`, `.cursor/skills/*/SKILL.md` | Active on init (rules); subagents on `--activate cursor` | Advisory | Partial | Run `agent-kit init --activate cursor`; verify subagents. | Delegate to `.cursor/agents/` instead of role-playing the council. |
32
+ | Claude Code | `.claude/agents/*.md` and optional `CLAUDE.md` | TBD | TBD | Partial | TBD | Run `agent-kit init --activate claude` to generate subagents from `.agent-kit/agent-roster.json` and install `CLAUDE.md`. |
33
+ | Antigravity | `.antigravity/agent-kit/plugin.json`, `.antigravity/agent-kit/commands/*.toml`, `.antigravity/runtime-skills/*/SKILL.md` | TBD | TBD | Advisory | TBD | Run `agent-kit init --activate antigravity`, then `agent-kit adapter validate antigravity`; optional native validation is `agy plugin validate` when available. |
33
34
 
34
35
  ## Model Selection
35
36
 
@@ -68,6 +69,47 @@ Verification steps:
68
69
 
69
70
  If a project already customized `.cursor/rules/`, review `.agent-kit/conflicts/` after `agent-kit update` before adopting newer adapter wording.
70
71
 
72
+ Run `agent-kit init --activate cursor` to generate `.cursor/agents/*.md` and `.cursor/skills/*/SKILL.md` from the roster and kit skills.
73
+
74
+ ## Multi-agent delegation
75
+
76
+ Same council playbook across IDEs — delegate to specialists instead of role-playing every role in one thread.
77
+
78
+ | Risk / work | Cursor | Codex | Claude Code |
79
+ | --- | --- | --- | --- |
80
+ | Auth / RLS / secrets | `@security-reviewer` or Task `security-review` | spawn `security-reviewer.toml` | `@security-reviewer` |
81
+ | Planning / scope | `@planner` | spawn `planner.toml` | `@planner` |
82
+ | Frontend UI | `@frontend-design-lead` | spawn `frontend-design-lead.toml` | `@frontend-design-lead` |
83
+ | QA / behavior changes | `@qa-engineer` or Task `bugbot` | spawn `qa-engineer.toml` | `@qa-engineer` |
84
+
85
+ Record evidence with `agent-kit session checkpoint --file <json>` when the CLI is available.
86
+
87
+ ## Codex Activation
88
+
89
+ `agent-kit init --activate codex` installs:
90
+
91
+ - `.codex/config.toml`
92
+ - `.codex/agents/*.toml` council custom agents with `model_reasoning_effort` from `.agent-kit/model-routing.json`
93
+
94
+ Validate with `agent-kit adapter validate codex`.
95
+
96
+ ## Antigravity Activation
97
+
98
+ `agent-kit init --activate antigravity` installs a native runtime adapter without changing the canonical Agent Kit operating model:
99
+
100
+ - `.antigravity/agent-kit/plugin.json`
101
+ - `.antigravity/agent-kit/commands/*.toml`
102
+ - `.antigravity/runtime-skills/*/SKILL.md`
103
+ - `.antigravity/agent-kit/README.md`
104
+
105
+ Validate the structural package with:
106
+
107
+ ```bash
108
+ agent-kit adapter validate antigravity
109
+ ```
110
+
111
+ If the local machine has the Antigravity CLI, teams may also run native plugin validation and record that evidence here. Runtime command files are adapters only; `AGENTS.md`, `.agent-kit/agent-roster.json`, `QUALITY_GATES.md`, and Agent Studio sessions remain canonical.
112
+
71
113
  ## Acceptance Evidence
72
114
 
73
115
  Before claiming strong or best-practice maturity, replace the TBD rows above with:
@@ -0,0 +1,39 @@
1
+ # Claude Code Project Instructions
2
+
3
+ This repository uses Agent Kit. Treat the following as the source of truth for council routing, project context, correction rules, model profiles, quality gates, and handoff evidence:
4
+
5
+ - `AGENTS.md`
6
+ - `AGENT_ROSTER.md`
7
+ - `.agent-kit/agent-roster.json`
8
+ - `MODEL_ROUTING.md`
9
+ - `.agent-kit/model-routing.json`
10
+ - `.agent-kit/project-context.json`
11
+ - `.agent-kit/project-context.md`
12
+ - `.agent-kit/agent-briefs.md` when present
13
+ - `.agent-kit/corrections/project-rules.json`
14
+ - `.agent-kit/corrections/agent-rules.json`
15
+ - `COUNCIL.md`
16
+ - `.agent-kit/council-sessions/`
17
+ - `QUALITY_GATES.md`
18
+
19
+ ## Subagents
20
+
21
+ Project subagents live in `.claude/agents/*.md` and are generated from `.agent-kit/agent-roster.json` when you run:
22
+
23
+ ```sh
24
+ agent-kit init --activate claude
25
+ ```
26
+
27
+ Use the matching subagent for the active workflow instead of treating every request as a generic implementation pass.
28
+
29
+ ## Validation
30
+
31
+ ```sh
32
+ agent-kit audit --min-readiness baseline-setup
33
+ ```
34
+
35
+ Use `agent-kit session checkpoint --file <json>` to batch-record council evidence instead of many individual session commands.
36
+
37
+ ## Model Selection
38
+
39
+ Use Claude Code model settings with the profiles in `MODEL_ROUTING.md`. Exact model names are dated recommendations — review when provider docs change.
@@ -30,6 +30,20 @@ Add new decisions above this line or keep newest first.
30
30
 
31
31
  Record major frontend choices here when a creative direction, reference set, anti-reference, brand constraint, information architecture, visual QA tier, or component-system rule materially affects implementation.
32
32
 
33
+ ## Runtime Adapter Rule
34
+
35
+ ### Context
36
+
37
+ Agent Kit may expose runtime-native command surfaces such as Antigravity plugin commands.
38
+
39
+ ### Decision
40
+
41
+ Runtime command files are adapters. `AGENTS.md`, `.agent-kit/agent-roster.json`, `QUALITY_GATES.md`, canonical `.agent-kit/skills/`, and Agent Studio session records remain the source of truth.
42
+
43
+ ### Consequences
44
+
45
+ Native commands improve invocation ergonomics, but project policy, security gates, handoff rules, model routing, and documentation contracts stay centralized in Agent Kit files.
46
+
33
47
  ## Agent Kit Model Routing
34
48
 
35
49
  ### Context
@@ -17,6 +17,7 @@ Document:
17
17
 
18
18
  - Agent council routing in `.agent-kit/agent-roster.json`
19
19
  - Assistant activation surfaces in `ASSISTANT_ADAPTERS.md`
20
+ - Optional runtime adapter surfaces such as `.antigravity/agent-kit/` and `.antigravity/runtime-skills/`
20
21
  - Model profile routing in `MODEL_ROUTING.md` and `.agent-kit/model-routing.json`
21
22
  - Council-session evidence in `COUNCIL.md`
22
23
  - Agent, council-session, model-routing, and audit-report schemas in `.agent-kit/schemas/`
@@ -38,6 +39,7 @@ Document primary workflows, including:
38
39
 
39
40
  - Planning and core-change handoffs from `AGENT_ROSTER.md`
40
41
  - Tool-specific assistant activation from `ASSISTANT_ADAPTERS.md`
42
+ - Runtime command validation with `agent-kit adapter validate antigravity` when Antigravity is active
41
43
  - Model-selection setup, enforcement status, and limitations from `MODEL_ROUTING.md`
42
44
  - Council-session evidence capture from `COUNCIL.md`
43
45
  - Upgrade review, conflict handling, migration review, and rollback evidence from `UPGRADE.md`
@@ -53,6 +55,8 @@ Document primary workflows, including:
53
55
  - Data creation and update workflow
54
56
  - Deployment workflow
55
57
 
58
+ Runtime command files are adapters only. Native commands such as `/plan`, `/security`, `/frontend`, `/copy`, `/handoff`, `/audit`, `/setup`, `/upgrade`, and `/ship` should point back to `AGENTS.md`, `.agent-kit/agent-roster.json`, `QUALITY_GATES.md`, `.agent-kit/skills/`, and Agent Studio evidence.
59
+
56
60
  ## Integration Points
57
61
 
58
62
  Document external APIs, webhooks, storage buckets, cron jobs, email providers, analytics, and monitoring.
@@ -40,6 +40,7 @@ Canonical source of truth:
40
40
  | Claude Code | `CLAUDE.md`, `.claude/agents/*.md` | Unverified | Partial | Record date, owner, subagent files, and model frontmatter behavior. |
41
41
  | Cursor | `.cursor/rules/*.mdc` | Unverified | Advisory | Record date, owner, model picker/team setting, and loaded rule evidence. |
42
42
  | GitHub Copilot | `.github/copilot-instructions.md`, `.github/instructions/*.instructions.md` | Unverified | Advisory | Record date, owner, selected chat/coding-agent model, and loaded instruction evidence. |
43
+ | Antigravity | `.antigravity/agent-kit/plugin.json`, `.antigravity/agent-kit/commands/*.toml`, `.antigravity/runtime-skills/*/SKILL.md` | Unverified | Advisory | Record date, owner, `agent-kit adapter validate antigravity`, and optional native `agy plugin validate` output. |
43
44
 
44
45
  ## June 2026 Commented Recommendations
45
46
 
@@ -98,6 +99,17 @@ June 2026 Agent Kit suggestion:
98
99
  -->
99
100
  ```
100
101
 
102
+ ### Antigravity
103
+
104
+ ```md
105
+ <!--
106
+ June 2026 Agent Kit suggestion:
107
+ - Use native `/plan`, `/security`, `/frontend`, `/copy`, `/handoff`, `/audit`, `/setup`, `/upgrade`, and `/ship` commands as runtime entrypoints.
108
+ - Keep model choice aligned with MODEL_ROUTING.md profiles, but record that Antigravity model enforcement is advisory unless the runtime/workspace provides stronger controls.
109
+ - Validate structural assets with `agent-kit adapter validate antigravity`; native `agy plugin validate` is optional when the CLI is installed.
110
+ -->
111
+ ```
112
+
101
113
  ## Acceptance Evidence
102
114
 
103
115
  Before claiming strong or best-practice maturity, record:
@@ -20,6 +20,7 @@ Baseline means the project is usable and the agent kit can audit it.
20
20
  - `AGENTS.md`, `AGENT_ROSTER.md`, `ASSISTANT_ADAPTERS.md`, `COUNCIL.md`, `SPEC.md`, `DECISIONS.md`, `DOCS.md`, `DESIGN.md`, `MESSAGING.md`, `MODEL_ROUTING.md`, `STYLE_GUIDE.md`, `SECURITY.md`, `TESTING.md`, `DEPLOYMENT.md`, and `UPGRADE.md` exist.
21
21
  - `.agent-kit/agent-roster.json`, `.agent-kit/model-routing.json`, and `.agent-kit/schemas/` exist.
22
22
  - `.agent-kit/assistant-adapters/` exists.
23
+ - Runtime adapters such as Antigravity are validated with `agent-kit adapter validate <target>` before being treated as active.
23
24
  - Agent Studio schemas for project context, correction rules, session events, and studio sessions exist when the installed kit version includes them.
24
25
  - Planner is the default planning route.
25
26
  - Lead Architect reviews core changes.
@@ -59,6 +60,7 @@ Best-practice means evidence can survive handoff, release, and later audit.
59
60
  - Public-facing and conversion-facing copy starts from discovery questions, audience, pain, outcome, differentiator, proof, objections, voice/tone, and CTA hierarchy, with unsupported claims marked as assumptions.
60
61
  - Test evidence includes the smallest useful unit/regression checks plus critical-path smoke coverage.
61
62
  - Release evidence includes install or production smoke, migration order, dependency audit, package or deployment verification, logs, and rollback notes.
63
+ - Runtime adapter evidence includes command/plugin validation, portable `SKILL.md` coverage, package allowlist coverage, and proof that adapter files point back to Agent Kit source-of-truth contracts.
62
64
  - Repo health includes issue/PR templates, CODEOWNERS, dependency updates, CodeQL or equivalent scanning, dependency review, provenance expectations, support, conduct, and governance.
63
65
  - Public or shared package releases use Trusted Publishing or equivalent identity-bound release provenance.
64
66
 
@@ -73,6 +75,7 @@ Best-practice means evidence can survive handoff, release, and later audit.
73
75
  | Marketing/copy | Marketing Copy Lead, Frontend Design Lead, QA, Docs | `MESSAGING.md`, audience and pain, value proposition, proof, objections, voice/tone, CTA hierarchy, risky-claim review |
74
76
  | Security-sensitive | Security Reviewer, Lead Architect, QA | OWASP review, boundary validation, dependency/secret review, regression or smoke evidence |
75
77
  | Release/package | Deployment/Observability Engineer, Security Reviewer, QA, Docs | Release gate output, dependency audit, install/deploy smoke, provenance or publish identity evidence |
78
+ | Runtime adapter/package | Planner, Lead Architect, Security Reviewer, QA, Docs | `agent-kit adapter validate`, `agent-kit package validate`, command/skill asset coverage, source-of-truth references, no secret-like runtime assets |
76
79
  | Upgrade/dependency | Planner, Lead Architect, Security Reviewer, QA, Docs, Deployment/Observability Engineer | Release notes, codemods or migration guide, `agent-kit diff`, conflict review, audit output, rollback notes |
77
80
 
78
81
  ## Evidence Rules
@@ -81,6 +84,7 @@ Best-practice means evidence can survive handoff, release, and later audit.
81
84
  - A test is not evidence unless it covers the behavior, risk, or contract being claimed.
82
85
  - A screenshot is not visual QA unless it covers the important viewport, state, and content.
83
86
  - A research finding is not a best practice until it is promoted into templates, skills, checklists, audit checks, tests, release gates, or documented decisions.
87
+ - A runtime command is not canonical policy; it is accepted only when it wraps `AGENTS.md`, `.agent-kit/agent-roster.json`, `QUALITY_GATES.md`, canonical skills, and Agent Studio evidence.
84
88
  - A fresh install can be baseline setup while still warning on `TBD`, example rows, or starter instruction text; those placeholders must be replaced before claiming strong or best-practice maturity.
85
89
  - A local customization is acceptable only when `.agent-kit/overrides.json` explains why and when it was reviewed.
86
90
  - A human correction is not durable until it is stored in `.agent-kit/corrections/`, remains secret-safe, has a clear scope, and is visible to future agents through installed instructions.
@@ -24,6 +24,7 @@ List behavior that must be preserved during changes:
24
24
 
25
25
  - Agent council routing in `.agent-kit/agent-roster.json`
26
26
  - Model profile routing in `MODEL_ROUTING.md` and `.agent-kit/model-routing.json`
27
+ - Optional runtime adapter commands and portable `SKILL.md` wrappers, when activated
27
28
  - Council-session evidence in `COUNCIL.md`
28
29
  - Agent, council-session, model-routing, and audit-report schema contracts in `.agent-kit/schemas/`
29
30
  - Planner default ownership for planning and Lead Architect review for core changes
@@ -65,6 +66,7 @@ Record the current maturity target and evidence.
65
66
  | --- | --- | --- | --- | --- |
66
67
  | Council routing | TBD | TBD | TBD | `AGENT_ROSTER.md`, `COUNCIL.md` |
67
68
  | Model routing | TBD | TBD | TBD | `MODEL_ROUTING.md`, `ASSISTANT_ADAPTERS.md` |
69
+ | Runtime adapters | TBD | TBD | TBD | `agent-kit adapter validate antigravity`, `.antigravity/agent-kit/`, `.antigravity/runtime-skills/` |
68
70
  | Architecture | TBD | TBD | TBD | Affected-layer map, `DECISIONS.md` |
69
71
  | Supabase/RLS | TBD | TBD | TBD | RLS inventory, migration tests |
70
72
  | Messaging | TBD | TBD | TBD | `MESSAGING.md`, proof map, objection handling, CTA hierarchy |
@@ -9,6 +9,7 @@ Testing should be proportional to risk. Auth, data mutations, payments, admin ac
9
9
  - Integration tests for API, Server Actions, and Supabase interactions where practical.
10
10
  - Playwright smoke tests for auth and critical user workflows.
11
11
  - Visual QA for important user-facing screens and reusable component states.
12
+ - Runtime adapter validation for plugin manifests, native commands, portable `SKILL.md` wrappers, source-of-truth references, package allowlists, and secret safety.
12
13
 
13
14
  ## Critical Smoke Paths
14
15
 
@@ -52,6 +53,7 @@ Recommended baseline:
52
53
  - `agent-kit audit --min-readiness baseline-setup`
53
54
  - Playwright smoke tests for critical paths
54
55
  - Visual QA evidence for high-risk UI changes
56
+ - `agent-kit adapter validate antigravity` and `agent-kit package validate` when adapter/package assets change
55
57
 
56
58
  ## Security-Focused Tests
57
59
 
@@ -62,6 +64,7 @@ Prioritize:
62
64
  - Unauthorized API calls
63
65
  - RLS-protected reads and writes
64
66
  - Service-role-only operations
67
+ - Secret-like values in runtime adapter assets, generated sessions, static exports, docs, and package files
65
68
 
66
69
  ## Test Gaps
67
70
 
@@ -8,6 +8,8 @@ Use this file when upgrading Agent Kit, Next.js, Supabase, shared UI primitives,
8
8
  npx @appsforgood/next-supabase-kit@latest doctor
9
9
  npx @appsforgood/next-supabase-kit@latest diff
10
10
  npx @appsforgood/next-supabase-kit@latest update
11
+ npx @appsforgood/next-supabase-kit@latest adapter validate antigravity
12
+ npx @appsforgood/next-supabase-kit@latest setup --status
11
13
  npx @appsforgood/next-supabase-kit@latest audit --min-readiness baseline-setup
12
14
  ```
13
15
 
@@ -20,6 +22,8 @@ Use `agent-kit audit --min-readiness best-practice-candidate` only after starter
20
22
  - Review `.agent-kit/conflicts/` before accepting changed templates.
21
23
  - Preserve valid local customizations in `.agent-kit/overrides.json`.
22
24
  - Review `AGENTS.md`, `AGENT_ROSTER.md`, `ASSISTANT_ADAPTERS.md`, `MODEL_ROUTING.md`, `COUNCIL.md`, `QUALITY_GATES.md`, `SECURITY.md`, `TESTING.md`, and `DEPLOYMENT.md`.
25
+ - If using Antigravity, review `.antigravity/agent-kit/plugin.json`, `.antigravity/agent-kit/commands/*.toml`, and `.antigravity/runtime-skills/*/SKILL.md`.
26
+ - Validate runtime adapter assets with `agent-kit adapter validate antigravity`.
23
27
  - Record accepted tradeoffs in `DECISIONS.md`.
24
28
  - Update this file with package version, release notes, migration status, rollback notes, owner, and date.
25
29