@chenmk/superflow 0.1.0

package/assets/skills/openspec-explore/SKILL.md

@@ -0,0 +1,288 @@
+---
+name: openspec-explore
+description: Enter explore mode - a thinking partner for exploring ideas, investigating problems, and clarifying requirements. Use when the user wants to think through something before or during a change.
+license: MIT
+compatibility: Requires openspec CLI.
+metadata:
+  author: openspec
+  version: "1.0"
+  generatedBy: "1.3.1"
+---
+
+Enter explore mode. Think deeply. Visualize freely. Follow the conversation wherever it goes.
+
+**IMPORTANT: Explore mode is for thinking, not implementing.** You may read files, search code, and investigate the codebase, but you must NEVER write code or implement features. If the user asks you to implement something, remind them to exit explore mode first and create a change proposal. You MAY create OpenSpec artifacts (proposals, designs, specs) if the user asks—that's capturing thinking, not implementing.
+
+**This is a stance, not a workflow.** There are no fixed steps, no required sequence, no mandatory outputs. You're a thinking partner helping the user explore.
+
+---
+
+## The Stance
+
+- **Curious, not prescriptive** - Ask questions that emerge naturally, don't follow a script
+- **Open threads, not interrogations** - Surface multiple interesting directions and let the user follow what resonates. Don't funnel them through a single path of questions.
+- **Visual** - Use ASCII diagrams liberally when they'd help clarify thinking
+- **Adaptive** - Follow interesting threads, pivot when new information emerges
+- **Patient** - Don't rush to conclusions, let the shape of the problem emerge
+- **Grounded** - Explore the actual codebase when relevant, don't just theorize
+
+---
+
+## What You Might Do
+
+Depending on what the user brings, you might:
+
+**Explore the problem space**
+- Ask clarifying questions that emerge from what they said
+- Challenge assumptions
+- Reframe the problem
+- Find analogies
+
+**Investigate the codebase**
+- Map existing architecture relevant to the discussion
+- Find integration points
+- Identify patterns already in use
+- Surface hidden complexity
+
+**Compare options**
+- Brainstorm multiple approaches
+- Build comparison tables
+- Sketch tradeoffs
+- Recommend a path (if asked)
+
+**Visualize**
+```
+┌─────────────────────────────────────────┐
+│     Use ASCII diagrams liberally        │
+├─────────────────────────────────────────┤
+│                                         │
+│      ┌────────┐         ┌────────┐      │
+│      │ State  │────────▶│ State  │      │
+│      │   A    │         │   B    │      │
+│      └────────┘         └────────┘      │
+│                                         │
+│   System diagrams, state machines,      │
+│   data flows, architecture sketches,    │
+│   dependency graphs, comparison tables  │
+│                                         │
+└─────────────────────────────────────────┘
+```
+
+**Surface risks and unknowns**
+- Identify what could go wrong
+- Find gaps in understanding
+- Suggest spikes or investigations
+
+---
+
+## OpenSpec Awareness
+
+You have full context of the OpenSpec system. Use it naturally, don't force it.
+
+### Check for context
+
+At the start, quickly check what exists:
+```bash
+openspec list --json
+```
+
+This tells you:
+- If there are active changes
+- Their names, schemas, and status
+- What the user might be working on
+
+### When no change exists
+
+Think freely. When insights crystallize, you might offer:
+
+- "This feels solid enough to start a change. Want me to create a proposal?"
+- Or keep exploring - no pressure to formalize
+
+### When a change exists
+
+If the user mentions a change or you detect one is relevant:
+
+1. **Read existing artifacts for context**
+   - `openspec/changes/<name>/proposal.md`
+   - `openspec/changes/<name>/design.md`
+   - `openspec/changes/<name>/tasks.md`
+   - etc.
+
+2. **Reference them naturally in conversation**
+   - "Your design mentions using Redis, but we just realized SQLite fits better..."
+   - "The proposal scopes this to premium users, but we're now thinking everyone..."
+
+3. **Offer to capture when decisions are made**
+
+    | Insight Type               | Where to Capture               |
+    |----------------------------|--------------------------------|
+    | New requirement discovered | `specs/<capability>/spec.md` |
+    | Requirement changed        | `specs/<capability>/spec.md` |
+    | Design decision made       | `design.md`                  |
+    | Scope changed              | `proposal.md`                |
+    | New work identified        | `tasks.md`                   |
+    | Assumption invalidated     | Relevant artifact              |
+
+   Example offers:
+   - "That's a design decision. Capture it in design.md?"
+   - "This is a new requirement. Add it to specs?"
+   - "This changes scope. Update the proposal?"
+
+4. **The user decides** - Offer and move on. Don't pressure. Don't auto-capture.
+
+---
+
+## What You Don't Have To Do
+
+- Follow a script
+- Ask the same questions every time
+- Produce a specific artifact
+- Reach a conclusion
+- Stay on topic if a tangent is valuable
+- Be brief (this is thinking time)
+
+---
+
+## Handling Different Entry Points
+
+**User brings a vague idea:**
+```
+User: I'm thinking about adding real-time collaboration
+
+You: Real-time collab is a big space. Let me think about this...
+
+      COLLABORATION SPECTRUM
+      ════════════════════════════════════════════
+
+      Awareness          Coordination         Sync
+          │                   │                 │
+          ▼                   ▼                 ▼
+      ┌────────┐         ┌────────┐        ┌────────┐
+      │Presence│         │Cursors │        │  CRDT  │
+      │  "3    │         │ Multi  │        │Conflict│
+      │online" │         │ select │        │  free  │
+      └────────┘         └────────┘        └────────┘
+          │                   │                 │
+       trivial            moderate           complex
+
+      Where's your head at?
+```
+
+**User brings a specific problem:**
+```
+User: The auth system is a mess
+
+You: [reads codebase]
+
+     ┌─────────────────────────────────────────────┐
+     │              CURRENT AUTH FLOW              │
+     └─────────────────────────────────────────────┘
+                        │
+          ┌─────────────┼─────────────┐
+          ▼             ▼             ▼
+     ┌─────────┐  ┌─────────┐  ┌─────────┐
+     │ Google  │  │  GitHub │  │  Email  │
+     │  OAuth  │  │  OAuth  │  │  Magic  │
+     └────┬────┘  └────┬────┘  └────┬────┘
+          │             │             │
+          └─────────────┼─────────────┘
+                        ▼
+                  ┌───────────┐
+                  │  Session  │
+                  └─────┬─────┘
+                        │
+                        ▼
+                  ┌───────────┐
+                  │   Perms   │
+                  └───────────┘
+
+     I see three tangles. Which one's burning?
+```
+
+**User is stuck mid-implementation:**
+```
+User: /opsx:explore add-auth-system
+      The OAuth integration is more complex than expected
+
+You: [reads change artifacts]
+
+     You're on task 4: "Implement OAuth flow"
+
+     Let me trace what's involved...
+
+     [draws diagram, explores options, suggests paths]
+
+     Want to update the design to reflect this?
+     Or add a spike task to investigate?
+```
+
+**User wants to compare options:**
+```
+User: Should we use Postgres or SQLite?
+
+You: Generic answer is boring. What's the context?
+
+User: A CLI tool that tracks local dev environments
+
+You: That changes everything.
+
+     ┌─────────────────────────────────────────────────┐
+     │          CLI TOOL DATA STORAGE                  │
+     └─────────────────────────────────────────────────┘
+
+     Key constraints:
+     • No daemon running
+     • Must work offline
+     • Single user
+
+                  SQLite          Postgres
+     Deployment   embedded ✓      needs server ✗
+     Offline      yes ✓           no ✗
+     Single file  yes ✓           no ✗
+
+     SQLite. Not even close.
+
+     Unless... is there a sync component?
+```
+
+---
+
+## Ending Discovery
+
+There's no required ending. Discovery might:
+
+- **Flow into a proposal**: "Ready to start? I can create a change proposal."
+- **Result in artifact updates**: "Updated design.md with these decisions"
+- **Just provide clarity**: User has what they need, moves on
+- **Continue later**: "We can pick this up anytime"
+
+When it feels like things are crystallizing, you might summarize:
+
+```
+## What We Figured Out
+
+**The problem**: [crystallized understanding]
+
+**The approach**: [if one emerged]
+
+**Open questions**: [if any remain]
+
+**Next steps** (if ready):
+- Create a change proposal
+- Keep exploring: just keep talking
+```
+
+But this summary is optional. Sometimes the thinking IS the value.
+
+---
+
+## Guardrails
+
+- **Don't implement** - Never write code or implement features. Creating OpenSpec artifacts is fine, writing application code is not.
+- **Don't fake understanding** - If something is unclear, dig deeper
+- **Don't rush** - Discovery is thinking time, not task time
+- **Don't force structure** - Let patterns emerge naturally
+- **Don't auto-capture** - Offer to save insights, don't just do it
+- **Do visualize** - A good diagram is worth many paragraphs
+- **Do explore the codebase** - Ground discussions in reality
+- **Do question assumptions** - Including the user's and your own

package/assets/skills/openspec-propose/SKILL.md

@@ -0,0 +1,110 @@
+---
+name: openspec-propose
+description: Propose a new change with all artifacts generated in one step. Use when the user wants to quickly describe what they want to build and get a complete proposal with design, specs, and tasks ready for implementation.
+license: MIT
+compatibility: Requires openspec CLI.
+metadata:
+  author: openspec
+  version: "1.0"
+  generatedBy: "1.3.1"
+---
+
+Propose a new change - create the change and generate all artifacts in one step.
+
+I'll create a change with artifacts:
+- proposal.md (what & why)
+- design.md (how)
+- tasks.md (implementation steps)
+
+When ready to implement, run /opsx:apply
+
+---
+
+**Input**: The user's request should include a change name (kebab-case) OR a description of what they want to build.
+
+**Steps**
+
+1. **If no clear input provided, ask what they want to build**
+
+   Use the **AskUserQuestion tool** (open-ended, no preset options) to ask:
+   > "What change do you want to work on? Describe what you want to build or fix."
+
+   From their description, derive a kebab-case name (e.g., "add user authentication" → `add-user-auth`).
+
+   **IMPORTANT**: Do NOT proceed without understanding what the user wants to build.
+
+2. **Create the change directory**
+   ```bash
+   openspec new change "<name>"
+   ```
+   This creates a scaffolded change at `openspec/changes/<name>/` with `.openspec.yaml`.
+
+3. **Get the artifact build order**
+   ```bash
+   openspec status --change "<name>" --json
+   ```
+   Parse the JSON to get:
+   - `applyRequires`: array of artifact IDs needed before implementation (e.g., `["tasks"]`)
+   - `artifacts`: list of all artifacts with their status and dependencies
+
+4. **Create artifacts in sequence until apply-ready**
+
+   Use the **TodoWrite tool** to track progress through the artifacts.
+
+   Loop through artifacts in dependency order (artifacts with no pending dependencies first):
+
+   a. **For each artifact that is `ready` (dependencies satisfied)**:
+      - Get instructions:
+        ```bash
+        openspec instructions <artifact-id> --change "<name>" --json
+        ```
+      - The instructions JSON includes:
+        - `context`: Project background (constraints for you - do NOT include in output)
+        - `rules`: Artifact-specific rules (constraints for you - do NOT include in output)
+        - `template`: The structure to use for your output file
+        - `instruction`: Schema-specific guidance for this artifact type
+        - `outputPath`: Where to write the artifact
+        - `dependencies`: Completed artifacts to read for context
+      - Read any completed dependency files for context
+      - Create the artifact file using `template` as the structure
+      - Apply `context` and `rules` as constraints - but do NOT copy them into the file
+      - Show brief progress: "Created <artifact-id>"
+
+   b. **Continue until all `applyRequires` artifacts are complete**
+      - After creating each artifact, re-run `openspec status --change "<name>" --json`
+      - Check if every artifact ID in `applyRequires` has `status: "done"` in the artifacts array
+      - Stop when all `applyRequires` artifacts are done
+
+   c. **If an artifact requires user input** (unclear context):
+      - Use **AskUserQuestion tool** to clarify
+      - Then continue with creation
+
+5. **Show final status**
+   ```bash
+   openspec status --change "<name>"
+   ```
+
+**Output**
+
+After completing all artifacts, summarize:
+- Change name and location
+- List of artifacts created with brief descriptions
+- What's ready: "All artifacts created! Ready for implementation."
+- Prompt: "Run `/opsx:apply` or ask me to implement to start working on the tasks."
+
+**Artifact Creation Guidelines**
+
+- Follow the `instruction` field from `openspec instructions` for each artifact type
+- The schema defines what each artifact should contain - follow it
+- Read dependency artifacts for context before creating new ones
+- Use `template` as the structure for your output file - fill in its sections
+- **IMPORTANT**: `context` and `rules` are constraints for YOU, not content for the file
+  - Do NOT copy `<context>`, `<rules>`, `<project_context>` blocks into the artifact
+  - These guide what you write, but should never appear in the output
+
+**Guardrails**
+- Create ALL artifacts needed for implementation (as defined by schema's `apply.requires`)
+- Always read dependency artifacts before creating a new one
+- If context is critically unclear, ask the user - but prefer making reasonable decisions to keep momentum
+- If a change with that name already exists, ask if user wants to continue it or create a new one
+- Verify each artifact file exists after writing before proceeding to next

package/assets/skills/superflow-archive/SKILL.md

@@ -0,0 +1,61 @@
+---
+name: superflow-archive
+description: Use when an SDD/OpenSpec change has passed verification and needs final archive confirmation, lifecycle closeout, archived state recording, or recovery from phase archive.
+---
+
+# SDD Archive
+
+Use this only after verification has passed. Archive is a user decision point:
+do not mark archived until the user confirms final closeout.
+
+## Preconditions
+
+- `.sdd/state.yaml` exists.
+- `phase: archive`.
+- `verify_result: pass`.
+- `verification_report` points to an existing report.
+- `superflow-state.sh recover <change-dir>` gives a coherent archive recovery action.
+
+## Procedure
+
+1. Run:
+   ```bash
+   ~/.codex/skills/superflow-pipeline/scripts/superflow-yaml-validate.sh <change-dir>
+   ~/.codex/skills/superflow-pipeline/scripts/superflow-state.sh status <change-dir>
+   ~/.codex/skills/superflow-pipeline/scripts/superflow-archive.sh <change-dir> --dry-run
+   ```
+2. Show the user a short archive summary:
+   - change/task directory
+   - verification report
+   - branch/worktree state
+   - whether `openspec archive <change-name> --yes` will be used
+   - any remaining `Blocked` or `Partially verified` boundary
+3. Ask for explicit confirmation before archive closeout.
+4. After confirmation, run:
+   ```bash
+   ~/.codex/skills/superflow-pipeline/scripts/superflow-archive.sh <change-dir> --apply
+   ```
+
+## Rules
+
+- Do not archive if verification failed or is only partially verified unless
+  the user explicitly accepts the boundary.
+- Do not use archive to hide missing API, DB, hook, SQL, test-report, or real
+  integration evidence.
+- In a standard `openspec/changes/<name>` layout, archive must use OpenSpec
+  archive semantics so delta specs are merged and the change is moved to
+  `openspec/changes/archive/`. State-only archive is only a fallback for
+  non-standard task directories.
+- Archive must annotate the `technical_design`, compatibility `design_doc`, and
+  `plan` paths recorded in `.sdd/state.yaml` when those files exist. The
+  annotation is `archived-with: <archive-dir-name>`; `technical_design` and
+  `design_doc` also record `status: final`. This is a lifecycle checkpoint for
+  compressed sessions and later readers, not a replacement for OpenSpec archive.
+- After OpenSpec moves the change, verify the archived directory contains
+  `.sdd/state.yaml` with `archived: true`. Do not run guards against the old
+  active path after a successful move.
+- If the user wants adjustments, run:
+  ```bash
+  ~/.codex/skills/superflow-pipeline/scripts/superflow-state.sh transition <change-dir> archive-reopen
+  ```
+  then return to verify or implement as needed.

package/assets/skills/superflow-clarify/SKILL.md

@@ -0,0 +1,146 @@
+---
+name: superflow-clarify
+description: SDD 需求理解、澄清、功能点串行确认和 API 草案冻结。Use when Codex reads a PRD, Lark/Feishu document, screenshots, prototype images, downloaded requirement docs, or oral product requirements and must process one feature at a time before generating full SDD docs. Triggers include 需求澄清、读产品文档、分析原型、功能点确认、接口草案、API 先行、feature gate、source ingestion, or preventing over-design before coding.
+---
+
+# SDD Clarify
+
+Use this skill for the first phase of SDD: understand one feature, bind text to images,
+ask only current-feature questions, draft the API shape, and freeze the feature before
+any full SDD document or implementation prompt is generated.
+
+## Hard Gates
+
+- Before freezing any new requirement or bug fix, perform platform-level impact
+  discovery. Prefer understand-anything artifacts when present, such as
+  `.understand-anything/`, `understand-anything.md`, `understand anything.md`,
+  or the project-specific graph output, but treat them only as locator evidence.
+  If artifacts are missing, stale, incomplete, or unavailable, degrade to `rg`,
+  source reading, Mapper/XML, configuration, database table names, log
+  templates, and sibling-repo search. Do not block only because
+  understand-anything is missing; block only when no platform-level impact
+  discovery evidence exists.
+- Do not freeze a feature from product text or understand-anything output alone
+  when code impact is relevant. Current source, Mapper/XML, database samples,
+  API contracts, or real consumer entry points must confirm the design.
+- When the feature depends on existing code relationships, field ownership,
+  table joins, data permissions, status transitions, or upstream/downstream
+  calls, verify the relationship before freezing with current evidence:
+  platform-level impact discovery -> source/Mapper/XML anchors -> read-only
+  database checks when source is insufficient. If the relationship is still
+  unclear, ask the programmer/user to clarify and mark the feature blocked; do
+  not invent a design from field names, graph output, or assumptions.
+- When a feature adds, changes, synchronizes, or relies on a database table or
+  status field, perform table-to-code reverse impact analysis before freezing:
+  start from each table/field, find all writers, readers, filters, status
+  recovery paths, scheduled jobs, MQ consumers, frontend/applet endpoints,
+  third-party adapters, and sibling-repo consumers. Include reverse cases such
+  as unavailable -> available, deleted -> restored, missing -> reappearing, and
+  old invalid values left behind when upstream omits a field. If the final
+  user-facing entry points are unknown, block and ask; do not freeze a design
+  that only proves the sync/write path.
+  Use `$superflow-table-impact-analysis` for this step when available.
+- When a feature relies on a status, enum, sync field, derived field, default
+  value, or compatibility behavior, freeze the business semantics before API or
+  design freezing. Record:
+  `真源字段 | 真源枚举 | 目标字段 | 目标枚举 | 消费方解释 | 业务依据 | 不确定项`.
+  Do not treat non-null, present, successful, or "has any value" as correct.
+  Do not accept fallback/default/keep-old-value behavior unless the requirement
+  or owner explicitly approves it for dirty historical data or uncontrollable
+  external input. If semantics are unclear, mark the feature blocked instead of
+  inventing a fallback.
+- Process one feature at a time, in product-document order.
+- For long PRDs, Lark/Feishu exports, screenshots, or mixed product docs, do
+  not read the whole document and generate all tasks in one pass. First create
+  a source index, then process one bounded section or feature at a time. Each
+  section must record source range/page/screenshot IDs, AI understanding,
+  open questions, API draft, confirmation status, and freeze result before the
+  next section is analyzed.
+- Do not clarify the next feature until the current feature is confirmed by the programmer.
+- Do not generate `spec.md`, `design.md`, `tasks.md`, `tests.md`, or implementation prompts before the current feature is frozen.
+- Do not rely on conversation memory for unpersisted requirement details.
+- Do not make page-invisible fields required. If the backend needs a field not shown in the UI, mark it as backend default or backend-derived.
+- Stop whenever the programmer has not confirmed the AI understanding or the rough API draft.
+
+## Required Outputs
+
+Create or update these files in the active OpenSpec change directory:
+
+- `source-ingestion.md`: source documents, read ranges, screenshots, attachments, failed reads.
+- `feature-gates.md`: per-feature status and gates.
+- `feature-inventory.md`: all discovered features and whether they reached spec/task/tests.
+- `ui-contract.md`: page fields, controls, buttons, list columns, dropdowns, API/DTO/DB mapping.
+- `gap-analysis.md`: UI/document/source gaps and over-design risks.
+- `spec-freeze-review.md`: freeze card for the current feature.
+- Platform impact evidence in one of the above documents: discovery method,
+  understand-anything index status when available, analyzed platform scope,
+  impacted modules/interfaces/tables, regression risks, source/DB/API
+  confirmation plan, and validation approach.
+- Existing-code/data relationship evidence in one of the above documents when
+  applicable: graph scope, source anchors, database checks or reason skipped,
+  final relationship judgment, and unresolved clarification questions.
+- Table reverse impact evidence when database-backed behavior is involved:
+  table/field list, all read/write/filter consumers, real user-facing entry
+  points, reverse-state scenarios, and tests required to prove those consumers.
+- Business semantic evidence when status/enum/sync/default behavior is involved:
+  source-of-truth field, enum mapping, consumer interpretation, business basis,
+  explicitly rejected fallback/default choices, and unresolved owner questions.
+
+Use the detailed workflow in:
+
+- `../superflow-pipeline/references/feature-gated-workflow.md`
+- `../superflow-pipeline/references/api-design-template.md`
+
+## Per-Feature Procedure
+
+0. For any multi-section requirement source, build or update
+   `source-ingestion.md` and `feature-inventory.md` before analysis:
+   `source | section/page/range | candidate feature | screenshots | status`.
+   Mark every candidate as `pending`, `confirmed`, `blocked`, or `out-of-scope`.
+   Do not summarize the whole PRD into tasks before this index exists.
+1. Read only the current feature's text, neighboring screenshots, and relevant attachments.
+2. Output AI understanding: business goal, user action, page entry, visible fields, buttons, list columns, dropdowns.
+3. Bind each screenshot/image to the current feature or mark it unassigned.
+4. Write the current feature into `feature-inventory.md` and `feature-gates.md`.
+5. Produce `ui-contract.md` rows for all visible and implied fields.
+6. Produce `gap-analysis.md`, especially:
+   - UI has it, backend lacks it.
+   - Backend has it, UI lacks it.
+   - Document has it, UI lacks it.
+   - UI has it, document lacks it.
+7. Identify real validation data needed by this feature, especially park codes,
+   operator/site ids, tokens, frontend payloads, external SDK data, devices,
+   payment/refund ids, exports, imports, or database seed records. If missing,
+   add a blocker instead of assuming placeholders.
+8. For existing-code-dependent decisions, write the evidence chain:
+   platform impact discovery method, understand-anything nodes/files if used,
+   source/Mapper/XML anchors, DB query evidence or why DB was not needed. If
+   any key relation is unresolved, stop and ask only current-feature
+   clarification questions.
+9. For database-backed behavior, add a table reverse impact table before
+   freezing:
+   `表/字段 | 写入方 | 读取/过滤方 | 跨仓/外部消费方 | 真实入口 | 反向状态场景 | 必测用例`.
+   If any consumer or real entry is unknown, mark the feature blocked.
+10. For status/enum/sync/default behavior, add a semantic mapping table before
+    freezing:
+    `真源字段 | 真源枚举 | 目标字段 | 目标枚举 | 消费方解释 | 业务依据 | 不确定项`.
+    If a proposed default, fallback, old-value retention, or null conversion is
+    not explicitly approved by the requirement or owner, mark it rejected and do
+    not include it in the design.
+11. Ask only current-feature clarification questions.
+12. Wait for programmer confirmation.
+13. Draft a rough API contract: path, action, core request, core response. Field types can be approximate.
+14. Wait for programmer confirmation of the rough API.
+15. Produce a precise API section with field names, types, requiredness, defaults, enums, errors, examples, and curl.
+16. Mark the feature as `已冻结` only when understanding, rough API, precise API,
+    and validation data needs are confirmed or explicitly blocked.
+17. Only after the current feature is frozen or blocked, move to the next
+    indexed feature. Do not batch-confirm multiple features from memory or a
+    compressed chat summary.
+
+## Handoff
+
+When the feature is frozen, tell the user to continue with `$openspec-propose`
+for OpenSpec document generation. After `$openspec-propose` creates the base
+artifacts, use `$superflow-docs` only for SDD quality gates, traceability, API/test
+evidence, and prompt handoff checks.

package/assets/skills/superflow-clarify/agents/openai.yaml

@@ -0,0 +1,4 @@
+interface:
+  display_name: "SDD Clarify"
+  short_description: "需求理解澄清、功能点串行门禁与 API 草案冻结阶段"
+  default_prompt: "Use $superflow-clarify to process this requirement one confirmed feature at a time before SDD docs."