@colin4k1024/tsp 2.5.0 → 2.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/README.md +67 -0
  2. package/commands/dashboard.md +105 -0
  3. package/commands/goal.md +142 -0
  4. package/commands/heartbeat.md +129 -0
  5. package/commands/triage.md +108 -0
  6. package/hooks/README.md +1 -1
  7. package/hooks/harness-context-monitor.js +4 -0
  8. package/hooks/hooks.json +27 -26
  9. package/hooks/strategic-compact/README.md +7 -5
  10. package/hooks/strategic-compact/suggest-compact.js +9 -174
  11. package/marketplace.json +7 -8
  12. package/package.json +1 -1
  13. package/schemas/goal.schema.json +172 -0
  14. package/scripts/harness-audit.js +7 -4
  15. package/scripts/hooks/session-start-goal-resume.js +95 -0
  16. package/scripts/hooks/suggest-compact.js +392 -62
  17. package/scripts/install-platform.js +68 -85
  18. package/scripts/lib/blame-attribution.js +210 -0
  19. package/scripts/lib/completion-oracle.js +351 -0
  20. package/scripts/lib/heartbeat-scheduler.js +265 -0
  21. package/scripts/lib/opencode/convert-agents.js +273 -0
  22. package/scripts/lib/opencode/convert-hooks.js +286 -0
  23. package/scripts/lib/opencode/generate-agents-md.js +361 -0
  24. package/scripts/lib/wave-cost-advisor.js +155 -0
  25. package/scripts/test-opencode-install.js +151 -0
  26. package/skills/goal-convergence/SKILL.md +150 -0
  27. package/skills/goframe-v2/examples/practices/quick-demo/manifest/config/config.yaml +14 -14
  28. package/skills/loop-heartbeat/SKILL.md +120 -0
  29. package/skills/mcp-connector-bridge/SKILL.md +132 -0
  30. package/skills/repo-scan/SKILL.md +63 -63
  31. package/skills/rework-loop/SKILL.md +131 -0
  32. package/scripts/__pycache__/__init__.cpython-311.pyc +0 -0
  33. package/scripts/__pycache__/build_platform_artifacts.cpython-311.pyc +0 -0
  34. package/scripts/__pycache__/install_platform.cpython-311.pyc +0 -0
  35. package/scripts/__pycache__/langfuse_trace.cpython-311.pyc +0 -0
  36. package/scripts/__pycache__/query_audit_logs.cpython-311.pyc +0 -0
  37. package/scripts/__pycache__/scan_leaked_keys.cpython-311.pyc +0 -0
  38. package/scripts/__pycache__/team_skills_platform.cpython-311.pyc +0 -0
  39. package/scripts/__pycache__/team_skills_platform.cpython-313.pyc +0 -0
  40. package/scripts/__pycache__/validate_library.cpython-311.pyc +0 -0
  41. package/scripts/__pycache__/validate_workflow_state.cpython-311.pyc +0 -0
  42. package/scripts/evolution/__pycache__/__init__.cpython-311.pyc +0 -0
  43. package/scripts/evolution/__pycache__/store.cpython-311.pyc +0 -0
  44. package/scripts/hooks/__pycache__/__init__.cpython-311.pyc +0 -0
  45. package/scripts/hooks/__pycache__/mcp_health_check.cpython-311.pyc +0 -0
  46. package/scripts/hooks/__pycache__/observe.cpython-311.pyc +0 -0
  47. package/scripts/hooks/__pycache__/session_end.cpython-311.pyc +0 -0
  48. package/scripts/hooks/__pycache__/session_start.cpython-311.pyc +0 -0
  49. package/scripts/lib/__pycache__/audit_logger.cpython-311.pyc +0 -0
  50. package/scripts/lib/__pycache__/audit_query.cpython-311.pyc +0 -0
  51. package/scripts/lib/__pycache__/hook_contract.cpython-311.pyc +0 -0
  52. package/scripts/lib/__pycache__/memory_store.cpython-311.pyc +0 -0
  53. package/scripts/lib/__pycache__/utils.cpython-311.pyc +0 -0
@@ -0,0 +1,132 @@
1
+ ---
2
+ name: mcp-connector-bridge
3
+ description: "Active MCP connector polling that integrates external tools (issue trackers, error monitoring, CI) into the heartbeat loop for cross-system discovery."
4
+ origin: ECC
5
+ ---
6
+
7
+ # MCP Connector Bridge
8
+
9
+ Active MCP connector polling that integrates external tools into the heartbeat loop.
10
+ The difference between an agent that says "here is the fix" vs a loop that opens
11
+ the PR, links the ticket, and pings the channel — by itself.
12
+
13
+ ## When to Activate
14
+
15
+ - User configures `.claude/connectors.yaml` with active MCP servers
16
+ - Heartbeat scheduler includes connector-based scans
17
+ - User invokes `/heartbeat start` with connector scans configured
18
+ - External event triggers a connector poll
19
+
20
+ ## Core Concept
21
+
22
+ MCP connectors let the loop touch real tools: issue trackers, error monitoring,
23
+ databases, CI systems, chat platforms. Without connectors, the loop is isolated
24
+ to the local repo. With connectors, it can discover issues from anywhere.
25
+
26
+ ```
27
+ Heartbeat tick
28
+
29
+ ├─ Local scans (test, lint, type-check)
30
+
31
+ └─ Connector scans (MCP servers)
32
+ ├─ GitHub: "List open issues assigned to me"
33
+ ├─ Sentry: "List unresolved errors in last 24h"
34
+ └─ Linear: "List my in-progress tasks stale >7d"
35
+ ```
36
+
37
+ ## Configuration
38
+
39
+ Create `.claude/connectors.yaml`:
40
+
41
+ ```yaml
42
+ connectors:
43
+ - name: "github-issues"
44
+ server: "github"
45
+ heartbeatScan: "List open issues assigned to me with label:bug"
46
+ triageOnNew: true
47
+ priority: "medium"
48
+
49
+ - name: "sentry-errors"
50
+ server: "sentry"
51
+ heartbeatScan: "List unresolved errors from last 24 hours"
52
+ triageOnNew: true
53
+ priority: "high"
54
+
55
+ - name: "linear-tasks"
56
+ server: "linear"
57
+ heartbeatScan: "List my in-progress tasks not updated in 7 days"
58
+ autoGoalOnStale: "7d"
59
+ priority: "low"
60
+
61
+ - name: "slack-mentions"
62
+ server: "slack"
63
+ heartbeatScan: "Check unread mentions in engineering channel"
64
+ triageOnNew: true
65
+ priority: "low"
66
+ ```
67
+
68
+ ## Connector Scan Fields
69
+
70
+ | Field | Required | Description |
71
+ |-------|----------|-------------|
72
+ | `name` | Yes | Unique connector identifier |
73
+ | `server` | Yes | MCP server name (must be configured in mcp-configs/) |
74
+ | `heartbeatScan` | Yes | Prompt to send to the MCP server |
75
+ | `triageOnNew` | No | Create triage items for new findings |
76
+ | `autoGoalOnStale` | No | Auto-create goal if stale beyond duration |
77
+ | `priority` | No | Default severity for triage items (high/medium/low) |
78
+ | `enabled` | No | Disable without removing (default: true) |
79
+
80
+ ## Health Check
81
+
82
+ Before polling, verify connector is reachable:
83
+
84
+ 1. Check MCP server is configured in project MCP settings
85
+ 2. Verify server responds to basic query
86
+ 3. If unreachable: skip this connector, log warning
87
+ 4. If reachable: execute heartbeatScan prompt
88
+
89
+ Builds on existing `pre:mcp-health-check` hook.
90
+
91
+ ## Result Classification
92
+
93
+ Connector scan results follow the same classification as local scans:
94
+
95
+ | Finding | Action |
96
+ |---------|--------|
97
+ | New issue discovered | → Triage item (if `triageOnNew: true`) |
98
+ | Stale task detected | → Auto-goal (if `autoGoalOnStale` configured) |
99
+ | No new findings | → Skip silently |
100
+ | Connection failed | → Log warning, skip |
101
+
102
+ ## Integration Points
103
+
104
+ - **`/heartbeat`**: Connector scans run alongside local scans during each tick
105
+ - **`/triage`**: New connector findings populate the triage inbox
106
+ - **`/goal`**: Stale task connectors can auto-create goals
107
+ - **`mcp-configs/`**: Connector references must match configured MCP servers
108
+ - **MCP health hook**: Validates connectivity before scan
109
+
110
+ ## Hard Bans
111
+
112
+ - Connectors MUST NOT write to external systems during discovery (read-only scans)
113
+ - Failed connections MUST NOT block local heartbeat scans
114
+ - Connector output MUST be size-limited (prevent token overflow from large responses)
115
+ - Credentials MUST NOT be stored in connectors.yaml (use MCP server config)
116
+ - Polling frequency MUST respect rate limits of external services
117
+
118
+ ## Example Flow
119
+
120
+ ```
121
+ Heartbeat tick (every 30m):
122
+ Local scans: ✓ tests pass, ✓ lint clean
123
+ Connector scans:
124
+ github-issues: Found 2 new bugs → triage inbox
125
+ sentry-errors: No new errors → skip
126
+ linear-tasks: 1 task stale 10 days → auto-goal created
127
+
128
+ Result:
129
+ 2 triage items created from GitHub
130
+ 1 goal created from Linear stale task
131
+ Total: 3 actions from this tick
132
+ ```
@@ -1,22 +1,22 @@
1
- ---
2
- name: repo-scan
3
- description: Cross-stack source code asset audit — classifies every file, detects embedded third-party libraries, and delivers actionable four-level verdicts per module with interactive HTML reports.
4
- origin: community
5
- ---
6
-
7
- # repo-scan
8
-
9
- > Every ecosystem has its own dependency manager, but no tool looks across C++, Android, iOS, and Web to tell you: how much code is actually yours, what's third-party, and what's dead weight.
10
-
11
- ## When to Use
12
-
13
- - Taking over a large legacy codebase and need a structural overview
14
- - Before major refactoring — identify what's core, what's duplicate, what's dead
15
- - Auditing third-party dependencies embedded directly in source (not declared in package managers)
16
- - Preparing architecture decision records for monorepo reorganization
17
-
18
- ## Installation
19
-
1
+ ---
2
+ name: repo-scan
3
+ description: Cross-stack source code asset audit — classifies every file, detects embedded third-party libraries, and delivers actionable four-level verdicts per module with interactive HTML reports.
4
+ origin: community
5
+ ---
6
+
7
+ # repo-scan
8
+
9
+ > Every ecosystem has its own dependency manager, but no tool looks across C++, Android, iOS, and Web to tell you: how much code is actually yours, what's third-party, and what's dead weight.
10
+
11
+ ## When to Use
12
+
13
+ - Taking over a large legacy codebase and need a structural overview
14
+ - Before major refactoring — identify what's core, what's duplicate, what's dead
15
+ - Auditing third-party dependencies embedded directly in source (not declared in package managers)
16
+ - Preparing architecture decision records for monorepo reorganization
17
+
18
+ ## Installation
19
+
20
20
  ```bash
21
21
  # Fetch only the pinned commit for reproducibility
22
22
  mkdir -p ~/.claude/skills/repo-scan
@@ -27,52 +27,52 @@ git fetch --depth 1 origin 2742664
27
27
  git checkout --detach FETCH_HEAD
28
28
  cp -r . ~/.claude/skills/repo-scan
29
29
  ```
30
-
31
- > Review the source before installing any agent skill.
32
-
33
- ## Core Capabilities
34
-
35
- | Capability | Description |
36
- |---|---|
37
- | **Cross-stack scanning** | C/C++, Java/Android, iOS (OC/Swift), Web (TS/JS/Vue) in one pass |
38
- | **File classification** | Every file tagged as project code, third-party, or build artifact |
39
- | **Library detection** | 50+ known libraries (FFmpeg, Boost, OpenSSL…) with version extraction |
40
- | **Four-level verdicts** | Core Asset / Extract & Merge / Rebuild / Deprecate |
41
- | **HTML reports** | Interactive dark-theme pages with drill-down navigation |
42
- | **Monorepo support** | Hierarchical scanning with summary + sub-project reports |
43
-
44
- ## Analysis Depth Levels
45
-
46
- | Level | Files Read | Use Case |
47
- |---|---|---|
48
- | `fast` | 1-2 per module | Quick inventory of huge directories |
49
- | `standard` | 2-5 per module | Default audit with full dependency + architecture checks |
50
- | `deep` | 5-10 per module | Adds thread safety, memory management, API consistency |
51
- | `full` | All files | Pre-merge comprehensive review |
52
-
53
- ## How It Works
54
-
30
+
31
+ > Review the source before installing any agent skill.
32
+
33
+ ## Core Capabilities
34
+
35
+ | Capability | Description |
36
+ |---|---|
37
+ | **Cross-stack scanning** | C/C++, Java/Android, iOS (OC/Swift), Web (TS/JS/Vue) in one pass |
38
+ | **File classification** | Every file tagged as project code, third-party, or build artifact |
39
+ | **Library detection** | 50+ known libraries (FFmpeg, Boost, OpenSSL…) with version extraction |
40
+ | **Four-level verdicts** | Core Asset / Extract & Merge / Rebuild / Deprecate |
41
+ | **HTML reports** | Interactive dark-theme pages with drill-down navigation |
42
+ | **Monorepo support** | Hierarchical scanning with summary + sub-project reports |
43
+
44
+ ## Analysis Depth Levels
45
+
46
+ | Level | Files Read | Use Case |
47
+ |---|---|---|
48
+ | `fast` | 1-2 per module | Quick inventory of huge directories |
49
+ | `standard` | 2-5 per module | Default audit with full dependency + architecture checks |
50
+ | `deep` | 5-10 per module | Adds thread safety, memory management, API consistency |
51
+ | `full` | All files | Pre-merge comprehensive review |
52
+
53
+ ## How It Works
54
+
55
55
  1. **Classify the repo surface**: enumerate files, then tag each as project code, embedded third-party code, or build artifact.
56
56
  2. **Detect embedded libraries**: inspect directory names, headers, license files, and version markers to identify bundled dependencies and likely versions.
57
57
  3. **Score each module**: group files by module or subsystem, then assign one of the four verdicts based on ownership, duplication, and maintenance cost.
58
58
  4. **Highlight structural risks**: call out dead-weight artifacts, duplicated wrappers, outdated vendored code, and modules that should be extracted, rebuilt, or deprecated.
59
59
  5. **Produce the report**: return a concise summary plus the interactive HTML output with per-module drill-down so the audit can be reviewed asynchronously.
60
-
61
- ## Examples
62
-
63
- On a 50,000-file C++ monorepo:
64
- - Found FFmpeg 2.x (2015 vintage) still in production
65
- - Discovered the same SDK wrapper duplicated 3 times
66
- - Identified 636 MB of committed Debug/ipch/obj build artifacts
67
- - Classified: 3 MB project code vs 596 MB third-party
68
-
69
- ## Best Practices
70
-
71
- - Start with `standard` depth for first-time audits
72
- - Use `fast` for monorepos with 100+ modules to get a quick inventory
73
- - Run `deep` incrementally on modules flagged for refactoring
74
- - Review the cross-module analysis for duplicate detection across sub-projects
75
-
76
- ## Links
77
-
78
- - [GitHub Repository](https://github.com/haibindev/repo-scan)
60
+
61
+ ## Examples
62
+
63
+ On a 50,000-file C++ monorepo:
64
+ - Found FFmpeg 2.x (2015 vintage) still in production
65
+ - Discovered the same SDK wrapper duplicated 3 times
66
+ - Identified 636 MB of committed Debug/ipch/obj build artifacts
67
+ - Classified: 3 MB project code vs 596 MB third-party
68
+
69
+ ## Best Practices
70
+
71
+ - Start with `standard` depth for first-time audits
72
+ - Use `fast` for monorepos with 100+ modules to get a quick inventory
73
+ - Run `deep` incrementally on modules flagged for refactoring
74
+ - Review the cross-module analysis for duplicate detection across sub-projects
75
+
76
+ ## Links
77
+
78
+ - [GitHub Repository](https://github.com/haibindev/repo-scan)
@@ -0,0 +1,131 @@
1
+ ---
2
+ name: rework-loop
3
+ description: "Structured rework with git blame attribution for failed goal iterations. Maps failures to responsible changes and routes targeted fix briefs."
4
+ origin: ECC
5
+ ---
6
+
7
+ # Rework Loop
8
+
9
+ Structured rework with blame attribution for failed goal iterations.
10
+ When the oracle says "fail," don't blindly retry — identify what broke,
11
+ map it to the responsible change, and route a targeted fix.
12
+
13
+ ## When to Activate
14
+
15
+ - Oracle returns `fail` verdict during a goal iteration
16
+ - Code reviewer identifies rework-worthy issues
17
+ - Build/test failures after a maker iteration
18
+ - Manual invocation for targeted re-implementation
19
+
20
+ ## Core Concept: Blame-Attributed Rework
21
+
22
+ Blind retry is the #1 waste in autonomous loops. A rework loop instead:
23
+
24
+ 1. **Parses** failure output to extract specific failing locations
25
+ 2. **Blames** via `git diff` / `git blame` to find the responsible change
26
+ 3. **Constrains** the rework to only the affected scope
27
+ 4. **Routes** to the right specialist (TS issues → typescript-reviewer, etc.)
28
+ 5. **Tracks** rework attempts per location to detect persistent trouble spots
29
+
30
+ ```
31
+ Oracle: FAIL
32
+
33
+
34
+ Parse failure → "tests/auth.test.ts:45 — token refresh assertion fails"
35
+
36
+
37
+ Blame → "src/auth/refresh.ts:23 changed in this iteration"
38
+
39
+
40
+ Rework brief → {file: "src/auth/refresh.ts", constraint: "only fix refresh logic"}
41
+
42
+
43
+ Route → backend-engineer or typescript-reviewer
44
+
45
+
46
+ Track → attempts[src/auth/refresh.ts] += 1
47
+ ```
48
+
49
+ ## Rework Brief Format
50
+
51
+ The rework brief is a structured context packet for the next iteration:
52
+
53
+ ```markdown
54
+ ## REWORK BRIEF
55
+
56
+ **Goal:** {original objective}
57
+ **Iteration:** {N} (rework attempt {M} for this location)
58
+
59
+ **Failing evidence:**
60
+ - Test: tests/auth.test.ts:45 — "should refresh expired tokens"
61
+ - Error: Expected token.expiresAt to be > now, got 2024-01-01
62
+
63
+ **Root cause (blame):**
64
+ - File: src/auth/refresh.ts:23
65
+ - Change: Added early return before expiry check
66
+ - Commit: (this iteration, uncommitted)
67
+
68
+ **Constraint:**
69
+ - ONLY modify src/auth/refresh.ts
70
+ - DO NOT touch test files (they define correct behavior)
71
+ - The refresh logic must handle: valid token, expired token, missing token
72
+
73
+ **Suggested fix:**
74
+ - Remove the early return at line 23
75
+ - Ensure expiry check runs before refresh attempt
76
+ ```
77
+
78
+ ## Escalation Triggers
79
+
80
+ Rework escalates to triage when:
81
+
82
+ | Condition | Action |
83
+ |-----------|--------|
84
+ | 3+ rework attempts on same location | Escalate: "persistent trouble spot" |
85
+ | Rework introduces new failures | Escalate: "regression cascade" |
86
+ | Blame maps to multiple unrelated files | Escalate: "scope too broad for targeted rework" |
87
+ | No clear blame (flaky test, env issue) | Escalate: "non-deterministic failure" |
88
+
89
+ ## Blame Attribution Algorithm
90
+
91
+ 1. **Parse failure output** for file paths and line numbers
92
+ 2. **Get changed files** via `git diff --name-only` (this iteration vs last good)
93
+ 3. **Intersect** failing files with changed files
94
+ 4. **For each intersection:**
95
+ - `git diff <file>` to extract specific hunks
96
+ - Map test failure line to source change via call stack or import chain
97
+ 5. **If no intersection:** failure is pre-existing or environmental → escalate
98
+
99
+ ## Rework Tracking
100
+
101
+ Track attempts per file/function to detect patterns:
102
+
103
+ ```json
104
+ {
105
+ "src/auth/refresh.ts": {
106
+ "attempts": 3,
107
+ "lastAttempt": "2024-01-15T10:30:00Z",
108
+ "outcomes": ["fail", "fail", "pass"],
109
+ "totalCost": 1.20
110
+ }
111
+ }
112
+ ```
113
+
114
+ When `attempts >= 3` without convergence: this is a persistent trouble spot.
115
+ The loop should escalate rather than keep burning budget.
116
+
117
+ ## Integration Points
118
+
119
+ - **`/goal`**: Rework replaces blind retry in the maker-oracle loop
120
+ - **`completion-oracle.js`**: Oracle's `failReasons` feed into blame parsing
121
+ - **`/triage`**: Escalated rework items go to triage inbox
122
+ - **Specialist agents**: Rework briefs route to appropriate specialists
123
+ - **Cost advisor**: Rework attempts count toward goal budget
124
+
125
+ ## Hard Bans
126
+
127
+ - DO NOT retry without blame analysis (blind retry wastes budget)
128
+ - DO NOT modify test files during rework (tests define correct behavior)
129
+ - DO NOT expand scope beyond blamed files (scope creep = new bugs)
130
+ - DO NOT rework indefinitely (3 attempts max per location)
131
+ - DO NOT skip tracking (rework history enables pattern detection)