@colin4k1024/tsp 2.5.1 → 2.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/commands/dashboard.md +105 -0
  2. package/commands/goal.md +142 -0
  3. package/commands/heartbeat.md +129 -0
  4. package/commands/triage.md +108 -0
  5. package/hooks/harness-context-monitor.js +4 -0
  6. package/hooks/hooks.json +23 -23
  7. package/package.json +1 -1
  8. package/schemas/goal.schema.json +172 -0
  9. package/scripts/hooks/session-start-goal-resume.js +95 -0
  10. package/scripts/hooks/suggest-compact.js +81 -19
  11. package/scripts/lib/blame-attribution.js +210 -0
  12. package/scripts/lib/completion-oracle.js +351 -0
  13. package/scripts/lib/heartbeat-scheduler.js +265 -0
  14. package/scripts/lib/wave-cost-advisor.js +155 -0
  15. package/skills/goal-convergence/SKILL.md +150 -0
  16. package/skills/goframe-v2/examples/practices/quick-demo/manifest/config/config.yaml +14 -14
  17. package/skills/loop-heartbeat/SKILL.md +120 -0
  18. package/skills/mcp-connector-bridge/SKILL.md +132 -0
  19. package/skills/repo-scan/SKILL.md +63 -63
  20. package/skills/rework-loop/SKILL.md +131 -0
  21. package/scripts/__pycache__/__init__.cpython-311.pyc +0 -0
  22. package/scripts/__pycache__/build_platform_artifacts.cpython-311.pyc +0 -0
  23. package/scripts/__pycache__/install_platform.cpython-311.pyc +0 -0
  24. package/scripts/__pycache__/langfuse_trace.cpython-311.pyc +0 -0
  25. package/scripts/__pycache__/query_audit_logs.cpython-311.pyc +0 -0
  26. package/scripts/__pycache__/scan_leaked_keys.cpython-311.pyc +0 -0
  27. package/scripts/__pycache__/team_skills_platform.cpython-311.pyc +0 -0
  28. package/scripts/__pycache__/team_skills_platform.cpython-313.pyc +0 -0
  29. package/scripts/__pycache__/validate_library.cpython-311.pyc +0 -0
  30. package/scripts/__pycache__/validate_workflow_state.cpython-311.pyc +0 -0
  31. package/scripts/evolution/__pycache__/__init__.cpython-311.pyc +0 -0
  32. package/scripts/evolution/__pycache__/store.cpython-311.pyc +0 -0
  33. package/scripts/hooks/__pycache__/__init__.cpython-311.pyc +0 -0
  34. package/scripts/hooks/__pycache__/mcp_health_check.cpython-311.pyc +0 -0
  35. package/scripts/hooks/__pycache__/observe.cpython-311.pyc +0 -0
  36. package/scripts/hooks/__pycache__/session_end.cpython-311.pyc +0 -0
  37. package/scripts/hooks/__pycache__/session_start.cpython-311.pyc +0 -0
  38. package/scripts/lib/__pycache__/audit_logger.cpython-311.pyc +0 -0
  39. package/scripts/lib/__pycache__/audit_query.cpython-311.pyc +0 -0
  40. package/scripts/lib/__pycache__/hook_contract.cpython-311.pyc +0 -0
  41. package/scripts/lib/__pycache__/memory_store.cpython-311.pyc +0 -0
  42. package/scripts/lib/__pycache__/utils.cpython-311.pyc +0 -0
@@ -1,22 +1,22 @@
1
- ---
2
- name: repo-scan
3
- description: Cross-stack source code asset audit — classifies every file, detects embedded third-party libraries, and delivers actionable four-level verdicts per module with interactive HTML reports.
4
- origin: community
5
- ---
6
-
7
- # repo-scan
8
-
9
- > Every ecosystem has its own dependency manager, but no tool looks across C++, Android, iOS, and Web to tell you: how much code is actually yours, what's third-party, and what's dead weight.
10
-
11
- ## When to Use
12
-
13
- - Taking over a large legacy codebase and need a structural overview
14
- - Before major refactoring — identify what's core, what's duplicate, what's dead
15
- - Auditing third-party dependencies embedded directly in source (not declared in package managers)
16
- - Preparing architecture decision records for monorepo reorganization
17
-
18
- ## Installation
19
-
1
+ ---
2
+ name: repo-scan
3
+ description: Cross-stack source code asset audit — classifies every file, detects embedded third-party libraries, and delivers actionable four-level verdicts per module with interactive HTML reports.
4
+ origin: community
5
+ ---
6
+
7
+ # repo-scan
8
+
9
+ > Every ecosystem has its own dependency manager, but no tool looks across C++, Android, iOS, and Web to tell you: how much code is actually yours, what's third-party, and what's dead weight.
10
+
11
+ ## When to Use
12
+
13
+ - Taking over a large legacy codebase and need a structural overview
14
+ - Before major refactoring — identify what's core, what's duplicate, what's dead
15
+ - Auditing third-party dependencies embedded directly in source (not declared in package managers)
16
+ - Preparing architecture decision records for monorepo reorganization
17
+
18
+ ## Installation
19
+
20
20
  ```bash
21
21
  # Fetch only the pinned commit for reproducibility
22
22
  mkdir -p ~/.claude/skills/repo-scan
@@ -27,52 +27,52 @@ git fetch --depth 1 origin 2742664
27
27
  git checkout --detach FETCH_HEAD
28
28
  cp -r . ~/.claude/skills/repo-scan
29
29
  ```
30
-
31
- > Review the source before installing any agent skill.
32
-
33
- ## Core Capabilities
34
-
35
- | Capability | Description |
36
- |---|---|
37
- | **Cross-stack scanning** | C/C++, Java/Android, iOS (OC/Swift), Web (TS/JS/Vue) in one pass |
38
- | **File classification** | Every file tagged as project code, third-party, or build artifact |
39
- | **Library detection** | 50+ known libraries (FFmpeg, Boost, OpenSSL…) with version extraction |
40
- | **Four-level verdicts** | Core Asset / Extract & Merge / Rebuild / Deprecate |
41
- | **HTML reports** | Interactive dark-theme pages with drill-down navigation |
42
- | **Monorepo support** | Hierarchical scanning with summary + sub-project reports |
43
-
44
- ## Analysis Depth Levels
45
-
46
- | Level | Files Read | Use Case |
47
- |---|---|---|
48
- | `fast` | 1-2 per module | Quick inventory of huge directories |
49
- | `standard` | 2-5 per module | Default audit with full dependency + architecture checks |
50
- | `deep` | 5-10 per module | Adds thread safety, memory management, API consistency |
51
- | `full` | All files | Pre-merge comprehensive review |
52
-
53
- ## How It Works
54
-
30
+
31
+ > Review the source before installing any agent skill.
32
+
33
+ ## Core Capabilities
34
+
35
+ | Capability | Description |
36
+ |---|---|
37
+ | **Cross-stack scanning** | C/C++, Java/Android, iOS (OC/Swift), Web (TS/JS/Vue) in one pass |
38
+ | **File classification** | Every file tagged as project code, third-party, or build artifact |
39
+ | **Library detection** | 50+ known libraries (FFmpeg, Boost, OpenSSL…) with version extraction |
40
+ | **Four-level verdicts** | Core Asset / Extract & Merge / Rebuild / Deprecate |
41
+ | **HTML reports** | Interactive dark-theme pages with drill-down navigation |
42
+ | **Monorepo support** | Hierarchical scanning with summary + sub-project reports |
43
+
44
+ ## Analysis Depth Levels
45
+
46
+ | Level | Files Read | Use Case |
47
+ |---|---|---|
48
+ | `fast` | 1-2 per module | Quick inventory of huge directories |
49
+ | `standard` | 2-5 per module | Default audit with full dependency + architecture checks |
50
+ | `deep` | 5-10 per module | Adds thread safety, memory management, API consistency |
51
+ | `full` | All files | Pre-merge comprehensive review |
52
+
53
+ ## How It Works
54
+
55
55
  1. **Classify the repo surface**: enumerate files, then tag each as project code, embedded third-party code, or build artifact.
56
56
  2. **Detect embedded libraries**: inspect directory names, headers, license files, and version markers to identify bundled dependencies and likely versions.
57
57
  3. **Score each module**: group files by module or subsystem, then assign one of the four verdicts based on ownership, duplication, and maintenance cost.
58
58
  4. **Highlight structural risks**: call out dead-weight artifacts, duplicated wrappers, outdated vendored code, and modules that should be extracted, rebuilt, or deprecated.
59
59
  5. **Produce the report**: return a concise summary plus the interactive HTML output with per-module drill-down so the audit can be reviewed asynchronously.
60
-
61
- ## Examples
62
-
63
- On a 50,000-file C++ monorepo:
64
- - Found FFmpeg 2.x (2015 vintage) still in production
65
- - Discovered the same SDK wrapper duplicated 3 times
66
- - Identified 636 MB of committed Debug/ipch/obj build artifacts
67
- - Classified: 3 MB project code vs 596 MB third-party
68
-
69
- ## Best Practices
70
-
71
- - Start with `standard` depth for first-time audits
72
- - Use `fast` for monorepos with 100+ modules to get a quick inventory
73
- - Run `deep` incrementally on modules flagged for refactoring
74
- - Review the cross-module analysis for duplicate detection across sub-projects
75
-
76
- ## Links
77
-
78
- - [GitHub Repository](https://github.com/haibindev/repo-scan)
60
+
61
+ ## Examples
62
+
63
+ On a 50,000-file C++ monorepo:
64
+ - Found FFmpeg 2.x (2015 vintage) still in production
65
+ - Discovered the same SDK wrapper duplicated 3 times
66
+ - Identified 636 MB of committed Debug/ipch/obj build artifacts
67
+ - Classified: 3 MB project code vs 596 MB third-party
68
+
69
+ ## Best Practices
70
+
71
+ - Start with `standard` depth for first-time audits
72
+ - Use `fast` for monorepos with 100+ modules to get a quick inventory
73
+ - Run `deep` incrementally on modules flagged for refactoring
74
+ - Review the cross-module analysis for duplicate detection across sub-projects
75
+
76
+ ## Links
77
+
78
+ - [GitHub Repository](https://github.com/haibindev/repo-scan)
@@ -0,0 +1,131 @@
1
+ ---
2
+ name: rework-loop
3
+ description: "Structured rework with git blame attribution for failed goal iterations. Maps failures to responsible changes and routes targeted fix briefs."
4
+ origin: ECC
5
+ ---
6
+
7
+ # Rework Loop
8
+
9
+ Structured rework with blame attribution for failed goal iterations.
10
+ When the oracle says "fail," don't blindly retry — identify what broke,
11
+ map it to the responsible change, and route a targeted fix.
12
+
13
+ ## When to Activate
14
+
15
+ - Oracle returns `fail` verdict during a goal iteration
16
+ - Code reviewer identifies rework-worthy issues
17
+ - Build/test failures after a maker iteration
18
+ - Manual invocation for targeted re-implementation
19
+
20
+ ## Core Concept: Blame-Attributed Rework
21
+
22
+ Blind retry is the #1 waste in autonomous loops. A rework loop instead:
23
+
24
+ 1. **Parses** failure output to extract specific failing locations
25
+ 2. **Blames** via `git diff` / `git blame` to find the responsible change
26
+ 3. **Constrains** the rework to only the affected scope
27
+ 4. **Routes** to the right specialist (TS issues → typescript-reviewer, etc.)
28
+ 5. **Tracks** rework attempts per location to detect persistent trouble spots
29
+
30
+ ```
31
+ Oracle: FAIL
32
+
33
+
34
+ Parse failure → "tests/auth.test.ts:45 — token refresh assertion fails"
35
+
36
+
37
+ Blame → "src/auth/refresh.ts:23 changed in this iteration"
38
+
39
+
40
+ Rework brief → {file: "src/auth/refresh.ts", constraint: "only fix refresh logic"}
41
+
42
+
43
+ Route → backend-engineer or typescript-reviewer
44
+
45
+
46
+ Track → attempts[src/auth/refresh.ts] += 1
47
+ ```
48
+
49
+ ## Rework Brief Format
50
+
51
+ The rework brief is a structured context packet for the next iteration:
52
+
53
+ ```markdown
54
+ ## REWORK BRIEF
55
+
56
+ **Goal:** {original objective}
57
+ **Iteration:** {N} (rework attempt {M} for this location)
58
+
59
+ **Failing evidence:**
60
+ - Test: tests/auth.test.ts:45 — "should refresh expired tokens"
61
+ - Error: Expected token.expiresAt to be > now, got 2024-01-01
62
+
63
+ **Root cause (blame):**
64
+ - File: src/auth/refresh.ts:23
65
+ - Change: Added early return before expiry check
66
+ - Commit: (this iteration, uncommitted)
67
+
68
+ **Constraint:**
69
+ - ONLY modify src/auth/refresh.ts
70
+ - DO NOT touch test files (they define correct behavior)
71
+ - The refresh logic must handle: valid token, expired token, missing token
72
+
73
+ **Suggested fix:**
74
+ - Remove the early return at line 23
75
+ - Ensure expiry check runs before refresh attempt
76
+ ```
77
+
78
+ ## Escalation Triggers
79
+
80
+ Rework escalates to triage when:
81
+
82
+ | Condition | Action |
83
+ |-----------|--------|
84
+ | 3+ rework attempts on same location | Escalate: "persistent trouble spot" |
85
+ | Rework introduces new failures | Escalate: "regression cascade" |
86
+ | Blame maps to multiple unrelated files | Escalate: "scope too broad for targeted rework" |
87
+ | No clear blame (flaky test, env issue) | Escalate: "non-deterministic failure" |
88
+
89
+ ## Blame Attribution Algorithm
90
+
91
+ 1. **Parse failure output** for file paths and line numbers
92
+ 2. **Get changed files** via `git diff --name-only` (this iteration vs last good)
93
+ 3. **Intersect** failing files with changed files
94
+ 4. **For each intersection:**
95
+ - `git diff <file>` to extract specific hunks
96
+ - Map test failure line to source change via call stack or import chain
97
+ 5. **If no intersection:** failure is pre-existing or environmental → escalate
98
+
99
+ ## Rework Tracking
100
+
101
+ Track attempts per file/function to detect patterns:
102
+
103
+ ```json
104
+ {
105
+ "src/auth/refresh.ts": {
106
+ "attempts": 3,
107
+ "lastAttempt": "2024-01-15T10:30:00Z",
108
+ "outcomes": ["fail", "fail", "pass"],
109
+ "totalCost": 1.20
110
+ }
111
+ }
112
+ ```
113
+
114
+ When `attempts >= 3` without convergence: this is a persistent trouble spot.
115
+ The loop should escalate rather than keep burning budget.
116
+
117
+ ## Integration Points
118
+
119
+ - **`/goal`**: Rework replaces blind retry in the maker-oracle loop
120
+ - **`completion-oracle.js`**: Oracle's `failReasons` feed into blame parsing
121
+ - **`/triage`**: Escalated rework items go to triage inbox
122
+ - **Specialist agents**: Rework briefs route to appropriate specialists
123
+ - **Cost advisor**: Rework attempts count toward goal budget
124
+
125
+ ## Hard Bans
126
+
127
+ - DO NOT retry without blame analysis (blind retry wastes budget)
128
+ - DO NOT modify test files during rework (tests define correct behavior)
129
+ - DO NOT expand scope beyond blamed files (scope creep = new bugs)
130
+ - DO NOT rework indefinitely (3 attempts max per location)
131
+ - DO NOT skip tracking (rework history enables pattern detection)