@deftai/directive-content 0.55.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (250) hide show
  1. package/.agents/skills/deft/SKILL.md +6 -0
  2. package/.agents/skills/deft-directive-article-review/SKILL.md +11 -0
  3. package/.agents/skills/deft-directive-build/SKILL.md +10 -0
  4. package/.agents/skills/deft-directive-cost/SKILL.md +12 -0
  5. package/.agents/skills/deft-directive-debug/SKILL.md +13 -0
  6. package/.agents/skills/deft-directive-gh-arch/SKILL.md +11 -0
  7. package/.agents/skills/deft-directive-gh-slice/SKILL.md +10 -0
  8. package/.agents/skills/deft-directive-glossary/SKILL.md +10 -0
  9. package/.agents/skills/deft-directive-interview/SKILL.md +9 -0
  10. package/.agents/skills/deft-directive-pre-pr/SKILL.md +9 -0
  11. package/.agents/skills/deft-directive-refinement/SKILL.md +10 -0
  12. package/.agents/skills/deft-directive-release/SKILL.md +12 -0
  13. package/.agents/skills/deft-directive-review-cycle/SKILL.md +10 -0
  14. package/.agents/skills/deft-directive-setup/SKILL.md +10 -0
  15. package/.agents/skills/deft-directive-swarm/SKILL.md +10 -0
  16. package/.agents/skills/deft-directive-sync/SKILL.md +9 -0
  17. package/.agents/skills/deft-directive-triage/SKILL.md +9 -0
  18. package/.agents/skills/deft-directive-write-skill/SKILL.md +9 -0
  19. package/LICENSE.md +22 -0
  20. package/QUICK-START.md +167 -0
  21. package/UPGRADING.md +517 -0
  22. package/coding/build-output.md +28 -0
  23. package/coding/coding.md +235 -0
  24. package/coding/debugging.md +110 -0
  25. package/coding/holzmann.md +96 -0
  26. package/coding/hygiene.md +127 -0
  27. package/coding/security.md +158 -0
  28. package/coding/testing.md +162 -0
  29. package/coding/toolchain.md +44 -0
  30. package/commands.md +300 -0
  31. package/context/context.md +57 -0
  32. package/context/deterministic-split.md +67 -0
  33. package/context/examples.md +26 -0
  34. package/context/fractal-summaries.md +69 -0
  35. package/context/long-horizon.md +46 -0
  36. package/context/spec-deltas.md +177 -0
  37. package/context/tool-design.md +34 -0
  38. package/context/working-memory.md +62 -0
  39. package/contracts/boundary-maps.md +65 -0
  40. package/contracts/deterministic-questions.md +59 -0
  41. package/contracts/hierarchy.md +77 -0
  42. package/conventions/content-manifest.json +399 -0
  43. package/conventions/machine-generated-banner.md +130 -0
  44. package/conventions/references.md +120 -0
  45. package/conventions/rule-ownership.json +382 -0
  46. package/conventions/task-caching.md +43 -0
  47. package/conventions/vbrief-filenames.md +70 -0
  48. package/deployments/README.md +37 -0
  49. package/deployments/agentuity/README.md +138 -0
  50. package/deployments/agentuity/via-cli.md +380 -0
  51. package/deployments/agentuity/via-cloud.md +425 -0
  52. package/deployments/agentuity/via-github-actions.md +664 -0
  53. package/deployments/agentuity/via-gravity-network.md +606 -0
  54. package/deployments/agentuity/via-vpc.md +607 -0
  55. package/deployments/aws/README.md +38 -0
  56. package/deployments/aws/via-app-runner.md +612 -0
  57. package/deployments/aws/via-ecs-fargate.md +561 -0
  58. package/deployments/aws/via-elastic-beanstalk.md +628 -0
  59. package/deployments/aws/via-lambda.md +649 -0
  60. package/deployments/azure/README.md +37 -0
  61. package/deployments/azure/via-aks.md +390 -0
  62. package/deployments/azure/via-app-service.md +564 -0
  63. package/deployments/azure/via-container-apps.md +599 -0
  64. package/deployments/azure/via-functions.md +552 -0
  65. package/deployments/cloud-gov/README.md +63 -0
  66. package/deployments/cloud-gov/agents/compliance-docs.md +154 -0
  67. package/deployments/cloud-gov/agents.md +39 -0
  68. package/deployments/cloud-gov/cicd.md +64 -0
  69. package/deployments/cloud-gov/deployment.md +150 -0
  70. package/deployments/cloud-gov/logging.md +43 -0
  71. package/deployments/cloud-gov/manifest.md +121 -0
  72. package/deployments/cloud-gov/overview.md +58 -0
  73. package/deployments/cloud-gov/security.md +46 -0
  74. package/deployments/cloud-gov/services.md +72 -0
  75. package/deployments/cloud-gov/upstream/README.md +18 -0
  76. package/deployments/cloudflare/README.md +33 -0
  77. package/deployments/cloudflare/via-dashboard.md +83 -0
  78. package/deployments/cloudflare/via-git.md +90 -0
  79. package/deployments/cloudflare/via-github-actions.md +185 -0
  80. package/deployments/cloudflare/via-terraform.md +157 -0
  81. package/deployments/cloudflare/via-wrangler.md +165 -0
  82. package/deployments/fly-io/README.md +37 -0
  83. package/deployments/fly-io/via-dockerfile.md +648 -0
  84. package/deployments/fly-io/via-flyctl.md +653 -0
  85. package/deployments/fly-io/via-github-actions.md +695 -0
  86. package/deployments/fly-io/via-multi-region.md +598 -0
  87. package/deployments/google/README.md +34 -0
  88. package/deployments/google/via-app-engine.md +42 -0
  89. package/deployments/google/via-cloud-functions.md +23 -0
  90. package/deployments/google/via-cloud-run.md +330 -0
  91. package/deployments/google/via-gke.md +23 -0
  92. package/deployments/netlify/README.md +99 -0
  93. package/deployments/netlify/via-cli.md +17 -0
  94. package/deployments/netlify/via-functions.md +19 -0
  95. package/deployments/netlify/via-git.md +25 -0
  96. package/deployments/vercel/README.md +90 -0
  97. package/deployments/vercel/via-api.md +16 -0
  98. package/deployments/vercel/via-cli.md +17 -0
  99. package/deployments/vercel/via-git.md +24 -0
  100. package/docs/BROWNFIELD.md +179 -0
  101. package/docs/getting-started.md +137 -0
  102. package/docs/good-agents-md.md +137 -0
  103. package/events/README.md +89 -0
  104. package/events/event-record.schema.json +26 -0
  105. package/events/registry.json +166 -0
  106. package/events/registry.schema.json +71 -0
  107. package/glossary.md +145 -0
  108. package/incidents/README.md +81 -0
  109. package/incidents/_template.md +38 -0
  110. package/interfaces/cli.md +104 -0
  111. package/interfaces/rest.md +212 -0
  112. package/interfaces/tui.md +242 -0
  113. package/interfaces/web.md +123 -0
  114. package/languages/6502-DASM.md +132 -0
  115. package/languages/c.md +235 -0
  116. package/languages/commands.md +23 -0
  117. package/languages/cpp.md +132 -0
  118. package/languages/csharp.md +259 -0
  119. package/languages/dart.md +183 -0
  120. package/languages/delphi.md +218 -0
  121. package/languages/elixir.md +208 -0
  122. package/languages/go.md +78 -0
  123. package/languages/java.md +278 -0
  124. package/languages/javascript.md +163 -0
  125. package/languages/julia.md +175 -0
  126. package/languages/kotlin.md +193 -0
  127. package/languages/markdown.md +168 -0
  128. package/languages/mermaid.md +146 -0
  129. package/languages/officejs.md +392 -0
  130. package/languages/python.md +209 -0
  131. package/languages/r.md +163 -0
  132. package/languages/rust.md +216 -0
  133. package/languages/sql.md +216 -0
  134. package/languages/swift.md +153 -0
  135. package/languages/typescript.md +132 -0
  136. package/languages/vba.md +279 -0
  137. package/languages/vhdl.md +180 -0
  138. package/languages/visual-basic.md +151 -0
  139. package/languages/zig.md +196 -0
  140. package/meta/SOUL.md +27 -0
  141. package/meta/code-field.md +44 -0
  142. package/meta/morals.md +40 -0
  143. package/meta/philosophy.md +39 -0
  144. package/meta/project.md +49 -0
  145. package/meta/ralph.md +223 -0
  146. package/meta/security.md +80 -0
  147. package/meta/versioning.md +326 -0
  148. package/package.json +22 -0
  149. package/packs/lessons/lessons-pack-0.1.json +553 -0
  150. package/packs/patterns/patterns-pack-0.1.json +57 -0
  151. package/packs/rules/rules-pack-0.1.json +4767 -0
  152. package/packs/skills/skills-pack-0.1.json +262 -0
  153. package/packs/strategies/strategies-pack-0.1.json +167 -0
  154. package/packs/swarm-spec/swarm-spec-pack-0.1.json +17 -0
  155. package/patterns/executor-layer-credentials.md +227 -0
  156. package/patterns/llm-app.md +156 -0
  157. package/patterns/multi-agent.md +278 -0
  158. package/patterns/prompt-assembly-layer-ordering.md +154 -0
  159. package/patterns/role-as-overlay.md +179 -0
  160. package/platforms/2600.md +137 -0
  161. package/platforms/unity.md +329 -0
  162. package/references/composer-skill-porting.md +152 -0
  163. package/references/cost-models.md +163 -0
  164. package/references/ip-risk.md +246 -0
  165. package/references/plain-english-ux.md +275 -0
  166. package/resilience/context-pruning.md +67 -0
  167. package/resilience/continue-here.md +62 -0
  168. package/scm/changelog.md +276 -0
  169. package/scm/git.md +139 -0
  170. package/scm/github.md +265 -0
  171. package/secrets/.gitkeep +0 -0
  172. package/skills/deft-build/SKILL.md +20 -0
  173. package/skills/deft-directive-article-review/SKILL.md +156 -0
  174. package/skills/deft-directive-build/SKILL.md +302 -0
  175. package/skills/deft-directive-cost/SKILL.md +201 -0
  176. package/skills/deft-directive-debug/SKILL.md +140 -0
  177. package/skills/deft-directive-decompose/SKILL.md +96 -0
  178. package/skills/deft-directive-gh-arch/SKILL.md +160 -0
  179. package/skills/deft-directive-gh-slice/SKILL.md +199 -0
  180. package/skills/deft-directive-glossary/SKILL.md +118 -0
  181. package/skills/deft-directive-interview/SKILL.md +528 -0
  182. package/skills/deft-directive-pre-pr/SKILL.md +131 -0
  183. package/skills/deft-directive-probe/SKILL.md +127 -0
  184. package/skills/deft-directive-refinement/SKILL.md +403 -0
  185. package/skills/deft-directive-release/SKILL.md +266 -0
  186. package/skills/deft-directive-review-cycle/SKILL.md +401 -0
  187. package/skills/deft-directive-setup/SKILL.md +717 -0
  188. package/skills/deft-directive-swarm/SKILL.md +989 -0
  189. package/skills/deft-directive-sync/SKILL.md +288 -0
  190. package/skills/deft-directive-triage/SKILL.md +137 -0
  191. package/skills/deft-directive-write-skill/SKILL.md +169 -0
  192. package/skills/deft-interview/SKILL.md +16 -0
  193. package/skills/deft-pre-pr/SKILL.md +16 -0
  194. package/skills/deft-review-cycle/SKILL.md +16 -0
  195. package/skills/deft-roadmap-refresh/SKILL.md +16 -0
  196. package/skills/deft-setup/SKILL.md +20 -0
  197. package/skills/deft-swarm/SKILL.md +16 -0
  198. package/skills/deft-sync/SKILL.md +16 -0
  199. package/strategies/README.md +83 -0
  200. package/strategies/artifact-guards.md +85 -0
  201. package/strategies/bdd.md +115 -0
  202. package/strategies/brownfield.md +7 -0
  203. package/strategies/discuss.md +129 -0
  204. package/strategies/emit-hints.md +69 -0
  205. package/strategies/enterprise.md +193 -0
  206. package/strategies/interview.md +551 -0
  207. package/strategies/map.md +179 -0
  208. package/strategies/probe.md +151 -0
  209. package/strategies/rapid.md +155 -0
  210. package/strategies/research.md +155 -0
  211. package/strategies/roadmap.md +9 -0
  212. package/strategies/speckit.md +437 -0
  213. package/strategies/v0-20-contract.md +134 -0
  214. package/strategies/yolo.md +169 -0
  215. package/swarm/swarm.md +300 -0
  216. package/templates/COST-ESTIMATE.md +114 -0
  217. package/templates/PULL_REQUEST_TEMPLATE.md +35 -0
  218. package/templates/agent-prompt-preamble.md +409 -0
  219. package/templates/agents-entry.md +211 -0
  220. package/templates/agents-entry.placeholders.md +75 -0
  221. package/templates/embed.go +20 -0
  222. package/templates/embed_test.go +36 -0
  223. package/templates/make-spec-example.md +9 -0
  224. package/templates/make-spec.md +246 -0
  225. package/templates/project.md.template +52 -0
  226. package/templates/specification.md +1 -0
  227. package/templates/swarm-greptile-poller-prompt.md +556 -0
  228. package/templates/user.md.template +31 -0
  229. package/tools/RWLDL.md +80 -0
  230. package/tools/greptile.md +141 -0
  231. package/tools/installer.md +23 -0
  232. package/tools/taskfile-migration.md +32 -0
  233. package/tools/taskfile.md +185 -0
  234. package/tools/telemetry.md +285 -0
  235. package/vbrief/schemas/cache-meta.schema.json +137 -0
  236. package/vbrief/schemas/candidates.schema.json +130 -0
  237. package/vbrief/schemas/codebase-map.schema.json +213 -0
  238. package/vbrief/schemas/lessons-pack.schema.json +134 -0
  239. package/vbrief/schemas/patterns-pack.schema.json +84 -0
  240. package/vbrief/schemas/rules-pack.schema.json +105 -0
  241. package/vbrief/schemas/skills-pack.schema.json +94 -0
  242. package/vbrief/schemas/slices.schema.json +87 -0
  243. package/vbrief/schemas/strategies-pack.schema.json +89 -0
  244. package/vbrief/schemas/swarm-spec-pack.schema.json +84 -0
  245. package/vbrief/schemas/vbrief-core.schema.json +1022 -0
  246. package/vbrief/vbrief.md +684 -0
  247. package/verification/integration.md +76 -0
  248. package/verification/plan-checking.md +85 -0
  249. package/verification/uat.md +60 -0
  250. package/verification/verification.md +117 -0
package/scm/github.md ADDED
@@ -0,0 +1,265 @@
1
+ # GitHub Standards
2
+
3
+ Legend (from RFC2119): !=MUST, ~=SHOULD, ≉=SHOULD NOT, ⊗=MUST NOT, ?=MAY.
4
+
5
+ **See also**: [main.md](../../main.md) | [git.md](./git.md) | [changelog.md](./changelog.md)
6
+
7
+ **Stack**: gh CLI 2.0+, GitHub Actions, Conventional Commits, issue/PR workflows
8
+
9
+ ## Standing gh CLI Rules
10
+
11
+ Rules that apply to every `gh` invocation, regardless of context.
12
+
13
+ - ! Use `--body-file` for PR and issue bodies longer than one line -- inline `--body` strings break on special characters, newlines, and shell escaping across platforms
14
+ - ! For Markdown-rich issue bodies, PR bodies, and issue/PR comments, prefer the canonical safe wrapper: `task scm:body:* -- --repo OWNER/NAME ... --body-file <path>`. It reads UTF-8 body text from a file or stdin, sends JSON to `gh api` without shell interpolation, and immediately performs live `gh` read-back.
15
+ - ! Never place Markdown containing backticks inside a double-quoted shell command. In Bash and zsh, a body fragment like ``"include `ghx`"`` runs command substitution before `gh` receives the text, corrupting the posted body.
16
+ - ! Write `--body-file` temp files to the OS temp directory, not the worktree -- writing temp files inside the worktree triggers `rm` denylist collisions that block autonomous swarm agents in Warp (the agent cannot delete files via `rm` in autonomous mode)
17
+ - **PowerShell:**
18
+ ```powershell
19
+ $bodyFile = [System.IO.Path]::GetTempFileName()
20
+ [System.IO.File]::WriteAllText($bodyFile, $content, [System.Text.UTF8Encoding]::new($false))
21
+ gh pr create --title "feat: example" --body-file $bodyFile
22
+ ```
23
+ - **Unix (bash/zsh):**
24
+ ```bash
25
+ bodyFile=$(mktemp)
26
+ echo "$content" > "$bodyFile"
27
+ gh pr create --title "feat: example" --body-file "$bodyFile"
28
+ ```
29
+ - No explicit `rm` is needed after `gh pr create` -- the file lives outside the worktree, which is the key advantage: it eliminates the `rm` step that collides with the Warp autonomous agent `rm` denylist. (OS temp directories are eventually cleaned by the OS on Unix/macOS; on Windows they persist until manually purged, but agent cleanup is not required.)
30
+ - ! Immediately verify after every create or edit operation:
31
+ - After `gh pr create`: run `gh pr view <number>` to confirm title, body, and labels rendered correctly
32
+ - After `gh issue create`: run `gh issue view <number>` to confirm body content
33
+ - After `gh pr edit`: re-fetch and verify the edited field
34
+ - ! Use live `gh` for immediate read-back after a mutation. Do not use `ghx` for the first verification GET because it may serve a cached stale response.
35
+ - ~ Prefer `gh api` for structured/programmatic queries (filtering, bulk reads, JSON output) and `gh pr`/`gh issue` for quick ad-hoc commands
36
+ - ⊗ Construct multi-line `--body` strings inline in shell commands -- always write to a temp file and use `--body-file`
37
+ - ⊗ Construct Markdown-rich `gh api -f body="..."` or `gh issue comment --body "..."` commands when the body contains backticks, dollar signs, quotes, or fenced code blocks -- use a body file and the `scm:body:*` wrapper instead
38
+ - ⊗ Write `--body-file` temp files inside the worktree or repository directory -- always use the OS temp directory (`$env:TEMP` on PowerShell, `$TMPDIR` or `/tmp` on Unix)
39
+
40
+ ## Safe Markdown Body Posting (#1555)
41
+
42
+ Use `scripts/github_body.py` through the task surface whenever an agent needs to post or edit Markdown-rich GitHub text. The helper accepts `--body-file <path>` or `--body-file -`, wraps the body as JSON inside Python, calls `gh api --input -` through the UTF-8-safe subprocess helper, and prints the live read-back object returned by `gh`.
43
+
44
+ Safe issue creation:
45
+
46
+ ```bash
47
+ task scm:body:issue:create -- \
48
+ --repo deftai/directive \
49
+ --title "tooling: safe body example" \
50
+ --body-file "$bodyFile"
51
+ ```
52
+
53
+ Safe issue or PR comment creation:
54
+
55
+ ```bash
56
+ task scm:body:comment:create -- \
57
+ --repo deftai/directive \
58
+ --issue 1555 \
59
+ --body-file "$bodyFile"
60
+ ```
61
+
62
+ Safe issue comment edit with live read-back:
63
+
64
+ ```bash
65
+ task scm:body:comment:edit -- \
66
+ --repo deftai/directive \
67
+ --comment 123456789 \
68
+ --body-file "$bodyFile"
69
+ ```
70
+
71
+ The helper's stdout is the live post-mutation GitHub object, so inspect the `body` field from that output first. If you need a second manual verification, use live REST through `gh api repos/OWNER/REPO/issues/comments/<id>` or `gh api repos/OWNER/REPO/issues/<number>`; do not use `ghx` for immediate read-back after the mutation because it may return a cached GET.
72
+
73
+ ## PR Workflow Conventions
74
+
75
+ ### Merge Strategy
76
+
77
+ - ! Use squash-merge as the default merge method: `gh pr merge --squash --delete-branch`
78
+ - ~ Squash-merge keeps the mainline history linear and readable -- one commit per PR
79
+ - ? Use merge commits only when preserving individual commit history is explicitly required (e.g., vendor imports)
80
+ - ⊗ Use rebase-merge on PRs with multiple commits unless the author explicitly requests it
81
+
82
+ ### Branch Lifecycle
83
+
84
+ - ! Create feature branches from `master` (or the project's default branch)
85
+ - ! Each branch serves a single purpose -- one issue or one cohesive change
86
+ - ! Include closing keywords in the PR body (`Closes #N`, `Fixes #N`) so GitHub auto-closes issues on merge
87
+ - ! Delete the branch after merge (`--delete-branch` flag on `gh pr merge`)
88
+ - ⊗ Reuse a branch for a second PR after the first has merged
89
+ - ~ Name branches descriptively: `docs/add-github-guide`, `fix/bootstrap-loop`, `feat/swarm-phase0`
90
+
91
+ ### PR Standards
92
+
93
+ - ! Use Conventional Commits format for PR titles
94
+ - ~ Keep PRs small (< 400 lines changed ideal)
95
+ - ! Ensure all CI checks pass before requesting review
96
+ - ~ Link to related issues using closing keywords
97
+ - ~ Explain "why" not just "what" in the PR description
98
+ - ! Run `task check` before opening a PR
99
+
100
+ ### Review Guidelines
101
+
102
+ **Approval criteria (MUST be met)**:
103
+
104
+ - Code follows language standards (python.md, go.md, cpp.md)
105
+ - Tests pass with required coverage threshold
106
+ - Conventional Commits format
107
+ - No security vulnerabilities
108
+ - Documentation updated
109
+ - No breaking changes (or properly documented)
110
+
111
+ **Review tone (SHOULD follow)**:
112
+
113
+ - Be constructive and specific
114
+ - Explain "why" not just "what"
115
+ - Suggest alternatives when requesting changes
116
+ - Focus on correctness, maintainability, performance (in that order)
117
+
118
+ ## Post-Merge Issue Verification
119
+
120
+ ! After a PR is squash-merged, verify that all referenced issues were actually closed. Squash merges can silently fail to process closing keywords (`Closes #N`, `Fixes #N`) from the PR body (#167).
121
+
122
+ 1. ! For each issue referenced with a closing keyword in the PR body, run:
123
+ ```
124
+ gh issue view <N> --json state --jq .state
125
+ ```
126
+ 2. ! If the issue state is not `CLOSED`, close it manually with a comment referencing the merged PR:
127
+ ```
128
+ gh issue close <N> --comment "Closed by #<PR> (squash merge -- auto-close did not trigger)"
129
+ ```
130
+ 3. ~ This applies to ALL PR merges, not just swarm runs. See also: `skills/deft-review-cycle/SKILL.md` Post-Merge Verification, `skills/deft-directive-swarm/SKILL.md` Phase 6 Step 2.
131
+
132
+ ## Windows / PowerShell Encoding Guidance
133
+
134
+ PowerShell 5.x (Windows default) uses UTF-16LE internally and may inject a BOM or transcode `gh` CLI output unexpectedly. These issues are silent -- files look correct in the editor but fail on `edit_files` or `git diff`.
135
+
136
+ - ! Use UTF-8 without BOM for all `--body-file` content written from scripts or agents
137
+ - ! On PowerShell 5.x, set encoding before writing temp files:
138
+ ```powershell
139
+ [System.IO.File]::WriteAllText($path, $content, [System.Text.UTF8Encoding]::new($false))
140
+ ```
141
+ - ~ Avoid piping `gh` output through PowerShell 5.x redirection (`>`, `Out-File`) -- these default to UTF-16LE; use .NET `WriteAllText` with the BOM-free constructor instead (see rule below)
142
+ - ~ Prefer PowerShell 7+ (`pwsh`) which defaults to UTF-8 without BOM
143
+ - ! Use `Get-Content -Raw` to read a file as a single string -- reading without `-Raw` processes line-by-line and can inject BOM characters or silently mangle Unicode characters (em-dashes, curly quotes) when the file is re-written
144
+ - ! For BOM-safe file writes after agent reads, use `[System.IO.File]::WriteAllText($path, $content, [System.Text.UTF8Encoding]::new($false))` -- never use `Set-Content` (even with `-Encoding UTF8`) or `Out-File` in PS 5.1, as both inject a BOM regardless of the `-Encoding` flag (`Out-File -Encoding utf8NoBOM` requires PS 7+ and is unavailable in PS 5.1)
145
+
146
+ **Rationale**: PS 5.1 defaults to UTF-16LE for `Set-Content` and UTF-8-with-BOM for some paths, causing silent mojibake on round-trip. The combination of `Get-Content -Raw` for reads and `[System.IO.File]::WriteAllText` for writes is the only reliable BOM-safe round-trip pattern.
147
+
148
+ ### Warp Terminal Multi-Line String Handling
149
+
150
+ - ! Never paste multi-line PowerShell string literals (here-strings `@" ... "@`) directly into the Warp agent input box -- Warp splits multi-line input across separate command blocks, causing syntax errors or silent truncation. Always write multi-line PS content to a temp file first (e.g. `[System.IO.File]::WriteAllText($tmpFile, $content, [System.Text.UTF8Encoding]::new($false))`), then use the temp file path in subsequent commands
151
+
152
+ ## Windows / ASCII Conventions for Machine-Editable Sections
153
+
154
+ Agent `edit_files` operations can fail when structured file sections contain Unicode characters that do not round-trip cleanly through Windows toolchains (xref warpdotdev/warp#9022). The following rules apply to **machine-editable structured sections**: ROADMAP.md phase bodies, CHANGELOG.md entries, and Open Issues Index rows.
155
+
156
+ - ~ In machine-editable structured sections, prefer ASCII punctuation:
157
+ - Use `--` instead of em-dash
158
+ - Use `->` instead of arrow characters
159
+ - Avoid emoji in body text (emoji in headings or decorative positions are acceptable)
160
+ - ! Never use Unicode em-dashes, curly quotes, or non-ASCII arrow characters in CHANGELOG.md entries or ROADMAP.md index rows -- these cause `edit_files` search/replace mismatches when the tool's internal encoding differs from the file's byte representation
161
+ - ~ Use straight quotes (`"`, `'`) rather than curly/smart quotes in all machine-edited files
162
+ - ? Prose-only sections (README narrative, philosophy docs) may use Unicode freely since they are rarely machine-edited
163
+
164
+ **Rationale**: The `edit_files` tool performs exact byte-string matching. When Windows agents write files through encoding layers that silently substitute characters (e.g., em-dash `\u2014` vs. `--`), subsequent search/replace operations fail because the stored bytes no longer match the search string. Sticking to ASCII in structured sections eliminates this class of failure.
165
+
166
+ ## Issue Workflow
167
+
168
+ **Best practices**:
169
+ - ~ Search for duplicates before creating
170
+ - ! Include reproduction steps, expected/actual behavior, environment details
171
+ - ~ Apply appropriate labels and assign when taking ownership
172
+ - ~ Link related issues and PRs
173
+
174
+ ### Issue Labels
175
+
176
+ **Priority**: `priority:critical` (production down), `priority:high` (major broken), `priority:medium` (important, not blocking), `priority:low` (nice to have)
177
+
178
+ **Type**: `bug`, `feat`, `docs`, `refactor`, `test`, `chore`
179
+
180
+ **Status**: `status:blocked`, `status:in-progress`, `status:needs-info`, `status:wontfix`
181
+
182
+ ### Post-1.0.0 Issue Linking
183
+
184
+ Following a v1.0.0 release, commits:
185
+
186
+ - ! link to existing or new issues for: Features, bugs, breaking changes, architecture decisions
187
+ - ≉ create issues for: Typos, formatting, dependency bumps, refactoring same code
188
+ - ~ create issues for: Anything someone might search for later, or that needs discussion
189
+
190
+ **Format**: Reference issues in commit messages using `Closes #123`, `Fixes #456`, or `Relates to #789`
191
+
192
+ ## GitHub Actions Best Practices
193
+
194
+ **CI Workflows**:
195
+ - ~ Provide fast feedback (fail fast, cache dependencies)
196
+ - ~ Use matrix testing for multiple versions
197
+ - ! Run `task check` for quality gates
198
+ - ~ Upload coverage reports
199
+
200
+ **Security**:
201
+ - ! Use GitHub Secrets for CI/CD credentials
202
+ - ⊗ Commit secrets to repo
203
+ - ~ Keep secrets in `secrets/` dir locally (gitignored)
204
+ - ~ Rotate secrets regularly
205
+
206
+ ## Branch Protection
207
+
208
+ **Recommended settings** for `main`:
209
+ - ! Require PR reviews (1+ approvals)
210
+ - ! Require status checks to pass
211
+ - ! Require branches to be up to date
212
+ - ~ Require conversation resolution
213
+ - ~ Require linear history
214
+ - ⊗ Allow force pushes
215
+ - ⊗ Allow deletions
216
+
217
+ ## Destructive gh verbs (#1019)
218
+
219
+ A detection-bound gate (`scripts/preflight_gh.py`) refuses three classes of destructive surface before they execute, complementing the #747 branch-protection gate which already refuses commits to the default branch:
220
+
221
+ - `delete_repo` -- `gh repo delete <owner/repo>` and `gh api -X DELETE repos/<owner>/<repo>[/...]`. Irreversible.
222
+ - `force_push_default` -- `git push --force` / `--force-with-lease` / `+refspec` targeting `master` or `main`.
223
+ - `admin_merge` -- `gh pr merge --admin` (bypasses branch-protection required reviews).
224
+
225
+ Three enforcement surfaces back the gate:
226
+
227
+ 1. `.githooks/pre-push` invokes `preflight_gh.py --pre-push-stdin` after the #747 branch gate, refusing any push that touches the default branch (force-push or otherwise). Install via `task setup` (idempotent `git config core.hooksPath .githooks`); verify via `task verify:hooks-installed`.
228
+ 2. `task verify:destructive-gh-verbs` is wired into the `task check` aggregate. It runs `preflight_gh.py --self-test`, which drives a built-in fixture table through the classifier so a future edit that introduces a false negative / false positive fails CI immediately.
229
+ 3. Agent pre-execution callers can invoke `python scripts/preflight_gh.py --command "<full command>"` to classify a candidate verb before it executes. Three-state exit (0 allowed / 1 destructive refused / 2 config error) mirrors `scripts/preflight_branch.py`.
230
+
231
+ **Override paths:**
232
+
233
+ - `DEFT_ALLOW_DESTRUCTIVE_GH_VERBS=1` -- per-shell emergency env-var bypass. Mirrors `DEFT_ALLOW_DEFAULT_BRANCH_COMMIT` (#747). The gate prints an explicit `policy bypassed for this session` line so the bypass is auditable after the fact.
234
+ - For repo deletion specifically: prefer the GitHub web UI's archive-or-delete prompt -- archiving is reversible, the gate is not opining on it.
235
+ - For an admin merge: the canonical recovery is to request review through the normal flow. The `--admin` flag is gated because the most-common legitimate use case (release hot-fix) is rare enough that documenting an explicit bypass is cheaper than letting the verb pass by default.
236
+
237
+ **Out of scope (v1):** a PATH-shim that intercepts `gh` at the command layer is deferred -- the consent-gated install path mirrors `setup_ghx.py` (#884) and lands additively when a follow-up issue is opened. The current gate is detection-bound (pre-push hook + agent-side `--command` classifier + self-test contract) rather than execution-bound, which is sufficient to refuse the recurring failure mode that motivated #1019 (an agent with an unrestricted `gh` token executing a destructive verb).
238
+
239
+ ## Release Workflow (UCCPR)
240
+
241
+ **UCCPR** = Update Changelog, Commit, Push, Release
242
+
243
+ Standard workflow for releasing new versions:
244
+
245
+ 1. Update `CHANGELOG.md` -- move `[Unreleased]` entries to new version section with date
246
+ 2. Update `VERSION` constant in main script/package file
247
+ 3. Commit: `git commit -m "chore: release v<X.Y.Z>"`
248
+ 4. Push to default branch
249
+ 5. Tag: `git tag v<X.Y.Z> && git push origin v<X.Y.Z>`
250
+ 6. Release: `gh release create v<X.Y.Z> --title "Deft v<X.Y.Z>" --notes-file release-notes.md`
251
+
252
+ ## Compliance
253
+
254
+ - ! Use Conventional Commits for all PR titles
255
+ - ! Maintain CHANGELOG.md following [Keep a Changelog](./changelog.md) format
256
+ - ! Use [Semantic Versioning](../meta/versioning.md) for releases
257
+ - ! Include CHANGELOG.md content in release notes
258
+ - ! Maintain test coverage at or above PROJECT.md threshold
259
+ - ! Pass all CI checks before merge
260
+ - ~ Request reviews from appropriate team members
261
+ - ~ Link PRs to related issues
262
+ - ~ Use gh CLI for automation where possible
263
+ - ⊗ Force-push to protected branches
264
+ - ! Keep PR scope focused and size reasonable
265
+ - ! Update documentation with code changes
File without changes
@@ -0,0 +1,20 @@
1
+ <!-- DEFT-PREAMBLE-V1 -->
2
+ <!-- deft:deprecated-skill-redirect -->
3
+ ! Before any other instruction in this file or in the consumer AGENTS.md, run `python3 deft/run gate`.
4
+ ! If exit code is 0, continue.
5
+ ! Otherwise: read `deft/UPGRADING.md`, find the section whose "Applies when" clause matches the state vector printed by the gate, and follow that section verbatim. Respect any "Restart required" directive -- if present, stop and tell the user to start a fresh session after cleanup commands complete.
6
+
7
+ # Deprecated skill path — v0.19 → v0.20 bridge
8
+
9
+ This skill path is deprecated. Read `deft/QUICK-START.md` for current routing.
10
+ The current replacement skill is `deft-directive-build` (at `skills/deft-directive-build/SKILL.md`).
11
+
12
+ Do not add real content here. This file exists so that stale v0.19 `AGENTS.md` files
13
+ that reference old `deft/skills/deft-*` paths keep working through one release cycle.
14
+ QUICK-START.md refreshes the Deft-managed section of `AGENTS.md` to the current
15
+ v0.20 `deft-directive-*` skill paths.
16
+
17
+ See:
18
+ - [../../QUICK-START.md](../../QUICK-START.md) — agent bootstrap + upgrade detection
19
+ - [../../UPGRADING.md](../../UPGRADING.md) — version-by-version upgrade guide
20
+ - [../../docs/BROWNFIELD.md](../../docs/BROWNFIELD.md) — brownfield adoption / migration
@@ -0,0 +1,156 @@
1
+ ---
2
+ name: deft-directive-article-review
3
+ description: >-
4
+ Evaluate an article, paper, or post for lessons that could improve
5
+ directive. Analyzes two axes: how concepts improve directive's own
6
+ implementation, and how they improve the projects directive creates.
7
+ Produces filtered suggestions, iterates with the user, and optionally
8
+ creates GitHub issues on the directive repo. Use when evaluating an article,
9
+ paper, post, or URL for directive improvements, or when the user says
10
+ "analyze this article", "evaluate this article", or "what can we learn from
11
+ this for directive".
12
+ triggers:
13
+ - evaluate article
14
+ - analyze article
15
+ - review article for directive
16
+ - extract lessons
17
+ - what can we learn from this
18
+ - article for directive
19
+ metadata:
20
+ clawdbot:
21
+ requires:
22
+ bins: ["gh"]
23
+ ---
24
+ <!-- AUTO-GENERATED by task packs:render -- DO NOT EDIT MANUALLY -->
25
+ <!-- Purpose: rendered skill -->
26
+ <!-- Source of truth: packs/skills/skills-pack-0.1.json -->
27
+ <!-- Regenerate with: task packs:render -->
28
+ <!-- Edit the source, not this file. Slice instead of loading every SKILL.md: task packs:slice skills by-trigger --trigger <kw> (or list) -->
29
+
30
+ # Deft Article Review
31
+
32
+ Evaluate an article, paper, or blog post for lessons that could improve directive —
33
+ both how directive itself is implemented and what directive helps create.
34
+
35
+ Legend (from RFC2119): !=MUST, ~=SHOULD, ≉=SHOULD NOT, ⊗=MUST NOT, ?=MAY.
36
+
37
+ ---
38
+
39
+ ## Directive Reference
40
+
41
+ Use this summary to evaluate whether article ideas are genuinely novel or already covered by the framework.
42
+
43
+ **Directive** is a development framework that combines indexed documentation, task automation, and AI-assisted workflows.
44
+
45
+ **main.md (front door)** — Central entry/index for a Karpathy-wiki-style set of lazy-loaded markdown rules organized into sections: `coding/`, `languages/`, `interfaces/`, `tools/`, `scm/`, `contracts/`, `swarm/`, `strategies/`, `vbrief/`, and `templates/`. Agents load only what's relevant.
46
+
47
+ **Taskfiles (go-task)** — Single entrypoint for all repeatable operations. Core flows: `task dev`, `task test`, `task build`, `task release`. Composed via `deps`; logic lives in scripts/binaries. Caching via `sources/generates + method: checksum`. Namespaced tasks (`docker:build`, `db:migrate`). Every user-facing task has a `desc`; internal wiring marked `internal: true`.
48
+
49
+ **vbrief** — Structured JSON artifacts in `./vbrief/` covering current state and forward planning: `plan.vbrief.json` (todos/progress), `specification.vbrief.json` (project specs), `playbook-{name}.vbrief.json` (reusable playbooks), `continue.vbrief.json` (interruption recovery). Drives the full lifecycle: planning → specification → execution → checkpointing → resumption. Refreshed via `deft-sync` at session start.
50
+
51
+ **Skills** — Versioned, reusable workflows triggered by keywords: `deft-setup` (bootstrap), `deft-build` (implement from spec), `deft-sync` (refresh framework + vbrief), `deft-pre-pr` (quality loop), `deft-review-cycle` (PR bot feedback), `deft-swarm` (parallel agent orchestration), `deft-roadmap-refresh` (issue triage), `deft-interview` (structured Q&A). Skills chain together and encode lessons from prior runs.
52
+
53
+ ## When to Use
54
+
55
+ - User shares a URL, local file path, or pasted text to analyze for directive improvements
56
+ - User says "what can we learn from this for directive" or "evaluate this article"
57
+ - After reading a research paper, practitioner post, or technical write-up that seems relevant
58
+
59
+ ## Prerequisites
60
+
61
+ - ! If a URL is provided, fetch and read the full content before beginning analysis
62
+ - ! If a local file path is provided, read the file
63
+ - ! If pasted text, work from the provided content
64
+ - ⊗ Begin analysis before reading the full content
65
+
66
+ ---
67
+
68
+ ## Process
69
+
70
+ ### Step 1: Ingest the article
71
+
72
+ - ! Read the full content — do not skim or skip sections
73
+ - ~ Note the source type (research paper, practitioner blog, product docs, etc.) as it affects how much weight to give conclusions
74
+
75
+ ### Step 2: Evaluate Axis 1 — How can this improve directive's own implementation?
76
+
77
+ Look for lessons applicable to how directive itself is built, structured, and maintained:
78
+
79
+ - ! Skills and strategies: are there new skills, strategies, or workflow patterns directive should adopt?
80
+ - ! Framework architecture: does this suggest changes to lazy loading, vBRIEF, AGENTS.md structure, or the patterns/ directory?
81
+ - ! Agent safety and reliability: does this reveal new failure modes or defenses directive should encode?
82
+ - ! Tooling: does this suggest new tasks, task patterns, or SCM conventions directive should add?
83
+ - ~ Naming, directory structure, or documentation conventions worth adopting
84
+
85
+ ### Step 3: Evaluate Axis 2 — How can this improve the projects directive creates?
86
+
87
+ Look for lessons applicable to projects that directive-guided agents build:
88
+
89
+ - ! Coding standards: new rules for languages/, coding/, or patterns/ that would improve project quality
90
+ - ! Security: new vulnerabilities or defenses projects should implement (e.g., agent trap defenses, LLM application security)
91
+ - ! Architecture patterns: new patterns/ content for multi-agent, LLM apps, safety-critical, or other system types
92
+ - ! Testing, observability, or deployment practices worth encoding as directive standards
93
+ - ~ Stack recommendations or technology choices with clear rationale
94
+
95
+ ### Step 4: Filter and prioritize
96
+
97
+ - ! Discard ideas that are not genuinely actionable or relevant — not everything in an article applies to directive
98
+ - ! Rate each suggestion: **High** (actionable now, clear value), **Medium** (worth considering, needs evaluation), **Low/Speculative** (interesting but hypothetical)
99
+ - ! Note which existing directive files or issues each suggestion would affect
100
+ - ⊗ Present every idea uncritically — only surface ideas with real directive relevance
101
+
102
+ ### Step 5: Cross-reference open issues
103
+
104
+ - ! Run `gh issue list --repo deftai/directive --state open --limit 100` to retrieve the current open issue backlog
105
+ - ! For each suggestion from Step 4, check whether an open issue already covers it — fully or partially
106
+ - ! If a suggestion duplicates an open issue: drop it from the proposal and note the existing issue number
107
+ - ! If a suggestion extends or relates to an open issue: flag it as "extends #N" rather than proposing a standalone new issue
108
+ - ~ Scan the open issue list for trends (e.g. a cluster of agent-safety issues, a cluster of pattern/ gaps) — use trends to sharpen framing or prioritization of remaining suggestions
109
+ - ⊗ Propose a new issue for something already tracked — deduplication is mandatory
110
+
111
+ ### Step 6: Present suggestions to the user
112
+
113
+ Present a structured summary organized by axis. For each suggestion:
114
+ - Brief description of the idea
115
+ - Why it's relevant to directive specifically
116
+ - Which file(s) or directory it would affect
117
+ - Confidence rating (High / Medium / Low)
118
+
119
+ ! After presenting, explicitly ask:
120
+ > "Does any of this resonate? Do you want to modify, combine, or drop any of these before we decide what to file?"
121
+
122
+ Allow the user to comment, change framing, merge suggestions, or remove any. Iterate until the user is satisfied with the set.
123
+
124
+ ### Step 7: Offer issue creation
125
+
126
+ ! Ask the user:
127
+ > "Should I create GitHub issues for any of these? I can create one per suggestion or group related ones."
128
+
129
+ - ! If yes: create issues on `deftai/directive` using `gh issue create` with:
130
+ - A clear title following conventional commit style (`feat(area):`, `refactor(area):`, `research(area):`, etc.)
131
+ - Body that describes the suggestion, the source article, and the specific directive files affected
132
+ - A note if the suggestion is speculative/research-grade vs. immediately actionable
133
+ - A reference to any related open issues ("extends #N", "related to #N")
134
+ - Issue-label hygiene: inspect existing repo labels with `gh label list` or the labels API, choose suitable existing labels when practical, or explicitly note that no label was applied. This is a recommendation, not a gate -- do not block issue creation solely because no label fits, and do not invent ad hoc labels outside the repo's existing label set.
135
+ - ! After creating issues, print the issue URLs
136
+ - ⊗ Create issues without explicit user confirmation
137
+
138
+ ### Step 8: Offer further exploration
139
+
140
+ ! After completing the above, ask:
141
+ > "Is there anything else from this article worth exploring — related tools, referenced papers, or follow-on questions?"
142
+
143
+ If yes, follow the thread. This may include fetching related URLs, evaluating referenced work, or researching specific concepts mentioned in the article.
144
+
145
+ ---
146
+
147
+ ## Anti-Patterns
148
+
149
+ - ⊗ Treating every idea in the article as directive-relevant — filter aggressively
150
+ - ⊗ Creating issues before the user approves the suggestion set
151
+ - ⊗ Skipping the user feedback step and going straight to issue creation
152
+ - ⊗ Summarizing without reading the full content
153
+ - ⊗ Presenting unrated suggestions — every suggestion needs a confidence level
154
+ - ⊗ Filing a single giant issue for all suggestions — one issue per distinct suggestion or related group
155
+ - ⊗ Proposing a new issue without first checking whether it duplicates an open one
156
+ - ⊗ Evaluating directive relevance without consulting the Directive Reference section above