@elvis1513/auto-coding-skill 0.2.0 → 0.3.0

package/README.md

@@ -6,8 +6,8 @@ Engineering workflow skill for:
 - Codex CLI
 
 This branch is specialized for Go backend + frontend monorepo projects that build Docker images locally, validate with project `docker compose`, and rely on Jenkins to auto-build and update target environments after push.
-It supports both Claude and Codex. During development, it should prefer already available MCP servers, installed skills, plugins, and app connectors for design, research, documentation, verification, and external system updates.
-It should also prefer multi-agent execution whenever the work can be split into parallel subtasks safely.
+It supports both Claude and Codex. During development, it prefers already available MCP servers, installed skills, plugins, and app connectors for design, research, documentation, verification, and external system updates.
+It also prefers multi-agent execution whenever the work can be split into parallel subtasks safely.
 
 ## Install
 
@@ -71,6 +71,13 @@ This frontmatter is the only manual config source (commands + local Docker runti
 - `git push` is expected to trigger Jenkins automatically.
 - Task is not complete until Jenkins succeeds and the target environment health check passes.
 
+8. Branch rule during execution:
+
+- `dev` is the long-lived integration branch.
+- If there is no parallel work conflict, prefer `dev`-first.
+- If the repo is in detached HEAD, worktree mode, or another task is already mutating `dev`, create a temporary task branch first.
+- Temporary branches should stay task-scoped and rebase back to latest `dev` before final integration.
+
 ## AGENTS.md Constraint Example
 
 ```md
@@ -79,7 +86,7 @@ This frontmatter is the only manual config source (commands + local Docker runti
 - Before any code change, read and obey:
   1) docs/ENGINEERING.md
   2) docs/tasks/taskbook.md
-- Execute gates using `python3 scripts/autopipeline/ap.py`.
+- Execute gates using `python3 docs/tools/autopipeline/ap.py`.
 - If required docs are missing, create/update docs first, then code.
 ```
 
@@ -139,30 +146,56 @@ This frontmatter is the only manual config source (commands + local Docker runti
 - Purpose:
   - Full regression matrix against the local Compose environment; must be 0 FAIL.
 - How to record:
-  - Add/maintain rows by regression ID (R-xxx), area, steps/command, expected, status, evidence.
-  - If any FAIL exists, gate fails.
+  - Add rows by regression ID (R-xxx), area, steps/command, expected, status, evidence.
+  - New or unexecuted rows must stay `TODO`.
+  - `PASS` is valid only after real execution with non-placeholder evidence.
+  - If any row is not `PASS`, or evidence is placeholder text, gate fails.
+
+## Branch Policy
+
+- `dev` is the only long-lived integration branch.
+- Temporary branches are preferred when parallel worktrees or concurrent tasks would otherwise collide on `dev`.
+- Temporary branches should be small, task-scoped, and rebased frequently against latest `dev`.
+- Final integration target remains `dev`; temporary branches are not release branches.
+
+## CI Trigger Strategy
+
+- Prefer split Jenkins behavior:
+- Branch or MR validation job for build/test/lint/typecheck and optional non-deploy runtime checks.
+- `dev` integration/deploy job for actual deployment-triggering pushes.
+- Avoid duplicate deploy triggers from both merge acceptance events and `dev` push events.
 
 ## Commands
 
 ```bash
 pip install pyyaml requests
-python3 scripts/autopipeline/ap.py run build
-python3 scripts/autopipeline/ap.py run test
-python3 scripts/autopipeline/ap.py run lint
-python3 scripts/autopipeline/ap.py run docker_build
-python3 scripts/autopipeline/ap.py runtime-up
-python3 scripts/autopipeline/ap.py wait-health
-python3 scripts/autopipeline/ap.py run smoke
-python3 scripts/autopipeline/ap.py run regression
-python3 scripts/autopipeline/ap.py runtime-down
-python3 scripts/autopipeline/ap.py verify-jenkins
-python3 scripts/autopipeline/ap.py wait-health --scope prod
-python3 scripts/autopipeline/ap.py verify-api-docs
-python3 scripts/autopipeline/ap.py check-matrix
-python3 scripts/autopipeline/ap.py gen-summary T0001-1
-python3 scripts/autopipeline/ap.py commit-push T0001-1 --msg "T0001-1: <summary>" --require-runtime-health --require-jenkins --require-matrix
+python3 docs/tools/autopipeline/ap.py run build
+python3 docs/tools/autopipeline/ap.py run test
+python3 docs/tools/autopipeline/ap.py run lint
+python3 docs/tools/autopipeline/ap.py run typecheck
+python3 docs/tools/autopipeline/ap.py run docker_build
+python3 docs/tools/autopipeline/ap.py runtime-up
+python3 docs/tools/autopipeline/ap.py wait-health
+python3 docs/tools/autopipeline/ap.py run smoke
+python3 docs/tools/autopipeline/ap.py run regression
+python3 docs/tools/autopipeline/ap.py runtime-down
+python3 docs/tools/autopipeline/ap.py verify-jenkins
+python3 docs/tools/autopipeline/ap.py verify-jenkins-build --git-ref HEAD
+python3 docs/tools/autopipeline/ap.py wait-health --scope prod
+python3 docs/tools/autopipeline/ap.py verify-api-docs
+python3 docs/tools/autopipeline/ap.py check-matrix
+python3 docs/tools/autopipeline/ap.py gen-summary T0001-1
+python3 docs/tools/autopipeline/ap.py commit-push T0001-1 --msg "T0001-1: <summary>" --require-runtime-health --require-jenkins --require-matrix
 ```
 
+## Quality Gate Expectations
+
+- Backend quality gate: `commands.test` must pass.
+- Frontend quality gate: at minimum `commands.build`, `commands.lint`, and `commands.typecheck` must pass.
+- Regression matrix rows must start as `TODO` until actually executed.
+- `PASS` requires real evidence, not placeholders.
+- Before final commit/push, clean temporary logs, screenshots, generated artifacts, and cache by-products. `.local/` may remain when it is the intended local runtime data directory.
+
 ## Publish (NPM)
 
 1. Sync assets and basic check:

package/cli/assets/skill/SKILL.md

@@ -75,35 +75,66 @@ This contains all manual fields:
 
 Do not duplicate config in other md/yaml files.
 
+## Branch policy
+
+- `dev` remains the only long-lived integration branch.
+- Default behavior stays `dev`-first when there is no parallel work conflict.
+- If Claude or Codex is operating in a derived worktree, detached HEAD, or any parallel task context where another thread is already changing `dev`, prefer creating a temporary branch from the latest `dev` before editing.
+- Name temporary branches after the task, preferably `codex/<task-id>-<slug>` such as `codex/t0005-domestic-payment-site`.
+- Keep the temporary branch scoped to one task, complete design/implementation/verification there, then merge or rebase it back onto `dev` only after local gates pass.
+- Do not treat temporary branches as release branches; the final integration target is still `dev`.
+- In temporary-branch mode, work in small, closed-loop slices. Each slice should have a clear scope, synchronized docs, the relevant local validation, and a commit that can stand on its own.
+- Rebase temporary branches frequently against the latest `dev` to keep merge surfaces small.
+
+## CI trigger strategy
+
+- Prefer a split Jenkins model when parallel worktrees are active:
+- MR or branch validation job: build/test/lint/typecheck and optional non-deploy runtime checks on temporary branches or merge requests.
+- `dev` integration/deploy job: trigger only from pushes that land on `dev`.
+- Do not rely on merge-request acceptance events to drive production deployment when a `dev` push event already exists; that commonly creates duplicate builds around merge time.
+
 ## Execution order
 
-1) `docs/ENGINEERING.md`
-2) `docs/tasks/taskbook.md`
-3) `docs/design/**`
-4) implementation
-5) local build/test/lint gates
-6) start and validate local Docker Compose runtime
-7) update API docs + regression matrix + bug list + summary
-8) verify Jenkins config / Jenkinsfile readiness
-9) commit/push to trigger Jenkins
-10) verify Jenkins pipeline + target environment health
+1) choose branch mode (`dev` directly, or temporary branch if parallel worktree rules apply)
+2) `docs/ENGINEERING.md`
+3) `docs/tasks/taskbook.md`
+4) `docs/design/**`
+5) implementation
+6) local build/test/lint gates
+7) start and validate local Docker Compose runtime
+8) update API docs + regression matrix + bug list + summary
+9) verify Jenkins config / Jenkinsfile readiness
+10) if temporary-branch mode is used, close one small slice at a time with reviewable commits and rebase regularly onto `dev`
+11) merge/rebase temporary branch back to latest `dev` when temporary-branch mode was used
+12) commit/push to trigger Jenkins
+13) verify Jenkins pipeline + target environment health, preferably with `verify-jenkins-build --git-ref HEAD` (strict deploy check by default; use `--allow-no-deploy` only for docs-only sync verification)
 
 ## Commands
 
 ```bash
-python3 scripts/autopipeline/ap.py run build
-python3 scripts/autopipeline/ap.py run test
-python3 scripts/autopipeline/ap.py run lint
-python3 scripts/autopipeline/ap.py run docker_build
-python3 scripts/autopipeline/ap.py runtime-up
-python3 scripts/autopipeline/ap.py wait-health
-python3 scripts/autopipeline/ap.py run smoke
-python3 scripts/autopipeline/ap.py run regression
-python3 scripts/autopipeline/ap.py runtime-down
-python3 scripts/autopipeline/ap.py verify-jenkins
-python3 scripts/autopipeline/ap.py wait-health --scope prod
-python3 scripts/autopipeline/ap.py verify-api-docs
-python3 scripts/autopipeline/ap.py check-matrix
-python3 scripts/autopipeline/ap.py gen-summary T0001-1
-python3 scripts/autopipeline/ap.py commit-push T0001-1 --msg "T0001-1: <summary>" --require-runtime-health --require-jenkins --require-matrix
+python3 docs/tools/autopipeline/ap.py run build
+python3 docs/tools/autopipeline/ap.py run test
+python3 docs/tools/autopipeline/ap.py run lint
+python3 docs/tools/autopipeline/ap.py run typecheck
+python3 docs/tools/autopipeline/ap.py run docker_build
+python3 docs/tools/autopipeline/ap.py runtime-up
+python3 docs/tools/autopipeline/ap.py wait-health
+python3 docs/tools/autopipeline/ap.py run smoke
+python3 docs/tools/autopipeline/ap.py run regression
+python3 docs/tools/autopipeline/ap.py runtime-down
+python3 docs/tools/autopipeline/ap.py verify-jenkins
+python3 docs/tools/autopipeline/ap.py verify-jenkins-build --git-ref HEAD
+python3 docs/tools/autopipeline/ap.py wait-health --scope prod
+python3 docs/tools/autopipeline/ap.py verify-api-docs
+python3 docs/tools/autopipeline/ap.py check-matrix
+python3 docs/tools/autopipeline/ap.py gen-summary T0001-1
+python3 docs/tools/autopipeline/ap.py commit-push T0001-1 --msg "T0001-1: <summary>" --require-runtime-health --require-jenkins --require-matrix
 ```
+
+## Quality gate expectations
+
+- Gate-4: backend must pass `commands.test`; frontend must at least pass `commands.build`, `commands.lint`, and `commands.typecheck`. Frontend automated tests are added incrementally when the repo gains them.
+- Gate-9: `docs/testing/regression-matrix.md` rows must start as `TODO` until they are actually executed.
+- A matrix row can be marked `PASS` only after real execution, and `Evidence` must contain non-placeholder logs, screenshots, or report paths.
+- `python3 docs/tools/autopipeline/ap.py check-matrix` should be treated as a hard gate; placeholder evidence is equivalent to incomplete regression.
+- Before the final commit/push, clean temporary files, logs, screenshots, generated verification artifacts, cache directories, and similar by-products created during the task. The only persistent local runtime data that may remain is `.local/`.

package/cli/assets/skill/data/templates/ENGINEERING.md

@@ -42,6 +42,10 @@ jenkins:
   deploy_timeout_sec: 1800
   prod_health_base_url: ""
   prod_health_path: ""
+  api_user: ""
+  api_token: ""
+  api_user_env: "JENKINS_USER"
+  api_token_env: "JENKINS_TOKEN"
 
 docs:
   taskbook: "docs/tasks/taskbook.md"
@@ -64,6 +68,9 @@ docs:
 
 规则：任一步骤失败或缺产物，禁止进入下一步；本地 compose 验证未通过禁止 commit；Jenkins 未成功或生产健康检查未通过，任务不视为完成。
 
+补充规则：
+- 每次任务闭环后，必须清理临时文件、临时目录、日志、截图、回归中间产物、构建缓存等非必要产物；仅 `.local/` 下的本地运行数据允许保留。
+
 ---
 
 ## 0. 配置填写（必须）
@@ -124,15 +131,15 @@ docs:
 Gate-1 读任务：只从 taskbook 取范围与验收；缺信息先补 taskbook  
 Gate-2 写DD：无DD禁止写代码；DD必须含 时序图/ER图/接口时序（Mermaid）  
 Gate-3 实现：严格按DD；接口变更必须同步 API Markdown  
-Gate-4 本地CI：必须通过（commands.build / commands.test）；Go 后端与前端都必须覆盖  
+Gate-4 本地CI：后端必须通过 `commands.test`；前端至少通过 `commands.build`、`commands.lint`、`commands.typecheck`；前端自动化测试能力逐步补齐  
 Gate-5 静态分析+Review：静态分析通过；docs/reviews/ 生成记录  
 Gate-6 文档：更新 api.md + 追加 api-change-log.md  
 Gate-7 本地运行：必须用项目 Compose 启动本地 Docker 环境；失败先修复再继续  
 Gate-8 健康检查：本地容器启动后必须健康检查通过  
-Gate-9 全量回归：按 API Markdown 对本地 Compose 环境全量回归；回归矩阵全量 PASS（0 fail）；发现问题必须写 bug-list 并新增自动化回归用例  
+Gate-9 全量回归：按 API Markdown 对本地 Compose 环境全量回归；回归矩阵仅可在真实执行后标记 PASS，且必须附证据；发现问题必须写 bug-list 并新增自动化回归用例  
 Gate-10 Jenkins 准备：Jenkinsfile、Job 配置、镜像仓库策略必须可用  
 Gate-11 任务总结：必须生成 docs/tasks/summaries/<TASK_ID>.md  
-Gate-12 提交触发：本地门禁全过后才允许 commit+push  
+Gate-12 提交触发：本地门禁全过且临时产物已清理后，才允许 commit+push  
 Gate-13 流水线验证：push 后必须确认 Jenkins 自动构建、镜像发布、目标环境更新成功  
 Gate-14 完成：生产健康检查通过并补齐部署记录后，任务才完成
 
@@ -140,4 +147,8 @@ Gate-14 完成：生产健康检查通过并补齐部署记录后，任务才完
 
 ## 3. Repo 工具入口
 
-统一用 `python3 scripts/autopipeline/ap.py <command>` 执行。
+统一用 `python3 docs/tools/autopipeline/ap.py <command>` 执行。
+
+补充：
+- `commands.smoke` / `commands.regression` 可以封装 repo 脚本，但必须真正在本地运行目标系统。
+- `docs/testing/regression-matrix.md` 中的 `PASS` 只在真实执行并填入证据后允许保留；占位符证据会被视为未完成。

package/cli/assets/skill/data/templates/docs/interfaces/api.md

@@ -13,12 +13,12 @@
 ## 2. Endpoint Index（目录）
 | Method | Path | Summary | Auth | Request | Response |
 |---|---|---|---|---|---|
-| GET | /health | Health check | No | - | 200 OK |
+| <METHOD> | <PATH> | <Summary> | <Yes/No> | <Request shape> | <Response shape> |
 
 ## 3. Endpoints
 
-### 3.1 GET /health
-**Summary**: Health check
+### 3.1 <METHOD> <PATH>
+**Summary**: <Summary>
 
 **Request**
 - Headers: -
@@ -26,10 +26,10 @@
 - Body: -
 
 **Response**
-- 200: OK
+- <Status>: <Meaning>
   - Example:
     ```json
-    {"status":"ok"}
+    {}
     ```
 
 ## 4. Changelog

package/cli/assets/skill/data/templates/docs/reviews/_TEMPLATE-REVIEW.md

@@ -7,7 +7,7 @@
 - Resolved/Deferred（deferred 必须给出后续任务）：
 
 ## 2. 代码质量
-## 3. 本地构建与测试质量（Go 后端 + 前端）
+## 3. 本地构建与测试质量（后端 test + 前端 build/lint/typecheck）
 ## 4. 本地 Compose 验证（health / smoke / regression）
 ## 5. 接口契约（API Markdown + change-log）
 ## 6. Jenkins 准备度（Jenkinsfile / job config / image strategy）

package/cli/assets/skill/data/templates/docs/tasks/summaries/_TEMPLATE-TASK-SUMMARY.md

@@ -29,12 +29,14 @@
 
 ## 5. 质量门禁证据（必须可追溯）
 - 项目配置：`docs/ENGINEERING.md`（frontmatter）
-- 本地CI：`ci-local`
-- 静态分析：`static`
+- 后端测试：`commands.test`
+- 前端构建：`commands.build`
+- 静态分析：`commands.lint`
+- 前端类型检查：`commands.typecheck`
 - Review 文档：`docs/reviews/<TASK_ID>-<timestamp>.md`
 - API 文档：`docs/interfaces/api.md`
 - Jenkins 配置检查：`Jenkinsfile` + `jenkins.*`
-- 回归矩阵：`docs/testing/regression-matrix.md`（全量 PASS，0 fail）
+- 回归矩阵：`docs/testing/regression-matrix.md`（全量 PASS，0 fail，且每项必须有真实证据）
 
 ## 6. Bug 清单与回归用例
 - 新增/确认的 Bug（写入 `docs/bugs/bug-list.md`）：

package/cli/assets/skill/data/templates/docs/tasks/taskbook.md

@@ -26,7 +26,7 @@
 - 本地CI：粘贴摘要或给出文件路径
 - 本地 Compose 验证：命令输出或 Review 文档摘要
 - Jenkins 部署记录：`docs/deployment/deploy-records/T0001-YYYYMMDD.md`
-- 回归矩阵：`docs/testing/regression-matrix.md`（全量PASS）
+- 回归矩阵：`docs/testing/regression-matrix.md`（全量PASS，且每项必须有真实证据）
 - Bug清单（如有）：`docs/bugs/bug-list.md`
 - 任务总结（强制）：`docs/tasks/summaries/T0001.md`
 

package/cli/assets/skill/data/templates/docs/testing/regression-matrix.md

@@ -1,5 +1,11 @@
 # Regression Matrix（本地 Compose 环境回归矩阵：必须全量 PASS，0 fail）
 
-| ID | Area | Endpoint/Feature | Test Type | Steps / Command | Expected | Status(PASS/FAIL) | Evidence |
+> 1. 仅记录当前真实实现，不要预填伪接口或目标态接口。
+> 2. `Status` 允许值：`TODO` / `PASS` / `FAIL`。
+> 3. 新增或未执行项默认填写 `TODO`，不得预填 `PASS`。
+> 4. `PASS` 只允许在真实执行后填写，且 `Evidence` 不得保留占位符。
+> 5. `python3 docs/tools/autopipeline/ap.py check-matrix` 会把非 `PASS` 行和占位符证据视为未完成。
+
+| ID | Area | Endpoint/Feature | Test Type | Steps / Command | Expected | Status(TODO/PASS/FAIL) | Evidence |
 |---|---|---|---|---|---|---|---|
-| R-001 | API | GET /health | smoke | commands.smoke | local compose 200 OK | PASS | <paste log path> |
+| R-001 | API | <Endpoint or feature> | <smoke/regression/manual> | <command or manual steps> | <expected result> | TODO | <fill-with-log-path-screenshot-or-report> |

package/cli/assets/skill/scripts/ap.py

@@ -5,8 +5,13 @@
 from __future__ import annotations
 
 import argparse
+import base64
 import datetime as _dt
+import json
+import os
 import time
+import urllib.parse
+import urllib.request
 from pathlib import Path
 from typing import Optional, List
 
@@ -49,6 +54,55 @@ def _run_configured_command(repo: Path, cfg: dict, name: str) -> bool:
     return True
 
 
+def _jenkins_basic_auth_headers(cfg: dict) -> dict:
+    jenkins_cfg = (cfg.get("jenkins") or {})
+    direct_user = str(jenkins_cfg.get("api_user") or "").strip()
+    direct_token = str(jenkins_cfg.get("api_token") or "").strip()
+    user_env = str(jenkins_cfg.get("api_user_env") or "JENKINS_USER").strip() or "JENKINS_USER"
+    token_env = str(jenkins_cfg.get("api_token_env") or "JENKINS_TOKEN").strip() or "JENKINS_TOKEN"
+    user = direct_user or os.getenv(user_env) or os.getenv("JENKINS_USER")
+    token = direct_token or os.getenv(token_env) or os.getenv("JENKINS_TOKEN") or os.getenv("JENKINS_PASSWORD")
+    if not user or not token:
+        raise APError(
+            f"Missing Jenkins API credentials. Fill jenkins.api_user / jenkins.api_token in docs/ENGINEERING.md, "
+            f"or set env vars {user_env} and {token_env}."
+        )
+    raw = f"{user}:{token}".encode("utf-8")
+    auth = base64.b64encode(raw).decode("ascii")
+    return {"Authorization": f"Basic {auth}"}
+
+
+def _jenkins_api_get_json(url: str, cfg: dict, timeout_s: int = 15) -> dict:
+    headers = {"Accept": "application/json"}
+    headers.update(_jenkins_basic_auth_headers(cfg))
+    req = urllib.request.Request(url, headers=headers, method="GET")
+    try:
+        with urllib.request.urlopen(req, timeout=timeout_s) as resp:
+            data = resp.read().decode("utf-8")
+    except Exception as exc:
+        raise APError(f"Jenkins API request failed: {url}\n{exc}") from exc
+    try:
+        return json.loads(data)
+    except json.JSONDecodeError as exc:
+        raise APError(f"Jenkins API returned non-JSON response: {url}\n{exc}") from exc
+
+
+def _resolve_git_short_sha(repo: Path, ref: str) -> str:
+    result = run(["git", "rev-parse", "--short=12", ref], cwd=repo, check=False)
+    value = result.stdout.strip()
+    if value:
+        return value
+    return ref.strip()
+
+
+def _jenkins_builds_api_url(job_url: str, max_builds: int) -> str:
+    base = str(job_url or "").strip().rstrip("/")
+    if not base:
+        raise APError("Missing jenkins.job_url in docs/ENGINEERING.md")
+    tree = f"builds[number,result,building,description,url]{{0,{max_builds}}}"
+    return f"{base}/api/json?tree={urllib.parse.quote(tree, safe='=,')}"
+
+
 def cmd_install(args: argparse.Namespace) -> None:
     repo = Path(args.repo).resolve()
     templates = _skill_root() / "data" / "templates"
@@ -59,10 +113,11 @@ def cmd_install(args: argparse.Namespace) -> None:
     if args.bridges:
         copy_tree(templates / "bridges", repo)
 
-    scripts_dir = repo / "scripts" / "autopipeline"
-    scripts_dir.mkdir(parents=True, exist_ok=True)
-    copy_tree(Path(__file__).resolve(), scripts_dir / "ap.py")
-    copy_tree(Path(__file__).resolve().parent / "core.py", scripts_dir / "core.py")
+    tools_dir = repo / "docs" / "tools" / "autopipeline"
+    tools_dir.mkdir(parents=True, exist_ok=True)
+    copy_tree(Path(__file__).resolve(), tools_dir / "ap.py")
+    copy_tree(Path(__file__).resolve().parent / "core.py", tools_dir / "core.py")
+    copy_tree(Path(__file__).resolve().parent / "http_checks.py", tools_dir / "http_checks.py")
 
     gi = repo / ".gitignore"
     secret_line = "docs/ENGINEERING.md"
@@ -140,12 +195,14 @@ def cmd_gen_summary(args: argparse.Namespace) -> None:
 - 变更记录位置：`{api_change_log}`
 
 ## 5. 质量门禁证据（必须可追溯）
-- 本地CI：TODO
-- 静态分析：TODO
+- 后端测试：`commands.test` — TODO
+- 前端构建：`commands.build` — TODO
+- 静态分析：`commands.lint` — TODO
+- 前端类型检查：`commands.typecheck` — TODO
 - Review 文档：TODO
 - DD 文档：TODO
 - Jenkins 准备：TODO
-- 回归矩阵：`{regression_matrix}`（全量 PASS，0 fail）
+- 回归矩阵：`{regression_matrix}`（全量 PASS，0 fail，且每项必须有真实证据）
 
 ## 6. 本地运行与 Jenkins 部署记录
 - Local compose：TODO
@@ -166,6 +223,28 @@ def cmd_check_matrix(args: argparse.Namespace) -> None:
 
     rows = 0
     fail = []
+
+    def evidence_missing(value: str) -> bool:
+        stripped = value.strip()
+        lower = stripped.lower()
+        if not stripped:
+            return True
+        if stripped.startswith("<") and stripped.endswith(">"):
+            return True
+        placeholder_tokens = [
+            "todo",
+            "tbd",
+            "pending",
+            "replace-with",
+            "paste log path",
+            "paste evidence",
+            "fill-with",
+            "待补",
+            "待填",
+            "占位",
+        ]
+        return any(token in lower for token in placeholder_tokens)
+
     for line in matrix.read_text(encoding="utf-8").splitlines():
         s = line.strip()
         if not s.startswith("|"):
@@ -182,6 +261,10 @@ def cmd_check_matrix(args: argparse.Namespace) -> None:
         rows += 1
         if status != "PASS":
             fail.append((rid, status or "(empty)"))
+            continue
+        evidence = cols[7] if len(cols) > 7 else ""
+        if evidence_missing(evidence):
+            fail.append((rid, "PASS-without-evidence"))
 
     if rows == 0:
         raise APError(f"No regression rows found in matrix: {matrix}")
@@ -302,6 +385,67 @@ def cmd_verify_jenkins(args: argparse.Namespace) -> None:
     print(f"[verify-jenkins] OK: {jenkinsfile}")
 
 
+def cmd_verify_jenkins_build(args: argparse.Namespace) -> None:
+    repo = Path(args.repo).resolve()
+    cfg = _load_cfg(repo)
+    jenkins_cfg = (cfg.get("jenkins") or {})
+    job_url = str(jenkins_cfg.get("job_url") or "").strip()
+    if not job_url:
+        raise APError("Missing jenkins.job_url in docs/ENGINEERING.md")
+
+    git_ref = str(args.git_ref or "HEAD").strip()
+    git_short_sha = _resolve_git_short_sha(repo, git_ref)
+    max_builds = int(args.max_builds or 20)
+    timeout_s = int(args.timeout_sec or 300)
+    poll_s = int(args.poll_sec or 5)
+
+    deadline = time.time() + timeout_s
+    matched = None
+    api_url = _jenkins_builds_api_url(job_url, max_builds)
+
+    while time.time() < deadline:
+        payload = _jenkins_api_get_json(api_url, cfg)
+        builds = payload.get("builds") or []
+        matched = next((b for b in builds if git_short_sha in str(b.get("description") or "")), None)
+        if matched and not matched.get("building"):
+            break
+        time.sleep(poll_s)
+
+    if not matched:
+        raise APError(
+            f"No Jenkins build found for commit {git_short_sha} under {job_url}. "
+            f"Checked latest {max_builds} builds for up to {timeout_s}s."
+        )
+
+    if matched.get("building"):
+        raise APError(
+            f"Jenkins build for commit {git_short_sha} is still running: "
+            f"#{matched.get('number')} {matched.get('url')}"
+        )
+
+    result = str(matched.get("result") or "").strip().upper()
+    description = str(matched.get("description") or "").strip()
+    if result != "SUCCESS":
+        raise APError(
+            f"Jenkins build for commit {git_short_sha} did not succeed: "
+            f"#{matched.get('number')} result={result or '(empty)'} {matched.get('url')}"
+        )
+    if not args.allow_no_deploy and description.startswith("no-deploy:"):
+        raise APError(
+            f"Jenkins build for commit {git_short_sha} succeeded but did not deploy: "
+            f"#{matched.get('number')} {description}"
+        )
+
+    print(
+        "[verify-jenkins-build] OK: "
+        f"commit={git_short_sha} "
+        f"build=#{matched.get('number')} "
+        f"result={result} "
+        f"description={description} "
+        f"url={matched.get('url')}"
+    )
+
+
 def cmd_verify_api_docs(args: argparse.Namespace) -> None:
     """Ensure API markdown doc and change-log exist."""
     repo = Path(args.repo).resolve()
@@ -329,7 +473,7 @@ def cmd_commit_push(args: argparse.Namespace) -> None:
     if not summary.exists():
         raise APError(
             f"Task summary missing: {summary}\n"
-            f"Generate: python3 scripts/autopipeline/ap.py gen-summary {task_id}"
+            f"Generate: python3 docs/tools/autopipeline/ap.py gen-summary {task_id}"
         )
 
     if args.require_runtime_health:
@@ -385,6 +529,14 @@ def main(argv: Optional[List[str]] = None) -> int:
     s = sp.add_parser("verify-jenkins")
     s.set_defaults(func=cmd_verify_jenkins)
 
+    s = sp.add_parser("verify-jenkins-build")
+    s.add_argument("--git-ref", default="HEAD")
+    s.add_argument("--max-builds", type=int, default=20)
+    s.add_argument("--timeout-sec", type=int, default=300)
+    s.add_argument("--poll-sec", type=int, default=5)
+    s.add_argument("--allow-no-deploy", action="store_true")
+    s.set_defaults(func=cmd_verify_jenkins_build)
+
     s = sp.add_parser("verify-api-docs")
     s.set_defaults(func=cmd_verify_api_docs)
 

package/cli/assets/skill/scripts/http_checks.py

@@ -0,0 +1,92 @@
+#!/usr/bin/env python3
+from __future__ import annotations
+
+import argparse
+import json
+import urllib.error
+import urllib.request
+
+
+class CheckError(RuntimeError):
+    pass
+
+
+def fetch(method: str, url: str, headers: dict[str, str] | None = None) -> tuple[int, str]:
+    req = urllib.request.Request(url, headers=headers or {}, method=method)
+    try:
+        with urllib.request.urlopen(req, timeout=10) as response:
+            return response.status, response.read().decode("utf-8", errors="replace")
+    except urllib.error.HTTPError as exc:
+        return exc.code, exc.read().decode("utf-8", errors="replace")
+
+
+def cmd_status(args: argparse.Namespace) -> None:
+    status, body = fetch("GET", args.url)
+    if status != args.expect:
+        raise CheckError(f"GET {args.url} expected {args.expect}, got {status}: {body[:400]}")
+    print(f"[status] OK: {args.url} -> {status}")
+
+
+def cmd_text_contains(args: argparse.Namespace) -> None:
+    status, body = fetch("GET", args.url)
+    if status != args.expect:
+        raise CheckError(f"GET {args.url} expected {args.expect}, got {status}: {body[:400]}")
+    if args.contains not in body:
+        raise CheckError(f"Response from {args.url} does not contain expected text: {args.contains}")
+    print(f"[text-contains] OK: {args.url}")
+
+
+def cmd_json_field(args: argparse.Namespace) -> None:
+    status, body = fetch("GET", args.url, headers={"Accept": "application/json"})
+    if status != args.expect:
+        raise CheckError(f"GET {args.url} expected {args.expect}, got {status}: {body[:400]}")
+    try:
+        payload = json.loads(body)
+    except json.JSONDecodeError as exc:
+        raise CheckError(f"Response from {args.url} is not valid JSON: {exc}") from exc
+
+    current = payload
+    for part in args.path.split("."):
+        if isinstance(current, dict) and part in current:
+            current = current[part]
+            continue
+        raise CheckError(f"JSON path not found: {args.path}")
+
+    if str(current) != args.equals:
+        raise CheckError(f"JSON field {args.path} expected {args.equals}, got {current}")
+    print(f"[json-field] OK: {args.url} {args.path}={current}")
+
+
+def main() -> int:
+    parser = argparse.ArgumentParser(prog="http_checks")
+    sub = parser.add_subparsers(dest="cmd", required=True)
+
+    s = sub.add_parser("status")
+    s.add_argument("url")
+    s.add_argument("--expect", type=int, default=200)
+    s.set_defaults(func=cmd_status)
+
+    s = sub.add_parser("text-contains")
+    s.add_argument("url")
+    s.add_argument("--contains", required=True)
+    s.add_argument("--expect", type=int, default=200)
+    s.set_defaults(func=cmd_text_contains)
+
+    s = sub.add_parser("json-field")
+    s.add_argument("url")
+    s.add_argument("--path", required=True)
+    s.add_argument("--equals", required=True)
+    s.add_argument("--expect", type=int, default=200)
+    s.set_defaults(func=cmd_json_field)
+
+    try:
+        args = parser.parse_args()
+        args.func(args)
+        return 0
+    except CheckError as exc:
+        print(f"[ERROR] {exc}")
+        return 2
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@elvis1513/auto-coding-skill",
-  "version": "0.2.0",
-  "description": "CLI installer for auto-coding-skill (Claude Code + Codex CLI).",
+  "version": "0.3.0",
+  "description": "CLI installer for auto-coding-skill (Claude Code + Codex CLI) with Go fullstack + Jenkins workflow support.",
   "type": "module",
   "bin": {
     "autocoding": "cli/src/index.js"
@@ -29,6 +29,9 @@
     "engineering",
     "workflow",
     "ci",
+    "jenkins",
+    "go",
+    "monorepo",
     "docker",
     "local-testing"
   ],