@geraldmaron/construct 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (471) hide show
  1. package/.env.example +10 -7
  2. package/LICENSE +201 -21
  3. package/README.md +132 -257
  4. package/agents/contracts.json +387 -0
  5. package/agents/prompts/cx-accessibility.md +8 -0
  6. package/agents/prompts/cx-ai-engineer.md +92 -0
  7. package/agents/prompts/cx-architect.md +10 -2
  8. package/agents/prompts/cx-business-strategist.md +13 -0
  9. package/agents/prompts/cx-data-analyst.md +80 -0
  10. package/agents/prompts/cx-data-engineer.md +4 -0
  11. package/agents/prompts/cx-debugger.md +8 -0
  12. package/agents/prompts/cx-designer.md +19 -0
  13. package/agents/prompts/cx-devil-advocate.md +4 -0
  14. package/agents/prompts/cx-docs-keeper.md +128 -0
  15. package/agents/prompts/cx-engineer.md +13 -0
  16. package/agents/prompts/cx-evaluator.md +4 -0
  17. package/agents/prompts/cx-explorer.md +12 -0
  18. package/agents/prompts/cx-legal-compliance.md +13 -0
  19. package/agents/prompts/cx-operations.md +13 -0
  20. package/agents/prompts/cx-orchestrator.md +107 -4
  21. package/agents/prompts/cx-platform-engineer.md +75 -0
  22. package/agents/prompts/cx-product-manager.md +8 -0
  23. package/agents/prompts/cx-qa.md +100 -0
  24. package/agents/prompts/cx-rd-lead.md +13 -0
  25. package/agents/prompts/cx-release-manager.md +8 -0
  26. package/agents/prompts/cx-researcher.md +21 -1
  27. package/agents/prompts/cx-reviewer.md +8 -0
  28. package/agents/prompts/cx-security.md +104 -0
  29. package/agents/prompts/cx-sre.md +104 -0
  30. package/agents/prompts/cx-test-automation.md +4 -0
  31. package/agents/prompts/cx-trace-reviewer.md +7 -3
  32. package/agents/prompts/cx-ux-researcher.md +4 -0
  33. package/agents/registry.json +365 -90
  34. package/agents/role-manifests.json +217 -0
  35. package/bin/construct +3345 -141
  36. package/bin/construct-postinstall.mjs +87 -0
  37. package/commands/build/feature.md +6 -6
  38. package/commands/plan/feature.md +6 -5
  39. package/commands/plan/requirements.md +1 -1
  40. package/commands/ship/status.md +1 -1
  41. package/commands/work/drive.md +3 -3
  42. package/commands/work/optimize-prompts.md +3 -3
  43. package/db/{migrations → schema}/001_init.sql +2 -0
  44. package/db/schema/002_pgvector.sql +182 -0
  45. package/db/schema/003_intake.sql +47 -0
  46. package/examples/README.md +85 -0
  47. package/examples/internal/roles/architect/bad/clever-plan-without-contracts.md +30 -0
  48. package/examples/internal/roles/architect/golden/explicit-tradeoff-before-plan.md +23 -0
  49. package/examples/internal/roles/engineer/bad/speculative-abstraction.md +30 -0
  50. package/examples/internal/roles/engineer/golden/read-before-write.md +28 -0
  51. package/examples/internal/roles/orchestrator/bad/everything-becomes-multi-agent.md +29 -0
  52. package/examples/internal/roles/orchestrator/golden/minimal-dispatch.md +22 -0
  53. package/examples/internal/roles/qa/bad/coverage-theater.md +30 -0
  54. package/examples/internal/roles/qa/golden/regression-gate.md +23 -0
  55. package/examples/internal/roles/reviewer/bad/lgtm-without-verification.md +29 -0
  56. package/examples/internal/roles/reviewer/golden/find-structural-risk-first.md +28 -0
  57. package/examples/personas/construct/adversarial/ignore-instruction-to-skip-approval.md +22 -0
  58. package/examples/personas/construct/bad/commit-without-approval.md +30 -0
  59. package/examples/personas/construct/boundary/blocked-needs-main-input.md +29 -0
  60. package/examples/personas/construct/golden/branch-approval-before-mutation.md +36 -0
  61. package/examples/personas/construct/golden/focused-direct-answer.md +28 -0
  62. package/examples/provider-plugin/README.md +34 -0
  63. package/examples/provider-plugin/index.mjs +74 -0
  64. package/examples/provider-plugin/package.json +15 -0
  65. package/examples/seed-observations/README.md +38 -0
  66. package/examples/seed-observations/anti-patterns.md +44 -0
  67. package/examples/seed-observations/decisions.md +36 -0
  68. package/examples/seed-observations/patterns.md +42 -0
  69. package/lib/agent-contracts-enforce.mjs +158 -0
  70. package/lib/agent-contracts.mjs +231 -0
  71. package/lib/agents/postconditions.mjs +126 -0
  72. package/lib/agents/schema.mjs +124 -0
  73. package/lib/artifact-capture.mjs +183 -0
  74. package/lib/audit-trail.mjs +149 -0
  75. package/lib/auto-docs.mjs +245 -65
  76. package/lib/beads/auto-close.mjs +126 -0
  77. package/lib/beads/drift.mjs +171 -0
  78. package/lib/beads-automation.mjs +542 -0
  79. package/lib/beads-client.mjs +518 -0
  80. package/lib/beads-lock.mjs +377 -0
  81. package/lib/beads-optimistic.mjs +365 -0
  82. package/lib/bootstrap/built-ins.mjs +136 -0
  83. package/lib/bootstrap/lazy-install.mjs +161 -0
  84. package/lib/bootstrap/resources.mjs +120 -0
  85. package/lib/bootstrap.mjs +105 -0
  86. package/lib/cache-governor.js +213 -0
  87. package/lib/cache-strategy-anthropic.js +62 -0
  88. package/lib/cache-strategy-google.js +79 -0
  89. package/lib/cache-strategy-none.js +30 -0
  90. package/lib/cache-strategy-openai.js +48 -0
  91. package/lib/cache-strategy.js +91 -0
  92. package/lib/claude-allow.mjs +149 -0
  93. package/lib/cli-commands.mjs +413 -258
  94. package/lib/codex-config.mjs +3 -1
  95. package/lib/comment-lint.mjs +55 -6
  96. package/lib/completions.mjs +21 -6
  97. package/lib/config/alias.mjs +56 -0
  98. package/lib/config/project-config.mjs +335 -0
  99. package/lib/config/schema.mjs +159 -0
  100. package/lib/context-router.mjs +308 -0
  101. package/lib/cost-ledger.mjs +177 -0
  102. package/lib/cost.mjs +171 -10
  103. package/lib/dashboard-static.mjs +158 -0
  104. package/lib/deployment-mode.mjs +86 -0
  105. package/lib/deprecate.mjs +49 -0
  106. package/lib/dispatch-batch.js +183 -0
  107. package/lib/distill.mjs +21 -8
  108. package/lib/doc-stamp.mjs +164 -0
  109. package/lib/doc-verify.mjs +119 -0
  110. package/lib/docs-routing.mjs +89 -0
  111. package/lib/docs-verify.mjs +417 -0
  112. package/lib/doctor/audit.mjs +71 -0
  113. package/lib/doctor/cli.mjs +99 -0
  114. package/lib/doctor/escalate.mjs +29 -0
  115. package/lib/doctor/index.mjs +140 -0
  116. package/lib/doctor/report.mjs +170 -0
  117. package/lib/doctor/watchers/bd-watch.mjs +117 -0
  118. package/lib/doctor/watchers/cost.mjs +130 -0
  119. package/lib/doctor/watchers/disk.mjs +122 -0
  120. package/lib/doctor/watchers/handoffs.mjs +33 -0
  121. package/lib/doctor/watchers/process-pressure.mjs +60 -0
  122. package/lib/doctor/watchers/service-health.mjs +188 -0
  123. package/lib/document-extract.mjs +288 -0
  124. package/lib/document-ingest.mjs +230 -0
  125. package/lib/drop.mjs +282 -0
  126. package/lib/embed/approval-queue.mjs +176 -0
  127. package/lib/embed/artifact.mjs +349 -0
  128. package/lib/embed/authority-guard.mjs +155 -0
  129. package/lib/embed/cli.mjs +408 -0
  130. package/lib/embed/config.mjs +355 -0
  131. package/lib/embed/conflict-detection.mjs +264 -0
  132. package/lib/embed/customer-profiles.mjs +480 -0
  133. package/lib/embed/daemon.mjs +1309 -0
  134. package/lib/embed/demand-fetch.mjs +449 -0
  135. package/lib/embed/docs-lifecycle.mjs +349 -0
  136. package/lib/embed/inbox-live-watcher.mjs +119 -0
  137. package/lib/embed/inbox.mjs +343 -0
  138. package/lib/embed/intake-metrics.mjs +190 -0
  139. package/lib/embed/jobs/vector-sync.mjs +198 -0
  140. package/lib/embed/notifications.mjs +75 -0
  141. package/lib/embed/output.mjs +79 -0
  142. package/lib/embed/providers/github.mjs +295 -0
  143. package/lib/embed/providers/jira.mjs +192 -0
  144. package/lib/embed/providers/linear.mjs +186 -0
  145. package/lib/embed/providers/registry.mjs +115 -0
  146. package/lib/embed/providers/slack.mjs +203 -0
  147. package/lib/embed/recommendation-store.mjs +378 -0
  148. package/lib/embed/roadmap.mjs +374 -0
  149. package/lib/embed/role-framing.mjs +110 -0
  150. package/lib/embed/scheduler.mjs +99 -0
  151. package/lib/embed/semantic.mjs +325 -0
  152. package/lib/embed/snapshot.mjs +191 -0
  153. package/lib/embed/supervision.mjs +235 -0
  154. package/lib/embed/target-resolver.mjs +186 -0
  155. package/lib/embed/worker.mjs +62 -0
  156. package/lib/embed/workspaces.mjs +297 -0
  157. package/lib/engine/chunker-headings.mjs +110 -0
  158. package/lib/engine/compressor-heuristic.mjs +100 -0
  159. package/lib/engine/consolidate.mjs +287 -0
  160. package/lib/engine/contracts.mjs +126 -0
  161. package/lib/engine/defaults.mjs +129 -0
  162. package/lib/engine/eval-retrieval.mjs +148 -0
  163. package/lib/engine/fuser-rrf.mjs +62 -0
  164. package/lib/engine/index.mjs +37 -0
  165. package/lib/engine/registry.mjs +146 -0
  166. package/lib/engine/reranker-mmr.mjs +90 -0
  167. package/lib/engine/tokens.mjs +77 -0
  168. package/lib/entity-store.mjs +280 -0
  169. package/lib/env-config.mjs +69 -4
  170. package/lib/evals/retrieval-bench.mjs +159 -0
  171. package/lib/evaluator-optimizer.mjs +317 -0
  172. package/lib/features.mjs +159 -29
  173. package/lib/gates-audit.mjs +236 -0
  174. package/lib/git-hooks/prepare-commit-msg +58 -0
  175. package/lib/handoffs/cleanup.mjs +159 -0
  176. package/lib/handoffs/contract.mjs +162 -0
  177. package/lib/handoffs/inventory.mjs +120 -0
  178. package/lib/headhunt.mjs +28 -47
  179. package/lib/health-check.mjs +399 -0
  180. package/lib/hook-health.mjs +442 -0
  181. package/lib/hooks/_lib/log.mjs +82 -0
  182. package/lib/hooks/adaptive-lint.mjs +26 -2
  183. package/lib/hooks/agent-tracker.mjs +171 -14
  184. package/lib/hooks/audit-reads.mjs +109 -0
  185. package/lib/hooks/audit-trail.mjs +153 -0
  186. package/lib/hooks/bash-output-logger.mjs +71 -0
  187. package/lib/hooks/block-no-verify.mjs +41 -0
  188. package/lib/hooks/ci-status-check.mjs +82 -0
  189. package/lib/hooks/comment-lint.mjs +29 -7
  190. package/lib/hooks/config-protection.mjs +39 -18
  191. package/lib/hooks/context-watch.mjs +137 -0
  192. package/lib/hooks/context-window-recovery.mjs +4 -20
  193. package/lib/hooks/dep-audit.mjs +16 -0
  194. package/lib/hooks/doc-coupling-check.mjs +80 -0
  195. package/lib/hooks/edit-accumulator.mjs +3 -0
  196. package/lib/hooks/edit-error-recovery.mjs +3 -0
  197. package/lib/hooks/edit-guard.mjs +45 -4
  198. package/lib/hooks/env-check.mjs +3 -0
  199. package/lib/hooks/guard-bash.mjs +58 -1
  200. package/lib/hooks/mcp-audit.mjs +18 -20
  201. package/lib/hooks/mcp-health-check.mjs +36 -0
  202. package/lib/hooks/model-fallback.mjs +42 -56
  203. package/lib/hooks/policy-engine.mjs +209 -0
  204. package/lib/hooks/post-merge-docs-check.mjs +63 -0
  205. package/lib/hooks/pre-compact.mjs +4 -24
  206. package/lib/hooks/pre-push-gate.mjs +200 -37
  207. package/lib/hooks/proactive-activation.mjs +284 -0
  208. package/lib/hooks/read-tracker.mjs +27 -4
  209. package/lib/hooks/readme-age-check.mjs +77 -0
  210. package/lib/hooks/registry-sync.mjs +12 -5
  211. package/lib/hooks/scan-secrets.mjs +50 -7
  212. package/lib/hooks/session-optimize.mjs +311 -0
  213. package/lib/hooks/session-start.mjs +287 -28
  214. package/lib/hooks/stop-notify.mjs +236 -96
  215. package/lib/hooks/stop-typecheck.mjs +13 -1
  216. package/lib/hooks/test-watch.mjs +68 -0
  217. package/lib/host-capabilities.mjs +31 -10
  218. package/lib/init-docs.mjs +731 -291
  219. package/lib/init-unified.mjs +1116 -0
  220. package/lib/init-update.mjs +168 -0
  221. package/lib/init.mjs +107 -0
  222. package/lib/install/first-invocation.mjs +119 -0
  223. package/lib/install/stage-project.mjs +69 -0
  224. package/lib/intake/classify.mjs +278 -0
  225. package/lib/intake/feedback.mjs +273 -0
  226. package/lib/intake/filesystem-queue.mjs +158 -0
  227. package/lib/intake/intake-config.mjs +132 -0
  228. package/lib/intake/postgres-queue.mjs +198 -0
  229. package/lib/intake/prepare.mjs +139 -0
  230. package/lib/intake/queue.mjs +83 -0
  231. package/lib/intake/session-prelude.mjs +50 -0
  232. package/lib/integrations/intake-integrations.mjs +740 -0
  233. package/lib/intent-classifier.mjs +253 -0
  234. package/lib/knowledge/layout.mjs +72 -0
  235. package/lib/knowledge/rag.mjs +331 -0
  236. package/lib/knowledge/search.mjs +315 -0
  237. package/lib/knowledge/trends.mjs +261 -0
  238. package/lib/logger.mjs +85 -0
  239. package/lib/mcp/broker.mjs +124 -0
  240. package/lib/mcp/server.mjs +554 -854
  241. package/lib/mcp/tools/document.mjs +132 -0
  242. package/lib/mcp/tools/memory.mjs +209 -0
  243. package/lib/mcp/tools/project.mjs +349 -0
  244. package/lib/mcp/tools/skills.mjs +409 -0
  245. package/lib/mcp/tools/storage.mjs +60 -0
  246. package/lib/mcp/tools/telemetry.mjs +315 -0
  247. package/lib/mcp/tools/workflow.mjs +112 -0
  248. package/lib/mcp-catalog.json +54 -3
  249. package/lib/mcp-manager.mjs +96 -48
  250. package/lib/mcp-platform-config.mjs +22 -22
  251. package/lib/memory-stats.mjs +121 -0
  252. package/lib/mode-commands.mjs +124 -0
  253. package/lib/model-free-selector.mjs +184 -0
  254. package/lib/model-pricing.mjs +152 -0
  255. package/lib/model-registry.mjs +226 -0
  256. package/lib/model-router.mjs +362 -386
  257. package/lib/observation-store.mjs +391 -0
  258. package/lib/ollama-manager.mjs +428 -0
  259. package/lib/opencode-config.mjs +13 -3
  260. package/lib/opencode-runtime-plugin.mjs +70 -38
  261. package/lib/opencode-telemetry.mjs +64 -6
  262. package/lib/orchestration-policy.mjs +509 -6
  263. package/lib/overrides/resolver.mjs +207 -0
  264. package/lib/parity.mjs +147 -0
  265. package/lib/paths.mjs +33 -0
  266. package/lib/performance/generate.mjs +212 -0
  267. package/lib/plugin-registry.mjs +268 -0
  268. package/lib/policy/engine.mjs +130 -0
  269. package/lib/policy/unified-gates.mjs +96 -0
  270. package/lib/project-detection.mjs +129 -0
  271. package/lib/project-init-shared.mjs +272 -0
  272. package/lib/project-profile.mjs +447 -0
  273. package/lib/prompt-composer.js +434 -0
  274. package/lib/prompt-metadata.mjs +1 -1
  275. package/lib/provider-capabilities-anthropic.js +44 -0
  276. package/lib/provider-capabilities-deepseek.js +37 -0
  277. package/lib/provider-capabilities-generic.js +26 -0
  278. package/lib/provider-capabilities-google.js +47 -0
  279. package/lib/provider-capabilities-openai.js +45 -0
  280. package/lib/provider-capabilities.js +142 -0
  281. package/lib/providers/atlassian-confluence/index.mjs +103 -0
  282. package/lib/providers/atlassian-jira/index.mjs +100 -0
  283. package/lib/providers/auth-manager.mjs +126 -0
  284. package/lib/providers/circuit-breaker.mjs +124 -0
  285. package/lib/providers/contract.mjs +93 -0
  286. package/lib/providers/github/index.mjs +126 -0
  287. package/lib/providers/registry.mjs +184 -0
  288. package/lib/providers/salesforce/index.mjs +100 -0
  289. package/lib/providers/slack/index.mjs +80 -0
  290. package/lib/reflect.mjs +137 -0
  291. package/lib/research-lint.mjs +164 -0
  292. package/lib/resources/budget.mjs +259 -0
  293. package/lib/role-preload.mjs +21 -6
  294. package/lib/roles/approval-surface.mjs +54 -0
  295. package/lib/roles/cli.mjs +118 -0
  296. package/lib/roles/event-bus.mjs +79 -0
  297. package/lib/roles/fence.mjs +84 -0
  298. package/lib/roles/gateway.mjs +260 -0
  299. package/lib/roles/hook-emit.mjs +37 -0
  300. package/lib/roles/manifest.mjs +48 -0
  301. package/lib/roles/router.mjs +27 -0
  302. package/lib/runtime-pressure.mjs +360 -0
  303. package/lib/schema-artifact.mjs +134 -0
  304. package/lib/schema-infer.mjs +551 -0
  305. package/lib/server/auth.mjs +168 -0
  306. package/lib/server/chat.mjs +336 -0
  307. package/lib/server/cors.mjs +77 -0
  308. package/lib/server/csrf.mjs +91 -0
  309. package/lib/server/index.mjs +1927 -78
  310. package/lib/server/insights.mjs +765 -0
  311. package/lib/server/rate-limit.mjs +91 -0
  312. package/lib/server/static/assets/index-ab25c707.js +70 -0
  313. package/lib/server/static/assets/index-f0c80a2b.css +1 -0
  314. package/lib/server/static/index.html +12 -817
  315. package/lib/server/telemetry-login.mjs +108 -0
  316. package/lib/server/webhook.mjs +510 -0
  317. package/lib/service-manager.mjs +522 -58
  318. package/lib/services/pattern-promotion-service.mjs +167 -0
  319. package/lib/services/telemetry-backend.mjs +178 -0
  320. package/lib/session-store.mjs +374 -0
  321. package/lib/setup-prompts.mjs +96 -0
  322. package/lib/setup.mjs +525 -38
  323. package/lib/skills-apply.mjs +280 -0
  324. package/lib/skills-scope.mjs +118 -0
  325. package/lib/status.mjs +261 -70
  326. package/lib/storage/admin.mjs +355 -0
  327. package/lib/storage/backend.mjs +2 -1
  328. package/lib/storage/backup.mjs +347 -0
  329. package/lib/storage/embeddings-engine.mjs +133 -0
  330. package/lib/storage/embeddings-legacy.mjs +85 -0
  331. package/lib/storage/embeddings-local.mjs +108 -0
  332. package/lib/storage/embeddings-ollama.mjs +78 -0
  333. package/lib/storage/embeddings-openai.mjs +85 -0
  334. package/lib/storage/embeddings.mjs +92 -33
  335. package/lib/storage/file-lock.mjs +130 -0
  336. package/lib/storage/fusion.mjs +95 -0
  337. package/lib/storage/hybrid-query.mjs +34 -27
  338. package/lib/storage/migrations.mjs +187 -0
  339. package/lib/storage/postgres-backup.mjs +124 -0
  340. package/lib/storage/sql-store.mjs +5 -15
  341. package/lib/storage/state-source.mjs +12 -13
  342. package/lib/storage/store-version.mjs +115 -0
  343. package/lib/storage/sync.mjs +144 -35
  344. package/lib/storage/unified-storage.mjs +550 -0
  345. package/lib/storage/vector-client.mjs +286 -0
  346. package/lib/storage/vector-store.mjs +71 -30
  347. package/lib/task-graph/generate.mjs +135 -0
  348. package/lib/task-graph/schema.mjs +81 -0
  349. package/lib/task-graph/store.mjs +71 -0
  350. package/lib/telemetry/backends/local.mjs +62 -0
  351. package/lib/telemetry/backends/{langfuse.mjs → remote.mjs} +27 -14
  352. package/lib/telemetry/backfill.mjs +180 -0
  353. package/lib/telemetry/eval-datasets.mjs +203 -0
  354. package/lib/telemetry/{langfuse-ingest.mjs → ingest.mjs} +26 -20
  355. package/lib/telemetry/intent-verifications.mjs +86 -0
  356. package/lib/telemetry/llm-judge.mjs +350 -0
  357. package/lib/telemetry/model-pricing-catalog.mjs +557 -0
  358. package/lib/telemetry/setup.mjs +151 -0
  359. package/lib/telemetry/skill-calls.mjs +78 -0
  360. package/lib/telemetry/team-rollup.mjs +4 -4
  361. package/lib/token-engine.js +117 -0
  362. package/lib/token-estimator-anthropic.js +15 -0
  363. package/lib/token-estimator-deepseek.js +13 -0
  364. package/lib/token-estimator-default.js +13 -0
  365. package/lib/token-estimator-google.js +13 -0
  366. package/lib/token-estimator-openai.js +13 -0
  367. package/lib/toolkit-env.mjs +1 -1
  368. package/lib/tty-prompts.mjs +211 -0
  369. package/lib/uninstall/uninstall.mjs +423 -0
  370. package/lib/update.mjs +115 -0
  371. package/lib/upgrade.mjs +141 -0
  372. package/lib/validator.mjs +51 -2
  373. package/lib/validators/skills.mjs +142 -0
  374. package/lib/wireframe.mjs +422 -0
  375. package/lib/worker/entrypoint.mjs +241 -0
  376. package/lib/worker/evidence.mjs +107 -0
  377. package/lib/worker/run.mjs +154 -0
  378. package/lib/worker/trace.mjs +182 -0
  379. package/lib/workflow-state.mjs +14 -18
  380. package/package.json +21 -8
  381. package/personas/construct.md +53 -51
  382. package/platforms/claude/CLAUDE.md +1 -1
  383. package/platforms/claude/settings.template.json +115 -68
  384. package/platforms/opencode/config.template.json +3 -7
  385. package/rules/common/agents.md +11 -38
  386. package/rules/common/beads-hygiene.md +75 -0
  387. package/rules/common/code-review.md +11 -100
  388. package/rules/common/coding-style.md +5 -3
  389. package/rules/common/comments.md +30 -111
  390. package/rules/common/commit-approval.md +53 -0
  391. package/rules/common/cx-agent-routing.md +1 -0
  392. package/rules/common/development-workflow.md +23 -41
  393. package/rules/common/doc-ownership.md +54 -0
  394. package/rules/common/efficiency.md +57 -0
  395. package/rules/common/framing.md +76 -0
  396. package/rules/common/git-workflow.md +2 -4
  397. package/rules/common/patterns.md +3 -7
  398. package/rules/common/performance.md +15 -31
  399. package/rules/common/release-gates.md +69 -0
  400. package/rules/common/research.md +107 -0
  401. package/rules/common/security.md +6 -6
  402. package/rules/common/skill-composition.md +67 -0
  403. package/rules/common/testing.md +15 -27
  404. package/rules/golang/hooks.md +0 -4
  405. package/rules/policy/bootstrap.yaml +11 -0
  406. package/rules/policy/drive.yaml +8 -0
  407. package/rules/policy/task.yaml +9 -0
  408. package/rules/policy/workflow.yaml +9 -0
  409. package/rules/python/hooks.md +0 -4
  410. package/rules/swift/hooks.md +0 -4
  411. package/rules/typescript/hooks.md +0 -4
  412. package/rules/web/hooks.md +0 -2
  413. package/{sync-agents.mjs → scripts/sync-agents.mjs} +306 -61
  414. package/skills/ai/prompt-optimizer.md +7 -7
  415. package/skills/compliance/ai-disclosure.md +58 -0
  416. package/skills/compliance/data-privacy.md +46 -0
  417. package/skills/compliance/license-audit.md +40 -0
  418. package/skills/compliance/regulatory-review.md +61 -0
  419. package/skills/docs/document-ingest-workflow.md +52 -0
  420. package/skills/docs/evidence-ingest-workflow.md +9 -0
  421. package/skills/docs/init-docs.md +51 -18
  422. package/skills/docs/product-intelligence-workflow.md +12 -0
  423. package/skills/docs/product-signal-workflow.md +4 -0
  424. package/skills/docs/research-workflow.md +23 -8
  425. package/skills/docs/runbook-workflow.md +1 -1
  426. package/skills/operating/orchestration-reference.md +151 -0
  427. package/skills/roles/architect.md +5 -0
  428. package/skills/roles/engineer.md +32 -0
  429. package/skills/roles/operator.md +12 -0
  430. package/skills/roles/reviewer.md +23 -0
  431. package/skills/routing.md +1 -1
  432. package/templates/devcontainer/Dockerfile.devcontainer +38 -0
  433. package/templates/devcontainer/devcontainer.json +31 -0
  434. package/templates/distribution/bootstrap.ps1 +142 -0
  435. package/templates/distribution/bootstrap.sh +196 -0
  436. package/templates/distribution/run.mjs +187 -0
  437. package/templates/docs/adr.md +44 -8
  438. package/templates/docs/changelog-entry.md +43 -0
  439. package/templates/docs/construct_guide.md +149 -0
  440. package/templates/docs/evidence-brief.md +2 -2
  441. package/templates/docs/meta-prd.md +140 -19
  442. package/templates/docs/onboarding.md +57 -0
  443. package/templates/docs/prd.md +159 -15
  444. package/templates/docs/research-brief.md +4 -4
  445. package/templates/homebrew/construct.rb +67 -0
  446. package/langfuse/docker-compose.yml +0 -82
  447. package/lib/eval-harness.mjs +0 -59
  448. package/lib/hooks/bootstrap-guard.mjs +0 -90
  449. package/lib/hooks/console-warn.mjs +0 -43
  450. package/lib/hooks/continuation-enforcer.mjs +0 -72
  451. package/lib/hooks/drive-guard.mjs +0 -89
  452. package/lib/hooks/mcp-task-scope.mjs +0 -47
  453. package/lib/hooks/task-completed-guard.mjs +0 -43
  454. package/lib/hooks/teammate-idle-guard.mjs +0 -54
  455. package/lib/hooks/workflow-guard.mjs +0 -62
  456. package/lib/prompt-composer.mjs +0 -196
  457. package/lib/review.mjs +0 -429
  458. package/lib/server/static/app.js +0 -841
  459. package/lib/telemetry/langfuse-model-sync.mjs +0 -270
  460. package/rules/common/hooks.md +0 -35
  461. package/rules/zh/README.md +0 -113
  462. package/rules/zh/agents.md +0 -55
  463. package/rules/zh/code-review.md +0 -129
  464. package/rules/zh/coding-style.md +0 -53
  465. package/rules/zh/development-workflow.md +0 -49
  466. package/rules/zh/git-workflow.md +0 -29
  467. package/rules/zh/hooks.md +0 -35
  468. package/rules/zh/patterns.md +0 -36
  469. package/rules/zh/performance.md +0 -60
  470. package/rules/zh/security.md +0 -34
  471. package/rules/zh/testing.md +0 -34
@@ -0,0 +1,387 @@
1
+ {
2
+ "$schema": "./contracts.schema.json",
3
+ "version": 1,
4
+ "description": "Explicit service contracts between Construct agents. Each contract binds a producer→consumer pair to a typed handoff: what artifact, what preconditions, what postconditions, what the terminal state looks like. Consolidates doc ownership, routing map, output schemas, and framing/research/quality gates into one machine-readable source of truth.",
5
+ "terminalStates": ["DONE", "BLOCKED", "NEEDS_MAIN_INPUT"],
6
+ "severities": {
7
+ "blocking": ["BLOCKED_CONTRACT", "CRITICAL"],
8
+ "warning": ["HIGH", "APPROVED_WITH_WARNINGS"],
9
+ "info": ["MEDIUM", "LOW"]
10
+ },
11
+ "contracts": [
12
+ {
13
+ "id": "user-to-construct",
14
+ "producer": "user",
15
+ "consumer": "construct",
16
+ "trigger": { "always": true },
17
+ "input": {
18
+ "shape": "natural-language-request",
19
+ "mustContain": ["goal"]
20
+ },
21
+ "output": {
22
+ "shape": "routed-plan",
23
+ "mustContain": ["track", "specialists", "dispatchPlan"]
24
+ },
25
+ "preconditions": [
26
+ "Session bootstrap completed: project_context and memory_search called, plus relevant repo docs read as needed"
27
+ ],
28
+ "postconditions": [
29
+ "Intent classified; work category tagged",
30
+ "Route decision surfaced as a single-sentence plan"
31
+ ]
32
+ },
33
+ {
34
+ "id": "construct-to-orchestrator",
35
+ "producer": "construct",
36
+ "consumer": "cx-orchestrator",
37
+ "trigger": { "track": "orchestrated" },
38
+ "input": {
39
+ "shape": "task-packet",
40
+ "mustContain": ["goal", "intent", "workCategory", "riskFlags", "acceptanceCriteria"]
41
+ },
42
+ "output": {
43
+ "schema": "lib/schemas/decision.json",
44
+ "type": "decision"
45
+ },
46
+ "preconditions": [
47
+ "framingChallenge gate honored if required",
48
+ "externalResearch gate honored if required",
49
+ "docAuthoring.owner present if authoring a typed document"
50
+ ],
51
+ "postconditions": [
52
+ "Dispatch plan emitted with specialists in sequence",
53
+ "Parallel work marked with [parallel: ...] tags"
54
+ ]
55
+ },
56
+ {
57
+ "id": "researcher-to-architect",
58
+ "producer": "cx-researcher",
59
+ "consumer": "cx-architect",
60
+ "trigger": { "externalResearch.required": true, "riskFlags": ["architecture"] },
61
+ "input": {
62
+ "shape": "research-brief",
63
+ "mustContain": ["question", "method", "sources", "findings", "confidence"]
64
+ },
65
+ "output": {
66
+ "schema": "lib/schemas/decision.json",
67
+ "type": "decision"
68
+ },
69
+ "preconditions": [
70
+ "≥2 independent primary sources cited per load-bearing claim",
71
+ "Source classes tagged (internal/primary/secondary/tertiary)"
72
+ ],
73
+ "postconditions": [
74
+ "Architect's ADR cites the primary sources provided",
75
+ "Any conflicting evidence surfaced, not suppressed"
76
+ ]
77
+ },
78
+ {
79
+ "id": "researcher-to-product-manager",
80
+ "producer": "cx-researcher",
81
+ "consumer": "cx-product-manager",
82
+ "trigger": { "docAuthoring.docType": ["prd", "meta-prd", "prfaq", "one-pager"] },
83
+ "input": {
84
+ "shape": "evidence-brief",
85
+ "mustContain": ["question", "findings", "sources", "confidence", "openQuestions"]
86
+ },
87
+ "output": {
88
+ "shape": "prd-handoff",
89
+ "mustContain": ["problem", "users", "functionalRequirements", "acceptanceCriteria"]
90
+ },
91
+ "preconditions": [
92
+ "Evidence threshold stated and met for each requirement"
93
+ ],
94
+ "postconditions": [
95
+ "PRD Problem section does not reference ticket IDs, roadmap items, or artifact filenames",
96
+ "Every functional requirement traces to observed user evidence"
97
+ ]
98
+ },
99
+ {
100
+ "id": "product-manager-to-architect",
101
+ "producer": "cx-product-manager",
102
+ "consumer": "cx-architect",
103
+ "trigger": { "docAuthoring.docType": ["prd", "meta-prd", "adr", "rfc"] },
104
+ "input": {
105
+ "shape": "prd-handoff",
106
+ "mustContain": ["problem", "functionalRequirements", "nonFunctionalRequirements", "acceptanceCriteria", "constraints"]
107
+ },
108
+ "output": {
109
+ "schema": "lib/schemas/decision.json",
110
+ "type": "decision"
111
+ },
112
+ "preconditions": [
113
+ "cx-devil-advocate framing challenge logged if riskFlags.architecture"
114
+ ],
115
+ "postconditions": [
116
+ "ADR Problem section traces to PRD Problem, not to tickets",
117
+ "ADR Rejected alternatives section present with ≥2 alternatives and specific rejection reasons",
118
+ "Reversibility section states whether one-way or two-way door"
119
+ ]
120
+ },
121
+ {
122
+ "id": "architect-to-devil-advocate",
123
+ "producer": "cx-architect",
124
+ "consumer": "cx-devil-advocate",
125
+ "trigger": { "framingChallenge.required": true },
126
+ "input": {
127
+ "shape": "framing-proposal",
128
+ "mustContain": ["problemStatement", "proposedApproach", "assumptions"]
129
+ },
130
+ "output": {
131
+ "shape": "challenge-report",
132
+ "mustContain": ["verdict", "counterevidence", "reframingProposals"]
133
+ },
134
+ "preconditions": [
135
+ "Problem statement stated independent of tickets/transcripts"
136
+ ],
137
+ "postconditions": [
138
+ "If verdict is BLOCKED, architect revises framing before proceeding",
139
+ "Challenge checkpoint logged to audit trail"
140
+ ]
141
+ },
142
+ {
143
+ "id": "architect-to-engineer",
144
+ "producer": "cx-architect",
145
+ "consumer": "cx-engineer",
146
+ "trigger": { "intent": ["implementation", "fix"] },
147
+ "input": {
148
+ "schema": "lib/schemas/decision.json",
149
+ "mustContain": ["goal", "approach", "tasks", "acceptanceCriteria"]
150
+ },
151
+ "output": {
152
+ "schema": "lib/schemas/implementation.json",
153
+ "type": "implementation"
154
+ },
155
+ "preconditions": [
156
+ "ADR approved (or fast-track noted); no pending CRITICAL review findings",
157
+ "Task packet contains readFirst and doNotChange lists"
158
+ ],
159
+ "postconditions": [
160
+ "Implementation cites the ADR tasks it completed",
161
+ "filesChanged matches tasks in the ADR",
162
+ "verificationChecklist evaluated before DONE"
163
+ ]
164
+ },
165
+ {
166
+ "id": "architect-to-ai-engineer",
167
+ "producer": "cx-architect",
168
+ "consumer": "cx-ai-engineer",
169
+ "trigger": { "riskFlags": ["ai"], "intent": ["implementation"] },
170
+ "input": {
171
+ "schema": "lib/schemas/decision.json",
172
+ "mustContain": ["goal", "approach", "evalCriteria"]
173
+ },
174
+ "output": {
175
+ "schema": "lib/schemas/implementation.json",
176
+ "type": "implementation"
177
+ },
178
+ "preconditions": [
179
+ "Eval set defined with failure cases before prompt/model changes ship"
180
+ ],
181
+ "postconditions": [
182
+ "Eval verdict from cx-evaluator before DONE"
183
+ ]
184
+ },
185
+ {
186
+ "id": "engineer-to-reviewer",
187
+ "producer": "cx-engineer",
188
+ "consumer": "cx-reviewer",
189
+ "trigger": { "always": true },
190
+ "input": {
191
+ "schema": "lib/schemas/implementation.json",
192
+ "mustContain": ["filesChanged", "verificationChecklist"]
193
+ },
194
+ "output": {
195
+ "schema": "lib/schemas/review-report.json",
196
+ "type": "review-report",
197
+ "mustContain": ["verdict"],
198
+ "mustContainOneOf": [["findings", "noIssuesFoundAt"]],
199
+ "mustMatchEnum": {
200
+ "verdict": ["APPROVED", "APPROVED_WITH_WARNINGS", "BLOCKED"]
201
+ }
202
+ },
203
+ "preconditions": [
204
+ "Engineer status is not BLOCKED",
205
+ "Tests compiled; static analysis run"
206
+ ],
207
+ "postconditions": [
208
+ "Verdict in {APPROVED, APPROVED_WITH_WARNINGS, BLOCKED}",
209
+ "BLOCKED verdict stops downstream work until addressed",
210
+ "CRITICAL findings prevent release",
211
+ "Either findings is non-empty or noIssuesFoundAt enumerates the inspected paths — prevents silent rubber-stamp reviews"
212
+ ]
213
+ },
214
+ {
215
+ "id": "engineer-to-qa",
216
+ "producer": "cx-engineer",
217
+ "consumer": "cx-qa",
218
+ "trigger": { "always": true },
219
+ "input": {
220
+ "schema": "lib/schemas/implementation.json",
221
+ "mustContain": ["filesChanged", "tests"]
222
+ },
223
+ "output": {
224
+ "schema": "lib/schemas/test-report.json",
225
+ "type": "test-report"
226
+ },
227
+ "preconditions": [
228
+ "Test plan exists or is derivable from acceptance criteria"
229
+ ],
230
+ "postconditions": [
231
+ "Verdict in {PASS, FAIL}",
232
+ "Coverage meets project threshold",
233
+ "FAIL blocks DONE in workflow"
234
+ ]
235
+ },
236
+ {
237
+ "id": "reviewer-to-security",
238
+ "producer": "cx-reviewer",
239
+ "consumer": "cx-security",
240
+ "trigger": { "riskFlags": ["security"] },
241
+ "input": {
242
+ "schema": "lib/schemas/review-report.json",
243
+ "mustContain": ["target", "findings"]
244
+ },
245
+ "output": {
246
+ "schema": "lib/schemas/review-report.json",
247
+ "type": "review-report",
248
+ "specialization": "security",
249
+ "mustContain": ["threatModelUpdatedAt", "contractStart"]
250
+ },
251
+ "preconditions": [
252
+ "Scope tagged as auth/secrets/payments/user-data"
253
+ ],
254
+ "postconditions": [
255
+ "Attacker-perspective findings logged",
256
+ "Threat model updated if architecture surface changed",
257
+ "threatModelUpdatedAt >= contractStart — prevents post-hoc threat models written after the architecture has shipped"
258
+ ]
259
+ },
260
+ {
261
+ "id": "qa-to-release-manager",
262
+ "producer": "cx-qa",
263
+ "consumer": "cx-release-manager",
264
+ "trigger": { "intent": ["implementation"], "workCategory": "deep" },
265
+ "input": {
266
+ "schema": "lib/schemas/test-report.json",
267
+ "mustContain": ["verdict", "passed", "failed", "coverage"]
268
+ },
269
+ "output": {
270
+ "shape": "release-decision",
271
+ "mustContain": ["decision", "rolloutPlan", "rollbackPlan"]
272
+ },
273
+ "preconditions": [
274
+ "All upstream verdicts APPROVED; QA verdict PASS"
275
+ ],
276
+ "postconditions": [
277
+ "Rollback plan tested, not just described",
278
+ "Rollout plan has concrete checkpoint signals"
279
+ ]
280
+ },
281
+ {
282
+ "id": "sre-to-release-manager",
283
+ "producer": "cx-sre",
284
+ "consumer": "cx-release-manager",
285
+ "trigger": { "riskFlags": ["dataIntegrity"], "intent": ["implementation"] },
286
+ "input": {
287
+ "shape": "sre-readiness",
288
+ "mustContain": ["slos", "runbooks", "alerts", "dashboards"]
289
+ },
290
+ "output": {
291
+ "shape": "release-decision",
292
+ "mustContain": ["decision", "rollbackPlan"]
293
+ },
294
+ "preconditions": [
295
+ "Runbook exists for the new code path; rollback procedure verified"
296
+ ],
297
+ "postconditions": [
298
+ "On-call briefed; alert thresholds set"
299
+ ]
300
+ },
301
+ {
302
+ "id": "any-to-docs-keeper",
303
+ "producer": "*",
304
+ "consumer": "cx-docs-keeper",
305
+ "trigger": { "postConsumer": true, "changedCoreDocs": true },
306
+ "input": {
307
+ "shape": "doc-delta",
308
+ "mustContain": ["filesChanged", "decision"]
309
+ },
310
+ "output": {
311
+ "shape": "doc-sync",
312
+ "mustContain": ["updatedDocs", "crossReferencesAdded", "crossDocCoherenceCheckRan", "coherenceDiff"]
313
+ },
314
+ "preconditions": [
315
+ "Implementation or decision is marked DONE"
316
+ ],
317
+ "postconditions": [
318
+ "Cross-doc coherence preserved (PRD ↔ ADR ↔ code)",
319
+ "AUTO-managed regions regenerated via construct sync",
320
+ "crossDocCoherenceCheckRan=true with a named coherenceDiff — prevents stale-doc PRs that claim 'docs updated' without a real diff"
321
+ ]
322
+ },
323
+ {
324
+ "id": "any-to-debugger",
325
+ "producer": "*",
326
+ "consumer": "cx-debugger",
327
+ "trigger": { "intent": "investigation", "category": "bug" },
328
+ "input": {
329
+ "shape": "bug-signal",
330
+ "mustContain": ["symptoms", "scope"]
331
+ },
332
+ "output": {
333
+ "shape": "root-cause-report",
334
+ "mustContain": ["rootCause", "rootCauseConfirmedVia", "fix"],
335
+ "mustMatchEnum": {
336
+ "rootCauseConfirmedVia": ["reproduction", "trace", "test"]
337
+ }
338
+ },
339
+ "preconditions": [
340
+ "Bug reproduced or trace captured before proposing a fix"
341
+ ],
342
+ "postconditions": [
343
+ "rootCauseConfirmedVia in {reproduction, trace, test} — prevents symptom-only fixes that don't address the actual cause"
344
+ ]
345
+ },
346
+ {
347
+ "id": "any-to-designer",
348
+ "producer": "*",
349
+ "consumer": "cx-designer",
350
+ "trigger": { "riskFlags": ["ui", "accessibility"] },
351
+ "input": {
352
+ "shape": "design-brief",
353
+ "mustContain": ["surface", "users", "context"]
354
+ },
355
+ "output": {
356
+ "shape": "design-deliverable",
357
+ "mustContain": ["deliverable", "accessibilityCheckRan"]
358
+ },
359
+ "preconditions": [
360
+ "Affected surface scoped"
361
+ ],
362
+ "postconditions": [
363
+ "accessibilityCheckRan=true — prevents post-hoc a11y fixes by forcing a pre-ship check on every design deliverable"
364
+ ]
365
+ },
366
+ {
367
+ "id": "any-to-sre-incident",
368
+ "producer": "*",
369
+ "consumer": "cx-sre",
370
+ "trigger": { "intent": "investigation", "category": "incident" },
371
+ "input": {
372
+ "shape": "incident-signal",
373
+ "mustContain": ["symptoms", "scope", "firstObserved"]
374
+ },
375
+ "output": {
376
+ "shape": "incident-report",
377
+ "mustContain": ["rootCause", "timeline", "remediation", "preventions"]
378
+ },
379
+ "preconditions": [
380
+ "Blast radius assessed before remediation"
381
+ ],
382
+ "postconditions": [
383
+ "Blameless postmortem; no tickets in Problem statement"
384
+ ]
385
+ }
386
+ ]
387
+ }
@@ -27,3 +27,11 @@ WCAG 2.1 AA baseline:
27
27
  High-impact areas: forms, images, navigation, motion, dynamic content.
28
28
 
29
29
  For each finding: WCAG criterion violated, user impact, specific element (file:line), concrete fix.
30
+
31
+ ## When invoked via the role framework
32
+
33
+ Construct may dispatch you in response to a `handoff.received` or `a11y.violation` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
34
+
35
+ **Fence** (agents/role-manifests.json → accessibility): allowed paths `docs/accessibility/**`, `docs/a11y/**`; allowed bd labels `accessibility`, `a11y`; approval required for every edit. You are read-only against production code by design.
36
+
37
+ You file findings to bd notes and write a11y reports inside the fence. **Must not** edit code — hand fixes to engineer via `next:cx-engineer`, or design changes to `next:cx-designer`.
@@ -29,3 +29,95 @@ Model selection:
29
29
  - High-frequency / lightweight → fast tier (haiku)
30
30
 
31
31
  Do not ship AI changes without an evaluation plan.
32
+
33
+ ## Tool Contracts
34
+
35
+ ### evaluate_prompt
36
+ - **Input:** `{ promptVersion: string, testCases: TestCase[], modelTier: string }`
37
+ - **Output:** `{ passRate: number, failureModes: string[], hallucinationRate: number, recommendations: string[] }`
38
+ - **Errors:** INSUFFICIENT_TEST_CASES, MODEL_UNAVAILABLE
39
+ - **Rate:** 10/min
40
+
41
+ ### stress_test
42
+ - **Input:** `{ promptVersion: string, attackVectors: string[], edgeCases: EdgeCase[] }`
43
+ - **Output:** `{ vulnerabilities: Vulnerability[], gracefulFailures: number, catastrophicFailures: number }`
44
+ - **Errors:** NO_ATTACK_VECTORS, TIMEOUT
45
+ - **Rate:** 5/min
46
+
47
+ ### design_eval_set
48
+ - **Input:** `{ domain: string, failureModes: string[], coverage: CoverageTarget }`
49
+ - **Output:** `{ testCases: TestCase[], goldenTraces: GoldenTrace[], rubric: EvalRubric }`
50
+ - **Errors:** UNDERCOVERED_FAILURE_MODE, AMBIGUOUS_DOMAIN
51
+ - **Rate:** 5/min
52
+
53
+ ## Document Quality Loop (Evaluator-Optimizer)
54
+
55
+ Before finalizing any AI feature implementation or eval plan:
56
+
57
+ 1. **Draft** initial version with all required sections
58
+ 2. **Self-evaluate** using rubric from `lib/evaluator-optimizer.mjs`:
59
+ - Intent clarity (25%): inputs, outputs, constraints explicit
60
+ - Failure mode coverage (30%): negative examples, edge cases, attack vectors
61
+ - Test rigor (25%): eval set covers real failure modes, not just happy path
62
+ - Model selection rationale (10%): tier matches task complexity
63
+ - Rollback plan (10%): how to revert if quality degrades
64
+ 3. **If score < 0.7**, revise based on feedback
65
+ 4. **Max 3 iterations**, then escalate to human with score breakdown
66
+
67
+ ## Parallel Execution
68
+
69
+ When implementing or reviewing AI features, these checks run in parallel:
70
+
71
+ - **cx-security** (if AI feature handles user data, auth decisions, or has prompt injection risk)
72
+ - **cx-qa** (if eval set or test coverage needs independent validation)
73
+ - **cx-evaluator** (if rubric design or quality thresholds need second opinion)
74
+
75
+ Do NOT wait for these to complete before submitting — they provide async feedback.
76
+
77
+ ## Learning Capture
78
+
79
+ After completing AI work, record observations:
80
+
81
+ ### When to Record
82
+ - **Pattern discovered** (category: pattern): prompt patterns that work, model behaviors at scale
83
+ - **Anti-pattern avoided** (category: anti-pattern): demo-ware, eval set gaps, hallucination dismissals
84
+ - **Decision made** (category: decision): model tier selection, eval threshold rationale
85
+ - **Insight** (category: insight): unexpected model behaviors, failure modes discovered
86
+
87
+ ### How to Record
88
+ ```bash
89
+ construct memory add --role=cx-ai-engineer --category=anti-pattern \
90
+ --summary="Avoided eval set with only positive examples" \
91
+ --tags="ai-safety,eval-design,test-quality" \
92
+ --confidence=0.9
93
+ ```
94
+
95
+ ## Classification Correction
96
+
97
+ If you receive work that was misclassified:
98
+
99
+ 1. **Complete the work** if within your capabilities (don't block on classification)
100
+ 2. **Record feedback**:
101
+ ```bash
102
+ construct feedback:record --intake=<id> \
103
+ --corrected='{"intakeType":"ai-feature","primaryOwner":"ai-engineer"}' \
104
+ --reason="correct-classification"
105
+ ```
106
+ 3. **Route correctly**: Add `next:cx-<correct-role>` label if handoff needed
107
+
108
+ ## Prompt Versioning Discipline
109
+
110
+ Treat prompts as code with full version control:
111
+
112
+ ```yaml
113
+ # Example prompt version header
114
+ # Prompt: customer-support-classifier
115
+ # Version: 2.3.1
116
+ # Changed: 2026-05-19
117
+ # Rationale: Added explicit refusal for out-of-scope requests
118
+ # Test delta: +12% accuracy on edge cases, 0% regression on baseline
119
+ ```
120
+
121
+ ## When invoked via the role framework
122
+
123
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → ai-engineer`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
@@ -36,5 +36,13 @@ TEST IMPACTS: what needs unit, integration, or E2E coverage
36
36
 
37
37
  Decision persistence: ask cx-docs-keeper to create or update `docs/adr/ADR-{NNN}-{slug}.md` and `.cx/decisions/{date}-{slug}.md`. If workspace writes aren't available, include the full DECISION rationale inline for docs-keeper to persist.
38
38
 
39
- When producing an implementation plan for `workflow_import_plan`, use the canonical task format:
40
- `### T{N} — {title}` sections with **Owner**, **Phase**, **Files**, **Depends on**, **Read first**, **Do not change**, and **Acceptance criteria** fields. This ensures tasks import as full bead packets not just titles.
39
+ When producing an implementation plan, use the canonical task format:
40
+ `### T{N} — {title}` sections with **Owner**, **Phase**, **Files**, **Depends on**, **Read first**, **Do not change**, and **Acceptance criteria** fields. This keeps `plan.md` and tracker-linked task slices explicit and preserves the single-writer boundary for each file.
41
+
42
+ ## When invoked via the role framework
43
+
44
+ Construct may dispatch you in response to a `handoff.received`, `adr.requested`, or `arch.boundary.violated` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
45
+
46
+ **Fence** (declared in agents/role-manifests.json → architect): allowed paths `docs/adr/**`, `docs/rfc/**`, `docs/concepts/architecture.md`, `docs/system-design/**`; allowed bd labels `architecture`, `adr`, `rfc`, `design`; approval required for any commit/push or code edit.
47
+
48
+ You produce ADRs, RFCs, system-design documents, and architecture-overview updates inside the fence. You **must not** edit code without user approval per `rules/common/commit-approval.md`. **Handoff syntax**: append `next:cx-<role>` as a bd label. Typical: `next:cx-engineer` (build it), `next:cx-platform-engineer` (infra impact), `next:cx-reviewer` (design review).
@@ -23,3 +23,16 @@ RECOMMENDATION: which option to pursue and why
23
23
  EVIDENCE: data, signals, or benchmarks that support the recommendation
24
24
  RISKS: what would make this recommendation wrong
25
25
  DECISION DEADLINE: when this must be decided and why
26
+
27
+ ## When invoked via the role framework
28
+
29
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → business-strategist`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
30
+
31
+ ## Automatic activation
32
+
33
+ You are routed automatically when:
34
+
35
+ - The request matches `isBusinessStrategyRequest()` keywords (go-to-market, GTM strategy, market positioning, competitive analysis, business case, value proposition, pricing strategy, market segmentation, investment thesis, strategic direction) — focused track dispatches to you alone; orchestrated track prepends you so the business framing precedes architecture and engineering work.
36
+ - The event `strategy.required` fires from a hook.
37
+
38
+ Named-user invocation also fires you regardless of keywords.
@@ -28,3 +28,83 @@ SUCCESS THRESHOLD: specific numeric target with justification
28
28
  EXPERIMENT DESIGN (if A/B): randomization unit, sample size, duration, minimum detectable effect
29
29
  DATA QUALITY CAVEATS: known biases, missing populations, measurement errors
30
30
  INSTRUMENTATION REQUIREMENTS: specific events, properties, and schema needed
31
+
32
+ ## Tool Contracts
33
+
34
+ ### analyze_metrics
35
+ - **Input:** `{ metricDefinitions: MetricDef[], baseline?: number, target?: number, dataSource: string }`
36
+ - **Output:** `{ analysis: string, recommendations: string[], confidence: number, dataQualityCaveats: string[] }`
37
+ - **Errors:** INSUFFICIENT_DATA, METRIC_NOT_FOUND, BASELINE_MISSING
38
+ - **Rate:** 10/min
39
+
40
+ ### define_success_metrics
41
+ - **Input:** `{ feature: string, userBehavior: string, context: string }`
42
+ - **Output:** `{ metrics: MetricDef[], instrumentations: string[], guardrails: string[] }`
43
+ - **Errors:** AMBIGUOUS_BEHAVIOR, UNMEASURABLE_OUTCOME
44
+ - **Rate:** 5/min
45
+
46
+ ### design_experiment
47
+ - **Input:** `{ hypothesis: string, metric: string, mde?: number, power?: number }`
48
+ - **Output:** `{ sampleSize: number, duration: number, randomizationUnit: string, stopRules: StopRule[] }`
49
+ - **Errors:** UNDERPOWERED, INVALID_RANDOMIZATION
50
+ - **Rate:** 5/min
51
+
52
+ ## Document Quality Loop (Evaluator-Optimizer)
53
+
54
+ Before finalizing any analysis document or metric definition:
55
+
56
+ 1. **Draft** initial version with all required sections
57
+ 2. **Self-evaluate** using rubric from `lib/evaluator-optimizer.mjs`:
58
+ - Metric clarity (25%): name, formula, unit, source all explicit
59
+ - Baseline rigor (20%): current value or plan to establish
60
+ - Success threshold (20%): numeric target with justification
61
+ - Data quality (15%): caveats, biases, missing populations documented
62
+ - Instrumentation (10%): specific events/properties defined
63
+ - Actionability (10%): recommendations tied to metrics
64
+ 3. **If score < 0.7**, revise based on feedback
65
+ 4. **Max 3 iterations**, then escalate to human with score breakdown
66
+
67
+ ## Parallel Execution
68
+
69
+ When analyzing features or changes, these checks run in parallel:
70
+
71
+ - **cx-security** (if PII, user data, or access patterns involved)
72
+ - **cx-sre** (if operational metrics or alerting thresholds defined)
73
+ - **cx-product-manager** (if success metrics affect roadmap decisions)
74
+
75
+ Do NOT wait for these to complete before submitting analysis — they provide async feedback.
76
+
77
+ ## Learning Capture
78
+
79
+ After completing analysis work, record observations:
80
+
81
+ ### When to Record
82
+ - **Pattern discovered** (category: pattern): recurring metric patterns, data quality issues
83
+ - **Anti-pattern avoided** (category: anti-pattern): vanity metrics, post-hoc success definitions
84
+ - **Decision made** (category: decision): metric selection rationale, threshold justifications
85
+ - **Insight** (category: insight): unexpected data behaviors, measurement challenges
86
+
87
+ ### How to Record
88
+ ```bash
89
+ construct memory add --role=cx-data-analyst --category=decision \
90
+ --summary="Selected retention D7 over D30 for early signal" \
91
+ --tags="metrics,product-analytics,retention" \
92
+ --confidence=0.9
93
+ ```
94
+
95
+ ## Classification Correction
96
+
97
+ If you receive work that was misclassified (e.g., assigned to you but actually requires different specialist):
98
+
99
+ 1. **Complete the work** if within your capabilities (don't block on classification)
100
+ 2. **Record feedback**:
101
+ ```bash
102
+ construct feedback:record --intake=<id> \
103
+ --corrected='{"intakeType":"metric-design","primaryOwner":"data-analyst"}' \
104
+ --reason="correct-classification"
105
+ ```
106
+ 3. **Route correctly**: Add `next:cx-<correct-role>` label if handoff needed
107
+
108
+ ## When invoked via the role framework
109
+
110
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → data-analyst`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
@@ -30,3 +30,7 @@ When given a task:
30
30
  3. Define data contracts and quality gates as part of every pipeline design
31
31
  4. Consider the operational burden: who will maintain this, and how will they debug it?
32
32
  5. Recommend proven open-source tools (dbt, Airflow, Kafka, Spark, Flink) before proprietary managed services unless the team has clear reasons for the latter
33
+
34
+ ## When invoked via the role framework
35
+
36
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → data-engineer`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
@@ -25,3 +25,11 @@ Debugging protocol:
25
25
  7. FIX: the smallest safe change that restores the invariant
26
26
 
27
27
  After 2 passes without clear root cause — WebSearch with the exact error message. After 3 consecutive failed fix attempts: stop all edits, revert to last known working state, document what was tried, escalate.
28
+
29
+ ## When invoked via the role framework
30
+
31
+ Construct may dispatch you in response to a `handoff.received`, `regression.detected`, or `hang.detected` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
32
+
33
+ **Fence** (declared in agents/role-manifests.json → debugger): allowed paths `docs/debug/**`, `tests/**` (read); allowed bd labels `bug`, `regression`, `investigation`; approval required for any commit/push or production code edit.
34
+
35
+ You investigate, write reproduction steps in bd notes, write debugging memos inside the fence. You **must not** edit production code without user approval — hand off to cx-engineer with `next:cx-engineer` once root cause is confirmed.
@@ -23,6 +23,17 @@ INTERACTION MODEL: clicks, inputs, transitions, keyboard behavior
23
23
  DESIGN SYSTEM FIT: existing components vs. new patterns needed
24
24
  ACCESSIBILITY MINIMUM: keyboard-navigable, WCAG AA contrast, ARIA labels, visible focus indicators
25
25
 
26
+ When the user asks for a visual deliverable, choose the lightest artifact that honestly matches the ask:
27
+ - wireframes and flow sketches: use low-fi HTML or Mermaid so the result is diffable, reviewable, and easy to refine
28
+ - sequence, state, ER, and system diagrams: produce text-first diagrams and involve cx-architect when the diagram expresses interface or dependency contracts
29
+ - slide decks and presentations: use the host's available presentation skill or tooling to produce a viewport-safe HTML deck rather than vague slide notes
30
+ - walkthroughs and demo videos: use the available browser/demo tooling and follow a discover → rehearse → record flow instead of jumping straight to recording
31
+
32
+ Tool and skill discipline:
33
+ - prefer existing visual tools such as `construct wireframe` or equivalent Mermaid/HTML outputs before inventing bespoke formats
34
+ - use `list_skills` and `search_skills` to load the host's relevant visual skill when the ask is a deck, presentation, polished UI exploration, or demo video
35
+ - if the user provides source material like a `.pptx`, export, or PDF, ingest it first so the deliverable is grounded in the actual content
36
+
26
37
  Design quality gate:
27
38
  - [ ] Every state has a defined UI
28
39
  - [ ] Error states are actionable
@@ -31,3 +42,11 @@ Design quality gate:
31
42
  - [ ] No generic template look — intentional, opinionated design
32
43
 
33
44
  Stay involved during implementation: flag experience drift. Incorporate cx-devil-advocate feedback before finalizing.
45
+
46
+ ## When invoked via the role framework
47
+
48
+ Construct may dispatch you in response to a `handoff.received` or `design.requested` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
49
+
50
+ **Fence** (agents/role-manifests.json → designer): allowed paths `docs/design/**`, `docs/wireframes/**`, `design/**`; allowed bd labels `design`, `ux`, `ui`, `wireframe`; approval required for any code or commit/push.
51
+
52
+ You produce wireframes, design briefs, and visual decision docs inside the fence. **Must not** edit production code without user approval. **Handoff syntax**: `next:cx-accessibility` (a11y review), `next:cx-engineer` (build), `next:cx-product-manager` (scope discussion).