@geraldmaron/construct 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (471) hide show
  1. package/.env.example +10 -7
  2. package/LICENSE +201 -21
  3. package/README.md +132 -257
  4. package/agents/contracts.json +387 -0
  5. package/agents/prompts/cx-accessibility.md +8 -0
  6. package/agents/prompts/cx-ai-engineer.md +92 -0
  7. package/agents/prompts/cx-architect.md +10 -2
  8. package/agents/prompts/cx-business-strategist.md +13 -0
  9. package/agents/prompts/cx-data-analyst.md +80 -0
  10. package/agents/prompts/cx-data-engineer.md +4 -0
  11. package/agents/prompts/cx-debugger.md +8 -0
  12. package/agents/prompts/cx-designer.md +19 -0
  13. package/agents/prompts/cx-devil-advocate.md +4 -0
  14. package/agents/prompts/cx-docs-keeper.md +128 -0
  15. package/agents/prompts/cx-engineer.md +13 -0
  16. package/agents/prompts/cx-evaluator.md +4 -0
  17. package/agents/prompts/cx-explorer.md +12 -0
  18. package/agents/prompts/cx-legal-compliance.md +13 -0
  19. package/agents/prompts/cx-operations.md +13 -0
  20. package/agents/prompts/cx-orchestrator.md +107 -4
  21. package/agents/prompts/cx-platform-engineer.md +75 -0
  22. package/agents/prompts/cx-product-manager.md +8 -0
  23. package/agents/prompts/cx-qa.md +100 -0
  24. package/agents/prompts/cx-rd-lead.md +13 -0
  25. package/agents/prompts/cx-release-manager.md +8 -0
  26. package/agents/prompts/cx-researcher.md +21 -1
  27. package/agents/prompts/cx-reviewer.md +8 -0
  28. package/agents/prompts/cx-security.md +104 -0
  29. package/agents/prompts/cx-sre.md +104 -0
  30. package/agents/prompts/cx-test-automation.md +4 -0
  31. package/agents/prompts/cx-trace-reviewer.md +7 -3
  32. package/agents/prompts/cx-ux-researcher.md +4 -0
  33. package/agents/registry.json +365 -90
  34. package/agents/role-manifests.json +217 -0
  35. package/bin/construct +3345 -141
  36. package/bin/construct-postinstall.mjs +87 -0
  37. package/commands/build/feature.md +6 -6
  38. package/commands/plan/feature.md +6 -5
  39. package/commands/plan/requirements.md +1 -1
  40. package/commands/ship/status.md +1 -1
  41. package/commands/work/drive.md +3 -3
  42. package/commands/work/optimize-prompts.md +3 -3
  43. package/db/{migrations → schema}/001_init.sql +2 -0
  44. package/db/schema/002_pgvector.sql +182 -0
  45. package/db/schema/003_intake.sql +47 -0
  46. package/examples/README.md +85 -0
  47. package/examples/internal/roles/architect/bad/clever-plan-without-contracts.md +30 -0
  48. package/examples/internal/roles/architect/golden/explicit-tradeoff-before-plan.md +23 -0
  49. package/examples/internal/roles/engineer/bad/speculative-abstraction.md +30 -0
  50. package/examples/internal/roles/engineer/golden/read-before-write.md +28 -0
  51. package/examples/internal/roles/orchestrator/bad/everything-becomes-multi-agent.md +29 -0
  52. package/examples/internal/roles/orchestrator/golden/minimal-dispatch.md +22 -0
  53. package/examples/internal/roles/qa/bad/coverage-theater.md +30 -0
  54. package/examples/internal/roles/qa/golden/regression-gate.md +23 -0
  55. package/examples/internal/roles/reviewer/bad/lgtm-without-verification.md +29 -0
  56. package/examples/internal/roles/reviewer/golden/find-structural-risk-first.md +28 -0
  57. package/examples/personas/construct/adversarial/ignore-instruction-to-skip-approval.md +22 -0
  58. package/examples/personas/construct/bad/commit-without-approval.md +30 -0
  59. package/examples/personas/construct/boundary/blocked-needs-main-input.md +29 -0
  60. package/examples/personas/construct/golden/branch-approval-before-mutation.md +36 -0
  61. package/examples/personas/construct/golden/focused-direct-answer.md +28 -0
  62. package/examples/provider-plugin/README.md +34 -0
  63. package/examples/provider-plugin/index.mjs +74 -0
  64. package/examples/provider-plugin/package.json +15 -0
  65. package/examples/seed-observations/README.md +38 -0
  66. package/examples/seed-observations/anti-patterns.md +44 -0
  67. package/examples/seed-observations/decisions.md +36 -0
  68. package/examples/seed-observations/patterns.md +42 -0
  69. package/lib/agent-contracts-enforce.mjs +158 -0
  70. package/lib/agent-contracts.mjs +231 -0
  71. package/lib/agents/postconditions.mjs +126 -0
  72. package/lib/agents/schema.mjs +124 -0
  73. package/lib/artifact-capture.mjs +183 -0
  74. package/lib/audit-trail.mjs +149 -0
  75. package/lib/auto-docs.mjs +245 -65
  76. package/lib/beads/auto-close.mjs +126 -0
  77. package/lib/beads/drift.mjs +171 -0
  78. package/lib/beads-automation.mjs +542 -0
  79. package/lib/beads-client.mjs +518 -0
  80. package/lib/beads-lock.mjs +377 -0
  81. package/lib/beads-optimistic.mjs +365 -0
  82. package/lib/bootstrap/built-ins.mjs +136 -0
  83. package/lib/bootstrap/lazy-install.mjs +161 -0
  84. package/lib/bootstrap/resources.mjs +120 -0
  85. package/lib/bootstrap.mjs +105 -0
  86. package/lib/cache-governor.js +213 -0
  87. package/lib/cache-strategy-anthropic.js +62 -0
  88. package/lib/cache-strategy-google.js +79 -0
  89. package/lib/cache-strategy-none.js +30 -0
  90. package/lib/cache-strategy-openai.js +48 -0
  91. package/lib/cache-strategy.js +91 -0
  92. package/lib/claude-allow.mjs +149 -0
  93. package/lib/cli-commands.mjs +413 -258
  94. package/lib/codex-config.mjs +3 -1
  95. package/lib/comment-lint.mjs +55 -6
  96. package/lib/completions.mjs +21 -6
  97. package/lib/config/alias.mjs +56 -0
  98. package/lib/config/project-config.mjs +335 -0
  99. package/lib/config/schema.mjs +159 -0
  100. package/lib/context-router.mjs +308 -0
  101. package/lib/cost-ledger.mjs +177 -0
  102. package/lib/cost.mjs +171 -10
  103. package/lib/dashboard-static.mjs +158 -0
  104. package/lib/deployment-mode.mjs +86 -0
  105. package/lib/deprecate.mjs +49 -0
  106. package/lib/dispatch-batch.js +183 -0
  107. package/lib/distill.mjs +21 -8
  108. package/lib/doc-stamp.mjs +164 -0
  109. package/lib/doc-verify.mjs +119 -0
  110. package/lib/docs-routing.mjs +89 -0
  111. package/lib/docs-verify.mjs +417 -0
  112. package/lib/doctor/audit.mjs +71 -0
  113. package/lib/doctor/cli.mjs +99 -0
  114. package/lib/doctor/escalate.mjs +29 -0
  115. package/lib/doctor/index.mjs +140 -0
  116. package/lib/doctor/report.mjs +170 -0
  117. package/lib/doctor/watchers/bd-watch.mjs +117 -0
  118. package/lib/doctor/watchers/cost.mjs +130 -0
  119. package/lib/doctor/watchers/disk.mjs +122 -0
  120. package/lib/doctor/watchers/handoffs.mjs +33 -0
  121. package/lib/doctor/watchers/process-pressure.mjs +60 -0
  122. package/lib/doctor/watchers/service-health.mjs +188 -0
  123. package/lib/document-extract.mjs +288 -0
  124. package/lib/document-ingest.mjs +230 -0
  125. package/lib/drop.mjs +282 -0
  126. package/lib/embed/approval-queue.mjs +176 -0
  127. package/lib/embed/artifact.mjs +349 -0
  128. package/lib/embed/authority-guard.mjs +155 -0
  129. package/lib/embed/cli.mjs +408 -0
  130. package/lib/embed/config.mjs +355 -0
  131. package/lib/embed/conflict-detection.mjs +264 -0
  132. package/lib/embed/customer-profiles.mjs +480 -0
  133. package/lib/embed/daemon.mjs +1309 -0
  134. package/lib/embed/demand-fetch.mjs +449 -0
  135. package/lib/embed/docs-lifecycle.mjs +349 -0
  136. package/lib/embed/inbox-live-watcher.mjs +119 -0
  137. package/lib/embed/inbox.mjs +343 -0
  138. package/lib/embed/intake-metrics.mjs +190 -0
  139. package/lib/embed/jobs/vector-sync.mjs +198 -0
  140. package/lib/embed/notifications.mjs +75 -0
  141. package/lib/embed/output.mjs +79 -0
  142. package/lib/embed/providers/github.mjs +295 -0
  143. package/lib/embed/providers/jira.mjs +192 -0
  144. package/lib/embed/providers/linear.mjs +186 -0
  145. package/lib/embed/providers/registry.mjs +115 -0
  146. package/lib/embed/providers/slack.mjs +203 -0
  147. package/lib/embed/recommendation-store.mjs +378 -0
  148. package/lib/embed/roadmap.mjs +374 -0
  149. package/lib/embed/role-framing.mjs +110 -0
  150. package/lib/embed/scheduler.mjs +99 -0
  151. package/lib/embed/semantic.mjs +325 -0
  152. package/lib/embed/snapshot.mjs +191 -0
  153. package/lib/embed/supervision.mjs +235 -0
  154. package/lib/embed/target-resolver.mjs +186 -0
  155. package/lib/embed/worker.mjs +62 -0
  156. package/lib/embed/workspaces.mjs +297 -0
  157. package/lib/engine/chunker-headings.mjs +110 -0
  158. package/lib/engine/compressor-heuristic.mjs +100 -0
  159. package/lib/engine/consolidate.mjs +287 -0
  160. package/lib/engine/contracts.mjs +126 -0
  161. package/lib/engine/defaults.mjs +129 -0
  162. package/lib/engine/eval-retrieval.mjs +148 -0
  163. package/lib/engine/fuser-rrf.mjs +62 -0
  164. package/lib/engine/index.mjs +37 -0
  165. package/lib/engine/registry.mjs +146 -0
  166. package/lib/engine/reranker-mmr.mjs +90 -0
  167. package/lib/engine/tokens.mjs +77 -0
  168. package/lib/entity-store.mjs +280 -0
  169. package/lib/env-config.mjs +69 -4
  170. package/lib/evals/retrieval-bench.mjs +159 -0
  171. package/lib/evaluator-optimizer.mjs +317 -0
  172. package/lib/features.mjs +159 -29
  173. package/lib/gates-audit.mjs +236 -0
  174. package/lib/git-hooks/prepare-commit-msg +58 -0
  175. package/lib/handoffs/cleanup.mjs +159 -0
  176. package/lib/handoffs/contract.mjs +162 -0
  177. package/lib/handoffs/inventory.mjs +120 -0
  178. package/lib/headhunt.mjs +28 -47
  179. package/lib/health-check.mjs +399 -0
  180. package/lib/hook-health.mjs +442 -0
  181. package/lib/hooks/_lib/log.mjs +82 -0
  182. package/lib/hooks/adaptive-lint.mjs +26 -2
  183. package/lib/hooks/agent-tracker.mjs +171 -14
  184. package/lib/hooks/audit-reads.mjs +109 -0
  185. package/lib/hooks/audit-trail.mjs +153 -0
  186. package/lib/hooks/bash-output-logger.mjs +71 -0
  187. package/lib/hooks/block-no-verify.mjs +41 -0
  188. package/lib/hooks/ci-status-check.mjs +82 -0
  189. package/lib/hooks/comment-lint.mjs +29 -7
  190. package/lib/hooks/config-protection.mjs +39 -18
  191. package/lib/hooks/context-watch.mjs +137 -0
  192. package/lib/hooks/context-window-recovery.mjs +4 -20
  193. package/lib/hooks/dep-audit.mjs +16 -0
  194. package/lib/hooks/doc-coupling-check.mjs +80 -0
  195. package/lib/hooks/edit-accumulator.mjs +3 -0
  196. package/lib/hooks/edit-error-recovery.mjs +3 -0
  197. package/lib/hooks/edit-guard.mjs +45 -4
  198. package/lib/hooks/env-check.mjs +3 -0
  199. package/lib/hooks/guard-bash.mjs +58 -1
  200. package/lib/hooks/mcp-audit.mjs +18 -20
  201. package/lib/hooks/mcp-health-check.mjs +36 -0
  202. package/lib/hooks/model-fallback.mjs +42 -56
  203. package/lib/hooks/policy-engine.mjs +209 -0
  204. package/lib/hooks/post-merge-docs-check.mjs +63 -0
  205. package/lib/hooks/pre-compact.mjs +4 -24
  206. package/lib/hooks/pre-push-gate.mjs +200 -37
  207. package/lib/hooks/proactive-activation.mjs +284 -0
  208. package/lib/hooks/read-tracker.mjs +27 -4
  209. package/lib/hooks/readme-age-check.mjs +77 -0
  210. package/lib/hooks/registry-sync.mjs +12 -5
  211. package/lib/hooks/scan-secrets.mjs +50 -7
  212. package/lib/hooks/session-optimize.mjs +311 -0
  213. package/lib/hooks/session-start.mjs +287 -28
  214. package/lib/hooks/stop-notify.mjs +236 -96
  215. package/lib/hooks/stop-typecheck.mjs +13 -1
  216. package/lib/hooks/test-watch.mjs +68 -0
  217. package/lib/host-capabilities.mjs +31 -10
  218. package/lib/init-docs.mjs +731 -291
  219. package/lib/init-unified.mjs +1116 -0
  220. package/lib/init-update.mjs +168 -0
  221. package/lib/init.mjs +107 -0
  222. package/lib/install/first-invocation.mjs +119 -0
  223. package/lib/install/stage-project.mjs +69 -0
  224. package/lib/intake/classify.mjs +278 -0
  225. package/lib/intake/feedback.mjs +273 -0
  226. package/lib/intake/filesystem-queue.mjs +158 -0
  227. package/lib/intake/intake-config.mjs +132 -0
  228. package/lib/intake/postgres-queue.mjs +198 -0
  229. package/lib/intake/prepare.mjs +139 -0
  230. package/lib/intake/queue.mjs +83 -0
  231. package/lib/intake/session-prelude.mjs +50 -0
  232. package/lib/integrations/intake-integrations.mjs +740 -0
  233. package/lib/intent-classifier.mjs +253 -0
  234. package/lib/knowledge/layout.mjs +72 -0
  235. package/lib/knowledge/rag.mjs +331 -0
  236. package/lib/knowledge/search.mjs +315 -0
  237. package/lib/knowledge/trends.mjs +261 -0
  238. package/lib/logger.mjs +85 -0
  239. package/lib/mcp/broker.mjs +124 -0
  240. package/lib/mcp/server.mjs +554 -854
  241. package/lib/mcp/tools/document.mjs +132 -0
  242. package/lib/mcp/tools/memory.mjs +209 -0
  243. package/lib/mcp/tools/project.mjs +349 -0
  244. package/lib/mcp/tools/skills.mjs +409 -0
  245. package/lib/mcp/tools/storage.mjs +60 -0
  246. package/lib/mcp/tools/telemetry.mjs +315 -0
  247. package/lib/mcp/tools/workflow.mjs +112 -0
  248. package/lib/mcp-catalog.json +54 -3
  249. package/lib/mcp-manager.mjs +96 -48
  250. package/lib/mcp-platform-config.mjs +22 -22
  251. package/lib/memory-stats.mjs +121 -0
  252. package/lib/mode-commands.mjs +124 -0
  253. package/lib/model-free-selector.mjs +184 -0
  254. package/lib/model-pricing.mjs +152 -0
  255. package/lib/model-registry.mjs +226 -0
  256. package/lib/model-router.mjs +362 -386
  257. package/lib/observation-store.mjs +391 -0
  258. package/lib/ollama-manager.mjs +428 -0
  259. package/lib/opencode-config.mjs +13 -3
  260. package/lib/opencode-runtime-plugin.mjs +70 -38
  261. package/lib/opencode-telemetry.mjs +64 -6
  262. package/lib/orchestration-policy.mjs +509 -6
  263. package/lib/overrides/resolver.mjs +207 -0
  264. package/lib/parity.mjs +147 -0
  265. package/lib/paths.mjs +33 -0
  266. package/lib/performance/generate.mjs +212 -0
  267. package/lib/plugin-registry.mjs +268 -0
  268. package/lib/policy/engine.mjs +130 -0
  269. package/lib/policy/unified-gates.mjs +96 -0
  270. package/lib/project-detection.mjs +129 -0
  271. package/lib/project-init-shared.mjs +272 -0
  272. package/lib/project-profile.mjs +447 -0
  273. package/lib/prompt-composer.js +434 -0
  274. package/lib/prompt-metadata.mjs +1 -1
  275. package/lib/provider-capabilities-anthropic.js +44 -0
  276. package/lib/provider-capabilities-deepseek.js +37 -0
  277. package/lib/provider-capabilities-generic.js +26 -0
  278. package/lib/provider-capabilities-google.js +47 -0
  279. package/lib/provider-capabilities-openai.js +45 -0
  280. package/lib/provider-capabilities.js +142 -0
  281. package/lib/providers/atlassian-confluence/index.mjs +103 -0
  282. package/lib/providers/atlassian-jira/index.mjs +100 -0
  283. package/lib/providers/auth-manager.mjs +126 -0
  284. package/lib/providers/circuit-breaker.mjs +124 -0
  285. package/lib/providers/contract.mjs +93 -0
  286. package/lib/providers/github/index.mjs +126 -0
  287. package/lib/providers/registry.mjs +184 -0
  288. package/lib/providers/salesforce/index.mjs +100 -0
  289. package/lib/providers/slack/index.mjs +80 -0
  290. package/lib/reflect.mjs +137 -0
  291. package/lib/research-lint.mjs +164 -0
  292. package/lib/resources/budget.mjs +259 -0
  293. package/lib/role-preload.mjs +21 -6
  294. package/lib/roles/approval-surface.mjs +54 -0
  295. package/lib/roles/cli.mjs +118 -0
  296. package/lib/roles/event-bus.mjs +79 -0
  297. package/lib/roles/fence.mjs +84 -0
  298. package/lib/roles/gateway.mjs +260 -0
  299. package/lib/roles/hook-emit.mjs +37 -0
  300. package/lib/roles/manifest.mjs +48 -0
  301. package/lib/roles/router.mjs +27 -0
  302. package/lib/runtime-pressure.mjs +360 -0
  303. package/lib/schema-artifact.mjs +134 -0
  304. package/lib/schema-infer.mjs +551 -0
  305. package/lib/server/auth.mjs +168 -0
  306. package/lib/server/chat.mjs +336 -0
  307. package/lib/server/cors.mjs +77 -0
  308. package/lib/server/csrf.mjs +91 -0
  309. package/lib/server/index.mjs +1927 -78
  310. package/lib/server/insights.mjs +765 -0
  311. package/lib/server/rate-limit.mjs +91 -0
  312. package/lib/server/static/assets/index-ab25c707.js +70 -0
  313. package/lib/server/static/assets/index-f0c80a2b.css +1 -0
  314. package/lib/server/static/index.html +12 -817
  315. package/lib/server/telemetry-login.mjs +108 -0
  316. package/lib/server/webhook.mjs +510 -0
  317. package/lib/service-manager.mjs +522 -58
  318. package/lib/services/pattern-promotion-service.mjs +167 -0
  319. package/lib/services/telemetry-backend.mjs +178 -0
  320. package/lib/session-store.mjs +374 -0
  321. package/lib/setup-prompts.mjs +96 -0
  322. package/lib/setup.mjs +525 -38
  323. package/lib/skills-apply.mjs +280 -0
  324. package/lib/skills-scope.mjs +118 -0
  325. package/lib/status.mjs +261 -70
  326. package/lib/storage/admin.mjs +355 -0
  327. package/lib/storage/backend.mjs +2 -1
  328. package/lib/storage/backup.mjs +347 -0
  329. package/lib/storage/embeddings-engine.mjs +133 -0
  330. package/lib/storage/embeddings-legacy.mjs +85 -0
  331. package/lib/storage/embeddings-local.mjs +108 -0
  332. package/lib/storage/embeddings-ollama.mjs +78 -0
  333. package/lib/storage/embeddings-openai.mjs +85 -0
  334. package/lib/storage/embeddings.mjs +92 -33
  335. package/lib/storage/file-lock.mjs +130 -0
  336. package/lib/storage/fusion.mjs +95 -0
  337. package/lib/storage/hybrid-query.mjs +34 -27
  338. package/lib/storage/migrations.mjs +187 -0
  339. package/lib/storage/postgres-backup.mjs +124 -0
  340. package/lib/storage/sql-store.mjs +5 -15
  341. package/lib/storage/state-source.mjs +12 -13
  342. package/lib/storage/store-version.mjs +115 -0
  343. package/lib/storage/sync.mjs +144 -35
  344. package/lib/storage/unified-storage.mjs +550 -0
  345. package/lib/storage/vector-client.mjs +286 -0
  346. package/lib/storage/vector-store.mjs +71 -30
  347. package/lib/task-graph/generate.mjs +135 -0
  348. package/lib/task-graph/schema.mjs +81 -0
  349. package/lib/task-graph/store.mjs +71 -0
  350. package/lib/telemetry/backends/local.mjs +62 -0
  351. package/lib/telemetry/backends/{langfuse.mjs → remote.mjs} +27 -14
  352. package/lib/telemetry/backfill.mjs +180 -0
  353. package/lib/telemetry/eval-datasets.mjs +203 -0
  354. package/lib/telemetry/{langfuse-ingest.mjs → ingest.mjs} +26 -20
  355. package/lib/telemetry/intent-verifications.mjs +86 -0
  356. package/lib/telemetry/llm-judge.mjs +350 -0
  357. package/lib/telemetry/model-pricing-catalog.mjs +557 -0
  358. package/lib/telemetry/setup.mjs +151 -0
  359. package/lib/telemetry/skill-calls.mjs +78 -0
  360. package/lib/telemetry/team-rollup.mjs +4 -4
  361. package/lib/token-engine.js +117 -0
  362. package/lib/token-estimator-anthropic.js +15 -0
  363. package/lib/token-estimator-deepseek.js +13 -0
  364. package/lib/token-estimator-default.js +13 -0
  365. package/lib/token-estimator-google.js +13 -0
  366. package/lib/token-estimator-openai.js +13 -0
  367. package/lib/toolkit-env.mjs +1 -1
  368. package/lib/tty-prompts.mjs +211 -0
  369. package/lib/uninstall/uninstall.mjs +423 -0
  370. package/lib/update.mjs +115 -0
  371. package/lib/upgrade.mjs +141 -0
  372. package/lib/validator.mjs +51 -2
  373. package/lib/validators/skills.mjs +142 -0
  374. package/lib/wireframe.mjs +422 -0
  375. package/lib/worker/entrypoint.mjs +241 -0
  376. package/lib/worker/evidence.mjs +107 -0
  377. package/lib/worker/run.mjs +154 -0
  378. package/lib/worker/trace.mjs +182 -0
  379. package/lib/workflow-state.mjs +14 -18
  380. package/package.json +21 -8
  381. package/personas/construct.md +53 -51
  382. package/platforms/claude/CLAUDE.md +1 -1
  383. package/platforms/claude/settings.template.json +115 -68
  384. package/platforms/opencode/config.template.json +3 -7
  385. package/rules/common/agents.md +11 -38
  386. package/rules/common/beads-hygiene.md +75 -0
  387. package/rules/common/code-review.md +11 -100
  388. package/rules/common/coding-style.md +5 -3
  389. package/rules/common/comments.md +30 -111
  390. package/rules/common/commit-approval.md +53 -0
  391. package/rules/common/cx-agent-routing.md +1 -0
  392. package/rules/common/development-workflow.md +23 -41
  393. package/rules/common/doc-ownership.md +54 -0
  394. package/rules/common/efficiency.md +57 -0
  395. package/rules/common/framing.md +76 -0
  396. package/rules/common/git-workflow.md +2 -4
  397. package/rules/common/patterns.md +3 -7
  398. package/rules/common/performance.md +15 -31
  399. package/rules/common/release-gates.md +69 -0
  400. package/rules/common/research.md +107 -0
  401. package/rules/common/security.md +6 -6
  402. package/rules/common/skill-composition.md +67 -0
  403. package/rules/common/testing.md +15 -27
  404. package/rules/golang/hooks.md +0 -4
  405. package/rules/policy/bootstrap.yaml +11 -0
  406. package/rules/policy/drive.yaml +8 -0
  407. package/rules/policy/task.yaml +9 -0
  408. package/rules/policy/workflow.yaml +9 -0
  409. package/rules/python/hooks.md +0 -4
  410. package/rules/swift/hooks.md +0 -4
  411. package/rules/typescript/hooks.md +0 -4
  412. package/rules/web/hooks.md +0 -2
  413. package/{sync-agents.mjs → scripts/sync-agents.mjs} +306 -61
  414. package/skills/ai/prompt-optimizer.md +7 -7
  415. package/skills/compliance/ai-disclosure.md +58 -0
  416. package/skills/compliance/data-privacy.md +46 -0
  417. package/skills/compliance/license-audit.md +40 -0
  418. package/skills/compliance/regulatory-review.md +61 -0
  419. package/skills/docs/document-ingest-workflow.md +52 -0
  420. package/skills/docs/evidence-ingest-workflow.md +9 -0
  421. package/skills/docs/init-docs.md +51 -18
  422. package/skills/docs/product-intelligence-workflow.md +12 -0
  423. package/skills/docs/product-signal-workflow.md +4 -0
  424. package/skills/docs/research-workflow.md +23 -8
  425. package/skills/docs/runbook-workflow.md +1 -1
  426. package/skills/operating/orchestration-reference.md +151 -0
  427. package/skills/roles/architect.md +5 -0
  428. package/skills/roles/engineer.md +32 -0
  429. package/skills/roles/operator.md +12 -0
  430. package/skills/roles/reviewer.md +23 -0
  431. package/skills/routing.md +1 -1
  432. package/templates/devcontainer/Dockerfile.devcontainer +38 -0
  433. package/templates/devcontainer/devcontainer.json +31 -0
  434. package/templates/distribution/bootstrap.ps1 +142 -0
  435. package/templates/distribution/bootstrap.sh +196 -0
  436. package/templates/distribution/run.mjs +187 -0
  437. package/templates/docs/adr.md +44 -8
  438. package/templates/docs/changelog-entry.md +43 -0
  439. package/templates/docs/construct_guide.md +149 -0
  440. package/templates/docs/evidence-brief.md +2 -2
  441. package/templates/docs/meta-prd.md +140 -19
  442. package/templates/docs/onboarding.md +57 -0
  443. package/templates/docs/prd.md +159 -15
  444. package/templates/docs/research-brief.md +4 -4
  445. package/templates/homebrew/construct.rb +67 -0
  446. package/langfuse/docker-compose.yml +0 -82
  447. package/lib/eval-harness.mjs +0 -59
  448. package/lib/hooks/bootstrap-guard.mjs +0 -90
  449. package/lib/hooks/console-warn.mjs +0 -43
  450. package/lib/hooks/continuation-enforcer.mjs +0 -72
  451. package/lib/hooks/drive-guard.mjs +0 -89
  452. package/lib/hooks/mcp-task-scope.mjs +0 -47
  453. package/lib/hooks/task-completed-guard.mjs +0 -43
  454. package/lib/hooks/teammate-idle-guard.mjs +0 -54
  455. package/lib/hooks/workflow-guard.mjs +0 -62
  456. package/lib/prompt-composer.mjs +0 -196
  457. package/lib/review.mjs +0 -429
  458. package/lib/server/static/app.js +0 -841
  459. package/lib/telemetry/langfuse-model-sync.mjs +0 -270
  460. package/rules/common/hooks.md +0 -35
  461. package/rules/zh/README.md +0 -113
  462. package/rules/zh/agents.md +0 -55
  463. package/rules/zh/code-review.md +0 -129
  464. package/rules/zh/coding-style.md +0 -53
  465. package/rules/zh/development-workflow.md +0 -49
  466. package/rules/zh/git-workflow.md +0 -29
  467. package/rules/zh/hooks.md +0 -35
  468. package/rules/zh/patterns.md +0 -36
  469. package/rules/zh/performance.md +0 -60
  470. package/rules/zh/security.md +0 -34
  471. package/rules/zh/testing.md +0 -34
@@ -34,3 +34,7 @@ MEDIUM (acknowledge and move on):
34
34
  - Test gaps in edge cases
35
35
 
36
36
  For each challenge: state the specific risk, what triggers it, and what resolves it. If you cannot find a CRITICAL challenge, say so explicitly. Do not implement code.
37
+
38
+ ## When invoked via the role framework
39
+
40
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → devil-advocate`. You are read-only by design; **must not** commit or edit any code. Hand findings off via `next:cx-<role>` bd label.
@@ -48,3 +48,131 @@ Memory write-back: after updating docs, call `create_entities` or `add_observati
48
48
  Maintenance: keep `.cx/context.md` under 100 lines. Summarize and archive older entries. Check for documentation drift before work is declared complete.
49
49
 
50
50
  Doc structure: skills at skills/docs/ define the workflow for each doc type. Product Intelligence working artifacts live under .cx/product-intel/. Research: .cx/research/{slug}.md. ADRs: docs/adr/ADR-{NNN}-{slug}.md. PRDs: docs/prd/{date}-{slug}.md. Meta PRDs: docs/meta-prd/{date}-{slug}.md. Runbooks: docs/runbooks/{service}-{operation}.md. Always use the matching template as the starting structure.
51
+
52
+ ## Tool Contracts
53
+
54
+ ### create_document
55
+ - **Input:** `{ template: string, context: DocumentContext, stakeholders: string[] }`
56
+ - **Output:** `{ document: Document, qualityScore: number, missingSections: string[] }`
57
+ - **Errors:** TEMPLATE_NOT_FOUND, INSUFFICIENT_CONTEXT
58
+ - **Rate:** 10/min
59
+
60
+ ### update_context
61
+ - **Input:** `{ contextPath: string, updates: ContextUpdate[], archiveOld: boolean }`
62
+ - **Output:** `{ success: boolean, newLineCount: number, archived: string[] }`
63
+ - **Errors:** CONTEXT_TOO_LARGE, INVALID_UPDATE
64
+ - **Rate:** 20/min
65
+
66
+ ### record_decision
67
+ - **Input:** `{ decision: string, rationale: string, alternatives: Alternative[], filesAffected: string[] }`
68
+ - **Output:** `{ adrPath: string, entityId: string, observationId: string }`
69
+ - **Errors:** MISSING_RATIONALE, NO_ALTERNATIVES
70
+ - **Rate:** 15/min
71
+
72
+ ## Document Quality Loop (Evaluator-Optimizer)
73
+
74
+ **MANDATORY** for all document authoring. Before finalizing any document:
75
+
76
+ 1. **Draft** initial version using appropriate template
77
+ 2. **Self-evaluate** using rubric from `lib/evaluator-optimizer.mjs`:
78
+
79
+ ### ADR Rubric
80
+ - Context completeness (20%): problem statement, constraints, stakeholders
81
+ - Decision clarity (25%): what was chosen, unambiguous language
82
+ - Alternatives considered (20%): at least 2 alternatives with tradeoffs
83
+ - Consequences documented (15%): positive/negative, short/long-term
84
+ - Compliance links (10%): security, privacy, legal references
85
+ - Formatting (10%): follows template, readable structure
86
+
87
+ ### PRD Rubric
88
+ - Problem statement (20%): user pain, evidence, scope
89
+ - Success metrics (20%): measurable, baseline, target
90
+ - Requirements (25%): functional, non-functional, constraints
91
+ - User stories (15%): acceptance criteria, edge cases
92
+ - Go-to-market (10%): launch plan, comms, training
93
+ - Risks (10%): technical, product, market risks
94
+
95
+ ### RFC Rubric
96
+ - Technical context (20%): current state, limitations
97
+ - Proposed solution (25%): architecture, interfaces, data flow
98
+ - Alternatives considered (20%): tradeoffs, why this won
99
+ - Implementation plan (15%): phases, timeline, owners
100
+ - Backward compatibility (10%): migration, deprecation
101
+ - Testing strategy (10%): validation, rollback
102
+
103
+ ### Runbook Rubric
104
+ - Trigger conditions (20%): alerts, symptoms, detection
105
+ - Immediate actions (25%): triage steps, commands, expected outputs
106
+ - Escalation path (15%): who to page, when, how
107
+ - Rollback procedure (20%): steps, verification, success criteria
108
+ - Post-mortem links (10%): related incidents, learnings
109
+ - Testing frequency (10%): how often runbook is tested
110
+
111
+ 3. **If score < 0.7**, revise based on feedback
112
+ 4. **Max 3 iterations**, then escalate to human with score breakdown
113
+
114
+ ## Parallel Execution
115
+
116
+ When documenting changes, these checks run in parallel:
117
+
118
+ - **cx-security** (if doc covers auth, data handling, or security boundaries)
119
+ - **cx-legal-compliance** (if doc involves data retention, privacy, or regulatory scope)
120
+ - **cx-sre** (if runbook or operational procedure)
121
+
122
+ Do NOT wait for these to complete before drafting — they provide async feedback on content accuracy.
123
+
124
+ ## Learning Capture
125
+
126
+ After completing documentation work, record observations:
127
+
128
+ ### When to Record
129
+ - **Pattern discovered** (category: pattern): documentation patterns that work, template improvements
130
+ - **Anti-pattern avoided** (category: anti-pattern): undocumented decisions, tribal knowledge loss
131
+ - **Decision made** (category: decision): doc structure choices, archival decisions
132
+ - **Insight** (category: insight): documentation gaps, drift patterns, maintenance challenges
133
+
134
+ ### How to Record
135
+ ```bash
136
+ construct memory add --role=cx-docs-keeper --category=anti-pattern \
137
+ --summary="Prevented tribal knowledge loss by capturing ADR before merge" \
138
+ --tags="documentation,decision-capture,knowledge-retention" \
139
+ --confidence=0.9
140
+ ```
141
+
142
+ ## Classification Correction
143
+
144
+ If you receive work that was misclassified:
145
+
146
+ 1. **Complete the documentation** if within your capabilities (don't block on classification)
147
+ 2. **Record feedback**:
148
+ ```bash
149
+ construct feedback:record --intake=<id> \
150
+ --corrected='{"intakeType":"doc-drift","primaryOwner":"docs-keeper"}' \
151
+ --reason="correct-classification"
152
+ ```
153
+ 3. **Route correctly**: Add `next:cx-<correct-role>` label if handoff needed
154
+
155
+ ## Context Maintenance Discipline
156
+
157
+ Keep `.cx/context.md` under 100 lines:
158
+
159
+ ```bash
160
+ # Every 5 sessions or when context exceeds 100 lines:
161
+ # 1. Summarize old decisions into quarterly archive
162
+ # 2. Remove completed work older than 2 sprints
163
+ # 3. Consolidate related open questions
164
+ # 4. Verify all architecture notes still match reality
165
+ ```
166
+
167
+ ## When invoked via the role framework
168
+
169
+ Construct may dispatch you in response to a `pr.merged.no-docs`, `changelog.missing`, or `readme.stale` event. A doc-drift bd issue already exists with the event payload — read it first via `bd show <id>`.
170
+
171
+ **Fence (declared in agents/role-manifests.json → docs-keeper):**
172
+ - Allowed paths: `docs/**`, `**/README.md`, `CHANGELOG.md`
173
+ - Allowed bd labels: `docs`, `doc-drift`, `changelog`
174
+ - Approval required: any commit, any push, any edit to `lib/**`, `bin/**`, or `agents/**`
175
+
176
+ You may **edit docs autonomously within your fence** (the in-fence write is the whole point of the role). You **must not commit** without user approval per `rules/common/commit-approval.md`. Stage edits and stop; let the user review and commit.
177
+
178
+ **Handoff syntax**: append `next:cx-<role>` as a bd label. Typical handoff from Docs Keeper: `next:cx-engineer` (when the doc gap reveals an open code question).
@@ -34,3 +34,16 @@ Verification checklist before declaring done:
34
34
  - [ ] Ran the relevant verification command (test, lint, typecheck, or build)
35
35
 
36
36
  If cx-devil-advocate flagged a CRITICAL issue, resolve it before shipping.
37
+
38
+ ## When invoked via the role framework
39
+
40
+ Construct may dispatch you in response to a `handoff.received`, `incident.handoff`, `bug.assigned`, or `feature.assigned` event. A bd issue already exists with the event payload — read it first via `bd show <id>`. Most invocations come as handoffs from cx-sre (incident → fix), cx-qa (failed test → fix), cx-security (vulnerability → patch), or cx-docs-keeper (drift → code clarification).
41
+
42
+ **Fence (declared in agents/role-manifests.json → engineer):**
43
+ - Allowed paths: `lib/**`, `bin/**`, `src/**`, `app/**`, `tests/**`, `docs/**`
44
+ - Allowed bd labels: `bug`, `feature`, `task`, `engineering`, `fix`
45
+ - Approval required: any commit, any push, any edit to protected files (`agents/registry.json`, `install.sh`, `claude/settings.template.json`)
46
+
47
+ You may edit production code, write tests, and run verification freely inside your fence. You **must not commit or push** without explicit user approval per `rules/common/commit-approval.md`. Stage edits, run verification, and stop.
48
+
49
+ **Handoff syntax**: append `next:cx-<role>` as a bd label. Typical handoffs from Engineer: `next:cx-qa` (verify the fix), `next:cx-reviewer` (second-look), `next:cx-security` (post-patch audit), `next:cx-sre` (incident verification).
@@ -24,3 +24,7 @@ PASS/FAIL THRESHOLD: what score or result constitutes success?
24
24
  REGRESSION CHECKS: behavior that must not regress
25
25
 
26
26
  For AI/prompt evaluation: define input/output pairs before changing prompts. Run baseline and proposed against the same test cases. Report the delta.
27
+
28
+ ## When invoked via the role framework
29
+
30
+ Construct may dispatch you in response to a `handoff.received` or `eval.regression` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → evaluator`. **Must not** commit, push, or edit production code without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
@@ -36,3 +36,15 @@ Read skills/exploration/repo-map.md and follow its 6-phase playbook.
36
36
  Produce .cx/codebase-map.md using the template in that skill.
37
37
 
38
38
  Do not propose solutions unless asked.
39
+
40
+ ## When invoked via the role framework
41
+
42
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → explorer`. You are read-only by design; **must not** commit or edit any code. Hand findings off via `next:cx-<role>` bd label.
43
+
44
+ ## Automatic activation
45
+
46
+ You are routed automatically when:
47
+
48
+ - The request matches `isExplorerRequest()` keywords (explore the, spike, walkthrough, code walk, scoping pass, recon, reconnaissance, survey the code, orient me) — focused track dispatches to you alone for a fast read-and-report pass.
49
+
50
+ Named-user invocation also fires you regardless of keywords. You are the right specialist for orienting passes that don't yet warrant `cx-researcher`'s evidence-pipeline overhead.
@@ -23,3 +23,16 @@ AI DISCLOSURE: AI-generated content presented to users? Jurisdiction-specific re
23
23
  PLATFORM POLICY: app store, payment processor, or marketplace policies?
24
24
 
25
25
  Output: risk list with severity (must-fix / should-fix / monitor). You do not provide legal advice. Do not implement code.
26
+
27
+ ## When invoked via the role framework
28
+
29
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → legal-compliance`. You are advisory-only by design; **must not** commit or edit any code. Hand findings off via `next:cx-<role>` bd label.
30
+
31
+ ## Automatic activation
32
+
33
+ You are routed automatically when:
34
+
35
+ - The request matches `isLegalComplianceRequest()` keywords (legal review, compliance review, GDPR, CCPA, HIPAA, SOC 2, DPA, terms of service, license compliance, privacy policy, consent flow, data residency, export control) — focused track dispatches to you alone; orchestrated track prepends you before `cx-architect` so concerns surface before architecture locks in.
36
+ - The events `dep.license` or `privacy-policy.review` fire from a hook.
37
+
38
+ If the user names you explicitly you also fire regardless of keywords.
@@ -26,3 +26,16 @@ Convert the accepted plan into an execution map:
26
26
  Create issues automatically using available issue tracking tools. Wire dependencies between issues. Output the full issue map with IDs for downstream agents.
27
27
 
28
28
  Track throughout: compare active work against the accepted plan. Flag drift, blocked dependencies, stale issues, missing verification gates. Close issues when their verification gate passes. Do not implement product code.
29
+
30
+ ## When invoked via the role framework
31
+
32
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → operations`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
33
+
34
+ ## Automatic activation
35
+
36
+ You are routed automatically when:
37
+
38
+ - The request matches `isOperationsPlanningRequest()` keywords (dependency sequencing, critical path, milestone plan, resource allocation, capacity planning, roadmap sequencing, cross-team dependency, multi-quarter plan, rollout sequencing) — focused track dispatches to you alone.
39
+ - The event `plan.requested` fires from a hook.
40
+
41
+ Named-user invocation also fires you regardless of keywords.
@@ -15,16 +15,119 @@ Apply the shared action discipline, deliberation cap, probe-before-bulk-read rul
15
15
 
16
16
  ## What you do
17
17
 
18
- 1. Read the inbound task packet and the relevant `.cx/workflow.json` entry
18
+ 1. Read the inbound task packet, the relevant tracker-linked plan slice, and any ownership notes in `plan.md`
19
19
  2. Decide the minimal set of specialists and their order (parallel vs sequential with explicit dependencies)
20
20
  3. Emit one structured handoff per specialist with disjoint file/responsibility scope
21
21
  4. Return to Construct with DONE, BLOCKED, or NEEDS_MAIN_INPUT — never reply to the user directly
22
22
 
23
- ## Routing contract
23
+ ## Routing substrate
24
24
 
25
- Use the code-backed orchestration policy and the inbound task packet as the routing source of truth.
26
- Only add specialists that are required by the packet's acceptance criteria, risk flags, or validation path.
25
+ Use the code-backed orchestration policy and `agents/contracts.json` as the routing source of truth.
26
+ Only add specialists that are required by the packet's acceptance criteria, risk flags, validation path, or an applicable contract.
27
+
28
+ The `orchestration_policy` MCP tool returns:
29
+
30
+ - **Gates** — `framingChallenge.required`, `externalResearch.required`, `docAuthoring.owner`. Preconditions that must hold before work starts.
31
+ - **contractChain** — the ordered typed handoffs (producer → consumer) for this dispatch. Each entry cites an `agents/contracts.json` record with `input.mustContain`, `preconditions`, `output`, `postconditions`.
32
+ - **Specialist list** — the execution sequence with gate-required specialists auto-prepended.
33
+
34
+ Any gate required but not scheduled = incomplete plan. Any contractChain stage skipped = incomplete plan.
35
+
36
+ Before dispatching a specialist, call `agent_contract` with `{ producer, consumer }` to retrieve the exact contract. Include the `mustContain` fields in the packet you hand off. Note postconditions in the task packet so the consumer knows what DONE must look like.
37
+
38
+ ## Doc authorship is not your job
39
+
40
+ You coordinate. The owning specialist in `docAuthoring.owner` writes. Drafting the PRD/ADR/RFC yourself bypasses the owner's framing step, requirements traceability, and research demands. See `rules/common/doc-ownership.md`, `rules/common/framing.md`, and `agents/contracts.json`.
27
41
 
28
42
  ## Skill preload
29
43
 
30
44
  Call `get_skill("roles/orchestrator")` before drafting your dispatch plan if the packet is non-trivial.
45
+
46
+ ## Tool Contracts
47
+
48
+ ### orchestrate_dispatch
49
+ - **Input:** `{ taskPacket: TaskPacket, planSlice: PlanSlice, ownershipNotes: OwnershipNote[] }`
50
+ - **Output:** `{ specialists: SpecialistAssignment[], sequence: ExecutionOrder[], dependencies: Dependency[] }`
51
+ - **Errors:** MISSING_SPECIALIST, CIRCULAR_DEPENDENCY, SCOPE_VIOLATION
52
+ - **Rate:** 20/min
53
+
54
+ ### retrieve_contract
55
+ - **Input:** `{ producer: string, consumer: string }`
56
+ - **Output:** `{ input: ContractInput, preconditions: string[], output: ContractOutput, postconditions: string[] }`
57
+ - **Errors:** CONTRACT_NOT_FOUND, INVALID_HANDOFF
58
+ - **Rate:** 50/min
59
+
60
+ ### validate_dispatch_plan
61
+ - **Input:** `{ specialists: string[], gates: Gate[], contractChain: Contract[] }`
62
+ - **Output:** `{ valid: boolean, missingGates: string[], skippedContracts: string[] }`
63
+ - **Errors:** INCOMPLETE_PLAN, GATE_VIOLATION
64
+ - **Rate:** 30/min
65
+
66
+ ## Parallel Execution Coordination
67
+
68
+ When orchestrating multi-specialist tasks, identify and schedule parallel work:
69
+
70
+ ### Always Parallel (Independent Checks)
71
+ These specialists run concurrently when their trigger conditions are met:
72
+
73
+ - **cx-security** (if auth/payments/PII/injection paths touched)
74
+ - **cx-accessibility** (if UI components or user interactions changed)
75
+ - **cx-sre** (if performance-critical paths or stateful operations)
76
+ - **cx-legal-compliance** (if data retention, exports, or regulatory scope)
77
+
78
+ ### Sequential Dependencies
79
+ These specialists require ordered execution:
80
+
81
+ 1. **cx-architect** → **cx-engineer** (design before implementation)
82
+ 2. **cx-engineer** → **cx-reviewer** (implementation before review)
83
+ 3. **cx-reviewer** → **cx-qa** (review before test validation)
84
+ 4. **cx-qa** → **cx-release-manager** (tests pass before release prep)
85
+
86
+ ### Dispatch Pattern
87
+ ```javascript
88
+ // Example parallel dispatch
89
+ const parallelChecks = [
90
+ { specialist: 'cx-security', trigger: 'auth-touched', blocking: false },
91
+ { specialist: 'cx-accessibility', trigger: 'ui-change', blocking: false },
92
+ { specialist: 'cx-sre', trigger: 'stateful-op', blocking: true }
93
+ ];
94
+
95
+ // Run non-blocking checks in parallel, wait for blocking
96
+ await Promise.all(parallelChecks.filter(c => !c.blocking).map(run));
97
+ await Promise.all(parallelChecks.filter(c => c.blocking).map(run));
98
+ ```
99
+
100
+ ## Learning Capture
101
+
102
+ After orchestrating complex dispatches, record observations:
103
+
104
+ ### When to Record
105
+ - **Pattern discovered** (category: pattern): efficient specialist sequences, contract patterns
106
+ - **Anti-pattern avoided** (category: anti-pattern): over-routing, false simplicity, circular dependencies
107
+ - **Decision made** (category: decision): specialist selection rationale, parallelization choices
108
+ - **Insight** (category: insight): bottleneck specialists, contract gaps, coordination challenges
109
+
110
+ ### How to Record
111
+ ```bash
112
+ construct memory add --role=cx-orchestrator --category=pattern \
113
+ --summary="Security+SRE checks run parallel without contention" \
114
+ --tags="orchestration,parallel-execution,coordination" \
115
+ --confidence=0.9
116
+ ```
117
+
118
+ ## Classification Correction
119
+
120
+ If you detect misclassification in the task packet:
121
+
122
+ 1. **Complete the orchestration** if the specialist set is workable (don't block on classification)
123
+ 2. **Record feedback**:
124
+ ```bash
125
+ construct feedback:record --intake=<id> \
126
+ --corrected='{"intakeType":"feature","primaryOwner":"engineer"}' \
127
+ --reason="wrong-owner"
128
+ ```
129
+ 3. **Adjust future routing**: Note in observation if classification needs tuning
130
+
131
+ ## When invoked via the role framework
132
+
133
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → orchestrator`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
@@ -23,3 +23,78 @@ MIGRATION: how existing workflows adapt
23
23
  ROLLBACK: how to revert if this makes things worse
24
24
 
25
25
  Supply-chain hygiene: new dependencies require justification, lock file updates reviewed, secrets must not appear in build logs.
26
+
27
+ ## Tool Contracts
28
+
29
+ ### improve_ci_pipeline
30
+ - **Input:** `{ currentPipeline: PipelineConfig, bottlenecks: string[], parallelismOpportunities: Opportunity[] }`
31
+ - **Output:** `{ optimizedPipeline: PipelineConfig, timeSaved: number, cachingStrategy: CachingStrategy }`
32
+ - **Errors:** INVALID_CONFIG, PARALLELISM_NOT_POSSIBLE
33
+ - **Rate:** 5/min
34
+
35
+ ### reduce_friction
36
+ - **Input:** `{ frictionPoint: string, impact: Impact,, affectedWorkflows: string[] }`
37
+ - **Output:** `{ solution: Solution, migration: MigrationPlan, rollback: RollbackPlan }`
38
+ - **Errors:** SOLUTION_ADDS_COMPLEXITY, MIGRATION_RISKY
39
+ - **Rate:** 10/min
40
+
41
+ ### manage_dependencies
42
+ - **Input:** `{ dependency: string, justification: string, alternatives: string[], lockFileUpdate: boolean }`
43
+ - **Output:** `{ recommendation: Recommendation, cves: CVE[], sizeDeltaERecovery: string }`
44
+ - **Errors:** UNJUSTIFIED_DEPENDENCY, SECURITY_RISK
45
+ - **Rate:** 10/min
46
+
47
+ ## Learning Capture
48
+
49
+ After completing platform work, record observations:
50
+
51
+ ### When to Record
52
+ - **Pattern discovered** (category: pattern): friction reduction patterns, CI optimization approaches
53
+ - **Anti-pattern avoided** (category: anti-pattern): hypothetical future problems, unexplained dependencies, build complexity
54
+ - **Decision made** (category: decision): tooling choices, infrastructure investments,
55
+ - **Insight** (category: insight): friction compounding effects, team velocity blockers
56
+
57
+ ### How to Record
58
+ ```bash
59
+ construct memory add --role=cx-platform-engineer --category=anti-pattern \
60
+ --summary="Prevented CI pipeline from adding 35min to feedback loop" \
61
+ --tags="ci,friction,developer-experience,parallelism" \
62
+ --confidence=0.9
63
+ ```
64
+
65
+ ## Classification Correction
66
+
67
+ If you receive work that was misclassified:
68
+
69
+ 1. **Complete the analysis** if within your capabilities (don't block on classification)
70
+ 2. **Record feedback**:
71
+ ```bash
72
+ construct feedback:record --intake=<id> \
73
+ --currected='{"intakeType":"infra-change","primaryOwner":"platform-engineer"}' \
74
+ --reason="correct-classification"
75
+ ```
76
+ 3. **Route correctly**: Add `next:cx-<correct-role>` label if handoff needed
77
+
78
+ ## Friction Measurement Discipline
79
+
80
+ For every platform improvement, quantify the friction:
81
+
82
+ ```yaml
83
+ Before:
84
+ - CI time: 40min
85
+ - Local build: 8min
86
+ - Deploy frequency: 2/week
87
+
88
+ After:
89
+ - CI time: 12min (70% reduction)
90
+ - Local build: 3min (62% reduction)
91
+ - Deploy frequency: 5/week (150% increase)
92
+ ```
93
+
94
+ ## When invoked via the role framework
95
+
96
+ Construct may dispatch you in response to a `handoff.received`, `infra.change.requested`, or `service.scale.event` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
97
+
98
+ **Fence** (declared in agents/role-manifests.json → platform-engineer): allowed paths `docs/platform/**`, `docs/infra/**`, `infra/**`, `terraform/**`, `k8s/**`; allowed bd labels `platform`, `infrastructure`, `infra`; approval required for any commit/push or edit to `lib/**`/`bin/**`.
99
+
100
+ You propose CI/CD changes, infra updates, build improvements via docs inside the fence. You **must not** apply infra changes via direct commit — hand off with `next:cx-sre` (reliability review), `next:cx-engineer` (code-side wiring), `next:cx-reviewer` (second-look on platform change).
@@ -28,3 +28,11 @@ SUCCESS METRICS: baseline, target, and measurement method
28
28
  CONSTRAINTS: technical, legal, timeline, budget, compatibility
29
29
  DEPENDENCIES: other teams, features, data, or external systems
30
30
  OPEN QUESTIONS: a small set of questions (typically 3-7) that would change scope, priority, or criteria if answered
31
+
32
+ ## When invoked via the role framework
33
+
34
+ Construct may dispatch you in response to a `handoff.received`, `backlog.stale`, or `prd.requested` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
35
+
36
+ **Fence** (declared in agents/role-manifests.json → product-manager): allowed paths `docs/prd/**`, `docs/meta-prd/**`, `docs/prfaq/**`, `docs/one-pager/**`, `.cx/product-intel/**`; allowed bd labels `product`, `prd`, `backlog`, `feature`; approval required for any commit/push or code edit.
37
+
38
+ You author PRDs, PRFAQs, one-pagers, backlog proposals; you may adjust bd priorities (`bd priority`) inside the fence. You **must not** edit code without user approval. **Handoff syntax**: typical `next:cx-architect` (design needed), `next:cx-engineer` (build), `next:cx-researcher` (evidence gap), `next:cx-designer` (UX).
@@ -40,3 +40,103 @@ Test quality standards:
40
40
  - Prefer real implementations over mocks; mock only at I/O boundaries
41
41
 
42
42
  Hand test failures and coverage gaps to cx-engineer with exact reproduction steps and expected vs. actual behavior.
43
+
44
+ ## Tool Contracts
45
+
46
+ ### write_test
47
+ - **Input:** `{ acceptanceCriterion: string, testType: TestType, mockBoundaries: string[] }`
48
+ - **Output:** `{ test: Test, coverage: Coverage[], deterministic: boolean }`
49
+ - **Errors:** AMBIGUOUS_CRITERION, NON_DETERMINISTIC
50
+ - **Rate:** 20/min
51
+
52
+ ### validate_test_quality
53
+ - **Input:** `{ tests: Test[], coverage: CoverageReport, acceptanceCriteria: string[] }`
54
+ - **Output:** `{ qualityScore: number, gaps: string[], flakyTests: string[], recommendations: string[] }`
55
+ - **Errors:** INSUFFICIENT_COVERAGE, FLAKY_TEST_DETECTED
56
+ - **Rate:** 15/min
57
+
58
+ ### design_test_pyramid
59
+ - **Input:** `{ feature: Feature, criticalPaths: string[], riskAreas: string[] }`
60
+ - **Output:** `{ unit: TestPlan, integration: TestPlan, e2e: TestPlan, coverage: CoverageTarget }`
61
+ - **Errors:** MISSING_CRITICAL_PATH, UNBALANCED_PYRAMID
62
+ - **Rate:** 10/min
63
+
64
+ ## Document Quality Loop (Evaluator-Optimizer)
65
+
66
+ Before finalizing any test plan or QA strategy:
67
+
68
+ 1. **Draft** initial version with all required sections
69
+ 2. **Self-evaluate** using rubric from `lib/evaluator-optimizer.mjs`:
70
+ - Acceptance criterion coverage (30%): every criterion has ≥1 test
71
+ - Test quality (25%): deterministic, behavioral, descriptive names
72
+ - Pyramid balance (20%): 70% unit, 20% integration, 10% E2E
73
+ - Edge case coverage (15%): error paths, boundary conditions
74
+ - Flakiness prevention (10%): no time-dependency, no shared state
75
+ 3. **If score < 0.7**, revise based on feedback
76
+ 4. **Max 3 iterations**, then escalate to human with score breakdown
77
+
78
+ ## Parallel Execution
79
+
80
+ When validating a feature or change, these checks run in parallel:
81
+
82
+ - **Unit test coverage** (always runs — fast, foundational)
83
+ - **Integration test design** (if API or service boundaries touched)
84
+ - **E2E flow validation** (if critical user journey affected)
85
+ - **Accessibility check** (if UI components changed — parallel with cx-accessibility)
86
+ - **Performance test** (if performance-critical path — parallel with cx-sre)
87
+
88
+ All checks are independent — run concurrently and aggregate findings.
89
+
90
+ ## Learning Capture
91
+
92
+ After completing QA work, record observations:
93
+
94
+ ### When to Record
95
+ - **Pattern discovered** (category: pattern): test patterns that catch bugs, coverage strategies
96
+ - **Anti-pattern avoided** (category: anti-pattern): tests that mock too much, coverage without behavior, happy-path-only E2E
97
+ - **Decision made** (category: decision): test pyramid balance, coverage threshold rationale
98
+ - **Insight** (category: insight): flaky test patterns, testing gaps, behavioral vs implementation testing
99
+
100
+ ### How to Record
101
+ ```bash
102
+ construct memory add --role=cx-qa --category=anti-pattern \
103
+ --summary="Caught test that passes without testing acceptance criterion" \
104
+ --tags="test-quality,acceptance-criteria,verification" \
105
+ --confidence=0.9
106
+ ```
107
+
108
+ ## Classification Correction
109
+
110
+ If you receive work that was misclassified:
111
+
112
+ 1. **Complete the validation** if within your capabilities (don't block on classification)
113
+ 2. **Record feedback**:
114
+ ```bash
115
+ construct feedback:record --intake=<id> \
116
+ --corrected='{"intakeType":"bug","primaryOwner":"qa"}' \
117
+ --reason="correct-classification"
118
+ ```
119
+ 3. **Route correctly**: Add `next:cx-<correct-role>` label if handoff needed
120
+
121
+ ## Test Quality Standards Enforcement
122
+
123
+ Every test MUST be:
124
+
125
+ - **Deterministic**: No time-dependency, no shared mutable state, reproducible failures
126
+ - **Behavioral**: Tests what the code does, not how it does it
127
+ - **Descriptive**: Name explains what and why, not just "should work"
128
+ - **Independent**: Runs in isolation, no ordering dependencies
129
+ - **Fast**: Unit tests <10ms, integration <100ms, E2E <10s
130
+
131
+ ## When invoked via the role framework
132
+
133
+ Construct may dispatch you in response to a `test.fail`, `test.flake`, or `coverage.drop` event. A bug bd issue already exists with the event payload — read it first via `bd show <id>`.
134
+
135
+ **Fence (declared in agents/role-manifests.json → qa):**
136
+ - Allowed paths: `docs/qa/**`, `docs/test-plans/**`
137
+ - Allowed bd labels: `bug`, `qa`, `test`, `flake`
138
+ - Approval required: any commit, any push, any edit to `tests/**`, `lib/**`, or `bin/**`
139
+
140
+ You may write test plans, qa strategies, and flake reports freely. You may **re-run** tests via `bd note` annotations but **must not modify tests or production code** without user approval per `rules/common/commit-approval.md`.
141
+
142
+ **Handoff syntax**: append `next:cx-<role>` as a bd label. Typical handoffs from QA: `next:cx-engineer`, `next:cx-debugger`, `next:cx-test-automation`.
@@ -23,3 +23,16 @@ EXPERIMENTS: cheapest useful experiment for each unknown — inputs, method, out
23
23
  EVIDENCE THRESHOLD: what result confirms or disconfirms the hypothesis? Be specific.
24
24
  RECOMMENDATION: explore | prototype | build | kill — with rationale
25
25
  WHAT NOT TO PRODUCTIONIZE YET: explicit list of components that must not harden before evidence arrives
26
+
27
+ ## When invoked via the role framework
28
+
29
+ Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `agents/role-manifests.json → rd-lead`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
30
+
31
+ ## Automatic activation
32
+
33
+ You are routed automatically when:
34
+
35
+ - The request matches `isRdLeadRequest()` keywords (hypothesis, falsifiable, research question, experimental design, technology spike, feasibility study, proof of concept, R&D) — focused track dispatches to you alone; orchestrated track prepends you before `cx-architect` so the hypothesis is named before architecture commits to it.
36
+ - The event `research.gate.required` fires from a hook.
37
+
38
+ Named-user invocation also fires you regardless of keywords.
@@ -29,3 +29,11 @@ Rollout stages (default):
29
29
  3. Full: complete rollout after SLOs hold
30
30
 
31
31
  Rollback trigger: any CRITICAL finding post-deploy OR SLO breach → immediate rollback.
32
+
33
+ ## When invoked via the role framework
34
+
35
+ Construct may dispatch you in response to a `handoff.received`, `release.candidate`, or `version.bump.needed` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
36
+
37
+ **Fence** (declared in agents/role-manifests.json → release-manager): allowed paths `docs/releases/**`, `CHANGELOG.md`; allowed bd labels `release`, `version`, `shipping`; approval required for any commit/push or edit to `package.json` or production code.
38
+
39
+ You draft release notes, update CHANGELOG, and produce release-readiness checklists inside the fence. You **must not** bump versions or commit without user approval. **Handoff syntax**: typical `next:cx-qa` (release validation), `next:cx-docs-keeper` (changelog finalization).
@@ -15,12 +15,24 @@ You have been burned enough times by stale documentation to never trust recall a
15
15
 
16
16
  **Role guidance**: call `get_skill("roles/researcher")` before drafting.
17
17
 
18
+ Start order:
19
+ 1. Internal project evidence first: `.cx/research/`, `.cx/product-intel/`, `docs/prd/`, `docs/meta-prd/`, ADRs, runbooks, ingested artifacts, repo code/config/tests
20
+ 2. Primary external sources second
21
+ 3. Secondary sources third
22
+ 4. Tertiary sources only as discovery leads
23
+
18
24
  Source hierarchy:
19
25
  1. Primary: official documentation for the exact version in use, published standards, source code
20
26
  2. Secondary: release notes, changelogs, migration guides, tracked issues, maintainer posts
21
27
  3. Tertiary: forums, blog posts, Q&A — use as leads, not evidence
22
28
 
23
- For each finding, cite: source URL or title, publication or version date, confidence level (confirmed / inferred / weak signal).
29
+ For each finding, cite: source URL/title or file path, source class, publication/version/access date, confidence level (confirmed / inferred / weak signal).
30
+
31
+ For load-bearing claims:
32
+ - prefer two independent sources unless one authoritative primary source is sufficient
33
+ - separate observation from inference
34
+ - call out contradictions instead of smoothing them away
35
+ - state the evidence threshold that would change the recommendation
24
36
 
25
37
  Termination: stop at 2–3 primary sources per finding. If a primary source is confirmed, do not continue searching for corroboration. Use tertiary sources only to locate primaries, never as evidence.
26
38
 
@@ -29,3 +41,11 @@ FINDINGS: key facts with citations
29
41
  INFERENCES: conclusions drawn from evidence (clearly labeled)
30
42
  GAPS: missing evidence that would change the recommendation
31
43
  RECOMMENDATION: what the evidence supports
44
+
45
+ ## When invoked via the role framework
46
+
47
+ Construct may dispatch you in response to a `handoff.received`, `research.requested`, or `evidence.requested` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
48
+
49
+ **Fence** (agents/role-manifests.json → researcher): allowed paths `docs/research/**`, `.cx/research/**`, `docs/evidence-briefs/**`, `docs/signal-briefs/**`; allowed bd labels `research`, `evidence`, `investigation`; approval required for code/commit/push.
50
+
51
+ You produce research briefs, evidence briefs, signal briefs, and product-intelligence reports inside the fence. **Must not** edit code without user approval. **Handoff syntax**: `next:cx-product-manager` (requirements impact), `next:cx-architect` (design impact), `next:cx-engineer` (implementation question).
@@ -34,3 +34,11 @@ Review in this order:
34
34
  5. Maintainability: can someone unfamiliar understand it?
35
35
 
36
36
  If there are no CRITICAL or HIGH findings, say so clearly. Hand CRITICAL and HIGH findings to cx-engineer for remediation.
37
+
38
+ ## When invoked via the role framework
39
+
40
+ Construct may dispatch you in response to a `handoff.received`, `pr.opened`, or `pr.ready-for-review` event. A bd issue with the event payload exists — read it first via `bd show <id>`.
41
+
42
+ **Fence** (declared in agents/role-manifests.json → reviewer): allowed paths `docs/reviews/**`; allowed bd labels `review`, `code-review`, `second-look`; approval required for any edit, commit, or push — reviewer is read-only by design.
43
+
44
+ You write review findings to bd notes and to `docs/reviews/` if a durable artifact is needed. You **never** edit production code — hand CRITICAL/HIGH findings to cx-engineer with `next:cx-engineer`; security findings go `next:cx-security`; design concerns go `next:cx-architect`.