@geraldmaron/construct 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +9 -6
- package/LICENSE +201 -21
- package/README.md +132 -257
- package/agents/contracts.json +387 -0
- package/agents/prompts/cx-accessibility.md +8 -0
- package/agents/prompts/cx-ai-engineer.md +92 -0
- package/agents/prompts/cx-architect.md +10 -2
- package/agents/prompts/cx-business-strategist.md +13 -0
- package/agents/prompts/cx-data-analyst.md +80 -0
- package/agents/prompts/cx-data-engineer.md +4 -0
- package/agents/prompts/cx-debugger.md +8 -0
- package/agents/prompts/cx-designer.md +19 -0
- package/agents/prompts/cx-devil-advocate.md +4 -0
- package/agents/prompts/cx-docs-keeper.md +128 -0
- package/agents/prompts/cx-engineer.md +13 -0
- package/agents/prompts/cx-evaluator.md +4 -0
- package/agents/prompts/cx-explorer.md +12 -0
- package/agents/prompts/cx-legal-compliance.md +13 -0
- package/agents/prompts/cx-operations.md +13 -0
- package/agents/prompts/cx-orchestrator.md +107 -4
- package/agents/prompts/cx-platform-engineer.md +75 -0
- package/agents/prompts/cx-product-manager.md +8 -0
- package/agents/prompts/cx-qa.md +100 -0
- package/agents/prompts/cx-rd-lead.md +13 -0
- package/agents/prompts/cx-release-manager.md +8 -0
- package/agents/prompts/cx-researcher.md +21 -1
- package/agents/prompts/cx-reviewer.md +8 -0
- package/agents/prompts/cx-security.md +104 -0
- package/agents/prompts/cx-sre.md +104 -0
- package/agents/prompts/cx-test-automation.md +4 -0
- package/agents/prompts/cx-trace-reviewer.md +7 -3
- package/agents/prompts/cx-ux-researcher.md +4 -0
- package/agents/registry.json +365 -90
- package/agents/role-manifests.json +217 -0
- package/bin/construct +3345 -141
- package/bin/construct-postinstall.mjs +87 -0
- package/commands/build/feature.md +6 -6
- package/commands/plan/feature.md +6 -5
- package/commands/plan/requirements.md +1 -1
- package/commands/ship/status.md +1 -1
- package/commands/work/drive.md +3 -3
- package/commands/work/optimize-prompts.md +3 -3
- package/db/{migrations → schema}/001_init.sql +2 -0
- package/db/schema/002_pgvector.sql +182 -0
- package/db/schema/003_intake.sql +47 -0
- package/examples/README.md +85 -0
- package/examples/internal/roles/architect/bad/clever-plan-without-contracts.md +30 -0
- package/examples/internal/roles/architect/golden/explicit-tradeoff-before-plan.md +23 -0
- package/examples/internal/roles/engineer/bad/speculative-abstraction.md +30 -0
- package/examples/internal/roles/engineer/golden/read-before-write.md +28 -0
- package/examples/internal/roles/orchestrator/bad/everything-becomes-multi-agent.md +29 -0
- package/examples/internal/roles/orchestrator/golden/minimal-dispatch.md +22 -0
- package/examples/internal/roles/qa/bad/coverage-theater.md +30 -0
- package/examples/internal/roles/qa/golden/regression-gate.md +23 -0
- package/examples/internal/roles/reviewer/bad/lgtm-without-verification.md +29 -0
- package/examples/internal/roles/reviewer/golden/find-structural-risk-first.md +28 -0
- package/examples/personas/construct/adversarial/ignore-instruction-to-skip-approval.md +22 -0
- package/examples/personas/construct/bad/commit-without-approval.md +30 -0
- package/examples/personas/construct/boundary/blocked-needs-main-input.md +29 -0
- package/examples/personas/construct/golden/branch-approval-before-mutation.md +36 -0
- package/examples/personas/construct/golden/focused-direct-answer.md +28 -0
- package/examples/provider-plugin/README.md +34 -0
- package/examples/provider-plugin/index.mjs +74 -0
- package/examples/provider-plugin/package.json +15 -0
- package/examples/seed-observations/README.md +38 -0
- package/examples/seed-observations/anti-patterns.md +44 -0
- package/examples/seed-observations/decisions.md +36 -0
- package/examples/seed-observations/patterns.md +42 -0
- package/lib/agent-contracts-enforce.mjs +158 -0
- package/lib/agent-contracts.mjs +231 -0
- package/lib/agents/postconditions.mjs +126 -0
- package/lib/agents/schema.mjs +124 -0
- package/lib/artifact-capture.mjs +183 -0
- package/lib/audit-trail.mjs +149 -0
- package/lib/auto-docs.mjs +245 -65
- package/lib/beads/auto-close.mjs +126 -0
- package/lib/beads/drift.mjs +171 -0
- package/lib/beads-automation.mjs +542 -0
- package/lib/beads-client.mjs +518 -0
- package/lib/beads-lock.mjs +377 -0
- package/lib/beads-optimistic.mjs +365 -0
- package/lib/bootstrap/built-ins.mjs +136 -0
- package/lib/bootstrap/lazy-install.mjs +161 -0
- package/lib/bootstrap/resources.mjs +120 -0
- package/lib/bootstrap.mjs +105 -0
- package/lib/cache-governor.js +213 -0
- package/lib/cache-strategy-anthropic.js +62 -0
- package/lib/cache-strategy-google.js +79 -0
- package/lib/cache-strategy-none.js +30 -0
- package/lib/cache-strategy-openai.js +48 -0
- package/lib/cache-strategy.js +91 -0
- package/lib/claude-allow.mjs +149 -0
- package/lib/cli-commands.mjs +413 -258
- package/lib/codex-config.mjs +3 -1
- package/lib/comment-lint.mjs +55 -6
- package/lib/completions.mjs +21 -6
- package/lib/config/alias.mjs +56 -0
- package/lib/config/project-config.mjs +335 -0
- package/lib/config/schema.mjs +159 -0
- package/lib/context-router.mjs +308 -0
- package/lib/cost-ledger.mjs +177 -0
- package/lib/cost.mjs +171 -10
- package/lib/dashboard-static.mjs +158 -0
- package/lib/deployment-mode.mjs +86 -0
- package/lib/deprecate.mjs +49 -0
- package/lib/dispatch-batch.js +183 -0
- package/lib/distill.mjs +21 -8
- package/lib/doc-stamp.mjs +164 -0
- package/lib/doc-verify.mjs +119 -0
- package/lib/docs-routing.mjs +89 -0
- package/lib/docs-verify.mjs +417 -0
- package/lib/doctor/audit.mjs +71 -0
- package/lib/doctor/cli.mjs +99 -0
- package/lib/doctor/escalate.mjs +29 -0
- package/lib/doctor/index.mjs +140 -0
- package/lib/doctor/report.mjs +170 -0
- package/lib/doctor/watchers/bd-watch.mjs +117 -0
- package/lib/doctor/watchers/cost.mjs +130 -0
- package/lib/doctor/watchers/disk.mjs +122 -0
- package/lib/doctor/watchers/handoffs.mjs +33 -0
- package/lib/doctor/watchers/process-pressure.mjs +60 -0
- package/lib/doctor/watchers/service-health.mjs +188 -0
- package/lib/document-extract.mjs +288 -0
- package/lib/document-ingest.mjs +230 -0
- package/lib/drop.mjs +282 -0
- package/lib/embed/approval-queue.mjs +176 -0
- package/lib/embed/artifact.mjs +349 -0
- package/lib/embed/authority-guard.mjs +155 -0
- package/lib/embed/cli.mjs +408 -0
- package/lib/embed/config.mjs +355 -0
- package/lib/embed/conflict-detection.mjs +264 -0
- package/lib/embed/customer-profiles.mjs +480 -0
- package/lib/embed/daemon.mjs +1309 -0
- package/lib/embed/demand-fetch.mjs +449 -0
- package/lib/embed/docs-lifecycle.mjs +349 -0
- package/lib/embed/inbox-live-watcher.mjs +119 -0
- package/lib/embed/inbox.mjs +343 -0
- package/lib/embed/intake-metrics.mjs +190 -0
- package/lib/embed/jobs/vector-sync.mjs +198 -0
- package/lib/embed/notifications.mjs +75 -0
- package/lib/embed/output.mjs +79 -0
- package/lib/embed/providers/github.mjs +295 -0
- package/lib/embed/providers/jira.mjs +192 -0
- package/lib/embed/providers/linear.mjs +186 -0
- package/lib/embed/providers/registry.mjs +115 -0
- package/lib/embed/providers/slack.mjs +203 -0
- package/lib/embed/recommendation-store.mjs +378 -0
- package/lib/embed/roadmap.mjs +374 -0
- package/lib/embed/role-framing.mjs +110 -0
- package/lib/embed/scheduler.mjs +99 -0
- package/lib/embed/semantic.mjs +325 -0
- package/lib/embed/snapshot.mjs +191 -0
- package/lib/embed/supervision.mjs +235 -0
- package/lib/embed/target-resolver.mjs +186 -0
- package/lib/embed/worker.mjs +62 -0
- package/lib/embed/workspaces.mjs +297 -0
- package/lib/engine/chunker-headings.mjs +110 -0
- package/lib/engine/compressor-heuristic.mjs +100 -0
- package/lib/engine/consolidate.mjs +287 -0
- package/lib/engine/contracts.mjs +126 -0
- package/lib/engine/defaults.mjs +129 -0
- package/lib/engine/eval-retrieval.mjs +148 -0
- package/lib/engine/fuser-rrf.mjs +62 -0
- package/lib/engine/index.mjs +37 -0
- package/lib/engine/registry.mjs +146 -0
- package/lib/engine/reranker-mmr.mjs +90 -0
- package/lib/engine/tokens.mjs +77 -0
- package/lib/entity-store.mjs +280 -0
- package/lib/env-config.mjs +69 -4
- package/lib/evals/retrieval-bench.mjs +159 -0
- package/lib/evaluator-optimizer.mjs +317 -0
- package/lib/features.mjs +159 -29
- package/lib/gates-audit.mjs +236 -0
- package/lib/git-hooks/prepare-commit-msg +58 -0
- package/lib/handoffs/cleanup.mjs +159 -0
- package/lib/handoffs/contract.mjs +162 -0
- package/lib/handoffs/inventory.mjs +120 -0
- package/lib/headhunt.mjs +28 -47
- package/lib/health-check.mjs +399 -0
- package/lib/hook-health.mjs +442 -0
- package/lib/hooks/_lib/log.mjs +82 -0
- package/lib/hooks/adaptive-lint.mjs +26 -2
- package/lib/hooks/agent-tracker.mjs +171 -14
- package/lib/hooks/audit-reads.mjs +109 -0
- package/lib/hooks/audit-trail.mjs +153 -0
- package/lib/hooks/bash-output-logger.mjs +71 -0
- package/lib/hooks/block-no-verify.mjs +41 -0
- package/lib/hooks/ci-status-check.mjs +82 -0
- package/lib/hooks/comment-lint.mjs +29 -7
- package/lib/hooks/config-protection.mjs +39 -18
- package/lib/hooks/context-watch.mjs +137 -0
- package/lib/hooks/context-window-recovery.mjs +4 -20
- package/lib/hooks/dep-audit.mjs +16 -0
- package/lib/hooks/doc-coupling-check.mjs +80 -0
- package/lib/hooks/edit-accumulator.mjs +3 -0
- package/lib/hooks/edit-error-recovery.mjs +3 -0
- package/lib/hooks/edit-guard.mjs +45 -4
- package/lib/hooks/env-check.mjs +3 -0
- package/lib/hooks/guard-bash.mjs +58 -1
- package/lib/hooks/mcp-audit.mjs +18 -20
- package/lib/hooks/mcp-health-check.mjs +36 -0
- package/lib/hooks/model-fallback.mjs +42 -56
- package/lib/hooks/policy-engine.mjs +209 -0
- package/lib/hooks/post-merge-docs-check.mjs +63 -0
- package/lib/hooks/pre-compact.mjs +4 -24
- package/lib/hooks/pre-push-gate.mjs +200 -37
- package/lib/hooks/proactive-activation.mjs +284 -0
- package/lib/hooks/read-tracker.mjs +27 -4
- package/lib/hooks/readme-age-check.mjs +77 -0
- package/lib/hooks/registry-sync.mjs +12 -5
- package/lib/hooks/scan-secrets.mjs +50 -7
- package/lib/hooks/session-optimize.mjs +311 -0
- package/lib/hooks/session-start.mjs +287 -28
- package/lib/hooks/stop-notify.mjs +236 -96
- package/lib/hooks/stop-typecheck.mjs +13 -1
- package/lib/hooks/test-watch.mjs +68 -0
- package/lib/host-capabilities.mjs +31 -10
- package/lib/init-docs.mjs +731 -291
- package/lib/init-unified.mjs +1000 -0
- package/lib/init-update.mjs +168 -0
- package/lib/init.mjs +107 -0
- package/lib/install/first-invocation.mjs +119 -0
- package/lib/install/stage-project.mjs +69 -0
- package/lib/intake/classify.mjs +278 -0
- package/lib/intake/feedback.mjs +273 -0
- package/lib/intake/filesystem-queue.mjs +158 -0
- package/lib/intake/intake-config.mjs +132 -0
- package/lib/intake/postgres-queue.mjs +198 -0
- package/lib/intake/prepare.mjs +139 -0
- package/lib/intake/queue.mjs +83 -0
- package/lib/intake/session-prelude.mjs +50 -0
- package/lib/integrations/intake-integrations.mjs +740 -0
- package/lib/intent-classifier.mjs +253 -0
- package/lib/knowledge/layout.mjs +72 -0
- package/lib/knowledge/rag.mjs +331 -0
- package/lib/knowledge/search.mjs +315 -0
- package/lib/knowledge/trends.mjs +261 -0
- package/lib/logger.mjs +85 -0
- package/lib/mcp/broker.mjs +124 -0
- package/lib/mcp/server.mjs +554 -854
- package/lib/mcp/tools/document.mjs +132 -0
- package/lib/mcp/tools/memory.mjs +209 -0
- package/lib/mcp/tools/project.mjs +349 -0
- package/lib/mcp/tools/skills.mjs +409 -0
- package/lib/mcp/tools/storage.mjs +60 -0
- package/lib/mcp/tools/telemetry.mjs +315 -0
- package/lib/mcp/tools/workflow.mjs +112 -0
- package/lib/mcp-catalog.json +54 -3
- package/lib/mcp-manager.mjs +96 -48
- package/lib/mcp-platform-config.mjs +22 -22
- package/lib/memory-stats.mjs +121 -0
- package/lib/mode-commands.mjs +124 -0
- package/lib/model-free-selector.mjs +184 -0
- package/lib/model-pricing.mjs +152 -0
- package/lib/model-registry.mjs +226 -0
- package/lib/model-router.mjs +362 -386
- package/lib/observation-store.mjs +391 -0
- package/lib/ollama-manager.mjs +428 -0
- package/lib/opencode-config.mjs +13 -3
- package/lib/opencode-runtime-plugin.mjs +70 -38
- package/lib/opencode-telemetry.mjs +64 -6
- package/lib/orchestration-policy.mjs +509 -6
- package/lib/overrides/resolver.mjs +207 -0
- package/lib/parity.mjs +147 -0
- package/lib/paths.mjs +33 -0
- package/lib/performance/generate.mjs +212 -0
- package/lib/plugin-registry.mjs +268 -0
- package/lib/policy/engine.mjs +130 -0
- package/lib/policy/unified-gates.mjs +96 -0
- package/lib/project-detection.mjs +129 -0
- package/lib/project-init-shared.mjs +272 -0
- package/lib/project-profile.mjs +447 -0
- package/lib/prompt-composer.js +434 -0
- package/lib/prompt-metadata.mjs +1 -1
- package/lib/provider-capabilities-anthropic.js +44 -0
- package/lib/provider-capabilities-deepseek.js +37 -0
- package/lib/provider-capabilities-generic.js +26 -0
- package/lib/provider-capabilities-google.js +47 -0
- package/lib/provider-capabilities-openai.js +45 -0
- package/lib/provider-capabilities.js +142 -0
- package/lib/providers/atlassian-confluence/index.mjs +103 -0
- package/lib/providers/atlassian-jira/index.mjs +100 -0
- package/lib/providers/auth-manager.mjs +126 -0
- package/lib/providers/circuit-breaker.mjs +124 -0
- package/lib/providers/contract.mjs +93 -0
- package/lib/providers/github/index.mjs +126 -0
- package/lib/providers/registry.mjs +184 -0
- package/lib/providers/salesforce/index.mjs +100 -0
- package/lib/providers/slack/index.mjs +80 -0
- package/lib/reflect.mjs +137 -0
- package/lib/research-lint.mjs +164 -0
- package/lib/resources/budget.mjs +259 -0
- package/lib/role-preload.mjs +21 -6
- package/lib/roles/approval-surface.mjs +54 -0
- package/lib/roles/cli.mjs +118 -0
- package/lib/roles/event-bus.mjs +79 -0
- package/lib/roles/fence.mjs +84 -0
- package/lib/roles/gateway.mjs +260 -0
- package/lib/roles/hook-emit.mjs +37 -0
- package/lib/roles/manifest.mjs +48 -0
- package/lib/roles/router.mjs +27 -0
- package/lib/runtime-pressure.mjs +360 -0
- package/lib/schema-artifact.mjs +134 -0
- package/lib/schema-infer.mjs +551 -0
- package/lib/server/auth.mjs +168 -0
- package/lib/server/chat.mjs +336 -0
- package/lib/server/cors.mjs +77 -0
- package/lib/server/csrf.mjs +91 -0
- package/lib/server/index.mjs +1927 -78
- package/lib/server/insights.mjs +765 -0
- package/lib/server/rate-limit.mjs +91 -0
- package/lib/server/static/assets/index-ab25c707.js +70 -0
- package/lib/server/static/assets/index-f0c80a2b.css +1 -0
- package/lib/server/static/index.html +12 -817
- package/lib/server/telemetry-login.mjs +108 -0
- package/lib/server/webhook.mjs +510 -0
- package/lib/service-manager.mjs +522 -58
- package/lib/services/pattern-promotion-service.mjs +167 -0
- package/lib/services/telemetry-backend.mjs +178 -0
- package/lib/session-store.mjs +374 -0
- package/lib/setup-prompts.mjs +96 -0
- package/lib/setup.mjs +523 -36
- package/lib/skills-apply.mjs +280 -0
- package/lib/skills-scope.mjs +118 -0
- package/lib/status.mjs +261 -70
- package/lib/storage/admin.mjs +355 -0
- package/lib/storage/backend.mjs +2 -1
- package/lib/storage/backup.mjs +347 -0
- package/lib/storage/embeddings-engine.mjs +133 -0
- package/lib/storage/embeddings-legacy.mjs +85 -0
- package/lib/storage/embeddings-local.mjs +108 -0
- package/lib/storage/embeddings-ollama.mjs +78 -0
- package/lib/storage/embeddings-openai.mjs +85 -0
- package/lib/storage/embeddings.mjs +92 -33
- package/lib/storage/file-lock.mjs +130 -0
- package/lib/storage/fusion.mjs +95 -0
- package/lib/storage/hybrid-query.mjs +34 -27
- package/lib/storage/migrations.mjs +187 -0
- package/lib/storage/postgres-backup.mjs +124 -0
- package/lib/storage/sql-store.mjs +5 -15
- package/lib/storage/state-source.mjs +12 -13
- package/lib/storage/store-version.mjs +115 -0
- package/lib/storage/sync.mjs +144 -35
- package/lib/storage/unified-storage.mjs +550 -0
- package/lib/storage/vector-client.mjs +286 -0
- package/lib/storage/vector-store.mjs +71 -30
- package/lib/task-graph/generate.mjs +135 -0
- package/lib/task-graph/schema.mjs +81 -0
- package/lib/task-graph/store.mjs +71 -0
- package/lib/telemetry/backends/local.mjs +62 -0
- package/lib/telemetry/backends/{langfuse.mjs → remote.mjs} +27 -14
- package/lib/telemetry/backfill.mjs +180 -0
- package/lib/telemetry/eval-datasets.mjs +203 -0
- package/lib/telemetry/{langfuse-ingest.mjs → ingest.mjs} +26 -20
- package/lib/telemetry/intent-verifications.mjs +86 -0
- package/lib/telemetry/llm-judge.mjs +350 -0
- package/lib/telemetry/model-pricing-catalog.mjs +557 -0
- package/lib/telemetry/setup.mjs +151 -0
- package/lib/telemetry/skill-calls.mjs +78 -0
- package/lib/telemetry/team-rollup.mjs +4 -4
- package/lib/token-engine.js +117 -0
- package/lib/token-estimator-anthropic.js +15 -0
- package/lib/token-estimator-deepseek.js +13 -0
- package/lib/token-estimator-default.js +13 -0
- package/lib/token-estimator-google.js +13 -0
- package/lib/token-estimator-openai.js +13 -0
- package/lib/toolkit-env.mjs +1 -1
- package/lib/tty-prompts.mjs +211 -0
- package/lib/uninstall/uninstall.mjs +423 -0
- package/lib/update.mjs +115 -0
- package/lib/upgrade.mjs +141 -0
- package/lib/validator.mjs +51 -2
- package/lib/validators/skills.mjs +142 -0
- package/lib/wireframe.mjs +422 -0
- package/lib/worker/entrypoint.mjs +241 -0
- package/lib/worker/evidence.mjs +107 -0
- package/lib/worker/run.mjs +154 -0
- package/lib/worker/trace.mjs +182 -0
- package/lib/workflow-state.mjs +14 -18
- package/package.json +21 -8
- package/personas/construct.md +53 -51
- package/platforms/claude/CLAUDE.md +1 -1
- package/platforms/claude/settings.template.json +115 -68
- package/platforms/opencode/config.template.json +3 -7
- package/rules/common/agents.md +11 -38
- package/rules/common/beads-hygiene.md +75 -0
- package/rules/common/code-review.md +11 -100
- package/rules/common/coding-style.md +5 -3
- package/rules/common/comments.md +30 -111
- package/rules/common/commit-approval.md +53 -0
- package/rules/common/cx-agent-routing.md +1 -0
- package/rules/common/development-workflow.md +23 -41
- package/rules/common/doc-ownership.md +54 -0
- package/rules/common/efficiency.md +57 -0
- package/rules/common/framing.md +76 -0
- package/rules/common/git-workflow.md +2 -4
- package/rules/common/patterns.md +3 -7
- package/rules/common/performance.md +15 -31
- package/rules/common/release-gates.md +69 -0
- package/rules/common/research.md +107 -0
- package/rules/common/security.md +6 -6
- package/rules/common/skill-composition.md +67 -0
- package/rules/common/testing.md +15 -27
- package/rules/golang/hooks.md +0 -4
- package/rules/policy/bootstrap.yaml +11 -0
- package/rules/policy/drive.yaml +8 -0
- package/rules/policy/task.yaml +9 -0
- package/rules/policy/workflow.yaml +9 -0
- package/rules/python/hooks.md +0 -4
- package/rules/swift/hooks.md +0 -4
- package/rules/typescript/hooks.md +0 -4
- package/rules/web/hooks.md +0 -2
- package/{sync-agents.mjs → scripts/sync-agents.mjs} +306 -61
- package/skills/ai/prompt-optimizer.md +7 -7
- package/skills/compliance/ai-disclosure.md +58 -0
- package/skills/compliance/data-privacy.md +46 -0
- package/skills/compliance/license-audit.md +40 -0
- package/skills/compliance/regulatory-review.md +61 -0
- package/skills/docs/document-ingest-workflow.md +52 -0
- package/skills/docs/evidence-ingest-workflow.md +9 -0
- package/skills/docs/init-docs.md +51 -18
- package/skills/docs/product-intelligence-workflow.md +12 -0
- package/skills/docs/product-signal-workflow.md +4 -0
- package/skills/docs/research-workflow.md +23 -8
- package/skills/docs/runbook-workflow.md +1 -1
- package/skills/operating/orchestration-reference.md +151 -0
- package/skills/roles/architect.md +5 -0
- package/skills/roles/engineer.md +32 -0
- package/skills/roles/operator.md +12 -0
- package/skills/roles/reviewer.md +23 -0
- package/skills/routing.md +1 -1
- package/templates/devcontainer/Dockerfile.devcontainer +38 -0
- package/templates/devcontainer/devcontainer.json +31 -0
- package/templates/distribution/bootstrap.ps1 +142 -0
- package/templates/distribution/bootstrap.sh +196 -0
- package/templates/distribution/run.mjs +187 -0
- package/templates/docs/adr.md +44 -8
- package/templates/docs/changelog-entry.md +43 -0
- package/templates/docs/construct_guide.md +149 -0
- package/templates/docs/evidence-brief.md +2 -2
- package/templates/docs/meta-prd.md +140 -19
- package/templates/docs/onboarding.md +57 -0
- package/templates/docs/prd.md +159 -15
- package/templates/docs/research-brief.md +4 -4
- package/templates/homebrew/construct.rb +67 -0
- package/langfuse/docker-compose.yml +0 -82
- package/lib/eval-harness.mjs +0 -59
- package/lib/hooks/bootstrap-guard.mjs +0 -90
- package/lib/hooks/console-warn.mjs +0 -43
- package/lib/hooks/continuation-enforcer.mjs +0 -72
- package/lib/hooks/drive-guard.mjs +0 -89
- package/lib/hooks/mcp-task-scope.mjs +0 -47
- package/lib/hooks/task-completed-guard.mjs +0 -43
- package/lib/hooks/teammate-idle-guard.mjs +0 -54
- package/lib/hooks/workflow-guard.mjs +0 -62
- package/lib/prompt-composer.mjs +0 -196
- package/lib/review.mjs +0 -429
- package/lib/server/static/app.js +0 -841
- package/lib/telemetry/langfuse-model-sync.mjs +0 -270
- package/rules/common/hooks.md +0 -35
- package/rules/zh/README.md +0 -113
- package/rules/zh/agents.md +0 -55
- package/rules/zh/code-review.md +0 -129
- package/rules/zh/coding-style.md +0 -53
- package/rules/zh/development-workflow.md +0 -49
- package/rules/zh/git-workflow.md +0 -29
- package/rules/zh/hooks.md +0 -35
- package/rules/zh/patterns.md +0 -36
- package/rules/zh/performance.md +0 -60
- package/rules/zh/security.md +0 -34
- package/rules/zh/testing.md +0 -34
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
<!--
|
|
2
2
|
skills/ai/prompt-optimizer.md — Closed-loop prompt auto-optimization guide.
|
|
3
3
|
|
|
4
|
-
Uses
|
|
4
|
+
Uses telemetry traces and quality scores as the feedback signal, Claude as the optimizer,
|
|
5
5
|
and the agent registry + construct sync as the deployment layer.
|
|
6
6
|
-->
|
|
7
7
|
# Prompt Auto-Optimization Loop
|
|
8
8
|
|
|
9
|
-
Construct's prompt improvement system uses
|
|
9
|
+
Construct's prompt improvement system uses telemetry traces and quality scores as the feedback signal, Claude as the optimizer, and the agent registry (`agents/registry.json`) as the deployment layer. This is a closed loop: production data → failure analysis → improved prompt → staging → promotion.
|
|
10
10
|
|
|
11
11
|
## Running the optimizer
|
|
12
12
|
|
|
@@ -36,16 +36,16 @@ The optimizer requires Python 3.12+ (`pip3` must be available). It will auto-ins
|
|
|
36
36
|
|
|
37
37
|
Retrieve the current production prompt for the target agent from `agents/registry.json` (or the corresponding `promptFile` if using extracted prompts).
|
|
38
38
|
|
|
39
|
-
Then retrieve recent traces via the
|
|
39
|
+
Then retrieve recent traces via the telemetry backend REST API:
|
|
40
40
|
|
|
41
41
|
```
|
|
42
|
-
GET {
|
|
43
|
-
# Auth: Basic base64(
|
|
42
|
+
GET {CONSTRUCT_TELEMETRY_URL}/api/public/traces?tags={agentName}&limit=50
|
|
43
|
+
# Auth: Basic base64(CONSTRUCT_TELEMETRY_PUBLIC_KEY:CONSTRUCT_TELEMETRY_SECRET_KEY)
|
|
44
44
|
```
|
|
45
45
|
|
|
46
46
|
To fetch quality scores for traces:
|
|
47
47
|
```
|
|
48
|
-
GET {
|
|
48
|
+
GET {CONSTRUCT_TELEMETRY_URL}/api/public/scores?traceId={id}&name=quality
|
|
49
49
|
```
|
|
50
50
|
|
|
51
51
|
Filter to scores where `value < 0.7`. For each low-scoring trace, extract: the prompt used, the user input, the model output, the quality score, and any human comments.
|
|
@@ -110,5 +110,5 @@ Run `cx-trace-reviewer` after every promotion. If the newly promoted prompt show
|
|
|
110
110
|
|
|
111
111
|
## What this does not replace
|
|
112
112
|
|
|
113
|
-
- **DSPy**: If you need algorithmic optimization over large datasets with measurable metrics (classification, structured output), DSPy is the right tool and integrates with
|
|
113
|
+
- **DSPy**: If you need algorithmic optimization over large datasets with measurable metrics (classification, structured output), DSPy is the right tool and integrates with telemetry backend for tracing. This skill is for natural-language agent prompts where the metric is quality score.
|
|
114
114
|
- **Human review**: Always read the generated prompt before pushing to staging. The LLM optimizer can introduce subtle regressions. Automated promotion should only happen after confirming the diff makes sense.
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
<!--
|
|
2
|
+
skills/compliance/ai-disclosure.md — AI Disclosure — AI transparency, disclosure, and regulatory compliance.
|
|
3
|
+
|
|
4
|
+
Use this skill when reviewing AI features for disclosure requirements, transparency obligations, or emerging AI regulation compliance.
|
|
5
|
+
-->
|
|
6
|
+
# AI Disclosure
|
|
7
|
+
|
|
8
|
+
Use this skill when reviewing AI features for disclosure requirements, transparency obligations, or emerging AI regulation compliance.
|
|
9
|
+
|
|
10
|
+
## Disclosure Requirements
|
|
11
|
+
|
|
12
|
+
### When AI generates or modifies content
|
|
13
|
+
|
|
14
|
+
- Disclose that content was AI-generated or AI-assisted
|
|
15
|
+
- Label AI outputs clearly in the UI (e.g., "Generated by AI", "AI-assisted")
|
|
16
|
+
- Do not present AI-generated content as human-authored without disclosure
|
|
17
|
+
|
|
18
|
+
### When AI makes or influences decisions
|
|
19
|
+
|
|
20
|
+
- Document the decision criteria and model inputs
|
|
21
|
+
- Provide a mechanism for human review of consequential decisions
|
|
22
|
+
- Log the model version, prompt template, and confidence score for audit
|
|
23
|
+
|
|
24
|
+
### When AI processes personal data
|
|
25
|
+
|
|
26
|
+
- Include AI processing in the privacy notice
|
|
27
|
+
- Obtain specific consent for automated decision-making under GDPR Art. 22
|
|
28
|
+
- Provide the right to obtain human intervention, express a point of view, and contest the decision
|
|
29
|
+
|
|
30
|
+
## Regulatory Landscape
|
|
31
|
+
|
|
32
|
+
| Regulation | Scope | Key Requirement |
|
|
33
|
+
|------------|-------|-----------------|
|
|
34
|
+
| EU AI Act | EU market | Risk classification, transparency obligations, conformity assessment for high-risk |
|
|
35
|
+
| GDPR Art. 22 | EU residents | Right not to be subject to solely automated decisions with legal effects |
|
|
36
|
+
| NYC Local Law 144 | NYC employers | Bias audit for automated employment decision tools |
|
|
37
|
+
| Colorado AI Act | Colorado consumers | Disclosure of high-risk AI decisions, impact assessments |
|
|
38
|
+
| Canada AIDA (proposed) | Canada | Transparency, bias mitigation, human oversight for high-impact systems |
|
|
39
|
+
|
|
40
|
+
## Code Review Triggers
|
|
41
|
+
|
|
42
|
+
- AI features that influence hiring, lending, insurance, or housing decisions (high-risk under EU AI Act)
|
|
43
|
+
- Chatbots or virtual agents without clear "you are talking to AI" disclosure
|
|
44
|
+
- AI-generated recommendations presented without provenance markers
|
|
45
|
+
- Model outputs stored without version tracking or audit trail
|
|
46
|
+
- Automated content moderation without human appeal mechanism
|
|
47
|
+
- Training on user data without explicit consent or opt-out
|
|
48
|
+
|
|
49
|
+
## Risk Assessment Template
|
|
50
|
+
|
|
51
|
+
For each AI feature, document:
|
|
52
|
+
1. **Purpose**: what the AI does and why
|
|
53
|
+
2. **Data inputs**: what data the model receives
|
|
54
|
+
3. **Risk tier**: minimal, limited, high, unacceptable (per EU AI Act)
|
|
55
|
+
4. **Disclosure mechanism**: how users are informed
|
|
56
|
+
5. **Human oversight**: who reviews AI decisions and how
|
|
57
|
+
6. **Bias mitigation**: what testing was done for fairness
|
|
58
|
+
7. **Audit trail**: what is logged for post-hoc review
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
<!--
|
|
2
|
+
skills/compliance/data-privacy.md — Data Privacy — GDPR, CCPA, and data protection compliance patterns.
|
|
3
|
+
|
|
4
|
+
Use this skill when reviewing data collection, storage, processing, or retention for privacy regulation compliance.
|
|
5
|
+
-->
|
|
6
|
+
# Data Privacy
|
|
7
|
+
|
|
8
|
+
Use this skill when reviewing data collection, storage, processing, or retention for privacy regulation compliance.
|
|
9
|
+
|
|
10
|
+
## Data Classification
|
|
11
|
+
|
|
12
|
+
| Category | Examples | Handling |
|
|
13
|
+
|----------|----------|----------|
|
|
14
|
+
| PII | Name, email, phone, address, IP | Encrypt at rest, minimize collection |
|
|
15
|
+
| Sensitive PII | SSN, financial data, health data, biometrics | Encrypt + access control + audit log |
|
|
16
|
+
| Pseudonymous | Hashed identifiers, device IDs, session tokens | Still personal data under GDPR |
|
|
17
|
+
| Anonymous | Aggregated statistics with k-anonymity | Generally exempt |
|
|
18
|
+
|
|
19
|
+
## Privacy by Design Checklist
|
|
20
|
+
|
|
21
|
+
- [ ] Data minimization: collect only what is necessary for the stated purpose
|
|
22
|
+
- [ ] Purpose limitation: document why each data field is collected
|
|
23
|
+
- [ ] Storage limitation: define retention periods and auto-deletion schedules
|
|
24
|
+
- [ ] Lawful basis: identify legal basis for each processing activity (consent, contract, legitimate interest)
|
|
25
|
+
- [ ] Data subject rights: implement access, rectification, erasure, portability, and objection endpoints
|
|
26
|
+
- [ ] Cross-border transfers: verify adequacy decisions or standard contractual clauses for international data flows
|
|
27
|
+
- [ ] Breach notification: document the process for 72-hour supervisory authority notification
|
|
28
|
+
|
|
29
|
+
## Code Review Triggers
|
|
30
|
+
|
|
31
|
+
Flag these patterns in code:
|
|
32
|
+
|
|
33
|
+
- Logging PII to stdout, application logs, or third-party analytics
|
|
34
|
+
- Storing PII in plain text without encryption
|
|
35
|
+
- Passing PII in URL query parameters
|
|
36
|
+
- Retaining data beyond the documented retention period
|
|
37
|
+
- Third-party SDK calls that transmit user data without documented DPA
|
|
38
|
+
- Cookie or tracking pixel placement without consent management
|
|
39
|
+
- Email addresses used as primary keys (makes deletion cascades hard)
|
|
40
|
+
|
|
41
|
+
## Regulation Quick Reference
|
|
42
|
+
|
|
43
|
+
- **GDPR**: EU residents. Consent must be freely given, specific, informed, unambiguous. Right to erasure is absolute for consent-based processing.
|
|
44
|
+
- **CCPA/CPRA**: California residents. Right to know, delete, opt-out of sale/sharing. 12-month lookback on data collection.
|
|
45
|
+
- **LGPD**: Brazil. Similar to GDPR. Requires a DPO and legal basis for processing.
|
|
46
|
+
- **PIPEDA**: Canada. Consent required for collection, use, and disclosure. Reasonable purpose test applies.
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
<!--
|
|
2
|
+
skills/compliance/license-audit.md — License Audit — Dependency license review and open-source compliance.
|
|
3
|
+
|
|
4
|
+
Use this skill when auditing dependency licenses, evaluating OSS compliance risk, or preparing license inventories for legal review.
|
|
5
|
+
-->
|
|
6
|
+
# License Audit
|
|
7
|
+
|
|
8
|
+
Use this skill when auditing dependency licenses, evaluating OSS compliance risk, or preparing license inventories for legal review.
|
|
9
|
+
|
|
10
|
+
## License Classification
|
|
11
|
+
|
|
12
|
+
| Risk Tier | Licenses | Action |
|
|
13
|
+
|-----------|----------|--------|
|
|
14
|
+
| Permissive | MIT, BSD-2, BSD-3, ISC, Apache-2.0, Unlicense | Safe for most uses |
|
|
15
|
+
| Weak copyleft | LGPL-2.1, LGPL-3.0, MPL-2.0, EPL-2.0 | Review linking model |
|
|
16
|
+
| Strong copyleft | GPL-2.0, GPL-3.0, AGPL-3.0 | Legal review required |
|
|
17
|
+
| Non-commercial | CC-BY-NC, SSPL, BSL, Elastic-2.0 | Block for commercial use |
|
|
18
|
+
| Unknown/Custom | No SPDX identifier, custom terms | Manual review required |
|
|
19
|
+
|
|
20
|
+
## Audit Process
|
|
21
|
+
|
|
22
|
+
1. Generate SBOM: use `npm list --all --json`, `pip licenses`, `cargo license`, or equivalent
|
|
23
|
+
2. Identify every direct and transitive dependency
|
|
24
|
+
3. Map each dependency to its SPDX license identifier
|
|
25
|
+
4. Flag any dependency without a clear license file as unknown-risk
|
|
26
|
+
5. Check for license changes between pinned versions and latest
|
|
27
|
+
6. Look past layer one — transitive copyleft taints the whole tree
|
|
28
|
+
|
|
29
|
+
## Red Flags
|
|
30
|
+
|
|
31
|
+
- AGPL-3.0 in any network-exposed service dependency
|
|
32
|
+
- GPL in a library linked into proprietary code without a linking exception
|
|
33
|
+
- Mixed licensing where copyleft and proprietary code share a compilation unit
|
|
34
|
+
- Dependencies that changed from permissive to restrictive between versions
|
|
35
|
+
- "License: SEE LICENSE IN ..." with no actual license file present
|
|
36
|
+
- Dual-licensed packages where the free option is copyleft
|
|
37
|
+
|
|
38
|
+
## Deliverable
|
|
39
|
+
|
|
40
|
+
Produce a license inventory table: dependency name, version, license SPDX, risk tier, notes. Flag every non-permissive entry with a recommended action (accept, replace, seek exception, or block).
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
<!--
|
|
2
|
+
skills/compliance/regulatory-review.md — Regulatory Review — Pre-ship compliance review checklist and process.
|
|
3
|
+
|
|
4
|
+
Use this skill when conducting a compliance review before shipping features that handle user data, financial transactions, AI decisions, or regulated content.
|
|
5
|
+
-->
|
|
6
|
+
# Regulatory Review
|
|
7
|
+
|
|
8
|
+
Use this skill when conducting a compliance review before shipping features that handle user data, financial transactions, AI decisions, or regulated content.
|
|
9
|
+
|
|
10
|
+
## Pre-Ship Compliance Checklist
|
|
11
|
+
|
|
12
|
+
### Data handling
|
|
13
|
+
|
|
14
|
+
- [ ] All personal data fields documented with purpose and legal basis
|
|
15
|
+
- [ ] Retention periods defined and enforced
|
|
16
|
+
- [ ] Encryption at rest and in transit for sensitive data
|
|
17
|
+
- [ ] Data subject rights endpoints implemented and tested
|
|
18
|
+
- [ ] Cross-border data transfer mechanisms in place
|
|
19
|
+
|
|
20
|
+
### Licensing
|
|
21
|
+
|
|
22
|
+
- [ ] Dependency license audit completed (no copyleft surprises)
|
|
23
|
+
- [ ] Third-party SDK terms reviewed for data sharing obligations
|
|
24
|
+
- [ ] Attribution requirements satisfied for open-source dependencies
|
|
25
|
+
|
|
26
|
+
### AI features
|
|
27
|
+
|
|
28
|
+
- [ ] AI disclosure in place for all AI-generated content
|
|
29
|
+
- [ ] High-risk AI decisions have human oversight mechanism
|
|
30
|
+
- [ ] Model version and prompt tracked for audit
|
|
31
|
+
- [ ] Bias testing completed for consequential decisions
|
|
32
|
+
|
|
33
|
+
### Security
|
|
34
|
+
|
|
35
|
+
- [ ] Authentication and authorization tested
|
|
36
|
+
- [ ] Input validation on all user-facing endpoints
|
|
37
|
+
- [ ] No hardcoded secrets in source code
|
|
38
|
+
- [ ] Security headers configured (CSP, HSTS, etc.)
|
|
39
|
+
|
|
40
|
+
### Accessibility
|
|
41
|
+
|
|
42
|
+
- [ ] WCAG 2.1 AA compliance for public-facing surfaces
|
|
43
|
+
- [ ] Screen reader and keyboard navigation tested
|
|
44
|
+
|
|
45
|
+
## Review Process
|
|
46
|
+
|
|
47
|
+
1. **Inventory**: list all data types collected, stored, or processed by the feature
|
|
48
|
+
2. **Classify**: map each data type to a regulation (GDPR, CCPA, HIPAA, PCI-DSS, etc.)
|
|
49
|
+
3. **Gap analysis**: compare current implementation against regulatory requirements
|
|
50
|
+
4. **Remediation**: fix gaps before shipping, document accepted risks
|
|
51
|
+
5. **Evidence**: collect audit evidence (test results, screenshots, config exports)
|
|
52
|
+
6. **Sign-off**: document the reviewer, date, and scope of the review
|
|
53
|
+
|
|
54
|
+
## Common Compliance Gaps
|
|
55
|
+
|
|
56
|
+
- Terms of service not updated to reflect new data processing
|
|
57
|
+
- Cookie consent banner missing for new tracking mechanisms
|
|
58
|
+
- Data processing agreement not in place for new third-party vendor
|
|
59
|
+
- Privacy policy silent on AI processing activities
|
|
60
|
+
- Deletion endpoint that soft-deletes but never hard-deletes
|
|
61
|
+
- Backup retention that exceeds the documented data retention period
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
<!--
|
|
2
|
+
skills/docs/document-ingest-workflow.md — Convert source documents into retrieval-ready markdown artifacts.
|
|
3
|
+
-->
|
|
4
|
+
# Document Ingest Workflow
|
|
5
|
+
|
|
6
|
+
Use when: the user points at a PDF, Word doc, spreadsheet, slide deck, export, or mixed document folder and wants a markdown version that Construct can search efficiently later.
|
|
7
|
+
|
|
8
|
+
## Preferred tools
|
|
9
|
+
|
|
10
|
+
1. `construct ingest <path>` for CLI-driven conversion.
|
|
11
|
+
2. `ingest_document` over Construct MCP when the host supports MCP tools.
|
|
12
|
+
3. `extract_document_text` only when the user wants raw extracted text without writing a markdown artifact.
|
|
13
|
+
|
|
14
|
+
## Default destination
|
|
15
|
+
|
|
16
|
+
Write outputs to `.cx/knowledge/internal/` unless the user explicitly wants a typed `knowledge/<subdir>`, sibling markdown file, or another output path.
|
|
17
|
+
|
|
18
|
+
Why:
|
|
19
|
+
|
|
20
|
+
- files under `.cx/knowledge/` are part of Construct's file-state retrieval path
|
|
21
|
+
- they can be picked up by hybrid search immediately
|
|
22
|
+
- `construct ingest --sync` can then push them into shared SQL/vector storage when configured
|
|
23
|
+
|
|
24
|
+
## Supported source types
|
|
25
|
+
|
|
26
|
+
- PDF
|
|
27
|
+
- DOC and DOCX
|
|
28
|
+
- XLS, XLSX, CSV, TSV, ODS, Numbers
|
|
29
|
+
- PPT, PPTX, Keynote
|
|
30
|
+
- ODT, RTF
|
|
31
|
+
- text, markdown, HTML, XML, JSON, YAML, and other plain-text project artifacts
|
|
32
|
+
|
|
33
|
+
## Workflow
|
|
34
|
+
|
|
35
|
+
1. Ingest the source into markdown.
|
|
36
|
+
2. Preserve source metadata: original path, extension, extraction method, timestamp, truncation state.
|
|
37
|
+
3. Keep the markdown normalized and readable; do not invent structure beyond headings and metadata.
|
|
38
|
+
4. If the document informs product decisions, promote the result into an evidence brief or PRD input using the evidence-ingest workflow.
|
|
39
|
+
5. If shared storage is configured and the material should be semantically retrievable across sessions, run with `--sync`.
|
|
40
|
+
|
|
41
|
+
## Examples
|
|
42
|
+
|
|
43
|
+
```bash
|
|
44
|
+
construct ingest ./docs/vendor/quarterly-review.pdf
|
|
45
|
+
construct ingest ./research-drop --sync
|
|
46
|
+
construct ingest ./deck.pptx --target=sibling
|
|
47
|
+
construct ingest ./data/export.xlsx --out=./notes/export.md
|
|
48
|
+
```
|
|
49
|
+
|
|
50
|
+
## Rules
|
|
51
|
+
|
|
52
|
+
Do not overwrite an existing markdown artifact unless the user explicitly asks for replacement. Prefer creating a suffixed filename instead. Keep original source files untouched.
|
|
@@ -5,6 +5,8 @@ skills/docs/evidence-ingest-workflow.md — Normalize raw product evidence into
|
|
|
5
5
|
|
|
6
6
|
Use when: the user pastes customer notes, Slack threads, support tickets, sales notes, research snippets, RFCs, analytics summaries, or competitor signals.
|
|
7
7
|
|
|
8
|
+
Follow [rules/common/research.md](../../rules/common/research.md) for source metadata, evidence handling, and confidence labeling.
|
|
9
|
+
|
|
8
10
|
## Steps
|
|
9
11
|
|
|
10
12
|
1. Identify the source type and date.
|
|
@@ -18,6 +20,13 @@ Use when: the user pastes customer notes, Slack threads, support tickets, sales
|
|
|
18
20
|
|
|
19
21
|
Do not invent customer quotes, names, or issue links. Preserve ambiguity. If source evidence contains personal data, record only the minimum needed for product decisions.
|
|
20
22
|
|
|
23
|
+
Always preserve:
|
|
24
|
+
|
|
25
|
+
- source path or source system
|
|
26
|
+
- source date or access date
|
|
27
|
+
- whether the source is direct evidence or secondhand summary
|
|
28
|
+
- what is observed directly vs inferred by the author
|
|
29
|
+
|
|
21
30
|
## Storage
|
|
22
31
|
|
|
23
32
|
Files in `.cx/product-intel/` are indexed by Construct's hybrid retrieval path. Postgres stores them as `product-intel` documents during sync, and the vector layer makes them semantically retrievable for future PRDs and Meta PRDs.
|
package/skills/docs/init-docs.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/docs/init-docs.md — Skill: init-docs — Initialize Project Documentation Structure — `init docs`, `create docs structure`, `set up documentation`, `docs scaffold`, `
|
|
2
|
+
skills/docs/init-docs.md — Skill: init-docs — Initialize Project Documentation Structure — `init docs`, `create docs structure`, `set up documentation`, `docs scaffold`, `documentation init`
|
|
3
3
|
|
|
4
4
|
## Trigger keywords `init docs`, `create docs structure`, `set up documentation`, `docs scaffold`, `documentation init`
|
|
5
5
|
-->
|
|
@@ -19,16 +19,16 @@ When invoked, gather the user's intent and create a tailored documentation direc
|
|
|
19
19
|
Ask the user **all at once** (single message, not one at a time):
|
|
20
20
|
|
|
21
21
|
1. **What is this project?** A brief description (one sentence is fine)
|
|
22
|
-
2. **What doc types will you have?**
|
|
22
|
+
2. **What doc types will you have?** See the lane table below for options
|
|
23
23
|
3. **Who is the audience?** Engineers, external users, both, or internal team only
|
|
24
|
-
4. **Tech stack?** (affects whether API reference sections are needed)
|
|
24
|
+
4. **Tech stack?** (affects whether API reference or RFC sections are needed)
|
|
25
25
|
5. **Monorepo or single-service?** Affects directory depth
|
|
26
26
|
|
|
27
27
|
---
|
|
28
28
|
|
|
29
29
|
## Step 2 — Generate the structure
|
|
30
30
|
|
|
31
|
-
Based on answers, create the `docs/` directory and appropriate subdirectories. Use this as a base — add or remove sections based on the user's answers
|
|
31
|
+
Based on answers, create the `docs/` directory and appropriate subdirectories. Use this as a base — add or remove sections based on the user's answers.
|
|
32
32
|
|
|
33
33
|
### Core structure (always include)
|
|
34
34
|
|
|
@@ -43,19 +43,50 @@ docs/
|
|
|
43
43
|
└── workflow.json # Canonical workflow/task state
|
|
44
44
|
```
|
|
45
45
|
|
|
46
|
-
|
|
46
|
+
## Interactive UX (TTY)
|
|
47
47
|
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
48
|
+
When run interactively, `construct init-docs` renders a keyboard-driven **full-screen checkbox picker** — all available lanes listed with the default set pre-checked and context-suggested lanes highlighted in the UI. No typing required.
|
|
49
|
+
|
|
50
|
+
- **↑ / ↓** — move cursor (details shown in a dedicated panel)
|
|
51
|
+
- **Space** — toggle lane on/off
|
|
52
|
+
- **a** — toggle all on/off
|
|
53
|
+
- **Enter** — confirm and scaffold
|
|
54
|
+
- Follow-up choices use the same menu pattern instead of free-text answers
|
|
55
|
+
|
|
56
|
+
If the user selects the `intake` lane, `construct init-docs` should also create `.cx/inbox/`. Both `.cx/inbox/` and `docs/intake/` act as drop zones for ingestable files, while `docs/intake/` also serves as the durable paper trail lane.
|
|
57
|
+
|
|
58
|
+
When run non-interactively (`--yes` or piped stdin), the lean default set is used unless `--docs=` is supplied. `--docs=lean|product|full` or `--docs=adrs,prds,rfcs` both work.
|
|
59
|
+
|
|
60
|
+
---
|
|
61
|
+
|
|
62
|
+
### Available lanes
|
|
63
|
+
|
|
64
|
+
| Lane | Directory | What goes here |
|
|
65
|
+
|--------------|-----------------|----------------|
|
|
66
|
+
| adrs | `docs/adr/` | Architecture decisions that have already been made |
|
|
67
|
+
| briefs | `docs/briefs/` | Research, evidence, signals, one-pagers, customer profiles |
|
|
68
|
+
| changelogs | `docs/changelogs/` | User-facing release notes and version history entries |
|
|
69
|
+
| intake | `docs/intake/` | Intake batch records that explain what arrived, why it matters, and how it should be ingested |
|
|
70
|
+
| memos | `docs/memos/` | Decision memos and internal arguments for alignment |
|
|
71
|
+
| meetings | `docs/meetings/` | Meeting notes, minutes, standups, retros, agendas, and session summaries |
|
|
72
|
+
| notes | `docs/notes/` | Working notes and lightweight durable context outside formal docs or meetings |
|
|
73
|
+
| onboarding | `docs/onboarding/` | Runnable setup guides and first-day workflows |
|
|
74
|
+
| postmortems | `docs/postmortems/` | Blameless incident reports with root cause and corrective actions |
|
|
75
|
+
| prds | `docs/prds/` | Product and capability requirement documents |
|
|
76
|
+
| rfcs | `docs/rfcs/` | Architecture and implementation proposals needing review |
|
|
77
|
+
| runbooks | `docs/runbooks/` | Operational procedures, diagnostics, escalation paths |
|
|
78
|
+
|
|
79
|
+
### Guidance: which lanes to suggest
|
|
80
|
+
|
|
81
|
+
| Signal in the project | Suggest |
|
|
82
|
+
|-----------------------|---------|
|
|
83
|
+
| Has `Dockerfile`, `.github/`, `deploy/`, or `infra/` | runbooks, postmortems |
|
|
84
|
+
| Has `CHANGELOG.md` or release tagging | changelogs |
|
|
85
|
+
| Has `onboarding/`, `setup/`, or `getting-started/` | onboarding |
|
|
86
|
+
| Has meeting minutes, agendas, retros, or standups | meetings |
|
|
87
|
+
| Has `src/`, `lib/`, `api/`, or `services/` | rfcs |
|
|
88
|
+
| Has research, customer, or market files | briefs |
|
|
89
|
+
| Any project with decisions and requirements | adrs, prds (always lean default) |
|
|
59
90
|
|
|
60
91
|
---
|
|
61
92
|
|
|
@@ -120,7 +151,7 @@ Last updated: [date]
|
|
|
120
151
|
|
|
121
152
|
## Key decisions
|
|
122
153
|
|
|
123
|
-
Link to
|
|
154
|
+
Link to `docs/adr/` or the canonical project decision log used in this repo.
|
|
124
155
|
```
|
|
125
156
|
|
|
126
157
|
---
|
|
@@ -156,5 +187,7 @@ Stack: [stack]
|
|
|
156
187
|
|
|
157
188
|
After completing the docs init:
|
|
158
189
|
- If the user has architecture questions → `@cx-explorer` or `@cx-docs-keeper` to explore and update `docs/architecture/`
|
|
159
|
-
- If the user wants to document a decision → record it in
|
|
190
|
+
- If the user wants to document a decision → record it in `docs/adr/` using the ADR template
|
|
160
191
|
- If the user wants to add API docs → `@cx-docs-keeper` to generate stubs from code
|
|
192
|
+
- If the user wants to file an incident report → use `docs/postmortems/` with the incident-report template
|
|
193
|
+
- If the user wants to document a release → use `docs/changelogs/` with the changelog-entry template
|
|
@@ -8,6 +8,8 @@ customer profiles, and backlog proposals without creating a separate sidecar sys
|
|
|
8
8
|
|
|
9
9
|
Use when: the request involves customer evidence, PM synthesis, product requirements, PRDs, PRFAQs, customer profiles, product signals, or backlog proposals.
|
|
10
10
|
|
|
11
|
+
Follow [rules/common/research.md](../../rules/common/research.md) for source order, verification, confidence, and reproducibility.
|
|
12
|
+
|
|
11
13
|
## Operating model
|
|
12
14
|
|
|
13
15
|
Product Intelligence is a Construct-native loop:
|
|
@@ -20,6 +22,14 @@ Product Intelligence is a Construct-native loop:
|
|
|
20
22
|
6. Gate external writes and approved-doc status through the primary persona.
|
|
21
23
|
7. Sync searchable artifacts through the hybrid file/Postgres/vector storage path.
|
|
22
24
|
|
|
25
|
+
## Source order
|
|
26
|
+
|
|
27
|
+
1. Existing internal evidence: customer profiles, evidence briefs, signal briefs, prior PRDs, prior research, ingested docs
|
|
28
|
+
2. Raw source material: notes, transcripts, tickets, exported docs, spreadsheets, decks
|
|
29
|
+
3. External corroboration when needed: official product docs, vendor docs, public changelogs, source code, standards
|
|
30
|
+
|
|
31
|
+
Do not skip prior internal evidence when drafting a new product artifact.
|
|
32
|
+
|
|
23
33
|
## PM flavor selection
|
|
24
34
|
|
|
25
35
|
- **product**: user workflow, adoption, JTBD, UX surface, success metrics.
|
|
@@ -60,3 +70,5 @@ Stop and ask the primary persona before:
|
|
|
60
70
|
## Quality bar
|
|
61
71
|
|
|
62
72
|
Product Intelligence output must cite evidence, distinguish observation from inference, name confidence, and avoid a wall of bullets. Keep em dashes rare. Use paragraphs for reasoning, tables for comparisons, and bullets for scanability.
|
|
73
|
+
|
|
74
|
+
For time-sensitive or externally sourced claims, include the date basis. For load-bearing claims, prefer two independent sources unless one authoritative primary source is enough.
|
|
@@ -5,6 +5,8 @@ skills/docs/product-signal-workflow.md — Synthesize product signals from evide
|
|
|
5
5
|
|
|
6
6
|
Use when: the user asks what customers are asking for, what themes are emerging, whether evidence is strong enough, or what should become a PRD.
|
|
7
7
|
|
|
8
|
+
Follow [rules/common/research.md](../../rules/common/research.md) for confidence, contradictions, and source handling.
|
|
9
|
+
|
|
8
10
|
## Steps
|
|
9
11
|
|
|
10
12
|
1. Gather relevant evidence briefs, customer profiles, notes, tickets, research, and product docs.
|
|
@@ -25,3 +27,5 @@ Default threshold for PRD-ready evidence: at least two independent customers, th
|
|
|
25
27
|
## Quality bar
|
|
26
28
|
|
|
27
29
|
Separate asks from requirements. Separate observation from inference. Name what evidence would change the recommendation.
|
|
30
|
+
|
|
31
|
+
When a claim depends on time-sensitive or external information, include the date or version basis. If evidence conflicts, state the counter-signal explicitly instead of averaging it away.
|
|
@@ -7,19 +7,34 @@ Use when: the user asks to research a topic, investigate a question, or gather e
|
|
|
7
7
|
|
|
8
8
|
Use when: the user asks to research a topic, investigate a question, or gather evidence for a decision.
|
|
9
9
|
|
|
10
|
+
Follow [rules/common/research.md](../../rules/common/research.md) as the default policy.
|
|
11
|
+
|
|
10
12
|
## Steps
|
|
11
13
|
|
|
12
|
-
1. **Clarify the question** — one specific question the research must answer
|
|
13
|
-
2. **
|
|
14
|
-
|
|
15
|
-
-
|
|
16
|
-
|
|
17
|
-
4. **
|
|
18
|
-
|
|
14
|
+
1. **Clarify the question** — one specific, falsifiable question the research must answer.
|
|
15
|
+
2. **Check internal evidence first** — search `.cx/research/`, `.cx/product-intel/`, `docs/prd/`, `docs/meta-prd/`, ADRs, runbooks, and ingested artifacts before going external.
|
|
16
|
+
3. **Choose the research path**:
|
|
17
|
+
- Library/API/framework/version questions → primary vendor docs, source code, changelogs, exact-version references
|
|
18
|
+
- Market, competitive, policy, or general evidence → cx-researcher using primary sources first
|
|
19
|
+
4. **Use a source hierarchy**:
|
|
20
|
+
- Primary: official docs, exact-version API references, standards, source code
|
|
21
|
+
- Secondary: changelogs, migration guides, maintainer issue comments
|
|
22
|
+
- Tertiary: blogs/forums/Q&A only to locate primaries
|
|
23
|
+
5. **Structure findings** using the template from `get_template("research-brief")` — resolves `.cx/templates/docs/research-brief.md` (override) then `templates/docs/research-brief.md` (shipped)
|
|
24
|
+
6. **Write to `.cx/research/{topic-slug}.md`** — cx-docs-keeper owns this
|
|
25
|
+
7. **Reference the research doc** in the requesting agent's output (link by path)
|
|
26
|
+
|
|
27
|
+
## Verification bar
|
|
28
|
+
|
|
29
|
+
- Every load-bearing claim must cite a source path, URL, or document reference.
|
|
30
|
+
- Record publication date, version, or access date for each source.
|
|
31
|
+
- Separate observation from inference.
|
|
32
|
+
- Name contradictions and unresolved gaps.
|
|
33
|
+
- Prefer two independent sources per load-bearing claim unless one authoritative primary source is sufficient.
|
|
19
34
|
|
|
20
35
|
## File naming
|
|
21
36
|
- Topic slug: lowercase, hyphens, no spaces — e.g., `firebase-auth-v9-migration.md`
|
|
22
|
-
- Date prefix for time-sensitive research: `2026-04-
|
|
37
|
+
- Date prefix for time-sensitive research: `2026-04-release-comparison.md`
|
|
23
38
|
|
|
24
39
|
## When research feeds a decision
|
|
25
40
|
→ Also create `.cx/decisions/ADR-{NNN}-{slug}.md` referencing the research doc
|
|
@@ -15,7 +15,7 @@ Use when: creating operational procedures for services, alerts, or recurring ope
|
|
|
15
15
|
4. **cx-docs-keeper** adds to `.cx/context.md` if it's a critical path runbook
|
|
16
16
|
|
|
17
17
|
## File naming
|
|
18
|
-
- `docs/runbooks/
|
|
18
|
+
- `docs/runbooks/telemetry-restart.md`
|
|
19
19
|
- `docs/runbooks/db-migration.md`
|
|
20
20
|
- `docs/runbooks/incident-response.md`
|
|
21
21
|
|