@geraldmaron/construct 1.0.12 → 1.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (337) hide show
  1. package/README.md +14 -2
  2. package/bin/construct +262 -14
  3. package/bin/construct-postinstall.mjs +23 -2
  4. package/commands/build/feature.md +0 -6
  5. package/commands/build/fix.md +0 -6
  6. package/commands/design/access.md +0 -6
  7. package/commands/design/flow.md +0 -6
  8. package/commands/design/ui.md +0 -6
  9. package/commands/measure/experiment.md +0 -6
  10. package/commands/measure/metrics.md +0 -6
  11. package/commands/measure/results.md +0 -6
  12. package/commands/plan/api.md +0 -6
  13. package/commands/plan/challenge.md +0 -6
  14. package/commands/plan/decide.md +0 -6
  15. package/commands/plan/feature.md +0 -7
  16. package/commands/plan/requirements.md +0 -6
  17. package/commands/remember/context.md +0 -6
  18. package/commands/remember/handoff.md +0 -6
  19. package/commands/remember/runbook.md +0 -6
  20. package/commands/review/code.md +0 -6
  21. package/commands/review/quality.md +0 -6
  22. package/commands/review/security.md +0 -6
  23. package/commands/ship/ready.md +0 -6
  24. package/commands/ship/release.md +0 -6
  25. package/commands/ship/status.md +0 -6
  26. package/commands/understand/docs.md +0 -6
  27. package/commands/understand/research.md +0 -6
  28. package/commands/understand/this.md +0 -6
  29. package/commands/understand/why.md +0 -6
  30. package/commands/work/clean.md +0 -6
  31. package/commands/work/drive.md +0 -6
  32. package/commands/work/optimize-prompts.md +0 -6
  33. package/commands/work/parallel-review.md +0 -6
  34. package/lib/auto-docs.mjs +11 -7
  35. package/lib/beads-client.mjs +19 -1
  36. package/lib/comment-lint.mjs +5 -1
  37. package/lib/context-state.mjs +15 -3
  38. package/lib/contracts/validate.mjs +54 -10
  39. package/lib/contracts/violation-log.mjs +154 -0
  40. package/lib/dashboard-static.mjs +7 -4
  41. package/lib/doc-stamp.mjs +16 -0
  42. package/lib/docs-verify.mjs +1 -8
  43. package/lib/doctor/watchers/bd-watch.mjs +6 -2
  44. package/lib/document-extract/docling-client.mjs +114 -0
  45. package/lib/document-extract/docling-sidecar.py +122 -0
  46. package/lib/document-extract/whisper-client.mjs +79 -0
  47. package/lib/document-extract.mjs +73 -8
  48. package/lib/document-ingest.mjs +26 -4
  49. package/lib/embed/daemon.mjs +26 -1
  50. package/lib/embed/docs-lifecycle.mjs +19 -0
  51. package/lib/embed/inbox.mjs +85 -2
  52. package/lib/embed/recommendation-store.mjs +29 -0
  53. package/lib/flavors/loader.mjs +1 -1
  54. package/lib/gates-audit.mjs +18 -12
  55. package/lib/handoffs/contract.mjs +2 -2
  56. package/lib/hooks/_lib/input.mjs +52 -0
  57. package/lib/hooks/adaptive-lint.mjs +4 -0
  58. package/lib/hooks/agent-tracker.mjs +59 -15
  59. package/lib/hooks/audit-reads.mjs +83 -42
  60. package/lib/hooks/audit-trail.mjs +28 -18
  61. package/lib/hooks/bash-output-logger.mjs +8 -2
  62. package/lib/hooks/block-no-verify.mjs +4 -0
  63. package/lib/hooks/ci-status-check.mjs +4 -0
  64. package/lib/hooks/comment-lint.mjs +6 -4
  65. package/lib/hooks/config-protection.mjs +4 -0
  66. package/lib/hooks/context-watch.mjs +4 -0
  67. package/lib/hooks/context-window-recovery.mjs +4 -0
  68. package/lib/hooks/dep-audit.mjs +12 -5
  69. package/lib/hooks/doc-coupling-check.mjs +5 -1
  70. package/lib/hooks/edit-accumulator.mjs +25 -10
  71. package/lib/hooks/edit-error-recovery.mjs +4 -0
  72. package/lib/hooks/edit-guard.mjs +4 -0
  73. package/lib/hooks/guard-bash.mjs +4 -0
  74. package/lib/hooks/mcp-audit.mjs +4 -0
  75. package/lib/hooks/mcp-health-check.mjs +4 -0
  76. package/lib/hooks/model-fallback.mjs +7 -11
  77. package/lib/hooks/policy-engine.mjs +4 -0
  78. package/lib/hooks/post-merge-docs-check.mjs +4 -0
  79. package/lib/hooks/post-merge-tracking.mjs +82 -0
  80. package/lib/hooks/pre-compact.mjs +4 -0
  81. package/lib/hooks/pre-push-gate.mjs +84 -231
  82. package/lib/hooks/proactive-activation.mjs +5 -2
  83. package/lib/hooks/readme-age-check.mjs +4 -0
  84. package/lib/hooks/registry-sync.mjs +35 -20
  85. package/lib/hooks/rule-verifier.mjs +3 -0
  86. package/lib/hooks/scan-secrets.mjs +4 -0
  87. package/lib/hooks/session-optimize.mjs +4 -0
  88. package/lib/hooks/session-reflect.mjs +4 -0
  89. package/lib/hooks/session-start.mjs +49 -2
  90. package/lib/hooks/session-tracking-refresh.mjs +70 -0
  91. package/lib/hooks/stop-notify.mjs +13 -2
  92. package/lib/hooks/stop-typecheck.mjs +4 -0
  93. package/lib/hooks/test-watch.mjs +8 -4
  94. package/lib/ingest/chunker.mjs +94 -0
  95. package/lib/ingest/pipeline.mjs +53 -0
  96. package/lib/ingest/store.mjs +82 -0
  97. package/lib/init-unified.mjs +90 -23
  98. package/lib/intake/attribution.mjs +77 -0
  99. package/lib/intake/intake-config.mjs +3 -0
  100. package/lib/intake/manifest.mjs +107 -0
  101. package/lib/intake/poll-lock.mjs +136 -0
  102. package/lib/intake/prepare.mjs +42 -4
  103. package/lib/knowledge/search.mjs +12 -0
  104. package/lib/logging/rotate.mjs +394 -0
  105. package/lib/mcp/server.mjs +142 -1
  106. package/lib/mcp/tools/project.mjs +2 -2
  107. package/lib/mcp/tools/skills.mjs +6 -3
  108. package/lib/mcp/tools/telemetry.mjs +1 -1
  109. package/lib/mcp/tools/workflow.mjs +6 -2
  110. package/lib/observation-store.mjs +14 -5
  111. package/lib/ollama-manager.mjs +32 -28
  112. package/lib/opencode-config.mjs +10 -3
  113. package/lib/orchestration/routing-tables.mjs +176 -0
  114. package/lib/orchestration-policy.mjs +18 -106
  115. package/lib/parity.mjs +48 -7
  116. package/lib/profiles/lifecycle.mjs +19 -1
  117. package/lib/project-init-shared.mjs +11 -5
  118. package/lib/project-root.mjs +104 -0
  119. package/lib/prompt-composer.js +11 -1
  120. package/lib/roles/catalog.mjs +1 -1
  121. package/lib/roles/event-bus.mjs +29 -9
  122. package/lib/roles/router.mjs +8 -7
  123. package/lib/runtime/uv-bootstrap.mjs +129 -0
  124. package/lib/runtime/whisper-bootstrap.mjs +102 -0
  125. package/lib/server/index.mjs +53 -10
  126. package/lib/server/static/index.html +1 -15
  127. package/lib/specialists/postconditions.mjs +1 -1
  128. package/lib/status.mjs +1 -1
  129. package/lib/storage/backup.mjs +2 -2
  130. package/lib/sync/skill-frontmatter.mjs +113 -21
  131. package/lib/telemetry/intent-verifications.mjs +16 -3
  132. package/lib/telemetry/skill-calls.mjs +12 -3
  133. package/lib/tracking-surfaces.mjs +377 -0
  134. package/lib/validators/skills.mjs +86 -54
  135. package/lib/worker/trace.mjs +19 -2
  136. package/package.json +10 -6
  137. package/personas/construct.md +4 -7
  138. package/platforms/claude/settings.template.json +29 -28
  139. package/rules/common/beads-hygiene.md +3 -9
  140. package/rules/common/code-review.md +3 -6
  141. package/rules/common/coding-style.md +3 -6
  142. package/rules/common/comments.md +3 -7
  143. package/rules/common/commit-approval.md +3 -6
  144. package/rules/common/cx-agent-routing.md +3 -7
  145. package/rules/common/cx-skill-routing.md +3 -3
  146. package/rules/common/doc-ownership.md +3 -8
  147. package/rules/common/efficiency.md +3 -8
  148. package/rules/common/framing.md +3 -8
  149. package/rules/common/git-workflow.md +3 -5
  150. package/rules/common/no-fabrication.md +4 -12
  151. package/rules/common/patterns.md +3 -5
  152. package/rules/common/release-gates.md +3 -8
  153. package/rules/common/research.md +3 -8
  154. package/rules/common/review-before-change.md +3 -9
  155. package/rules/common/security.md +3 -6
  156. package/rules/common/skill-composition.md +3 -7
  157. package/rules/common/testing.md +3 -6
  158. package/rules/golang/coding-style.md +1 -5
  159. package/rules/golang/hooks.md +1 -5
  160. package/rules/golang/patterns.md +1 -5
  161. package/rules/golang/security.md +1 -5
  162. package/rules/golang/testing.md +1 -5
  163. package/rules/python/coding-style.md +1 -5
  164. package/rules/python/hooks.md +1 -5
  165. package/rules/python/patterns.md +1 -5
  166. package/rules/python/security.md +1 -5
  167. package/rules/python/testing.md +1 -5
  168. package/rules/swift/coding-style.md +1 -5
  169. package/rules/swift/hooks.md +1 -5
  170. package/rules/swift/patterns.md +1 -5
  171. package/rules/swift/security.md +1 -5
  172. package/rules/swift/testing.md +1 -5
  173. package/rules/typescript/coding-style.md +1 -5
  174. package/rules/typescript/hooks.md +1 -5
  175. package/rules/typescript/patterns.md +1 -5
  176. package/rules/typescript/security.md +1 -5
  177. package/rules/typescript/testing.md +1 -5
  178. package/rules/web/coding-style.md +3 -5
  179. package/rules/web/design-quality.md +3 -5
  180. package/rules/web/hooks.md +3 -5
  181. package/rules/web/patterns.md +3 -5
  182. package/rules/web/performance.md +3 -5
  183. package/rules/web/security.md +3 -5
  184. package/rules/web/testing.md +3 -5
  185. package/scripts/sync-specialists.mjs +269 -75
  186. package/skills/ai/agent-dev.md +4 -5
  187. package/skills/ai/llm-security.md +4 -5
  188. package/skills/ai/ml-ops.md +4 -5
  189. package/skills/ai/orchestration-workflow.md +4 -5
  190. package/skills/ai/prompt-and-eval.md +4 -5
  191. package/skills/ai/prompt-optimizer.md +4 -6
  192. package/skills/ai/rag-system.md +4 -5
  193. package/skills/architecture/api-design.md +4 -5
  194. package/skills/architecture/caching.md +4 -5
  195. package/skills/architecture/cloud-native.md +4 -5
  196. package/skills/architecture/message-queue.md +4 -5
  197. package/skills/architecture/security-arch.md +4 -5
  198. package/skills/compliance/ai-disclosure.md +4 -5
  199. package/skills/compliance/data-privacy.md +4 -5
  200. package/skills/compliance/license-audit.md +4 -5
  201. package/skills/compliance/regulatory-review.md +4 -5
  202. package/skills/development/cpp.md +4 -5
  203. package/skills/development/go.md +4 -5
  204. package/skills/development/java.md +4 -5
  205. package/skills/development/kotlin.md +4 -5
  206. package/skills/development/mobile-crossplatform.md +4 -5
  207. package/skills/development/python.md +4 -5
  208. package/skills/development/rust.md +4 -5
  209. package/skills/development/shell.md +4 -5
  210. package/skills/development/swift.md +4 -5
  211. package/skills/development/typescript.md +4 -5
  212. package/skills/devops/ci-cd.md +4 -5
  213. package/skills/devops/containerization.md +4 -5
  214. package/skills/devops/cost-optimization.md +4 -5
  215. package/skills/devops/data-engineering.md +4 -5
  216. package/skills/devops/database.md +4 -5
  217. package/skills/devops/dependency-management.md +4 -5
  218. package/skills/devops/devsecops.md +4 -5
  219. package/skills/devops/git-workflow.md +4 -5
  220. package/skills/devops/incident-response.md +4 -5
  221. package/skills/devops/monorepo.md +4 -5
  222. package/skills/devops/observability.md +4 -5
  223. package/skills/devops/performance.md +4 -5
  224. package/skills/devops/testing.md +4 -5
  225. package/skills/docs/adr-workflow.md +4 -7
  226. package/skills/docs/backlog-proposal-workflow.md +4 -3
  227. package/skills/docs/customer-profile-workflow.md +4 -3
  228. package/skills/docs/document-ingest-workflow.md +4 -3
  229. package/skills/docs/evidence-ingest-workflow.md +4 -3
  230. package/skills/docs/init-docs.md +4 -5
  231. package/skills/docs/init-project.md +4 -5
  232. package/skills/docs/prd-workflow.md +4 -7
  233. package/skills/docs/prfaq-workflow.md +4 -3
  234. package/skills/docs/product-intelligence-review.md +4 -3
  235. package/skills/docs/product-intelligence-workflow.md +4 -6
  236. package/skills/docs/product-signal-workflow.md +4 -5
  237. package/skills/docs/research-workflow.md +4 -5
  238. package/skills/docs/runbook-workflow.md +4 -5
  239. package/skills/docs/strategy-workflow.md +4 -5
  240. package/skills/exploration/dependency-graph-reading.md +4 -7
  241. package/skills/exploration/repo-map.md +4 -5
  242. package/skills/exploration/tracer-bullet-method.md +4 -7
  243. package/skills/exploration/unknown-codebase-onboarding.md +4 -7
  244. package/skills/frameworks/django.md +4 -5
  245. package/skills/frameworks/nextjs.md +4 -5
  246. package/skills/frameworks/react.md +4 -5
  247. package/skills/frameworks/spring-boot.md +4 -5
  248. package/skills/frontend-design/accessibility.md +4 -5
  249. package/skills/frontend-design/component-patterns.md +4 -5
  250. package/skills/frontend-design/engineering.md +4 -5
  251. package/skills/frontend-design/state-management.md +4 -5
  252. package/skills/frontend-design/ui-aesthetics.md +4 -5
  253. package/skills/frontend-design/ux-principles.md +4 -5
  254. package/skills/operating/change-management.md +4 -8
  255. package/skills/operating/incident-response.md +4 -8
  256. package/skills/operating/oncall-rotation.md +4 -7
  257. package/skills/operating/orchestration-reference.md +4 -10
  258. package/skills/quality-gates/review-work.md +4 -5
  259. package/skills/quality-gates/verify-change.md +4 -5
  260. package/skills/quality-gates/verify-module.md +4 -5
  261. package/skills/quality-gates/verify-quality.md +4 -5
  262. package/skills/quality-gates/verify-security.md +4 -5
  263. package/skills/roles/architect.ai-systems.md +6 -9
  264. package/skills/roles/architect.data.md +6 -9
  265. package/skills/roles/architect.enterprise.md +6 -9
  266. package/skills/roles/architect.integration.md +6 -9
  267. package/skills/roles/architect.md +7 -14
  268. package/skills/roles/architect.platform.md +6 -9
  269. package/skills/roles/data-analyst.experiment.md +6 -9
  270. package/skills/roles/data-analyst.md +6 -9
  271. package/skills/roles/data-analyst.product-intelligence.md +7 -9
  272. package/skills/roles/data-analyst.product.md +6 -9
  273. package/skills/roles/data-analyst.telemetry.md +7 -9
  274. package/skills/roles/data-engineer.pipeline.md +6 -9
  275. package/skills/roles/data-engineer.vector-retrieval.md +7 -9
  276. package/skills/roles/data-engineer.warehouse.md +6 -9
  277. package/skills/roles/debugger.md +6 -9
  278. package/skills/roles/designer.accessibility.md +6 -9
  279. package/skills/roles/designer.md +7 -9
  280. package/skills/roles/engineer.ai.md +6 -9
  281. package/skills/roles/engineer.data.md +6 -9
  282. package/skills/roles/engineer.md +9 -9
  283. package/skills/roles/engineer.platform.md +6 -9
  284. package/skills/roles/operator.docs.md +6 -9
  285. package/skills/roles/operator.md +9 -9
  286. package/skills/roles/operator.release.md +6 -9
  287. package/skills/roles/operator.sre.md +6 -9
  288. package/skills/roles/orchestrator.md +6 -9
  289. package/skills/roles/product-manager.ai-product.md +6 -9
  290. package/skills/roles/product-manager.business-strategy.md +6 -9
  291. package/skills/roles/product-manager.enterprise.md +6 -9
  292. package/skills/roles/product-manager.growth.md +7 -9
  293. package/skills/roles/product-manager.md +7 -9
  294. package/skills/roles/product-manager.platform.md +6 -9
  295. package/skills/roles/product-manager.product.md +6 -9
  296. package/skills/roles/qa.ai-eval.md +8 -9
  297. package/skills/roles/qa.api-contract.md +7 -9
  298. package/skills/roles/qa.data-pipeline.md +7 -9
  299. package/skills/roles/qa.md +7 -9
  300. package/skills/roles/qa.test-automation.md +6 -9
  301. package/skills/roles/qa.web-ui.md +7 -9
  302. package/skills/roles/researcher.explorer.md +6 -9
  303. package/skills/roles/researcher.md +8 -9
  304. package/skills/roles/researcher.ux.md +6 -9
  305. package/skills/roles/reviewer.devil-advocate.md +6 -9
  306. package/skills/roles/reviewer.evaluator.md +6 -9
  307. package/skills/roles/reviewer.md +9 -9
  308. package/skills/roles/reviewer.trace.md +6 -9
  309. package/skills/roles/security.ai.md +7 -9
  310. package/skills/roles/security.appsec.md +6 -9
  311. package/skills/roles/security.cloud.md +6 -9
  312. package/skills/roles/security.legal-compliance.md +6 -9
  313. package/skills/roles/security.md +7 -9
  314. package/skills/roles/security.privacy.md +7 -9
  315. package/skills/roles/security.supply-chain.md +7 -9
  316. package/skills/security/blue-team.md +4 -5
  317. package/skills/security/code-audit.md +4 -5
  318. package/skills/security/pentest.md +4 -5
  319. package/skills/security/red-team.md +4 -5
  320. package/skills/security/threat-intel.md +4 -5
  321. package/skills/security/vuln-research.md +4 -5
  322. package/skills/strategy/competitive-landscape.md +4 -8
  323. package/skills/strategy/market-research-methods.md +4 -8
  324. package/skills/strategy/narrative-arc.md +4 -8
  325. package/skills/strategy/pricing-positioning.md +4 -8
  326. package/skills/utility/clean-code.md +4 -5
  327. package/specialists/policy-inventory.json +14 -0
  328. package/specialists/registry.json +158 -13
  329. package/lib/hooks/env-check.mjs +0 -83
  330. package/lib/hooks/read-tracker.mjs +0 -61
  331. package/lib/policy/unified-gates.mjs +0 -96
  332. package/lib/server/static/assets/index-ab25c707.js +0 -70
  333. package/lib/server/static/assets/index-f0c80a2b.css +0 -1
  334. package/lib/specialist-contracts-enforce.mjs +0 -158
  335. package/rules/common/agents.md +0 -28
  336. package/rules/common/development-workflow.md +0 -32
  337. package/rules/common/performance.md +0 -55
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/qa.test-automation.md. Anti-pattern guidance for the Qa.test-automation (test automation) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the qa.test-automation (test automation) domain and counter-moves to avoid them.
6
- Applies to: cx-test-automation.
7
- -->
8
1
  ---
2
+ name: roles-qa-test-automation
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the QA — Test Automation role. Use when reviewing or generating work by cx-test-automation, or when an agent is acting in the QA — Test Automation role.
9
4
  role: qa.test-automation
10
- applies_to: [cx-test-automation]
5
+ applies_to:
6
+ - cx-test-automation
11
7
  inherits: qa
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Test Automation Overlay
@@ -1,16 +1,14 @@
1
- <!--
2
- skills/roles/qa.web-ui.md. Anti-pattern guidance for the Qa.web-ui (web ui) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the qa.web-ui (web ui) domain and counter-moves to avoid them.
6
- Applies to: cx-qa, cx-test-automation.
7
- -->
8
1
  ---
2
+ name: roles-qa-web-ui
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the QA — Web UI role. Use when reviewing or generating work by cx-qa, cx-test-automation, or when an agent is acting in the QA — Web UI role.
9
4
  role: qa.web-ui
10
- applies_to: [cx-qa, cx-test-automation]
5
+ applies_to:
6
+ - cx-qa
7
+ - cx-test-automation
11
8
  inherits: qa
12
9
  version: 2
13
- profiles: [rnd]
10
+ profiles:
11
+ - rnd
14
12
  cap: 1
15
13
  ---
16
14
  # Web UI QA Overlay
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/researcher.explorer.md. Anti-pattern guidance for the Researcher.explorer (explorer) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the researcher.explorer (explorer) domain and counter-moves to avoid them.
6
- Applies to: cx-explorer.
7
- -->
8
1
  ---
2
+ name: roles-researcher-explorer
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Researcher — Explorer role. Use when reviewing or generating work by cx-explorer, or when an agent is acting in the Researcher — Explorer role.
9
4
  role: researcher.explorer
10
- applies_to: [cx-explorer]
5
+ applies_to:
6
+ - cx-explorer
11
7
  inherits: researcher
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Codebase Explorer Overlay
@@ -1,16 +1,15 @@
1
- <!--
2
- skills/roles/researcher.md. Anti-pattern guidance for the Researcher role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the researcher domain and counter-moves to avoid them.
6
- Applies to: cx-researcher, cx-ux-researcher, cx-explorer.
7
- -->
8
1
  ---
2
+ name: roles-researcher
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Researcher role. Use when reviewing or generating work by cx-researcher, cx-ux-researcher, cx-explorer, or when an agent is acting in the Researcher role.
9
4
  role: researcher
10
- applies_to: [cx-researcher, cx-ux-researcher, cx-explorer]
5
+ applies_to:
6
+ - cx-researcher
7
+ - cx-ux-researcher
8
+ - cx-explorer
11
9
  inherits: null
12
10
  version: 2
13
- profiles: [rnd]
11
+ profiles:
12
+ - rnd
14
13
  cap: 1
15
14
  ---
16
15
  # Researcher. Role guidance
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/researcher.ux.md. Anti-pattern guidance for the Researcher.ux (ux) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the researcher.ux (ux) domain and counter-moves to avoid them.
6
- Applies to: cx-ux-researcher.
7
- -->
8
1
  ---
2
+ name: roles-researcher-ux
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Researcher — UX role. Use when reviewing or generating work by cx-ux-researcher, or when an agent is acting in the Researcher — UX role.
9
4
  role: researcher.ux
10
- applies_to: [cx-ux-researcher]
5
+ applies_to:
6
+ - cx-ux-researcher
11
7
  inherits: researcher
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # UX Researcher Overlay
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/reviewer.devil-advocate.md. Anti-pattern guidance for the Reviewer.devil-advocate (devil advocate) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the reviewer.devil-advocate (devil advocate) domain and counter-moves to avoid them.
6
- Applies to: cx-devil-advocate.
7
- -->
8
1
  ---
2
+ name: roles-reviewer-devil-advocate
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Reviewer — Devil Advocate role. Use when reviewing or generating work by cx-devil-advocate, or when an agent is acting in the Reviewer — Devil Advocate role.
9
4
  role: reviewer.devil-advocate
10
- applies_to: [cx-devil-advocate]
5
+ applies_to:
6
+ - cx-devil-advocate
11
7
  inherits: reviewer
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Devil's Advocate Overlay
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/reviewer.evaluator.md. Anti-pattern guidance for the Reviewer.evaluator (evaluator) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the reviewer.evaluator (evaluator) domain and counter-moves to avoid them.
6
- Applies to: cx-evaluator.
7
- -->
8
1
  ---
2
+ name: roles-reviewer-evaluator
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Reviewer — Evaluator role. Use when reviewing or generating work by cx-evaluator, or when an agent is acting in the Reviewer — Evaluator role.
9
4
  role: reviewer.evaluator
10
- applies_to: [cx-evaluator]
5
+ applies_to:
6
+ - cx-evaluator
11
7
  inherits: reviewer
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Evaluator Overlay
@@ -1,16 +1,16 @@
1
- <!--
2
- skills/roles/reviewer.md. Anti-pattern guidance for the Reviewer role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the reviewer domain and counter-moves to avoid them.
6
- Applies to: cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer.
7
- -->
8
1
  ---
2
+ name: roles-reviewer
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Reviewer role. Use when reviewing or generating work by cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer, or when an agent is acting in the Reviewer role.
9
4
  role: reviewer
10
- applies_to: [cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer]
5
+ applies_to:
6
+ - cx-reviewer
7
+ - cx-devil-advocate
8
+ - cx-evaluator
9
+ - cx-trace-reviewer
11
10
  inherits: null
12
11
  version: 2
13
- profiles: [rnd]
12
+ profiles:
13
+ - rnd
14
14
  cap: 1
15
15
  ---
16
16
  # Reviewer. Role guidance
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/reviewer.trace.md. Anti-pattern guidance for the Reviewer.trace (trace) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the reviewer.trace (trace) domain and counter-moves to avoid them.
6
- Applies to: cx-trace-reviewer.
7
- -->
8
1
  ---
2
+ name: roles-reviewer-trace
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Reviewer — Trace role. Use when reviewing or generating work by cx-trace-reviewer, or when an agent is acting in the Reviewer — Trace role.
9
4
  role: reviewer.trace
10
- applies_to: [cx-trace-reviewer]
5
+ applies_to:
6
+ - cx-trace-reviewer
11
7
  inherits: reviewer
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Trace Reviewer Overlay
@@ -1,16 +1,14 @@
1
- <!--
2
- skills/roles/security.ai.md. Anti-pattern guidance for the Security.ai (ai) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security.ai (ai) domain and counter-moves to avoid them.
6
- Applies to: cx-security, cx-ai-engineer.
7
- -->
8
1
  ---
2
+ name: roles-security-ai
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security — AI role. Use when reviewing or generating work by cx-security, cx-ai-engineer, or when an agent is acting in the Security — AI role.
9
4
  role: security.ai
10
- applies_to: [cx-security, cx-ai-engineer]
5
+ applies_to:
6
+ - cx-security
7
+ - cx-ai-engineer
11
8
  inherits: security
12
9
  version: 2
13
- profiles: [rnd]
10
+ profiles:
11
+ - rnd
14
12
  cap: 1
15
13
  ---
16
14
  # AI Security Overlay
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/security.appsec.md. Anti-pattern guidance for the Security.appsec (appsec) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security.appsec (appsec) domain and counter-moves to avoid them.
6
- Applies to: cx-security.
7
- -->
8
1
  ---
2
+ name: roles-security-appsec
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security — Appsec role. Use when reviewing or generating work by cx-security, or when an agent is acting in the Security — Appsec role.
9
4
  role: security.appsec
10
- applies_to: [cx-security]
5
+ applies_to:
6
+ - cx-security
11
7
  inherits: security
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # AppSec Overlay
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/security.cloud.md. Anti-pattern guidance for the Security.cloud (cloud) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security.cloud (cloud) domain and counter-moves to avoid them.
6
- Applies to: cx-security.
7
- -->
8
1
  ---
2
+ name: roles-security-cloud
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security — Cloud role. Use when reviewing or generating work by cx-security, or when an agent is acting in the Security — Cloud role.
9
4
  role: security.cloud
10
- applies_to: [cx-security]
5
+ applies_to:
6
+ - cx-security
11
7
  inherits: security
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Cloud Security Overlay
@@ -1,16 +1,13 @@
1
- <!--
2
- skills/roles/security.legal-compliance.md. Anti-pattern guidance for the Security.legal-compliance (legal compliance) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security.legal-compliance (legal compliance) domain and counter-moves to avoid them.
6
- Applies to: cx-legal-compliance.
7
- -->
8
1
  ---
2
+ name: roles-security-legal-compliance
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security — Legal Compliance role. Use when reviewing or generating work by cx-legal-compliance, or when an agent is acting in the Security — Legal Compliance role.
9
4
  role: security.legal-compliance
10
- applies_to: [cx-legal-compliance]
5
+ applies_to:
6
+ - cx-legal-compliance
11
7
  inherits: security
12
8
  version: 2
13
- profiles: [rnd]
9
+ profiles:
10
+ - rnd
14
11
  cap: 1
15
12
  ---
16
13
  # Legal & Compliance Overlay
@@ -1,16 +1,14 @@
1
- <!--
2
- skills/roles/security.md. Anti-pattern guidance for the Security role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security domain and counter-moves to avoid them.
6
- Applies to: cx-security, cx-legal-compliance.
7
- -->
8
1
  ---
2
+ name: roles-security
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security role. Use when reviewing or generating work by cx-security, cx-legal-compliance, or when an agent is acting in the Security role.
9
4
  role: security
10
- applies_to: [cx-security, cx-legal-compliance]
5
+ applies_to:
6
+ - cx-security
7
+ - cx-legal-compliance
11
8
  inherits: null
12
9
  version: 2
13
- profiles: [rnd]
10
+ profiles:
11
+ - rnd
14
12
  cap: 1
15
13
  ---
16
14
  # Security. Role guidance
@@ -1,16 +1,14 @@
1
- <!--
2
- skills/roles/security.privacy.md. Anti-pattern guidance for the Security.privacy (privacy) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security.privacy (privacy) domain and counter-moves to avoid them.
6
- Applies to: cx-security, cx-legal-compliance.
7
- -->
8
1
  ---
2
+ name: roles-security-privacy
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security — Privacy role. Use when reviewing or generating work by cx-security, cx-legal-compliance, or when an agent is acting in the Security — Privacy role.
9
4
  role: security.privacy
10
- applies_to: [cx-security, cx-legal-compliance]
5
+ applies_to:
6
+ - cx-security
7
+ - cx-legal-compliance
11
8
  inherits: security
12
9
  version: 2
13
- profiles: [rnd]
10
+ profiles:
11
+ - rnd
14
12
  cap: 1
15
13
  ---
16
14
  # Privacy Security Overlay
@@ -1,16 +1,14 @@
1
- <!--
2
- skills/roles/security.supply-chain.md. Anti-pattern guidance for the Security.supply-chain (supply chain) role.
3
-
4
- Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
5
- Covers common failure modes for the security.supply-chain (supply chain) domain and counter-moves to avoid them.
6
- Applies to: cx-security, cx-platform-engineer.
7
- -->
8
1
  ---
2
+ name: roles-security-supply-chain
3
+ description: Surfaces anti-patterns, failure modes, and counter-moves specific to the Security — Supply Chain role. Use when reviewing or generating work by cx-security, cx-platform-engineer, or when an agent is acting in the Security — Supply Chain role.
9
4
  role: security.supply-chain
10
- applies_to: [cx-security, cx-platform-engineer]
5
+ applies_to:
6
+ - cx-security
7
+ - cx-platform-engineer
11
8
  inherits: security
12
9
  version: 2
13
- profiles: [rnd]
10
+ profiles:
11
+ - rnd
14
12
  cap: 1
15
13
  ---
16
14
  # Supply Chain Security Overlay
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/security/blue-team.md (Blue Team) Use this skill when defending systems, responding to incidents, or building dete
3
-
4
- Use this skill when defending systems, responding to incidents, or building detection and monitoring capabilities. ## Detection Engineering
5
- -->
1
+ ---
2
+ name: security-blue-team
3
+ description: Use this skill when defending systems, responding to incidents, or building detection and monitoring capabilities.
4
+ ---
6
5
  # Blue Team
7
6
 
8
7
  Use this skill when defending systems, responding to incidents, or building detection and monitoring capabilities.
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/security/code-audit.md (Code Audit) Use this skill when reviewing source code for security vulnerabilities through s
3
-
4
- Use this skill when reviewing source code for security vulnerabilities through static analysis. ## Taint Analysis
5
- -->
1
+ ---
2
+ name: security-code-audit
3
+ description: Use this skill when reviewing source code for security vulnerabilities through static analysis.
4
+ ---
6
5
  # Code Audit
7
6
 
8
7
  Use this skill when reviewing source code for security vulnerabilities through static analysis.
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/security/pentest.md (Penetration Testing) Use this skill when testing web applications or APIs for security vulnerabilitie
3
-
4
- Use this skill when testing web applications or APIs for security vulnerabilities. ## OWASP Top 10 Checklist
5
- -->
1
+ ---
2
+ name: security-pentest
3
+ description: Use this skill when testing web applications or APIs for security vulnerabilities.
4
+ ---
6
5
  # Penetration Testing
7
6
 
8
7
  Use this skill when testing web applications or APIs for security vulnerabilities.
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/security/red-team.md (Red Team) Use this skill when planning or executing offensive security assessments, advers
3
-
4
- Use this skill when planning or executing offensive security assessments, adversary emulation, or attack simulations. ## Reconnaissance
5
- -->
1
+ ---
2
+ name: security-red-team
3
+ description: Use this skill when planning or executing offensive security assessments, adversary emulation, or attack simulations.
4
+ ---
6
5
  # Red Team
7
6
 
8
7
  Use this skill when planning or executing offensive security assessments, adversary emulation, or attack simulations.
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/security/threat-intel.md (Threat Intelligence) Use this skill when performing OSINT, threat modeling, or building threat intell
3
-
4
- Use this skill when performing OSINT, threat modeling, or building threat intelligence programs. ## OSINT Collection
5
- -->
1
+ ---
2
+ name: security-threat-intel
3
+ description: Use this skill when performing OSINT, threat modeling, or building threat intelligence programs.
4
+ ---
6
5
  # Threat Intelligence
7
6
 
8
7
  Use this skill when performing OSINT, threat modeling, or building threat intelligence programs.
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/security/vuln-research.md (Vulnerability Research) Use this skill when analyzing binaries, fuzzing software, or developing exploits
3
-
4
- Use this skill when analyzing binaries, fuzzing software, or developing exploits for security research. ## Binary Analysis
5
- -->
1
+ ---
2
+ name: security-vuln-research
3
+ description: Use this skill when analyzing binaries, fuzzing software, or developing exploits for security research.
4
+ ---
6
5
  # Vulnerability Research
7
6
 
8
7
  Use this skill when analyzing binaries, fuzzing software, or developing exploits for security research.
@@ -1,11 +1,7 @@
1
- <!--
2
- skills/strategy/competitive-landscape.md (Competitive Landscape Analysis)
3
- Use when the team needs a structured read on where competitors sit, what
4
- customers have already decided, and where defensible whitespace exists.
5
- Covers Porter Five Forces, Jobs-to-be-Done framing, and competitive
6
- response sequencing.
7
- -->
8
-
1
+ ---
2
+ name: strategy-competitive-landscape
3
+ description: Use when the team needs a structured read on market positioning before committing direction.
4
+ ---
9
5
  # Competitive Landscape Analysis
10
6
 
11
7
  Use when the team needs a structured read on market positioning before committing direction.
@@ -1,11 +1,7 @@
1
- <!--
2
- skills/strategy/market-research-methods.md (Market Research Methods)
3
- Use when planning customer discovery, validating product direction, or
4
- sizing a market. Covers qualitative and quantitative methods, JTBD
5
- interview technique, survey design traps, and research-to-decision
6
- handoff.
7
- -->
8
-
1
+ ---
2
+ name: strategy-market-research-methods
3
+ description: Use when the team needs to validate assumptions before committing resources, or when a decision is being made on vibes rather than signal.
4
+ ---
9
5
  # Market Research Methods
10
6
 
11
7
  Use when the team needs to validate assumptions before committing resources, or when a decision is being made on vibes rather than signal.
@@ -1,11 +1,7 @@
1
- <!--
2
- skills/strategy/narrative-arc.md (Strategic Narrative Construction)
3
- Use when drafting a strategy memo, PRD positioning section, board update,
4
- or fundraising narrative. Covers Andy Raskin's strategic narrative
5
- structure, the five components of a compelling story, and common failure
6
- modes in executive communication.
7
- -->
8
-
1
+ ---
2
+ name: strategy-narrative-arc
3
+ description: Use when the argument must move people, not just inform them. Strategic narrative is the difference between a document that gets read and one that changes what people do.
4
+ ---
9
5
  # Strategic Narrative Construction
10
6
 
11
7
  Use when the argument must move people, not just inform them. Strategic narrative is the difference between a document that gets read and one that changes what people do.
@@ -1,11 +1,7 @@
1
- <!--
2
- skills/strategy/pricing-positioning.md (Pricing and Positioning)
3
- Use when setting or revisiting price, defining positioning vs. competitors,
4
- or preparing a go-to-market argument. Covers value-based vs. cost-plus
5
- pricing, willingness-to-pay research techniques, and positioning statement
6
- construction.
7
- -->
8
-
1
+ ---
2
+ name: strategy-pricing-positioning
3
+ description: Use when the team needs to set price, adjust positioning, or defend either to stakeholders.
4
+ ---
9
5
  # Pricing and Positioning
10
6
 
11
7
  Use when the team needs to set price, adjust positioning, or defend either to stakeholders.
@@ -1,8 +1,7 @@
1
- <!--
2
- skills/utility/clean-code.md (AI Slop Removal) Patterns and heuristics for identifying and removing AI-generated code smells. U
3
-
4
- Patterns and heuristics for identifying and removing AI-generated code smells. Use when cleaning up output from AI coding tools. ## Decision Tree
5
- -->
1
+ ---
2
+ name: utility-clean-code
3
+ description: Patterns and heuristics for identifying and removing AI-generated code smells. Use when cleaning up output from AI coding tools.
4
+ ---
6
5
  # AI Slop Removal
7
6
 
8
7
  Patterns and heuristics for identifying and removing AI-generated code smells. Use when cleaning up output from AI coding tools.
@@ -155,6 +155,20 @@
155
155
  "enforcement": "(persona prompt)",
156
156
  "mode": "honor-system",
157
157
  "description": "Architectural pattern guidance (module boundaries, error handling, async contracts) applied at authoring time."
158
+ },
159
+ {
160
+ "id": "review-before-change",
161
+ "source": "rules/common/review-before-change.md",
162
+ "enforcement": "(persona prompt)",
163
+ "mode": "honor-system",
164
+ "description": "Requires an existing-artifact audit before authoring or rewriting any durable doc, rule, template, or PRD/ADR/RFC. Extend or supersede; do not duplicate."
165
+ },
166
+ {
167
+ "id": "session-efficiency",
168
+ "source": "rules/common/efficiency.md",
169
+ "enforcement": "lib/read-tracker-store.mjs + session-start digest",
170
+ "mode": "deterministic",
171
+ "description": "Read discipline, probe-before-bulk-read, and tool parallelism rules. Read counts tracked per-file; the session-start efficiency digest surfaces files crossing the re-read threshold."
158
172
  }
159
173
  ]
160
174
  }