@geraldmaron/construct 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +51 -42
- package/bin/construct +256 -4
- package/commands/understand/research.md +5 -3
- package/lib/auto-docs.mjs +2 -2
- package/lib/cli-commands.mjs +44 -0
- package/lib/comment-lint.mjs +7 -1
- package/lib/config/schema.mjs +3 -0
- package/lib/flavors/loader.mjs +136 -0
- package/lib/hooks/agent-tracker.mjs +22 -3
- package/lib/hooks/pre-push-gate.mjs +14 -1
- package/lib/hooks/session-optimize.mjs +3 -2
- package/lib/hooks/session-reflect.mjs +68 -0
- package/lib/init-unified.mjs +25 -2
- package/lib/intake/classify.mjs +61 -183
- package/lib/intake/prepare.mjs +7 -0
- package/lib/intake/tables/creative.mjs +94 -0
- package/lib/intake/tables/operations.mjs +85 -0
- package/lib/intake/tables/research.mjs +85 -0
- package/lib/intake/tables/rnd.mjs +175 -0
- package/lib/knowledge/research-store.mjs +109 -0
- package/lib/observation-store.mjs +19 -0
- package/lib/outcomes/aggregate.mjs +104 -0
- package/lib/outcomes/record.mjs +115 -0
- package/lib/parity.mjs +6 -9
- package/lib/profiles/lifecycle.mjs +388 -0
- package/lib/profiles/loader.mjs +123 -0
- package/lib/profiles/validate-custom.mjs +114 -0
- package/lib/reflect/extractor.mjs +193 -0
- package/lib/reflect.mjs +89 -2
- package/lib/sandbox.mjs +102 -0
- package/package.json +6 -1
- package/personas/construct.md +20 -20
- package/platforms/claude/settings.template.json +13 -0
- package/scripts/sync-agents.mjs +11 -0
- package/skills/roles/architect.ai-systems.md +4 -2
- package/skills/roles/architect.data.md +4 -2
- package/skills/roles/architect.enterprise.md +4 -2
- package/skills/roles/architect.integration.md +4 -2
- package/skills/roles/architect.md +7 -5
- package/skills/roles/architect.platform.md +4 -2
- package/skills/roles/data-analyst.experiment.md +4 -2
- package/skills/roles/data-analyst.md +9 -7
- package/skills/roles/data-analyst.product-intelligence.md +4 -2
- package/skills/roles/data-analyst.product.md +4 -2
- package/skills/roles/data-analyst.telemetry.md +4 -2
- package/skills/roles/data-engineer.pipeline.md +4 -2
- package/skills/roles/data-engineer.vector-retrieval.md +4 -2
- package/skills/roles/data-engineer.warehouse.md +4 -2
- package/skills/roles/debugger.md +7 -5
- package/skills/roles/designer.accessibility.md +4 -2
- package/skills/roles/designer.md +10 -8
- package/skills/roles/engineer.ai.md +4 -2
- package/skills/roles/engineer.data.md +5 -3
- package/skills/roles/engineer.md +14 -12
- package/skills/roles/engineer.platform.md +5 -3
- package/skills/roles/operator.docs.md +6 -4
- package/skills/roles/operator.md +6 -4
- package/skills/roles/operator.release.md +4 -2
- package/skills/roles/operator.sre.md +5 -3
- package/skills/roles/orchestrator.md +5 -3
- package/skills/roles/product-manager.ai-product.md +4 -2
- package/skills/roles/product-manager.business-strategy.md +4 -2
- package/skills/roles/product-manager.enterprise.md +4 -2
- package/skills/roles/product-manager.growth.md +4 -2
- package/skills/roles/product-manager.md +6 -4
- package/skills/roles/product-manager.platform.md +4 -2
- package/skills/roles/product-manager.product.md +4 -2
- package/skills/roles/qa.ai-eval.md +4 -2
- package/skills/roles/qa.api-contract.md +4 -2
- package/skills/roles/qa.data-pipeline.md +4 -2
- package/skills/roles/qa.md +7 -5
- package/skills/roles/qa.test-automation.md +5 -3
- package/skills/roles/qa.web-ui.md +4 -2
- package/skills/roles/researcher.explorer.md +4 -2
- package/skills/roles/researcher.md +11 -9
- package/skills/roles/researcher.ux.md +4 -2
- package/skills/roles/reviewer.devil-advocate.md +4 -2
- package/skills/roles/reviewer.evaluator.md +4 -2
- package/skills/roles/reviewer.md +14 -12
- package/skills/roles/reviewer.trace.md +4 -2
- package/skills/roles/security.ai.md +4 -2
- package/skills/roles/security.appsec.md +4 -2
- package/skills/roles/security.cloud.md +4 -2
- package/skills/roles/security.legal-compliance.md +4 -2
- package/skills/roles/security.md +7 -5
- package/skills/roles/security.privacy.md +4 -2
- package/skills/roles/security.supply-chain.md +4 -2
- package/templates/docs/persona-artifact.md +36 -0
- package/templates/docs/research-finding.md +26 -0
- package/templates/docs/skill-artifact.md +27 -0
package/skills/roles/reviewer.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/reviewer.md
|
|
2
|
+
skills/roles/reviewer.md. Anti-pattern guidance for the Reviewer role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the reviewer domain and counter-moves to avoid them.
|
|
@@ -9,17 +9,19 @@ Applies to: cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer.
|
|
|
9
9
|
role: reviewer
|
|
10
10
|
applies_to: [cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# Reviewer
|
|
16
|
+
# Reviewer. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Nit-picking over structure
|
|
20
|
-
**Symptom**: the review focuses on variable names and formatting while leaving the structural problem
|
|
22
|
+
**Symptom**: the review focuses on variable names and formatting while leaving the structural problem. wrong abstraction, missing tests, unsafe concurrency. unflagged.
|
|
21
23
|
**Why it fails**: the author fixes the surface and ships the real bug. The reviewer signals thoroughness while providing no real coverage.
|
|
22
|
-
**Counter-move**: audit structure first
|
|
24
|
+
**Counter-move**: audit structure first. correctness, blast radius, invariants, test coverage. before any style feedback.
|
|
23
25
|
|
|
24
26
|
### 2. LGTM without running the code
|
|
25
27
|
**Symptom**: approval given based on reading the diff, with no build, no test run, no exploration of the change in situ.
|
|
@@ -32,7 +34,7 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
32
34
|
**Counter-move**: grep for callers of anything changed. Check whether the change is backwards-compatible for each.
|
|
33
35
|
|
|
34
36
|
### 4. No severity
|
|
35
|
-
**Symptom**: all feedback presented at the same weight
|
|
37
|
+
**Symptom**: all feedback presented at the same weight. a typo and a security vulnerability get equal prominence.
|
|
36
38
|
**Why it fails**: the author cannot tell what blocks merge versus what is optional. Real issues get lost.
|
|
37
39
|
**Counter-move**: label each finding CRITICAL / HIGH / MEDIUM / LOW. State what the author must address before merge.
|
|
38
40
|
|
|
@@ -71,11 +73,11 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
71
73
|
|
|
72
74
|
A review that approves while these gates would fail in CI is a failed review. Run or confirm the author ran:
|
|
73
75
|
|
|
74
|
-
- [ ] `npm test
|
|
75
|
-
- [ ] `node bin/construct lint:comments
|
|
76
|
-
- [ ] `node bin/construct docs:verify
|
|
77
|
-
- [ ] `node bin/construct docs:update --check
|
|
78
|
-
- [ ] `npm run lint:templates
|
|
76
|
+
- [ ] `npm test`. 0 failed
|
|
77
|
+
- [ ] `node bin/construct lint:comments`. 0 errors AND 0 warnings (treat warnings as blocking)
|
|
78
|
+
- [ ] `node bin/construct docs:verify`. all checks passed, no warnings
|
|
79
|
+
- [ ] `node bin/construct docs:update --check`. AUTO regions up to date
|
|
80
|
+
- [ ] `npm run lint:templates`. commit subjects + PR body match the canonical templates
|
|
79
81
|
|
|
80
82
|
See `rules/common/release-gates.md`. Block approval until evidence is in the PR body.
|
|
81
83
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/reviewer.trace.md
|
|
2
|
+
skills/roles/reviewer.trace.md. Anti-pattern guidance for the Reviewer.trace (trace) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the reviewer.trace (trace) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-trace-reviewer.
|
|
|
9
9
|
role: reviewer.trace
|
|
10
10
|
applies_to: [cx-trace-reviewer]
|
|
11
11
|
inherits: reviewer
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Trace Reviewer Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.ai.md
|
|
2
|
+
skills/roles/security.ai.md. Anti-pattern guidance for the Security.ai (ai) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.ai (ai) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security, cx-ai-engineer.
|
|
|
9
9
|
role: security.ai
|
|
10
10
|
applies_to: [cx-security, cx-ai-engineer]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# AI Security Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.appsec.md
|
|
2
|
+
skills/roles/security.appsec.md. Anti-pattern guidance for the Security.appsec (appsec) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.appsec (appsec) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security.
|
|
|
9
9
|
role: security.appsec
|
|
10
10
|
applies_to: [cx-security]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# AppSec Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.cloud.md
|
|
2
|
+
skills/roles/security.cloud.md. Anti-pattern guidance for the Security.cloud (cloud) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.cloud (cloud) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security.
|
|
|
9
9
|
role: security.cloud
|
|
10
10
|
applies_to: [cx-security]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Cloud Security Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.legal-compliance.md
|
|
2
|
+
skills/roles/security.legal-compliance.md. Anti-pattern guidance for the Security.legal-compliance (legal compliance) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.legal-compliance (legal compliance) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-legal-compliance.
|
|
|
9
9
|
role: security.legal-compliance
|
|
10
10
|
applies_to: [cx-legal-compliance]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Legal & Compliance Overlay
|
|
15
17
|
|
package/skills/roles/security.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.md
|
|
2
|
+
skills/roles/security.md. Anti-pattern guidance for the Security role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security domain and counter-moves to avoid them.
|
|
@@ -9,15 +9,17 @@ Applies to: cx-security, cx-legal-compliance.
|
|
|
9
9
|
role: security
|
|
10
10
|
applies_to: [cx-security, cx-legal-compliance]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# Security
|
|
16
|
+
# Security. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Defense in absence
|
|
20
|
-
**Symptom**: protection depends on a single layer
|
|
22
|
+
**Symptom**: protection depends on a single layer. a firewall, a middleware, a validation step. with no defense if that layer is bypassed.
|
|
21
23
|
**Why it fails**: one misconfiguration or bug eliminates all protection at once.
|
|
22
24
|
**Counter-move**: assume any single control can fail. Layer controls at the network, application, and data boundaries.
|
|
23
25
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.privacy.md
|
|
2
|
+
skills/roles/security.privacy.md. Anti-pattern guidance for the Security.privacy (privacy) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.privacy (privacy) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security, cx-legal-compliance.
|
|
|
9
9
|
role: security.privacy
|
|
10
10
|
applies_to: [cx-security, cx-legal-compliance]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Privacy Security Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.supply-chain.md
|
|
2
|
+
skills/roles/security.supply-chain.md. Anti-pattern guidance for the Security.supply-chain (supply chain) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.supply-chain (supply chain) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security, cx-platform-engineer.
|
|
|
9
9
|
role: security.supply-chain
|
|
10
10
|
applies_to: [cx-security, cx-platform-engineer]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Supply Chain Security Overlay
|
|
15
17
|
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# <Role display name>
|
|
2
|
+
|
|
3
|
+
> Anchor doc for the <role-id> persona. Methodology: `docs/concepts/persona-research.md`. This file is generated by `construct profile create` and is part of the discover + frame phases. The persona is not promotable until every section below is filled from evidence, not opinion.
|
|
4
|
+
|
|
5
|
+
## Goals
|
|
6
|
+
|
|
7
|
+
- <What does success look like for this role? Not the org's goals; theirs.>
|
|
8
|
+
- <Goal 2>
|
|
9
|
+
|
|
10
|
+
## Frustrations
|
|
11
|
+
|
|
12
|
+
- <What slows them down, what they get blamed for.>
|
|
13
|
+
|
|
14
|
+
## Decision rights
|
|
15
|
+
|
|
16
|
+
- Decides: <list>
|
|
17
|
+
- Escalates: <list>
|
|
18
|
+
|
|
19
|
+
## Handoffs
|
|
20
|
+
|
|
21
|
+
- Hands off to: <role> when <condition>
|
|
22
|
+
- Receives from: <role> when <condition>
|
|
23
|
+
|
|
24
|
+
## Output contract
|
|
25
|
+
|
|
26
|
+
- Format: <markdown structure, code diff, JSON, etc.>
|
|
27
|
+
- Depth: <short bullet list, two-page doc, one-screen summary, etc.>
|
|
28
|
+
- Citations: <required | encouraged | none>
|
|
29
|
+
|
|
30
|
+
## Failure modes
|
|
31
|
+
|
|
32
|
+
- <Common ways this persona goes wrong; what to watch for.>
|
|
33
|
+
|
|
34
|
+
## Evidence
|
|
35
|
+
|
|
36
|
+
- <Interview, doc, postmortem, public job spec. At least two primary sources.>
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
---
|
|
2
|
+
kind: research-finding
|
|
3
|
+
topic: "<short topic line>"
|
|
4
|
+
confidence: inferred
|
|
5
|
+
sources: []
|
|
6
|
+
created: <ISO timestamp set by construct knowledge add>
|
|
7
|
+
expiresAt: <ISO timestamp, default created + 90d>
|
|
8
|
+
profile: <active profile id>
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
## FINDINGS
|
|
12
|
+
|
|
13
|
+
- <Finding 1 with citation>
|
|
14
|
+
- <Finding 2 with citation>
|
|
15
|
+
|
|
16
|
+
## INFERENCES
|
|
17
|
+
|
|
18
|
+
- <Inference labeled as such>
|
|
19
|
+
|
|
20
|
+
## GAPS
|
|
21
|
+
|
|
22
|
+
- <What we could not confirm>
|
|
23
|
+
|
|
24
|
+
## RECOMMENDATION
|
|
25
|
+
|
|
26
|
+
- <Next action based on the evidence available>
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: <verb-led-id>
|
|
3
|
+
scope: <one paragraph: what it covers, what it does not>
|
|
4
|
+
observable_outcome: <how someone outside the role tells this skill happened>
|
|
5
|
+
provenance:
|
|
6
|
+
- <citation: post-mortem, public framework, competency model>
|
|
7
|
+
roles:
|
|
8
|
+
- <role-id that uses this skill>
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
# <Skill display name>
|
|
12
|
+
|
|
13
|
+
## What this skill produces
|
|
14
|
+
|
|
15
|
+
<Concrete output. Bloom-style: not "knows X" but "produces Y".>
|
|
16
|
+
|
|
17
|
+
## When to invoke it
|
|
18
|
+
|
|
19
|
+
<Triggers. What the operator or the upstream persona is doing when this skill is the right call.>
|
|
20
|
+
|
|
21
|
+
## How it composes
|
|
22
|
+
|
|
23
|
+
<Other skills typically chained before or after.>
|
|
24
|
+
|
|
25
|
+
## Anti-patterns
|
|
26
|
+
|
|
27
|
+
<Ways this skill gets misapplied; what looks similar but is not this.>
|