@geraldmaron/construct 1.0.4 → 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +57 -44
- package/agents/prompts/cx-accessibility.md +3 -3
- package/agents/prompts/cx-ai-engineer.md +7 -7
- package/agents/prompts/cx-architect.md +6 -6
- package/agents/prompts/cx-business-strategist.md +6 -6
- package/agents/prompts/cx-data-analyst.md +7 -7
- package/agents/prompts/cx-data-engineer.md +3 -3
- package/agents/prompts/cx-debugger.md +6 -6
- package/agents/prompts/cx-designer.md +5 -5
- package/agents/prompts/cx-devil-advocate.md +4 -4
- package/agents/prompts/cx-docs-keeper.md +5 -5
- package/agents/prompts/cx-engineer.md +5 -5
- package/agents/prompts/cx-evaluator.md +2 -2
- package/agents/prompts/cx-explorer.md +8 -8
- package/agents/prompts/cx-legal-compliance.md +2 -2
- package/agents/prompts/cx-operations.md +5 -5
- package/agents/prompts/cx-orchestrator.md +10 -10
- package/agents/prompts/cx-platform-engineer.md +5 -5
- package/agents/prompts/cx-product-manager.md +4 -4
- package/agents/prompts/cx-qa.md +8 -8
- package/agents/prompts/cx-rd-lead.md +9 -9
- package/agents/prompts/cx-release-manager.md +5 -5
- package/agents/prompts/cx-researcher.md +22 -22
- package/agents/prompts/cx-reviewer.md +7 -7
- package/agents/prompts/cx-security.md +10 -10
- package/agents/prompts/cx-sre.md +7 -7
- package/agents/prompts/cx-test-automation.md +3 -3
- package/agents/prompts/cx-trace-reviewer.md +8 -8
- package/agents/prompts/cx-ux-researcher.md +3 -3
- package/bin/construct +470 -4
- package/commands/build/feature.md +4 -4
- package/commands/build/fix.md +8 -8
- package/commands/design/access.md +3 -3
- package/commands/design/flow.md +3 -3
- package/commands/design/ui.md +4 -4
- package/commands/measure/experiment.md +5 -5
- package/commands/measure/metrics.md +3 -3
- package/commands/measure/results.md +4 -4
- package/commands/plan/api.md +3 -3
- package/commands/plan/challenge.md +3 -3
- package/commands/plan/decide.md +3 -3
- package/commands/plan/feature.md +7 -7
- package/commands/plan/requirements.md +3 -3
- package/commands/remember/context.md +5 -5
- package/commands/remember/handoff.md +3 -3
- package/commands/remember/runbook.md +3 -3
- package/commands/review/code.md +8 -8
- package/commands/review/quality.md +4 -4
- package/commands/review/security.md +3 -3
- package/commands/ship/ready.md +3 -3
- package/commands/ship/release.md +3 -3
- package/commands/ship/status.md +4 -4
- package/commands/understand/docs.md +3 -3
- package/commands/understand/research.md +5 -3
- package/commands/understand/this.md +4 -4
- package/commands/understand/why.md +8 -8
- package/commands/work/clean.md +14 -14
- package/commands/work/drive.md +10 -10
- package/commands/work/optimize-prompts.md +9 -9
- package/commands/work/parallel-review.md +8 -8
- package/db/schema/006_graph.sql +24 -0
- package/examples/provider-plugin/README.md +7 -7
- package/examples/seed-observations/README.md +6 -6
- package/examples/seed-observations/anti-patterns.md +14 -14
- package/examples/seed-observations/decisions.md +4 -4
- package/examples/seed-observations/patterns.md +14 -14
- package/lib/auto-docs.mjs +10 -5
- package/lib/cli-commands.mjs +45 -1
- package/lib/comment-lint.mjs +7 -1
- package/lib/config/schema.mjs +3 -0
- package/lib/flavors/loader.mjs +136 -0
- package/lib/hooks/agent-tracker.mjs +22 -3
- package/lib/hooks/pre-push-gate.mjs +14 -1
- package/lib/hooks/session-optimize.mjs +3 -2
- package/lib/hooks/session-reflect.mjs +68 -0
- package/lib/init-unified.mjs +25 -2
- package/lib/intake/classify.mjs +61 -183
- package/lib/intake/prepare.mjs +7 -0
- package/lib/intake/tables/creative.mjs +94 -0
- package/lib/intake/tables/operations.mjs +85 -0
- package/lib/intake/tables/research.mjs +85 -0
- package/lib/intake/tables/rnd.mjs +175 -0
- package/lib/knowledge/graph.mjs +213 -0
- package/lib/knowledge/research-store.mjs +109 -0
- package/lib/mcp/server.mjs +187 -1
- package/lib/mcp/tools/profile.mjs +270 -0
- package/lib/observation-store.mjs +19 -0
- package/lib/outcomes/aggregate.mjs +104 -0
- package/lib/outcomes/record.mjs +115 -0
- package/lib/parity.mjs +6 -9
- package/lib/profiles/lifecycle.mjs +388 -0
- package/lib/profiles/loader.mjs +123 -0
- package/lib/profiles/validate-custom.mjs +114 -0
- package/lib/reflect/extractor.mjs +193 -0
- package/lib/reflect.mjs +89 -2
- package/lib/sandbox.mjs +102 -0
- package/package.json +6 -1
- package/personas/construct.md +20 -20
- package/platforms/claude/CLAUDE.md +6 -6
- package/platforms/claude/settings.template.json +13 -0
- package/rules/common/agents.md +2 -2
- package/rules/common/beads-hygiene.md +11 -11
- package/rules/common/code-review.md +1 -1
- package/rules/common/coding-style.md +1 -1
- package/rules/common/comments.md +8 -8
- package/rules/common/commit-approval.md +4 -4
- package/rules/common/cx-agent-routing.md +2 -2
- package/rules/common/cx-skill-routing.md +2 -2
- package/rules/common/development-workflow.md +1 -1
- package/rules/common/doc-ownership.md +2 -2
- package/rules/common/efficiency.md +3 -3
- package/rules/common/framing.md +1 -1
- package/rules/common/git-workflow.md +1 -1
- package/rules/common/patterns.md +1 -1
- package/rules/common/performance.md +1 -1
- package/rules/common/release-gates.md +7 -7
- package/rules/common/research.md +4 -4
- package/rules/common/security.md +1 -1
- package/rules/common/skill-composition.md +8 -8
- package/rules/common/testing.md +1 -1
- package/rules/golang/coding-style.md +2 -2
- package/rules/golang/hooks.md +1 -1
- package/rules/golang/patterns.md +1 -1
- package/rules/golang/security.md +1 -1
- package/rules/golang/testing.md +1 -1
- package/rules/python/coding-style.md +1 -1
- package/rules/python/hooks.md +1 -1
- package/rules/python/patterns.md +1 -1
- package/rules/python/security.md +1 -1
- package/rules/python/testing.md +1 -1
- package/rules/swift/coding-style.md +3 -3
- package/rules/swift/hooks.md +2 -2
- package/rules/swift/patterns.md +2 -2
- package/rules/swift/security.md +4 -4
- package/rules/swift/testing.md +2 -2
- package/rules/typescript/coding-style.md +1 -1
- package/rules/typescript/hooks.md +1 -1
- package/rules/typescript/patterns.md +1 -1
- package/rules/typescript/security.md +1 -1
- package/rules/typescript/testing.md +1 -1
- package/rules/web/coding-style.md +1 -1
- package/rules/web/design-quality.md +1 -1
- package/rules/web/hooks.md +1 -1
- package/rules/web/patterns.md +1 -1
- package/rules/web/performance.md +1 -1
- package/rules/web/security.md +1 -1
- package/rules/web/testing.md +1 -1
- package/scripts/sync-agents.mjs +11 -0
- package/skills/ai/agent-dev.md +1 -1
- package/skills/ai/llm-security.md +1 -1
- package/skills/ai/ml-ops.md +6 -6
- package/skills/ai/orchestration-workflow.md +1 -1
- package/skills/ai/prompt-and-eval.md +1 -1
- package/skills/ai/prompt-optimizer.md +13 -13
- package/skills/ai/rag-system.md +1 -1
- package/skills/architecture/api-design.md +1 -1
- package/skills/architecture/caching.md +1 -1
- package/skills/architecture/cloud-native.md +1 -1
- package/skills/architecture/message-queue.md +1 -1
- package/skills/architecture/security-arch.md +1 -1
- package/skills/compliance/ai-disclosure.md +1 -1
- package/skills/compliance/data-privacy.md +1 -1
- package/skills/compliance/license-audit.md +2 -2
- package/skills/compliance/regulatory-review.md +1 -1
- package/skills/development/cpp.md +1 -1
- package/skills/development/go.md +1 -1
- package/skills/development/java.md +1 -1
- package/skills/development/kotlin.md +9 -9
- package/skills/development/mobile-crossplatform.md +13 -13
- package/skills/development/python.md +1 -1
- package/skills/development/rust.md +1 -1
- package/skills/development/shell.md +1 -1
- package/skills/development/swift.md +6 -6
- package/skills/development/typescript.md +1 -1
- package/skills/devops/ci-cd.md +5 -5
- package/skills/devops/containerization.md +9 -9
- package/skills/devops/cost-optimization.md +1 -1
- package/skills/devops/data-engineering.md +2 -2
- package/skills/devops/database.md +1 -1
- package/skills/devops/dependency-management.md +3 -3
- package/skills/devops/devsecops.md +1 -1
- package/skills/devops/git-workflow.md +1 -1
- package/skills/devops/incident-response.md +18 -18
- package/skills/devops/monorepo.md +5 -5
- package/skills/devops/observability.md +1 -1
- package/skills/devops/performance.md +1 -1
- package/skills/devops/testing.md +1 -1
- package/skills/docs/adr-workflow.md +2 -2
- package/skills/docs/backlog-proposal-workflow.md +1 -1
- package/skills/docs/customer-profile-workflow.md +1 -1
- package/skills/docs/document-ingest-workflow.md +1 -1
- package/skills/docs/evidence-ingest-workflow.md +1 -1
- package/skills/docs/init-docs.md +15 -15
- package/skills/docs/init-project.md +1 -1
- package/skills/docs/prd-workflow.md +3 -3
- package/skills/docs/prfaq-workflow.md +1 -1
- package/skills/docs/product-intelligence-review.md +1 -1
- package/skills/docs/product-intelligence-workflow.md +1 -1
- package/skills/docs/product-signal-workflow.md +9 -9
- package/skills/docs/research-workflow.md +10 -10
- package/skills/docs/runbook-workflow.md +2 -2
- package/skills/docs/strategy-workflow.md +3 -3
- package/skills/exploration/repo-map.md +11 -11
- package/skills/frameworks/django.md +15 -15
- package/skills/frameworks/nextjs.md +16 -16
- package/skills/frameworks/react.md +12 -12
- package/skills/frameworks/spring-boot.md +12 -12
- package/skills/frontend-design/accessibility.md +6 -6
- package/skills/frontend-design/component-patterns.md +1 -1
- package/skills/frontend-design/engineering.md +1 -1
- package/skills/frontend-design/state-management.md +1 -1
- package/skills/frontend-design/ui-aesthetics.md +1 -1
- package/skills/frontend-design/ux-principles.md +1 -1
- package/skills/operating/orchestration-reference.md +27 -27
- package/skills/quality-gates/review-work.md +3 -3
- package/skills/quality-gates/verify-change.md +1 -1
- package/skills/quality-gates/verify-module.md +1 -1
- package/skills/quality-gates/verify-quality.md +1 -1
- package/skills/quality-gates/verify-security.md +1 -1
- package/skills/roles/architect.ai-systems.md +4 -2
- package/skills/roles/architect.data.md +4 -2
- package/skills/roles/architect.enterprise.md +4 -2
- package/skills/roles/architect.integration.md +4 -2
- package/skills/roles/architect.md +7 -5
- package/skills/roles/architect.platform.md +4 -2
- package/skills/roles/data-analyst.experiment.md +4 -2
- package/skills/roles/data-analyst.md +9 -7
- package/skills/roles/data-analyst.product-intelligence.md +4 -2
- package/skills/roles/data-analyst.product.md +4 -2
- package/skills/roles/data-analyst.telemetry.md +4 -2
- package/skills/roles/data-engineer.pipeline.md +4 -2
- package/skills/roles/data-engineer.vector-retrieval.md +4 -2
- package/skills/roles/data-engineer.warehouse.md +4 -2
- package/skills/roles/debugger.md +7 -5
- package/skills/roles/designer.accessibility.md +4 -2
- package/skills/roles/designer.md +10 -8
- package/skills/roles/engineer.ai.md +4 -2
- package/skills/roles/engineer.data.md +5 -3
- package/skills/roles/engineer.md +14 -12
- package/skills/roles/engineer.platform.md +5 -3
- package/skills/roles/operator.docs.md +6 -4
- package/skills/roles/operator.md +6 -4
- package/skills/roles/operator.release.md +4 -2
- package/skills/roles/operator.sre.md +5 -3
- package/skills/roles/orchestrator.md +5 -3
- package/skills/roles/product-manager.ai-product.md +4 -2
- package/skills/roles/product-manager.business-strategy.md +4 -2
- package/skills/roles/product-manager.enterprise.md +4 -2
- package/skills/roles/product-manager.growth.md +4 -2
- package/skills/roles/product-manager.md +6 -4
- package/skills/roles/product-manager.platform.md +4 -2
- package/skills/roles/product-manager.product.md +4 -2
- package/skills/roles/qa.ai-eval.md +4 -2
- package/skills/roles/qa.api-contract.md +4 -2
- package/skills/roles/qa.data-pipeline.md +4 -2
- package/skills/roles/qa.md +7 -5
- package/skills/roles/qa.test-automation.md +5 -3
- package/skills/roles/qa.web-ui.md +4 -2
- package/skills/roles/researcher.explorer.md +4 -2
- package/skills/roles/researcher.md +11 -9
- package/skills/roles/researcher.ux.md +4 -2
- package/skills/roles/reviewer.devil-advocate.md +4 -2
- package/skills/roles/reviewer.evaluator.md +4 -2
- package/skills/roles/reviewer.md +14 -12
- package/skills/roles/reviewer.trace.md +4 -2
- package/skills/roles/security.ai.md +4 -2
- package/skills/roles/security.appsec.md +4 -2
- package/skills/roles/security.cloud.md +4 -2
- package/skills/roles/security.legal-compliance.md +4 -2
- package/skills/roles/security.md +7 -5
- package/skills/roles/security.privacy.md +4 -2
- package/skills/roles/security.supply-chain.md +4 -2
- package/skills/routing.md +14 -14
- package/skills/security/blue-team.md +1 -1
- package/skills/security/code-audit.md +1 -1
- package/skills/security/pentest.md +1 -1
- package/skills/security/red-team.md +1 -1
- package/skills/security/threat-intel.md +1 -1
- package/skills/security/vuln-research.md +1 -1
- package/skills/utility/clean-code.md +2 -2
- package/templates/docs/changelog-entry.md +1 -1
- package/templates/docs/construct_guide.md +13 -13
- package/templates/docs/meta-prd.md +16 -16
- package/templates/docs/one-pager.md +1 -1
- package/templates/docs/persona-artifact.md +36 -0
- package/templates/docs/prd-business.md +1 -1
- package/templates/docs/prd-platform.md +1 -1
- package/templates/docs/prd.md +17 -17
- package/templates/docs/research-brief.md +8 -8
- package/templates/docs/research-finding.md +26 -0
- package/templates/docs/rfc.md +1 -1
- package/templates/docs/skill-artifact.md +27 -0
- package/templates/docs/strategy.md +1 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/product-manager.growth.md
|
|
2
|
+
skills/roles/product-manager.growth.md. Anti-pattern guidance for the Product-manager.growth (growth) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the product-manager.growth (growth) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-product-manager, cx-business-strategist.
|
|
|
9
9
|
role: product-manager.growth
|
|
10
10
|
applies_to: [cx-product-manager, cx-business-strategist]
|
|
11
11
|
inherits: product-manager
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Growth PM Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/product-manager.md
|
|
2
|
+
skills/roles/product-manager.md. Anti-pattern guidance for the Product-manager role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the product-manager domain and counter-moves to avoid them.
|
|
@@ -9,11 +9,13 @@ Applies to: cx-product-manager, cx-business-strategist.
|
|
|
9
9
|
role: product-manager
|
|
10
10
|
applies_to: [cx-product-manager, cx-business-strategist]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# Product Manager
|
|
16
|
+
# Product Manager. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Solution in the problem statement
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/product-manager.platform.md
|
|
2
|
+
skills/roles/product-manager.platform.md. Anti-pattern guidance for the Product-manager.platform (platform) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the product-manager.platform (platform) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-product-manager.
|
|
|
9
9
|
role: product-manager.platform
|
|
10
10
|
applies_to: [cx-product-manager]
|
|
11
11
|
inherits: product-manager
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Platform PM Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/product-manager.product.md
|
|
2
|
+
skills/roles/product-manager.product.md. Anti-pattern guidance for the Product-manager.product (product) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the product-manager.product (product) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-product-manager.
|
|
|
9
9
|
role: product-manager.product
|
|
10
10
|
applies_to: [cx-product-manager]
|
|
11
11
|
inherits: product-manager
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Product PM Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/qa.ai-eval.md
|
|
2
|
+
skills/roles/qa.ai-eval.md. Anti-pattern guidance for the Qa.ai-eval (ai eval) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the qa.ai-eval (ai eval) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-qa, cx-test-automation, cx-evaluator.
|
|
|
9
9
|
role: qa.ai-eval
|
|
10
10
|
applies_to: [cx-qa, cx-test-automation, cx-evaluator]
|
|
11
11
|
inherits: qa
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# AI Eval QA Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/qa.api-contract.md
|
|
2
|
+
skills/roles/qa.api-contract.md. Anti-pattern guidance for the Qa.api-contract (api contract) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the qa.api-contract (api contract) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-qa, cx-test-automation.
|
|
|
9
9
|
role: qa.api-contract
|
|
10
10
|
applies_to: [cx-qa, cx-test-automation]
|
|
11
11
|
inherits: qa
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# API Contract QA Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/qa.data-pipeline.md
|
|
2
|
+
skills/roles/qa.data-pipeline.md. Anti-pattern guidance for the Qa.data-pipeline (data pipeline) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the qa.data-pipeline (data pipeline) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-qa, cx-test-automation.
|
|
|
9
9
|
role: qa.data-pipeline
|
|
10
10
|
applies_to: [cx-qa, cx-test-automation]
|
|
11
11
|
inherits: qa
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Data Pipeline QA Overlay
|
|
15
17
|
|
package/skills/roles/qa.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/qa.md
|
|
2
|
+
skills/roles/qa.md. Anti-pattern guidance for the Qa role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the qa domain and counter-moves to avoid them.
|
|
@@ -9,15 +9,17 @@ Applies to: cx-qa, cx-test-automation.
|
|
|
9
9
|
role: qa
|
|
10
10
|
applies_to: [cx-qa, cx-test-automation]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# QA
|
|
16
|
+
# QA. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Testing the mock
|
|
20
|
-
**Symptom**: the test asserts that the mock was called with the expected arguments
|
|
22
|
+
**Symptom**: the test asserts that the mock was called with the expected arguments. and that is all it asserts.
|
|
21
23
|
**Why it fails**: the test passes regardless of whether the real system would. Mocks drift from the real contract silently.
|
|
22
24
|
**Counter-move**: assert on observable outputs or state. Use mocks for isolation, not as the thing being tested.
|
|
23
25
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/qa.test-automation.md
|
|
2
|
+
skills/roles/qa.test-automation.md. Anti-pattern guidance for the Qa.test-automation (test automation) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the qa.test-automation (test automation) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-test-automation.
|
|
|
9
9
|
role: qa.test-automation
|
|
10
10
|
applies_to: [cx-test-automation]
|
|
11
11
|
inherits: qa
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Test Automation Overlay
|
|
15
17
|
|
|
@@ -18,7 +20,7 @@ Additional failure modes on top of the qa core.
|
|
|
18
20
|
|
|
19
21
|
### 1. Flaky tests tolerated
|
|
20
22
|
**Symptom**: tests retried until green; flakes treated as "environmental noise."
|
|
21
|
-
**Why it fails**: signal erodes
|
|
23
|
+
**Why it fails**: signal erodes. real regressions hide among the flakes. Developers stop trusting the suite.
|
|
22
24
|
**Counter-move**: quarantine flakes immediately with a tracking ticket. Target zero retries for trusted tests.
|
|
23
25
|
|
|
24
26
|
### 2. E2E-heavy pyramid
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/qa.web-ui.md
|
|
2
|
+
skills/roles/qa.web-ui.md. Anti-pattern guidance for the Qa.web-ui (web ui) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the qa.web-ui (web ui) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-qa, cx-test-automation.
|
|
|
9
9
|
role: qa.web-ui
|
|
10
10
|
applies_to: [cx-qa, cx-test-automation]
|
|
11
11
|
inherits: qa
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Web UI QA Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/researcher.explorer.md
|
|
2
|
+
skills/roles/researcher.explorer.md. Anti-pattern guidance for the Researcher.explorer (explorer) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the researcher.explorer (explorer) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-explorer.
|
|
|
9
9
|
role: researcher.explorer
|
|
10
10
|
applies_to: [cx-explorer]
|
|
11
11
|
inherits: researcher
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Codebase Explorer Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/researcher.md
|
|
2
|
+
skills/roles/researcher.md. Anti-pattern guidance for the Researcher role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the researcher domain and counter-moves to avoid them.
|
|
@@ -9,11 +9,13 @@ Applies to: cx-researcher, cx-ux-researcher, cx-explorer.
|
|
|
9
9
|
role: researcher
|
|
10
10
|
applies_to: [cx-researcher, cx-ux-researcher, cx-explorer]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# Researcher
|
|
16
|
+
# Researcher. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Confirmation bias
|
|
@@ -27,17 +29,17 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
27
29
|
**Counter-move**: require at least two independent sources for each load-bearing claim. Note when they disagree.
|
|
28
30
|
|
|
29
31
|
### 3. Freshness blindness
|
|
30
|
-
**Symptom**: cited source dated 2019–2024 used as current for a fast-moving topic
|
|
32
|
+
**Symptom**: cited source dated 2019–2024 used as current for a fast-moving topic. AI capabilities, framework APIs, security advisories.
|
|
31
33
|
**Why it fails**: the reader assumes the finding is current; acts on stale information.
|
|
32
34
|
**Counter-move**: start searches from the most recent year and step backward only if insufficient. Record the publication date of every source. For fast-moving topics (LLM behavior, security advisories, market data), treat anything older than 12 months as presumptively stale unless a newer source confirms it is still accurate.
|
|
33
35
|
|
|
34
36
|
### 4. Wrong starting point
|
|
35
|
-
**Symptom**: searching Google or a general index when a domain-specific authoritative source exists
|
|
37
|
+
**Symptom**: searching Google or a general index when a domain-specific authoritative source exists. arXiv for AI research, NVD for CVEs, NeurIPS/ICML proceedings for ML, official vendor docs for APIs.
|
|
36
38
|
**Why it fails**: general search returns popularity-ranked results, not authority-ranked ones. The most-cited blog post is not the same as the primary paper.
|
|
37
39
|
**Counter-move**: use the domain's authoritative starting point first (see `rules/common/research.md` §2). Only fall back to general search if the authoritative source is insufficient.
|
|
38
40
|
|
|
39
41
|
### 5. Unverified URLs
|
|
40
|
-
**Symptom**: URLs included in the brief have not been fetched
|
|
42
|
+
**Symptom**: URLs included in the brief have not been fetched. the researcher copied them from a search result or from memory.
|
|
41
43
|
**Why it fails**: URLs rot. A confident citation pointing to a 404 or a different page than intended is worse than no citation.
|
|
42
44
|
**Counter-move**: fetch every URL before including it. Confirm the content matches the cited claim. Mark any URL that cannot be fetched `[unverified]` and flag it as a gap.
|
|
43
45
|
|
|
@@ -54,7 +56,7 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
54
56
|
### 8. Secondary sources passed as primary
|
|
55
57
|
**Symptom**: citations point to summaries, listicles, or syntheses instead of the underlying paper, spec, or changelog.
|
|
56
58
|
**Why it fails**: the summary may misrepresent the primary source. The chain of error is invisible.
|
|
57
|
-
**Counter-move**: cite primary sources
|
|
59
|
+
**Counter-move**: cite primary sources. the actual paper, spec, commit, or dataset. Use secondary sources only to discover primary ones.
|
|
58
60
|
|
|
59
61
|
### 9. Scope creep
|
|
60
62
|
**Symptom**: the research question was about X but the brief covers X, Y, and Z because they came up.
|
|
@@ -75,7 +77,7 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
75
77
|
- [ ] Each load-bearing claim has at least two independent sources (or one authoritative primary)
|
|
76
78
|
- [ ] Source dates recorded; fast-moving topics use sources within last 12 months
|
|
77
79
|
- [ ] Each finding labeled with confidence (high/medium/low) and one-line reason
|
|
78
|
-
- [ ] Observation separated from inference
|
|
80
|
+
- [ ] Observation separated from inference. labeled differently
|
|
79
81
|
- [ ] Citations point to primary sources, not summaries or index pages
|
|
80
82
|
- [ ] Original question answered first; tangents in a separate section
|
|
81
83
|
- [ ] Evidence threshold for the recommendation is stated explicitly
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/researcher.ux.md
|
|
2
|
+
skills/roles/researcher.ux.md. Anti-pattern guidance for the Researcher.ux (ux) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the researcher.ux (ux) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-ux-researcher.
|
|
|
9
9
|
role: researcher.ux
|
|
10
10
|
applies_to: [cx-ux-researcher]
|
|
11
11
|
inherits: researcher
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# UX Researcher Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/reviewer.devil-advocate.md
|
|
2
|
+
skills/roles/reviewer.devil-advocate.md. Anti-pattern guidance for the Reviewer.devil-advocate (devil advocate) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the reviewer.devil-advocate (devil advocate) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-devil-advocate.
|
|
|
9
9
|
role: reviewer.devil-advocate
|
|
10
10
|
applies_to: [cx-devil-advocate]
|
|
11
11
|
inherits: reviewer
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Devil's Advocate Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/reviewer.evaluator.md
|
|
2
|
+
skills/roles/reviewer.evaluator.md. Anti-pattern guidance for the Reviewer.evaluator (evaluator) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the reviewer.evaluator (evaluator) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-evaluator.
|
|
|
9
9
|
role: reviewer.evaluator
|
|
10
10
|
applies_to: [cx-evaluator]
|
|
11
11
|
inherits: reviewer
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Evaluator Overlay
|
|
15
17
|
|
package/skills/roles/reviewer.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/reviewer.md
|
|
2
|
+
skills/roles/reviewer.md. Anti-pattern guidance for the Reviewer role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the reviewer domain and counter-moves to avoid them.
|
|
@@ -9,17 +9,19 @@ Applies to: cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer.
|
|
|
9
9
|
role: reviewer
|
|
10
10
|
applies_to: [cx-reviewer, cx-devil-advocate, cx-evaluator, cx-trace-reviewer]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# Reviewer
|
|
16
|
+
# Reviewer. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Nit-picking over structure
|
|
20
|
-
**Symptom**: the review focuses on variable names and formatting while leaving the structural problem
|
|
22
|
+
**Symptom**: the review focuses on variable names and formatting while leaving the structural problem. wrong abstraction, missing tests, unsafe concurrency. unflagged.
|
|
21
23
|
**Why it fails**: the author fixes the surface and ships the real bug. The reviewer signals thoroughness while providing no real coverage.
|
|
22
|
-
**Counter-move**: audit structure first
|
|
24
|
+
**Counter-move**: audit structure first. correctness, blast radius, invariants, test coverage. before any style feedback.
|
|
23
25
|
|
|
24
26
|
### 2. LGTM without running the code
|
|
25
27
|
**Symptom**: approval given based on reading the diff, with no build, no test run, no exploration of the change in situ.
|
|
@@ -32,7 +34,7 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
32
34
|
**Counter-move**: grep for callers of anything changed. Check whether the change is backwards-compatible for each.
|
|
33
35
|
|
|
34
36
|
### 4. No severity
|
|
35
|
-
**Symptom**: all feedback presented at the same weight
|
|
37
|
+
**Symptom**: all feedback presented at the same weight. a typo and a security vulnerability get equal prominence.
|
|
36
38
|
**Why it fails**: the author cannot tell what blocks merge versus what is optional. Real issues get lost.
|
|
37
39
|
**Counter-move**: label each finding CRITICAL / HIGH / MEDIUM / LOW. State what the author must address before merge.
|
|
38
40
|
|
|
@@ -71,11 +73,11 @@ Load this before drafting. These are the failure modes that separate strong role
|
|
|
71
73
|
|
|
72
74
|
A review that approves while these gates would fail in CI is a failed review. Run or confirm the author ran:
|
|
73
75
|
|
|
74
|
-
- [ ] `npm test
|
|
75
|
-
- [ ] `node bin/construct lint:comments
|
|
76
|
-
- [ ] `node bin/construct docs:verify
|
|
77
|
-
- [ ] `node bin/construct docs:update --check
|
|
78
|
-
- [ ] `npm run lint:templates
|
|
76
|
+
- [ ] `npm test`. 0 failed
|
|
77
|
+
- [ ] `node bin/construct lint:comments`. 0 errors AND 0 warnings (treat warnings as blocking)
|
|
78
|
+
- [ ] `node bin/construct docs:verify`. all checks passed, no warnings
|
|
79
|
+
- [ ] `node bin/construct docs:update --check`. AUTO regions up to date
|
|
80
|
+
- [ ] `npm run lint:templates`. commit subjects + PR body match the canonical templates
|
|
79
81
|
|
|
80
82
|
See `rules/common/release-gates.md`. Block approval until evidence is in the PR body.
|
|
81
83
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/reviewer.trace.md
|
|
2
|
+
skills/roles/reviewer.trace.md. Anti-pattern guidance for the Reviewer.trace (trace) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the reviewer.trace (trace) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-trace-reviewer.
|
|
|
9
9
|
role: reviewer.trace
|
|
10
10
|
applies_to: [cx-trace-reviewer]
|
|
11
11
|
inherits: reviewer
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Trace Reviewer Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.ai.md
|
|
2
|
+
skills/roles/security.ai.md. Anti-pattern guidance for the Security.ai (ai) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.ai (ai) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security, cx-ai-engineer.
|
|
|
9
9
|
role: security.ai
|
|
10
10
|
applies_to: [cx-security, cx-ai-engineer]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# AI Security Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.appsec.md
|
|
2
|
+
skills/roles/security.appsec.md. Anti-pattern guidance for the Security.appsec (appsec) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.appsec (appsec) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security.
|
|
|
9
9
|
role: security.appsec
|
|
10
10
|
applies_to: [cx-security]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# AppSec Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.cloud.md
|
|
2
|
+
skills/roles/security.cloud.md. Anti-pattern guidance for the Security.cloud (cloud) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.cloud (cloud) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security.
|
|
|
9
9
|
role: security.cloud
|
|
10
10
|
applies_to: [cx-security]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Cloud Security Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.legal-compliance.md
|
|
2
|
+
skills/roles/security.legal-compliance.md. Anti-pattern guidance for the Security.legal-compliance (legal compliance) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.legal-compliance (legal compliance) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-legal-compliance.
|
|
|
9
9
|
role: security.legal-compliance
|
|
10
10
|
applies_to: [cx-legal-compliance]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Legal & Compliance Overlay
|
|
15
17
|
|
package/skills/roles/security.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.md
|
|
2
|
+
skills/roles/security.md. Anti-pattern guidance for the Security role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security domain and counter-moves to avoid them.
|
|
@@ -9,15 +9,17 @@ Applies to: cx-security, cx-legal-compliance.
|
|
|
9
9
|
role: security
|
|
10
10
|
applies_to: [cx-security, cx-legal-compliance]
|
|
11
11
|
inherits: null
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
|
-
# Security
|
|
16
|
+
# Security. Role guidance
|
|
15
17
|
|
|
16
|
-
Load this before drafting. These are the failure modes that separate strong role output from weak role output
|
|
18
|
+
Load this before drafting. These are the failure modes that separate strong role output from weak role output. check your draft against each.
|
|
17
19
|
|
|
18
20
|
|
|
19
21
|
### 1. Defense in absence
|
|
20
|
-
**Symptom**: protection depends on a single layer
|
|
22
|
+
**Symptom**: protection depends on a single layer. a firewall, a middleware, a validation step. with no defense if that layer is bypassed.
|
|
21
23
|
**Why it fails**: one misconfiguration or bug eliminates all protection at once.
|
|
22
24
|
**Counter-move**: assume any single control can fail. Layer controls at the network, application, and data boundaries.
|
|
23
25
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.privacy.md
|
|
2
|
+
skills/roles/security.privacy.md. Anti-pattern guidance for the Security.privacy (privacy) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.privacy (privacy) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security, cx-legal-compliance.
|
|
|
9
9
|
role: security.privacy
|
|
10
10
|
applies_to: [cx-security, cx-legal-compliance]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Privacy Security Overlay
|
|
15
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/roles/security.supply-chain.md
|
|
2
|
+
skills/roles/security.supply-chain.md. Anti-pattern guidance for the Security.supply-chain (supply chain) role.
|
|
3
3
|
|
|
4
4
|
Loaded at sync time to inline role-specific failure modes into specialist agent prompts.
|
|
5
5
|
Covers common failure modes for the security.supply-chain (supply chain) domain and counter-moves to avoid them.
|
|
@@ -9,7 +9,9 @@ Applies to: cx-security, cx-platform-engineer.
|
|
|
9
9
|
role: security.supply-chain
|
|
10
10
|
applies_to: [cx-security, cx-platform-engineer]
|
|
11
11
|
inherits: security
|
|
12
|
-
version:
|
|
12
|
+
version: 2
|
|
13
|
+
profiles: [rnd]
|
|
14
|
+
cap: 1
|
|
13
15
|
---
|
|
14
16
|
# Supply Chain Security Overlay
|
|
15
17
|
|
package/skills/routing.md
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/routing.md
|
|
2
|
+
skills/routing.md (Construct AI Agent) Skill Routing: Read the matching skill file before responding when the user's request matches t
|
|
3
3
|
|
|
4
4
|
Read the matching skill file before responding when the user's request matches trigger keywords below. ## Exploration Domain
|
|
5
5
|
-->
|
|
6
|
-
# Construct AI Agent
|
|
6
|
+
# Construct AI Agent: Skill Routing
|
|
7
7
|
|
|
8
8
|
Read the matching skill file before responding when the user's request matches trigger keywords below.
|
|
9
9
|
|
|
@@ -11,7 +11,7 @@ Read the matching skill file before responding when the user's request matches t
|
|
|
11
11
|
|
|
12
12
|
| Trigger Keywords | Skill File | Description |
|
|
13
13
|
|---|---|---|
|
|
14
|
-
| explore repo, map codebase, understand codebase, unfamiliar codebase, slog through, get oriented, codebase map, how is this structured, how does this work, where is X, entry point, hot path, code map | `skills/exploration/repo-map.md` | Systematic repo exploration
|
|
14
|
+
| explore repo, map codebase, understand codebase, unfamiliar codebase, slog through, get oriented, codebase map, how is this structured, how does this work, where is X, entry point, hot path, code map | `skills/exploration/repo-map.md` | Systematic repo exploration: produce .cx/codebase-map.md |
|
|
15
15
|
|
|
16
16
|
## Quality Gates
|
|
17
17
|
|
|
@@ -120,15 +120,15 @@ Read the matching skill file before responding when the user's request matches t
|
|
|
120
120
|
| Trigger Keywords | Skill File | Description |
|
|
121
121
|
|---|---|---|
|
|
122
122
|
| init docs, create docs structure, set up documentation, docs scaffold, documentation init | `skills/docs/init-docs.md` | Initialize required project-state docs and documentation structure |
|
|
123
|
-
| research X, investigate X, find evidence, gather evidence | `skills/docs/research-workflow.md` | Research workflow
|
|
124
|
-
| product intelligence, customer notes, field notes, product signals, customer profile, evidence brief, signal brief, backlog proposal | `skills/docs/product-intelligence-workflow.md` | Product Intelligence workflow
|
|
125
|
-
| strategy, product strategy, strategic bet, non-bet, north star, time horizon, competitive positioning | `skills/docs/strategy-workflow.md` | Product strategy
|
|
126
|
-
| ingest evidence, ingest customer notes, ingest Slack thread, ingest support ticket, normalize field notes | `skills/docs/evidence-ingest-workflow.md` | Evidence ingest workflow
|
|
127
|
-
| write a PRD, create requirements, spec out, requirements document, Meta PRD, platform PRD | `skills/docs/prd-workflow.md` | PRD workflow
|
|
128
|
-
| write a PRFAQ, working backwards doc, press release FAQ | `skills/docs/prfaq-workflow.md` | PRFAQ workflow
|
|
129
|
-
| create Jira proposal, update Linear, backlog proposal, issue proposal | `skills/docs/backlog-proposal-workflow.md` | Backlog proposal workflow
|
|
130
|
-
| record this decision, create an ADR, architecture decision | `skills/docs/adr-workflow.md` | ADR workflow
|
|
131
|
-
| write a runbook, document this operation, operational procedure | `skills/docs/runbook-workflow.md` | Runbook workflow
|
|
123
|
+
| research X, investigate X, find evidence, gather evidence | `skills/docs/research-workflow.md` | Research workflow: question to .cx/research/ file |
|
|
124
|
+
| product intelligence, customer notes, field notes, product signals, customer profile, evidence brief, signal brief, backlog proposal | `skills/docs/product-intelligence-workflow.md` | Product Intelligence workflow: evidence to product artifacts |
|
|
125
|
+
| strategy, product strategy, strategic bet, non-bet, north star, time horizon, competitive positioning | `skills/docs/strategy-workflow.md` | Product strategy: read, update, and reason about the strategy store |
|
|
126
|
+
| ingest evidence, ingest customer notes, ingest Slack thread, ingest support ticket, normalize field notes | `skills/docs/evidence-ingest-workflow.md` | Evidence ingest workflow: raw source to .cx/knowledge/ |
|
|
127
|
+
| write a PRD, create requirements, spec out, requirements document, Meta PRD, platform PRD | `skills/docs/prd-workflow.md` | PRD workflow: requirements to docs/prd/ or docs/meta-prd/ |
|
|
128
|
+
| write a PRFAQ, working backwards doc, press release FAQ | `skills/docs/prfaq-workflow.md` | PRFAQ workflow: launch narrative from PRD or evidence |
|
|
129
|
+
| create Jira proposal, update Linear, backlog proposal, issue proposal | `skills/docs/backlog-proposal-workflow.md` | Backlog proposal workflow: approval-gated issue tracker changes |
|
|
130
|
+
| record this decision, create an ADR, architecture decision | `skills/docs/adr-workflow.md` | ADR workflow: decision to docs/adr/ file |
|
|
131
|
+
| write a runbook, document this operation, operational procedure | `skills/docs/runbook-workflow.md` | Runbook workflow: operation to docs/runbooks/ file |
|
|
132
132
|
| init project, new project setup, join project, set up doc structure | `skills/docs/init-project.md` | Project initialization via construct init-docs |
|
|
133
133
|
|
|
134
134
|
## Routing Rules
|
|
@@ -141,6 +141,6 @@ Read the matching skill file before responding when the user's request matches t
|
|
|
141
141
|
|
|
142
142
|
## Agent Roster Disambiguation
|
|
143
143
|
|
|
144
|
-
**cx-engineer vs cx-platform-engineer:** cx-engineer builds product features for end users. cx-platform-engineer builds the internal platform
|
|
144
|
+
**cx-engineer vs cx-platform-engineer:** cx-engineer builds product features for end users. cx-platform-engineer builds the internal platform: CI/CD, deployment tooling, developer environments, internal APIs, and reliability infrastructure. They operate in distinct domains with different quality bars (user-facing UX vs. developer ergonomics and system reliability). Use cx-platform-engineer when the subject is a platform service, internal tool, build pipeline, or infrastructure component that engineers consume, not end users.
|
|
145
145
|
|
|
146
|
-
**Platform domain overlays** (`roles/product-manager.platform`, `roles/architect.platform`, `roles/engineer.platform`) apply when the PRODUCT being designed or built is a platform
|
|
146
|
+
**Platform domain overlays** (`roles/product-manager.platform`, `roles/architect.platform`, `roles/engineer.platform`) apply when the PRODUCT being designed or built is a platform: an API, SDK, or developer surface consumed by other developers. These are skill overlays on PM/architect/engineer roles, not routing to cx-platform-engineer. Route to cx-platform-engineer only when the work is infra/ops, not product.
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/security/blue-team.md
|
|
2
|
+
skills/security/blue-team.md (Blue Team) Use this skill when defending systems, responding to incidents, or building dete
|
|
3
3
|
|
|
4
4
|
Use this skill when defending systems, responding to incidents, or building detection and monitoring capabilities. ## Detection Engineering
|
|
5
5
|
-->
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
skills/security/code-audit.md
|
|
2
|
+
skills/security/code-audit.md (Code Audit) Use this skill when reviewing source code for security vulnerabilities through s
|
|
3
3
|
|
|
4
4
|
Use this skill when reviewing source code for security vulnerabilities through static analysis. ## Taint Analysis
|
|
5
5
|
-->
|