@geraldmaron/construct 1.0.7 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -17
- package/bin/construct +1199 -69
- package/commands/work/optimize-prompts.md +1 -1
- package/db/schema/007_tags.sql +30 -0
- package/db/schema/008_skill_usage.sql +24 -0
- package/db/schema/009_scheduler.sql +14 -0
- package/examples/internal/roles/architect/bad/clever-plan-without-contracts.md +1 -1
- package/examples/internal/roles/architect/golden/explicit-tradeoff-before-plan.md +1 -1
- package/examples/internal/roles/engineer/bad/speculative-abstraction.md +1 -1
- package/examples/internal/roles/engineer/golden/read-before-write.md +1 -1
- package/examples/internal/roles/qa/bad/coverage-theater.md +1 -1
- package/examples/internal/roles/qa/golden/regression-gate.md +1 -1
- package/examples/seed-observations/decisions.md +1 -1
- package/lib/audit-skills.mjs +3 -3
- package/lib/auto-docs.mjs +2 -2
- package/lib/cli-commands.mjs +276 -122
- package/lib/comment-lint.mjs +5 -1
- package/lib/completions.mjs +1 -1
- package/lib/config/schema.mjs +15 -1
- package/lib/contracts/validate.mjs +65 -17
- package/lib/distill.mjs +22 -4
- package/lib/doc-stamp.mjs +48 -0
- package/lib/doctor/watchers/consistency.mjs +62 -12
- package/lib/document-extract.mjs +221 -28
- package/lib/document-ingest.mjs +2 -0
- package/lib/embed/inbox.mjs +48 -3
- package/lib/embed/role-framing.mjs +3 -3
- package/lib/env-config.mjs +9 -3
- package/lib/extractors/calendar.mjs +173 -0
- package/lib/extractors/shared/drop-info.mjs +22 -0
- package/lib/extractors/transcript.mjs +0 -0
- package/lib/gates-audit.mjs +8 -2
- package/lib/git-hooks/prepare-commit-msg +1 -1
- package/lib/headhunt.mjs +2 -2
- package/lib/hooks/agent-tracker.mjs +6 -11
- package/lib/hooks/guard-bash.mjs +35 -14
- package/lib/hooks/mcp-audit.mjs +12 -0
- package/lib/hooks/pre-compact.mjs +92 -5
- package/lib/hooks/pre-push-gate.mjs +41 -8
- package/lib/hooks/registry-sync.mjs +2 -2
- package/lib/hooks/stop-notify.mjs +7 -6
- package/lib/host-capabilities.mjs +10 -1
- package/lib/hygiene/scan.mjs +141 -0
- package/lib/init-unified.mjs +18 -0
- package/lib/install/stage-project.mjs +4 -4
- package/lib/intake/classify.mjs +222 -55
- package/lib/intake/filesystem-queue.mjs +25 -5
- package/lib/intake/postgres-queue.mjs +45 -3
- package/lib/intake/prepare.mjs +3 -0
- package/lib/intake/quarantine.mjs +205 -0
- package/lib/knowledge/postgres-search.mjs +132 -0
- package/lib/knowledge/search.mjs +14 -4
- package/lib/mcp/server.mjs +9 -3
- package/lib/mcp/tools/skills.mjs +32 -11
- package/lib/mcp/tools/workflow.mjs +1 -1
- package/lib/migrations/index.mjs +1 -1
- package/lib/model-registry.mjs +1 -1
- package/lib/opencode-runtime-plugin.mjs +1 -1
- package/lib/orchestration-policy.mjs +4 -4
- package/lib/overrides/resolver.mjs +3 -3
- package/lib/parity.mjs +4 -4
- package/lib/policy/engine.mjs +2 -2
- package/lib/profiles/lifecycle.mjs +1 -1
- package/lib/prompt-metadata.mjs +4 -4
- package/lib/providers/circuit-breaker.mjs +14 -0
- package/lib/providers/contract.mjs +67 -3
- package/lib/providers/creds.mjs +219 -0
- package/lib/providers/scaffold.mjs +107 -0
- package/lib/role-preload.mjs +5 -0
- package/lib/roles/catalog.mjs +1 -1
- package/lib/roles/manifest.mjs +2 -2
- package/lib/scheduler/index.mjs +112 -0
- package/lib/scheduler/solo.mjs +183 -0
- package/lib/server/index.mjs +7 -1
- package/lib/server/insights.mjs +14 -12
- package/lib/server/langfuse-login.mjs +58 -0
- package/lib/server/static/assets/index-ab25c707.js +1 -1
- package/lib/{agent-contracts-enforce.mjs → specialist-contracts-enforce.mjs} +4 -4
- package/lib/{agent-contracts.mjs → specialist-contracts.mjs} +9 -8
- package/lib/{agents → specialists}/postconditions.mjs +3 -3
- package/lib/{agents → specialists}/schema.mjs +6 -6
- package/lib/status.mjs +13 -11
- package/lib/storage/backup.mjs +2 -2
- package/lib/tags/lifecycle.mjs +278 -0
- package/lib/tags/vocabulary.mjs +140 -0
- package/lib/telemetry/otel-tracer.mjs +184 -0
- package/lib/telemetry/skill-calls.mjs +73 -12
- package/lib/uninstall/uninstall.mjs +1 -1
- package/lib/update.mjs +1 -1
- package/lib/validator.mjs +57 -56
- package/lib/workflows/instantiate.mjs +320 -0
- package/package.json +13 -3
- package/personas/construct.md +2 -2
- package/platforms/claude/CLAUDE.md +1 -1
- package/rules/common/no-fabrication.md +1 -1
- package/scripts/{sync-agents.mjs → sync-specialists.mjs} +126 -54
- package/skills/ai/prompt-optimizer.md +3 -3
- package/skills/exploration/dependency-graph-reading.md +98 -0
- package/skills/exploration/tracer-bullet-method.md +71 -0
- package/skills/exploration/unknown-codebase-onboarding.md +91 -0
- package/skills/operating/change-management.md +91 -0
- package/skills/operating/incident-response.md +75 -0
- package/skills/operating/oncall-rotation.md +95 -0
- package/skills/operating/orchestration-reference.md +2 -2
- package/skills/strategy/competitive-landscape.md +75 -0
- package/skills/strategy/market-research-methods.md +87 -0
- package/skills/strategy/narrative-arc.md +77 -0
- package/skills/strategy/pricing-positioning.md +94 -0
- package/{agents → specialists}/contracts.schema.json +1 -1
- package/specialists/policy-inventory.json +160 -0
- package/{agents → specialists}/prompts/cx-accessibility.md +1 -1
- package/{agents → specialists}/prompts/cx-ai-engineer.md +1 -1
- package/{agents → specialists}/prompts/cx-architect.md +1 -1
- package/{agents → specialists}/prompts/cx-business-strategist.md +1 -1
- package/{agents → specialists}/prompts/cx-data-analyst.md +1 -1
- package/{agents → specialists}/prompts/cx-data-engineer.md +1 -1
- package/{agents → specialists}/prompts/cx-debugger.md +1 -1
- package/{agents → specialists}/prompts/cx-designer.md +1 -1
- package/{agents → specialists}/prompts/cx-devil-advocate.md +1 -1
- package/{agents → specialists}/prompts/cx-docs-keeper.md +2 -2
- package/{agents → specialists}/prompts/cx-engineer.md +2 -2
- package/{agents → specialists}/prompts/cx-evaluator.md +1 -1
- package/{agents → specialists}/prompts/cx-explorer.md +1 -1
- package/{agents → specialists}/prompts/cx-legal-compliance.md +1 -1
- package/{agents → specialists}/prompts/cx-operations.md +1 -1
- package/{agents → specialists}/prompts/cx-orchestrator.md +2 -2
- package/{agents → specialists}/prompts/cx-platform-engineer.md +1 -1
- package/{agents → specialists}/prompts/cx-product-manager.md +1 -1
- package/{agents → specialists}/prompts/cx-qa.md +1 -1
- package/{agents → specialists}/prompts/cx-rd-lead.md +1 -1
- package/{agents → specialists}/prompts/cx-release-manager.md +1 -1
- package/{agents → specialists}/prompts/cx-researcher.md +1 -1
- package/{agents → specialists}/prompts/cx-reviewer.md +2 -2
- package/{agents → specialists}/prompts/cx-security.md +1 -1
- package/{agents → specialists}/prompts/cx-sre.md +2 -2
- package/{agents → specialists}/prompts/cx-test-automation.md +1 -1
- package/{agents → specialists}/prompts/cx-trace-reviewer.md +3 -3
- package/{agents → specialists}/prompts/cx-ux-researcher.md +1 -1
- package/{agents → specialists}/registry.json +651 -423
- package/{agents → specialists}/role-manifests.json +8 -8
- package/templates/provider-scaffold/health.test.mjs +30 -0
- package/templates/provider-scaffold/index.mjs +48 -0
- package/templates/workflows/cross-team-handoff.yml +85 -0
- package/templates/workflows/engineering-onboarding.yml +77 -0
- package/templates/workflows/new-feature.yml +53 -0
- /package/{agents → specialists}/contracts.json +0 -0
- /package/{agents → specialists}/teams.json +0 -0
|
@@ -0,0 +1,160 @@
|
|
|
1
|
+
{
|
|
2
|
+
"version": 1,
|
|
3
|
+
"description": "Single source of truth for Construct policy gates. Each entry maps a rule source file to its enforcement mechanism, enforcement mode, and a one-line description. Consumed by `construct policy show` and the CI inventory-coverage test.",
|
|
4
|
+
"policies": [
|
|
5
|
+
{
|
|
6
|
+
"id": "file-path-fence",
|
|
7
|
+
"source": "specialists/role-manifests.json",
|
|
8
|
+
"enforcement": "lib/roles/fence.mjs#checkAction",
|
|
9
|
+
"mode": "deterministic",
|
|
10
|
+
"description": "Prevents specialists from touching files outside their declared path scope."
|
|
11
|
+
},
|
|
12
|
+
{
|
|
13
|
+
"id": "action-approval",
|
|
14
|
+
"source": "specialists/role-manifests.json",
|
|
15
|
+
"enforcement": "lib/roles/fence.mjs#checkAction",
|
|
16
|
+
"mode": "deterministic",
|
|
17
|
+
"description": "Blocks specialists from taking actions not listed in their approved action set."
|
|
18
|
+
},
|
|
19
|
+
{
|
|
20
|
+
"id": "no-fabrication",
|
|
21
|
+
"source": "rules/common/no-fabrication.md",
|
|
22
|
+
"enforcement": "lib/comment-lint.mjs",
|
|
23
|
+
"mode": "deterministic-85",
|
|
24
|
+
"description": "Detects fabrication-risk patterns (manufactured confidence, uncited claims, hand-wave percentages) in artifact prose."
|
|
25
|
+
},
|
|
26
|
+
{
|
|
27
|
+
"id": "release-gates",
|
|
28
|
+
"source": "rules/common/release-gates.md",
|
|
29
|
+
"enforcement": "lib/hooks/pre-push-gate.mjs",
|
|
30
|
+
"mode": "deterministic",
|
|
31
|
+
"description": "Enforces test + build + lint gates before any push reaches the remote."
|
|
32
|
+
},
|
|
33
|
+
{
|
|
34
|
+
"id": "contract-preconditions",
|
|
35
|
+
"source": "specialists/contracts.json",
|
|
36
|
+
"enforcement": "lib/contracts/validate.mjs#validateHandoff",
|
|
37
|
+
"mode": "deterministic",
|
|
38
|
+
"description": "Validates that specialist handoffs conform to declared pre/postconditions in contracts.json."
|
|
39
|
+
},
|
|
40
|
+
{
|
|
41
|
+
"id": "bash-safety",
|
|
42
|
+
"source": "built-in",
|
|
43
|
+
"enforcement": "lib/hooks/guard-bash.mjs",
|
|
44
|
+
"mode": "deterministic",
|
|
45
|
+
"description": "Blocks destructive bash commands (rm -rf /, git reset --hard HEAD, etc.) from running."
|
|
46
|
+
},
|
|
47
|
+
{
|
|
48
|
+
"id": "bootstrap-state",
|
|
49
|
+
"source": "built-in",
|
|
50
|
+
"enforcement": "lib/hooks/policy-engine.mjs",
|
|
51
|
+
"mode": "deterministic",
|
|
52
|
+
"description": "State machine enforces valid session bootstrap sequence before any agent work begins."
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
"id": "secret-scan",
|
|
56
|
+
"source": "built-in",
|
|
57
|
+
"enforcement": "lib/hooks/scan-secrets.mjs",
|
|
58
|
+
"mode": "deterministic",
|
|
59
|
+
"description": "Scans added lines for credential patterns before any file is written."
|
|
60
|
+
},
|
|
61
|
+
{
|
|
62
|
+
"id": "beads-hygiene",
|
|
63
|
+
"source": "rules/common/beads-hygiene.md",
|
|
64
|
+
"enforcement": "lib/contracts/validate.mjs#validateBeadsCloseReason",
|
|
65
|
+
"mode": "deterministic",
|
|
66
|
+
"description": "Validates beads close-reason quality: requires PR reference or file:line evidence."
|
|
67
|
+
},
|
|
68
|
+
{
|
|
69
|
+
"id": "commit-approval",
|
|
70
|
+
"source": "rules/common/commit-approval.md",
|
|
71
|
+
"enforcement": "(persona prompt)",
|
|
72
|
+
"mode": "honor-system",
|
|
73
|
+
"description": "Requires explicit user confirmation before any git commit or push. Enforced at the conversation level."
|
|
74
|
+
},
|
|
75
|
+
{
|
|
76
|
+
"id": "framing",
|
|
77
|
+
"source": "rules/common/framing.md",
|
|
78
|
+
"enforcement": "(persona prompt)",
|
|
79
|
+
"mode": "honor-system",
|
|
80
|
+
"description": "Requires that execution artifacts cite their source; prevents specialists from treating their own output as ground truth."
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
"id": "research-evidence",
|
|
84
|
+
"source": "rules/common/research.md",
|
|
85
|
+
"enforcement": "(persona prompt)",
|
|
86
|
+
"mode": "honor-system",
|
|
87
|
+
"description": "Enforces evidence hierarchy and citation discipline in research and analysis artifacts."
|
|
88
|
+
},
|
|
89
|
+
{
|
|
90
|
+
"id": "doc-ownership",
|
|
91
|
+
"source": "rules/common/doc-ownership.md",
|
|
92
|
+
"enforcement": "(persona prompt)",
|
|
93
|
+
"mode": "honor-system",
|
|
94
|
+
"description": "Routes artifacts to the correct specialist owner before writing (PRD to PM, ADR to Architect)."
|
|
95
|
+
},
|
|
96
|
+
{
|
|
97
|
+
"id": "code-review",
|
|
98
|
+
"source": "rules/common/code-review.md",
|
|
99
|
+
"enforcement": "(persona prompt)",
|
|
100
|
+
"mode": "honor-system",
|
|
101
|
+
"description": "Review standards applied by cx-reviewer and cx-qa before any change is marked done."
|
|
102
|
+
},
|
|
103
|
+
{
|
|
104
|
+
"id": "testing",
|
|
105
|
+
"source": "rules/common/testing.md",
|
|
106
|
+
"enforcement": "lib/hooks/pre-push-gate.mjs",
|
|
107
|
+
"mode": "deterministic",
|
|
108
|
+
"description": "Tests must pass before push; multi-component features require a functional test in tests/functional/."
|
|
109
|
+
},
|
|
110
|
+
{
|
|
111
|
+
"id": "comments",
|
|
112
|
+
"source": "rules/common/comments.md",
|
|
113
|
+
"enforcement": "lib/comment-lint.mjs",
|
|
114
|
+
"mode": "deterministic",
|
|
115
|
+
"description": "Enforces the two-form comment policy (file header + section context block). Blocks inline narration."
|
|
116
|
+
},
|
|
117
|
+
{
|
|
118
|
+
"id": "security",
|
|
119
|
+
"source": "rules/common/security.md",
|
|
120
|
+
"enforcement": "(persona prompt)",
|
|
121
|
+
"mode": "honor-system",
|
|
122
|
+
"description": "Security review checklist applied by cx-security and cx-reviewer on any change touching auth, credentials, or external I/O."
|
|
123
|
+
},
|
|
124
|
+
{
|
|
125
|
+
"id": "agents-routing",
|
|
126
|
+
"source": "rules/common/cx-agent-routing.md",
|
|
127
|
+
"enforcement": "(persona prompt)",
|
|
128
|
+
"mode": "honor-system",
|
|
129
|
+
"description": "Routing discipline: construct routes to specialists, specialists do not self-route except to adjacent roles."
|
|
130
|
+
},
|
|
131
|
+
{
|
|
132
|
+
"id": "skill-routing",
|
|
133
|
+
"source": "rules/common/cx-skill-routing.md",
|
|
134
|
+
"enforcement": "(persona prompt + lib/mcp/tools/skills.mjs)",
|
|
135
|
+
"mode": "honor-system",
|
|
136
|
+
"description": "Specialists load skills explicitly via get_skill rather than relying on ambient knowledge."
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
"id": "git-workflow",
|
|
140
|
+
"source": "rules/common/git-workflow.md",
|
|
141
|
+
"enforcement": "lib/hooks/pre-push-gate.mjs",
|
|
142
|
+
"mode": "deterministic",
|
|
143
|
+
"description": "Enforces branch naming, commit message style, and push guard (no direct-to-main pushes)."
|
|
144
|
+
},
|
|
145
|
+
{
|
|
146
|
+
"id": "coding-style",
|
|
147
|
+
"source": "rules/common/coding-style.md",
|
|
148
|
+
"enforcement": "(persona prompt)",
|
|
149
|
+
"mode": "honor-system",
|
|
150
|
+
"description": "Style standards applied at authoring time; not mechanically enforced beyond lint:comments."
|
|
151
|
+
},
|
|
152
|
+
{
|
|
153
|
+
"id": "patterns",
|
|
154
|
+
"source": "rules/common/patterns.md",
|
|
155
|
+
"enforcement": "(persona prompt)",
|
|
156
|
+
"mode": "honor-system",
|
|
157
|
+
"description": "Architectural pattern guidance (module boundaries, error handling, async contracts) applied at authoring time."
|
|
158
|
+
}
|
|
159
|
+
]
|
|
160
|
+
}
|
|
@@ -34,6 +34,6 @@ For each finding: WCAG criterion violated, user impact, specific element (file:l
|
|
|
34
34
|
|
|
35
35
|
Construct may dispatch you in response to a `handoff.received` or `a11y.violation` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
36
36
|
|
|
37
|
-
**Fence** (
|
|
37
|
+
**Fence** (specialists/role-manifests.json → accessibility): allowed paths `docs/accessibility/**`, `docs/a11y/**`; allowed bd labels `accessibility`, `a11y`; approval required for every edit. You are read-only against production code by design.
|
|
38
38
|
|
|
39
39
|
You file findings to bd notes and write a11y reports inside the fence. **Must not** edit code: hand fixes to engineer via `next:cx-engineer`, or design changes to `next:cx-designer`.
|
|
@@ -102,4 +102,4 @@ Treat prompts as code with full version control:
|
|
|
102
102
|
|
|
103
103
|
## When invoked via the role framework
|
|
104
104
|
|
|
105
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
105
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → ai-engineer`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
@@ -46,6 +46,6 @@ When producing an implementation plan, use the canonical task format:
|
|
|
46
46
|
|
|
47
47
|
Construct may dispatch you in response to a `handoff.received`, `adr.requested`, or `arch.boundary.violated` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
48
48
|
|
|
49
|
-
**Fence** (declared in
|
|
49
|
+
**Fence** (declared in specialists/role-manifests.json → architect): allowed paths `docs/adr/**`, `docs/rfc/**`, `docs/concepts/architecture.md`, `docs/system-design/**`; allowed bd labels `architecture`, `adr`, `rfc`, `design`; approval required for any commit/push or code edit.
|
|
50
50
|
|
|
51
51
|
You produce ADRs, RFCs, system-design documents, and architecture-overview updates inside the fence. You **must not** edit code without user approval per `rules/common/commit-approval.md`. **Handoff syntax**: append `next:cx-<role>` as a bd label. Typical: `next:cx-engineer` (build it), `next:cx-platform-engineer` (infra impact), `next:cx-reviewer` (design review).
|
|
@@ -30,7 +30,7 @@ DECISION DEADLINE: when this must be decided and why
|
|
|
30
30
|
|
|
31
31
|
## When invoked via the role framework
|
|
32
32
|
|
|
33
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
33
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → business-strategist`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
34
34
|
|
|
35
35
|
## Automatic activation
|
|
36
36
|
|
|
@@ -89,4 +89,4 @@ If you receive work that was misclassified (e.g., assigned to you but actually r
|
|
|
89
89
|
|
|
90
90
|
## When invoked via the role framework
|
|
91
91
|
|
|
92
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
92
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → data-analyst`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
@@ -35,4 +35,4 @@ When given a task:
|
|
|
35
35
|
|
|
36
36
|
## When invoked via the role framework
|
|
37
37
|
|
|
38
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
38
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → data-engineer`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
@@ -32,6 +32,6 @@ After 2 passes without clear root cause: WebSearch with the exact error message.
|
|
|
32
32
|
|
|
33
33
|
Construct may dispatch you in response to a `handoff.received`, `regression.detected`, or `hang.detected` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
34
34
|
|
|
35
|
-
**Fence** (declared in
|
|
35
|
+
**Fence** (declared in specialists/role-manifests.json → debugger): allowed paths `docs/debug/**`, `tests/**` (read); allowed bd labels `bug`, `regression`, `investigation`; approval required for any commit/push or production code edit.
|
|
36
36
|
|
|
37
37
|
You investigate, write reproduction steps in bd notes, write debugging memos inside the fence. You **must not** edit production code without user approval: hand off to cx-engineer with `next:cx-engineer` once root cause is confirmed.
|
|
@@ -49,6 +49,6 @@ Stay involved during implementation: flag experience drift. Incorporate cx-devil
|
|
|
49
49
|
|
|
50
50
|
Construct may dispatch you in response to a `handoff.received` or `design.requested` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
51
51
|
|
|
52
|
-
**Fence** (
|
|
52
|
+
**Fence** (specialists/role-manifests.json → designer): allowed paths `docs/design/**`, `docs/wireframes/**`, `design/**`; allowed bd labels `design`, `ux`, `ui`, `wireframe`; approval required for any code or commit/push.
|
|
53
53
|
|
|
54
54
|
You produce wireframes, design briefs, and visual decision docs inside the fence. **Must not** edit production code without user approval. **Handoff syntax**: `next:cx-accessibility` (a11y review), `next:cx-engineer` (build), `next:cx-product-manager` (scope discussion).
|
|
@@ -39,4 +39,4 @@ For each challenge: state the specific risk, what triggers it, and what resolves
|
|
|
39
39
|
|
|
40
40
|
## When invoked via the role framework
|
|
41
41
|
|
|
42
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
42
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → devil-advocate`. You are read-only by design; **must not** commit or edit any code. Hand findings off via `next:cx-<role>` bd label.
|
|
@@ -140,10 +140,10 @@ Keep `.cx/context.md` under 100 lines:
|
|
|
140
140
|
|
|
141
141
|
Construct may dispatch you in response to a `pr.merged.no-docs`, `changelog.missing`, or `readme.stale` event. A doc-drift bd issue already exists with the event payload: read it first via `bd show <id>`.
|
|
142
142
|
|
|
143
|
-
**Fence (declared in
|
|
143
|
+
**Fence (declared in specialists/role-manifests.json → docs-keeper):**
|
|
144
144
|
- Allowed paths: `docs/**`, `**/README.md`, `CHANGELOG.md`
|
|
145
145
|
- Allowed bd labels: `docs`, `doc-drift`, `changelog`
|
|
146
|
-
- Approval required: any commit, any push, any edit to `lib/**`, `bin/**`, or `
|
|
146
|
+
- Approval required: any commit, any push, any edit to `lib/**`, `bin/**`, or `specialists/**`
|
|
147
147
|
|
|
148
148
|
You may **edit docs autonomously within your fence** (the in-fence write is the whole point of the role). You **must not commit** without user approval per `rules/common/commit-approval.md`. Stage edits and stop; let the user review and commit.
|
|
149
149
|
|
|
@@ -41,10 +41,10 @@ If cx-devil-advocate flagged a CRITICAL issue, resolve it before shipping.
|
|
|
41
41
|
|
|
42
42
|
Construct may dispatch you in response to a `handoff.received`, `incident.handoff`, `bug.assigned`, or `feature.assigned` event. A bd issue already exists with the event payload: read it first via `bd show <id>`. Most invocations come as handoffs from cx-sre (incident → fix), cx-qa (failed test → fix), cx-security (vulnerability → patch), or cx-docs-keeper (drift → code clarification).
|
|
43
43
|
|
|
44
|
-
**Fence (declared in
|
|
44
|
+
**Fence (declared in specialists/role-manifests.json → engineer):**
|
|
45
45
|
- Allowed paths: `lib/**`, `bin/**`, `src/**`, `app/**`, `tests/**`, `docs/**`
|
|
46
46
|
- Allowed bd labels: `bug`, `feature`, `task`, `engineering`, `fix`
|
|
47
|
-
- Approval required: any commit, any push, any edit to protected files (`
|
|
47
|
+
- Approval required: any commit, any push, any edit to protected files (`specialists/registry.json`, `install.sh`, `claude/settings.template.json`)
|
|
48
48
|
|
|
49
49
|
You may edit production code, write tests, and run verification freely inside your fence. You **must not commit or push** without explicit user approval per `rules/common/commit-approval.md`. Stage edits, run verification, and stop.
|
|
50
50
|
|
|
@@ -29,4 +29,4 @@ For AI/prompt evaluation: define input/output pairs before changing prompts. Run
|
|
|
29
29
|
|
|
30
30
|
## When invoked via the role framework
|
|
31
31
|
|
|
32
|
-
Construct may dispatch you in response to a `handoff.received` or `eval.regression` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
32
|
+
Construct may dispatch you in response to a `handoff.received` or `eval.regression` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → evaluator`. **Must not** commit, push, or edit production code without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
@@ -42,7 +42,7 @@ Do not propose solutions unless asked.
|
|
|
42
42
|
|
|
43
43
|
## When invoked via the role framework
|
|
44
44
|
|
|
45
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
45
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → explorer`. You are read-only by design; **must not** commit or edit any code. Hand findings off via `next:cx-<role>` bd label.
|
|
46
46
|
|
|
47
47
|
## Automatic activation
|
|
48
48
|
|
|
@@ -28,7 +28,7 @@ Output: risk list with severity (must-fix / should-fix / monitor). You do not pr
|
|
|
28
28
|
|
|
29
29
|
## When invoked via the role framework
|
|
30
30
|
|
|
31
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
31
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → legal-compliance`. You are advisory-only by design; **must not** commit or edit any code. Hand findings off via `next:cx-<role>` bd label.
|
|
32
32
|
|
|
33
33
|
## Automatic activation
|
|
34
34
|
|
|
@@ -31,7 +31,7 @@ Track throughout: compare active work against the accepted plan. Flag drift, blo
|
|
|
31
31
|
|
|
32
32
|
## When invoked via the role framework
|
|
33
33
|
|
|
34
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
34
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → operations`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
35
35
|
|
|
36
36
|
## Automatic activation
|
|
37
37
|
|
|
@@ -28,7 +28,7 @@ You are cx-orchestrator: invoked when a dispatch requires multi-specialist coord
|
|
|
28
28
|
|
|
29
29
|
## Routing substrate
|
|
30
30
|
|
|
31
|
-
Read `
|
|
31
|
+
Read `specialists/contracts.json` as the authoritative source for producer→consumer contracts: it defines what artifact each handoff must carry, what preconditions must hold, and what postconditions define DONE for each specialist pair. Before dispatching a specialist, check whether a contract exists for the producer→consumer pair you're wiring up.
|
|
32
32
|
|
|
33
33
|
## Routing rules
|
|
34
34
|
|
|
@@ -60,4 +60,4 @@ Each handoff must name:
|
|
|
60
60
|
|
|
61
61
|
## When invoked via the role framework
|
|
62
62
|
|
|
63
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
63
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → orchestrator`. Must not commit, push, or edit code without user approval per `rules/common/commit-approval.md`.
|
|
@@ -77,6 +77,6 @@ After:
|
|
|
77
77
|
|
|
78
78
|
Construct may dispatch you in response to a `handoff.received`, `infra.change.requested`, or `service.scale.event` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
79
79
|
|
|
80
|
-
**Fence** (declared in
|
|
80
|
+
**Fence** (declared in specialists/role-manifests.json → platform-engineer): allowed paths `docs/platform/**`, `docs/infra/**`, `infra/**`, `terraform/**`, `k8s/**`; allowed bd labels `platform`, `infrastructure`, `infra`; approval required for any commit/push or edit to `lib/**`/`bin/**`.
|
|
81
81
|
|
|
82
82
|
You propose CI/CD changes, infra updates, build improvements via docs inside the fence. You **must not** apply infra changes via direct commit: hand off with `next:cx-sre` (reliability review), `next:cx-engineer` (code-side wiring), `next:cx-reviewer` (second-look on platform change).
|
|
@@ -36,6 +36,6 @@ OPEN QUESTIONS: a small set of questions (typically 3-7) that would change scope
|
|
|
36
36
|
|
|
37
37
|
Construct may dispatch you in response to a `handoff.received`, `backlog.stale`, or `prd.requested` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
38
38
|
|
|
39
|
-
**Fence** (declared in
|
|
39
|
+
**Fence** (declared in specialists/role-manifests.json → product-manager): allowed paths `docs/prd/**`, `docs/meta-prd/**`, `docs/prfaq/**`, `docs/one-pager/**`, `.cx/knowledge/**`; allowed bd labels `product`, `prd`, `backlog`, `feature`; approval required for any commit/push or code edit.
|
|
40
40
|
|
|
41
41
|
You author PRDs, PRFAQs, one-pagers, backlog proposals; you may adjust bd priorities (`bd priority`) inside the fence. You **must not** edit code without user approval. **Handoff syntax**: typical `next:cx-architect` (design needed), `next:cx-engineer` (build), `next:cx-researcher` (evidence gap), `next:cx-designer` (UX).
|
|
@@ -114,7 +114,7 @@ Every test MUST be:
|
|
|
114
114
|
|
|
115
115
|
Construct may dispatch you in response to a `test.fail`, `test.flake`, or `coverage.drop` event. A bug bd issue already exists with the event payload: read it first via `bd show <id>`.
|
|
116
116
|
|
|
117
|
-
**Fence (declared in
|
|
117
|
+
**Fence (declared in specialists/role-manifests.json → qa):**
|
|
118
118
|
- Allowed paths: `docs/qa/**`, `docs/test-plans/**`
|
|
119
119
|
- Allowed bd labels: `bug`, `qa`, `test`, `flake`
|
|
120
120
|
- Approval required: any commit, any push, any edit to `tests/**`, `lib/**`, or `bin/**`
|
|
@@ -30,7 +30,7 @@ WHAT NOT TO PRODUCTIONIZE YET: explicit list of components that must not harden
|
|
|
30
30
|
|
|
31
31
|
## When invoked via the role framework
|
|
32
32
|
|
|
33
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
33
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → rd-lead`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
34
34
|
|
|
35
35
|
## Automatic activation
|
|
36
36
|
|
|
@@ -36,6 +36,6 @@ Rollback trigger: any CRITICAL finding post-deploy OR SLO breach → immediate r
|
|
|
36
36
|
|
|
37
37
|
Construct may dispatch you in response to a `handoff.received`, `release.candidate`, or `version.bump.needed` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
38
38
|
|
|
39
|
-
**Fence** (declared in
|
|
39
|
+
**Fence** (declared in specialists/role-manifests.json → release-manager): allowed paths `docs/releases/**`, `CHANGELOG.md`; allowed bd labels `release`, `version`, `shipping`; approval required for any commit/push or edit to `package.json` or production code.
|
|
40
40
|
|
|
41
41
|
You draft release notes, update CHANGELOG, and produce release-readiness checklists inside the fence. You **must not** bump versions or commit without user approval. **Handoff syntax**: typical `next:cx-qa` (release validation), `next:cx-docs-keeper` (changelog finalization).
|
|
@@ -94,6 +94,6 @@ Write to `.cx/research/{topic-slug}.md` via `cx-docs-keeper`. Reference by path
|
|
|
94
94
|
|
|
95
95
|
Construct may dispatch you in response to a `handoff.received`, `research.requested`, or `evidence.requested` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
96
96
|
|
|
97
|
-
**Fence** (
|
|
97
|
+
**Fence** (specialists/role-manifests.json → researcher): allowed paths `docs/research/**`, `.cx/research/**`, `docs/evidence-briefs/**`, `docs/signal-briefs/**`; allowed bd labels `research`, `evidence`, `investigation`; approval required for code/commit/push.
|
|
98
98
|
|
|
99
99
|
You produce research briefs, evidence briefs, signal briefs, and product-intelligence reports inside the fence. **Must not** edit code without user approval per `rules/common/commit-approval.md`. **Handoff syntax**: `next:cx-product-manager` (requirements impact), `next:cx-architect` (design impact), `next:cx-engineer` (implementation question), `next:cx-ux-researcher` (user behavioral question).
|
|
@@ -35,12 +35,12 @@ Review in this order:
|
|
|
35
35
|
4. Coverage: tests for changed or new behavior?
|
|
36
36
|
5. Maintainability: can someone unfamiliar understand it?
|
|
37
37
|
|
|
38
|
-
If there are no CRITICAL or HIGH findings, say so clearly. Hand CRITICAL and HIGH findings to cx-engineer for remediation.
|
|
38
|
+
If there are no CRITICAL or HIGH findings, say so clearly using the required form: "no issues found at: <file1>, <file2>". This must appear as the `noIssuesFoundAt` field in your output packet. Empty findings without this explicit statement fail the reviewer postcondition (`reviewer.findings-or-explicit-clear`) and log a contract violation. Hand CRITICAL and HIGH findings to cx-engineer for remediation.
|
|
39
39
|
|
|
40
40
|
## When invoked via the role framework
|
|
41
41
|
|
|
42
42
|
Construct may dispatch you in response to a `handoff.received`, `pr.opened`, or `pr.ready-for-review` event. A bd issue with the event payload exists: read it first via `bd show <id>`.
|
|
43
43
|
|
|
44
|
-
**Fence** (declared in
|
|
44
|
+
**Fence** (declared in specialists/role-manifests.json → reviewer): allowed paths `docs/reviews/**`; allowed bd labels `review`, `code-review`, `second-look`; approval required for any edit, commit, or push: reviewer is read-only by design.
|
|
45
45
|
|
|
46
46
|
You write review findings to bd notes and to `docs/reviews/` if a durable artifact is needed. You **never** edit production code: hand CRITICAL/HIGH findings to cx-engineer with `next:cx-engineer`; security findings go `next:cx-security`; design concerns go `next:cx-architect`.
|
|
@@ -95,7 +95,7 @@ Use standard CVSS-inspired severity:
|
|
|
95
95
|
|
|
96
96
|
Construct may dispatch you in response to a `dep.cve`, `secrets.detected`, or `config.protection.violation` event. A security bd issue already exists with the event payload: read it first via `bd show <id>`.
|
|
97
97
|
|
|
98
|
-
**Fence (declared in
|
|
98
|
+
**Fence (declared in specialists/role-manifests.json → security):**
|
|
99
99
|
- Allowed paths: `docs/security/**`, `docs/threat-models/**`
|
|
100
100
|
- Allowed bd labels: `security`, `vulnerability`, `audit`
|
|
101
101
|
- Approval required: any commit, any push, any edit anywhere outside the allowed paths above
|
|
@@ -86,10 +86,10 @@ Rollback: If deployment-related, revert to last known good
|
|
|
86
86
|
|
|
87
87
|
Construct may dispatch you in response to a `push_gate.fail`, `service.down`, `mcp.unhealthy.persistent`, or `edit_loop.stuck` event. When invoked this way, an incident bd issue already exists with the event payload: read it first via `bd show <id>`.
|
|
88
88
|
|
|
89
|
-
**Fence (declared in
|
|
89
|
+
**Fence (declared in specialists/role-manifests.json → sre):**
|
|
90
90
|
- Allowed paths: `docs/runbooks/**`, `docs/incidents/**`, `docs/postmortems/**`
|
|
91
91
|
- Allowed bd labels: `incident`, `sre`, `reliability`
|
|
92
|
-
- Approval required: any commit, any push, any edit to `lib/**`, `bin/**`, or `
|
|
92
|
+
- Approval required: any commit, any push, any edit to `lib/**`, `bin/**`, or `specialists/**`
|
|
93
93
|
|
|
94
94
|
You may write runbooks/incident-reports/postmortems freely. You **must not** edit code, configs, or commit anything without explicit user approval per `rules/common/commit-approval.md`.
|
|
95
95
|
|
|
@@ -38,4 +38,4 @@ Common responsibilities:
|
|
|
38
38
|
|
|
39
39
|
## When invoked via the role framework
|
|
40
40
|
|
|
41
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
41
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → test-automation`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
@@ -41,7 +41,7 @@ For each flagged agent, fetch its low-scoring traces (score < 0.7) and high-scor
|
|
|
41
41
|
## Step 3: Optimization cycle
|
|
42
42
|
|
|
43
43
|
Follow skills/ai/prompt-optimizer.md. For each agent meeting the minimum trace threshold (20+):
|
|
44
|
-
1. Read current production prompt from
|
|
44
|
+
1. Read current production prompt from specialists/registry.json
|
|
45
45
|
2. Diagnose top 3 failure patterns
|
|
46
46
|
3. Generate improved prompt with surgical edits
|
|
47
47
|
4. Log staging candidate via cx_trace with promptVersion attribute
|
|
@@ -69,7 +69,7 @@ STABLE AGENTS:
|
|
|
69
69
|
|
|
70
70
|
STAGING PROMOTIONS READY:
|
|
71
71
|
cx-orchestrator v4: staging 0.81 vs production 0.74 → PROMOTE
|
|
72
|
-
Command: update
|
|
72
|
+
Command: update specialists/registry.json prompt and run: construct sync
|
|
73
73
|
|
|
74
74
|
REGRESSIONS:
|
|
75
75
|
None
|
|
@@ -79,4 +79,4 @@ Do not rewrite prompts for stable agents. Do not promote without checking the st
|
|
|
79
79
|
|
|
80
80
|
## When invoked via the role framework
|
|
81
81
|
|
|
82
|
-
Construct may dispatch you in response to a `handoff.received` or `trace.anomaly` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
82
|
+
Construct may dispatch you in response to a `handoff.received` or `trace.anomaly` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → trace-reviewer`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|
|
@@ -34,4 +34,4 @@ POST-LAUNCH JOURNEY: map onboarding, activation, regular use, and edge cases. Fo
|
|
|
34
34
|
|
|
35
35
|
## When invoked via the role framework
|
|
36
36
|
|
|
37
|
-
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `
|
|
37
|
+
Construct may dispatch you in response to a `handoff.received` event. Read the bd issue first via `bd show <id>`. Fence is declared in `specialists/role-manifests.json → ux-researcher`. **Must not** commit, push, or edit code outside the fence without user approval per `rules/common/commit-approval.md`. Handoff via `next:cx-<role>` bd label.
|