@geraldmaron/construct 1.4.1 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (556) hide show
  1. package/.env.example +36 -0
  2. package/README.md +41 -7
  3. package/bin/construct +1029 -65
  4. package/bin/construct-postinstall.mjs +27 -2
  5. package/config/tag-vocabulary.json +264 -0
  6. package/examples/distribution/sources/deck-one-pager.md +1 -1
  7. package/lib/acp/server.mjs +21 -7
  8. package/lib/adapters-sync.mjs +2 -1
  9. package/lib/audit-trail.mjs +185 -2
  10. package/lib/beads/auto-close.mjs +2 -1
  11. package/lib/beads/drift.mjs +2 -1
  12. package/lib/bridges/copilot-proxy.mjs +20 -5
  13. package/lib/certification/skill-inventory.mjs +10 -1
  14. package/lib/cli/approvals.mjs +147 -0
  15. package/lib/cli-commands.mjs +105 -14
  16. package/lib/comment-lint.mjs +127 -8
  17. package/lib/config/schema.mjs +7 -30
  18. package/lib/config/source-target-registry.mjs +70 -0
  19. package/lib/config/source-targets.mjs +179 -205
  20. package/lib/contracts/coverage.mjs +77 -0
  21. package/lib/contracts/validate.mjs +102 -13
  22. package/lib/contracts/violation-log.mjs +50 -4
  23. package/lib/db/migrate.mjs +69 -0
  24. package/lib/db/migrations/001_orchestration_runs.sql +9 -0
  25. package/lib/db/migrations/002_queue_provider.sql +50 -0
  26. package/lib/db/migrations/003_worker_registry.sql +17 -0
  27. package/lib/db/migrations/004_trace_events.sql +16 -0
  28. package/lib/db/migrations/005_shared_memory.sql +15 -0
  29. package/lib/db/migrations/006_orchestration_runs_tenant.sql +5 -0
  30. package/lib/decisions/enforced-baseline.json +0 -2
  31. package/lib/decisions/registry.mjs +3 -2
  32. package/lib/deployment/parity-contract.mjs +1 -1
  33. package/lib/deployment-mode.mjs +78 -2
  34. package/lib/diagram-export.mjs +10 -1
  35. package/lib/distill.mjs +5 -2
  36. package/lib/docs-verify.mjs +2 -1
  37. package/lib/doctor/cli.mjs +1 -0
  38. package/lib/doctor/command-on-path.mjs +24 -0
  39. package/lib/doctor/diagnosis.mjs +109 -0
  40. package/lib/doctor/embedding-health.mjs +50 -0
  41. package/lib/doctor/engine-health.mjs +93 -0
  42. package/lib/doctor/graph-validate.mjs +47 -0
  43. package/lib/doctor/index.mjs +23 -4
  44. package/lib/doctor/sidecar-providers.mjs +56 -0
  45. package/lib/doctor/watchers/consistency.mjs +93 -1
  46. package/lib/doctor/watchers/cx-budget.mjs +1 -1
  47. package/lib/doctor/watchers/graph-staleness.mjs +1 -1
  48. package/lib/doctor/watchers/mcp-protocol.mjs +17 -0
  49. package/lib/doctor/watchers/oracle-liveness.mjs +92 -0
  50. package/lib/doctor/watchers/orchestration-runs.mjs +108 -0
  51. package/lib/doctor/watchers/provider-breaker.mjs +78 -0
  52. package/lib/document-export.mjs +52 -27
  53. package/lib/document-extract/docling-client.mjs +9 -5
  54. package/lib/document-extract/docling-sidecar.py +30 -0
  55. package/lib/document-extract.mjs +1 -1
  56. package/lib/document-ingest.mjs +9 -0
  57. package/lib/embed/approval-queue.mjs +184 -88
  58. package/lib/embed/authority-guard.mjs +65 -2
  59. package/lib/embed/capability-jobs.mjs +365 -0
  60. package/lib/embed/capability-lifecycle.mjs +219 -0
  61. package/lib/embed/capability-loader.mjs +303 -0
  62. package/lib/embed/capability-runtime.mjs +58 -0
  63. package/lib/embed/cli.mjs +185 -8
  64. package/lib/embed/config.mjs +4 -0
  65. package/lib/embed/daemon.mjs +125 -6
  66. package/lib/embed/demand-fetch.mjs +190 -54
  67. package/lib/embed/inbox.mjs +12 -10
  68. package/lib/embed/presets/ops-triage.mjs +236 -0
  69. package/lib/embed/presets/pm-feedback.mjs +341 -0
  70. package/lib/embed/presets/tpm.mjs +401 -0
  71. package/lib/embed/providers/jira.mjs +72 -1
  72. package/lib/embed/providers/registry.mjs +140 -33
  73. package/lib/embed/worker.mjs +5 -0
  74. package/lib/embedded-contract/capability.mjs +4 -0
  75. package/lib/embedded-contract/execution.mjs +1 -1
  76. package/lib/embedded-contract/model-resolve.mjs +53 -3
  77. package/lib/embedded-contract/workflow-defs.mjs +48 -73
  78. package/lib/embedded-contract/workflow-invoke.mjs +144 -4
  79. package/lib/embedded-contract/workflows/architecture-review.manifest.json +15 -0
  80. package/lib/embedded-contract/workflows/data-structure.manifest.json +14 -0
  81. package/lib/embedded-contract/workflows/evidence-ingest.manifest.json +14 -0
  82. package/lib/embedded-contract/workflows/memo-draft.manifest.json +14 -0
  83. package/lib/embedded-contract/workflows/operations-triage.manifest.json +18 -0
  84. package/lib/embedded-contract/workflows/operations.manifest.json +18 -0
  85. package/lib/embedded-contract/workflows/pm-feedback.manifest.json +18 -0
  86. package/lib/embedded-contract/workflows/prd-draft.manifest.json +15 -0
  87. package/lib/embedded-contract/workflows/proposal-review.manifest.json +15 -0
  88. package/lib/embedded-contract/workflows/research-synthesis.manifest.json +14 -0
  89. package/lib/embedded-contract/workflows/risk-review.manifest.json +15 -0
  90. package/lib/embedded-contract/workflows/structure-notes.manifest.json +14 -0
  91. package/lib/embedded-contract/workflows/transcript-process.manifest.json +14 -0
  92. package/lib/embedded-contract/workflows/triage.manifest.json +14 -0
  93. package/lib/env-config.mjs +60 -11
  94. package/lib/export-validate.mjs +34 -2
  95. package/lib/extensions/index.mjs +27 -0
  96. package/lib/extensions/loader.mjs +120 -0
  97. package/lib/extensions/manifest-schema.mjs +141 -0
  98. package/lib/extensions/manifests/anthropic.manifest.json +12 -0
  99. package/lib/extensions/manifests/atlassian-confluence.manifest.json +12 -0
  100. package/lib/extensions/manifests/atlassian-jira.manifest.json +53 -0
  101. package/lib/extensions/manifests/directory.manifest.json +12 -0
  102. package/lib/extensions/manifests/docling.manifest.json +37 -0
  103. package/lib/extensions/manifests/echo.manifest.json +8 -0
  104. package/lib/extensions/manifests/feedback.manifest.json +12 -0
  105. package/lib/extensions/manifests/github-copilot.manifest.json +12 -0
  106. package/lib/extensions/manifests/github.manifest.json +52 -0
  107. package/lib/extensions/manifests/linear.manifest.json +50 -0
  108. package/lib/extensions/manifests/local.manifest.json +12 -0
  109. package/lib/extensions/manifests/ollama.manifest.json +12 -0
  110. package/lib/extensions/manifests/openai.manifest.json +12 -0
  111. package/lib/extensions/manifests/openrouter-anthropic.manifest.json +12 -0
  112. package/lib/extensions/manifests/openrouter-deepseek.manifest.json +12 -0
  113. package/lib/extensions/manifests/openrouter-google.manifest.json +12 -0
  114. package/lib/extensions/manifests/openrouter-llama.manifest.json +12 -0
  115. package/lib/extensions/manifests/openrouter-qwen.manifest.json +12 -0
  116. package/lib/extensions/manifests/openrouter.manifest.json +12 -0
  117. package/lib/extensions/manifests/postgres.manifest.json +12 -0
  118. package/lib/extensions/manifests/salesforce.manifest.json +12 -0
  119. package/lib/extensions/manifests/slack.manifest.json +58 -0
  120. package/lib/extensions/manifests/whisper.manifest.json +36 -0
  121. package/lib/extensions/validate.mjs +175 -0
  122. package/lib/features.mjs +13 -9
  123. package/lib/flows/checkpoint.mjs +184 -0
  124. package/lib/flows/constants.mjs +27 -0
  125. package/lib/flows/define.mjs +146 -0
  126. package/lib/flows/engine.mjs +249 -0
  127. package/lib/flows/errors.mjs +19 -0
  128. package/lib/flows/index.mjs +27 -0
  129. package/lib/flows/joins.mjs +18 -0
  130. package/lib/flows/schema.mjs +90 -0
  131. package/lib/flows/state.mjs +31 -0
  132. package/lib/frameworks/loader.mjs +99 -0
  133. package/lib/frameworks/schema.mjs +157 -0
  134. package/lib/graph/build-from-corpus.mjs +67 -0
  135. package/lib/graph/build-from-embed.mjs +82 -0
  136. package/lib/graph/build-from-registry.mjs +164 -3
  137. package/lib/graph/cli.mjs +456 -12
  138. package/lib/graph/gap-queries.mjs +156 -0
  139. package/lib/graph/gaps.mjs +41 -0
  140. package/lib/graph/impacted.mjs +129 -0
  141. package/lib/graph/runtime-evidence.mjs +177 -0
  142. package/lib/graph/security-coverage.mjs +113 -0
  143. package/lib/graph/staleness.mjs +241 -10
  144. package/lib/graph/store.mjs +24 -7
  145. package/lib/graph/validate.mjs +161 -0
  146. package/lib/headhunt.mjs +9 -8
  147. package/lib/health-check.mjs +15 -7
  148. package/lib/hook-health.mjs +1 -1
  149. package/lib/hooks/agent-tracker.mjs +10 -4
  150. package/lib/hooks/edit-guard.mjs +3 -3
  151. package/lib/hooks/graph-impact-advisory.mjs +2 -2
  152. package/lib/hooks/guard-bash.mjs +41 -15
  153. package/lib/hooks/mcp-health-check.mjs +11 -4
  154. package/lib/hooks/model-fallback.mjs +50 -6
  155. package/lib/hooks/orchestration-dispatch-guard.mjs +14 -3
  156. package/lib/hooks/pre-compact.mjs +181 -173
  157. package/lib/hooks/rule-verifier.mjs +2 -1
  158. package/lib/hooks/session-reflect.mjs +2 -1
  159. package/lib/hooks/session-start.mjs +3 -3
  160. package/lib/host/readiness.mjs +109 -0
  161. package/lib/host-capabilities.mjs +13 -2
  162. package/lib/host-disposition.mjs +29 -8
  163. package/lib/identity.mjs +92 -0
  164. package/lib/ingest/degraded-extract.mjs +96 -0
  165. package/lib/ingest/docling-remote.mjs +2 -1
  166. package/lib/ingest/provider-extract.mjs +7 -19
  167. package/lib/ingest/sidecar-providers.mjs +196 -0
  168. package/lib/ingest-tooling.mjs +11 -5
  169. package/lib/init-unified.mjs +55 -38
  170. package/lib/init-update.mjs +2 -1
  171. package/lib/install/legacy-global-cleanup.mjs +25 -0
  172. package/lib/install/stage-project.mjs +41 -4
  173. package/lib/intake/daemon.mjs +99 -8
  174. package/lib/intake/git-queue.mjs +110 -38
  175. package/lib/intake/prepare.mjs +2 -0
  176. package/lib/intake/queue-registry.mjs +50 -0
  177. package/lib/intake/queue.mjs +133 -17
  178. package/lib/intake/session-prelude.mjs +57 -8
  179. package/lib/integrations/intake-integrations.mjs +61 -111
  180. package/lib/intent-classifier.mjs +43 -5
  181. package/lib/libreoffice-export.mjs +8 -8
  182. package/lib/logging/rotate.mjs +5 -4
  183. package/lib/mcp/broker.mjs +332 -17
  184. package/lib/mcp/denied-store.mjs +95 -0
  185. package/lib/mcp/destructive-approval.mjs +57 -0
  186. package/lib/mcp/destructive-gate.mjs +30 -0
  187. package/lib/mcp/dispatch-envelope.mjs +199 -0
  188. package/lib/mcp/memory-bridge.mjs +2 -1
  189. package/lib/mcp/server.mjs +185 -1268
  190. package/lib/mcp/tool-definitions-memory.mjs +376 -0
  191. package/lib/mcp/tool-definitions-project.mjs +271 -0
  192. package/lib/mcp/tool-definitions-skills.mjs +311 -0
  193. package/lib/mcp/tool-definitions-workflow.mjs +398 -0
  194. package/lib/mcp/tool-definitions.mjs +25 -0
  195. package/lib/mcp/tool-rate-limit.mjs +47 -0
  196. package/lib/mcp/tool-registry.mjs +107 -0
  197. package/lib/mcp/tool-safety.mjs +95 -0
  198. package/lib/mcp/tool-surface-parity.mjs +60 -0
  199. package/lib/mcp/tools/orchestration-delegation-next.tool.mjs +68 -0
  200. package/lib/mcp/tools/orchestration-run.mjs +197 -19
  201. package/lib/mcp/tools/orchestration-task-result.tool.mjs +77 -0
  202. package/lib/mcp/tools/project.mjs +25 -8
  203. package/lib/mcp/tools/provider-write.mjs +187 -0
  204. package/lib/mcp/tools/scope.mjs +0 -3
  205. package/lib/mcp/tools/skills.mjs +1 -1
  206. package/lib/mcp/tools/storage.mjs +2 -2
  207. package/lib/mcp/tools/web-search-governance.mjs +96 -0
  208. package/lib/mcp/tools/web-search.mjs +5 -76
  209. package/lib/mcp/transport/auth.mjs +238 -0
  210. package/lib/mcp/transport/http.mjs +136 -0
  211. package/lib/mcp/transport/mode.mjs +31 -0
  212. package/lib/mcp/transport/stdio.mjs +22 -0
  213. package/lib/mcp-catalog.json +4 -4
  214. package/lib/mcp-manager.mjs +34 -23
  215. package/lib/mcp-platform-config.mjs +53 -20
  216. package/lib/mode-capabilities.mjs +109 -0
  217. package/lib/model-router.mjs +42 -9
  218. package/lib/models/catalog.mjs +40 -1
  219. package/lib/net-guard.mjs +247 -0
  220. package/lib/observation-store.mjs +6 -2
  221. package/lib/ollama/provision-context.mjs +2 -1
  222. package/lib/opencode-config.mjs +22 -3
  223. package/lib/opencode-runtime-plugin.mjs +120 -2
  224. package/lib/oracle/actions.mjs +204 -10
  225. package/lib/oracle/cli.mjs +24 -3
  226. package/lib/oracle/daemon-entry.mjs +6 -0
  227. package/lib/oracle/dispatch.mjs +2 -1
  228. package/lib/oracle/execute.mjs +2 -2
  229. package/lib/oracle/gaps.mjs +3 -3
  230. package/lib/oracle/heartbeat.mjs +53 -0
  231. package/lib/oracle/read-model.mjs +69 -13
  232. package/lib/oracle/reconcile.mjs +3 -46
  233. package/lib/oracle/routing.mjs +37 -31
  234. package/lib/oracle/synthesize.mjs +1 -1
  235. package/lib/orchestration/classification.mjs +434 -0
  236. package/lib/orchestration/delegation-flow.mjs +132 -0
  237. package/lib/orchestration/flow-selection.mjs +418 -0
  238. package/lib/orchestration/gates.mjs +244 -0
  239. package/lib/orchestration/host-sampling.mjs +121 -0
  240. package/lib/orchestration/policy-constants.mjs +48 -0
  241. package/lib/orchestration/provider-outcome.mjs +197 -0
  242. package/lib/orchestration/readiness.mjs +114 -13
  243. package/lib/orchestration/run-store-postgres.mjs +32 -26
  244. package/lib/orchestration/run-store-sqlite.mjs +8 -14
  245. package/lib/orchestration/run-store.mjs +25 -12
  246. package/lib/orchestration/runtime.mjs +508 -62
  247. package/lib/orchestration/store.mjs +87 -12
  248. package/lib/orchestration/trace-store.mjs +125 -0
  249. package/lib/orchestration/web-capability.mjs +60 -0
  250. package/lib/orchestration/worker-runtime.mjs +162 -0
  251. package/lib/orchestration/worker.mjs +763 -80
  252. package/lib/orchestration-policy.mjs +67 -1111
  253. package/lib/output-quality.mjs +61 -2
  254. package/lib/packs/cli.mjs +144 -0
  255. package/lib/packs/core-pack.mjs +112 -0
  256. package/lib/packs/enablement.mjs +187 -0
  257. package/lib/packs/index.mjs +23 -0
  258. package/lib/packs/loader.mjs +176 -0
  259. package/lib/packs/manifest-schema.mjs +58 -0
  260. package/lib/packs/prompts.mjs +120 -0
  261. package/lib/packs/validate.mjs +208 -0
  262. package/lib/path-policy.mjs +56 -0
  263. package/lib/plugin-registry.mjs +4 -5
  264. package/lib/policy/audit-gate.mjs +42 -0
  265. package/lib/policy/consumption-budget.mjs +149 -0
  266. package/lib/policy/engine.mjs +81 -6
  267. package/lib/policy/role-authority.mjs +89 -0
  268. package/lib/prompt-composer.js +19 -3
  269. package/lib/providers/contract/adapters/confluence/governed-write.mjs +215 -0
  270. package/lib/providers/contract/adapters/confluence/manifest.json +17 -0
  271. package/lib/providers/contract/adapters/confluence/transport.mjs +135 -0
  272. package/lib/providers/contract/adapters/github/governed-write.mjs +121 -0
  273. package/lib/providers/contract/adapters/github/index.mjs +38 -3
  274. package/lib/providers/contract/adapters/jira/adf.mjs +151 -0
  275. package/lib/providers/contract/adapters/jira/createmeta.mjs +143 -0
  276. package/lib/providers/contract/adapters/jira/governed-write.mjs +182 -0
  277. package/lib/providers/contract/adapters/jira/manifest.json +17 -0
  278. package/lib/providers/contract/adapters/jira/transport.mjs +119 -0
  279. package/lib/providers/contract.mjs +207 -0
  280. package/lib/providers/credential-bootstrap.mjs +7 -4
  281. package/lib/providers/credential-sources.mjs +14 -2
  282. package/lib/providers/directory/index.mjs +261 -0
  283. package/lib/providers/feedback/index.mjs +392 -0
  284. package/lib/providers/filter-audit.mjs +68 -0
  285. package/lib/providers/filter-schema.mjs +54 -0
  286. package/lib/providers/github/index.mjs +31 -0
  287. package/lib/providers/instance-config.mjs +215 -0
  288. package/lib/providers/op-locate.mjs +96 -0
  289. package/lib/providers/op-run.mjs +64 -9
  290. package/lib/providers/registry.mjs +26 -3
  291. package/lib/providers/secret-audit-wiring.mjs +41 -18
  292. package/lib/providers/secret-resolver.mjs +263 -31
  293. package/lib/publish-template.mjs +6 -3
  294. package/lib/publish-tooling.mjs +4 -0
  295. package/lib/publish.mjs +32 -4
  296. package/lib/queue/pg-queue.mjs +395 -0
  297. package/lib/reflect.mjs +2 -1
  298. package/lib/registry/assemble.mjs +28 -2
  299. package/lib/registry/catalog.mjs +6 -0
  300. package/lib/registry/consolidation.mjs +8 -1
  301. package/lib/registry/custom-scaffold.mjs +200 -0
  302. package/lib/registry/custom-schema.mjs +137 -0
  303. package/lib/registry/loader.mjs +15 -4
  304. package/lib/registry/manifests/format-engines.default.json +15 -0
  305. package/lib/registry/manifests/surface-map.default.json +46 -0
  306. package/lib/registry/retired-paths.mjs +1 -0
  307. package/lib/registry/surface-map.mjs +100 -50
  308. package/lib/registry/validate.mjs +3 -3
  309. package/lib/render-visual-check.mjs +240 -0
  310. package/lib/resources/budget.mjs +40 -17
  311. package/lib/roles/flavor-bindings.mjs +36 -14
  312. package/lib/roles/gateway.mjs +15 -8
  313. package/lib/roots.mjs +107 -0
  314. package/lib/runtime/uv-bootstrap.mjs +32 -6
  315. package/lib/runtime/whisper-bootstrap.mjs +11 -3
  316. package/lib/runtime-env.mjs +5 -2
  317. package/lib/sandbox.mjs +1 -1
  318. package/lib/scheduler/index.mjs +8 -20
  319. package/lib/schema-infer.mjs +31 -2
  320. package/lib/scopes/lifecycle.mjs +29 -25
  321. package/lib/scopes/loader.mjs +49 -12
  322. package/lib/scopes/teams.mjs +1 -1
  323. package/lib/security/ingest-boundary.mjs +80 -0
  324. package/lib/security/recall-wrapper.mjs +99 -0
  325. package/lib/security/trust.mjs +132 -0
  326. package/lib/service-manager.mjs +93 -24
  327. package/lib/setup.mjs +41 -23
  328. package/lib/skills-apply.mjs +4 -2
  329. package/lib/specialists/postconditions.mjs +2 -2
  330. package/lib/state-root.mjs +147 -0
  331. package/lib/status.mjs +597 -6
  332. package/lib/storage/admin.mjs +84 -7
  333. package/lib/storage/backend-registry.mjs +73 -0
  334. package/lib/storage/backend.mjs +63 -9
  335. package/lib/storage/embeddings-openai.mjs +12 -2
  336. package/lib/storage/hybrid-query.mjs +11 -3
  337. package/lib/storage/retrieval-hardening.mjs +384 -0
  338. package/lib/storage/shared-memory.mjs +158 -0
  339. package/lib/storage/vector-client.mjs +69 -2
  340. package/lib/team/health.mjs +72 -0
  341. package/lib/telemetry/backends/local.mjs +9 -3
  342. package/lib/telemetry/client.mjs +3 -7
  343. package/lib/template-registry.mjs +10 -12
  344. package/lib/tenant/context.mjs +82 -0
  345. package/lib/tenant/isolation.mjs +129 -0
  346. package/lib/test-corpus-inventory.mjs +103 -2
  347. package/lib/uninstall/uninstall.mjs +78 -12
  348. package/lib/validator.mjs +4 -6
  349. package/lib/worker/entrypoint.mjs +2 -1
  350. package/lib/worker/run.mjs +2 -2
  351. package/lib/worker/trace.mjs +5 -11
  352. package/lib/workflow-state.mjs +52 -8
  353. package/lib/workflows/liveness.mjs +203 -0
  354. package/lib/workflows/loader.mjs +177 -0
  355. package/lib/workflows/manifest-schema.mjs +71 -0
  356. package/lib/workflows/surface-parity.mjs +118 -0
  357. package/lib/workflows/validate.mjs +127 -0
  358. package/lib/writes/control-plane.mjs +140 -0
  359. package/lib/writes/envelope.mjs +206 -0
  360. package/lib/writes/sent-log.mjs +86 -0
  361. package/lib/writes/write-intent.mjs +109 -0
  362. package/package.json +20 -7
  363. package/personas/construct.md +12 -3
  364. package/registry/agent-manifest.json +117 -0
  365. package/registry/capabilities.json +1987 -0
  366. package/rules/common/comments.md +1 -0
  367. package/schemas/brand-voice.schema.json +24 -0
  368. package/schemas/capability-registry.schema.json +72 -0
  369. package/schemas/certification-run.schema.json +130 -0
  370. package/schemas/demo-recording.schema.json +46 -0
  371. package/schemas/eval-dataset.schema.json +79 -0
  372. package/schemas/execution-capability-profile.schema.json +46 -0
  373. package/schemas/execution-policy.schema.json +114 -0
  374. package/schemas/improvement-proposal.schema.json +65 -0
  375. package/schemas/mcp-tool-output.schema.json +61 -0
  376. package/schemas/platform-capabilities.schema.json +83 -0
  377. package/schemas/project-config.schema.json +215 -0
  378. package/schemas/project-demo.schema.json +60 -0
  379. package/schemas/provider-behavior-matrix.schema.json +91 -0
  380. package/schemas/scope.schema.json +197 -0
  381. package/schemas/specialist-trace.schema.json +107 -0
  382. package/schemas/team.schema.json +99 -0
  383. package/schemas/unified-registry.schema.json +546 -0
  384. package/scripts/sync-specialists.mjs +336 -106
  385. package/skills/docs/adr-workflow.md +1 -1
  386. package/skills/docs/codebase-research-workflow.md +3 -3
  387. package/skills/docs/prd-workflow.md +5 -6
  388. package/skills/docs/runbook-workflow.md +2 -2
  389. package/skills/docs/user-research-workflow.md +3 -3
  390. package/skills/operating/fleet-health-routing.md +77 -0
  391. package/skills/roles/ai-engineer.md +1 -1
  392. package/skills/roles/architect.md +0 -1
  393. package/skills/roles/business-strategist.md +1 -1
  394. package/skills/roles/data-analyst.telemetry.md +1 -1
  395. package/skills/roles/data-engineer.md +1 -1
  396. package/skills/roles/data-engineer.pipeline.md +1 -1
  397. package/skills/roles/data-engineer.vector-retrieval.md +1 -2
  398. package/skills/roles/data-engineer.warehouse.md +1 -1
  399. package/skills/roles/designer.accessibility.md +1 -1
  400. package/skills/roles/designer.md +0 -1
  401. package/skills/roles/devil-advocate.md +1 -1
  402. package/skills/roles/docs-keeper.md +1 -1
  403. package/skills/roles/evaluator.md +1 -1
  404. package/skills/roles/explorer.md +1 -1
  405. package/skills/roles/platform-engineer.md +1 -1
  406. package/skills/roles/qa.ai-eval.md +1 -2
  407. package/skills/roles/qa.api-contract.md +0 -1
  408. package/skills/roles/qa.data-pipeline.md +0 -1
  409. package/skills/roles/qa.md +0 -1
  410. package/skills/roles/qa.web-ui.md +0 -1
  411. package/skills/roles/release-manager.md +1 -1
  412. package/skills/roles/researcher.md +0 -2
  413. package/skills/roles/reviewer.md +0 -3
  414. package/skills/roles/security.ai.md +1 -1
  415. package/skills/roles/security.legal-compliance.md +1 -1
  416. package/skills/roles/security.md +0 -1
  417. package/skills/roles/security.privacy.md +0 -1
  418. package/skills/roles/security.supply-chain.md +1 -1
  419. package/skills/roles/sre.md +1 -1
  420. package/skills/roles/test-automation.md +1 -1
  421. package/skills/roles/trace-reviewer.md +1 -1
  422. package/skills/roles/ux-researcher.md +1 -1
  423. package/specialists/artifact-manifest.json +36 -36
  424. package/specialists/org/contracts/accessibility-to-qa.json +11 -3
  425. package/specialists/org/contracts/any-to-business-strategist.json +19 -7
  426. package/specialists/org/contracts/any-to-debugger.json +7 -1
  427. package/specialists/org/contracts/any-to-designer.json +7 -1
  428. package/specialists/org/contracts/any-to-docs-keeper.json +18 -4
  429. package/specialists/org/contracts/any-to-explorer.json +13 -4
  430. package/specialists/org/contracts/any-to-sre-incident.json +6 -2
  431. package/specialists/org/contracts/any-to-trace-reviewer.json +16 -4
  432. package/specialists/org/contracts/architect-to-ai-engineer.json +6 -2
  433. package/specialists/org/contracts/architect-to-data-engineer.json +17 -5
  434. package/specialists/org/contracts/architect-to-devil-advocate.json +11 -3
  435. package/specialists/org/contracts/architect-to-engineer.json +20 -4
  436. package/specialists/org/contracts/architect-to-evaluator.json +15 -5
  437. package/specialists/org/contracts/architect-to-legal-compliance.json +15 -5
  438. package/specialists/org/contracts/architect-to-operations.json +17 -4
  439. package/specialists/org/contracts/architect-to-platform-engineer.json +20 -4
  440. package/specialists/org/contracts/construct-to-orchestrator.json +10 -2
  441. package/specialists/org/contracts/data-analyst-to-product-manager.json +11 -2
  442. package/specialists/org/contracts/engineer-to-qa.json +20 -4
  443. package/specialists/org/contracts/engineer-to-reviewer.json +29 -5
  444. package/specialists/org/contracts/explorer-to-engineer.json +11 -3
  445. package/specialists/org/contracts/legal-compliance-to-release-manager.json +12 -4
  446. package/specialists/org/contracts/operations-to-user.json +53 -0
  447. package/specialists/org/contracts/operations-triage-output.json +53 -0
  448. package/specialists/org/contracts/pm-requirements-candidates.json +53 -0
  449. package/specialists/org/contracts/product-manager-to-architect.json +30 -10
  450. package/specialists/org/contracts/product-manager-to-data-analyst.json +13 -3
  451. package/specialists/org/contracts/product-manager-to-ux-researcher.json +15 -5
  452. package/specialists/org/contracts/qa-to-release-manager.json +11 -3
  453. package/specialists/org/contracts/researcher-to-architect.json +10 -2
  454. package/specialists/org/contracts/researcher-to-product-manager.json +16 -5
  455. package/specialists/org/contracts/reviewer-to-security.json +17 -3
  456. package/specialists/org/contracts/test-automation-to-engineer.json +11 -3
  457. package/specialists/org/contracts/trace-reviewer-to-sre.json +12 -4
  458. package/specialists/org/contracts/user-to-construct.json +11 -4
  459. package/specialists/org/frameworks/cx-architect-constraint-option-failure.md +66 -0
  460. package/specialists/org/frameworks/cx-engineer-feasibility-blast-radius.md +66 -0
  461. package/specialists/org/frameworks/cx-ops-dependency-sequencing.md +74 -0
  462. package/specialists/org/frameworks/cx-pm-value-tradeoff.md +66 -0
  463. package/specialists/org/frameworks/cx-qa-risk-based-coverage.md +69 -0
  464. package/specialists/org/groups/engineering-group.json +2 -6
  465. package/specialists/org/groups/governance-group.json +2 -3
  466. package/specialists/org/groups/operations-group.json +5 -8
  467. package/specialists/org/groups/product-group.json +4 -8
  468. package/specialists/org/groups/quality-group.json +3 -7
  469. package/specialists/org/groups/strategy-group.json +6 -9
  470. package/specialists/org/models.json.example +8 -0
  471. package/specialists/org/scopes/creative.json +6 -1
  472. package/specialists/org/scopes/operations.json +7 -1
  473. package/specialists/org/scopes/research.json +6 -1
  474. package/specialists/org/scopes/rnd.json +7 -1
  475. package/specialists/org/specialists/cx-architect.json +27 -8
  476. package/specialists/org/specialists/cx-designer.json +22 -8
  477. package/specialists/org/specialists/cx-engineer.json +71 -7
  478. package/specialists/org/specialists/cx-operations.json +89 -15
  479. package/specialists/org/specialists/cx-orchestrator.json +16 -4
  480. package/specialists/org/specialists/cx-product-manager.json +28 -9
  481. package/specialists/org/specialists/cx-qa.json +16 -6
  482. package/specialists/org/specialists/cx-researcher.json +41 -7
  483. package/specialists/org/specialists/cx-reviewer.json +61 -11
  484. package/specialists/org/specialists/cx-security.json +30 -10
  485. package/specialists/org/teams/design-team.json +3 -4
  486. package/specialists/org/teams/engineering-team.json +3 -10
  487. package/specialists/org/teams/governance-team.json +3 -5
  488. package/specialists/org/teams/operations-team.json +6 -12
  489. package/specialists/org/teams/product-management-team.json +2 -3
  490. package/specialists/org/teams/quality-team.json +4 -12
  491. package/specialists/org/teams/research-team.json +3 -3
  492. package/specialists/org/teams/strategy-team.json +7 -14
  493. package/specialists/prompts/cx-architect.md +20 -1
  494. package/specialists/prompts/cx-data-analyst.md +1 -1
  495. package/specialists/prompts/cx-designer.md +12 -4
  496. package/specialists/prompts/cx-engineer.md +15 -1
  497. package/specialists/prompts/cx-operations.md +14 -2
  498. package/specialists/prompts/cx-orchestrator.md +9 -5
  499. package/specialists/prompts/cx-product-manager.md +5 -1
  500. package/specialists/prompts/cx-qa.md +6 -2
  501. package/specialists/prompts/cx-researcher.md +27 -31
  502. package/specialists/prompts/cx-reviewer.md +19 -1
  503. package/specialists/prompts/cx-security.md +5 -1
  504. package/templates/distribution/construct-brand.typ +123 -59
  505. package/templates/distribution/construct-decision.typ +6 -3
  506. package/templates/distribution/construct-pdf.typ +11 -4
  507. package/templates/distribution/construct-prd.typ +6 -3
  508. package/templates/distribution/construct-research.typ +7 -4
  509. package/vendor/pandoc-ext/README.md +3 -0
  510. package/vendor/pandoc-ext/diagram.lua +687 -0
  511. package/lib/providers/contract/adapters/git/index.mjs +0 -115
  512. package/lib/providers/contract/adapters/slack/index.mjs +0 -175
  513. package/specialists/org/contracts/business-strategist-to-product-manager.json +0 -39
  514. package/specialists/org/contracts/construct-to-rd-lead.json +0 -53
  515. package/specialists/org/contracts/data-engineer-to-platform-engineer.json +0 -36
  516. package/specialists/org/contracts/designer-to-accessibility.json +0 -36
  517. package/specialists/org/contracts/platform-engineer-to-engineer.json +0 -31
  518. package/specialists/org/contracts/qa-to-test-automation.json +0 -42
  519. package/specialists/org/contracts/rd-lead-to-architect.json +0 -38
  520. package/specialists/org/contracts/sre-to-release-manager.json +0 -36
  521. package/specialists/org/specialists/cx-accessibility.json +0 -69
  522. package/specialists/org/specialists/cx-ai-engineer.json +0 -75
  523. package/specialists/org/specialists/cx-business-strategist.json +0 -72
  524. package/specialists/org/specialists/cx-data-engineer.json +0 -71
  525. package/specialists/org/specialists/cx-devil-advocate.json +0 -71
  526. package/specialists/org/specialists/cx-docs-keeper.json +0 -82
  527. package/specialists/org/specialists/cx-evaluator.json +0 -69
  528. package/specialists/org/specialists/cx-explorer.json +0 -69
  529. package/specialists/org/specialists/cx-legal-compliance.json +0 -74
  530. package/specialists/org/specialists/cx-oracle.json +0 -46
  531. package/specialists/org/specialists/cx-platform-engineer.json +0 -80
  532. package/specialists/org/specialists/cx-rd-lead.json +0 -73
  533. package/specialists/org/specialists/cx-release-manager.json +0 -77
  534. package/specialists/org/specialists/cx-sre.json +0 -94
  535. package/specialists/org/specialists/cx-test-automation.json +0 -69
  536. package/specialists/org/specialists/cx-trace-reviewer.json +0 -69
  537. package/specialists/org/specialists/cx-ux-researcher.json +0 -68
  538. package/specialists/org/teams/accessibility-team.json +0 -39
  539. package/specialists/org/teams/ux-research-team.json +0 -39
  540. package/specialists/prompts/cx-accessibility.md +0 -55
  541. package/specialists/prompts/cx-ai-engineer.md +0 -124
  542. package/specialists/prompts/cx-business-strategist.md +0 -58
  543. package/specialists/prompts/cx-data-engineer.md +0 -55
  544. package/specialists/prompts/cx-devil-advocate.md +0 -59
  545. package/specialists/prompts/cx-docs-keeper.md +0 -164
  546. package/specialists/prompts/cx-evaluator.md +0 -49
  547. package/specialists/prompts/cx-explorer.md +0 -71
  548. package/specialists/prompts/cx-legal-compliance.md +0 -58
  549. package/specialists/prompts/cx-oracle.md +0 -98
  550. package/specialists/prompts/cx-platform-engineer.md +0 -97
  551. package/specialists/prompts/cx-rd-lead.md +0 -59
  552. package/specialists/prompts/cx-release-manager.md +0 -54
  553. package/specialists/prompts/cx-sre.md +0 -111
  554. package/specialists/prompts/cx-test-automation.md +0 -55
  555. package/specialists/prompts/cx-trace-reviewer.md +0 -101
  556. package/specialists/prompts/cx-ux-researcher.md +0 -53
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "id": "qa-to-release-manager",
3
3
  "producer": "cx-qa",
4
- "consumer": "cx-release-manager",
4
+ "consumer": "cx-operations",
5
5
  "trigger": {
6
6
  "intent": [
7
7
  "implementation"
@@ -29,8 +29,16 @@
29
29
  "All upstream verdicts APPROVED; QA verdict PASS"
30
30
  ],
31
31
  "postconditions": [
32
- "Rollback plan tested, not just described",
33
- "Rollout plan has concrete checkpoint signals"
32
+ {
33
+ "id": "qa-to-release-manager-pc-0-rollback-plan-tested-not-just-described",
34
+ "description": "Rollback plan tested, not just described",
35
+ "postconditionType": "advisory"
36
+ },
37
+ {
38
+ "id": "qa-to-release-manager-pc-1-rollout-plan-has-concrete-checkpoint-signals",
39
+ "description": "Rollout plan has concrete checkpoint signals",
40
+ "postconditionType": "advisory"
41
+ }
34
42
  ],
35
43
  "description": "",
36
44
  "teamBoundary": {
@@ -27,8 +27,16 @@
27
27
  "Source classes tagged (internal/primary/secondary/tertiary)"
28
28
  ],
29
29
  "postconditions": [
30
- "Architect's ADR cites the primary sources provided",
31
- "Any conflicting evidence surfaced, not suppressed"
30
+ {
31
+ "id": "researcher-to-architect-pc-0-architect-s-adr-cites-the-primary",
32
+ "description": "Architect's ADR cites the primary sources provided",
33
+ "postconditionType": "advisory"
34
+ },
35
+ {
36
+ "id": "researcher-to-architect-pc-1-any-conflicting-evidence-surfaced-not-suppressed",
37
+ "description": "Any conflicting evidence surfaced, not suppressed",
38
+ "postconditionType": "advisory"
39
+ }
32
40
  ],
33
41
  "description": "",
34
42
  "teamBoundary": {
@@ -33,24 +33,35 @@
33
33
  "Evidence threshold stated and met for each requirement"
34
34
  ],
35
35
  "postconditions": [
36
- "PRD Problem section does not reference ticket IDs, roadmap items, or artifact filenames",
37
- "Every functional requirement traces to observed user evidence",
36
+ {
37
+ "id": "researcher-to-product-manager-pc-0-prd-problem-section-does-not-reference",
38
+ "description": "PRD Problem section does not reference ticket IDs, roadmap items, or artifact filenames",
39
+ "postconditionType": "advisory"
40
+ },
41
+ {
42
+ "id": "researcher-to-product-manager-pc-1-every-functional-requirement-traces-to-observed",
43
+ "description": "Every functional requirement traces to observed user evidence",
44
+ "postconditionType": "advisory"
45
+ },
38
46
  {
39
47
  "id": "prd-has-problem-section",
40
48
  "description": "PRD must contain a Problem section",
41
49
  "check": "artifact-has-section",
42
- "section": "Problem"
50
+ "section": "Problem",
51
+ "postconditionType": "executable"
43
52
  },
44
53
  {
45
54
  "id": "prd-numeric-claims-cited",
46
55
  "description": "Every numeric claim in the PRD body cites a source (no fabricated percentages or multipliers)",
47
- "check": "artifact-claims-cited"
56
+ "check": "artifact-claims-cited",
57
+ "postconditionType": "executable"
48
58
  },
49
59
  {
50
60
  "id": "prd-manifest-reviewers",
51
61
  "description": "Manifest required reviewers must appear in agent log before handoff",
52
62
  "check": "artifact-reviewers-seen",
53
- "fromManifest": true
63
+ "fromManifest": true,
64
+ "postconditionType": "executable"
54
65
  }
55
66
  ],
56
67
  "description": ""
@@ -27,9 +27,23 @@
27
27
  "Scope tagged as auth/secrets/payments/user-data"
28
28
  ],
29
29
  "postconditions": [
30
- "Attacker-perspective findings logged",
31
- "Threat model updated if architecture surface changed",
32
- "threatModelUpdatedAt >= contractStart — prevents post-hoc threat models written after the architecture has shipped"
30
+ {
31
+ "id": "reviewer-to-security-pc-0-attacker-perspective-findings-logged",
32
+ "description": "Attacker-perspective findings logged",
33
+ "postconditionType": "advisory"
34
+ },
35
+ {
36
+ "id": "reviewer-to-security-pc-1-threat-model-updated-if-architecture-surface",
37
+ "description": "Threat model updated if architecture surface changed",
38
+ "postconditionType": "advisory"
39
+ },
40
+ {
41
+ "id": "reviewer-to-security-pc-2-threatmodelupdatedat-contractstart-prevents-post-hoc-threat",
42
+ "description": "threatModelUpdatedAt >= contractStart — prevents post-hoc threat models written after the architecture has shipped",
43
+ "postconditionType": "executable",
44
+ "enforcedVia": "binary-postcondition",
45
+ "enforcedBy": "security.threat-model-not-post-hoc"
46
+ }
33
47
  ],
34
48
  "description": "",
35
49
  "teamBoundary": {
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "id": "test-automation-to-engineer",
3
- "producer": "cx-test-automation",
3
+ "producer": "cx-qa",
4
4
  "consumer": "cx-engineer",
5
5
  "trigger": {
6
6
  "automation.required": true
@@ -21,8 +21,16 @@
21
21
  "Test scaffolding lands before behavioral edits so the test fails for the right reason first"
22
22
  ],
23
23
  "postconditions": [
24
- "Engineer adds at least one failing test that demonstrates the bug or missing behavior before implementing the fix",
25
- "Quarantined flaky tests carry an owner and a remediation date"
24
+ {
25
+ "id": "test-automation-to-engineer-pc-0-engineer-adds-at-least-one-failing",
26
+ "description": "Engineer adds at least one failing test that demonstrates the bug or missing behavior before implementing the fix",
27
+ "postconditionType": "advisory"
28
+ },
29
+ {
30
+ "id": "test-automation-to-engineer-pc-1-quarantined-flaky-tests-carry-an-owner",
31
+ "description": "Quarantined flaky tests carry an owner and a remediation date",
32
+ "postconditionType": "advisory"
33
+ }
26
34
  ],
27
35
  "description": "",
28
36
  "teamBoundary": {
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "id": "trace-reviewer-to-sre",
3
- "producer": "cx-trace-reviewer",
4
- "consumer": "cx-sre",
3
+ "producer": "cx-reviewer",
4
+ "consumer": "cx-operations",
5
5
  "trigger": {
6
6
  "trace.anomaly": true,
7
7
  "riskFlags": [
@@ -28,8 +28,16 @@
28
28
  "Flagged agents meet the minimum trace threshold (20+); insufficient-trace agents deferred"
29
29
  ],
30
30
  "postconditions": [
31
- "SRE adjusts alert thresholds or SLOs based on the cited trace evidence",
32
- "Runbook updated for the failure pattern identified at fleet level"
31
+ {
32
+ "id": "trace-reviewer-to-sre-pc-0-sre-adjusts-alert-thresholds-or-slos",
33
+ "description": "SRE adjusts alert thresholds or SLOs based on the cited trace evidence",
34
+ "postconditionType": "advisory"
35
+ },
36
+ {
37
+ "id": "trace-reviewer-to-sre-pc-1-runbook-updated-for-the-failure-pattern",
38
+ "description": "Runbook updated for the failure pattern identified at fleet level",
39
+ "postconditionType": "advisory"
40
+ }
33
41
  ],
34
42
  "description": "",
35
43
  "teamBoundary": {
@@ -15,16 +15,23 @@
15
15
  "shape": "routed-plan",
16
16
  "mustContain": [
17
17
  "track",
18
- "specialists",
19
- "dispatchPlan"
18
+ "specialists"
20
19
  ]
21
20
  },
22
21
  "preconditions": [
23
22
  "Session bootstrap completed: project_context and memory_search called, plus relevant repo docs read as needed"
24
23
  ],
25
24
  "postconditions": [
26
- "Intent classified; work category tagged",
27
- "Route decision surfaced as a single-sentence plan"
25
+ {
26
+ "id": "user-to-construct-pc-0-intent-classified-work-category-tagged",
27
+ "description": "Intent classified; work category tagged",
28
+ "postconditionType": "advisory"
29
+ },
30
+ {
31
+ "id": "user-to-construct-pc-1-route-decision-surfaced-as-a-single",
32
+ "description": "Route decision surfaced as a single-sentence plan",
33
+ "postconditionType": "advisory"
34
+ }
28
35
  ],
29
36
  "description": ""
30
37
  }
@@ -0,0 +1,66 @@
1
+ ---
2
+ id: cx-architect-constraint-option-failure
3
+ version: 1
4
+ appliesToRole: architect
5
+ summary: >-
6
+ Walks a design decision from constraint mapping through scored options to
7
+ the failure modes the chosen option must survive.
8
+ steps:
9
+ - id: constraint-mapping
10
+ move: Name the invariants and the constraints
11
+ question: What are the invariants, and what breaks if they're violated?
12
+ emits: constraint-map
13
+ cites: source
14
+ - id: option-scoring
15
+ move: Score each option against the constraints
16
+ question: For each candidate approach, how well does it satisfy the constraint map, and at what cost?
17
+ emits: option-scoring
18
+ cites: prior-step
19
+ - id: decision
20
+ move: Choose and name what was rejected
21
+ question: Given the scores, which option is chosen, and why were the others rejected?
22
+ emits: decision-record
23
+ cites: prior-step
24
+ - id: failure-modes
25
+ move: Enumerate how the chosen option fails
26
+ question: Under what conditions does the chosen option break, and what is the blast radius of that failure?
27
+ emits: failure-modes
28
+ cites: prior-step
29
+ ---
30
+
31
+ Run these four moves before an ADR is written. Each move produces one
32
+ labeled output; the framework exists to prevent decisions that emerged from
33
+ code rather than from deliberate, documented tradeoffs.
34
+
35
+ **constraint-mapping.** Name the system's invariants — the properties that
36
+ must hold — and the constraints (technical, organizational, regulatory) that
37
+ bound the solution space. `constraint-map` cites the source the invariant or
38
+ constraint comes from: an existing contract, a data model, a compliance
39
+ requirement, a prior ADR. An invented invariant is worse than no invariant —
40
+ write `unknown` when a constraint is suspected but not confirmed.
41
+
42
+ **option-scoring.** For every candidate approach (including "do nothing"),
43
+ score it against the constraint map: what it satisfies, what it costs, what
44
+ it risks. `option-scoring` cites the constraint map (`prior-step`) — a score
45
+ is a function of the constraints named, not a separate intuition about which
46
+ option "feels right."
47
+
48
+ **decision.** Choose the option the scoring favors and name specifically why
49
+ the others were rejected — this is the ADR's Rejected Alternatives section.
50
+ `decision-record` cites the option scoring (`prior-step`): the chosen option
51
+ follows from the scores, and the rejection reasons are the scoring
52
+ dimensions the losing options failed on, not a generic "didn't fit."
53
+
54
+ **failure-modes.** For the chosen option, enumerate the conditions under
55
+ which it breaks and the blast radius of that failure — this is the ADR's
56
+ Consequences and Reversibility material. `failure-modes` cites the decision
57
+ record (`prior-step`): the failure modes are specific to what was actually
58
+ chosen, not a boilerplate risk list that would apply to any option.
59
+
60
+ Good output: a constraint map with cited invariants, option scores that show
61
+ their work against those constraints, a decision record with ≥2 rejected
62
+ alternatives and specific rejection reasons, and failure modes that name
63
+ concrete breaking conditions and their blast radius. Bad output: a decision
64
+ with no rejected alternatives (the decision defaulted), constraints asserted
65
+ without a source, or failure modes that just restate generic engineering
66
+ risk ("could have bugs").
@@ -0,0 +1,66 @@
1
+ ---
2
+ id: cx-engineer-feasibility-blast-radius
3
+ version: 1
4
+ appliesToRole: engineer
5
+ summary: >-
6
+ Walks an implementation task from a feasibility read through an effort
7
+ class to a blast-radius assessment naming what could break in integration.
8
+ steps:
9
+ - id: read-first
10
+ move: Read the existing pattern before writing
11
+ question: What does the code that already does something similar look like?
12
+ emits: feasibility-assessment
13
+ cites: source
14
+ - id: effort-class
15
+ move: Classify the effort
16
+ question: Given the existing pattern, is this a small, medium, or large change?
17
+ emits: effort-class
18
+ cites: prior-step
19
+ - id: debt-check
20
+ move: Name debt this change takes on or pays down
21
+ question: Does this change introduce a shortcut, or does it retire one?
22
+ emits: debt-note
23
+ cites: source
24
+ - id: blast-radius
25
+ move: Trace what else could break
26
+ question: What callers, seams, or integration points does this change touch beyond its own file?
27
+ emits: blast-radius
28
+ cites: prior-step
29
+ ---
30
+
31
+ Run these four moves before writing implementation code. Each move produces
32
+ one labeled output; skipping "read-first" is the specific failure mode this
33
+ framework exists to prevent.
34
+
35
+ **read-first.** Grep and read the files this change will touch and the
36
+ files that already solve something similar. `feasibility-assessment` cites
37
+ file:line for every claim about existing behavior or convention — never a
38
+ remembered API shape or an assumed function signature. If the existing
39
+ pattern is genuinely absent, the assessment says so and names what was
40
+ searched.
41
+
42
+ **effort-class.** Given what read-first found, classify the change as S/M/L
43
+ — matching the `complexity` enum already used in `lib/contract-schemas/decision.json`
44
+ tasks, so the classification is legible to the architect who assigned the
45
+ task. `effort-class` cites the feasibility assessment (`prior-step`): the
46
+ class follows from what the code actually looks like, not from a guess made
47
+ before reading it.
48
+
49
+ **debt-check.** Name any technical debt this change introduces (a shortcut,
50
+ a TODO, a workaround) or retires (removing dead code, fixing a known
51
+ sharp edge). `debt-note` cites the specific file:line the debt lives in or
52
+ the run/test that shows a shortcut is gone — debt is never asserted in the
53
+ abstract.
54
+
55
+ **blast-radius.** Trace every caller, seam, or integration point this change
56
+ touches beyond the file being edited — the place where "it works in
57
+ isolation and breaks in integration" would show up. `blast-radius` cites the
58
+ effort class and feasibility assessment (`prior-step`): the radius is
59
+ derived from what was actually read, not a boilerplate "should be low risk."
60
+
61
+ Good output: a feasibility assessment citing file:line for every claim, an
62
+ effort class that matches the actual diff size once written, a debt note
63
+ that names a specific shortcut or a specific removal, and a blast-radius
64
+ list naming actual callers or integration seams. Bad output: "should be
65
+ straightforward," an effort class assigned before reading any code, or a
66
+ blast-radius section that says "low risk" with no callers named.
@@ -0,0 +1,74 @@
1
+ ---
2
+ id: cx-ops-dependency-sequencing
3
+ version: 1
4
+ appliesToRole: operations
5
+ summary: >-
6
+ Walks an approved plan from dependency mapping through critical path and
7
+ ownership to a risk register that names timeline-slippage checks.
8
+ steps:
9
+ - id: dependency-mapping
10
+ move: Map what blocks what
11
+ question: For each task, what must complete before it can start?
12
+ emits: dependency-graph
13
+ cites: source
14
+ - id: critical-path
15
+ move: Trace the longest dependent chain
16
+ question: Which sequence of blocking tasks sets the floor on total duration?
17
+ emits: sequenced-tasks
18
+ cites: prior-step
19
+ - id: ownership
20
+ move: Name one owner per task
21
+ question: Who is accountable for each task in the sequence, by name or role?
22
+ emits: ownership-matrix
23
+ cites: source
24
+ - id: verification
25
+ move: Attach a verification gate to each task
26
+ question: What check proves this task is actually done, not just started?
27
+ emits: verification-gates
28
+ cites: prior-step
29
+ - id: slippage-risk
30
+ move: Register what could slip and by how much
31
+ question: Where in the sequence is slack thinnest, and what early signal shows slippage?
32
+ emits: slippage-risk
33
+ cites: prior-step
34
+ ---
35
+
36
+ Run these five moves in order whenever an architect's decision hands off a
37
+ plan for execution. Each move produces one labeled output; a plan is not
38
+ executable until all five exist.
39
+
40
+ **dependency-mapping.** For every task in the incoming plan, name what must
41
+ finish first. The `dependency-graph` output cites the contract, manifest, or
42
+ runtime config the dependency is based on — not an assumption about how
43
+ teams "usually" sequence work. A task with no stated dependency is either
44
+ truly independent or the dependency has not yet been found; say which.
45
+
46
+ **critical-path.** Using the dependency graph, trace the longest chain of
47
+ blocking tasks — the sequence that sets the floor on how fast this can ship
48
+ regardless of parallel capacity. `sequenced-tasks` cites the dependency graph
49
+ (`prior-step`): the sequence is derived from the graph, not from a
50
+ convenient story about task order.
51
+
52
+ **ownership.** For every task, name one accountable owner — a person or a
53
+ named role, never "the team" or a placeholder. `ownership-matrix` cites the
54
+ same source class as the dependency graph: an owner is asserted because a
55
+ manifest, org chart, or prior handoff says so, not invented to fill the
56
+ matrix.
57
+
58
+ **verification.** Attach a concrete verification gate to each task: the
59
+ check that proves the task is actually complete. `verification-gates` cites
60
+ the sequenced tasks (`prior-step`) — a gate with no corresponding task, or a
61
+ task with no gate, is an incomplete plan.
62
+
63
+ **slippage-risk.** Identify where slack is thinnest on the critical path and
64
+ what early, observable signal would show slippage before the deadline
65
+ arrives. `slippage-risk` cites the verification gates (`prior-step`): the
66
+ risk register is built from the same gates that will actually fire, not a
67
+ generic list of things that could go wrong.
68
+
69
+ Good output: a dependency graph with named sources, a critical path derived
70
+ from that graph, an ownership matrix with no placeholder owners,
71
+ verification gates that map one-to-one to tasks, and a slippage risk entry
72
+ naming an observable early signal. Bad output: "everything can start now"
73
+ (no dependencies drawn), an owner named "the team," or a verification gate
74
+ that just restates the task description.
@@ -0,0 +1,66 @@
1
+ ---
2
+ id: cx-pm-value-tradeoff
3
+ version: 1
4
+ appliesToRole: product-manager
5
+ summary: >-
6
+ Walks a product decision from user value through the tradeoff space to a
7
+ prioritization call, then closes with testable acceptance criteria.
8
+ steps:
9
+ - id: user-value
10
+ move: Name the user and the job
11
+ question: Whose problem is this and what job are they hiring it for?
12
+ emits: value-statement
13
+ cites: source
14
+ - id: tradeoffs
15
+ move: Surface the tradeoff space
16
+ question: What does choosing this cost, and who bears it?
17
+ emits: tradeoff-table
18
+ cites: source
19
+ - id: prioritization
20
+ move: Make the call and say what it defers
21
+ question: Given the tradeoffs, what ships now and what is explicitly deferred?
22
+ emits: prioritization-call
23
+ cites: prior-step
24
+ - id: acceptance-criteria
25
+ move: Write acceptance criteria that can fail
26
+ question: For each requirement, what observable, binary check proves it's done?
27
+ emits: acceptance-criteria
28
+ cites: prior-step
29
+ ---
30
+
31
+ Run these four moves in order on every product decision that reaches a PRD,
32
+ meta-PRD, or backlog proposal. Each move produces one labeled output; do not
33
+ skip a move because the answer "seems obvious" — an obvious answer still
34
+ needs its citation.
35
+
36
+ **user-value.** Name a specific user (a role, a segment, an account — not
37
+ "users" in the abstract) and the job they are hiring this feature for. The
38
+ `value-statement` output cites the customer note, support ticket, research
39
+ artifact, or intake packet the user reality came from. If no such source
40
+ exists yet, the value statement is `unknown` — do not infer a persona to fill
41
+ the gap (see `rules/common/no-fabrication.md`).
42
+
43
+ **tradeoffs.** For the value statement above, list what this choice costs and
44
+ who bears the cost: engineering time, a deferred feature, a support burden, a
45
+ technical constraint accepted. The `tradeoff-table` output cites the same
46
+ kind of source as the value statement — a tradeoff is not a tradeoff until
47
+ someone bears it, and that someone is named.
48
+
49
+ **prioritization.** Given the tradeoff table, state what ships now and what is
50
+ explicitly deferred, and why the deferred item can wait. The
51
+ `prioritization-call` output cites the tradeoff table (`prior-step`) — the
52
+ call is a function of the tradeoffs surfaced, not a separate judgment made in
53
+ isolation.
54
+
55
+ **acceptance-criteria.** Convert the prioritization call into acceptance
56
+ criteria that are binary pass/fail testable — see `skills/roles/product-manager.md`
57
+ for the anti-pattern of subjective criteria. Each criterion in
58
+ `acceptance-criteria` cites the prioritization call it operationalizes
59
+ (`prior-step`). A criterion nobody can fail to meet is not a criterion.
60
+
61
+ Good output: a value statement naming a specific user and a cited job, a
62
+ tradeoff table naming who bears each cost, a prioritization call that states
63
+ what is deferred and why, and acceptance criteria that could actually fail a
64
+ real build. Bad output: "users want this," an uncited tradeoff, a
65
+ prioritization call with no rejected alternative, or an acceptance criterion
66
+ like "works well."
@@ -0,0 +1,69 @@
1
+ ---
2
+ id: cx-qa-risk-based-coverage
3
+ version: 1
4
+ appliesToRole: qa
5
+ summary: >-
6
+ Walks a test plan from acceptance criteria through risk-based test
7
+ selection to a coverage-gap register that names what could still slip
8
+ through untested.
9
+ steps:
10
+ - id: criteria-to-failure
11
+ move: Ask how each criterion fails
12
+ question: For each acceptance criterion, what test actually fails when the criterion is violated?
13
+ emits: criterion-failure-map
14
+ cites: source
15
+ - id: risk-based-selection
16
+ move: Select tests by risk, not by convenience
17
+ question: Given the blast radius and effort class of the change, which behaviors carry the most risk if untested?
18
+ emits: risk-based-selection
19
+ cites: prior-step
20
+ - id: verdict
21
+ move: Run the selected tests and record the verdict
22
+ question: Did the selected tests pass, and does coverage meet the project threshold?
23
+ emits: verdict
24
+ cites: source
25
+ - id: coverage-gaps
26
+ move: Name what is still untested
27
+ question: Which behaviors have no test, and why were they left out?
28
+ emits: coverage-gaps
29
+ cites: prior-step
30
+ ---
31
+
32
+ Run these four moves whenever an implementation reaches QA. Each move
33
+ produces one labeled output; the framework exists to prevent tests that
34
+ prove intent without proving the behavior actually breaks when it should.
35
+
36
+ **criteria-to-failure.** For every acceptance criterion in the incoming
37
+ implementation or PRD, name the specific test that would fail if the
38
+ criterion were violated. `criterion-failure-map` cites the acceptance
39
+ criteria and the test name/assertion that covers it — a criterion with no
40
+ corresponding failing test is not yet covered, regardless of what the
41
+ overall suite reports.
42
+
43
+ **risk-based-selection.** Using the engineer's effort class and blast radius
44
+ (when supplied), prioritize test effort toward the behaviors most likely to
45
+ break in integration, not toward the easiest tests to write.
46
+ `risk-based-selection` cites the criterion-failure map (`prior-step`): the
47
+ selection is derived from where failure is most likely and most costly, not
48
+ from convention or convenience.
49
+
50
+ **verdict.** Execute the selected tests and record PASS or FAIL, plus
51
+ coverage against the project threshold. `verdict` cites the test name and
52
+ run log line (or the coverage report) that produced the result — never an
53
+ estimated or assumed outcome. If the report isn't available, the verdict is
54
+ `unknown`.
55
+
56
+ **coverage-gaps.** Name every behavior that has no test yet, and state why
57
+ it was left out (out of scope, deferred, no reproducible case yet).
58
+ `coverage-gaps` cites the risk-based selection (`prior-step`): a gap is a
59
+ behavior that risk-based-selection identified as worth testing but that
60
+ did not make it into this pass, or a behavior the selection process missed
61
+ entirely and is now being surfaced.
62
+
63
+ Good output: a criterion-failure map where every criterion names a specific
64
+ failing test, a risk-based selection that explains why the riskiest
65
+ behaviors were tested first, a verdict citing an actual run or report, and a
66
+ coverage-gaps list that names specific untested behaviors with a reason.
67
+ Bad output: a test suite that mocks the behavior under test into
68
+ meaninglessness, a verdict asserted without a citation, or "coverage looks
69
+ good" with no gaps named.
@@ -5,10 +5,7 @@
5
5
  "roles": [
6
6
  "architect",
7
7
  "engineer",
8
- "debugger",
9
- "ai-engineer",
10
- "data-engineer",
11
- "platform-engineer"
8
+ "debugger"
12
9
  ],
13
10
  "decisionRights": [
14
11
  "architecture",
@@ -23,10 +20,9 @@
23
20
  ],
24
21
  "escalationPath": [
25
22
  "architect",
26
- "rd-lead",
27
23
  "orchestrator"
28
24
  ],
29
- "charter": "Design, build, and harden the system. Owns architecture decisions, technology choices, code quality, debugging, AI integration, and the platform underneath. Does not own product framing, user research direction, or release timing. Escalates tech-debt conflicts to R&D leadership.",
25
+ "charter": "Design, build, and harden the system. Owns architecture decisions, technology choices, code quality, and debugging. AI integration, data pipelines, and platform/infra tooling are cx-engineer skill bundles rather than separate specialists (ai-engineer, data-engineer, platform-engineer folded in; construct-rf26.11), and cx-architect absorbs the pre-architecture framing-gate function rd-lead previously owned. Does not own product framing, user research direction, or release timing.",
30
26
  "contact": {
31
27
  "slack": "#engineering",
32
28
  "email": "engineering@example.com",
@@ -3,8 +3,7 @@
3
3
  "name": "Governance Group",
4
4
  "owner": "security",
5
5
  "roles": [
6
- "security",
7
- "legal-compliance"
6
+ "security"
8
7
  ],
9
8
  "decisionRights": [
10
9
  "security-approval",
@@ -22,7 +21,7 @@
22
21
  "architect",
23
22
  "orchestrator"
24
23
  ],
25
- "charter": "Keep the system safe to operate and inside its legal envelope. Owns security review, compliance verification, risk assessment, and the audit trail. Does not own implementation or product decisions but can block deployments that violate policy. Escalates policy conflicts to orchestrator.",
24
+ "charter": "Keep the system safe to operate and inside its legal envelope. Owns security review, compliance verification (legal-compliance folded in; construct-rf26.11), risk assessment, and the audit trail. Does not own implementation or product decisions but can block deployments that violate policy. Escalates policy conflicts to orchestrator.",
26
25
  "contact": {
27
26
  "slack": "#governance",
28
27
  "email": "governance@example.com",
@@ -1,12 +1,9 @@
1
1
  {
2
2
  "id": "operations-group",
3
3
  "name": "Operations Group",
4
- "owner": "sre",
4
+ "owner": "operations",
5
5
  "roles": [
6
- "release-manager",
7
- "sre",
8
- "operations",
9
- "docs-keeper"
6
+ "operations"
10
7
  ],
11
8
  "decisionRights": [
12
9
  "deployment",
@@ -21,15 +18,15 @@
21
18
  "security-policy"
22
19
  ],
23
20
  "escalationPath": [
24
- "sre",
21
+ "operations",
25
22
  "architect",
26
23
  "orchestrator"
27
24
  ],
28
- "charter": "Keep the system running and shipping. Owns release management, SRE response, ops runbooks, documentation upkeep, and deployment execution. Does not own architecture or product decisions. Escalates reliability vs. change-rate conflicts to architecture/leadership.",
25
+ "charter": "Keep the system running and shipping. Owns release management, SRE response, ops runbooks, documentation upkeep, and deployment execution (release-manager, sre, docs-keeper folded in; construct-rf26.11). Does not own architecture or product decisions. Escalates reliability vs. change-rate conflicts to architecture/leadership.",
29
26
  "contact": {
30
27
  "slack": "#operations",
31
28
  "email": "operations@example.com",
32
- "owner": "sre"
29
+ "owner": "operations"
33
30
  },
34
31
  "evidence": [
35
32
  "AGENTS.md (rnd profile departments section)"