@geraldmaron/construct 1.4.2 → 1.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +36 -0
- package/README.md +41 -7
- package/bin/construct +1027 -64
- package/examples/distribution/sources/deck-one-pager.md +1 -1
- package/lib/acp/server.mjs +21 -7
- package/lib/adapters-sync.mjs +2 -1
- package/lib/audit-trail.mjs +185 -2
- package/lib/beads/auto-close.mjs +2 -1
- package/lib/beads/drift.mjs +2 -1
- package/lib/bridges/copilot-proxy.mjs +20 -5
- package/lib/certification/skill-inventory.mjs +10 -1
- package/lib/cli/approvals.mjs +147 -0
- package/lib/cli-commands.mjs +105 -14
- package/lib/comment-lint.mjs +127 -8
- package/lib/config/schema.mjs +6 -29
- package/lib/config/source-target-registry.mjs +70 -0
- package/lib/config/source-targets.mjs +179 -205
- package/lib/contracts/coverage.mjs +77 -0
- package/lib/contracts/validate.mjs +102 -13
- package/lib/contracts/violation-log.mjs +50 -4
- package/lib/db/migrate.mjs +69 -0
- package/lib/db/migrations/001_orchestration_runs.sql +9 -0
- package/lib/db/migrations/002_queue_provider.sql +50 -0
- package/lib/db/migrations/003_worker_registry.sql +17 -0
- package/lib/db/migrations/004_trace_events.sql +16 -0
- package/lib/db/migrations/005_shared_memory.sql +15 -0
- package/lib/db/migrations/006_orchestration_runs_tenant.sql +5 -0
- package/lib/decisions/enforced-baseline.json +0 -2
- package/lib/decisions/registry.mjs +3 -2
- package/lib/deployment/parity-contract.mjs +1 -1
- package/lib/deployment-mode.mjs +78 -2
- package/lib/diagram-export.mjs +10 -1
- package/lib/distill.mjs +5 -2
- package/lib/docs-verify.mjs +2 -1
- package/lib/doctor/cli.mjs +1 -0
- package/lib/doctor/command-on-path.mjs +24 -0
- package/lib/doctor/diagnosis.mjs +89 -0
- package/lib/doctor/embedding-health.mjs +50 -0
- package/lib/doctor/engine-health.mjs +93 -0
- package/lib/doctor/graph-validate.mjs +47 -0
- package/lib/doctor/index.mjs +18 -4
- package/lib/doctor/sidecar-providers.mjs +56 -0
- package/lib/doctor/watchers/consistency.mjs +93 -1
- package/lib/doctor/watchers/cx-budget.mjs +1 -1
- package/lib/doctor/watchers/graph-staleness.mjs +1 -1
- package/lib/doctor/watchers/mcp-protocol.mjs +17 -0
- package/lib/doctor/watchers/oracle-liveness.mjs +92 -0
- package/lib/doctor/watchers/orchestration-runs.mjs +108 -0
- package/lib/doctor/watchers/provider-breaker.mjs +78 -0
- package/lib/document-export.mjs +52 -27
- package/lib/document-extract/docling-client.mjs +9 -5
- package/lib/document-extract/docling-sidecar.py +30 -0
- package/lib/document-extract.mjs +1 -1
- package/lib/document-ingest.mjs +9 -0
- package/lib/embed/approval-queue.mjs +184 -88
- package/lib/embed/authority-guard.mjs +65 -2
- package/lib/embed/capability-jobs.mjs +365 -0
- package/lib/embed/capability-lifecycle.mjs +219 -0
- package/lib/embed/capability-loader.mjs +303 -0
- package/lib/embed/capability-runtime.mjs +58 -0
- package/lib/embed/cli.mjs +185 -8
- package/lib/embed/config.mjs +4 -0
- package/lib/embed/daemon.mjs +125 -6
- package/lib/embed/demand-fetch.mjs +190 -54
- package/lib/embed/inbox.mjs +12 -10
- package/lib/embed/presets/ops-triage.mjs +236 -0
- package/lib/embed/presets/pm-feedback.mjs +341 -0
- package/lib/embed/presets/tpm.mjs +401 -0
- package/lib/embed/providers/jira.mjs +72 -1
- package/lib/embed/providers/registry.mjs +140 -33
- package/lib/embedded-contract/capability.mjs +4 -0
- package/lib/embedded-contract/execution.mjs +1 -1
- package/lib/embedded-contract/model-resolve.mjs +53 -3
- package/lib/embedded-contract/workflow-defs.mjs +48 -73
- package/lib/embedded-contract/workflow-invoke.mjs +144 -4
- package/lib/embedded-contract/workflows/architecture-review.manifest.json +15 -0
- package/lib/embedded-contract/workflows/data-structure.manifest.json +14 -0
- package/lib/embedded-contract/workflows/evidence-ingest.manifest.json +14 -0
- package/lib/embedded-contract/workflows/memo-draft.manifest.json +14 -0
- package/lib/embedded-contract/workflows/operations-triage.manifest.json +18 -0
- package/lib/embedded-contract/workflows/operations.manifest.json +18 -0
- package/lib/embedded-contract/workflows/pm-feedback.manifest.json +18 -0
- package/lib/embedded-contract/workflows/prd-draft.manifest.json +15 -0
- package/lib/embedded-contract/workflows/proposal-review.manifest.json +15 -0
- package/lib/embedded-contract/workflows/research-synthesis.manifest.json +14 -0
- package/lib/embedded-contract/workflows/risk-review.manifest.json +15 -0
- package/lib/embedded-contract/workflows/structure-notes.manifest.json +14 -0
- package/lib/embedded-contract/workflows/transcript-process.manifest.json +14 -0
- package/lib/embedded-contract/workflows/triage.manifest.json +14 -0
- package/lib/env-config.mjs +50 -9
- package/lib/extensions/index.mjs +27 -0
- package/lib/extensions/loader.mjs +120 -0
- package/lib/extensions/manifest-schema.mjs +141 -0
- package/lib/extensions/manifests/anthropic.manifest.json +12 -0
- package/lib/extensions/manifests/atlassian-confluence.manifest.json +12 -0
- package/lib/extensions/manifests/atlassian-jira.manifest.json +53 -0
- package/lib/extensions/manifests/directory.manifest.json +12 -0
- package/lib/extensions/manifests/docling.manifest.json +37 -0
- package/lib/extensions/manifests/echo.manifest.json +8 -0
- package/lib/extensions/manifests/feedback.manifest.json +12 -0
- package/lib/extensions/manifests/github-copilot.manifest.json +12 -0
- package/lib/extensions/manifests/github.manifest.json +52 -0
- package/lib/extensions/manifests/linear.manifest.json +50 -0
- package/lib/extensions/manifests/local.manifest.json +12 -0
- package/lib/extensions/manifests/ollama.manifest.json +12 -0
- package/lib/extensions/manifests/openai.manifest.json +12 -0
- package/lib/extensions/manifests/openrouter-anthropic.manifest.json +12 -0
- package/lib/extensions/manifests/openrouter-deepseek.manifest.json +12 -0
- package/lib/extensions/manifests/openrouter-google.manifest.json +12 -0
- package/lib/extensions/manifests/openrouter-llama.manifest.json +12 -0
- package/lib/extensions/manifests/openrouter-qwen.manifest.json +12 -0
- package/lib/extensions/manifests/openrouter.manifest.json +12 -0
- package/lib/extensions/manifests/postgres.manifest.json +12 -0
- package/lib/extensions/manifests/salesforce.manifest.json +12 -0
- package/lib/extensions/manifests/slack.manifest.json +58 -0
- package/lib/extensions/manifests/whisper.manifest.json +36 -0
- package/lib/extensions/validate.mjs +175 -0
- package/lib/features.mjs +13 -9
- package/lib/flows/checkpoint.mjs +184 -0
- package/lib/flows/constants.mjs +27 -0
- package/lib/flows/define.mjs +146 -0
- package/lib/flows/engine.mjs +249 -0
- package/lib/flows/errors.mjs +19 -0
- package/lib/flows/index.mjs +27 -0
- package/lib/flows/joins.mjs +18 -0
- package/lib/flows/schema.mjs +90 -0
- package/lib/flows/state.mjs +31 -0
- package/lib/frameworks/loader.mjs +99 -0
- package/lib/frameworks/schema.mjs +157 -0
- package/lib/graph/build-from-corpus.mjs +67 -0
- package/lib/graph/build-from-embed.mjs +82 -0
- package/lib/graph/build-from-registry.mjs +164 -3
- package/lib/graph/cli.mjs +456 -12
- package/lib/graph/gap-queries.mjs +156 -0
- package/lib/graph/gaps.mjs +41 -0
- package/lib/graph/impacted.mjs +129 -0
- package/lib/graph/runtime-evidence.mjs +177 -0
- package/lib/graph/security-coverage.mjs +113 -0
- package/lib/graph/staleness.mjs +241 -10
- package/lib/graph/store.mjs +24 -7
- package/lib/graph/validate.mjs +161 -0
- package/lib/headhunt.mjs +9 -8
- package/lib/health-check.mjs +15 -7
- package/lib/hook-health.mjs +1 -1
- package/lib/hooks/agent-tracker.mjs +10 -4
- package/lib/hooks/edit-guard.mjs +3 -3
- package/lib/hooks/graph-impact-advisory.mjs +2 -2
- package/lib/hooks/guard-bash.mjs +41 -15
- package/lib/hooks/mcp-health-check.mjs +11 -4
- package/lib/hooks/model-fallback.mjs +50 -6
- package/lib/hooks/orchestration-dispatch-guard.mjs +14 -3
- package/lib/hooks/pre-compact.mjs +181 -173
- package/lib/hooks/rule-verifier.mjs +2 -1
- package/lib/hooks/session-reflect.mjs +2 -1
- package/lib/hooks/session-start.mjs +3 -3
- package/lib/host-capabilities.mjs +13 -2
- package/lib/host-disposition.mjs +19 -7
- package/lib/identity.mjs +92 -0
- package/lib/ingest/degraded-extract.mjs +96 -0
- package/lib/ingest/docling-remote.mjs +2 -1
- package/lib/ingest/provider-extract.mjs +7 -19
- package/lib/ingest/sidecar-providers.mjs +196 -0
- package/lib/ingest-tooling.mjs +11 -5
- package/lib/init-unified.mjs +57 -45
- package/lib/init-update.mjs +2 -1
- package/lib/install/legacy-global-cleanup.mjs +25 -0
- package/lib/intake/daemon.mjs +99 -8
- package/lib/intake/git-queue.mjs +110 -38
- package/lib/intake/queue-registry.mjs +50 -0
- package/lib/intake/queue.mjs +133 -17
- package/lib/intake/session-prelude.mjs +57 -8
- package/lib/integrations/intake-integrations.mjs +61 -111
- package/lib/intent-classifier.mjs +43 -5
- package/lib/libreoffice-export.mjs +8 -8
- package/lib/logging/rotate.mjs +5 -4
- package/lib/mcp/broker.mjs +332 -17
- package/lib/mcp/denied-store.mjs +95 -0
- package/lib/mcp/destructive-gate.mjs +30 -0
- package/lib/mcp/dispatch-envelope.mjs +199 -0
- package/lib/mcp/memory-bridge.mjs +2 -1
- package/lib/mcp/server.mjs +154 -1411
- package/lib/mcp/tool-definitions-memory.mjs +376 -0
- package/lib/mcp/tool-definitions-project.mjs +271 -0
- package/lib/mcp/tool-definitions-skills.mjs +311 -0
- package/lib/mcp/tool-definitions-workflow.mjs +398 -0
- package/lib/mcp/tool-definitions.mjs +25 -0
- package/lib/mcp/tool-registry.mjs +107 -0
- package/lib/mcp/tool-safety.mjs +1 -0
- package/lib/mcp/tools/orchestration-delegation-next.tool.mjs +68 -0
- package/lib/mcp/tools/orchestration-run.mjs +165 -25
- package/lib/mcp/tools/orchestration-task-result.tool.mjs +77 -0
- package/lib/mcp/tools/provider-write.mjs +187 -0
- package/lib/mcp/tools/scope.mjs +0 -3
- package/lib/mcp/tools/skills.mjs +1 -1
- package/lib/mcp/tools/storage.mjs +0 -8
- package/lib/mcp/transport/auth.mjs +238 -0
- package/lib/mcp/transport/http.mjs +136 -0
- package/lib/mcp/transport/mode.mjs +31 -0
- package/lib/mcp/transport/stdio.mjs +22 -0
- package/lib/mcp-catalog.json +4 -4
- package/lib/mcp-manager.mjs +34 -23
- package/lib/mcp-platform-config.mjs +31 -7
- package/lib/mode-capabilities.mjs +109 -0
- package/lib/model-router.mjs +42 -9
- package/lib/models/catalog.mjs +40 -1
- package/lib/net-guard.mjs +247 -0
- package/lib/observation-store.mjs +6 -2
- package/lib/ollama/provision-context.mjs +2 -1
- package/lib/opencode-config.mjs +22 -3
- package/lib/opencode-runtime-plugin.mjs +120 -2
- package/lib/oracle/actions.mjs +204 -10
- package/lib/oracle/cli.mjs +24 -3
- package/lib/oracle/dispatch.mjs +2 -1
- package/lib/oracle/execute.mjs +2 -2
- package/lib/oracle/gaps.mjs +3 -3
- package/lib/oracle/heartbeat.mjs +53 -0
- package/lib/oracle/read-model.mjs +69 -13
- package/lib/oracle/reconcile.mjs +3 -46
- package/lib/oracle/routing.mjs +37 -31
- package/lib/oracle/synthesize.mjs +1 -1
- package/lib/orchestration/classification.mjs +434 -0
- package/lib/orchestration/delegation-flow.mjs +132 -0
- package/lib/orchestration/flow-selection.mjs +418 -0
- package/lib/orchestration/gates.mjs +244 -0
- package/lib/orchestration/host-sampling.mjs +121 -0
- package/lib/orchestration/policy-constants.mjs +48 -0
- package/lib/orchestration/provider-outcome.mjs +197 -0
- package/lib/orchestration/readiness.mjs +114 -13
- package/lib/orchestration/run-store-postgres.mjs +32 -26
- package/lib/orchestration/run-store-sqlite.mjs +8 -14
- package/lib/orchestration/run-store.mjs +25 -12
- package/lib/orchestration/runtime.mjs +446 -39
- package/lib/orchestration/store.mjs +87 -12
- package/lib/orchestration/trace-store.mjs +125 -0
- package/lib/orchestration/web-capability.mjs +3 -2
- package/lib/orchestration/worker-runtime.mjs +162 -0
- package/lib/orchestration/worker.mjs +528 -89
- package/lib/orchestration-policy.mjs +67 -1111
- package/lib/packs/cli.mjs +144 -0
- package/lib/packs/core-pack.mjs +112 -0
- package/lib/packs/enablement.mjs +187 -0
- package/lib/packs/index.mjs +23 -0
- package/lib/packs/loader.mjs +176 -0
- package/lib/packs/manifest-schema.mjs +58 -0
- package/lib/packs/prompts.mjs +120 -0
- package/lib/packs/validate.mjs +208 -0
- package/lib/plugin-registry.mjs +4 -5
- package/lib/policy/audit-gate.mjs +42 -0
- package/lib/policy/consumption-budget.mjs +149 -0
- package/lib/policy/engine.mjs +81 -6
- package/lib/policy/role-authority.mjs +89 -0
- package/lib/prompt-composer.js +19 -3
- package/lib/providers/contract/adapters/confluence/governed-write.mjs +215 -0
- package/lib/providers/contract/adapters/confluence/manifest.json +17 -0
- package/lib/providers/contract/adapters/confluence/transport.mjs +135 -0
- package/lib/providers/contract/adapters/github/governed-write.mjs +121 -0
- package/lib/providers/contract/adapters/github/index.mjs +38 -3
- package/lib/providers/contract/adapters/jira/adf.mjs +151 -0
- package/lib/providers/contract/adapters/jira/createmeta.mjs +143 -0
- package/lib/providers/contract/adapters/jira/governed-write.mjs +182 -0
- package/lib/providers/contract/adapters/jira/manifest.json +17 -0
- package/lib/providers/contract/adapters/jira/transport.mjs +119 -0
- package/lib/providers/contract.mjs +207 -0
- package/lib/providers/credential-bootstrap.mjs +7 -4
- package/lib/providers/credential-sources.mjs +14 -2
- package/lib/providers/directory/index.mjs +273 -0
- package/lib/providers/feedback/index.mjs +392 -0
- package/lib/providers/filter-audit.mjs +68 -0
- package/lib/providers/filter-schema.mjs +54 -0
- package/lib/providers/github/index.mjs +31 -0
- package/lib/providers/instance-config.mjs +215 -0
- package/lib/providers/op-locate.mjs +96 -0
- package/lib/providers/op-run.mjs +64 -9
- package/lib/providers/registry.mjs +26 -3
- package/lib/providers/secret-audit-wiring.mjs +6 -0
- package/lib/providers/secret-resolver.mjs +240 -23
- package/lib/publish-template.mjs +6 -3
- package/lib/publish-tooling.mjs +4 -0
- package/lib/publish.mjs +32 -4
- package/lib/queue/pg-queue.mjs +395 -0
- package/lib/reflect.mjs +2 -1
- package/lib/registry/assemble.mjs +28 -2
- package/lib/registry/consolidation.mjs +8 -1
- package/lib/registry/custom-scaffold.mjs +200 -0
- package/lib/registry/custom-schema.mjs +137 -0
- package/lib/registry/loader.mjs +8 -3
- package/lib/registry/manifests/format-engines.default.json +15 -0
- package/lib/registry/manifests/surface-map.default.json +46 -0
- package/lib/registry/retired-paths.mjs +1 -0
- package/lib/registry/surface-map.mjs +100 -50
- package/lib/render-visual-check.mjs +240 -0
- package/lib/resources/budget.mjs +40 -17
- package/lib/roles/flavor-bindings.mjs +36 -14
- package/lib/roles/gateway.mjs +15 -8
- package/lib/roots.mjs +107 -0
- package/lib/runtime/uv-bootstrap.mjs +32 -6
- package/lib/runtime/whisper-bootstrap.mjs +11 -3
- package/lib/runtime-env.mjs +5 -2
- package/lib/scheduler/index.mjs +8 -20
- package/lib/schema-infer.mjs +31 -2
- package/lib/scopes/lifecycle.mjs +29 -25
- package/lib/scopes/loader.mjs +49 -12
- package/lib/scopes/teams.mjs +1 -1
- package/lib/security/ingest-boundary.mjs +80 -0
- package/lib/security/recall-wrapper.mjs +99 -0
- package/lib/security/trust.mjs +132 -0
- package/lib/service-manager.mjs +38 -19
- package/lib/setup.mjs +41 -23
- package/lib/skills-apply.mjs +4 -2
- package/lib/specialists/postconditions.mjs +2 -2
- package/lib/state-root.mjs +147 -0
- package/lib/status.mjs +597 -6
- package/lib/storage/admin.mjs +77 -5
- package/lib/storage/backend-registry.mjs +73 -0
- package/lib/storage/backend.mjs +63 -9
- package/lib/storage/embeddings-openai.mjs +12 -2
- package/lib/storage/hybrid-query.mjs +11 -3
- package/lib/storage/retrieval-hardening.mjs +384 -0
- package/lib/storage/shared-memory.mjs +158 -0
- package/lib/storage/vector-client.mjs +69 -2
- package/lib/team/health.mjs +72 -0
- package/lib/telemetry/backends/local.mjs +9 -3
- package/lib/telemetry/client.mjs +3 -7
- package/lib/template-registry.mjs +10 -12
- package/lib/tenant/context.mjs +82 -0
- package/lib/tenant/isolation.mjs +129 -0
- package/lib/test-corpus-inventory.mjs +104 -2
- package/lib/uninstall/uninstall.mjs +78 -12
- package/lib/validator.mjs +4 -6
- package/lib/worker/entrypoint.mjs +2 -1
- package/lib/worker/run.mjs +2 -2
- package/lib/worker/trace.mjs +5 -11
- package/lib/workflow-state.mjs +52 -8
- package/lib/workflows/liveness.mjs +203 -0
- package/lib/workflows/loader.mjs +177 -0
- package/lib/workflows/manifest-schema.mjs +71 -0
- package/lib/workflows/surface-parity.mjs +118 -0
- package/lib/workflows/validate.mjs +127 -0
- package/lib/writes/control-plane.mjs +140 -0
- package/lib/writes/envelope.mjs +206 -0
- package/lib/writes/sent-log.mjs +86 -0
- package/lib/writes/write-intent.mjs +109 -0
- package/package.json +16 -8
- package/personas/construct.md +12 -3
- package/registry/capabilities.json +143 -36
- package/rules/common/comments.md +1 -0
- package/schemas/project-config.schema.json +0 -12
- package/schemas/unified-registry.schema.json +2 -4
- package/scripts/sync-specialists.mjs +284 -81
- package/skills/docs/adr-workflow.md +1 -1
- package/skills/docs/codebase-research-workflow.md +3 -3
- package/skills/docs/prd-workflow.md +5 -6
- package/skills/docs/runbook-workflow.md +2 -2
- package/skills/docs/user-research-workflow.md +3 -3
- package/skills/operating/fleet-health-routing.md +77 -0
- package/skills/roles/ai-engineer.md +1 -1
- package/skills/roles/architect.md +0 -1
- package/skills/roles/business-strategist.md +1 -1
- package/skills/roles/data-analyst.telemetry.md +1 -1
- package/skills/roles/data-engineer.md +1 -1
- package/skills/roles/data-engineer.pipeline.md +1 -1
- package/skills/roles/data-engineer.vector-retrieval.md +1 -2
- package/skills/roles/data-engineer.warehouse.md +1 -1
- package/skills/roles/designer.accessibility.md +1 -1
- package/skills/roles/designer.md +0 -1
- package/skills/roles/devil-advocate.md +1 -1
- package/skills/roles/docs-keeper.md +1 -1
- package/skills/roles/evaluator.md +1 -1
- package/skills/roles/explorer.md +1 -1
- package/skills/roles/platform-engineer.md +1 -1
- package/skills/roles/qa.ai-eval.md +1 -2
- package/skills/roles/qa.api-contract.md +0 -1
- package/skills/roles/qa.data-pipeline.md +0 -1
- package/skills/roles/qa.md +0 -1
- package/skills/roles/qa.web-ui.md +0 -1
- package/skills/roles/release-manager.md +1 -1
- package/skills/roles/researcher.md +0 -2
- package/skills/roles/reviewer.md +0 -3
- package/skills/roles/security.ai.md +1 -1
- package/skills/roles/security.legal-compliance.md +1 -1
- package/skills/roles/security.md +0 -1
- package/skills/roles/security.privacy.md +0 -1
- package/skills/roles/security.supply-chain.md +1 -1
- package/skills/roles/sre.md +1 -1
- package/skills/roles/test-automation.md +1 -1
- package/skills/roles/trace-reviewer.md +1 -1
- package/skills/roles/ux-researcher.md +1 -1
- package/specialists/artifact-manifest.json +36 -36
- package/specialists/org/contracts/accessibility-to-qa.json +11 -3
- package/specialists/org/contracts/any-to-business-strategist.json +19 -7
- package/specialists/org/contracts/any-to-debugger.json +7 -1
- package/specialists/org/contracts/any-to-designer.json +7 -1
- package/specialists/org/contracts/any-to-docs-keeper.json +18 -4
- package/specialists/org/contracts/any-to-explorer.json +13 -4
- package/specialists/org/contracts/any-to-sre-incident.json +6 -2
- package/specialists/org/contracts/any-to-trace-reviewer.json +16 -4
- package/specialists/org/contracts/architect-to-ai-engineer.json +6 -2
- package/specialists/org/contracts/architect-to-data-engineer.json +17 -5
- package/specialists/org/contracts/architect-to-devil-advocate.json +11 -3
- package/specialists/org/contracts/architect-to-engineer.json +20 -4
- package/specialists/org/contracts/architect-to-evaluator.json +15 -5
- package/specialists/org/contracts/architect-to-legal-compliance.json +15 -5
- package/specialists/org/contracts/architect-to-operations.json +17 -4
- package/specialists/org/contracts/architect-to-platform-engineer.json +20 -4
- package/specialists/org/contracts/construct-to-orchestrator.json +10 -2
- package/specialists/org/contracts/data-analyst-to-product-manager.json +11 -2
- package/specialists/org/contracts/engineer-to-qa.json +20 -4
- package/specialists/org/contracts/engineer-to-reviewer.json +29 -5
- package/specialists/org/contracts/explorer-to-engineer.json +11 -3
- package/specialists/org/contracts/legal-compliance-to-release-manager.json +12 -4
- package/specialists/org/contracts/operations-to-user.json +53 -0
- package/specialists/org/contracts/operations-triage-output.json +53 -0
- package/specialists/org/contracts/pm-requirements-candidates.json +53 -0
- package/specialists/org/contracts/product-manager-to-architect.json +30 -10
- package/specialists/org/contracts/product-manager-to-data-analyst.json +13 -3
- package/specialists/org/contracts/product-manager-to-ux-researcher.json +15 -5
- package/specialists/org/contracts/qa-to-release-manager.json +11 -3
- package/specialists/org/contracts/researcher-to-architect.json +10 -2
- package/specialists/org/contracts/researcher-to-product-manager.json +16 -5
- package/specialists/org/contracts/reviewer-to-security.json +17 -3
- package/specialists/org/contracts/test-automation-to-engineer.json +11 -3
- package/specialists/org/contracts/trace-reviewer-to-sre.json +12 -4
- package/specialists/org/contracts/user-to-construct.json +11 -4
- package/specialists/org/frameworks/cx-architect-constraint-option-failure.md +66 -0
- package/specialists/org/frameworks/cx-engineer-feasibility-blast-radius.md +66 -0
- package/specialists/org/frameworks/cx-ops-dependency-sequencing.md +74 -0
- package/specialists/org/frameworks/cx-pm-value-tradeoff.md +66 -0
- package/specialists/org/frameworks/cx-qa-risk-based-coverage.md +69 -0
- package/specialists/org/groups/engineering-group.json +2 -6
- package/specialists/org/groups/governance-group.json +2 -3
- package/specialists/org/groups/operations-group.json +5 -8
- package/specialists/org/groups/product-group.json +4 -8
- package/specialists/org/groups/quality-group.json +3 -7
- package/specialists/org/groups/strategy-group.json +6 -9
- package/specialists/org/models.json.example +8 -0
- package/specialists/org/scopes/creative.json +6 -1
- package/specialists/org/scopes/operations.json +7 -1
- package/specialists/org/scopes/research.json +6 -1
- package/specialists/org/scopes/rnd.json +7 -1
- package/specialists/org/specialists/cx-architect.json +27 -8
- package/specialists/org/specialists/cx-designer.json +22 -8
- package/specialists/org/specialists/cx-engineer.json +71 -7
- package/specialists/org/specialists/cx-operations.json +89 -15
- package/specialists/org/specialists/cx-orchestrator.json +16 -4
- package/specialists/org/specialists/cx-product-manager.json +28 -9
- package/specialists/org/specialists/cx-qa.json +16 -6
- package/specialists/org/specialists/cx-researcher.json +40 -7
- package/specialists/org/specialists/cx-reviewer.json +61 -11
- package/specialists/org/specialists/cx-security.json +30 -10
- package/specialists/org/teams/design-team.json +3 -4
- package/specialists/org/teams/engineering-team.json +3 -10
- package/specialists/org/teams/governance-team.json +3 -5
- package/specialists/org/teams/operations-team.json +6 -12
- package/specialists/org/teams/product-management-team.json +2 -3
- package/specialists/org/teams/quality-team.json +4 -12
- package/specialists/org/teams/research-team.json +3 -3
- package/specialists/org/teams/strategy-team.json +7 -14
- package/specialists/prompts/cx-architect.md +20 -1
- package/specialists/prompts/cx-data-analyst.md +1 -1
- package/specialists/prompts/cx-designer.md +12 -4
- package/specialists/prompts/cx-engineer.md +15 -1
- package/specialists/prompts/cx-operations.md +14 -2
- package/specialists/prompts/cx-orchestrator.md +9 -5
- package/specialists/prompts/cx-product-manager.md +5 -1
- package/specialists/prompts/cx-qa.md +6 -2
- package/specialists/prompts/cx-researcher.md +25 -30
- package/specialists/prompts/cx-reviewer.md +19 -1
- package/specialists/prompts/cx-security.md +5 -1
- package/templates/distribution/construct-brand.typ +123 -59
- package/templates/distribution/construct-decision.typ +6 -3
- package/templates/distribution/construct-pdf.typ +11 -4
- package/templates/distribution/construct-prd.typ +6 -3
- package/templates/distribution/construct-research.typ +7 -4
- package/lib/providers/contract/adapters/git/index.mjs +0 -115
- package/lib/providers/contract/adapters/slack/index.mjs +0 -175
- package/specialists/org/contracts/business-strategist-to-product-manager.json +0 -39
- package/specialists/org/contracts/construct-to-rd-lead.json +0 -53
- package/specialists/org/contracts/data-engineer-to-platform-engineer.json +0 -36
- package/specialists/org/contracts/designer-to-accessibility.json +0 -36
- package/specialists/org/contracts/platform-engineer-to-engineer.json +0 -31
- package/specialists/org/contracts/qa-to-test-automation.json +0 -42
- package/specialists/org/contracts/rd-lead-to-architect.json +0 -38
- package/specialists/org/contracts/sre-to-release-manager.json +0 -36
- package/specialists/org/specialists/cx-accessibility.json +0 -69
- package/specialists/org/specialists/cx-ai-engineer.json +0 -75
- package/specialists/org/specialists/cx-business-strategist.json +0 -72
- package/specialists/org/specialists/cx-data-engineer.json +0 -71
- package/specialists/org/specialists/cx-devil-advocate.json +0 -71
- package/specialists/org/specialists/cx-docs-keeper.json +0 -82
- package/specialists/org/specialists/cx-evaluator.json +0 -69
- package/specialists/org/specialists/cx-explorer.json +0 -69
- package/specialists/org/specialists/cx-legal-compliance.json +0 -74
- package/specialists/org/specialists/cx-oracle.json +0 -46
- package/specialists/org/specialists/cx-platform-engineer.json +0 -80
- package/specialists/org/specialists/cx-rd-lead.json +0 -73
- package/specialists/org/specialists/cx-release-manager.json +0 -77
- package/specialists/org/specialists/cx-sre.json +0 -94
- package/specialists/org/specialists/cx-test-automation.json +0 -69
- package/specialists/org/specialists/cx-trace-reviewer.json +0 -69
- package/specialists/org/specialists/cx-ux-researcher.json +0 -68
- package/specialists/org/teams/accessibility-team.json +0 -39
- package/specialists/org/teams/ux-research-team.json +0 -39
- package/specialists/prompts/cx-accessibility.md +0 -55
- package/specialists/prompts/cx-ai-engineer.md +0 -124
- package/specialists/prompts/cx-business-strategist.md +0 -58
- package/specialists/prompts/cx-data-engineer.md +0 -55
- package/specialists/prompts/cx-devil-advocate.md +0 -59
- package/specialists/prompts/cx-docs-keeper.md +0 -164
- package/specialists/prompts/cx-evaluator.md +0 -49
- package/specialists/prompts/cx-explorer.md +0 -71
- package/specialists/prompts/cx-legal-compliance.md +0 -58
- package/specialists/prompts/cx-oracle.md +0 -98
- package/specialists/prompts/cx-platform-engineer.md +0 -97
- package/specialists/prompts/cx-rd-lead.md +0 -59
- package/specialists/prompts/cx-release-manager.md +0 -54
- package/specialists/prompts/cx-sre.md +0 -111
- package/specialists/prompts/cx-test-automation.md +0 -55
- package/specialists/prompts/cx-trace-reviewer.md +0 -101
- package/specialists/prompts/cx-ux-researcher.md +0 -53
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"id": "qa-to-release-manager",
|
|
3
3
|
"producer": "cx-qa",
|
|
4
|
-
"consumer": "cx-
|
|
4
|
+
"consumer": "cx-operations",
|
|
5
5
|
"trigger": {
|
|
6
6
|
"intent": [
|
|
7
7
|
"implementation"
|
|
@@ -29,8 +29,16 @@
|
|
|
29
29
|
"All upstream verdicts APPROVED; QA verdict PASS"
|
|
30
30
|
],
|
|
31
31
|
"postconditions": [
|
|
32
|
-
|
|
33
|
-
|
|
32
|
+
{
|
|
33
|
+
"id": "qa-to-release-manager-pc-0-rollback-plan-tested-not-just-described",
|
|
34
|
+
"description": "Rollback plan tested, not just described",
|
|
35
|
+
"postconditionType": "advisory"
|
|
36
|
+
},
|
|
37
|
+
{
|
|
38
|
+
"id": "qa-to-release-manager-pc-1-rollout-plan-has-concrete-checkpoint-signals",
|
|
39
|
+
"description": "Rollout plan has concrete checkpoint signals",
|
|
40
|
+
"postconditionType": "advisory"
|
|
41
|
+
}
|
|
34
42
|
],
|
|
35
43
|
"description": "",
|
|
36
44
|
"teamBoundary": {
|
|
@@ -27,8 +27,16 @@
|
|
|
27
27
|
"Source classes tagged (internal/primary/secondary/tertiary)"
|
|
28
28
|
],
|
|
29
29
|
"postconditions": [
|
|
30
|
-
|
|
31
|
-
|
|
30
|
+
{
|
|
31
|
+
"id": "researcher-to-architect-pc-0-architect-s-adr-cites-the-primary",
|
|
32
|
+
"description": "Architect's ADR cites the primary sources provided",
|
|
33
|
+
"postconditionType": "advisory"
|
|
34
|
+
},
|
|
35
|
+
{
|
|
36
|
+
"id": "researcher-to-architect-pc-1-any-conflicting-evidence-surfaced-not-suppressed",
|
|
37
|
+
"description": "Any conflicting evidence surfaced, not suppressed",
|
|
38
|
+
"postconditionType": "advisory"
|
|
39
|
+
}
|
|
32
40
|
],
|
|
33
41
|
"description": "",
|
|
34
42
|
"teamBoundary": {
|
|
@@ -33,24 +33,35 @@
|
|
|
33
33
|
"Evidence threshold stated and met for each requirement"
|
|
34
34
|
],
|
|
35
35
|
"postconditions": [
|
|
36
|
-
|
|
37
|
-
|
|
36
|
+
{
|
|
37
|
+
"id": "researcher-to-product-manager-pc-0-prd-problem-section-does-not-reference",
|
|
38
|
+
"description": "PRD Problem section does not reference ticket IDs, roadmap items, or artifact filenames",
|
|
39
|
+
"postconditionType": "advisory"
|
|
40
|
+
},
|
|
41
|
+
{
|
|
42
|
+
"id": "researcher-to-product-manager-pc-1-every-functional-requirement-traces-to-observed",
|
|
43
|
+
"description": "Every functional requirement traces to observed user evidence",
|
|
44
|
+
"postconditionType": "advisory"
|
|
45
|
+
},
|
|
38
46
|
{
|
|
39
47
|
"id": "prd-has-problem-section",
|
|
40
48
|
"description": "PRD must contain a Problem section",
|
|
41
49
|
"check": "artifact-has-section",
|
|
42
|
-
"section": "Problem"
|
|
50
|
+
"section": "Problem",
|
|
51
|
+
"postconditionType": "executable"
|
|
43
52
|
},
|
|
44
53
|
{
|
|
45
54
|
"id": "prd-numeric-claims-cited",
|
|
46
55
|
"description": "Every numeric claim in the PRD body cites a source (no fabricated percentages or multipliers)",
|
|
47
|
-
"check": "artifact-claims-cited"
|
|
56
|
+
"check": "artifact-claims-cited",
|
|
57
|
+
"postconditionType": "executable"
|
|
48
58
|
},
|
|
49
59
|
{
|
|
50
60
|
"id": "prd-manifest-reviewers",
|
|
51
61
|
"description": "Manifest required reviewers must appear in agent log before handoff",
|
|
52
62
|
"check": "artifact-reviewers-seen",
|
|
53
|
-
"fromManifest": true
|
|
63
|
+
"fromManifest": true,
|
|
64
|
+
"postconditionType": "executable"
|
|
54
65
|
}
|
|
55
66
|
],
|
|
56
67
|
"description": ""
|
|
@@ -27,9 +27,23 @@
|
|
|
27
27
|
"Scope tagged as auth/secrets/payments/user-data"
|
|
28
28
|
],
|
|
29
29
|
"postconditions": [
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
30
|
+
{
|
|
31
|
+
"id": "reviewer-to-security-pc-0-attacker-perspective-findings-logged",
|
|
32
|
+
"description": "Attacker-perspective findings logged",
|
|
33
|
+
"postconditionType": "advisory"
|
|
34
|
+
},
|
|
35
|
+
{
|
|
36
|
+
"id": "reviewer-to-security-pc-1-threat-model-updated-if-architecture-surface",
|
|
37
|
+
"description": "Threat model updated if architecture surface changed",
|
|
38
|
+
"postconditionType": "advisory"
|
|
39
|
+
},
|
|
40
|
+
{
|
|
41
|
+
"id": "reviewer-to-security-pc-2-threatmodelupdatedat-contractstart-prevents-post-hoc-threat",
|
|
42
|
+
"description": "threatModelUpdatedAt >= contractStart — prevents post-hoc threat models written after the architecture has shipped",
|
|
43
|
+
"postconditionType": "executable",
|
|
44
|
+
"enforcedVia": "binary-postcondition",
|
|
45
|
+
"enforcedBy": "security.threat-model-not-post-hoc"
|
|
46
|
+
}
|
|
33
47
|
],
|
|
34
48
|
"description": "",
|
|
35
49
|
"teamBoundary": {
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"id": "test-automation-to-engineer",
|
|
3
|
-
"producer": "cx-
|
|
3
|
+
"producer": "cx-qa",
|
|
4
4
|
"consumer": "cx-engineer",
|
|
5
5
|
"trigger": {
|
|
6
6
|
"automation.required": true
|
|
@@ -21,8 +21,16 @@
|
|
|
21
21
|
"Test scaffolding lands before behavioral edits so the test fails for the right reason first"
|
|
22
22
|
],
|
|
23
23
|
"postconditions": [
|
|
24
|
-
|
|
25
|
-
|
|
24
|
+
{
|
|
25
|
+
"id": "test-automation-to-engineer-pc-0-engineer-adds-at-least-one-failing",
|
|
26
|
+
"description": "Engineer adds at least one failing test that demonstrates the bug or missing behavior before implementing the fix",
|
|
27
|
+
"postconditionType": "advisory"
|
|
28
|
+
},
|
|
29
|
+
{
|
|
30
|
+
"id": "test-automation-to-engineer-pc-1-quarantined-flaky-tests-carry-an-owner",
|
|
31
|
+
"description": "Quarantined flaky tests carry an owner and a remediation date",
|
|
32
|
+
"postconditionType": "advisory"
|
|
33
|
+
}
|
|
26
34
|
],
|
|
27
35
|
"description": "",
|
|
28
36
|
"teamBoundary": {
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"id": "trace-reviewer-to-sre",
|
|
3
|
-
"producer": "cx-
|
|
4
|
-
"consumer": "cx-
|
|
3
|
+
"producer": "cx-reviewer",
|
|
4
|
+
"consumer": "cx-operations",
|
|
5
5
|
"trigger": {
|
|
6
6
|
"trace.anomaly": true,
|
|
7
7
|
"riskFlags": [
|
|
@@ -28,8 +28,16 @@
|
|
|
28
28
|
"Flagged agents meet the minimum trace threshold (20+); insufficient-trace agents deferred"
|
|
29
29
|
],
|
|
30
30
|
"postconditions": [
|
|
31
|
-
|
|
32
|
-
|
|
31
|
+
{
|
|
32
|
+
"id": "trace-reviewer-to-sre-pc-0-sre-adjusts-alert-thresholds-or-slos",
|
|
33
|
+
"description": "SRE adjusts alert thresholds or SLOs based on the cited trace evidence",
|
|
34
|
+
"postconditionType": "advisory"
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
"id": "trace-reviewer-to-sre-pc-1-runbook-updated-for-the-failure-pattern",
|
|
38
|
+
"description": "Runbook updated for the failure pattern identified at fleet level",
|
|
39
|
+
"postconditionType": "advisory"
|
|
40
|
+
}
|
|
33
41
|
],
|
|
34
42
|
"description": "",
|
|
35
43
|
"teamBoundary": {
|
|
@@ -15,16 +15,23 @@
|
|
|
15
15
|
"shape": "routed-plan",
|
|
16
16
|
"mustContain": [
|
|
17
17
|
"track",
|
|
18
|
-
"specialists"
|
|
19
|
-
"dispatchPlan"
|
|
18
|
+
"specialists"
|
|
20
19
|
]
|
|
21
20
|
},
|
|
22
21
|
"preconditions": [
|
|
23
22
|
"Session bootstrap completed: project_context and memory_search called, plus relevant repo docs read as needed"
|
|
24
23
|
],
|
|
25
24
|
"postconditions": [
|
|
26
|
-
|
|
27
|
-
|
|
25
|
+
{
|
|
26
|
+
"id": "user-to-construct-pc-0-intent-classified-work-category-tagged",
|
|
27
|
+
"description": "Intent classified; work category tagged",
|
|
28
|
+
"postconditionType": "advisory"
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
"id": "user-to-construct-pc-1-route-decision-surfaced-as-a-single",
|
|
32
|
+
"description": "Route decision surfaced as a single-sentence plan",
|
|
33
|
+
"postconditionType": "advisory"
|
|
34
|
+
}
|
|
28
35
|
],
|
|
29
36
|
"description": ""
|
|
30
37
|
}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: cx-architect-constraint-option-failure
|
|
3
|
+
version: 1
|
|
4
|
+
appliesToRole: architect
|
|
5
|
+
summary: >-
|
|
6
|
+
Walks a design decision from constraint mapping through scored options to
|
|
7
|
+
the failure modes the chosen option must survive.
|
|
8
|
+
steps:
|
|
9
|
+
- id: constraint-mapping
|
|
10
|
+
move: Name the invariants and the constraints
|
|
11
|
+
question: What are the invariants, and what breaks if they're violated?
|
|
12
|
+
emits: constraint-map
|
|
13
|
+
cites: source
|
|
14
|
+
- id: option-scoring
|
|
15
|
+
move: Score each option against the constraints
|
|
16
|
+
question: For each candidate approach, how well does it satisfy the constraint map, and at what cost?
|
|
17
|
+
emits: option-scoring
|
|
18
|
+
cites: prior-step
|
|
19
|
+
- id: decision
|
|
20
|
+
move: Choose and name what was rejected
|
|
21
|
+
question: Given the scores, which option is chosen, and why were the others rejected?
|
|
22
|
+
emits: decision-record
|
|
23
|
+
cites: prior-step
|
|
24
|
+
- id: failure-modes
|
|
25
|
+
move: Enumerate how the chosen option fails
|
|
26
|
+
question: Under what conditions does the chosen option break, and what is the blast radius of that failure?
|
|
27
|
+
emits: failure-modes
|
|
28
|
+
cites: prior-step
|
|
29
|
+
---
|
|
30
|
+
|
|
31
|
+
Run these four moves before an ADR is written. Each move produces one
|
|
32
|
+
labeled output; the framework exists to prevent decisions that emerged from
|
|
33
|
+
code rather than from deliberate, documented tradeoffs.
|
|
34
|
+
|
|
35
|
+
**constraint-mapping.** Name the system's invariants — the properties that
|
|
36
|
+
must hold — and the constraints (technical, organizational, regulatory) that
|
|
37
|
+
bound the solution space. `constraint-map` cites the source the invariant or
|
|
38
|
+
constraint comes from: an existing contract, a data model, a compliance
|
|
39
|
+
requirement, a prior ADR. An invented invariant is worse than no invariant —
|
|
40
|
+
write `unknown` when a constraint is suspected but not confirmed.
|
|
41
|
+
|
|
42
|
+
**option-scoring.** For every candidate approach (including "do nothing"),
|
|
43
|
+
score it against the constraint map: what it satisfies, what it costs, what
|
|
44
|
+
it risks. `option-scoring` cites the constraint map (`prior-step`) — a score
|
|
45
|
+
is a function of the constraints named, not a separate intuition about which
|
|
46
|
+
option "feels right."
|
|
47
|
+
|
|
48
|
+
**decision.** Choose the option the scoring favors and name specifically why
|
|
49
|
+
the others were rejected — this is the ADR's Rejected Alternatives section.
|
|
50
|
+
`decision-record` cites the option scoring (`prior-step`): the chosen option
|
|
51
|
+
follows from the scores, and the rejection reasons are the scoring
|
|
52
|
+
dimensions the losing options failed on, not a generic "didn't fit."
|
|
53
|
+
|
|
54
|
+
**failure-modes.** For the chosen option, enumerate the conditions under
|
|
55
|
+
which it breaks and the blast radius of that failure — this is the ADR's
|
|
56
|
+
Consequences and Reversibility material. `failure-modes` cites the decision
|
|
57
|
+
record (`prior-step`): the failure modes are specific to what was actually
|
|
58
|
+
chosen, not a boilerplate risk list that would apply to any option.
|
|
59
|
+
|
|
60
|
+
Good output: a constraint map with cited invariants, option scores that show
|
|
61
|
+
their work against those constraints, a decision record with ≥2 rejected
|
|
62
|
+
alternatives and specific rejection reasons, and failure modes that name
|
|
63
|
+
concrete breaking conditions and their blast radius. Bad output: a decision
|
|
64
|
+
with no rejected alternatives (the decision defaulted), constraints asserted
|
|
65
|
+
without a source, or failure modes that just restate generic engineering
|
|
66
|
+
risk ("could have bugs").
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: cx-engineer-feasibility-blast-radius
|
|
3
|
+
version: 1
|
|
4
|
+
appliesToRole: engineer
|
|
5
|
+
summary: >-
|
|
6
|
+
Walks an implementation task from a feasibility read through an effort
|
|
7
|
+
class to a blast-radius assessment naming what could break in integration.
|
|
8
|
+
steps:
|
|
9
|
+
- id: read-first
|
|
10
|
+
move: Read the existing pattern before writing
|
|
11
|
+
question: What does the code that already does something similar look like?
|
|
12
|
+
emits: feasibility-assessment
|
|
13
|
+
cites: source
|
|
14
|
+
- id: effort-class
|
|
15
|
+
move: Classify the effort
|
|
16
|
+
question: Given the existing pattern, is this a small, medium, or large change?
|
|
17
|
+
emits: effort-class
|
|
18
|
+
cites: prior-step
|
|
19
|
+
- id: debt-check
|
|
20
|
+
move: Name debt this change takes on or pays down
|
|
21
|
+
question: Does this change introduce a shortcut, or does it retire one?
|
|
22
|
+
emits: debt-note
|
|
23
|
+
cites: source
|
|
24
|
+
- id: blast-radius
|
|
25
|
+
move: Trace what else could break
|
|
26
|
+
question: What callers, seams, or integration points does this change touch beyond its own file?
|
|
27
|
+
emits: blast-radius
|
|
28
|
+
cites: prior-step
|
|
29
|
+
---
|
|
30
|
+
|
|
31
|
+
Run these four moves before writing implementation code. Each move produces
|
|
32
|
+
one labeled output; skipping "read-first" is the specific failure mode this
|
|
33
|
+
framework exists to prevent.
|
|
34
|
+
|
|
35
|
+
**read-first.** Grep and read the files this change will touch and the
|
|
36
|
+
files that already solve something similar. `feasibility-assessment` cites
|
|
37
|
+
file:line for every claim about existing behavior or convention — never a
|
|
38
|
+
remembered API shape or an assumed function signature. If the existing
|
|
39
|
+
pattern is genuinely absent, the assessment says so and names what was
|
|
40
|
+
searched.
|
|
41
|
+
|
|
42
|
+
**effort-class.** Given what read-first found, classify the change as S/M/L
|
|
43
|
+
— matching the `complexity` enum already used in `lib/contract-schemas/decision.json`
|
|
44
|
+
tasks, so the classification is legible to the architect who assigned the
|
|
45
|
+
task. `effort-class` cites the feasibility assessment (`prior-step`): the
|
|
46
|
+
class follows from what the code actually looks like, not from a guess made
|
|
47
|
+
before reading it.
|
|
48
|
+
|
|
49
|
+
**debt-check.** Name any technical debt this change introduces (a shortcut,
|
|
50
|
+
a TODO, a workaround) or retires (removing dead code, fixing a known
|
|
51
|
+
sharp edge). `debt-note` cites the specific file:line the debt lives in or
|
|
52
|
+
the run/test that shows a shortcut is gone — debt is never asserted in the
|
|
53
|
+
abstract.
|
|
54
|
+
|
|
55
|
+
**blast-radius.** Trace every caller, seam, or integration point this change
|
|
56
|
+
touches beyond the file being edited — the place where "it works in
|
|
57
|
+
isolation and breaks in integration" would show up. `blast-radius` cites the
|
|
58
|
+
effort class and feasibility assessment (`prior-step`): the radius is
|
|
59
|
+
derived from what was actually read, not a boilerplate "should be low risk."
|
|
60
|
+
|
|
61
|
+
Good output: a feasibility assessment citing file:line for every claim, an
|
|
62
|
+
effort class that matches the actual diff size once written, a debt note
|
|
63
|
+
that names a specific shortcut or a specific removal, and a blast-radius
|
|
64
|
+
list naming actual callers or integration seams. Bad output: "should be
|
|
65
|
+
straightforward," an effort class assigned before reading any code, or a
|
|
66
|
+
blast-radius section that says "low risk" with no callers named.
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: cx-ops-dependency-sequencing
|
|
3
|
+
version: 1
|
|
4
|
+
appliesToRole: operations
|
|
5
|
+
summary: >-
|
|
6
|
+
Walks an approved plan from dependency mapping through critical path and
|
|
7
|
+
ownership to a risk register that names timeline-slippage checks.
|
|
8
|
+
steps:
|
|
9
|
+
- id: dependency-mapping
|
|
10
|
+
move: Map what blocks what
|
|
11
|
+
question: For each task, what must complete before it can start?
|
|
12
|
+
emits: dependency-graph
|
|
13
|
+
cites: source
|
|
14
|
+
- id: critical-path
|
|
15
|
+
move: Trace the longest dependent chain
|
|
16
|
+
question: Which sequence of blocking tasks sets the floor on total duration?
|
|
17
|
+
emits: sequenced-tasks
|
|
18
|
+
cites: prior-step
|
|
19
|
+
- id: ownership
|
|
20
|
+
move: Name one owner per task
|
|
21
|
+
question: Who is accountable for each task in the sequence, by name or role?
|
|
22
|
+
emits: ownership-matrix
|
|
23
|
+
cites: source
|
|
24
|
+
- id: verification
|
|
25
|
+
move: Attach a verification gate to each task
|
|
26
|
+
question: What check proves this task is actually done, not just started?
|
|
27
|
+
emits: verification-gates
|
|
28
|
+
cites: prior-step
|
|
29
|
+
- id: slippage-risk
|
|
30
|
+
move: Register what could slip and by how much
|
|
31
|
+
question: Where in the sequence is slack thinnest, and what early signal shows slippage?
|
|
32
|
+
emits: slippage-risk
|
|
33
|
+
cites: prior-step
|
|
34
|
+
---
|
|
35
|
+
|
|
36
|
+
Run these five moves in order whenever an architect's decision hands off a
|
|
37
|
+
plan for execution. Each move produces one labeled output; a plan is not
|
|
38
|
+
executable until all five exist.
|
|
39
|
+
|
|
40
|
+
**dependency-mapping.** For every task in the incoming plan, name what must
|
|
41
|
+
finish first. The `dependency-graph` output cites the contract, manifest, or
|
|
42
|
+
runtime config the dependency is based on — not an assumption about how
|
|
43
|
+
teams "usually" sequence work. A task with no stated dependency is either
|
|
44
|
+
truly independent or the dependency has not yet been found; say which.
|
|
45
|
+
|
|
46
|
+
**critical-path.** Using the dependency graph, trace the longest chain of
|
|
47
|
+
blocking tasks — the sequence that sets the floor on how fast this can ship
|
|
48
|
+
regardless of parallel capacity. `sequenced-tasks` cites the dependency graph
|
|
49
|
+
(`prior-step`): the sequence is derived from the graph, not from a
|
|
50
|
+
convenient story about task order.
|
|
51
|
+
|
|
52
|
+
**ownership.** For every task, name one accountable owner — a person or a
|
|
53
|
+
named role, never "the team" or a placeholder. `ownership-matrix` cites the
|
|
54
|
+
same source class as the dependency graph: an owner is asserted because a
|
|
55
|
+
manifest, org chart, or prior handoff says so, not invented to fill the
|
|
56
|
+
matrix.
|
|
57
|
+
|
|
58
|
+
**verification.** Attach a concrete verification gate to each task: the
|
|
59
|
+
check that proves the task is actually complete. `verification-gates` cites
|
|
60
|
+
the sequenced tasks (`prior-step`) — a gate with no corresponding task, or a
|
|
61
|
+
task with no gate, is an incomplete plan.
|
|
62
|
+
|
|
63
|
+
**slippage-risk.** Identify where slack is thinnest on the critical path and
|
|
64
|
+
what early, observable signal would show slippage before the deadline
|
|
65
|
+
arrives. `slippage-risk` cites the verification gates (`prior-step`): the
|
|
66
|
+
risk register is built from the same gates that will actually fire, not a
|
|
67
|
+
generic list of things that could go wrong.
|
|
68
|
+
|
|
69
|
+
Good output: a dependency graph with named sources, a critical path derived
|
|
70
|
+
from that graph, an ownership matrix with no placeholder owners,
|
|
71
|
+
verification gates that map one-to-one to tasks, and a slippage risk entry
|
|
72
|
+
naming an observable early signal. Bad output: "everything can start now"
|
|
73
|
+
(no dependencies drawn), an owner named "the team," or a verification gate
|
|
74
|
+
that just restates the task description.
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: cx-pm-value-tradeoff
|
|
3
|
+
version: 1
|
|
4
|
+
appliesToRole: product-manager
|
|
5
|
+
summary: >-
|
|
6
|
+
Walks a product decision from user value through the tradeoff space to a
|
|
7
|
+
prioritization call, then closes with testable acceptance criteria.
|
|
8
|
+
steps:
|
|
9
|
+
- id: user-value
|
|
10
|
+
move: Name the user and the job
|
|
11
|
+
question: Whose problem is this and what job are they hiring it for?
|
|
12
|
+
emits: value-statement
|
|
13
|
+
cites: source
|
|
14
|
+
- id: tradeoffs
|
|
15
|
+
move: Surface the tradeoff space
|
|
16
|
+
question: What does choosing this cost, and who bears it?
|
|
17
|
+
emits: tradeoff-table
|
|
18
|
+
cites: source
|
|
19
|
+
- id: prioritization
|
|
20
|
+
move: Make the call and say what it defers
|
|
21
|
+
question: Given the tradeoffs, what ships now and what is explicitly deferred?
|
|
22
|
+
emits: prioritization-call
|
|
23
|
+
cites: prior-step
|
|
24
|
+
- id: acceptance-criteria
|
|
25
|
+
move: Write acceptance criteria that can fail
|
|
26
|
+
question: For each requirement, what observable, binary check proves it's done?
|
|
27
|
+
emits: acceptance-criteria
|
|
28
|
+
cites: prior-step
|
|
29
|
+
---
|
|
30
|
+
|
|
31
|
+
Run these four moves in order on every product decision that reaches a PRD,
|
|
32
|
+
meta-PRD, or backlog proposal. Each move produces one labeled output; do not
|
|
33
|
+
skip a move because the answer "seems obvious" — an obvious answer still
|
|
34
|
+
needs its citation.
|
|
35
|
+
|
|
36
|
+
**user-value.** Name a specific user (a role, a segment, an account — not
|
|
37
|
+
"users" in the abstract) and the job they are hiring this feature for. The
|
|
38
|
+
`value-statement` output cites the customer note, support ticket, research
|
|
39
|
+
artifact, or intake packet the user reality came from. If no such source
|
|
40
|
+
exists yet, the value statement is `unknown` — do not infer a persona to fill
|
|
41
|
+
the gap (see `rules/common/no-fabrication.md`).
|
|
42
|
+
|
|
43
|
+
**tradeoffs.** For the value statement above, list what this choice costs and
|
|
44
|
+
who bears the cost: engineering time, a deferred feature, a support burden, a
|
|
45
|
+
technical constraint accepted. The `tradeoff-table` output cites the same
|
|
46
|
+
kind of source as the value statement — a tradeoff is not a tradeoff until
|
|
47
|
+
someone bears it, and that someone is named.
|
|
48
|
+
|
|
49
|
+
**prioritization.** Given the tradeoff table, state what ships now and what is
|
|
50
|
+
explicitly deferred, and why the deferred item can wait. The
|
|
51
|
+
`prioritization-call` output cites the tradeoff table (`prior-step`) — the
|
|
52
|
+
call is a function of the tradeoffs surfaced, not a separate judgment made in
|
|
53
|
+
isolation.
|
|
54
|
+
|
|
55
|
+
**acceptance-criteria.** Convert the prioritization call into acceptance
|
|
56
|
+
criteria that are binary pass/fail testable — see `skills/roles/product-manager.md`
|
|
57
|
+
for the anti-pattern of subjective criteria. Each criterion in
|
|
58
|
+
`acceptance-criteria` cites the prioritization call it operationalizes
|
|
59
|
+
(`prior-step`). A criterion nobody can fail to meet is not a criterion.
|
|
60
|
+
|
|
61
|
+
Good output: a value statement naming a specific user and a cited job, a
|
|
62
|
+
tradeoff table naming who bears each cost, a prioritization call that states
|
|
63
|
+
what is deferred and why, and acceptance criteria that could actually fail a
|
|
64
|
+
real build. Bad output: "users want this," an uncited tradeoff, a
|
|
65
|
+
prioritization call with no rejected alternative, or an acceptance criterion
|
|
66
|
+
like "works well."
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: cx-qa-risk-based-coverage
|
|
3
|
+
version: 1
|
|
4
|
+
appliesToRole: qa
|
|
5
|
+
summary: >-
|
|
6
|
+
Walks a test plan from acceptance criteria through risk-based test
|
|
7
|
+
selection to a coverage-gap register that names what could still slip
|
|
8
|
+
through untested.
|
|
9
|
+
steps:
|
|
10
|
+
- id: criteria-to-failure
|
|
11
|
+
move: Ask how each criterion fails
|
|
12
|
+
question: For each acceptance criterion, what test actually fails when the criterion is violated?
|
|
13
|
+
emits: criterion-failure-map
|
|
14
|
+
cites: source
|
|
15
|
+
- id: risk-based-selection
|
|
16
|
+
move: Select tests by risk, not by convenience
|
|
17
|
+
question: Given the blast radius and effort class of the change, which behaviors carry the most risk if untested?
|
|
18
|
+
emits: risk-based-selection
|
|
19
|
+
cites: prior-step
|
|
20
|
+
- id: verdict
|
|
21
|
+
move: Run the selected tests and record the verdict
|
|
22
|
+
question: Did the selected tests pass, and does coverage meet the project threshold?
|
|
23
|
+
emits: verdict
|
|
24
|
+
cites: source
|
|
25
|
+
- id: coverage-gaps
|
|
26
|
+
move: Name what is still untested
|
|
27
|
+
question: Which behaviors have no test, and why were they left out?
|
|
28
|
+
emits: coverage-gaps
|
|
29
|
+
cites: prior-step
|
|
30
|
+
---
|
|
31
|
+
|
|
32
|
+
Run these four moves whenever an implementation reaches QA. Each move
|
|
33
|
+
produces one labeled output; the framework exists to prevent tests that
|
|
34
|
+
prove intent without proving the behavior actually breaks when it should.
|
|
35
|
+
|
|
36
|
+
**criteria-to-failure.** For every acceptance criterion in the incoming
|
|
37
|
+
implementation or PRD, name the specific test that would fail if the
|
|
38
|
+
criterion were violated. `criterion-failure-map` cites the acceptance
|
|
39
|
+
criteria and the test name/assertion that covers it — a criterion with no
|
|
40
|
+
corresponding failing test is not yet covered, regardless of what the
|
|
41
|
+
overall suite reports.
|
|
42
|
+
|
|
43
|
+
**risk-based-selection.** Using the engineer's effort class and blast radius
|
|
44
|
+
(when supplied), prioritize test effort toward the behaviors most likely to
|
|
45
|
+
break in integration, not toward the easiest tests to write.
|
|
46
|
+
`risk-based-selection` cites the criterion-failure map (`prior-step`): the
|
|
47
|
+
selection is derived from where failure is most likely and most costly, not
|
|
48
|
+
from convention or convenience.
|
|
49
|
+
|
|
50
|
+
**verdict.** Execute the selected tests and record PASS or FAIL, plus
|
|
51
|
+
coverage against the project threshold. `verdict` cites the test name and
|
|
52
|
+
run log line (or the coverage report) that produced the result — never an
|
|
53
|
+
estimated or assumed outcome. If the report isn't available, the verdict is
|
|
54
|
+
`unknown`.
|
|
55
|
+
|
|
56
|
+
**coverage-gaps.** Name every behavior that has no test yet, and state why
|
|
57
|
+
it was left out (out of scope, deferred, no reproducible case yet).
|
|
58
|
+
`coverage-gaps` cites the risk-based selection (`prior-step`): a gap is a
|
|
59
|
+
behavior that risk-based-selection identified as worth testing but that
|
|
60
|
+
did not make it into this pass, or a behavior the selection process missed
|
|
61
|
+
entirely and is now being surfaced.
|
|
62
|
+
|
|
63
|
+
Good output: a criterion-failure map where every criterion names a specific
|
|
64
|
+
failing test, a risk-based selection that explains why the riskiest
|
|
65
|
+
behaviors were tested first, a verdict citing an actual run or report, and a
|
|
66
|
+
coverage-gaps list that names specific untested behaviors with a reason.
|
|
67
|
+
Bad output: a test suite that mocks the behavior under test into
|
|
68
|
+
meaninglessness, a verdict asserted without a citation, or "coverage looks
|
|
69
|
+
good" with no gaps named.
|
|
@@ -5,10 +5,7 @@
|
|
|
5
5
|
"roles": [
|
|
6
6
|
"architect",
|
|
7
7
|
"engineer",
|
|
8
|
-
"debugger"
|
|
9
|
-
"ai-engineer",
|
|
10
|
-
"data-engineer",
|
|
11
|
-
"platform-engineer"
|
|
8
|
+
"debugger"
|
|
12
9
|
],
|
|
13
10
|
"decisionRights": [
|
|
14
11
|
"architecture",
|
|
@@ -23,10 +20,9 @@
|
|
|
23
20
|
],
|
|
24
21
|
"escalationPath": [
|
|
25
22
|
"architect",
|
|
26
|
-
"rd-lead",
|
|
27
23
|
"orchestrator"
|
|
28
24
|
],
|
|
29
|
-
"charter": "Design, build, and harden the system. Owns architecture decisions, technology choices, code quality, debugging
|
|
25
|
+
"charter": "Design, build, and harden the system. Owns architecture decisions, technology choices, code quality, and debugging. AI integration, data pipelines, and platform/infra tooling are cx-engineer skill bundles rather than separate specialists (ai-engineer, data-engineer, platform-engineer folded in; construct-rf26.11), and cx-architect absorbs the pre-architecture framing-gate function rd-lead previously owned. Does not own product framing, user research direction, or release timing.",
|
|
30
26
|
"contact": {
|
|
31
27
|
"slack": "#engineering",
|
|
32
28
|
"email": "engineering@example.com",
|
|
@@ -3,8 +3,7 @@
|
|
|
3
3
|
"name": "Governance Group",
|
|
4
4
|
"owner": "security",
|
|
5
5
|
"roles": [
|
|
6
|
-
"security"
|
|
7
|
-
"legal-compliance"
|
|
6
|
+
"security"
|
|
8
7
|
],
|
|
9
8
|
"decisionRights": [
|
|
10
9
|
"security-approval",
|
|
@@ -22,7 +21,7 @@
|
|
|
22
21
|
"architect",
|
|
23
22
|
"orchestrator"
|
|
24
23
|
],
|
|
25
|
-
"charter": "Keep the system safe to operate and inside its legal envelope. Owns security review, compliance verification, risk assessment, and the audit trail. Does not own implementation or product decisions but can block deployments that violate policy. Escalates policy conflicts to orchestrator.",
|
|
24
|
+
"charter": "Keep the system safe to operate and inside its legal envelope. Owns security review, compliance verification (legal-compliance folded in; construct-rf26.11), risk assessment, and the audit trail. Does not own implementation or product decisions but can block deployments that violate policy. Escalates policy conflicts to orchestrator.",
|
|
26
25
|
"contact": {
|
|
27
26
|
"slack": "#governance",
|
|
28
27
|
"email": "governance@example.com",
|
|
@@ -1,12 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"id": "operations-group",
|
|
3
3
|
"name": "Operations Group",
|
|
4
|
-
"owner": "
|
|
4
|
+
"owner": "operations",
|
|
5
5
|
"roles": [
|
|
6
|
-
"
|
|
7
|
-
"sre",
|
|
8
|
-
"operations",
|
|
9
|
-
"docs-keeper"
|
|
6
|
+
"operations"
|
|
10
7
|
],
|
|
11
8
|
"decisionRights": [
|
|
12
9
|
"deployment",
|
|
@@ -21,15 +18,15 @@
|
|
|
21
18
|
"security-policy"
|
|
22
19
|
],
|
|
23
20
|
"escalationPath": [
|
|
24
|
-
"
|
|
21
|
+
"operations",
|
|
25
22
|
"architect",
|
|
26
23
|
"orchestrator"
|
|
27
24
|
],
|
|
28
|
-
"charter": "Keep the system running and shipping. Owns release management, SRE response, ops runbooks, documentation upkeep, and deployment execution. Does not own architecture or product decisions. Escalates reliability vs. change-rate conflicts to architecture/leadership.",
|
|
25
|
+
"charter": "Keep the system running and shipping. Owns release management, SRE response, ops runbooks, documentation upkeep, and deployment execution (release-manager, sre, docs-keeper folded in; construct-rf26.11). Does not own architecture or product decisions. Escalates reliability vs. change-rate conflicts to architecture/leadership.",
|
|
29
26
|
"contact": {
|
|
30
27
|
"slack": "#operations",
|
|
31
28
|
"email": "operations@example.com",
|
|
32
|
-
"owner": "
|
|
29
|
+
"owner": "operations"
|
|
33
30
|
},
|
|
34
31
|
"evidence": [
|
|
35
32
|
"AGENTS.md (rnd profile departments section)"
|