@harness-engineering/cli 1.25.4 → 1.25.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agents/skills/claude-code/enforce-architecture/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-api-design/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-architecture-advisor/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-auth/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-code-review/SKILL.md +30 -6
- package/dist/agents/skills/claude-code/harness-database/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-debugging/SKILL.md +38 -6
- package/dist/agents/skills/claude-code/harness-deployment/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-execution/SKILL.md +30 -6
- package/dist/agents/skills/claude-code/harness-planning/SKILL.md +20 -9
- package/dist/agents/skills/claude-code/harness-pre-commit-review/SKILL.md +59 -6
- package/dist/agents/skills/claude-code/harness-refactoring/SKILL.md +28 -7
- package/dist/agents/skills/claude-code/harness-security-scan/SKILL.md +12 -0
- package/dist/agents/skills/claude-code/harness-skill-authoring/SKILL.md +43 -8
- package/dist/agents/skills/claude-code/harness-soundness-review/SKILL.md +59 -7
- package/dist/agents/skills/claude-code/harness-tdd/SKILL.md +21 -0
- package/dist/agents/skills/claude-code/harness-verification/SKILL.md +31 -6
- package/dist/agents/skills/codex/enforce-architecture/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-api-design/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-architecture-advisor/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-auth/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-code-review/SKILL.md +30 -6
- package/dist/agents/skills/codex/harness-database/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-debugging/SKILL.md +38 -6
- package/dist/agents/skills/codex/harness-deployment/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-execution/SKILL.md +30 -6
- package/dist/agents/skills/codex/harness-planning/SKILL.md +20 -9
- package/dist/agents/skills/codex/harness-pre-commit-review/SKILL.md +59 -6
- package/dist/agents/skills/codex/harness-refactoring/SKILL.md +28 -7
- package/dist/agents/skills/codex/harness-security-scan/SKILL.md +12 -0
- package/dist/agents/skills/codex/harness-skill-authoring/SKILL.md +43 -8
- package/dist/agents/skills/codex/harness-soundness-review/SKILL.md +59 -7
- package/dist/agents/skills/codex/harness-tdd/SKILL.md +21 -0
- package/dist/agents/skills/codex/harness-verification/SKILL.md +31 -6
- package/dist/agents/skills/cursor/enforce-architecture/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-api-design/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-architecture-advisor/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-auth/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-code-review/SKILL.md +30 -6
- package/dist/agents/skills/cursor/harness-database/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-debugging/SKILL.md +38 -6
- package/dist/agents/skills/cursor/harness-deployment/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-execution/SKILL.md +30 -6
- package/dist/agents/skills/cursor/harness-planning/SKILL.md +20 -9
- package/dist/agents/skills/cursor/harness-pre-commit-review/SKILL.md +59 -6
- package/dist/agents/skills/cursor/harness-refactoring/SKILL.md +28 -7
- package/dist/agents/skills/cursor/harness-security-scan/SKILL.md +12 -0
- package/dist/agents/skills/cursor/harness-skill-authoring/SKILL.md +43 -8
- package/dist/agents/skills/cursor/harness-soundness-review/SKILL.md +59 -7
- package/dist/agents/skills/cursor/harness-tdd/SKILL.md +21 -0
- package/dist/agents/skills/cursor/harness-verification/SKILL.md +31 -6
- package/dist/agents/skills/gemini-cli/enforce-architecture/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-api-design/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-architecture-advisor/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-auth/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-code-review/SKILL.md +30 -6
- package/dist/agents/skills/gemini-cli/harness-database/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-debugging/SKILL.md +38 -6
- package/dist/agents/skills/gemini-cli/harness-deployment/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-execution/SKILL.md +30 -6
- package/dist/agents/skills/gemini-cli/harness-planning/SKILL.md +20 -9
- package/dist/agents/skills/gemini-cli/harness-pre-commit-review/SKILL.md +59 -6
- package/dist/agents/skills/gemini-cli/harness-refactoring/SKILL.md +28 -7
- package/dist/agents/skills/gemini-cli/harness-security-scan/SKILL.md +12 -0
- package/dist/agents/skills/gemini-cli/harness-skill-authoring/SKILL.md +43 -8
- package/dist/agents/skills/gemini-cli/harness-soundness-review/SKILL.md +59 -7
- package/dist/agents/skills/gemini-cli/harness-tdd/SKILL.md +21 -0
- package/dist/agents/skills/gemini-cli/harness-verification/SKILL.md +31 -6
- package/dist/{agents-md-MCUM4SIZ.js → agents-md-2PYJM2MK.js} +3 -3
- package/dist/{architecture-HNIO6AUX.js → architecture-VCLB7A23.js} +4 -4
- package/dist/{assess-project-6MV5TNY3.js → assess-project-64C6LIKN.js} +1 -1
- package/dist/bin/harness-mcp.js +16 -15
- package/dist/bin/harness.js +27 -115
- package/dist/business-knowledge-6RHYJOB3.js +7 -0
- package/dist/{check-phase-gate-VCBQHQAC.js → check-phase-gate-RT6PGEHY.js} +4 -4
- package/dist/{chunk-MI6MA6OP.js → chunk-42ZZLMYD.js} +169 -118
- package/dist/{chunk-BUYW3SA2.js → chunk-43VBX44J.js} +219 -107
- package/dist/{chunk-UV3BZMGT.js → chunk-4YEBV2FT.js} +2 -2
- package/dist/{chunk-5BQ5BOJL.js → chunk-7BAGSY5Q.js} +1 -1
- package/dist/{chunk-FSNPBT74.js → chunk-BUJOMC3O.js} +1 -1
- package/dist/{chunk-M55DGGF3.js → chunk-CBZECDCW.js} +5 -5
- package/dist/{chunk-XTITAVUR.js → chunk-EY6F2QXW.js} +1 -1
- package/dist/{chunk-6VZQJ5CX.js → chunk-FL6A72LV.js} +1 -1
- package/dist/{chunk-CXJTVICF.js → chunk-JQCS75DY.js} +4 -4
- package/dist/{chunk-WIQA4BSH.js → chunk-JUXFYB2K.js} +1 -1
- package/dist/{chunk-FES2YEQU.js → chunk-KJC4SE7C.js} +9 -9
- package/dist/{chunk-4NK7Z3BP.js → chunk-R2BI5UPK.js} +1 -1
- package/dist/{chunk-2KZAXESR.js → chunk-R7P2FMJT.js} +360 -183
- package/dist/chunk-RC5ZY3EV.js +82 -0
- package/dist/{chunk-K2SON7TI.js → chunk-RDQGCHKD.js} +252 -57
- package/dist/{chunk-EHRZMOQ2.js → chunk-RKZW3FDF.js} +1 -1
- package/dist/{chunk-BOQRTARD.js → chunk-SMY35HJM.js} +1 -1
- package/dist/{chunk-UQZBZINS.js → chunk-SZZ5UQL7.js} +6 -6
- package/dist/{chunk-AT74HEQM.js → chunk-U2OMWI7Z.js} +1 -1
- package/dist/{chunk-P7PANON5.js → chunk-VELT5VAG.js} +1 -1
- package/dist/{chunk-YTP2UDPV.js → chunk-WEOGCL7B.js} +3 -3
- package/dist/{chunk-TYV4EUAD.js → chunk-X2JJ3CPG.js} +8 -8
- package/dist/{chunk-GEEYCQDS.js → chunk-XLO4AXXM.js} +9 -9
- package/dist/{chunk-47N6R2F4.js → chunk-XMEEYMGE.js} +1 -1
- package/dist/{chunk-FIQL2HND.js → chunk-Y5JA4J2M.js} +2 -2
- package/dist/{chunk-F23H3U5U.js → chunk-ZAKUCM7O.js} +2 -2
- package/dist/{ci-workflow-RTM7VVTD.js → ci-workflow-SZL3KVUK.js} +3 -3
- package/dist/{dist-RADHOOXG.js → dist-GRW3X2ZQ.js} +3 -1
- package/dist/{dist-WCSJHQPK.js → dist-T3DGV5UN.js} +16 -2
- package/dist/{docs-UBOGGHTY.js → docs-WDLJORLK.js} +4 -4
- package/dist/{engine-MJJAP5CH.js → engine-2YWYRCKK.js} +3 -3
- package/dist/{entropy-EMSXF2PX.js → entropy-PJGTOORX.js} +3 -3
- package/dist/{feedback-ZLUX72HD.js → feedback-M5KCJKL2.js} +1 -1
- package/dist/{generate-agent-definitions-AWLPJ27C.js → generate-agent-definitions-MFDW6LZT.js} +4 -4
- package/dist/{graph-loader-JHQVQRUS.js → graph-loader-QMKXT454.js} +1 -1
- package/dist/hooks/telemetry-reporter.js +22 -1
- package/dist/index.d.ts +5 -5
- package/dist/index.js +26 -25
- package/dist/{loader-JVSJZSWZ.js → loader-6O52FYHE.js} +3 -3
- package/dist/{mcp-JZ7YB7TD.js → mcp-GGNFWKVC.js} +16 -15
- package/dist/{performance-7AGWJUY4.js → performance-337U5URQ.js} +4 -4
- package/dist/{review-pipeline-ZWVQJTJX.js → review-pipeline-DB5RD4SN.js} +3 -3
- package/dist/{runtime-D6YUQPP2.js → runtime-B74EN2WD.js} +3 -3
- package/dist/{scan-MPJ6JHUY.js → scan-DXQUHGTT.js} +1 -1
- package/dist/{security-JLZUAQYT.js → security-3AYN6FVU.js} +1 -1
- package/dist/{validate-TIIHRPMA.js → validate-35CD7VWN.js} +4 -4
- package/dist/{validate-cross-check-ZOWFA3DB.js → validate-cross-check-LJKXBQYH.js} +3 -3
- package/package.json +5 -5
|
@@ -14,6 +14,14 @@
|
|
|
14
14
|
|
|
15
15
|
## Process
|
|
16
16
|
|
|
17
|
+
### Iron Law
|
|
18
|
+
|
|
19
|
+
**No skill ships without validation passing and test scenarios exercising every discipline section.**
|
|
20
|
+
|
|
21
|
+
A skill that passes happy-path execution but has untested discipline sections (Red Flags, Gates, Rationalizations) is a trap — agents activate it but have no guardrails when they encounter edge cases. Phase 5B is not optional.
|
|
22
|
+
|
|
23
|
+
---
|
|
24
|
+
|
|
17
25
|
### Phase 1: DEFINE — Establish the Skill's Purpose
|
|
18
26
|
|
|
19
27
|
1. **Identify the recurring process.** What does the team do repeatedly? Name it. Describe it in one sentence. This becomes the skill's `description` in `skill.yaml` and the blockquote summary in `SKILL.md`.
|
|
@@ -344,16 +352,29 @@ Use this checklist as a final quality gate before declaring a skill complete.
|
|
|
344
352
|
- Rigid skills include Gates and Escalation sections with specific conditions and consequences
|
|
345
353
|
- The skill can be loaded and run with `harness skill run <name>`
|
|
346
354
|
|
|
355
|
+
## Red Flags
|
|
356
|
+
|
|
357
|
+
| Flag | Corrective Action |
|
|
358
|
+
| ----------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
359
|
+
| "This skill is simple enough to ship without test scenarios" | STOP. Phase 5B exists because untested discipline sections are decoration. If you cannot construct a scenario that triggers each discipline section, the section is too abstract — revise it. |
|
|
360
|
+
| "I'll add the Rationalizations/Gates/Escalation section after the skill is working" | STOP. Discipline sections are required sections. A skill that "works" without guardrails is a trap — agents activate but flounder at edge cases. Write the real content now. |
|
|
361
|
+
| "The skill works, I tested it by running it once" | STOP. A single happy-path run does not test discipline sections. Write scenarios that trigger Red Flags, Gates, and Rationalizations. |
|
|
362
|
+
| `// placeholder for future phases` or `// TODO: add gate conditions` in SKILL.md | STOP. Placeholder sections are stubs. A skill with stub discipline sections passes validation but fails in practice. Write the real content or remove the section entirely. |
|
|
363
|
+
|
|
364
|
+
**Review-never-fixes:** When reviewing or extending an existing skill, identify issues but do not fix them inline. Document findings, propose fixes, and let the skill author decide. Reviewing and editing are separate roles.
|
|
365
|
+
|
|
347
366
|
## Rationalizations to Reject
|
|
348
367
|
|
|
349
|
-
| Rationalization | Reality
|
|
350
|
-
| ----------------------------------------------------------------------- |
|
|
351
|
-
| "This skill is too simple to need all required sections" | Every section exists for a reason. A short section is fine; a missing section means the skill was not fully thought through.
|
|
352
|
-
| "The process section covers it — no need for explicit success criteria" | Process describes what to do. Success criteria describe how to know it worked. They serve different purposes.
|
|
353
|
-
| "Rationalizations to Reject is meta — this skill does not need it" | This section is required for all user-facing skills, including this one. No exceptions.
|
|
354
|
-
| "I will add examples later once the skill is proven" | Examples are a required section. A skill without examples forces the agent to guess at correct behavior. Write at least one example now.
|
|
355
|
-
| "The When to Use section is obvious from the name" | Negative conditions (when NOT to use) prevent misapplication. The skill name conveys nothing about boundary conditions.
|
|
356
|
-
| "The skill works — I tested it by running it once" | A single happy-path run does not test discipline sections. Write scenarios that trigger Red Flags, Gates, and Rationalizations. A skill that passes happy path but fails discipline scenarios is a trap.
|
|
368
|
+
| Rationalization | Reality |
|
|
369
|
+
| ----------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
370
|
+
| "This skill is too simple to need all required sections" | Every section exists for a reason. A short section is fine; a missing section means the skill was not fully thought through. |
|
|
371
|
+
| "The process section covers it — no need for explicit success criteria" | Process describes what to do. Success criteria describe how to know it worked. They serve different purposes. |
|
|
372
|
+
| "Rationalizations to Reject is meta — this skill does not need it" | This section is required for all user-facing skills, including this one. No exceptions. |
|
|
373
|
+
| "I will add examples later once the skill is proven" | Examples are a required section. A skill without examples forces the agent to guess at correct behavior. Write at least one example now. |
|
|
374
|
+
| "The When to Use section is obvious from the name" | Negative conditions (when NOT to use) prevent misapplication. The skill name conveys nothing about boundary conditions. |
|
|
375
|
+
| "The skill works — I tested it by running it once" | A single happy-path run does not test discipline sections. Write scenarios that trigger Red Flags, Gates, and Rationalizations. A skill that passes happy path but fails discipline scenarios is a trap. |
|
|
376
|
+
| "This is an internal skill, so discipline sections are unnecessary" | Agents rationalize skipping steps in internal skills too. Every user-facing skill requires the full discipline stack — no exemptions for internal or simple skills. |
|
|
377
|
+
| "I will copy the Rationalizations from a similar skill and adapt them" | Domain-specific means domain-specific. Copied rationalizations address the source skill's shortcuts, not this skill's. Write fresh entries based on what an agent executing THIS skill would try to skip. |
|
|
357
378
|
|
|
358
379
|
## Examples
|
|
359
380
|
|
|
@@ -471,3 +492,17 @@ Tools: Bash, Read, Glob.
|
|
|
471
492
|
"Rollback to version [X] failed. Current state: [description].
|
|
472
493
|
Manual intervention required."
|
|
473
494
|
```
|
|
495
|
+
|
|
496
|
+
## Gates
|
|
497
|
+
|
|
498
|
+
- **No shipping without validation.** `harness skill validate` must pass with zero errors before declaring a skill complete. Validation failures are not warnings — they are hard stops.
|
|
499
|
+
- **No shipping without test scenarios.** Phase 5B is mandatory. A skill without test scenarios that exercise its discipline sections (Red Flags, Gates, Rationalizations) is not complete, even if validation passes.
|
|
500
|
+
- **No placeholder sections.** Every required section must contain substantive content. A `## Rationalizations to Reject` section with generic entries or a `## Gates` section with no conditions is a stub, not a section.
|
|
501
|
+
- **No skipping negative conditions.** The `## When to Use` section must include both positive (when TO use) and negative (when NOT to use) conditions. Missing negatives cause misapplication.
|
|
502
|
+
|
|
503
|
+
## Escalation
|
|
504
|
+
|
|
505
|
+
- **When you cannot identify domain-specific rationalizations:** The skill's process section is too vague. If you cannot imagine an agent trying to shortcut the process, the process lacks enough prescriptive steps. Revise the process first, then rationalizations will become obvious.
|
|
506
|
+
- **When validation fails on a section you believe is present:** The section heading may not match the expected format exactly. Check for typos, extra whitespace, or wrong heading level.
|
|
507
|
+
- **When the skill spans more than 6 phases:** The skill is doing too much. Propose splitting into two skills with clear handoff points. A skill that tries to cover too many concerns becomes vague in each one.
|
|
508
|
+
- **When you cannot write a test scenario that triggers a Gate:** The Gate condition is too abstract. Revise it to include specific, observable conditions that an agent would encounter.
|
|
@@ -973,15 +973,67 @@ All checks work from document analysis and codebase reads alone. Graph adds prec
|
|
|
973
973
|
7. `harness validate` passes after all files are written
|
|
974
974
|
8. The skill test suite passes (structure, schema, platform-parity, references)
|
|
975
975
|
|
|
976
|
+
## Red Flags
|
|
977
|
+
|
|
978
|
+
| Flag | Corrective Action |
|
|
979
|
+
| ---------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
980
|
+
| "The spec looks internally consistent at a high level" | STOP. S1 requires checking each decision against Technical Design line by line. "High level" consistency misses contradictions in the details. |
|
|
981
|
+
| "This assumption is obvious and doesn't need to be stated" | STOP. S3 exists because unstated assumptions cause the most damage when wrong. If it's obvious, writing it down costs nothing. Skipping it costs debugging time later. |
|
|
982
|
+
| "The finding is minor so I'll auto-fix it without surfacing to the user" | STOP. Only inferrable fixes are auto-fixed. If the fix involves a design choice — even one you think is obvious — surface it. You are not the designer. |
|
|
983
|
+
| `// TODO: add traceability` or `// spec gap — fill later` in spec/plan files | STOP. TODOs in specs are unfinished review. The spec is not converged. Fix the gap or surface it as a finding — do not defer it. |
|
|
984
|
+
|
|
985
|
+
**Review-never-fixes:** Soundness review identifies structural issues in specs and plans. It applies inferrable fixes (formatting, missing links, obvious gaps) but NEVER makes design decisions. If a finding requires judgment, surface it to the user — even if the "right" answer seems obvious. A reviewer who makes design decisions has stopped reviewing and started designing without the authority to do so.
|
|
986
|
+
|
|
987
|
+
## Uncertainty Surfacing
|
|
988
|
+
|
|
989
|
+
When a check produces ambiguous results, classify the ambiguity immediately:
|
|
990
|
+
|
|
991
|
+
- **Blocking:** Cannot determine severity without user input (e.g., S1 finds a potential contradiction that might be intentional). Surface as a finding with `autoFixable: false`.
|
|
992
|
+
- **Assumption:** Can classify if assumption is stated (e.g., "the spec uses 'fast' to mean sub-second, not sub-minute"). Apply the assumption, log it, and continue. If wrong, the convergence loop will catch it.
|
|
993
|
+
- **Deferrable:** Ambiguity does not affect sign-off (e.g., unclear whether a non-goal is worth stating). Note as a suggestion-severity finding.
|
|
994
|
+
|
|
995
|
+
Do not auto-fix ambiguous findings. Ambiguity means you lack context — applying a "fix" without context is guessing.
|
|
996
|
+
|
|
997
|
+
## Rubric Compression
|
|
998
|
+
|
|
999
|
+
Soundness check rubrics used internally MUST use compressed single-line format. Each check is one line with pipe-delimited fields:
|
|
1000
|
+
|
|
1001
|
+
```
|
|
1002
|
+
mode|check-id|severity|criterion
|
|
1003
|
+
```
|
|
1004
|
+
|
|
1005
|
+
**Example (Spec Mode rubric):**
|
|
1006
|
+
|
|
1007
|
+
```
|
|
1008
|
+
spec|S1|error|No contradictions between decisions, technical design, and success criteria
|
|
1009
|
+
spec|S2|warning|Every goal has at least one success criterion; no orphan criteria
|
|
1010
|
+
spec|S3|warning|All implicit assumptions documented in Assumptions section
|
|
1011
|
+
spec|S4|warning|Error/edge cases covered; EARS unwanted-behavior gaps filled
|
|
1012
|
+
spec|S5|error|No references to nonexistent codebase capabilities or incompatible patterns
|
|
1013
|
+
spec|S6|error|No speculative features without requirement traceability
|
|
1014
|
+
spec|S7|warning|All success criteria are observable and measurable with concrete thresholds
|
|
1015
|
+
```
|
|
1016
|
+
|
|
1017
|
+
**Why:** Verbose check descriptions inflate review context without improving check accuracy. Dense single-line rubrics give the same signal in fewer tokens, leaving more budget for actual document analysis.
|
|
1018
|
+
|
|
1019
|
+
**Rules:**
|
|
1020
|
+
|
|
1021
|
+
- Mode prefix must be `spec` or `plan`
|
|
1022
|
+
- Check ID must match the defined check IDs (S1-S7, P1-P7)
|
|
1023
|
+
- Severity must be `error` or `warning`
|
|
1024
|
+
- Maximum 80 characters per criterion text
|
|
1025
|
+
|
|
976
1026
|
## Rationalizations to Reject
|
|
977
1027
|
|
|
978
|
-
| Rationalization | Reality
|
|
979
|
-
| -------------------------------------------------------------------------------------------------------- |
|
|
980
|
-
| "The spec looks coherent to me, so I can skip running the S1 internal coherence check" | Every check in the mode must run. S1 detects contradictions that human review frequently misses.
|
|
981
|
-
| "This unstated assumption is obvious, so documenting it would be pedantic" | S3 exists because "obvious" assumptions cause the most damage when wrong. Cheapest to document, most expensive to miss.
|
|
982
|
-
| "The success criterion is somewhat vague but the team will know what it means" | S7 flags vague criteria like "should be fast" because they are untestable. Vague criteria survive brainstorming only to fail at verification.
|
|
983
|
-
| "This auto-fixable finding is minor, so I will just note it rather than applying the fix" | Auto-fixable findings should be applied silently — that is the design intent. Skipping them ships known inferrable gaps.
|
|
984
|
-
| "The feasibility check found a signature mismatch but the code can probably be adapted during execution" | S5 red flags are always severity "error" and always surfaced. A spec referencing nonexistent modules produces a broken plan.
|
|
1028
|
+
| Rationalization | Reality |
|
|
1029
|
+
| -------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ |
|
|
1030
|
+
| "The spec looks coherent to me, so I can skip running the S1 internal coherence check" | Every check in the mode must run. S1 detects contradictions that human review frequently misses. |
|
|
1031
|
+
| "This unstated assumption is obvious, so documenting it would be pedantic" | S3 exists because "obvious" assumptions cause the most damage when wrong. Cheapest to document, most expensive to miss. |
|
|
1032
|
+
| "The success criterion is somewhat vague but the team will know what it means" | S7 flags vague criteria like "should be fast" because they are untestable. Vague criteria survive brainstorming only to fail at verification. |
|
|
1033
|
+
| "This auto-fixable finding is minor, so I will just note it rather than applying the fix" | Auto-fixable findings should be applied silently — that is the design intent. Skipping them ships known inferrable gaps. |
|
|
1034
|
+
| "The feasibility check found a signature mismatch but the code can probably be adapted during execution" | S5 red flags are always severity "error" and always surfaced. A spec referencing nonexistent modules produces a broken plan. |
|
|
1035
|
+
| "The convergence loop is taking too long, so I will skip the re-check and declare converged" | Convergence requires the issue count to stop decreasing. Declaring convergence without a re-check is falsifying the exit condition. |
|
|
1036
|
+
| "This spec is well-written enough that a soundness review would not find anything" | Every spec gets a soundness review. Well-written specs still have unstated assumptions (S3) and vague criteria (S7). The review is not optional. |
|
|
985
1037
|
|
|
986
1038
|
## Examples
|
|
987
1039
|
|
|
@@ -85,6 +85,16 @@ harness scan [path]
|
|
|
85
85
|
|
|
86
86
|
Skipping this step means subsequent graph queries (impact analysis, dependency health, test advisor) may return stale results.
|
|
87
87
|
|
|
88
|
+
### Uncertainty Surfacing
|
|
89
|
+
|
|
90
|
+
When you encounter an unknown during a RED-GREEN-REFACTOR cycle, classify it immediately:
|
|
91
|
+
|
|
92
|
+
- **Blocking:** Cannot write a meaningful test without resolving this (e.g., unclear expected behavior). STOP and surface to human with options.
|
|
93
|
+
- **Assumption:** Can write the test if assumption is stated explicitly (e.g., "input is always non-null"). Document the assumption in a test comment and continue. If the assumption proves wrong, the test must be revised.
|
|
94
|
+
- **Deferrable:** Does not affect the current cycle (e.g., performance characteristics). Record for a future cycle.
|
|
95
|
+
|
|
96
|
+
Do not bury unknowns in test code. An unstated assumption in a test is a test that passes for the wrong reason.
|
|
97
|
+
|
|
88
98
|
### Cycle Rhythm
|
|
89
99
|
|
|
90
100
|
Repeat the 4 phases for each new behavior. A typical feature requires 3-10 cycles. Each cycle should take 2-15 minutes. If a cycle takes longer than 15 minutes, the step is too large — break it down.
|
|
@@ -122,6 +132,8 @@ Repeat the 4 phases for each new behavior. A typical feature requires 3-10 cycle
|
|
|
122
132
|
| "The test passed on the first run, so TDD is working" | If the test passed without implementing the production code, either the behavior already exists or the test is wrong. You must watch the test FAIL for the right reason before proceeding to GREEN. |
|
|
123
133
|
| "I will test multiple behaviors in this one test to be efficient" | One test, one assertion, one behavior. Multi-behavior tests make it impossible to pinpoint which behavior broke when the test fails. |
|
|
124
134
|
| "Harness validate can wait until the end of the feature since it slows down the cycle" | No skipping VALIDATE. Every cycle must end with harness check-deps and harness validate. A passing test with a failing validation means the implementation violated a project constraint. |
|
|
135
|
+
| "This edge case is unlikely, so I will skip writing a test for it" | If the edge case can happen, it needs a test. Unlikely is not impossible. The test is cheap; the production bug is expensive. |
|
|
136
|
+
| "The existing tests cover this behavior implicitly, so no new test is needed" | Implicit coverage is not TDD. If you cannot point to a specific test that asserts the specific behavior, write one. Implicit coverage breaks silently when the implying test changes. |
|
|
125
137
|
|
|
126
138
|
## Examples
|
|
127
139
|
|
|
@@ -166,6 +178,15 @@ git commit -m "feat(cart): calculate total from item price and quantity"
|
|
|
166
178
|
|
|
167
179
|
**Next cycle (RED):** Write a test for empty array input. Watch it fail (or pass — if it passes, the behavior is already handled). Continue.
|
|
168
180
|
|
|
181
|
+
## Red Flags
|
|
182
|
+
|
|
183
|
+
| Flag | Corrective Action |
|
|
184
|
+
| ----------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
185
|
+
| "I'll write the test after since I know what the code should do" | STOP. Test-after is not TDD. Delete the production code, write the test, watch it fail. |
|
|
186
|
+
| "The test is trivial/obvious so I don't need to watch it fail" | STOP. Observing failure proves the test catches the defect. A test you haven't seen fail might pass for the wrong reason. |
|
|
187
|
+
| "I'll batch these small tests together to save time" | STOP. Each RED-GREEN-REFACTOR cycle is atomic. Batching obscures which behavior broke when a test fails. |
|
|
188
|
+
| `// removed old validation` or `// TODO: re-add error handling` replacing functional code | STOP. Code-to-comment replacement is deletion with a fig leaf. Either keep the code or delete it cleanly with a test proving it is unnecessary. |
|
|
189
|
+
|
|
169
190
|
## Gates
|
|
170
191
|
|
|
171
192
|
These are hard stops. Violating any gate means the process has broken down.
|
|
@@ -43,6 +43,20 @@ When no arguments are provided (standalone invocation), session slug is unknown
|
|
|
43
43
|
|
|
44
44
|
---
|
|
45
45
|
|
|
46
|
+
### Uncertainty Surfacing
|
|
47
|
+
|
|
48
|
+
When you encounter an unknown during verification, classify it immediately:
|
|
49
|
+
|
|
50
|
+
- **Blocking:** Cannot determine pass/fail without resolving this (e.g., spec does not define expected behavior for a scenario, cannot run tests due to missing dependency). STOP and escalate.
|
|
51
|
+
- **Assumption:** Can verify if assumption is stated (e.g., "this module is internal-only so WIRED check against external consumers is not applicable"). Document the assumption in the report. If wrong, verification must be re-run.
|
|
52
|
+
- **Deferrable:** Does not affect current verification (e.g., whether additional test coverage would be beneficial). Note in report as an observation.
|
|
53
|
+
|
|
54
|
+
Do not mark PASS with unstated assumptions. An assumption-laden PASS is a false positive.
|
|
55
|
+
|
|
56
|
+
**Review-never-fixes:** Verification identifies gaps. Verification never fills them. If you find a stub, missing test, or unwired artifact, record it as a FAIL with evidence. Do not implement the fix — that is the executor's job. A verifier who fixes is no longer verifying independently.
|
|
57
|
+
|
|
58
|
+
---
|
|
59
|
+
|
|
46
60
|
### Context Loading
|
|
47
61
|
|
|
48
62
|
Before running verification levels, load session context:
|
|
@@ -284,6 +298,15 @@ L2|real-logic|Functions contain meaningful logic, not just hardcoded returns
|
|
|
284
298
|
- Maximum 80 characters per criterion text
|
|
285
299
|
- Rubric entries are guidance — the verification levels define the authoritative checks
|
|
286
300
|
|
|
301
|
+
## Red Flags
|
|
302
|
+
|
|
303
|
+
| Flag | Corrective Action |
|
|
304
|
+
| ---------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
305
|
+
| "Tests passed earlier, so I just need to check the files exist" | STOP. Iron Law: fresh evidence in THIS session. "Earlier" is cached — run the checks now. |
|
|
306
|
+
| "The implementation looks substantive at a glance" | STOP. Level 2 requires thorough reading, not glancing. Stubs designed to look real (e.g., functions with only a log statement) are the whole reason L2 exists. |
|
|
307
|
+
| "The artifact is exported so it must be wired" | STOP. Export without import is dead code. Trace the actual usage chain: import, call, test, pass. "Must be" is not evidence. |
|
|
308
|
+
| `// stubbed for now` or `// implementation pending` in production code | STOP. These are Level 2 failures. Do not proceed to Level 3. Do not fix them yourself — record as FAIL and report. |
|
|
309
|
+
|
|
287
310
|
## Non-Determinism Tolerance
|
|
288
311
|
|
|
289
312
|
Mechanical checks (tests, lint, types) are binary pass/fail. No tolerance.
|
|
@@ -292,12 +315,14 @@ For behavioral verification (convention adherence, style guides), accept thresho
|
|
|
292
315
|
|
|
293
316
|
## Rationalizations to Reject
|
|
294
317
|
|
|
295
|
-
| Rationalization
|
|
296
|
-
|
|
|
297
|
-
| "Tests passed earlier, no need to re-run"
|
|
298
|
-
| "File exists and has code, skip thorough read for Level 2"
|
|
299
|
-
| "Artifact is imported by a test file, so passes Level 3"
|
|
300
|
-
| "Verification report probably looks fine from memory"
|
|
318
|
+
| Rationalization | Reality |
|
|
319
|
+
| ----------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
320
|
+
| "Tests passed earlier, no need to re-run" | Iron Law forbids cached results. All evidence must be fresh in THIS session. |
|
|
321
|
+
| "File exists and has code, skip thorough read for Level 2" | Level 2 requires thorough reading. Scanning for TODO, throw Error, empty functions catches stubs that look real. |
|
|
322
|
+
| "Artifact is imported by a test file, so passes Level 3" | Import is necessary but not sufficient. Test must assert on behavior and not be skipped. |
|
|
323
|
+
| "Verification report probably looks fine from memory" | "Should", "probably", "seems to", "I believe" are forbidden. Replace with "verified: [evidence]" or "not verified: [missing]." |
|
|
324
|
+
| "I found a stub so I'll quickly implement it to make verification pass" | Verification identifies gaps — verification never fills them. Record the stub as a FAIL. The executor fixes it. A verifier who implements is no longer independent. |
|
|
325
|
+
| "The spec only mentions 3 behaviors but I'll verify 5 to be thorough" | Verify what the spec requires, not what you think it should require. Extra verification against unstated requirements conflates verification with spec review. |
|
|
301
326
|
|
|
302
327
|
## Examples
|
|
303
328
|
|
|
@@ -272,6 +272,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
|
|
|
272
272
|
|
|
273
273
|
## Rationalizations to Reject
|
|
274
274
|
|
|
275
|
+
### Universal
|
|
276
|
+
|
|
277
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
278
|
+
|
|
279
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
280
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
281
|
+
confirm it applies to this codebase.
|
|
282
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
283
|
+
with a concrete follow-up plan.
|
|
284
|
+
|
|
285
|
+
### Domain-Specific
|
|
286
|
+
|
|
275
287
|
| Rationalization | Reality |
|
|
276
288
|
| ------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------ |
|
|
277
289
|
| "The violation is minor — just one import" | One violation sets a precedent. Enforce the constraint or document an explicit exception with rationale. |
|
|
@@ -332,6 +332,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
|
|
|
332
332
|
|
|
333
333
|
## Rationalizations to Reject
|
|
334
334
|
|
|
335
|
+
### Universal
|
|
336
|
+
|
|
337
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
338
|
+
|
|
339
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
340
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
341
|
+
confirm it applies to this codebase.
|
|
342
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
343
|
+
with a concrete follow-up plan.
|
|
344
|
+
|
|
345
|
+
### Domain-Specific
|
|
346
|
+
|
|
335
347
|
| Rationalization | Reality |
|
|
336
348
|
| ------------------------------------------------- | --------------------------------------------------------------------------------------------------------- |
|
|
337
349
|
| "It's an internal API, breaking changes are fine" | Internal consumers break too. Version the change or coordinate the migration explicitly. |
|
|
@@ -312,6 +312,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
|
|
|
312
312
|
|
|
313
313
|
## Rationalizations to Reject
|
|
314
314
|
|
|
315
|
+
### Universal
|
|
316
|
+
|
|
317
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
318
|
+
|
|
319
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
320
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
321
|
+
confirm it applies to this codebase.
|
|
322
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
323
|
+
with a concrete follow-up plan.
|
|
324
|
+
|
|
325
|
+
### Domain-Specific
|
|
326
|
+
|
|
315
327
|
| Rationalization | Reality |
|
|
316
328
|
| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
317
329
|
| "This will be easier to maintain" | Easier for whom, and compared to what? Cite the maintenance burden with evidence from the codebase. |
|
|
@@ -307,6 +307,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
|
|
|
307
307
|
|
|
308
308
|
## Rationalizations to Reject
|
|
309
309
|
|
|
310
|
+
### Universal
|
|
311
|
+
|
|
312
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
313
|
+
|
|
314
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
315
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
316
|
+
confirm it applies to this codebase.
|
|
317
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
318
|
+
with a concrete follow-up plan.
|
|
319
|
+
|
|
320
|
+
### Domain-Specific
|
|
321
|
+
|
|
310
322
|
| Rationalization | Reality |
|
|
311
323
|
| -------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
|
|
312
324
|
| "No one would guess this token format" | Security by obscurity. Tokens must be cryptographically secure regardless of format predictability. |
|
|
@@ -603,6 +603,16 @@ compliance|naming|suggestion|Names follow project conventions (check AGENTS.md o
|
|
|
603
603
|
- **`filterByRelevance`** — Phase 3 learnings scoring. Threshold 0.7, budget 1000 tokens.
|
|
604
604
|
- **Session directory** — `.harness/sessions/<slug>/` contains `handoff.json`, `state.json`, `artifacts.json` (spec/plan paths, reviewed file list). Write handoff to session scope when slug is known. Global `.harness/handoff.json` is deprecated for session-aware invocations.
|
|
605
605
|
|
|
606
|
+
## Uncertainty Surfacing
|
|
607
|
+
|
|
608
|
+
When a review subagent encounters ambiguity during analysis, classify it immediately:
|
|
609
|
+
|
|
610
|
+
- **Blocking:** Cannot determine severity without more context (e.g., unclear whether a pattern is intentional or accidental). Surface as a finding with severity `suggestion` and rationale explaining the ambiguity. Do not guess.
|
|
611
|
+
- **Assumption:** Can classify if assumption is stated (e.g., "assuming this endpoint is internal-only, the missing auth check is acceptable"). State the assumption in the finding. If wrong, the finding severity changes.
|
|
612
|
+
- **Deferrable:** Ambiguity does not affect the review (e.g., whether a naming choice will cause confusion in the future). Omit from findings — it is noise.
|
|
613
|
+
|
|
614
|
+
Do not suppress ambiguous findings. An ambiguous finding surfaced as a question is more valuable than a confident finding built on a wrong assumption.
|
|
615
|
+
|
|
606
616
|
## Success Criteria
|
|
607
617
|
|
|
608
618
|
- Pipeline runs all 7 phases in order (skipping GATE without `--ci`)
|
|
@@ -696,12 +706,26 @@ compliance|naming|suggestion|Names follow project conventions (check AGENTS.md o
|
|
|
696
706
|
|
|
697
707
|
## Rationalizations to Reject
|
|
698
708
|
|
|
699
|
-
|
|
700
|
-
|
|
701
|
-
|
|
702
|
-
|
|
703
|
-
|
|
704
|
-
|
|
709
|
+
### Universal
|
|
710
|
+
|
|
711
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
712
|
+
|
|
713
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
714
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
715
|
+
confirm it applies to this codebase.
|
|
716
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
717
|
+
with a concrete follow-up plan.
|
|
718
|
+
|
|
719
|
+
### Domain-Specific
|
|
720
|
+
|
|
721
|
+
| Rationalization | Reality |
|
|
722
|
+
| --------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
|
723
|
+
| "The tests pass, so the logic must be correct" | Tests can be incomplete. Review the logic independently of test results. |
|
|
724
|
+
| "This is how it was done elsewhere in the codebase" | Existing patterns can be wrong. Evaluate the pattern on its merits, not just its precedent. |
|
|
725
|
+
| "It's just a refactor, low risk" | Refactors change behavior surfaces. Review them with the same rigor as feature changes. |
|
|
726
|
+
| "The fix is trivial, I'll just apply it inline" | Trivial fixes still skip review when applied by the reviewer. Suggest the fix; let the author apply and re-review. Iron Law. |
|
|
727
|
+
| "The diff is small so I can approve without reading every file" | Small diffs can contain critical bugs. Read every changed file completely — size does not correlate with risk. A one-line auth bypass is a small diff. |
|
|
728
|
+
| "The author is experienced, so I can be less thorough" | Review rigor is based on the code, not the author. Experienced authors make mistakes too. Apply the same checklist regardless of who wrote it. |
|
|
705
729
|
|
|
706
730
|
## Escalation
|
|
707
731
|
|
|
@@ -286,6 +286,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
|
|
|
286
286
|
|
|
287
287
|
## Rationalizations to Reject
|
|
288
288
|
|
|
289
|
+
### Universal
|
|
290
|
+
|
|
291
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
292
|
+
|
|
293
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
294
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
295
|
+
confirm it applies to this codebase.
|
|
296
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
297
|
+
with a concrete follow-up plan.
|
|
298
|
+
|
|
299
|
+
### Domain-Specific
|
|
300
|
+
|
|
289
301
|
| Rationalization | Reality |
|
|
290
302
|
| -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- |
|
|
291
303
|
| "The table is small, we don't need an index" | Tables grow. Plan for the steady state, not the current row count. |
|
|
@@ -15,6 +15,14 @@
|
|
|
15
15
|
|
|
16
16
|
## Process
|
|
17
17
|
|
|
18
|
+
### Iron Law
|
|
19
|
+
|
|
20
|
+
**Phase 1 INVESTIGATE before ANY fix. No exceptions.**
|
|
21
|
+
|
|
22
|
+
If you find yourself writing fix code before completing investigation, STOP. Delete the fix. You are guessing, not debugging. A fix without investigation is a coin flip that creates the illusion of progress.
|
|
23
|
+
|
|
24
|
+
---
|
|
25
|
+
|
|
18
26
|
### Prerequisite: Start a Debug Session
|
|
19
27
|
|
|
20
28
|
Before beginning, create a persistent debug session. This survives context resets and tracks state across multiple attempts.
|
|
@@ -53,6 +61,8 @@ Error: <the error message or symptom>
|
|
|
53
61
|
|
|
54
62
|
**You must complete Phase 1 before writing ANY fix code. No exceptions.**
|
|
55
63
|
|
|
64
|
+
**Read-only constraint:** Phase 1 is investigation only. You may read files, run commands, add log statements, and record observations. You may NOT write production code fixes, modify business logic, or commit changes during investigation. If you find yourself writing a fix, you have jumped to Phase 4.
|
|
65
|
+
|
|
56
66
|
#### Step 1: Run Entropy Analysis
|
|
57
67
|
|
|
58
68
|
```bash
|
|
@@ -115,6 +125,16 @@ Update the session status to `investigating`.
|
|
|
115
125
|
|
|
116
126
|
---
|
|
117
127
|
|
|
128
|
+
### Uncertainty Surfacing
|
|
129
|
+
|
|
130
|
+
When you encounter an unknown during investigation or analysis, classify it immediately:
|
|
131
|
+
|
|
132
|
+
- **Blocking:** Cannot form a testable hypothesis without resolving this (e.g., cannot reproduce the bug, unclear what "correct" behavior is). STOP and escalate to human.
|
|
133
|
+
- **Assumption:** Can proceed with a stated assumption (e.g., "the database schema has not changed since last deployment"). Document in the session log. If wrong, hypotheses built on it are invalid.
|
|
134
|
+
- **Deferrable:** Does not affect the current investigation (e.g., whether other code paths have similar issues). Note in session log for follow-up.
|
|
135
|
+
|
|
136
|
+
Do not bury unknowns. An unstated assumption in your investigation leads to fixes that address the wrong root cause.
|
|
137
|
+
|
|
118
138
|
### Phase 2: ANALYZE — Find the Pattern
|
|
119
139
|
|
|
120
140
|
#### Step 1: Find Working Examples
|
|
@@ -298,14 +318,25 @@ Update the session status to `resolved`.
|
|
|
298
318
|
- Debug session file is complete with investigation log, hypotheses, and resolution
|
|
299
319
|
- Learnings were captured for future reference
|
|
300
320
|
|
|
321
|
+
## Red Flags
|
|
322
|
+
|
|
323
|
+
| Flag | Corrective Action |
|
|
324
|
+
| ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
325
|
+
| "It's probably X, let me just fix that" | STOP. "Probably" is a guess, not a diagnosis. Complete Phase 1 INVESTIGATE before writing any fix code. |
|
|
326
|
+
| "I'll change a few things and see if the bug goes away" | STOP. One variable at a time. Multiple simultaneous changes mean you cannot determine which one had the effect — or whether you introduced a new bug. |
|
|
327
|
+
| "One more fix attempt before I escalate" after 2 failed attempts | STOP. Three failed attempts means your mental model is wrong. Step back, re-read the investigation log, and question your assumptions about how the system works. |
|
|
328
|
+
| `// temporary workaround` or `// TODO: real fix later` replacing root-cause fix | STOP. Workarounds are symptom suppression. The root cause remains. Fix it properly or escalate — do not commit workarounds disguised as fixes. |
|
|
329
|
+
|
|
301
330
|
## Rationalizations to Reject
|
|
302
331
|
|
|
303
|
-
| Rationalization | Reality
|
|
304
|
-
| --------------------------------------------------------------------------------- |
|
|
305
|
-
| "I have a strong hunch about what is wrong, so I will jump straight to fixing it" | Phase 1 INVESTIGATE must be completed before ANY fix code is written. You are guessing, not debugging.
|
|
306
|
-
| "I changed two things and the bug is gone, so the fix must be correct" | One variable at a time is a gate. Changing multiple things simultaneously means you do not know which change fixed it.
|
|
307
|
-
| "This is my third attempt but I feel close, so one more try before escalating" | After 3 failed fix attempts, the gate requires you to question the architecture. The problem is likely not where you think it is.
|
|
308
|
-
| "A try-catch that swallows the error prevents the crash, so the bug is fixed" | Symptom suppression is explicitly listed as a bad fix. Wrapping the failure in a try-catch addresses what the bug did, not why it happened.
|
|
332
|
+
| Rationalization | Reality |
|
|
333
|
+
| --------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
334
|
+
| "I have a strong hunch about what is wrong, so I will jump straight to fixing it" | Phase 1 INVESTIGATE must be completed before ANY fix code is written. You are guessing, not debugging. |
|
|
335
|
+
| "I changed two things and the bug is gone, so the fix must be correct" | One variable at a time is a gate. Changing multiple things simultaneously means you do not know which change fixed it. |
|
|
336
|
+
| "This is my third attempt but I feel close, so one more try before escalating" | After 3 failed fix attempts, the gate requires you to question the architecture. The problem is likely not where you think it is. |
|
|
337
|
+
| "A try-catch that swallows the error prevents the crash, so the bug is fixed" | Symptom suppression is explicitly listed as a bad fix. Wrapping the failure in a try-catch addresses what the bug did, not why it happened. |
|
|
338
|
+
| "The bug only happens in edge cases, so a partial fix is acceptable" | A partial fix means the bug still exists. Either fix the root cause completely or document the remaining scenarios as known issues with tracked tickets. |
|
|
339
|
+
| "I can skip the regression test since I understand the root cause well" | Understanding the root cause and proving the fix catches it are different things. The revert-and-fail test is mandatory — it is the only proof the test actually guards against the bug. |
|
|
309
340
|
|
|
310
341
|
## Examples
|
|
311
342
|
|
|
@@ -359,6 +390,7 @@ Revert test: Commenting out the validation check causes the test to fail with 50
|
|
|
359
390
|
|
|
360
391
|
## Gates
|
|
361
392
|
|
|
393
|
+
- **Investigation phases are read-only.** Phase 1 and Phase 2 produce understanding, not code. Reading files, running commands, and adding diagnostic log statements are allowed. Writing production code fixes is not. If you find yourself writing a fix during investigation, you have skipped ahead.
|
|
362
394
|
- **Phase 1 before ANY fix.** You must complete investigation before writing fix code. Skipping investigation leads to symptom-chasing, which leads to more bugs.
|
|
363
395
|
- **One variable at a time.** Changing multiple things simultaneously is forbidden. If you changed two things and the bug is fixed, you do not know which change fixed it (or if the other change introduced a new bug).
|
|
364
396
|
- **After 3 failed fix attempts, question the architecture.** If three consecutive hypotheses were wrong or three fixes did not resolve the issue, the problem is likely not where you think it is. Step back. Re-read the investigation log. Consider that the bug might be in a different layer entirely.
|
|
@@ -283,6 +283,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
|
|
|
283
283
|
|
|
284
284
|
## Rationalizations to Reject
|
|
285
285
|
|
|
286
|
+
### Universal
|
|
287
|
+
|
|
288
|
+
These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
|
|
289
|
+
|
|
290
|
+
- **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
|
|
291
|
+
- **"This is best practice"** — Best practice in what context? Cite the source and
|
|
292
|
+
confirm it applies to this codebase.
|
|
293
|
+
- **"We can fix it later"** — If it is worth flagging, it is worth documenting now
|
|
294
|
+
with a concrete follow-up plan.
|
|
295
|
+
|
|
296
|
+
### Domain-Specific
|
|
297
|
+
|
|
286
298
|
| Rationalization | Reality |
|
|
287
299
|
| ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
|
|
288
300
|
| "It's just a config change, not a code change" | Config changes cause outages at the same rate as code changes. Deploy them with the same rigor and rollback strategy. |
|
|
@@ -76,6 +76,18 @@ Fall back to file-based commands if no graph is available.
|
|
|
76
76
|
|
|
77
77
|
---
|
|
78
78
|
|
|
79
|
+
### Uncertainty Surfacing
|
|
80
|
+
|
|
81
|
+
When you encounter an unknown during task execution, classify it immediately:
|
|
82
|
+
|
|
83
|
+
- **Blocking:** Cannot complete the task as written without resolving this (e.g., referenced file doesn't exist, spec behavior undefined for this scenario). STOP. Record as a blocker and report.
|
|
84
|
+
- **Assumption:** Can proceed if assumption is stated (e.g., "the API returns JSON, not XML"). Document the assumption in the commit message. If wrong, the task must be revisited.
|
|
85
|
+
- **Deferrable:** Does not affect the current task (e.g., whether a later task will need a different approach). Note in learnings for future tasks.
|
|
86
|
+
|
|
87
|
+
Do not improvise past unknowns. An assumption that turns out wrong is cheaper than an improvised solution that hides the unknown.
|
|
88
|
+
|
|
89
|
+
**Read-only constraint for Phase 1:** Phase 1 PREPARE is research and state loading. Do not write production code, create files, or make commits during PREPARE. If prerequisites fail, report the failure — do not attempt to fix prerequisites yourself.
|
|
90
|
+
|
|
79
91
|
### Phase 2: EXECUTE — Implement Tasks Atomically
|
|
80
92
|
|
|
81
93
|
Report progress with: `**[Phase N/M]** Task N — <description>`
|
|
@@ -329,14 +341,25 @@ Claims about task completion, test results, or code behavior MUST cite evidence:
|
|
|
329
341
|
- No improvisation: tasks executed as written, or stopped with blocker reported
|
|
330
342
|
- All stopping conditions respected
|
|
331
343
|
|
|
344
|
+
## Red Flags
|
|
345
|
+
|
|
346
|
+
| Flag | Corrective Action |
|
|
347
|
+
| ---------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
|
|
348
|
+
| "The plan says X but Y would be cleaner — I'll improvise" | STOP. Iron Law: execute the plan as written. If the plan is wrong, stop and fix the plan. Improvising introduces untested assumptions. |
|
|
349
|
+
| "I'll skip the test for this task since it's just configuration" | STOP. The TDD rhythm is not optional. Configuration changes need tests too — they prove the config does what the task requires. |
|
|
350
|
+
| "I'll handle this edge case the plan didn't mention" | STOP. Unplanned work is scope creep. If the edge case matters, it's a plan deficiency — record it as a blocker. |
|
|
351
|
+
| `// TODO: come back to this` or `// skipped for now` in committed code | STOP. Every commit must be atomic and complete for its task. TODOs in committed code are incomplete tasks disguised as progress. |
|
|
352
|
+
|
|
332
353
|
## Rationalizations to Reject
|
|
333
354
|
|
|
334
|
-
| Rationalization | Reality
|
|
335
|
-
| -------------------------------------------------------------------------------------------------------------- |
|
|
336
|
-
| "The plan says to do X, but doing Y would be cleaner -- I will improvise" | The Iron Law states: execute the plan as written. If the plan is wrong, stop and fix the plan. Improvising mid-execution introduces untested assumptions.
|
|
337
|
-
| "This task depends on Task 3 which I know is done, so I can skip verifying prerequisites" | Prerequisites must be verified mechanically, not from memory. Check that dependency tasks are marked complete in state and that referenced files exist.
|
|
338
|
-
| "The checkpoint is just a confirmation step and the output looks correct, so I will auto-continue" | Checkpoints are non-negotiable pause points. If a task has a checkpoint marker, execution must pause.
|
|
339
|
-
| "Harness validate passed on the previous task and nothing changed structurally, so I can skip it for this one" | Validation runs after every task with no exceptions. Each task may introduce subtle architectural drift that only harness validate catches.
|
|
355
|
+
| Rationalization | Reality |
|
|
356
|
+
| -------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
357
|
+
| "The plan says to do X, but doing Y would be cleaner -- I will improvise" | The Iron Law states: execute the plan as written. If the plan is wrong, stop and fix the plan. Improvising mid-execution introduces untested assumptions. |
|
|
358
|
+
| "This task depends on Task 3 which I know is done, so I can skip verifying prerequisites" | Prerequisites must be verified mechanically, not from memory. Check that dependency tasks are marked complete in state and that referenced files exist. |
|
|
359
|
+
| "The checkpoint is just a confirmation step and the output looks correct, so I will auto-continue" | Checkpoints are non-negotiable pause points. If a task has a checkpoint marker, execution must pause. |
|
|
360
|
+
| "Harness validate passed on the previous task and nothing changed structurally, so I can skip it for this one" | Validation runs after every task with no exceptions. Each task may introduce subtle architectural drift that only harness validate catches. |
|
|
361
|
+
| "The task failed but I can see the fix — I'll apply it and move on without recording a blocker" | A failed task is a blocker. Record it, report it, and stop. Applying unplanned fixes mid-execution makes progress untraceable and may cascade into later tasks. |
|
|
362
|
+
| "Phase 1 prerequisites are missing but I can create them as part of this task" | PREPARE is read-only. Missing prerequisites mean a prior task or the plan is deficient. Report the gap — do not fix prerequisites during execution setup. |
|
|
340
363
|
|
|
341
364
|
## Examples
|
|
342
365
|
|
|
@@ -398,6 +421,7 @@ harness validate — passes. Resume Task 4.
|
|
|
398
421
|
|
|
399
422
|
Hard stops. Violating any gate means the process has broken down.
|
|
400
423
|
|
|
424
|
+
- **Phase 1 PREPARE is read-only.** Do not write production code, create files, or commit during preparation. If prerequisites are missing, report the gap — do not fix it yourself.
|
|
401
425
|
- **No execution without a plan.** If no plan exists, do not start. Use harness-planning.
|
|
402
426
|
- **No improvisation.** Execute as written. Do not add "improvements" not in the plan.
|
|
403
427
|
- **No skipping tasks.** Tasks are dependency-ordered. Execute in order.
|