@harness-engineering/cli 1.25.4 → 1.25.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (123) hide show
  1. package/dist/agents/skills/claude-code/enforce-architecture/SKILL.md +12 -0
  2. package/dist/agents/skills/claude-code/harness-api-design/SKILL.md +12 -0
  3. package/dist/agents/skills/claude-code/harness-architecture-advisor/SKILL.md +12 -0
  4. package/dist/agents/skills/claude-code/harness-auth/SKILL.md +12 -0
  5. package/dist/agents/skills/claude-code/harness-code-review/SKILL.md +30 -6
  6. package/dist/agents/skills/claude-code/harness-database/SKILL.md +12 -0
  7. package/dist/agents/skills/claude-code/harness-debugging/SKILL.md +38 -6
  8. package/dist/agents/skills/claude-code/harness-deployment/SKILL.md +12 -0
  9. package/dist/agents/skills/claude-code/harness-execution/SKILL.md +30 -6
  10. package/dist/agents/skills/claude-code/harness-planning/SKILL.md +20 -9
  11. package/dist/agents/skills/claude-code/harness-pre-commit-review/SKILL.md +59 -6
  12. package/dist/agents/skills/claude-code/harness-refactoring/SKILL.md +28 -7
  13. package/dist/agents/skills/claude-code/harness-security-scan/SKILL.md +12 -0
  14. package/dist/agents/skills/claude-code/harness-skill-authoring/SKILL.md +43 -8
  15. package/dist/agents/skills/claude-code/harness-soundness-review/SKILL.md +59 -7
  16. package/dist/agents/skills/claude-code/harness-tdd/SKILL.md +21 -0
  17. package/dist/agents/skills/claude-code/harness-verification/SKILL.md +31 -6
  18. package/dist/agents/skills/codex/enforce-architecture/SKILL.md +12 -0
  19. package/dist/agents/skills/codex/harness-api-design/SKILL.md +12 -0
  20. package/dist/agents/skills/codex/harness-architecture-advisor/SKILL.md +12 -0
  21. package/dist/agents/skills/codex/harness-auth/SKILL.md +12 -0
  22. package/dist/agents/skills/codex/harness-code-review/SKILL.md +30 -6
  23. package/dist/agents/skills/codex/harness-database/SKILL.md +12 -0
  24. package/dist/agents/skills/codex/harness-debugging/SKILL.md +38 -6
  25. package/dist/agents/skills/codex/harness-deployment/SKILL.md +12 -0
  26. package/dist/agents/skills/codex/harness-execution/SKILL.md +30 -6
  27. package/dist/agents/skills/codex/harness-planning/SKILL.md +20 -9
  28. package/dist/agents/skills/codex/harness-pre-commit-review/SKILL.md +59 -6
  29. package/dist/agents/skills/codex/harness-refactoring/SKILL.md +28 -7
  30. package/dist/agents/skills/codex/harness-security-scan/SKILL.md +12 -0
  31. package/dist/agents/skills/codex/harness-skill-authoring/SKILL.md +43 -8
  32. package/dist/agents/skills/codex/harness-soundness-review/SKILL.md +59 -7
  33. package/dist/agents/skills/codex/harness-tdd/SKILL.md +21 -0
  34. package/dist/agents/skills/codex/harness-verification/SKILL.md +31 -6
  35. package/dist/agents/skills/cursor/enforce-architecture/SKILL.md +12 -0
  36. package/dist/agents/skills/cursor/harness-api-design/SKILL.md +12 -0
  37. package/dist/agents/skills/cursor/harness-architecture-advisor/SKILL.md +12 -0
  38. package/dist/agents/skills/cursor/harness-auth/SKILL.md +12 -0
  39. package/dist/agents/skills/cursor/harness-code-review/SKILL.md +30 -6
  40. package/dist/agents/skills/cursor/harness-database/SKILL.md +12 -0
  41. package/dist/agents/skills/cursor/harness-debugging/SKILL.md +38 -6
  42. package/dist/agents/skills/cursor/harness-deployment/SKILL.md +12 -0
  43. package/dist/agents/skills/cursor/harness-execution/SKILL.md +30 -6
  44. package/dist/agents/skills/cursor/harness-planning/SKILL.md +20 -9
  45. package/dist/agents/skills/cursor/harness-pre-commit-review/SKILL.md +59 -6
  46. package/dist/agents/skills/cursor/harness-refactoring/SKILL.md +28 -7
  47. package/dist/agents/skills/cursor/harness-security-scan/SKILL.md +12 -0
  48. package/dist/agents/skills/cursor/harness-skill-authoring/SKILL.md +43 -8
  49. package/dist/agents/skills/cursor/harness-soundness-review/SKILL.md +59 -7
  50. package/dist/agents/skills/cursor/harness-tdd/SKILL.md +21 -0
  51. package/dist/agents/skills/cursor/harness-verification/SKILL.md +31 -6
  52. package/dist/agents/skills/gemini-cli/enforce-architecture/SKILL.md +12 -0
  53. package/dist/agents/skills/gemini-cli/harness-api-design/SKILL.md +12 -0
  54. package/dist/agents/skills/gemini-cli/harness-architecture-advisor/SKILL.md +12 -0
  55. package/dist/agents/skills/gemini-cli/harness-auth/SKILL.md +12 -0
  56. package/dist/agents/skills/gemini-cli/harness-code-review/SKILL.md +30 -6
  57. package/dist/agents/skills/gemini-cli/harness-database/SKILL.md +12 -0
  58. package/dist/agents/skills/gemini-cli/harness-debugging/SKILL.md +38 -6
  59. package/dist/agents/skills/gemini-cli/harness-deployment/SKILL.md +12 -0
  60. package/dist/agents/skills/gemini-cli/harness-execution/SKILL.md +30 -6
  61. package/dist/agents/skills/gemini-cli/harness-planning/SKILL.md +20 -9
  62. package/dist/agents/skills/gemini-cli/harness-pre-commit-review/SKILL.md +59 -6
  63. package/dist/agents/skills/gemini-cli/harness-refactoring/SKILL.md +28 -7
  64. package/dist/agents/skills/gemini-cli/harness-security-scan/SKILL.md +12 -0
  65. package/dist/agents/skills/gemini-cli/harness-skill-authoring/SKILL.md +43 -8
  66. package/dist/agents/skills/gemini-cli/harness-soundness-review/SKILL.md +59 -7
  67. package/dist/agents/skills/gemini-cli/harness-tdd/SKILL.md +21 -0
  68. package/dist/agents/skills/gemini-cli/harness-verification/SKILL.md +31 -6
  69. package/dist/{agents-md-MCUM4SIZ.js → agents-md-2PYJM2MK.js} +3 -3
  70. package/dist/{architecture-HNIO6AUX.js → architecture-VCLB7A23.js} +4 -4
  71. package/dist/{assess-project-6MV5TNY3.js → assess-project-64C6LIKN.js} +1 -1
  72. package/dist/bin/harness-mcp.js +16 -15
  73. package/dist/bin/harness.js +27 -115
  74. package/dist/business-knowledge-6RHYJOB3.js +7 -0
  75. package/dist/{check-phase-gate-VCBQHQAC.js → check-phase-gate-RT6PGEHY.js} +4 -4
  76. package/dist/{chunk-MI6MA6OP.js → chunk-42ZZLMYD.js} +169 -118
  77. package/dist/{chunk-BUYW3SA2.js → chunk-43VBX44J.js} +219 -107
  78. package/dist/{chunk-UV3BZMGT.js → chunk-4YEBV2FT.js} +2 -2
  79. package/dist/{chunk-5BQ5BOJL.js → chunk-7BAGSY5Q.js} +1 -1
  80. package/dist/{chunk-FSNPBT74.js → chunk-BUJOMC3O.js} +1 -1
  81. package/dist/{chunk-M55DGGF3.js → chunk-CBZECDCW.js} +5 -5
  82. package/dist/{chunk-XTITAVUR.js → chunk-EY6F2QXW.js} +1 -1
  83. package/dist/{chunk-6VZQJ5CX.js → chunk-FL6A72LV.js} +1 -1
  84. package/dist/{chunk-CXJTVICF.js → chunk-JQCS75DY.js} +4 -4
  85. package/dist/{chunk-WIQA4BSH.js → chunk-JUXFYB2K.js} +1 -1
  86. package/dist/{chunk-FES2YEQU.js → chunk-KJC4SE7C.js} +9 -9
  87. package/dist/{chunk-4NK7Z3BP.js → chunk-R2BI5UPK.js} +1 -1
  88. package/dist/{chunk-2KZAXESR.js → chunk-R7P2FMJT.js} +360 -183
  89. package/dist/chunk-RC5ZY3EV.js +82 -0
  90. package/dist/{chunk-K2SON7TI.js → chunk-RDQGCHKD.js} +252 -57
  91. package/dist/{chunk-EHRZMOQ2.js → chunk-RKZW3FDF.js} +1 -1
  92. package/dist/{chunk-BOQRTARD.js → chunk-SMY35HJM.js} +1 -1
  93. package/dist/{chunk-UQZBZINS.js → chunk-SZZ5UQL7.js} +6 -6
  94. package/dist/{chunk-AT74HEQM.js → chunk-U2OMWI7Z.js} +1 -1
  95. package/dist/{chunk-P7PANON5.js → chunk-VELT5VAG.js} +1 -1
  96. package/dist/{chunk-YTP2UDPV.js → chunk-WEOGCL7B.js} +3 -3
  97. package/dist/{chunk-TYV4EUAD.js → chunk-X2JJ3CPG.js} +8 -8
  98. package/dist/{chunk-GEEYCQDS.js → chunk-XLO4AXXM.js} +9 -9
  99. package/dist/{chunk-47N6R2F4.js → chunk-XMEEYMGE.js} +1 -1
  100. package/dist/{chunk-FIQL2HND.js → chunk-Y5JA4J2M.js} +2 -2
  101. package/dist/{chunk-F23H3U5U.js → chunk-ZAKUCM7O.js} +2 -2
  102. package/dist/{ci-workflow-RTM7VVTD.js → ci-workflow-SZL3KVUK.js} +3 -3
  103. package/dist/{dist-RADHOOXG.js → dist-GRW3X2ZQ.js} +3 -1
  104. package/dist/{dist-WCSJHQPK.js → dist-T3DGV5UN.js} +16 -2
  105. package/dist/{docs-UBOGGHTY.js → docs-WDLJORLK.js} +4 -4
  106. package/dist/{engine-MJJAP5CH.js → engine-2YWYRCKK.js} +3 -3
  107. package/dist/{entropy-EMSXF2PX.js → entropy-PJGTOORX.js} +3 -3
  108. package/dist/{feedback-ZLUX72HD.js → feedback-M5KCJKL2.js} +1 -1
  109. package/dist/{generate-agent-definitions-AWLPJ27C.js → generate-agent-definitions-MFDW6LZT.js} +4 -4
  110. package/dist/{graph-loader-JHQVQRUS.js → graph-loader-QMKXT454.js} +1 -1
  111. package/dist/hooks/telemetry-reporter.js +22 -1
  112. package/dist/index.d.ts +5 -5
  113. package/dist/index.js +26 -25
  114. package/dist/{loader-JVSJZSWZ.js → loader-6O52FYHE.js} +3 -3
  115. package/dist/{mcp-JZ7YB7TD.js → mcp-GGNFWKVC.js} +16 -15
  116. package/dist/{performance-7AGWJUY4.js → performance-337U5URQ.js} +4 -4
  117. package/dist/{review-pipeline-ZWVQJTJX.js → review-pipeline-DB5RD4SN.js} +3 -3
  118. package/dist/{runtime-D6YUQPP2.js → runtime-B74EN2WD.js} +3 -3
  119. package/dist/{scan-MPJ6JHUY.js → scan-DXQUHGTT.js} +1 -1
  120. package/dist/{security-JLZUAQYT.js → security-3AYN6FVU.js} +1 -1
  121. package/dist/{validate-TIIHRPMA.js → validate-35CD7VWN.js} +4 -4
  122. package/dist/{validate-cross-check-ZOWFA3DB.js → validate-cross-check-LJKXBQYH.js} +3 -3
  123. package/package.json +5 -5
@@ -603,6 +603,16 @@ compliance|naming|suggestion|Names follow project conventions (check AGENTS.md o
603
603
  - **`filterByRelevance`** — Phase 3 learnings scoring. Threshold 0.7, budget 1000 tokens.
604
604
  - **Session directory** — `.harness/sessions/<slug>/` contains `handoff.json`, `state.json`, `artifacts.json` (spec/plan paths, reviewed file list). Write handoff to session scope when slug is known. Global `.harness/handoff.json` is deprecated for session-aware invocations.
605
605
 
606
+ ## Uncertainty Surfacing
607
+
608
+ When a review subagent encounters ambiguity during analysis, classify it immediately:
609
+
610
+ - **Blocking:** Cannot determine severity without more context (e.g., unclear whether a pattern is intentional or accidental). Surface as a finding with severity `suggestion` and rationale explaining the ambiguity. Do not guess.
611
+ - **Assumption:** Can classify if assumption is stated (e.g., "assuming this endpoint is internal-only, the missing auth check is acceptable"). State the assumption in the finding. If wrong, the finding severity changes.
612
+ - **Deferrable:** Ambiguity does not affect the review (e.g., whether a naming choice will cause confusion in the future). Omit from findings — it is noise.
613
+
614
+ Do not suppress ambiguous findings. An ambiguous finding surfaced as a question is more valuable than a confident finding built on a wrong assumption.
615
+
606
616
  ## Success Criteria
607
617
 
608
618
  - Pipeline runs all 7 phases in order (skipping GATE without `--ci`)
@@ -696,12 +706,26 @@ compliance|naming|suggestion|Names follow project conventions (check AGENTS.md o
696
706
 
697
707
  ## Rationalizations to Reject
698
708
 
699
- | Rationalization | Reality |
700
- | --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- |
701
- | "The tests pass, so the logic must be correct" | Tests can be incomplete. Review the logic independently of test results. |
702
- | "This is how it was done elsewhere in the codebase" | Existing patterns can be wrong. Evaluate the pattern on its merits, not just its precedent. |
703
- | "It's just a refactor, low risk" | Refactors change behavior surfaces. Review them with the same rigor as feature changes. |
704
- | "The fix is trivial, I'll just apply it inline" | Trivial fixes still skip review when applied by the reviewer. Suggest the fix; let the author apply and re-review. Iron Law. |
709
+ ### Universal
710
+
711
+ These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
712
+
713
+ - **"It's probably fine"** "Probably" is not evidence. Verify before asserting.
714
+ - **"This is best practice"** Best practice in what context? Cite the source and
715
+ confirm it applies to this codebase.
716
+ - **"We can fix it later"** — If it is worth flagging, it is worth documenting now
717
+ with a concrete follow-up plan.
718
+
719
+ ### Domain-Specific
720
+
721
+ | Rationalization | Reality |
722
+ | --------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
723
+ | "The tests pass, so the logic must be correct" | Tests can be incomplete. Review the logic independently of test results. |
724
+ | "This is how it was done elsewhere in the codebase" | Existing patterns can be wrong. Evaluate the pattern on its merits, not just its precedent. |
725
+ | "It's just a refactor, low risk" | Refactors change behavior surfaces. Review them with the same rigor as feature changes. |
726
+ | "The fix is trivial, I'll just apply it inline" | Trivial fixes still skip review when applied by the reviewer. Suggest the fix; let the author apply and re-review. Iron Law. |
727
+ | "The diff is small so I can approve without reading every file" | Small diffs can contain critical bugs. Read every changed file completely — size does not correlate with risk. A one-line auth bypass is a small diff. |
728
+ | "The author is experienced, so I can be less thorough" | Review rigor is based on the code, not the author. Experienced authors make mistakes too. Apply the same checklist regardless of who wrote it. |
705
729
 
706
730
  ## Escalation
707
731
 
@@ -286,6 +286,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
286
286
 
287
287
  ## Rationalizations to Reject
288
288
 
289
+ ### Universal
290
+
291
+ These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
292
+
293
+ - **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
294
+ - **"This is best practice"** — Best practice in what context? Cite the source and
295
+ confirm it applies to this codebase.
296
+ - **"We can fix it later"** — If it is worth flagging, it is worth documenting now
297
+ with a concrete follow-up plan.
298
+
299
+ ### Domain-Specific
300
+
289
301
  | Rationalization | Reality |
290
302
  | -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- |
291
303
  | "The table is small, we don't need an index" | Tables grow. Plan for the steady state, not the current row count. |
@@ -15,6 +15,14 @@
15
15
 
16
16
  ## Process
17
17
 
18
+ ### Iron Law
19
+
20
+ **Phase 1 INVESTIGATE before ANY fix. No exceptions.**
21
+
22
+ If you find yourself writing fix code before completing investigation, STOP. Delete the fix. You are guessing, not debugging. A fix without investigation is a coin flip that creates the illusion of progress.
23
+
24
+ ---
25
+
18
26
  ### Prerequisite: Start a Debug Session
19
27
 
20
28
  Before beginning, create a persistent debug session. This survives context resets and tracks state across multiple attempts.
@@ -53,6 +61,8 @@ Error: <the error message or symptom>
53
61
 
54
62
  **You must complete Phase 1 before writing ANY fix code. No exceptions.**
55
63
 
64
+ **Read-only constraint:** Phase 1 is investigation only. You may read files, run commands, add log statements, and record observations. You may NOT write production code fixes, modify business logic, or commit changes during investigation. If you find yourself writing a fix, you have jumped to Phase 4.
65
+
56
66
  #### Step 1: Run Entropy Analysis
57
67
 
58
68
  ```bash
@@ -115,6 +125,16 @@ Update the session status to `investigating`.
115
125
 
116
126
  ---
117
127
 
128
+ ### Uncertainty Surfacing
129
+
130
+ When you encounter an unknown during investigation or analysis, classify it immediately:
131
+
132
+ - **Blocking:** Cannot form a testable hypothesis without resolving this (e.g., cannot reproduce the bug, unclear what "correct" behavior is). STOP and escalate to human.
133
+ - **Assumption:** Can proceed with a stated assumption (e.g., "the database schema has not changed since last deployment"). Document in the session log. If wrong, hypotheses built on it are invalid.
134
+ - **Deferrable:** Does not affect the current investigation (e.g., whether other code paths have similar issues). Note in session log for follow-up.
135
+
136
+ Do not bury unknowns. An unstated assumption in your investigation leads to fixes that address the wrong root cause.
137
+
118
138
  ### Phase 2: ANALYZE — Find the Pattern
119
139
 
120
140
  #### Step 1: Find Working Examples
@@ -298,14 +318,25 @@ Update the session status to `resolved`.
298
318
  - Debug session file is complete with investigation log, hypotheses, and resolution
299
319
  - Learnings were captured for future reference
300
320
 
321
+ ## Red Flags
322
+
323
+ | Flag | Corrective Action |
324
+ | ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- |
325
+ | "It's probably X, let me just fix that" | STOP. "Probably" is a guess, not a diagnosis. Complete Phase 1 INVESTIGATE before writing any fix code. |
326
+ | "I'll change a few things and see if the bug goes away" | STOP. One variable at a time. Multiple simultaneous changes mean you cannot determine which one had the effect — or whether you introduced a new bug. |
327
+ | "One more fix attempt before I escalate" after 2 failed attempts | STOP. Three failed attempts means your mental model is wrong. Step back, re-read the investigation log, and question your assumptions about how the system works. |
328
+ | `// temporary workaround` or `// TODO: real fix later` replacing root-cause fix | STOP. Workarounds are symptom suppression. The root cause remains. Fix it properly or escalate — do not commit workarounds disguised as fixes. |
329
+
301
330
  ## Rationalizations to Reject
302
331
 
303
- | Rationalization | Reality |
304
- | --------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
305
- | "I have a strong hunch about what is wrong, so I will jump straight to fixing it" | Phase 1 INVESTIGATE must be completed before ANY fix code is written. You are guessing, not debugging. |
306
- | "I changed two things and the bug is gone, so the fix must be correct" | One variable at a time is a gate. Changing multiple things simultaneously means you do not know which change fixed it. |
307
- | "This is my third attempt but I feel close, so one more try before escalating" | After 3 failed fix attempts, the gate requires you to question the architecture. The problem is likely not where you think it is. |
308
- | "A try-catch that swallows the error prevents the crash, so the bug is fixed" | Symptom suppression is explicitly listed as a bad fix. Wrapping the failure in a try-catch addresses what the bug did, not why it happened. |
332
+ | Rationalization | Reality |
333
+ | --------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
334
+ | "I have a strong hunch about what is wrong, so I will jump straight to fixing it" | Phase 1 INVESTIGATE must be completed before ANY fix code is written. You are guessing, not debugging. |
335
+ | "I changed two things and the bug is gone, so the fix must be correct" | One variable at a time is a gate. Changing multiple things simultaneously means you do not know which change fixed it. |
336
+ | "This is my third attempt but I feel close, so one more try before escalating" | After 3 failed fix attempts, the gate requires you to question the architecture. The problem is likely not where you think it is. |
337
+ | "A try-catch that swallows the error prevents the crash, so the bug is fixed" | Symptom suppression is explicitly listed as a bad fix. Wrapping the failure in a try-catch addresses what the bug did, not why it happened. |
338
+ | "The bug only happens in edge cases, so a partial fix is acceptable" | A partial fix means the bug still exists. Either fix the root cause completely or document the remaining scenarios as known issues with tracked tickets. |
339
+ | "I can skip the regression test since I understand the root cause well" | Understanding the root cause and proving the fix catches it are different things. The revert-and-fail test is mandatory — it is the only proof the test actually guards against the bug. |
309
340
 
310
341
  ## Examples
311
342
 
@@ -359,6 +390,7 @@ Revert test: Commenting out the validation check causes the test to fail with 50
359
390
 
360
391
  ## Gates
361
392
 
393
+ - **Investigation phases are read-only.** Phase 1 and Phase 2 produce understanding, not code. Reading files, running commands, and adding diagnostic log statements are allowed. Writing production code fixes is not. If you find yourself writing a fix during investigation, you have skipped ahead.
362
394
  - **Phase 1 before ANY fix.** You must complete investigation before writing fix code. Skipping investigation leads to symptom-chasing, which leads to more bugs.
363
395
  - **One variable at a time.** Changing multiple things simultaneously is forbidden. If you changed two things and the bug is fixed, you do not know which change fixed it (or if the other change introduced a new bug).
364
396
  - **After 3 failed fix attempts, question the architecture.** If three consecutive hypotheses were wrong or three fixes did not resolve the issue, the problem is likely not where you think it is. Step back. Re-read the investigation log. Consider that the bug might be in a different layer entirely.
@@ -283,6 +283,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
283
283
 
284
284
  ## Rationalizations to Reject
285
285
 
286
+ ### Universal
287
+
288
+ These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
289
+
290
+ - **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
291
+ - **"This is best practice"** — Best practice in what context? Cite the source and
292
+ confirm it applies to this codebase.
293
+ - **"We can fix it later"** — If it is worth flagging, it is worth documenting now
294
+ with a concrete follow-up plan.
295
+
296
+ ### Domain-Specific
297
+
286
298
  | Rationalization | Reality |
287
299
  | ---------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
288
300
  | "It's just a config change, not a code change" | Config changes cause outages at the same rate as code changes. Deploy them with the same rigor and rollback strategy. |
@@ -76,6 +76,18 @@ Fall back to file-based commands if no graph is available.
76
76
 
77
77
  ---
78
78
 
79
+ ### Uncertainty Surfacing
80
+
81
+ When you encounter an unknown during task execution, classify it immediately:
82
+
83
+ - **Blocking:** Cannot complete the task as written without resolving this (e.g., referenced file doesn't exist, spec behavior undefined for this scenario). STOP. Record as a blocker and report.
84
+ - **Assumption:** Can proceed if assumption is stated (e.g., "the API returns JSON, not XML"). Document the assumption in the commit message. If wrong, the task must be revisited.
85
+ - **Deferrable:** Does not affect the current task (e.g., whether a later task will need a different approach). Note in learnings for future tasks.
86
+
87
+ Do not improvise past unknowns. An assumption that turns out wrong is cheaper than an improvised solution that hides the unknown.
88
+
89
+ **Read-only constraint for Phase 1:** Phase 1 PREPARE is research and state loading. Do not write production code, create files, or make commits during PREPARE. If prerequisites fail, report the failure — do not attempt to fix prerequisites yourself.
90
+
79
91
  ### Phase 2: EXECUTE — Implement Tasks Atomically
80
92
 
81
93
  Report progress with: `**[Phase N/M]** Task N — <description>`
@@ -329,14 +341,25 @@ Claims about task completion, test results, or code behavior MUST cite evidence:
329
341
  - No improvisation: tasks executed as written, or stopped with blocker reported
330
342
  - All stopping conditions respected
331
343
 
344
+ ## Red Flags
345
+
346
+ | Flag | Corrective Action |
347
+ | ---------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
348
+ | "The plan says X but Y would be cleaner — I'll improvise" | STOP. Iron Law: execute the plan as written. If the plan is wrong, stop and fix the plan. Improvising introduces untested assumptions. |
349
+ | "I'll skip the test for this task since it's just configuration" | STOP. The TDD rhythm is not optional. Configuration changes need tests too — they prove the config does what the task requires. |
350
+ | "I'll handle this edge case the plan didn't mention" | STOP. Unplanned work is scope creep. If the edge case matters, it's a plan deficiency — record it as a blocker. |
351
+ | `// TODO: come back to this` or `// skipped for now` in committed code | STOP. Every commit must be atomic and complete for its task. TODOs in committed code are incomplete tasks disguised as progress. |
352
+
332
353
  ## Rationalizations to Reject
333
354
 
334
- | Rationalization | Reality |
335
- | -------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- |
336
- | "The plan says to do X, but doing Y would be cleaner -- I will improvise" | The Iron Law states: execute the plan as written. If the plan is wrong, stop and fix the plan. Improvising mid-execution introduces untested assumptions. |
337
- | "This task depends on Task 3 which I know is done, so I can skip verifying prerequisites" | Prerequisites must be verified mechanically, not from memory. Check that dependency tasks are marked complete in state and that referenced files exist. |
338
- | "The checkpoint is just a confirmation step and the output looks correct, so I will auto-continue" | Checkpoints are non-negotiable pause points. If a task has a checkpoint marker, execution must pause. |
339
- | "Harness validate passed on the previous task and nothing changed structurally, so I can skip it for this one" | Validation runs after every task with no exceptions. Each task may introduce subtle architectural drift that only harness validate catches. |
355
+ | Rationalization | Reality |
356
+ | -------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
357
+ | "The plan says to do X, but doing Y would be cleaner -- I will improvise" | The Iron Law states: execute the plan as written. If the plan is wrong, stop and fix the plan. Improvising mid-execution introduces untested assumptions. |
358
+ | "This task depends on Task 3 which I know is done, so I can skip verifying prerequisites" | Prerequisites must be verified mechanically, not from memory. Check that dependency tasks are marked complete in state and that referenced files exist. |
359
+ | "The checkpoint is just a confirmation step and the output looks correct, so I will auto-continue" | Checkpoints are non-negotiable pause points. If a task has a checkpoint marker, execution must pause. |
360
+ | "Harness validate passed on the previous task and nothing changed structurally, so I can skip it for this one" | Validation runs after every task with no exceptions. Each task may introduce subtle architectural drift that only harness validate catches. |
361
+ | "The task failed but I can see the fix — I'll apply it and move on without recording a blocker" | A failed task is a blocker. Record it, report it, and stop. Applying unplanned fixes mid-execution makes progress untraceable and may cascade into later tasks. |
362
+ | "Phase 1 prerequisites are missing but I can create them as part of this task" | PREPARE is read-only. Missing prerequisites mean a prior task or the plan is deficient. Report the gap — do not fix prerequisites during execution setup. |
340
363
 
341
364
  ## Examples
342
365
 
@@ -398,6 +421,7 @@ harness validate — passes. Resume Task 4.
398
421
 
399
422
  Hard stops. Violating any gate means the process has broken down.
400
423
 
424
+ - **Phase 1 PREPARE is read-only.** Do not write production code, create files, or commit during preparation. If prerequisites are missing, report the gap — do not fix it yourself.
401
425
  - **No execution without a plan.** If no plan exists, do not start. Use harness-planning.
402
426
  - **No improvisation.** Execute as written. Do not add "improvements" not in the plan.
403
427
  - **No skipping tasks.** Tasks are dependency-ordered. Execute in order.
@@ -342,17 +342,28 @@ Only apply when modifying existing documented behavior. When `docs/changes/` exi
342
342
  - Human has reviewed and approved the plan
343
343
  - Rigor level rules followed: fast skips skeleton; thorough always skeletons with approval; standard skeletons at >= 8 tasks
344
344
 
345
+ ## Red Flags
346
+
347
+ | Flag | Corrective Action |
348
+ | ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
349
+ | "I know the implementation well enough to skip reading the spec" | STOP. Phase 1 SCOPE starts by reading the spec. Assumptions about spec content lead to plans that implement the wrong thing. |
350
+ | "This task is self-explanatory, no need for exact file paths and commands" | STOP. Iron Law: every task must contain exact file paths, exact commands, and complete code snippets. "Implement the service" is a wish, not a task. |
351
+ | "I'll plan the happy path now and add error handling tasks later" | STOP. Error handling is not optional. The spec's success criteria include error scenarios. Plan them alongside the happy path. |
352
+ | `// detailed steps TBD` or `// expand during execution` in task descriptions | STOP. A task that defers detail to execution is a vague task. If you cannot write the exact steps now, you do not understand the task well enough to plan it. |
353
+
345
354
  ## Rationalizations to Reject
346
355
 
347
- | Rationalization | Reality |
348
- | ------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
349
- | "The task is conceptually clear so I do not need to include exact code in the plan" | Every task must have exact file paths, exact code, and exact commands. If you cannot write the code in the plan, you do not understand the task well enough to plan it. |
350
- | "This task touches 5 files but it is logically one unit of work, so splitting it would add overhead" | Tasks touching more than 3 files must be split. The overhead of splitting is far less than the cost of a failed oversized task. |
351
- | "Tests for this task can be added in a follow-up task since the implementation is straightforward" | No skipping TDD in tasks. Every code-producing task must start with writing a test. "Add tests later" is explicitly forbidden. |
352
- | "The spec does not cover this edge case, but I can fill in the gap during planning" | When the spec is missing information, do not fill in the gaps yourself. Escalate. Filling gaps silently creates undocumented design decisions that no one reviewed. |
353
- | "I discovered we need an additional file during decomposition, but updating the file map is just bookkeeping" | The file map must be complete. Every file that will be created or modified must appear in the file map before task decomposition. |
354
- | "There are no real uncertainties — the spec is clear enough" | Every plan has unknowns. If you listed zero uncertainties, you skipped the step. Re-read the spec and list what is assumed but not stated. |
355
- | "I already know how to structure this, no need to finish scoping" | Premature decomposition anchors on the first approach found. Complete SCOPE (observable truths + uncertainties) before proposing any task structure. |
356
+ | Rationalization | Reality |
357
+ | ------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
358
+ | "The task is conceptually clear so I do not need to include exact code in the plan" | Every task must have exact file paths, exact code, and exact commands. If you cannot write the code in the plan, you do not understand the task well enough to plan it. |
359
+ | "This task touches 5 files but it is logically one unit of work, so splitting it would add overhead" | Tasks touching more than 3 files must be split. The overhead of splitting is far less than the cost of a failed oversized task. |
360
+ | "Tests for this task can be added in a follow-up task since the implementation is straightforward" | No skipping TDD in tasks. Every code-producing task must start with writing a test. "Add tests later" is explicitly forbidden. |
361
+ | "The spec does not cover this edge case, but I can fill in the gap during planning" | When the spec is missing information, do not fill in the gaps yourself. Escalate. Filling gaps silently creates undocumented design decisions that no one reviewed. |
362
+ | "I discovered we need an additional file during decomposition, but updating the file map is just bookkeeping" | The file map must be complete. Every file that will be created or modified must appear in the file map before task decomposition. |
363
+ | "There are no real uncertainties — the spec is clear enough" | Every plan has unknowns. If you listed zero uncertainties, you skipped the step. Re-read the spec and list what is assumed but not stated. |
364
+ | "I already know how to structure this, no need to finish scoping" | Premature decomposition anchors on the first approach found. Complete SCOPE (observable truths + uncertainties) before proposing any task structure. |
365
+ | "The skeleton pass adds overhead for a plan this size — I will go straight to full tasks" | Rigor level rules are not optional. In thorough mode, the skeleton is always required. In standard mode, 8+ tasks require a skeleton. Skipping it risks task-level misalignment with the goal. |
366
+ | "I will write implementation code in the plan to make the tasks more concrete" | Planning produces a plan document, not code. Writing code during planning violates the phase boundary — code belongs in execution. Exact snippets in task descriptions are plan content, not executed code. |
356
367
 
357
368
  ## Examples
358
369
 
@@ -10,6 +10,16 @@
10
10
  - NOT as a replacement for full peer review (use `harness-code-review` for that)
11
11
  - NOT for commits that only update documentation or configuration (fast path skips AI review)
12
12
 
13
+ ## Process
14
+
15
+ ### Iron Law
16
+
17
+ **Mechanical checks gate AI review. No exceptions.**
18
+
19
+ If lint, typecheck, or tests fail, the pipeline stops. AI review does not run. Observations from AI review are advisory — they never block a commit. Only mechanical failures block. This ordering is non-negotiable.
20
+
21
+ ---
22
+
13
23
  ## Principle: Deterministic First
14
24
 
15
25
  This skill follows the Deterministic-vs-LLM Responsibility Split principle. Mechanical checks run first and must pass before any AI review occurs. If a linter or type checker can catch the problem, the LLM should not be the one finding it.
@@ -262,6 +272,47 @@ fi
262
272
 
263
273
  **Note:** AI review observations (WARN) do not block the commit — only mechanical check failures (FAIL) block. The author decides whether to address AI observations.
264
274
 
275
+ ## Red Flags
276
+
277
+ | Flag | Corrective Action |
278
+ | --------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
279
+ | "The lint errors are just warnings, I can proceed to AI review" | STOP. The gate is absolute. Any mechanical check failure means STOP. Warnings configured as errors are failures. |
280
+ | "I'll run the full test suite later in CI" | STOP. Pre-commit checks include tests. The purpose is to catch failures BEFORE they reach CI — not to defer them. |
281
+ | "This is just a config change, skip the security scan" | STOP. Phase 3 runs against all staged source files regardless of change type. Config files can contain hardcoded secrets. |
282
+ | `// quick fix, will clean up before PR` or `// TODO: handle error` in staged code | STOP. Pre-commit is the last line of defense before code enters the repository. Code committed with cleanup TODOs gets merged with cleanup TODOs. Fix it now. |
283
+
284
+ **Review-never-fixes:** Pre-commit review identifies observations. It never modifies staged code. AI review findings are reported for the author to decide — not applied automatically. A review that silently modifies code is not a review.
285
+
286
+ ## Rubric Compression
287
+
288
+ Pre-commit review checklists MUST use compressed single-line format. Each check is one line with pipe-delimited fields:
289
+
290
+ ```
291
+ phase|check-name|blocking|criterion
292
+ ```
293
+
294
+ **Example:**
295
+
296
+ ```
297
+ mechanical|lint|yes|Zero lint errors in staged files
298
+ mechanical|typecheck|yes|Zero type errors reported by tsc --noEmit
299
+ mechanical|tests|yes|All tests pass with exit code 0
300
+ mechanical|harness-health|yes|assess_project returns healthy: true
301
+ security|secrets|yes|No hardcoded secrets, API keys, or credentials in staged files
302
+ security|injection|yes|No eval(), exec(), or unparameterized SQL in staged files
303
+ security|advisory|no|CORS wildcards, HTTP URLs, disabled TLS — reported but non-blocking
304
+ ai|obvious-bugs|no|Null dereference, infinite loops, off-by-one, resource leaks
305
+ ai|debug-artifacts|no|No console.log, debugger statements, or TODO without issue ref
306
+ ```
307
+
308
+ **Why:** Dense single-line rubrics minimize token consumption while preserving the same review signal. More budget for actual diff analysis.
309
+
310
+ **Rules:**
311
+
312
+ - Phase must be `mechanical`, `security`, or `ai`
313
+ - Blocking must be `yes` or `no`
314
+ - Maximum 80 characters per criterion text
315
+
265
316
  ## Gates
266
317
 
267
318
  - **Mechanical checks must pass before AI review.** Do not run AI review if lint/typecheck/tests fail.
@@ -286,12 +337,14 @@ fi
286
337
 
287
338
  ## Rationalizations to Reject
288
339
 
289
- | Rationalization | Why It Is Wrong |
290
- | ----------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
291
- | "The lint errors are just warnings, so I can proceed to AI review" | The gate is absolute: any mechanical check failure means STOP. AI review does not run until lint, typecheck, and tests all pass. |
292
- | "This is a docs-only change but let me run AI review anyway for thoroughness" | The fast path is mandatory. If only docs/config files changed, AI review is skipped. Running it anyway wastes tokens. |
293
- | "The AI found a style issue, so I should block the commit" | AI review observations are advisory only. Only mechanical check failures block the commit. |
294
- | "I will skip the security scan since this is an internal endpoint" | Phase 3 runs the security scanner against all staged source files regardless of exposure. Hardcoded secrets and injection are blocking even in internal code. |
340
+ | Rationalization | Why It Is Wrong |
341
+ | ----------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
342
+ | "The lint errors are just warnings, so I can proceed to AI review" | The gate is absolute: any mechanical check failure means STOP. AI review does not run until lint, typecheck, and tests all pass. |
343
+ | "This is a docs-only change but let me run AI review anyway for thoroughness" | The fast path is mandatory. If only docs/config files changed, AI review is skipped. Running it anyway wastes tokens. |
344
+ | "The AI found a style issue, so I should block the commit" | AI review observations are advisory only. Only mechanical check failures block the commit. |
345
+ | "I will skip the security scan since this is an internal endpoint" | Phase 3 runs the security scanner against all staged source files regardless of exposure. Hardcoded secrets and injection are blocking even in internal code. |
346
+ | "The AI found an issue so I should fix it before reporting" | Pre-commit review reports findings — it does not apply fixes. The author decides what to act on. A review that silently modifies code is editing, not reviewing. |
347
+ | "The mechanical checks passed so the code is ready — skip the AI review" | If source files are staged (not docs/config only), AI review runs. Mechanical checks catch syntax and type errors; AI review catches semantic issues like null dereference and resource leaks. Both layers have value. |
295
348
 
296
349
  ## Examples
297
350
 
@@ -16,7 +16,7 @@
16
16
 
17
17
  ## Process
18
18
 
19
- ### Iron Rule
19
+ ### Iron Law
20
20
 
21
21
  **All tests must pass BEFORE you start refactoring and AFTER every single change.**
22
22
 
@@ -41,6 +41,16 @@ When a knowledge graph exists at `.harness/graph/`, use graph queries for faster
41
41
 
42
42
  Catches indirect consumers that grep misses. Fall back to file-based commands if no graph is available.
43
43
 
44
+ ### Uncertainty Surfacing
45
+
46
+ When you encounter an unknown during refactoring, classify it immediately:
47
+
48
+ - **Blocking:** Cannot determine if the change is purely structural without resolving this (e.g., unclear whether callers rely on implementation detail). STOP and surface to human.
49
+ - **Assumption:** Can proceed if assumption is stated (e.g., "no external consumers of this internal API"). Document the assumption and continue. If wrong, revert.
50
+ - **Deferrable:** Does not affect the current refactoring step (e.g., whether a further refactoring would be beneficial). Note for future consideration.
51
+
52
+ Do not guess whether a change is behavioral or structural. If you are unsure, it is blocking.
53
+
44
54
  ### Phase 2: Execute — One Small Change at a Time
45
55
 
46
56
  For EACH step in the plan:
@@ -134,14 +144,25 @@ Skipping this step means subsequent graph queries (impact analysis, dependency h
134
144
  - No behavioral changes were introduced (the test suite is the proof)
135
145
  - No dead code was left behind (run `harness cleanup` to verify)
136
146
 
147
+ ## Red Flags
148
+
149
+ | Flag | Corrective Action |
150
+ | --------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
151
+ | "This refactoring is safe, I don't need to run tests after this small change" | STOP. The Iron Law is absolute: tests after EVERY change. "Small" and "safe" are the changes that introduce subtle bugs. |
152
+ | "I'll combine these two renames into one commit since they're related" | STOP. One change per commit. Combined changes make it impossible to isolate which change caused a regression. |
153
+ | "The failing test is testing implementation details, so I'll fix the test" | STOP. Changing tests during refactoring is a warning sign. Verify the test is actually testing implementation details — not behavior your refactoring inadvertently changed. |
154
+ | `// removed old implementation` or `// TODO: move back later` replacing functional code | STOP. Either the code lives in its new location or it doesn't. Comments are not migration plans. Keep the code or delete it with a test proving the deletion is safe. |
155
+
137
156
  ## Rationalizations to Reject
138
157
 
139
- | Rationalization | Reality |
140
- | ------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- |
141
- | "The tests are mostly passing, so I can start refactoring and fix the remaining failures as I go" | All tests must pass BEFORE refactoring starts. If tests are not green before you start, you are not refactoring -- you are debugging. |
142
- | "This refactoring changes a small amount of behavior, but it is a clear improvement" | Refactoring must not change behavior. The test suite is the proof. If the refactoring requires changing tests, you may be changing behavior. |
143
- | "I will make several changes at once and run tests at the end since each change is small" | Tests must run after EVERY single change. If a test breaks, you must undo the LAST change immediately. |
144
- | "The refactoring did not produce a measurable improvement, but the code is different so it must be somewhat better" | If the refactoring introduced no measurable improvement, revert the entire sequence. Refactoring for its own sake is churn. |
158
+ | Rationalization | Reality |
159
+ | ------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- |
160
+ | "The tests are mostly passing, so I can start refactoring and fix the remaining failures as I go" | All tests must pass BEFORE refactoring starts. If tests are not green before you start, you are not refactoring -- you are debugging. |
161
+ | "This refactoring changes a small amount of behavior, but it is a clear improvement" | Refactoring must not change behavior. The test suite is the proof. If the refactoring requires changing tests, you may be changing behavior. |
162
+ | "I will make several changes at once and run tests at the end since each change is small" | Tests must run after EVERY single change. If a test breaks, you must undo the LAST change immediately. |
163
+ | "The refactoring did not produce a measurable improvement, but the code is different so it must be somewhat better" | If the refactoring introduced no measurable improvement, revert the entire sequence. Refactoring for its own sake is churn. |
164
+ | "I will refactor this and add the new feature in the same pass to be efficient" | Refactoring and feature work are separate tasks. Mixing them means test failures could be from the refactoring OR the new behavior — you cannot tell which. |
165
+ | "The test suite is slow, so I will run tests only at the end of the refactoring sequence" | Each step must be independently verified. A slow test suite is a separate problem to solve — it is not a reason to skip the safety net. |
145
166
 
146
167
  ## Examples
147
168
 
@@ -94,6 +94,18 @@ These apply to ALL skills. If you catch yourself doing any of these, STOP.
94
94
 
95
95
  ## Rationalizations to Reject
96
96
 
97
+ ### Universal
98
+
99
+ These reasoning patterns sound plausible but lead to bad outcomes. Reject them.
100
+
101
+ - **"It's probably fine"** — "Probably" is not evidence. Verify before asserting.
102
+ - **"This is best practice"** — Best practice in what context? Cite the source and
103
+ confirm it applies to this codebase.
104
+ - **"We can fix it later"** — If it is worth flagging, it is worth documenting now
105
+ with a concrete follow-up plan.
106
+
107
+ ### Domain-Specific
108
+
97
109
  | Rationalization | Reality |
98
110
  | ----------------------------------- | -------------------------------------------------------------------------------------------------- |
99
111
  | "No attacker would find this" | Security by obscurity. If the code is wrong, flag it regardless of discoverability. |
@@ -14,6 +14,14 @@
14
14
 
15
15
  ## Process
16
16
 
17
+ ### Iron Law
18
+
19
+ **No skill ships without validation passing and test scenarios exercising every discipline section.**
20
+
21
+ A skill that passes happy-path execution but has untested discipline sections (Red Flags, Gates, Rationalizations) is a trap — agents activate it but have no guardrails when they encounter edge cases. Phase 5B is not optional.
22
+
23
+ ---
24
+
17
25
  ### Phase 1: DEFINE — Establish the Skill's Purpose
18
26
 
19
27
  1. **Identify the recurring process.** What does the team do repeatedly? Name it. Describe it in one sentence. This becomes the skill's `description` in `skill.yaml` and the blockquote summary in `SKILL.md`.
@@ -344,16 +352,29 @@ Use this checklist as a final quality gate before declaring a skill complete.
344
352
  - Rigid skills include Gates and Escalation sections with specific conditions and consequences
345
353
  - The skill can be loaded and run with `harness skill run <name>`
346
354
 
355
+ ## Red Flags
356
+
357
+ | Flag | Corrective Action |
358
+ | ----------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
359
+ | "This skill is simple enough to ship without test scenarios" | STOP. Phase 5B exists because untested discipline sections are decoration. If you cannot construct a scenario that triggers each discipline section, the section is too abstract — revise it. |
360
+ | "I'll add the Rationalizations/Gates/Escalation section after the skill is working" | STOP. Discipline sections are required sections. A skill that "works" without guardrails is a trap — agents activate but flounder at edge cases. Write the real content now. |
361
+ | "The skill works, I tested it by running it once" | STOP. A single happy-path run does not test discipline sections. Write scenarios that trigger Red Flags, Gates, and Rationalizations. |
362
+ | `// placeholder for future phases` or `// TODO: add gate conditions` in SKILL.md | STOP. Placeholder sections are stubs. A skill with stub discipline sections passes validation but fails in practice. Write the real content or remove the section entirely. |
363
+
364
+ **Review-never-fixes:** When reviewing or extending an existing skill, identify issues but do not fix them inline. Document findings, propose fixes, and let the skill author decide. Reviewing and editing are separate roles.
365
+
347
366
  ## Rationalizations to Reject
348
367
 
349
- | Rationalization | Reality |
350
- | ----------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
351
- | "This skill is too simple to need all required sections" | Every section exists for a reason. A short section is fine; a missing section means the skill was not fully thought through. |
352
- | "The process section covers it — no need for explicit success criteria" | Process describes what to do. Success criteria describe how to know it worked. They serve different purposes. |
353
- | "Rationalizations to Reject is meta — this skill does not need it" | This section is required for all user-facing skills, including this one. No exceptions. |
354
- | "I will add examples later once the skill is proven" | Examples are a required section. A skill without examples forces the agent to guess at correct behavior. Write at least one example now. |
355
- | "The When to Use section is obvious from the name" | Negative conditions (when NOT to use) prevent misapplication. The skill name conveys nothing about boundary conditions. |
356
- | "The skill works — I tested it by running it once" | A single happy-path run does not test discipline sections. Write scenarios that trigger Red Flags, Gates, and Rationalizations. A skill that passes happy path but fails discipline scenarios is a trap. |
368
+ | Rationalization | Reality |
369
+ | ----------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
370
+ | "This skill is too simple to need all required sections" | Every section exists for a reason. A short section is fine; a missing section means the skill was not fully thought through. |
371
+ | "The process section covers it — no need for explicit success criteria" | Process describes what to do. Success criteria describe how to know it worked. They serve different purposes. |
372
+ | "Rationalizations to Reject is meta — this skill does not need it" | This section is required for all user-facing skills, including this one. No exceptions. |
373
+ | "I will add examples later once the skill is proven" | Examples are a required section. A skill without examples forces the agent to guess at correct behavior. Write at least one example now. |
374
+ | "The When to Use section is obvious from the name" | Negative conditions (when NOT to use) prevent misapplication. The skill name conveys nothing about boundary conditions. |
375
+ | "The skill works — I tested it by running it once" | A single happy-path run does not test discipline sections. Write scenarios that trigger Red Flags, Gates, and Rationalizations. A skill that passes happy path but fails discipline scenarios is a trap. |
376
+ | "This is an internal skill, so discipline sections are unnecessary" | Agents rationalize skipping steps in internal skills too. Every user-facing skill requires the full discipline stack — no exemptions for internal or simple skills. |
377
+ | "I will copy the Rationalizations from a similar skill and adapt them" | Domain-specific means domain-specific. Copied rationalizations address the source skill's shortcuts, not this skill's. Write fresh entries based on what an agent executing THIS skill would try to skip. |
357
378
 
358
379
  ## Examples
359
380
 
@@ -471,3 +492,17 @@ Tools: Bash, Read, Glob.
471
492
  "Rollback to version [X] failed. Current state: [description].
472
493
  Manual intervention required."
473
494
  ```
495
+
496
+ ## Gates
497
+
498
+ - **No shipping without validation.** `harness skill validate` must pass with zero errors before declaring a skill complete. Validation failures are not warnings — they are hard stops.
499
+ - **No shipping without test scenarios.** Phase 5B is mandatory. A skill without test scenarios that exercise its discipline sections (Red Flags, Gates, Rationalizations) is not complete, even if validation passes.
500
+ - **No placeholder sections.** Every required section must contain substantive content. A `## Rationalizations to Reject` section with generic entries or a `## Gates` section with no conditions is a stub, not a section.
501
+ - **No skipping negative conditions.** The `## When to Use` section must include both positive (when TO use) and negative (when NOT to use) conditions. Missing negatives cause misapplication.
502
+
503
+ ## Escalation
504
+
505
+ - **When you cannot identify domain-specific rationalizations:** The skill's process section is too vague. If you cannot imagine an agent trying to shortcut the process, the process lacks enough prescriptive steps. Revise the process first, then rationalizations will become obvious.
506
+ - **When validation fails on a section you believe is present:** The section heading may not match the expected format exactly. Check for typos, extra whitespace, or wrong heading level.
507
+ - **When the skill spans more than 6 phases:** The skill is doing too much. Propose splitting into two skills with clear handoff points. A skill that tries to cover too many concerns becomes vague in each one.
508
+ - **When you cannot write a test scenario that triggers a Gate:** The Gate condition is too abstract. Revise it to include specific, observable conditions that an agent would encounter.