@hegemonart/get-design-done 1.41.5 → 1.43.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +2 -2
- package/.claude-plugin/plugin.json +1 -1
- package/CHANGELOG.md +1120 -1029
- package/README.md +158 -154
- package/SKILL.md +42 -42
- package/agents/README.md +53 -53
- package/agents/a11y-mapper.md +3 -3
- package/agents/component-benchmark-harvester.md +8 -8
- package/agents/component-benchmark-synthesizer.md +11 -11
- package/agents/component-taxonomy-mapper.md +5 -5
- package/agents/compose-executor.md +25 -25
- package/agents/conflict-resolver.md +8 -8
- package/agents/cost-forecaster.md +12 -12
- package/agents/decision-journal-exporter.md +5 -5
- package/agents/design-advisor.md +19 -19
- package/agents/design-assumptions-analyzer.md +16 -16
- package/agents/design-auditor.md +39 -39
- package/agents/design-authority-watcher.md +28 -28
- package/agents/design-component-generator.md +27 -27
- package/agents/design-context-builder.md +66 -66
- package/agents/design-context-checker-gate.md +5 -5
- package/agents/design-context-checker.md +20 -20
- package/agents/design-discussant.md +23 -23
- package/agents/design-doc-writer.md +12 -12
- package/agents/design-executor.md +38 -38
- package/agents/design-figma-writer.md +31 -31
- package/agents/design-fixer.md +27 -27
- package/agents/design-integration-checker-gate.md +5 -5
- package/agents/design-integration-checker.md +29 -29
- package/agents/design-paper-writer.md +14 -14
- package/agents/design-pattern-mapper.md +9 -9
- package/agents/design-pencil-writer.md +12 -12
- package/agents/design-phase-researcher.md +14 -14
- package/agents/design-plan-checker.md +13 -13
- package/agents/design-planner.md +24 -24
- package/agents/design-reflector.md +48 -48
- package/agents/design-research-synthesizer.md +21 -21
- package/agents/design-start-writer.md +7 -7
- package/agents/design-update-checker.md +8 -8
- package/agents/design-verifier-gate.md +5 -5
- package/agents/design-verifier.md +80 -80
- package/agents/ds-generator.md +14 -14
- package/agents/ds-migration-planner.md +12 -12
- package/agents/email-executor.md +26 -26
- package/agents/experiment-result-ingester.md +10 -10
- package/agents/flutter-executor.md +28 -28
- package/agents/gdd-graph-refresh.md +10 -10
- package/agents/gdd-intel-updater.md +11 -11
- package/agents/gdd-learnings-extractor.md +2 -2
- package/agents/motion-mapper.md +8 -8
- package/agents/motion-verifier.md +16 -16
- package/agents/pdf-executor.md +27 -27
- package/agents/perf-analyzer.md +20 -20
- package/agents/pr-commenter.md +24 -24
- package/agents/prototype-gate.md +29 -29
- package/agents/quality-gate-runner.md +21 -21
- package/agents/rollout-coordinator.md +8 -8
- package/agents/swift-executor.md +41 -41
- package/agents/ticket-sync-agent.md +19 -19
- package/agents/token-mapper.md +6 -6
- package/agents/user-research-synthesizer.md +13 -13
- package/agents/visual-hierarchy-mapper.md +2 -2
- package/dist/claude-code/.claude/skills/add-backlog/SKILL.md +48 -0
- package/dist/claude-code/.claude/skills/analyze-dependencies/SKILL.md +95 -0
- package/dist/claude-code/.claude/skills/apply-reflections/SKILL.md +92 -0
- package/dist/claude-code/.claude/skills/apply-reflections/apply-reflections-procedure.md +170 -0
- package/dist/claude-code/.claude/skills/audit/SKILL.md +79 -0
- package/dist/claude-code/.claude/skills/bandit-status/SKILL.md +94 -0
- package/dist/claude-code/.claude/skills/benchmark/SKILL.md +65 -0
- package/dist/claude-code/.claude/skills/bootstrap-ds/SKILL.md +43 -0
- package/dist/claude-code/.claude/skills/brief/SKILL.md +128 -0
- package/dist/claude-code/.claude/skills/budget/SKILL.md +45 -0
- package/dist/claude-code/.claude/skills/cache-manager/SKILL.md +66 -0
- package/dist/claude-code/.claude/skills/cache-manager/cache-policy.md +126 -0
- package/dist/claude-code/.claude/skills/check-update/SKILL.md +98 -0
- package/dist/claude-code/.claude/skills/compare/SKILL.md +82 -0
- package/dist/claude-code/.claude/skills/compare/compare-rubric.md +171 -0
- package/dist/claude-code/.claude/skills/complete-cycle/SKILL.md +81 -0
- package/dist/claude-code/.claude/skills/connections/SKILL.md +71 -0
- package/dist/claude-code/.claude/skills/connections/connections-onboarding.md +608 -0
- package/dist/claude-code/.claude/skills/continue/SKILL.md +24 -0
- package/dist/claude-code/.claude/skills/darkmode/SKILL.md +76 -0
- package/dist/claude-code/.claude/skills/darkmode/darkmode-audit-procedure.md +258 -0
- package/dist/claude-code/.claude/skills/debug/SKILL.md +41 -0
- package/dist/claude-code/.claude/skills/debug/debug-feedback-loops.md +119 -0
- package/dist/claude-code/.claude/skills/design/SKILL.md +99 -0
- package/dist/claude-code/.claude/skills/design/design-procedure.md +304 -0
- package/dist/claude-code/.claude/skills/discover/SKILL.md +72 -0
- package/dist/claude-code/.claude/skills/discover/discover-procedure.md +222 -0
- package/dist/claude-code/.claude/skills/discuss/SKILL.md +96 -0
- package/dist/claude-code/.claude/skills/do/SKILL.md +45 -0
- package/dist/claude-code/.claude/skills/explore/SKILL.md +105 -0
- package/dist/claude-code/.claude/skills/explore/explore-procedure.md +267 -0
- package/dist/claude-code/.claude/skills/export/SKILL.md +30 -0
- package/dist/claude-code/.claude/skills/extract-learnings/SKILL.md +98 -0
- package/dist/claude-code/.claude/skills/fast/SKILL.md +91 -0
- package/dist/claude-code/.claude/skills/figma-extract/SKILL.md +64 -0
- package/dist/claude-code/.claude/skills/figma-write/SKILL.md +39 -0
- package/dist/claude-code/.claude/skills/graphify/SKILL.md +49 -0
- package/dist/claude-code/.claude/skills/health/SKILL.md +99 -0
- package/dist/claude-code/.claude/skills/health/health-mcp-detection.md +44 -0
- package/dist/claude-code/.claude/skills/health/health-skill-length-report.md +69 -0
- package/dist/claude-code/.claude/skills/help/SKILL.md +87 -0
- package/dist/claude-code/.claude/skills/list-assumptions/SKILL.md +61 -0
- package/dist/claude-code/.claude/skills/locale/SKILL.md +51 -0
- package/dist/claude-code/.claude/skills/map/SKILL.md +89 -0
- package/dist/claude-code/.claude/skills/migrate/SKILL.md +70 -0
- package/dist/claude-code/.claude/skills/new-cycle/SKILL.md +37 -0
- package/dist/claude-code/.claude/skills/new-cycle/milestone-completeness-rubric.md +87 -0
- package/dist/claude-code/.claude/skills/new-project/SKILL.md +53 -0
- package/dist/claude-code/.claude/skills/next/SKILL.md +68 -0
- package/dist/claude-code/.claude/skills/note/SKILL.md +48 -0
- package/dist/claude-code/.claude/skills/openrouter-status/SKILL.md +86 -0
- package/dist/claude-code/.claude/skills/optimize/SKILL.md +97 -0
- package/dist/claude-code/.claude/skills/pause/SKILL.md +77 -0
- package/dist/claude-code/.claude/skills/peer-cli-add/SKILL.md +88 -0
- package/dist/claude-code/.claude/skills/peer-cli-add/peer-cli-protocol.md +161 -0
- package/dist/claude-code/.claude/skills/peer-cli-customize/SKILL.md +90 -0
- package/dist/claude-code/.claude/skills/peers/SKILL.md +96 -0
- package/dist/claude-code/.claude/skills/plan/SKILL.md +105 -0
- package/dist/claude-code/.claude/skills/plan/plan-procedure.md +278 -0
- package/dist/claude-code/.claude/skills/plant-seed/SKILL.md +48 -0
- package/dist/claude-code/.claude/skills/pr-branch/SKILL.md +32 -0
- package/dist/claude-code/.claude/skills/progress/SKILL.md +95 -0
- package/dist/claude-code/.claude/skills/quality-gate/SKILL.md +90 -0
- package/dist/claude-code/.claude/skills/quality-gate/threat-modeling.md +101 -0
- package/dist/claude-code/.claude/skills/quick/SKILL.md +44 -0
- package/dist/claude-code/.claude/skills/reapply-patches/SKILL.md +32 -0
- package/dist/claude-code/.claude/skills/recall/SKILL.md +75 -0
- package/dist/claude-code/.claude/skills/reflect/SKILL.md +85 -0
- package/dist/claude-code/.claude/skills/reflect/procedures/capability-gap-scan.md +120 -0
- package/dist/claude-code/.claude/skills/report-issue/SKILL.md +53 -0
- package/dist/claude-code/.claude/skills/report-issue/report-issue-procedure.md +120 -0
- package/dist/claude-code/.claude/skills/resume/SKILL.md +93 -0
- package/dist/claude-code/.claude/skills/review-backlog/SKILL.md +46 -0
- package/dist/claude-code/.claude/skills/review-decisions/SKILL.md +42 -0
- package/dist/claude-code/.claude/skills/roi/SKILL.md +54 -0
- package/dist/claude-code/.claude/skills/rollout-status/SKILL.md +35 -0
- package/dist/claude-code/.claude/skills/router/SKILL.md +89 -0
- package/dist/claude-code/.claude/skills/router/capability-gap-emitter.md +65 -0
- package/dist/claude-code/.claude/skills/router/router-pick-emitter.md +78 -0
- package/dist/claude-code/.claude/skills/router/router-rules.md +84 -0
- package/dist/claude-code/.claude/skills/scan/SKILL.md +92 -0
- package/dist/claude-code/.claude/skills/scan/scan-procedure.md +732 -0
- package/dist/claude-code/.claude/skills/settings/SKILL.md +87 -0
- package/dist/claude-code/.claude/skills/ship/SKILL.md +48 -0
- package/dist/claude-code/.claude/skills/sketch/SKILL.md +78 -0
- package/dist/claude-code/.claude/skills/sketch-wrap-up/SKILL.md +92 -0
- package/dist/claude-code/.claude/skills/skill-manifest/SKILL.md +79 -0
- package/dist/claude-code/.claude/skills/spike/SKILL.md +67 -0
- package/dist/claude-code/.claude/skills/spike-wrap-up/SKILL.md +86 -0
- package/dist/claude-code/.claude/skills/start/SKILL.md +67 -0
- package/dist/claude-code/.claude/skills/start/start-procedure.md +115 -0
- package/dist/claude-code/.claude/skills/stats/SKILL.md +51 -0
- package/dist/claude-code/.claude/skills/style/SKILL.md +71 -0
- package/dist/claude-code/.claude/skills/style/style-doc-procedure.md +150 -0
- package/dist/claude-code/.claude/skills/synthesize/SKILL.md +94 -0
- package/dist/claude-code/.claude/skills/timeline/SKILL.md +66 -0
- package/dist/claude-code/.claude/skills/todo/SKILL.md +64 -0
- package/dist/claude-code/.claude/skills/turn-closeout/SKILL.md +95 -0
- package/dist/claude-code/.claude/skills/undo/SKILL.md +31 -0
- package/dist/claude-code/.claude/skills/unlock-decision/SKILL.md +54 -0
- package/dist/claude-code/.claude/skills/update/SKILL.md +56 -0
- package/dist/claude-code/.claude/skills/using-gdd/SKILL.md +78 -0
- package/dist/claude-code/.claude/skills/verify/SKILL.md +113 -0
- package/dist/claude-code/.claude/skills/verify/verify-procedure.md +512 -0
- package/dist/claude-code/.claude/skills/warm-cache/SKILL.md +81 -0
- package/dist/claude-code/.claude/skills/watch-authorities/SKILL.md +82 -0
- package/dist/claude-code/.claude/skills/zoom-out/SKILL.md +26 -0
- package/package.json +8 -2
- package/reference/DEPRECATIONS.md +21 -7
- package/reference/STATE-TEMPLATE.md +26 -26
- package/reference/accessibility.md +13 -13
- package/reference/adr-format.md +13 -13
- package/reference/ai-native-tool-interface.md +5 -5
- package/reference/anti-patterns.md +9 -9
- package/reference/architecture-vocabulary.md +31 -31
- package/reference/audit-scoring.md +13 -13
- package/reference/authority-feeds.md +36 -36
- package/reference/bandit-integration.md +25 -25
- package/reference/brand-voice.md +36 -36
- package/reference/capability-gap-stage-gate.md +20 -20
- package/reference/checklists.md +26 -26
- package/reference/cli-localization.md +13 -13
- package/reference/codex-tools.md +2 -2
- package/reference/color-theory.md +28 -28
- package/reference/component-authoring.md +4 -4
- package/reference/components/README.md +13 -13
- package/reference/components/TEMPLATE.md +13 -13
- package/reference/components/accordion.md +15 -15
- package/reference/components/alert.md +25 -25
- package/reference/components/badge.md +18 -18
- package/reference/components/breadcrumbs.md +24 -24
- package/reference/components/button.md +21 -21
- package/reference/components/card.md +13 -13
- package/reference/components/checkbox.md +20 -20
- package/reference/components/chip.md +20 -20
- package/reference/components/command-palette.md +15 -15
- package/reference/components/date-picker.md +22 -22
- package/reference/components/drawer.md +13 -13
- package/reference/components/file-upload.md +22 -22
- package/reference/components/input.md +18 -18
- package/reference/components/label.md +25 -25
- package/reference/components/link.md +19 -19
- package/reference/components/list.md +17 -17
- package/reference/components/menu.md +19 -19
- package/reference/components/modal-dialog.md +16 -16
- package/reference/components/navbar.md +19 -19
- package/reference/components/pagination.md +18 -18
- package/reference/components/popover.md +12 -12
- package/reference/components/progress.md +18 -18
- package/reference/components/radio.md +17 -17
- package/reference/components/rich-text-editor.md +24 -24
- package/reference/components/select-combobox.md +16 -16
- package/reference/components/sidebar.md +15 -15
- package/reference/components/skeleton.md +20 -20
- package/reference/components/slider.md +20 -20
- package/reference/components/stepper.md +24 -24
- package/reference/components/switch.md +19 -19
- package/reference/components/table.md +21 -21
- package/reference/components/tabs.md +11 -11
- package/reference/components/toast.md +19 -19
- package/reference/components/tooltip.md +19 -19
- package/reference/components/tree.md +17 -17
- package/reference/composition.md +38 -38
- package/reference/config-schema.md +37 -37
- package/reference/context-md-format.md +9 -9
- package/reference/contrast-advanced.md +29 -29
- package/reference/conversational-ui.md +17 -17
- package/reference/cost-governance.md +14 -14
- package/reference/css-grid-layout.md +8 -8
- package/reference/cycle-handoff-preamble.md +3 -3
- package/reference/data-visualization.md +67 -67
- package/reference/debugger-philosophy.md +5 -5
- package/reference/design-system-guidance.md +21 -21
- package/reference/design-systems-catalog.md +20 -20
- package/reference/design-variants.md +11 -11
- package/reference/domains/civic-patterns.md +10 -10
- package/reference/domains/finance-patterns.md +9 -9
- package/reference/domains/gaming-patterns.md +9 -9
- package/reference/domains/healthcare-patterns.md +11 -11
- package/reference/ds-bootstrap-rubric.md +13 -13
- package/reference/email-design.md +22 -22
- package/reference/emotional-design.md +10 -10
- package/reference/error-recovery.md +11 -11
- package/reference/export-formats.md +7 -7
- package/reference/figma-sandbox.md +6 -6
- package/reference/first-principles.md +10 -10
- package/reference/form-patterns.md +26 -26
- package/reference/framer-motion-patterns.md +49 -49
- package/reference/gdd-runtime-audit.md +17 -17
- package/reference/gdd-threat-model.md +44 -44
- package/reference/gemini-tools.md +3 -3
- package/reference/gestalt.md +24 -24
- package/reference/heuristics.md +32 -32
- package/reference/i18n.md +44 -44
- package/reference/iconography.md +24 -24
- package/reference/image-optimization.md +14 -14
- package/reference/information-architecture.md +47 -47
- package/reference/intel-schema.md +1 -1
- package/reference/known-failure-modes.md +37 -37
- package/reference/meta-rules.md +5 -5
- package/reference/migrations/material-3-to-4.md +17 -17
- package/reference/migrations/mui-v6.md +16 -16
- package/reference/migrations/shadcn-v2.md +25 -25
- package/reference/migrations/tailwind-v4.md +21 -21
- package/reference/model-prices.md +3 -3
- package/reference/model-tiers.md +40 -40
- package/reference/motion-advanced.md +21 -21
- package/reference/motion-easings.md +29 -29
- package/reference/motion-interpolate.md +1 -1
- package/reference/motion-spring.md +13 -13
- package/reference/motion-transition-taxonomy.md +34 -34
- package/reference/motion.md +31 -31
- package/reference/multi-author-model.md +13 -13
- package/reference/native-platforms.md +28 -28
- package/reference/notification-routing.md +6 -6
- package/reference/onboarding-progressive-disclosure.md +32 -32
- package/reference/openrouter-tier-mapping.md +8 -8
- package/reference/palette-catalog.md +37 -37
- package/reference/parallelism-rules.md +20 -20
- package/reference/peer-cli-capabilities.md +14 -14
- package/reference/peer-protocols.md +21 -21
- package/reference/perf-budget.md +21 -21
- package/reference/performance.md +22 -22
- package/reference/platforms.md +51 -51
- package/reference/pr-review-integration.md +7 -7
- package/reference/prices/antigravity.md +3 -3
- package/reference/prices/augment.md +3 -3
- package/reference/prices/claude.md +2 -2
- package/reference/prices/cline.md +4 -4
- package/reference/prices/codebuddy.md +3 -3
- package/reference/prices/codex.md +2 -2
- package/reference/prices/copilot.md +3 -3
- package/reference/prices/cursor.md +3 -3
- package/reference/prices/gemini.md +2 -2
- package/reference/prices/kilo.md +3 -3
- package/reference/prices/opencode.md +4 -4
- package/reference/prices/qwen.md +2 -2
- package/reference/prices/trae.md +3 -3
- package/reference/prices/windsurf.md +3 -3
- package/reference/prices.openrouter.md +5 -5
- package/reference/print-design.md +36 -36
- package/reference/priority-matrix.md +2 -2
- package/reference/project-skills-guide.md +3 -3
- package/reference/proportion-systems.md +23 -23
- package/reference/pseudonymization-rules.md +30 -30
- package/reference/registry.json +7 -0
- package/reference/retrieval-contract.md +14 -14
- package/reference/review-format.md +7 -7
- package/reference/rollout-coordination.md +10 -10
- package/reference/rtl-cjk-cultural.md +39 -39
- package/reference/runtime-models.md +28 -28
- package/reference/shared-preamble.md +26 -26
- package/reference/skill-authoring-contract.md +16 -16
- package/reference/skill-placeholders.md +71 -0
- package/reference/start-interview.md +10 -10
- package/reference/style-vocabulary.md +25 -25
- package/reference/surfaces.md +4 -4
- package/reference/ticket-sync.md +9 -9
- package/reference/typography.md +64 -64
- package/reference/user-research.md +54 -54
- package/reference/variable-fonts-loading.md +15 -15
- package/reference/visual-hierarchy-layout.md +41 -41
- package/scripts/lib/build/factory.cjs +62 -0
- package/scripts/lib/build/harness-configs.cjs +64 -0
- package/scripts/lib/manifest/prose-denylist.json +1 -1
- package/sdk/cli/commands/build.ts +106 -0
- package/sdk/cli/index.js +84 -2
- package/sdk/cli/index.ts +7 -0
- package/skills/add-backlog/SKILL.md +3 -3
- package/skills/analyze-dependencies/SKILL.md +10 -10
- package/skills/apply-reflections/SKILL.md +13 -13
- package/skills/apply-reflections/apply-reflections-procedure.md +20 -20
- package/skills/audit/SKILL.md +7 -7
- package/skills/bandit-status/SKILL.md +7 -7
- package/skills/benchmark/SKILL.md +7 -7
- package/skills/bootstrap-ds/SKILL.md +10 -10
- package/skills/brief/SKILL.md +20 -20
- package/skills/budget/SKILL.md +4 -4
- package/skills/cache-manager/SKILL.md +6 -6
- package/skills/cache-manager/cache-policy.md +5 -5
- package/skills/check-update/SKILL.md +5 -5
- package/skills/compare/SKILL.md +15 -15
- package/skills/compare/compare-rubric.md +17 -17
- package/skills/complete-cycle/SKILL.md +5 -5
- package/skills/connections/SKILL.md +11 -11
- package/skills/connections/connections-onboarding.md +76 -76
- package/skills/continue/SKILL.md +2 -2
- package/skills/darkmode/SKILL.md +17 -17
- package/skills/darkmode/darkmode-audit-procedure.md +7 -7
- package/skills/debug/SKILL.md +3 -3
- package/skills/debug/debug-feedback-loops.md +12 -12
- package/skills/design/SKILL.md +12 -12
- package/skills/design/design-procedure.md +23 -23
- package/skills/discover/SKILL.md +7 -7
- package/skills/discover/discover-procedure.md +18 -18
- package/skills/discuss/SKILL.md +12 -12
- package/skills/do/SKILL.md +1 -1
- package/skills/explore/SKILL.md +21 -21
- package/skills/explore/explore-procedure.md +48 -48
- package/skills/export/SKILL.md +9 -9
- package/skills/extract-learnings/SKILL.md +5 -5
- package/skills/fast/SKILL.md +7 -7
- package/skills/figma-extract/SKILL.md +11 -11
- package/skills/figma-write/SKILL.md +6 -6
- package/skills/graphify/SKILL.md +4 -4
- package/skills/health/SKILL.md +16 -16
- package/skills/health/health-mcp-detection.md +3 -3
- package/skills/health/health-skill-length-report.md +6 -6
- package/skills/help/SKILL.md +1 -1
- package/skills/list-assumptions/SKILL.md +4 -4
- package/skills/map/SKILL.md +12 -12
- package/skills/migrate/SKILL.md +5 -5
- package/skills/new-cycle/SKILL.md +2 -2
- package/skills/new-cycle/milestone-completeness-rubric.md +16 -16
- package/skills/new-project/SKILL.md +1 -1
- package/skills/next/SKILL.md +5 -5
- package/skills/note/SKILL.md +1 -1
- package/skills/openrouter-status/SKILL.md +4 -4
- package/skills/optimize/SKILL.md +15 -15
- package/skills/pause/SKILL.md +5 -5
- package/skills/peer-cli-add/SKILL.md +11 -11
- package/skills/peer-cli-add/peer-cli-protocol.md +39 -39
- package/skills/peer-cli-customize/SKILL.md +14 -14
- package/skills/peers/SKILL.md +4 -4
- package/skills/plan/SKILL.md +13 -13
- package/skills/plan/plan-procedure.md +24 -24
- package/skills/plant-seed/SKILL.md +4 -4
- package/skills/pr-branch/SKILL.md +2 -2
- package/skills/progress/SKILL.md +15 -15
- package/skills/quality-gate/SKILL.md +22 -22
- package/skills/quality-gate/threat-modeling.md +19 -19
- package/skills/quick/SKILL.md +5 -5
- package/skills/reapply-patches/SKILL.md +7 -7
- package/skills/reflect/SKILL.md +3 -3
- package/skills/reflect/procedures/capability-gap-scan.md +11 -11
- package/skills/report-issue/SKILL.md +5 -5
- package/skills/report-issue/report-issue-procedure.md +27 -27
- package/skills/resume/SKILL.md +9 -9
- package/skills/review-backlog/SKILL.md +3 -3
- package/skills/review-decisions/SKILL.md +3 -3
- package/skills/roi/SKILL.md +5 -5
- package/skills/rollout-status/SKILL.md +4 -4
- package/skills/router/SKILL.md +11 -11
- package/skills/router/capability-gap-emitter.md +6 -6
- package/skills/router/router-pick-emitter.md +9 -9
- package/skills/router/router-rules.md +7 -7
- package/skills/scan/SKILL.md +16 -16
- package/skills/scan/scan-procedure.md +42 -42
- package/skills/settings/SKILL.md +2 -2
- package/skills/ship/SKILL.md +7 -7
- package/skills/sketch/SKILL.md +10 -10
- package/skills/sketch-wrap-up/SKILL.md +12 -12
- package/skills/skill-manifest/SKILL.md +5 -5
- package/skills/spike/SKILL.md +7 -7
- package/skills/spike-wrap-up/SKILL.md +13 -13
- package/skills/start/SKILL.md +8 -8
- package/skills/start/start-procedure.md +9 -9
- package/skills/stats/SKILL.md +5 -5
- package/skills/style/SKILL.md +12 -12
- package/skills/style/style-doc-procedure.md +12 -12
- package/skills/synthesize/SKILL.md +10 -10
- package/skills/timeline/SKILL.md +4 -4
- package/skills/todo/SKILL.md +3 -3
- package/skills/turn-closeout/SKILL.md +10 -10
- package/skills/unlock-decision/SKILL.md +3 -3
- package/skills/update/SKILL.md +9 -9
- package/skills/using-gdd/SKILL.md +17 -17
- package/skills/verify/SKILL.md +13 -13
- package/skills/verify/verify-procedure.md +34 -34
- package/skills/warm-cache/SKILL.md +8 -8
- package/skills/watch-authorities/SKILL.md +9 -9
- package/skills/zoom-out/SKILL.md +4 -4
|
@@ -20,9 +20,9 @@ writes:
|
|
|
20
20
|
|
|
21
21
|
## Role
|
|
22
22
|
|
|
23
|
-
You are the Stage 4.5 gate that runs between `/gdd:design` and `/gdd:verify`. You answer one question: *does this project's own quality tooling pass against the current working tree?* You are NOT a design checker, an a11y checker, or a verifier
|
|
23
|
+
You are the Stage 4.5 gate that runs between `/gdd:design` and `/gdd:verify`. You answer one question: *does this project's own quality tooling pass against the current working tree?* You are NOT a design checker, an a11y checker, or a verifier - you are a thin façade over the project's `lint` / `typecheck` / `test` / visual-regression scripts. Verify refuses entry when those scripts fail.
|
|
24
24
|
|
|
25
|
-
You write exactly two artifacts: the `<quality_gate>` block in `.design/STATE.md`, and lifecycle events to `.design/events.jsonl`. You never block on timeout. You never block on a "skipped" result. You only mark `status="fail"` when the fix loop reaches `max_iters`
|
|
25
|
+
You write exactly two artifacts: the `<quality_gate>` block in `.design/STATE.md`, and lifecycle events to `.design/events.jsonl`. You never block on timeout. You never block on a "skipped" result. You only mark `status="fail"` when the fix loop reaches `max_iters` - even then YOU exit successfully (verify is the consumer that refuses entry).
|
|
26
26
|
|
|
27
27
|
## Configuration
|
|
28
28
|
|
|
@@ -34,57 +34,57 @@ Read once at start from `.design/config.json` (all optional; defaults in parens)
|
|
|
34
34
|
| `quality_gate.timeout_seconds` | `600` | Total wall-clock budget for Step 2. On timeout: warn + proceed (D-07). |
|
|
35
35
|
| `quality_gate.max_iters` | `3` | Hard cap on Step 4 fix-loop iterations. |
|
|
36
36
|
|
|
37
|
-
## Step 1
|
|
37
|
+
## Step 1 - Detection chain (D-06 3-tier fallback)
|
|
38
38
|
|
|
39
39
|
Stop at the first tier that produces ≥ 1 command:
|
|
40
40
|
|
|
41
41
|
1. **Authoritative config.** If `.design/config.json` has `quality_gate.commands` non-empty, use verbatim.
|
|
42
|
-
2. **Auto-detect from `package.json#scripts`**
|
|
42
|
+
2. **Auto-detect from `package.json#scripts`** - match against allowlist: `lint`, `typecheck`, `tsc` (only if `typecheck` absent), `test`, `chromatic`, `test:visual`, `lint:design` (Phase 41 - the `gdd-detect` deterministic anti-pattern gate, alongside `axe`/`pa11y`/`lighthouse`). Exclude by name: `test:e2e`, `test:integration` (if separate `test`), anything starting `dev:`, `build:`, `start:`. Run via `npm run <name>` unless `quality_gate.package_manager` overrides.
|
|
43
43
|
3. **Skip with notice.** Emit `quality_gate_skipped` (Step 6) and write a `<run/>` with `status="skipped"`. Verify treats skipped as non-blocking.
|
|
44
44
|
|
|
45
|
-
## Step 2
|
|
45
|
+
## Step 2 - Parallel run
|
|
46
46
|
|
|
47
|
-
Emit `quality_gate_started`. Spawn each command in a separate `Bash`; collect `{command, exit_code, stdout, stderr}`. Wall-clock budget is `timeout_seconds` (default 600). On timeout: emit `quality_gate_timeout`, mark `status="timeout"`, skip Steps 3–4, proceed to Step 5. Exit successfully
|
|
47
|
+
Emit `quality_gate_started`. Spawn each command in a separate `Bash`; collect `{command, exit_code, stdout, stderr}`. Wall-clock budget is `timeout_seconds` (default 600). On timeout: emit `quality_gate_timeout`, mark `status="timeout"`, skip Steps 3–4, proceed to Step 5. Exit successfully - verify treats timeout as a warn.
|
|
48
48
|
|
|
49
|
-
## Step 3
|
|
49
|
+
## Step 3 - Classification
|
|
50
50
|
|
|
51
51
|
Spawn `quality-gate-runner` agent via `Task` with payload `{outputs: [{command, exit_code, stderr}, ...]}`. Agent returns `{status: "pass"|"fail", classified_failures: {lint, type, test, visual}}`. `pass` → Step 5. `fail` → Step 4.
|
|
52
52
|
|
|
53
|
-
## Step 4
|
|
53
|
+
## Step 4 - Fix loop (D-08)
|
|
54
54
|
|
|
55
55
|
If `iteration >= max_iters`: emit `quality_gate_fail`, mark `status="fail"`, Step 5, exit successfully. Verify-entry refuses on `fail`; YOU do not throw.
|
|
56
56
|
|
|
57
|
-
Else: increment `iteration`, emit `quality_gate_iteration`, spawn `design-fixer` via `Task` with classified failures + original outputs. After fixer returns, restart from Step 2 (re-run all commands
|
|
57
|
+
Else: increment `iteration`, emit `quality_gate_iteration`, spawn `design-fixer` via `Task` with classified failures + original outputs. After fixer returns, restart from Step 2 (re-run all commands - fixes can introduce regressions).
|
|
58
58
|
|
|
59
|
-
## Step 5
|
|
59
|
+
## Step 5 - STATE write
|
|
60
60
|
|
|
61
|
-
Mutate `state.quality_gate.run` to `{started_at, completed_at, status, iteration, commands_run, extra_attrs:{}}`. Persist via `mcp__gdd_state__set_quality_gate` or `apply()` mutator from `sdk/state/mutator.ts`
|
|
61
|
+
Mutate `state.quality_gate.run` to `{started_at, completed_at, status, iteration, commands_run, extra_attrs:{}}`. Persist via `mcp__gdd_state__set_quality_gate` or `apply()` mutator from `sdk/state/mutator.ts` - identical on-disk shape.
|
|
62
62
|
|
|
63
|
-
## Step 6
|
|
63
|
+
## Step 6 - Event emission (D-09)
|
|
64
64
|
|
|
65
|
-
Use `appendEvent` from `sdk/event-stream/index.ts`
|
|
65
|
+
Use `appendEvent` from `sdk/event-stream/index.ts` - persist-first / broadcast-second; never throws on persist path. `ts` / `cycle` / `stage` are stamped by the writer. Six event types (one per lifecycle position):
|
|
66
66
|
|
|
67
67
|
| Event | When | Payload |
|
|
68
68
|
|-------|------|---------|
|
|
69
69
|
| `quality_gate_started` | Step 2 entry, once | `commands`, `timeout_seconds`, `max_iters` |
|
|
70
70
|
| `quality_gate_iteration` | Step 4 retry (iter ≥ 2) | `iteration` |
|
|
71
|
-
| `quality_gate_pass` | Step 3 returned pass
|
|
72
|
-
| `quality_gate_fail` | Step 4 hit `max_iters`
|
|
73
|
-
| `quality_gate_timeout` | Step 2 budget elapsed
|
|
74
|
-
| `quality_gate_skipped` | Step 1 tier 3
|
|
71
|
+
| `quality_gate_pass` | Step 3 returned pass - terminal | `iteration`, `commands_run` |
|
|
72
|
+
| `quality_gate_fail` | Step 4 hit `max_iters` - terminal | `iteration`, `classified_failures` |
|
|
73
|
+
| `quality_gate_timeout` | Step 2 budget elapsed - terminal warn | `unfinished_commands` |
|
|
74
|
+
| `quality_gate_skipped` | Step 1 tier 3 - terminal no-op | `reason` |
|
|
75
75
|
|
|
76
|
-
`appendEvent` swallows persist failures
|
|
76
|
+
`appendEvent` swallows persist failures - events are observability, not correctness. STATE.md (Step 5) is the durable record.
|
|
77
77
|
|
|
78
78
|
## Output
|
|
79
79
|
|
|
80
|
-
Emit one JSON object on stdout: `{status, iteration, commands_run, started_at, completed_at}`. Shell exit code `0` on every terminal status
|
|
80
|
+
Emit one JSON object on stdout: `{status, iteration, commands_run, started_at, completed_at}`. Shell exit code `0` on every terminal status - `fail` included. Verify-entry is the sole consumer that acts on `fail`.
|
|
81
81
|
|
|
82
82
|
## Constraints
|
|
83
83
|
|
|
84
|
-
- Do not prune the command list across iterations
|
|
84
|
+
- Do not prune the command list across iterations - re-run everything in Step 2.
|
|
85
85
|
- Do not spawn `quality-gate-runner` more than once per iteration.
|
|
86
86
|
- Do not read/write any STATE block other than `<quality_gate>` (and `<position>.last_checkpoint`).
|
|
87
|
-
- Do not invoke verify or design
|
|
87
|
+
- Do not invoke verify or design - Stage 4.5 sits strictly between.
|
|
88
88
|
- Exit-code convention: `0` clean; non-zero classified as failure. Do not interpret stderr for pass/fail.
|
|
89
89
|
|
|
90
|
-
For verify-side severity classification (when this gate's `status="fail"` reaches the verify entry gate), see `./threat-modeling.md`
|
|
90
|
+
For verify-side severity classification (when this gate's `status="fail"` reaches the verify entry gate), see `./threat-modeling.md` - STRIDE dispositions are the audit-side framework that informs whether a failed quality gate blocks ship.
|
|
@@ -25,35 +25,35 @@ Apply STRIDE during:
|
|
|
25
25
|
- **Audit pillar runs** when a heuristic flags potential security surface.
|
|
26
26
|
- **Plan-phase risk-register population** when the plan touches user input, network
|
|
27
27
|
endpoints, file IO from user paths, or persisted state.
|
|
28
|
-
- **Threat register on plans that ship new endpoints**
|
|
28
|
+
- **Threat register on plans that ship new endpoints** - assign one of {mitigate, accept,
|
|
29
29
|
transfer} to every identified threat before the plan ships.
|
|
30
30
|
|
|
31
31
|
## STRIDE categories
|
|
32
32
|
|
|
33
33
|
| Letter | Threat | Audit lens |
|
|
34
34
|
|--------|-------------------------|----------------------------------------------------|
|
|
35
|
-
| S | Spoofing | Auth surfaces
|
|
36
|
-
| T | Tampering | Data integrity
|
|
37
|
-
| R | Repudiation | Audit trails / logging
|
|
38
|
-
| I | Information Disclosure | PII / secret leakage
|
|
39
|
-
| D | Denial of Service | Resource exhaustion
|
|
40
|
-
| E | Elevation of Privilege | AuthZ bypass
|
|
35
|
+
| S | Spoofing | Auth surfaces - login, session, token issuance |
|
|
36
|
+
| T | Tampering | Data integrity - write paths, persisted state |
|
|
37
|
+
| R | Repudiation | Audit trails / logging - proof of action |
|
|
38
|
+
| I | Information Disclosure | PII / secret leakage - logs, errors, side channels |
|
|
39
|
+
| D | Denial of Service | Resource exhaustion - unbounded loops, large reads |
|
|
40
|
+
| E | Elevation of Privilege | AuthZ bypass - role checks, capability tokens |
|
|
41
41
|
|
|
42
42
|
## Trust boundaries
|
|
43
43
|
|
|
44
44
|
A trust boundary is a point where untrusted input crosses into trusted code. Identify
|
|
45
|
-
trust boundaries before applying STRIDE
|
|
45
|
+
trust boundaries before applying STRIDE - each boundary is one analysis sweep.
|
|
46
46
|
|
|
47
47
|
Identification heuristics:
|
|
48
48
|
|
|
49
|
-
- **Network ingress**
|
|
50
|
-
- **File reads from user-writable paths**
|
|
49
|
+
- **Network ingress** - HTTP, gRPC, WebSocket, MCP transport, any TCP/UDP listen socket.
|
|
50
|
+
- **File reads from user-writable paths** - uploads, `$HOME` configs, user-supplied paths
|
|
51
51
|
from CLI args, drag-drop.
|
|
52
|
-
- **Subprocess spawns with user-supplied args**
|
|
52
|
+
- **Subprocess spawns with user-supplied args** - `exec`/`spawn` where any argv element
|
|
53
53
|
is reachable from user input (URL params, env vars, config keys).
|
|
54
|
-
- **Deserialization of persisted format**
|
|
54
|
+
- **Deserialization of persisted format** - JSON, YAML, MsgPack, Protobuf, custom
|
|
55
55
|
formats. The deserializer is the boundary, regardless of where the bytes came from.
|
|
56
|
-
- **Third-party SDK callouts**
|
|
56
|
+
- **Third-party SDK callouts** - when gdd hands data to a peer-CLI, the data leaves the
|
|
57
57
|
trust boundary; treat the return path as untrusted on re-entry.
|
|
58
58
|
|
|
59
59
|
## Disposition framework
|
|
@@ -69,7 +69,7 @@ Every identified threat MUST carry a disposition before the plan ships. Three va
|
|
|
69
69
|
| Transfer | Third-party owns the control surface (e.g., the OS, the runtime, a peer's |
|
|
70
70
|
| | sandbox). Document the boundary; do not re-implement the control. |
|
|
71
71
|
|
|
72
|
-
Mitigations on Plan tasks are correctness requirements
|
|
72
|
+
Mitigations on Plan tasks are correctness requirements - the executor applies Rule 2
|
|
73
73
|
(missing critical functionality) if a mitigation disposition is present but the
|
|
74
74
|
implementation lacks the control.
|
|
75
75
|
|
|
@@ -87,15 +87,15 @@ When a plan carries a `<threat_model>` block in its frontmatter, each entry foll
|
|
|
87
87
|
rationale: "<why accept/transfer>" # required when accept/transfer
|
|
88
88
|
```
|
|
89
89
|
|
|
90
|
-
Multiple threats per plan are normal. The disposition column is the
|
|
90
|
+
Multiple threats per plan are normal. The disposition column is the essential field -
|
|
91
91
|
the executor scans it; the verifier scans it.
|
|
92
92
|
|
|
93
93
|
## Cross-references
|
|
94
94
|
|
|
95
|
-
- `./audit-scoring.md`
|
|
96
|
-
- `./anti-patterns.md`
|
|
95
|
+
- `./audit-scoring.md` - design-side audit-scoring rubric; STRIDE is one of its lenses.
|
|
96
|
+
- `./anti-patterns.md` - concrete anti-patterns mapped to STRIDE categories where
|
|
97
97
|
applicable (e.g., `eval`-on-user-input → Tampering + EoP).
|
|
98
|
-
- `./accessibility.md`
|
|
98
|
+
- `./accessibility.md` - accessibility is the orthogonal lens; threat-modeling does not
|
|
99
99
|
cover it.
|
|
100
|
-
- ASVS (OWASP Application Security Verification Standard)
|
|
100
|
+
- ASVS (OWASP Application Security Verification Standard) - external authority for the
|
|
101
101
|
control catalog. Cited in plan threat-registers as `ASVS V<chapter>.<section>`.
|
package/skills/quick/SKILL.md
CHANGED
|
@@ -12,9 +12,9 @@ Fast pipeline run. Skips optional-quality agents for speed while keeping the cor
|
|
|
12
12
|
|
|
13
13
|
## Default skipped agents
|
|
14
14
|
|
|
15
|
-
- `design-phase-researcher`
|
|
16
|
-
- `design-assumptions-analyzer`
|
|
17
|
-
- `design-integration-checker`
|
|
15
|
+
- `design-phase-researcher` - no external research step
|
|
16
|
+
- `design-assumptions-analyzer` - no assumption surfacing
|
|
17
|
+
- `design-integration-checker` - skipped (verifier still runs)
|
|
18
18
|
|
|
19
19
|
## Default kept agents
|
|
20
20
|
|
|
@@ -38,7 +38,7 @@ Fast pipeline run. Skips optional-quality agents for speed while keeping the cor
|
|
|
38
38
|
|
|
39
39
|
## Do Not Use When
|
|
40
40
|
|
|
41
|
-
- First pipeline run in a new project
|
|
42
|
-
- Large or cross-cutting changes
|
|
41
|
+
- First pipeline run in a new project - use the full pipeline.
|
|
42
|
+
- Large or cross-cutting changes - skip risks are higher.
|
|
43
43
|
|
|
44
44
|
## QUICK COMPLETE
|
|
@@ -12,16 +12,16 @@ Re-applies user customizations to `reference/*.md` files after `/gdd:update` res
|
|
|
12
12
|
|
|
13
13
|
## Steps
|
|
14
14
|
|
|
15
|
-
1. **Detect baseline**
|
|
16
|
-
2. **Generate diffs**
|
|
17
|
-
3. **Review patches**
|
|
18
|
-
4. **Apply**
|
|
19
|
-
5. **Refresh baseline**
|
|
20
|
-
6. **Dry-run**
|
|
15
|
+
1. **Detect baseline** - check for `.gdd-baseline/reference/`. If it does not exist, warn the user and offer to initialize it from the current `reference/` state (no diffs will be generated on this run; the next `/gdd:update` will use the new baseline).
|
|
16
|
+
2. **Generate diffs** - for each `reference/*.md`, run `git diff --no-index .gdd-baseline/reference/<file> reference/<file>` (or plain `diff -u`). Non-empty diffs are candidate user patches.
|
|
17
|
+
3. **Review patches** - for each non-empty diff, print the hunk and ask: `Apply this customization to the updated reference/<file>? (yes/no/view)`. `view` shows the full diff; `yes` queues the patch; `no` skips it.
|
|
18
|
+
4. **Apply** - for each confirmed patch, apply it with `patch -p0` or with a targeted `Edit` call. Log every applied patch.
|
|
19
|
+
5. **Refresh baseline** - after applying, copy the current `reference/*.md` tree into `.gdd-baseline/reference/` to record the new pristine-for-this-user state.
|
|
20
|
+
6. **Dry-run** - if `--dry-run` is passed, perform steps 1–3 but do not apply patches or refresh the baseline.
|
|
21
21
|
|
|
22
22
|
## Design note
|
|
23
23
|
|
|
24
|
-
`.gdd-baseline/` is per-install and user-local. It must be gitignored by the host project
|
|
24
|
+
`.gdd-baseline/` is per-install and user-local. It must be gitignored by the host project - it is never committed to the plugin repo.
|
|
25
25
|
|
|
26
26
|
## Output
|
|
27
27
|
|
package/skills/reflect/SKILL.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: gdd-reflect
|
|
3
|
-
description: "Run design-reflector on demand
|
|
3
|
+
description: "Run design-reflector on demand - produces .design/reflections/<cycle-slug>.md with improvement proposals. Review proposals with /gdd:apply-reflections."
|
|
4
4
|
argument-hint: "[--dry-run] [--cycle <slug>]"
|
|
5
5
|
tools: Read, Write, Task
|
|
6
6
|
---
|
|
@@ -9,7 +9,7 @@ tools: Read, Write, Task
|
|
|
9
9
|
|
|
10
10
|
# /gdd:reflect
|
|
11
11
|
|
|
12
|
-
Run `design-reflector` on demand against the current (or specified) cycle. Produces `.design/reflections/<cycle-slug>.md` with numbered improvement proposals. Every proposal requires explicit user review
|
|
12
|
+
Run `design-reflector` on demand against the current (or specified) cycle. Produces `.design/reflections/<cycle-slug>.md` with numbered improvement proposals. Every proposal requires explicit user review - nothing is auto-applied.
|
|
13
13
|
|
|
14
14
|
## Steps
|
|
15
15
|
|
|
@@ -81,5 +81,5 @@ Run `design-reflector` on demand against the current (or specified) cycle. Produ
|
|
|
81
81
|
|
|
82
82
|
- Do not auto-apply any proposal.
|
|
83
83
|
- Do not modify agent files, reference files, or budget.json.
|
|
84
|
-
- Do not run the full audit pipeline
|
|
84
|
+
- Do not run the full audit pipeline - this is a standalone reflection run.
|
|
85
85
|
- Do not bypass the threshold knob. The default `reflector.capability_gap_threshold: 3` exists to suppress noise; do NOT lower it below 1.
|
|
@@ -6,9 +6,9 @@ Run during the reflection pass to detect recurring patterns lacking a dedicated
|
|
|
6
6
|
|
|
7
7
|
Three signal sources are scanned. All paths are repo-relative; the scan tolerates absent sources (returns `[]` from that source, no error):
|
|
8
8
|
|
|
9
|
-
- `.design/intel/*.md`
|
|
10
|
-
- `.design/telemetry/posterior.json`
|
|
11
|
-
- `.design/gep/events.jsonl`
|
|
9
|
+
- `.design/intel/*.md` - Phase 11 intel-store slice files. The scan extracts `Touches:` lines, tokenizes the comma-separated value, and clusters slices that share the same canonical `(sortedTouches, agent_type)` signal.
|
|
10
|
+
- `.design/telemetry/posterior.json` - Phase 23.5 bandit posterior file written by `scripts/lib/bandit-router.cjs`. The scan reads `arms[]` and flags arms whose `count >= threshold` AND whose `agent` is in `GENERIC_AGENT_FALLBACKS` (`general-purpose`, `default-executor`, `fallback`, `generic`) OR is not in the project's specialized-agent set.
|
|
11
|
+
- `.design/gep/events.jsonl` - Phase 22 typed-causal event chain via `scripts/lib/event-chain.cjs`. The scan filters rows to the last `windowDays` (default 30), groups by `(sortedDecisionRefs, agent)`, and flags sequences that recur ≥ threshold times.
|
|
12
12
|
|
|
13
13
|
## Outputs
|
|
14
14
|
|
|
@@ -29,11 +29,11 @@ The orchestrator `runCapabilityGapScan(opts)` in `scripts/lib/reflector/capabili
|
|
|
29
29
|
|
|
30
30
|
Key entry points (all exported from the module):
|
|
31
31
|
|
|
32
|
-
- `computeContextHash({touches, agent_type})`
|
|
32
|
+
- `computeContextHash({touches, agent_type})` - pure deterministic hash (sha256 of normalized JSON; touches are sorted ASCII-asc).
|
|
33
33
|
- `scanIntelTouchesClusters({intelDir, existingAgents, threshold, baseDir})`
|
|
34
34
|
- `scanPosteriorArms({posteriorPath, specializedAgents, threshold, baseDir})`
|
|
35
35
|
- `scanTrajectorySlices({chainPath, windowDays, threshold, specializedAgents, baseDir})`
|
|
36
|
-
- `runCapabilityGapScan(opts)`
|
|
36
|
+
- `runCapabilityGapScan(opts)` - orchestrator.
|
|
37
37
|
|
|
38
38
|
The `context_hash` is the join key for Plan 29-03's aggregation: the same signal across runs produces the same hash regardless of touches-list ordering.
|
|
39
39
|
|
|
@@ -82,7 +82,7 @@ interface TrajectoryRef {
|
|
|
82
82
|
}
|
|
83
83
|
```
|
|
84
84
|
|
|
85
|
-
Internally, the scan carries a line-based `{path, lineStart, lineEnd, sha256}` shape on each `Finding.evidence_refs`. The `lineRefToTrajectoryRef` translator converts to the schema shape at emit time. The sha256 algorithm: read lines `[lineStart..lineEnd]` (1-based inclusive), join with `'\n'` (no trailing newline
|
|
85
|
+
Internally, the scan carries a line-based `{path, lineStart, lineEnd, sha256}` shape on each `Finding.evidence_refs`. The `lineRefToTrajectoryRef` translator converts to the schema shape at emit time. The sha256 algorithm: read lines `[lineStart..lineEnd]` (1-based inclusive), join with `'\n'` (no trailing newline - stable across OSes), sha256 the UTF-8 bytes.
|
|
86
86
|
|
|
87
87
|
Consumers (Plan 29-03 + audit tooling) re-read the slice and recompute the hash; mismatch = chain mutation; abort + warn.
|
|
88
88
|
|
|
@@ -98,7 +98,7 @@ Without `--dry-run`, the CLI writes events to the chain file and prints a one-li
|
|
|
98
98
|
|
|
99
99
|
## Testing
|
|
100
100
|
|
|
101
|
-
Tests live at `tests/reflector-capability-gap.test.cjs` and run on synthetic in-tmpdir fixtures only (D-11
|
|
101
|
+
Tests live at `tests/reflector-capability-gap.test.cjs` and run on synthetic in-tmpdir fixtures only (D-11 - no live writes to real `.design/`). Each test passes an injected `emit` spy so no real `appendChainEvent` calls occur. The hash-pin mutation-detection regression is enforced by a dedicated test: re-read the pointed-to slice, recompute the sha256, and assert mismatch after the source file is mutated.
|
|
102
102
|
|
|
103
103
|
Run the tests directly:
|
|
104
104
|
|
|
@@ -114,7 +114,7 @@ npm test
|
|
|
114
114
|
|
|
115
115
|
## See also
|
|
116
116
|
|
|
117
|
-
- `reference/schemas/events.schema.json`
|
|
118
|
-
- `scripts/lib/event-chain.cjs`
|
|
119
|
-
- `scripts/lib/bandit-router.cjs`
|
|
120
|
-
- `.planning/phases/29-capability-gap-self-authoring/CONTEXT.md`
|
|
117
|
+
- `reference/schemas/events.schema.json` - the `capability_gap` event class shipped by Plan 29-01 (the 7-field shape + `TrajectoryRef` definition).
|
|
118
|
+
- `scripts/lib/event-chain.cjs` - `appendChainEvent` (the real emitter API; 29-01 did NOT ship a separate helper file).
|
|
119
|
+
- `scripts/lib/bandit-router.cjs` - Phase 23.5 posterior file producer (the source for scan #2).
|
|
120
|
+
- `.planning/phases/29-capability-gap-self-authoring/CONTEXT.md` - phase decisions (D-02 7-field shape, D-07 hash-pinning, D-08 MCP carve-out, D-11 tmpdir tests).
|
|
@@ -11,14 +11,14 @@ Local-first, consent-gated GitHub issue reporter. No auto-mode. Destination repo
|
|
|
11
11
|
|
|
12
12
|
## Pre-flight
|
|
13
13
|
|
|
14
|
-
If invoked without an error context (the user just typed `/gdd:report-issue` cold), ask in one round-trip: *"What command failed and what was the error?"* Capture command name + a paraphrase of the error. Don't interrogate
|
|
14
|
+
If invoked without an error context (the user just typed `/gdd:report-issue` cold), ask in one round-trip: *"What command failed and what was the error?"* Capture command name + a paraphrase of the error. Don't interrogate - one short answer is enough to feed the triage matcher.
|
|
15
15
|
|
|
16
16
|
## Steps
|
|
17
17
|
|
|
18
18
|
0. **Kill-switch** (D-08). Call `isDisabled()` from `scripts/lib/issue-reporter/kill-switch.cjs` FIRST. Either env (`GDD_DISABLE_ISSUE_REPORTER=1`) OR config (`.design/config.json` with `{ "issue_reporter": false }`) makes the command unavailable. Surface the disable line via `getDisableReason()` ('env' wins when both set) and stop. No draft, no triage, no payload. `gsd-health` mirrors the same line for at-a-glance verification.
|
|
19
19
|
1. **Triage**. Call `matchKnownFailure(errorContext)` from `scripts/lib/issue-reporter/triage-matcher.cjs` (Plan 30-03). If `matched === true` and `--force-report` is NOT set: print the suggested diagnosis + remedy, stop. Do NOT write a draft. (D-07)
|
|
20
20
|
2. **Assemble**. Call `assemble(commandName, errorContext, trajectoryRef?, capabilityGapEvent?)` from `scripts/lib/issue-reporter/payload-assembly.cjs` (Plan 30-02). This layers Phase 22 redact → Phase 30 pseudonymize, computes the fingerprint, and renders bilingual disclaimer + sections.
|
|
21
|
-
3. **Draft**. Call `writeDraft({title, body, fingerprint})` from `scripts/lib/issue-reporter/draft-writer.cjs`. Print the absolute path: `Draft written to .design/issue-drafts/<timestamp>-<fp8>.md`. The file persists across decline
|
|
21
|
+
3. **Draft**. Call `writeDraft({title, body, fingerprint})` from `scripts/lib/issue-reporter/draft-writer.cjs`. Print the absolute path: `Draft written to .design/issue-drafts/<timestamp>-<fp8>.md`. The file persists across decline - the user keeps their work either way. (D-04)
|
|
22
22
|
4. **Dedup** (D-06). Call `searchByFingerprint(fingerprint, {destination})` from `scripts/lib/issue-reporter/dedup.cjs`. If `degraded === true` show a one-line warning and fall through to Step 5. If `matches.length === 0` fall through to Step 5 unchanged. If `matches.length >= 1` render the dedup UI listing each `{number,title,url}` with three actions per match: **`+1`** → `react(n, {destination})` (no new issue, D-06), **`me-too`** → `commentMeToo(n, {destination, errorContext, runtime, pluginVersion})` body is EXACTLY 3 fields (last error line, runtime, plugin version) from the ALREADY-pseudonymized 30-02 pipeline (D-01), **`new`** → fall through to Step 5 with the prepared draft despite the match.
|
|
23
23
|
5. **Edit**. If `$EDITOR` is set, the consent prompt opens it on the draft and blocks until exit. Otherwise the path is printed and the user can open it manually. `EDITOR` is the only env var the report flow reads.
|
|
24
24
|
6. **Consent**. Call `promptConsent({draftPath})` from `scripts/lib/issue-reporter/consent-prompt.cjs`. Re-reads the (possibly edited) draft from disk, prints a summary, asks `Submit this issue to hegemonart/get-design-done? [y/N]`. Anything other than `y`/`yes` declines. (D-03)
|
|
@@ -29,7 +29,7 @@ If invoked without an error context (the user just typed `/gdd:report-issue` col
|
|
|
29
29
|
|
|
30
30
|
## Use through `--report`
|
|
31
31
|
|
|
32
|
-
Whitelisted to specific commands via `scripts/lib/issue-reporter/cli-flag-report.cjs`. Only `gdd:plan-phase`, `gdd:execute-phase`, and `gdd:report-issue` itself install the flag
|
|
32
|
+
Whitelisted to specific commands via `scripts/lib/issue-reporter/cli-flag-report.cjs`. Only `gdd:plan-phase`, `gdd:execute-phase`, and `gdd:report-issue` itself install the flag - and only when `reference/known-failure-modes.md` has at least one `propose_report: true` entry. Non-whitelisted commands silently do not see the flag. (D-11)
|
|
33
33
|
|
|
34
34
|
## Use through `--force-report`
|
|
35
35
|
|
|
@@ -44,10 +44,10 @@ Available on `/gdd:report-issue`. Overrides the triage gate (Step 1) but does NO
|
|
|
44
44
|
|
|
45
45
|
## Troubleshooting
|
|
46
46
|
|
|
47
|
-
- **`gh` not authenticated.** The submission step fails with a clear error pointing to the draft path. Run `gh auth login` and re-invoke `/gdd:report-issue`
|
|
47
|
+
- **`gh` not authenticated.** The submission step fails with a clear error pointing to the draft path. Run `gh auth login` and re-invoke `/gdd:report-issue` - the draft survives.
|
|
48
48
|
- **No `EDITOR` set.** The path is printed; open it in whatever editor you prefer, save, then return to the consent prompt.
|
|
49
49
|
- **Triage matched something irrelevant.** Pass `--force-report` to bypass the gate. Consent is still required.
|
|
50
50
|
- **`gh` not installed (D-10).** After consent, the payload is copied to your clipboard and an issue-template URL is printed. Paste into the URL to file manually. Install `gh` later and the existing draft can be re-submitted.
|
|
51
|
-
- **Command unavailable / disabled (D-08).** Run `gsd-health`. The `issue reporter:` line shows the active disable surface
|
|
51
|
+
- **Command unavailable / disabled (D-08).** Run `gsd-health`. The `issue reporter:` line shows the active disable surface - either `disabled by env (GDD_DISABLE_ISSUE_REPORTER=1)` or `disabled by config (.design/config.json: issue_reporter=false)`. Unset the env var or flip the config key to re-enable.
|
|
52
52
|
|
|
53
53
|
See [report-issue-procedure.md](./report-issue-procedure.md) for the full procedure with rationale per decision (D-02, D-03, D-04, D-05, D-07, D-11).
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# `/gdd:report-issue`
|
|
1
|
+
# `/gdd:report-issue` - Full Procedure
|
|
2
2
|
|
|
3
3
|
Long-form companion to [SKILL.md](./SKILL.md). Phase 28.5 keeps SKILL.md ≤100 lines; step-by-step + rationale live here.
|
|
4
4
|
|
|
@@ -9,32 +9,32 @@ The report flow is the only outbound path the plugin offers. Every byte leaving
|
|
|
9
9
|
1. has been redacted for secrets (Phase 22 `redact.cjs`),
|
|
10
10
|
2. has been pseudonymized for identity (Plan 30-01 `pseudonymize.cjs`),
|
|
11
11
|
3. has been written to disk where the user can read it,
|
|
12
|
-
4. has cleared a pre-submit dedup check against the destination repo (Plan 30-05)
|
|
12
|
+
4. has cleared a pre-submit dedup check against the destination repo (Plan 30-05) - `+1` and `me-too` on a matching existing issue NEVER spawn a duplicate (D-06),
|
|
13
13
|
5. has been read back from disk after the user closed the editor, and
|
|
14
14
|
6. has cleared an explicit per-issue `y/N` prompt.
|
|
15
15
|
|
|
16
16
|
No environment variable, command-line flag, or build configuration bypasses any of these steps. Two test layers enforce this:
|
|
17
17
|
|
|
18
|
-
- **Static** (`tests/report-issue-destination-static.test.cjs`, `tests/report-issue-no-auto-submit-static.test.cjs`)
|
|
19
|
-
- **Runtime** (`tests/report-issue.test.cjs`)
|
|
18
|
+
- **Static** (`tests/report-issue-destination-static.test.cjs`, `tests/report-issue-no-auto-submit-static.test.cjs`) - fail the build on any forbidden code pattern in `skills/report-issue/` or `scripts/lib/issue-reporter/`.
|
|
19
|
+
- **Runtime** (`tests/report-issue.test.cjs`) - 26 cases proving the orchestrator threads consent + persistence + edit-before-submit + triage + hardcoded destination + flag whitelist.
|
|
20
20
|
|
|
21
21
|
## Steps
|
|
22
22
|
|
|
23
|
-
### Step 1
|
|
23
|
+
### Step 1 - Triage gate (D-07)
|
|
24
24
|
|
|
25
25
|
`matchKnownFailure(errorContext)` regex-matches `error.message + error.stack` against `reference/known-failure-modes.md`. If matched, prints diagnosis + remedy and exits without writing a draft. `--force-report` overrides the gate but does NOT override consent.
|
|
26
26
|
|
|
27
|
-
### Step 2
|
|
27
|
+
### Step 2 - Assemble payload (D-01)
|
|
28
28
|
|
|
29
29
|
`assemble(commandName, errorContext, trajectoryRef?, capabilityGapEvent?)` returns markdown. Order is locked: redact → pseudonymize (Case 9 of 30-02 enforces). Bilingual disclaimer at top: "Это псевдонимизация, не анонимизация" / "This is pseudonymization, not anonymization." Fingerprint computed on the scrubbed stack so the same bug from different cwd's hashes the same.
|
|
30
30
|
|
|
31
|
-
### Step 3
|
|
31
|
+
### Step 3 - Write draft (D-04)
|
|
32
32
|
|
|
33
|
-
`writeDraft({title, body, fingerprint})` writes to `.design/issue-drafts/<YYYYMMDDTHHMMSSZ>-<fp8>.md`. The file has a small HTML-comment header (timestamp, destination, full fingerprint) so a future maintainer with a corrupted-looking draft can reconstruct provenance. The file is NOT deleted on decline
|
|
33
|
+
`writeDraft({title, body, fingerprint})` writes to `.design/issue-drafts/<YYYYMMDDTHHMMSSZ>-<fp8>.md`. The file has a small HTML-comment header (timestamp, destination, full fingerprint) so a future maintainer with a corrupted-looking draft can reconstruct provenance. The file is NOT deleted on decline - the user keeps their work.
|
|
34
34
|
|
|
35
|
-
### Step 4
|
|
35
|
+
### Step 4 - Pre-submit dedup (D-06)
|
|
36
36
|
|
|
37
|
-
`scripts/lib/issue-reporter/dedup.cjs` exports `searchByFingerprint(fingerprint, {destination})` which spawns `gh issue list --search "fingerprint:<hash>" --json number,title,url --repo <destination>` (read-only). Resolves `{matches: [...], degraded?, reason?}`
|
|
37
|
+
`scripts/lib/issue-reporter/dedup.cjs` exports `searchByFingerprint(fingerprint, {destination})` which spawns `gh issue list --search "fingerprint:<hash>" --json number,title,url --repo <destination>` (read-only). Resolves `{matches: [...], degraded?, reason?}` - NEVER throws on gh failure.
|
|
38
38
|
|
|
39
39
|
Routing:
|
|
40
40
|
|
|
@@ -42,18 +42,18 @@ Routing:
|
|
|
42
42
|
- `matches.length >= 1` → render the dedup UI listing each `{number, title, url}` with three actions per match:
|
|
43
43
|
|
|
44
44
|
- **`+1`** → `react(n, {destination})` spawns `gh api -X POST /repos/<destination>/issues/<n>/reactions -f content=+1`. Resolves `{ok:true}`; exits the report flow on success ("reaction recorded on #<n>"). **NO new issue is created** (D-06).
|
|
45
|
-
- **`me-too`** → `commentMeToo(n, {destination, errorContext, runtime, pluginVersion})` spawns `gh issue comment <n> --repo <destination> --body <body>`. The body contains EXACTLY three fields (`Last error:`, `Runtime:`, `Plugin version:`)
|
|
45
|
+
- **`me-too`** → `commentMeToo(n, {destination, errorContext, runtime, pluginVersion})` spawns `gh issue comment <n> --repo <destination> --body <body>`. The body contains EXACTLY three fields (`Last error:`, `Runtime:`, `Plugin version:`) - nothing more (negative-presence tested). `errorContext.lastErrorLine` is the ALREADY-pseudonymized last error line from 30-02's payload pipeline (D-01); dedup.cjs does NOT re-derive raw stderr. Exits the report flow on success ("comment added to #<n>"). **NO new issue is created** (D-06).
|
|
46
46
|
- **`new`** → fall through to Step 5 with the prepared draft despite the match (user explicitly opted to force a new issue).
|
|
47
47
|
|
|
48
|
-
`+1` and `me-too` failures (auth/network/rate) propagate as rejected promises with annotated `.reason` so the caller can offer retry/cancel
|
|
48
|
+
`+1` and `me-too` failures (auth/network/rate) propagate as rejected promises with annotated `.reason` so the caller can offer retry/cancel - they do NOT silently fall back to creating a new issue (that would defeat dedup intent).
|
|
49
49
|
|
|
50
50
|
Wiring: `runReportFlow` calls `options.dedupCheck({fingerprint, title})` BEFORE the consent prompt (`report-flow.cjs` STEP 4). The skill drives the `+1`/`me-too`/`new` UI by passing a `dedupCheck` callback that wraps `searchByFingerprint` + the `react`/`commentMeToo` calls. Returning truthy `existing` from the callback short-circuits `runReportFlow` to `{submitted:false, reason:'duplicate'}`. Returning falsy continues to Step 5.
|
|
51
51
|
|
|
52
|
-
### Step 5
|
|
52
|
+
### Step 5 - Edit (optional)
|
|
53
53
|
|
|
54
54
|
If `$EDITOR` is set, `promptConsent` spawns it on the draft path and blocks until exit. Otherwise the user opens it manually. `EDITOR` is a POSIX convention (git, crontab, gh all use it); the static-grep test only forbids env-var reads matching `/REPORT|ISSUE|AUTO_REPORT/i`.
|
|
55
55
|
|
|
56
|
-
### Step 6
|
|
56
|
+
### Step 6 - Consent prompt (D-03)
|
|
57
57
|
|
|
58
58
|
The single submission gate for the new-issue path. Three preconditions must hold:
|
|
59
59
|
|
|
@@ -63,9 +63,9 @@ The single submission gate for the new-issue path. Three preconditions must hold
|
|
|
63
63
|
|
|
64
64
|
The function prints a summary (destination, draft path, title, first 10 body lines), asks `Submit this issue to hegemonart/get-design-done? [y/N]` via `readline`, treats anything other than `y`/`yes` (case-insensitive, trimmed) as decline, and **re-reads the draft from disk** so user edits in Step 5 are picked up.
|
|
65
65
|
|
|
66
|
-
(The `+1` / `me-too` paths from Step 4 do NOT pass through this consent prompt
|
|
66
|
+
(The `+1` / `me-too` paths from Step 4 do NOT pass through this consent prompt - selecting either action in the dedup UI IS the explicit consent for that minimal interaction. The new-issue path always passes through this prompt.)
|
|
67
67
|
|
|
68
|
-
### Step 7
|
|
68
|
+
### Step 7 - Submit via `gh` (D-05 + D-02)
|
|
69
69
|
|
|
70
70
|
`submitViaGh({title, body})` spawns:
|
|
71
71
|
|
|
@@ -73,7 +73,7 @@ The function prints a summary (destination, draft path, title, first 10 body lin
|
|
|
73
73
|
gh issue create --repo hegemonart/get-design-done --title <title> --body-file <tmp/body.md>
|
|
74
74
|
```
|
|
75
75
|
|
|
76
|
-
Body is written to a tmp file to avoid arg-length and shell-escaping. URL parsed from stdout. No HTTPS, no fetch, no third-party packages
|
|
76
|
+
Body is written to a tmp file to avoid arg-length and shell-escaping. URL parsed from stdout. No HTTPS, no fetch, no third-party packages - only the user's `gh` CLI with their credentials.
|
|
77
77
|
|
|
78
78
|
## The `--report` flag (D-11)
|
|
79
79
|
|
|
@@ -92,8 +92,8 @@ Body is written to a tmp file to avoid arg-length and shell-escaping. URL parsed
|
|
|
92
92
|
| Runtime consent | Only `y`/`yes` accepted | C1..C3, U3 |
|
|
93
93
|
| Runtime re-read | `promptConsent` re-reads draft before returning final body | E1, E2 |
|
|
94
94
|
| Runtime destination | `submitViaGh` always passes `--repo hegemonart/get-design-done` | H1 |
|
|
95
|
-
| Dedup destination | `dedup.cjs` accepts `destination` only as a parameter
|
|
96
|
-
| Dedup body shape | `buildMeTooBody` returns EXACTLY 3 lines (`Last error:` / `Runtime:` / `Plugin version:`)
|
|
95
|
+
| Dedup destination | `dedup.cjs` accepts `destination` only as a parameter - no env/config lookup (D-02) | `issue-reporter-dedup.test.cjs` test 11 |
|
|
96
|
+
| Dedup body shape | `buildMeTooBody` returns EXACTLY 3 lines (`Last error:` / `Runtime:` / `Plugin version:`) - no stack/path/env/cmd (D-06) | tests 5 + 6 (verbatim + negative-presence) |
|
|
97
97
|
| Dedup network | `dedup.cjs` imports only `child_process`; no outbound URL literals, no global fetch primitive, no third-party HTTP client libraries (D-05) | 30-07 static-grep gate |
|
|
98
98
|
| Dedup test hermeticity | No live `gh` calls in CI; injected spawn spy + traced `child_process.spawnSync` counter assert 0 real invocations (D-13) | `issue-reporter-dedup.test.cjs` test 10 |
|
|
99
99
|
| Dedup pseudonymization | `me-too` body uses the ALREADY-pseudonymized `errorContext.lastErrorLine` from 30-02's pipeline; dedup.cjs does NOT re-derive raw stderr (D-01) | dedup test "commentMeToo passes pseudonymized lastErrorLine through to gh body" |
|
|
@@ -103,18 +103,18 @@ Body is written to a tmp file to avoid arg-length and shell-escaping. URL parsed
|
|
|
103
103
|
- **`gh` not authenticated**: submission throws with status + stderr; draft path preserved. Run `gh auth login`, retry. (T-30-04-08 accepted)
|
|
104
104
|
- **`EDITOR` spawns wrong tool**: set `EDITOR=<your-editor>` in shell rc.
|
|
105
105
|
- **Triage matched something irrelevant**: pass `--force-report`. Consent still required.
|
|
106
|
-
- **TTY refused (CI / non-interactive)**: by design
|
|
106
|
+
- **TTY refused (CI / non-interactive)**: by design - run locally. (T-30-04-05 mitigated)
|
|
107
107
|
- **No `--report` flag on a command you expected**: not on the whitelist; file an issue via this flow describing the use case.
|
|
108
108
|
|
|
109
109
|
## Forward-looking hooks
|
|
110
110
|
|
|
111
|
-
- **Plan 30-05** *(landed)*
|
|
112
|
-
- **Plan 30-06** *(landed)*
|
|
113
|
-
- **Plan 30-07** ships the network-isolation CI gate. Plans 30-04 and 30-05 already meet the invariant (no outbound URL literals, no global fetch primitive, no third-party HTTP client libraries
|
|
111
|
+
- **Plan 30-05** *(landed)* - `scripts/lib/issue-reporter/dedup.cjs` wires `options.dedupCheck` to `gh issue list --search "fingerprint:<hash>"`. The skill drives the `+1` / `me-too` / `new` UI by passing a `dedupCheck` callback that wraps `searchByFingerprint` + `react` + `commentMeToo`. The hook in `runReportFlow` now runs BEFORE consent (per D-06).
|
|
112
|
+
- **Plan 30-06** *(landed)* - `scripts/lib/issue-reporter/kill-switch.cjs` adds the D-08 dual-surface disable check (`GDD_DISABLE_ISSUE_REPORTER=1` env OR `.design/config.json: { "issue_reporter": false }` config). `runReportFlow` calls `isDisabled()` as **Step 0**, BEFORE triage and any draft writing - when disabled, returns `{ submitted:false, reason:'disabled', surface:'env'|'config', message }`. `scripts/lib/issue-reporter/gh-absent-fallback.cjs` adds the D-10 clipboard+URL path (pbcopy / wl-copy → xclip / clip.exe) - invoked after consent when `detectGh()` returns false. `scripts/lib/gsd-health-mirror/index.cjs` mirrors the disable surface as a 5th health check; output is exactly one of: `issue reporter: enabled` / `issue reporter: disabled by env (GDD_DISABLE_ISSUE_REPORTER=1)` / `issue reporter: disabled by config (.design/config.json: issue_reporter=false)`. Tests at `tests/issue-reporter-fallback.test.cjs` (15 cases). Env wins precedence when both flags are set (matches gsd-health display).
|
|
113
|
+
- **Plan 30-07** ships the network-isolation CI gate. Plans 30-04 and 30-05 already meet the invariant (no outbound URL literals, no global fetch primitive, no third-party HTTP client libraries - see `tests/issue-reporter-network-isolation.test.cjs` for the enforced forbidden-token list); the gate locks it in.
|
|
114
114
|
|
|
115
115
|
## References
|
|
116
116
|
|
|
117
|
-
- [SKILL.md](./SKILL.md)
|
|
118
|
-
- `reference/pseudonymization-rules.md`
|
|
119
|
-
- `reference/known-failure-modes.md`
|
|
120
|
-
- `.planning/phases/30-issue-reporter/CONTEXT.md`
|
|
117
|
+
- [SKILL.md](./SKILL.md) - entry contract.
|
|
118
|
+
- `reference/pseudonymization-rules.md` - full R1..R8 rule catalog (Plan 30-01).
|
|
119
|
+
- `reference/known-failure-modes.md` - triage catalogue (Plan 30-03).
|
|
120
|
+
- `.planning/phases/30-issue-reporter/CONTEXT.md` - phase decisions D-01..D-15.
|
package/skills/resume/SKILL.md
CHANGED
|
@@ -13,9 +13,9 @@ disable-model-invocation: true
|
|
|
13
13
|
|
|
14
14
|
Inverse of `/gdd:pause`. Reads a checkpoint file, prints a clear "you were here" summary, and routes to the next command.
|
|
15
15
|
|
|
16
|
-
## Step 0
|
|
16
|
+
## Step 0 - Prime cycle context
|
|
17
17
|
|
|
18
|
-
Two paths
|
|
18
|
+
Two paths - MCP preferred when available, file-read fallback otherwise. This runs BEFORE checkpoint restoration so the "you were here" summary has full cycle context (phase, plans, decisions).
|
|
19
19
|
|
|
20
20
|
### MCP path (preferred)
|
|
21
21
|
|
|
@@ -26,7 +26,7 @@ When `mcp__gdd_status` is exposed (Phase 27.7+, registered via `npx @hegemonart/
|
|
|
26
26
|
3. Call `mcp__gdd_decisions_list` (no args) → full D-XX list with rationale. Use for the "decisions you made" line in the resume summary.
|
|
27
27
|
4. (Optional) Call `mcp__gdd_plans_list` (no args) → current phase plans + status, to identify next incomplete plan.
|
|
28
28
|
|
|
29
|
-
Three to four MCP calls = full resume priming (~5s, ~32k tokens
|
|
29
|
+
Three to four MCP calls = full resume priming (~5s, ~32k tokens - Storybloq benchmark). Proceed to Step 1.
|
|
30
30
|
|
|
31
31
|
### File-read path (fallback)
|
|
32
32
|
|
|
@@ -36,7 +36,7 @@ When MCP tools are not available:
|
|
|
36
36
|
2. Also `Read .design/CYCLES.md` (if present) to see prior cycle state for the recap.
|
|
37
37
|
3. Proceed to Step 1.
|
|
38
38
|
|
|
39
|
-
This path loads the same context in 3–5 file reads (~60s, ~46.5k tokens
|
|
39
|
+
This path loads the same context in 3–5 file reads (~60s, ~46.5k tokens - file-reading baseline).
|
|
40
40
|
|
|
41
41
|
## Steps
|
|
42
42
|
|
|
@@ -55,7 +55,7 @@ This path loads the same context in 3–5 file reads (~60s, ~46.5k tokens — fi
|
|
|
55
55
|
|
|
56
56
|
3. **Read checkpoint**: load `.design/checkpoints/NN-*.md`. If not found, try `.design/HANDOFF.md` as legacy fallback.
|
|
57
57
|
|
|
58
|
-
4. **Check paused status via MCP**: call `mcp__gdd_state__get` and inspect `status`. If it does **not** start with `paused:`, print "No pause to resume" and exit
|
|
58
|
+
4. **Check paused status via MCP**: call `mcp__gdd_state__get` and inspect `status`. If it does **not** start with `paused:`, print "No pause to resume" and exit - the prior session was not paused via `/gdd:pause`, so there is nothing to restore.
|
|
59
59
|
|
|
60
60
|
5. **Restore prior status via MCP**: parse the prior status from the `paused:<prior>` prefix. Call `mcp__gdd_state__set_status` with `status: <prior>` to restore the pre-pause state.
|
|
61
61
|
|
|
@@ -74,7 +74,7 @@ This path loads the same context in 3–5 file reads (~60s, ~46.5k tokens — fi
|
|
|
74
74
|
```
|
|
75
75
|
|
|
76
76
|
9. **Staleness check**: compare mtime of `.design/` artifacts vs `src/` via Bash `stat` when available. If `src/` has commits newer than the checkpoint timestamp, warn:
|
|
77
|
-
"Source has changed since checkpoint NN
|
|
77
|
+
"Source has changed since checkpoint NN - consider re-running explore or verify."
|
|
78
78
|
|
|
79
79
|
10. **Route recommendation** based on checkpoint `Stage:` field:
|
|
80
80
|
- `brief` → "Run `/gdd:brief`"
|
|
@@ -86,8 +86,8 @@ This path loads the same context in 3–5 file reads (~60s, ~46.5k tokens — fi
|
|
|
86
86
|
## Do Not
|
|
87
87
|
|
|
88
88
|
- Do not delete checkpoint files.
|
|
89
|
-
- Do not mutate STATE.md directly
|
|
90
|
-
- Do not auto-execute the next command
|
|
91
|
-
- Do not call `mcp__gdd_state__transition_stage`
|
|
89
|
+
- Do not mutate STATE.md directly - all STATE.md writes go through the `gdd-state` MCP tools above.
|
|
90
|
+
- Do not auto-execute the next command - just recommend.
|
|
91
|
+
- Do not call `mcp__gdd_state__transition_stage` - resume restores prior status without moving the pipeline.
|
|
92
92
|
|
|
93
93
|
## RESUME COMPLETE
|
|
@@ -9,11 +9,11 @@ disable-model-invocation: true
|
|
|
9
9
|
|
|
10
10
|
**Role:** Walk through parked backlog items and for each ask: promote to this cycle, keep parked, or archive.
|
|
11
11
|
|
|
12
|
-
## Step 1
|
|
12
|
+
## Step 1 - Read backlog
|
|
13
13
|
|
|
14
14
|
Read `.design/backlog/BACKLOG.md`. Parse each `## <title>` block with its metadata and body. If no parked items, print "No parked backlog items." and stop.
|
|
15
15
|
|
|
16
|
-
## Step 2
|
|
16
|
+
## Step 2 - Loop
|
|
17
17
|
|
|
18
18
|
For each item with `**Status**: parked`:
|
|
19
19
|
|
|
@@ -26,7 +26,7 @@ Added: <date>
|
|
|
26
26
|
Promote to this cycle | Keep parked | Archive
|
|
27
27
|
```
|
|
28
28
|
|
|
29
|
-
## Step 3
|
|
29
|
+
## Step 3 - Apply decision
|
|
30
30
|
|
|
31
31
|
- **Promote**: append `- [ ] [YYYY-MM-DD] <title>` under `## P1 — High` in `.design/TODO.md` (create file from the TODO.md skeleton if missing). Update backlog item status to `**Status**: promoted` + `**Promoted**: YYYY-MM-DD`.
|
|
32
32
|
- **Keep parked**: leave unchanged.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: gdd-review-decisions
|
|
3
|
-
description: "Surfaces the async decision-review queue for team mode. Reads .design/reviews/<decision-id>/ entries and reports each decision's state in the proposed → reviewing → approved → locked machine (via scripts/lib/collab/review-queue.cjs), so a team can see what's awaiting review, what's approved, and what's locked. --pending shows only decisions still needing action. Read-only
|
|
3
|
+
description: "Surfaces the async decision-review queue for team mode. Reads .design/reviews/<decision-id>/ entries and reports each decision's state in the proposed → reviewing → approved → locked machine (via scripts/lib/collab/review-queue.cjs), so a team can see what's awaiting review, what's approved, and what's locked. --pending shows only decisions still needing action. Read-only - it reports the queue; it never advances a decision (that's a reviewer's explicit call). Use to run an async design-decision review without a meeting."
|
|
4
4
|
argument-hint: "[<decision-id>] [--pending]"
|
|
5
5
|
user-invocable: true
|
|
6
6
|
tools: Read, Bash, Grep, Glob
|
|
@@ -10,7 +10,7 @@ tools: Read, Bash, Grep, Glob
|
|
|
10
10
|
|
|
11
11
|
Closes the async-review gap for team mode: design decisions move through an explicit review queue
|
|
12
12
|
instead of being decided in a single operator's head. This skill reports where each decision is.
|
|
13
|
-
**Read-only**
|
|
13
|
+
**Read-only** - it surfaces state; advancing a decision is a reviewer's explicit action. Contract:
|
|
14
14
|
`../../reference/multi-author-model.md`.
|
|
15
15
|
|
|
16
16
|
## Invocation
|
|
@@ -30,7 +30,7 @@ instead of being decided in a single operator's head. This skill reports where e
|
|
|
30
30
|
3. **Render** grouped by state: `proposed` / `reviewing` / `approved` / `locked`, each listing the
|
|
31
31
|
decision id + a one-line summary. For `--pending`, use `review-queue.pending(entries)` to show only
|
|
32
32
|
non-locked ones. For a single `<decision-id>`, also print its audit trail (transitions + approvers).
|
|
33
|
-
4. **Do not advance.** Reporting only
|
|
33
|
+
4. **Do not advance.** Reporting only - moving a decision forward (or `/gdd:unlock-decision`) is the
|
|
34
34
|
reviewer's explicit call.
|
|
35
35
|
|
|
36
36
|
## Output
|