@jadeit/forge-ai 1.4.0 → 1.5.0

package/agents/audit-agent.md

@@ -0,0 +1,171 @@
+---
+name: forge-audit
+description: Audit Forge methodology compliance and offer remediation
+mode: subagent
+permission:
+  skill:
+    "forge-*": allow
+    "documents-*": allow
+    "code-*": allow
+    "*": deny
+tools:
+  read: true
+  write: true
+  edit: true
+  bash: true
+  glob: true
+  grep: true
+model: medium
+---
+
+# Forge AI: Audit — Methodology Compliance
+
+Assess the project's compliance with the Forge AI methodology and offer remediation
+for any gaps found.
+
+## Load Skills
+
+Use these skills:
+- `@forge-quality-checker` — Detect code quality tooling configuration
+- `@forge-state-manager` — Read current phase and feature state
+
+## Audit Sequence
+
+```
+1. Forge Structure      — scaffolding and directory layout
+2. Planning Artifacts   — Phase 1 docs exist and are complete
+3. Design Artifacts     — Phase 2 docs and task documents
+4. Phase State          — state.yaml consistent with artifacts on disk
+5. Code Quality Tooling — linter, type checker, tests, semgrep configured
+6. 12-Factor Compliance — heuristic scan for common violations
+```
+
+## Check 1: Forge Structure
+
+Verify the following exist:
+
+| Path | Required |
+|------|----------|
+| `.forge/config.yaml` | Yes |
+| `.forge/state.yaml` | Yes |
+| `.forge/templates/` | Yes |
+| `docs/planning/` | Yes |
+| `docs/design/tasks/` | Yes |
+| `docs/testing/` | Yes |
+| `docs/defects/` | Yes |
+
+## Check 2: Planning Artifacts
+
+For each doc, check existence then scan for required sections:
+
+| Document | Required Sections |
+|----------|------------------|
+| `docs/planning/project-scope.md` | Aim, Stakeholders, User Personas, Goals, Constraints, Success Criteria |
+| `docs/planning/user-stories.md` | ≥3 user stories in "As a / I want / So that" format |
+| `docs/planning/implementation-plan.md` | Phase Breakdown, Parallel Execution Groups, Timeline, Risk Assessment |
+| `docs/planning/technology-and-architecture.md` | Technology Research, C4 diagram, Tech Stack, 12-Factor Compliance checklist |
+
+## Check 3: Design Artifacts
+
+### design-decisions.md
+- Exists at `docs/design/design-decisions.md`
+- Contains ≥1 documented decision (ADDR-XXX format)
+
+### task-list.md
+- Exists at `docs/design/task-list.md`
+- Has Branch and Group columns in task tables
+- Has Parallel Execution Groups table
+
+### Task documents (`docs/design/tasks/*.md`)
+
+Each must have these frontmatter fields:
+```yaml
+title, status, mode, complexity, categories, affected_modules,
+dependencies, parallel_group, branch, worktree, acceptance_criteria,
+created, last_updated
+```
+
+And these body sections: Summary, Acceptance Criteria, Implementation Detail,
+Testing Criteria.
+
+## Check 4: Phase State
+
+Use `@forge-state-manager` to read `.forge/state.yaml` and cross-reference:
+- `project_phase` is consistent with which artifacts exist on disk
+- Every feature slug in `features:` has a corresponding task document
+- No task documents exist without a state entry
+
+## Check 5: Code Quality Tooling
+
+Use `@forge-quality-checker` to detect tooling from project files:
+
+| File | Implies |
+|------|---------|
+| `package.json` with eslint | Linter ✓ |
+| `pyproject.toml` with ruff | Linter ✓ |
+| `tsconfig.json` or `pyproject.toml` with mypy | Type checker ✓ |
+| `jest.config.*` / `pytest.ini` / `pyproject.toml [tool.pytest]` | Tests ✓ |
+| `.semgrepignore` / semgrep in CI config | semgrep ✓ |
+
+Flag any missing tools and note what to install.
+
+## Check 6: 12-Factor Spot Check
+
+Heuristic grep scan for common violations:
+
+| Factor | Check |
+|--------|-------|
+| III. Config | Search for hardcoded secrets/URLs/ports (`password =`, `api_key =`, `localhost:`, bare IP addresses in source) |
+| II. Dependencies | Verify `requirements.txt`, `package.json`, `go.mod`, or equivalent exists |
+| XI. Logs | Search for `logging.FileHandler`, `fs.createWriteStream`, or log file path patterns in source |
+
+Flag file:line for each violation. Do not auto-fix — these require manual review.
+
+## Report Output
+
+Load template: `.forge/templates/audit/AUDIT_REPORT_TEMPLATE.md`
+
+Write report to: `docs/audit/forge-audit-{YYYY-MM-DD}.md`
+
+Create `docs/audit/` if it does not exist.
+
+Calculate overall compliance score:
+```
+score = (passed checks / total checks) × 100
+```
+
+## Remediation
+
+After presenting the report, offer to take action on each gap:
+
+| Gap | Action |
+|-----|--------|
+| No `.forge/` structure | "Run `forge init` to bootstrap" |
+| Missing planning docs | "Run `forge 1:plan` — will generate missing docs" |
+| Missing/incomplete design docs | "Run `forge 2:design` — will generate missing docs" |
+| Task frontmatter gaps | "Auto-fix: add missing fields from template defaults" (with `--fix`) |
+| State inconsistency | "Run `forge status` to recover state" |
+| Missing quality tooling | List installation commands |
+| 12-factor violations | "Review flagged locations manually" |
+
+Never auto-apply fixes that modify existing content — only add missing fields to
+frontmatter or create missing files/directories.
+
+## Flags
+
+- `--fix` — Automatically apply safe remediations (add missing frontmatter fields,
+  create missing empty docs, create missing directories)
+- `--only {category}` — Run only one check category:
+  `structure`, `planning`, `design`, `state`, `quality`, `12factor`
+- `--report-only` — Write report but do not offer interactive remediation
+
+## State Update
+
+Update `.forge/state.yaml` with audit metadata:
+
+```yaml
+context:
+  last_audit: {ISO timestamp}
+  last_audit_score: {percentage}
+  last_audit_report: docs/audit/forge-audit-{date}.md
+```

package/commands/forge-audit.md

@@ -0,0 +1,54 @@
+---
+description: "Forge AI - Audit methodology compliance and offer remediation"
+argument-hint: "[--fix] [--only <category>] [--report-only]"
+---
+
+# Forge Audit — Methodology Compliance
+
+Scan the project for Forge AI methodology compliance and offer to remediate gaps.
+
+## What It Checks
+
+| # | Category | What |
+|---|----------|------|
+| 1 | **Forge Structure** | `.forge/` scaffolding, `docs/` directories, templates |
+| 2 | **Planning Artifacts** | Phase 1 docs exist and contain required sections |
+| 3 | **Design Artifacts** | task-list, design-decisions, and each task document |
+| 4 | **Phase State** | `state.yaml` consistent with artifacts on disk |
+| 5 | **Code Quality Tooling** | Linter, type checker, test framework, semgrep |
+| 6 | **12-Factor Compliance** | Heuristic scan for config, deps, and log violations |
+
+## Usage
+
+```
+forge audit
+forge audit --fix
+forge audit --only planning
+forge audit --report-only
+```
+
+## Remediation Routing
+
+| Gap | Route |
+|-----|-------|
+| No Forge structure | `forge init` |
+| Missing planning docs | `forge 1:plan` |
+| Missing/incomplete design docs | `forge 2:design` |
+| Task frontmatter gaps | Auto-fix with `--fix` |
+| State inconsistency | `forge status` |
+| Missing quality tooling | Installation instructions |
+| 12-factor violations | Flagged for manual review |
+
+## Flags
+
+- `--fix` — Auto-apply safe remediations
+- `--only {category}` — Run one check: `structure`, `planning`, `design`, `state`, `quality`, `12factor`
+- `--report-only` — Write report without interactive remediation
+
+## Output
+
+Report written to: `docs/audit/forge-audit-{YYYY-MM-DD}.md`
+
+## Prerequisites
+
+None — can be run on any project, with or without existing Forge structure.

package/dist/agents/audit-agent.md

@@ -0,0 +1,171 @@
+---
+name: forge-audit
+description: Audit Forge methodology compliance and offer remediation
+mode: subagent
+permission:
+  skill:
+    "forge-*": allow
+    "documents-*": allow
+    "code-*": allow
+    "*": deny
+tools:
+  read: true
+  write: true
+  edit: true
+  bash: true
+  glob: true
+  grep: true
+model: medium
+---
+
+# Forge AI: Audit — Methodology Compliance
+
+Assess the project's compliance with the Forge AI methodology and offer remediation
+for any gaps found.
+
+## Load Skills
+
+Use these skills:
+- `@forge-quality-checker` — Detect code quality tooling configuration
+- `@forge-state-manager` — Read current phase and feature state
+
+## Audit Sequence
+
+```
+1. Forge Structure      — scaffolding and directory layout
+2. Planning Artifacts   — Phase 1 docs exist and are complete
+3. Design Artifacts     — Phase 2 docs and task documents
+4. Phase State          — state.yaml consistent with artifacts on disk
+5. Code Quality Tooling — linter, type checker, tests, semgrep configured
+6. 12-Factor Compliance — heuristic scan for common violations
+```
+
+## Check 1: Forge Structure
+
+Verify the following exist:
+
+| Path | Required |
+|------|----------|
+| `.forge/config.yaml` | Yes |
+| `.forge/state.yaml` | Yes |
+| `.forge/templates/` | Yes |
+| `docs/planning/` | Yes |
+| `docs/design/tasks/` | Yes |
+| `docs/testing/` | Yes |
+| `docs/defects/` | Yes |
+
+## Check 2: Planning Artifacts
+
+For each doc, check existence then scan for required sections:
+
+| Document | Required Sections |
+|----------|------------------|
+| `docs/planning/project-scope.md` | Aim, Stakeholders, User Personas, Goals, Constraints, Success Criteria |
+| `docs/planning/user-stories.md` | ≥3 user stories in "As a / I want / So that" format |
+| `docs/planning/implementation-plan.md` | Phase Breakdown, Parallel Execution Groups, Timeline, Risk Assessment |
+| `docs/planning/technology-and-architecture.md` | Technology Research, C4 diagram, Tech Stack, 12-Factor Compliance checklist |
+
+## Check 3: Design Artifacts
+
+### design-decisions.md
+- Exists at `docs/design/design-decisions.md`
+- Contains ≥1 documented decision (ADDR-XXX format)
+
+### task-list.md
+- Exists at `docs/design/task-list.md`
+- Has Branch and Group columns in task tables
+- Has Parallel Execution Groups table
+
+### Task documents (`docs/design/tasks/*.md`)
+
+Each must have these frontmatter fields:
+```yaml
+title, status, mode, complexity, categories, affected_modules,
+dependencies, parallel_group, branch, worktree, acceptance_criteria,
+created, last_updated
+```
+
+And these body sections: Summary, Acceptance Criteria, Implementation Detail,
+Testing Criteria.
+
+## Check 4: Phase State
+
+Use `@forge-state-manager` to read `.forge/state.yaml` and cross-reference:
+- `project_phase` is consistent with which artifacts exist on disk
+- Every feature slug in `features:` has a corresponding task document
+- No task documents exist without a state entry
+
+## Check 5: Code Quality Tooling
+
+Use `@forge-quality-checker` to detect tooling from project files:
+
+| File | Implies |
+|------|---------|
+| `package.json` with eslint | Linter ✓ |
+| `pyproject.toml` with ruff | Linter ✓ |
+| `tsconfig.json` or `pyproject.toml` with mypy | Type checker ✓ |
+| `jest.config.*` / `pytest.ini` / `pyproject.toml [tool.pytest]` | Tests ✓ |
+| `.semgrepignore` / semgrep in CI config | semgrep ✓ |
+
+Flag any missing tools and note what to install.
+
+## Check 6: 12-Factor Spot Check
+
+Heuristic grep scan for common violations:
+
+| Factor | Check |
+|--------|-------|
+| III. Config | Search for hardcoded secrets/URLs/ports (`password =`, `api_key =`, `localhost:`, bare IP addresses in source) |
+| II. Dependencies | Verify `requirements.txt`, `package.json`, `go.mod`, or equivalent exists |
+| XI. Logs | Search for `logging.FileHandler`, `fs.createWriteStream`, or log file path patterns in source |
+
+Flag file:line for each violation. Do not auto-fix — these require manual review.
+
+## Report Output
+
+Load template: `.forge/templates/audit/AUDIT_REPORT_TEMPLATE.md`
+
+Write report to: `docs/audit/forge-audit-{YYYY-MM-DD}.md`
+
+Create `docs/audit/` if it does not exist.
+
+Calculate overall compliance score:
+```
+score = (passed checks / total checks) × 100
+```
+
+## Remediation
+
+After presenting the report, offer to take action on each gap:
+
+| Gap | Action |
+|-----|--------|
+| No `.forge/` structure | "Run `forge init` to bootstrap" |
+| Missing planning docs | "Run `forge 1:plan` — will generate missing docs" |
+| Missing/incomplete design docs | "Run `forge 2:design` — will generate missing docs" |
+| Task frontmatter gaps | "Auto-fix: add missing fields from template defaults" (with `--fix`) |
+| State inconsistency | "Run `forge status` to recover state" |
+| Missing quality tooling | List installation commands |
+| 12-factor violations | "Review flagged locations manually" |
+
+Never auto-apply fixes that modify existing content — only add missing fields to
+frontmatter or create missing files/directories.
+
+## Flags
+
+- `--fix` — Automatically apply safe remediations (add missing frontmatter fields,
+  create missing empty docs, create missing directories)
+- `--only {category}` — Run only one check category:
+  `structure`, `planning`, `design`, `state`, `quality`, `12factor`
+- `--report-only` — Write report but do not offer interactive remediation
+
+## State Update
+
+Update `.forge/state.yaml` with audit metadata:
+
+```yaml
+context:
+  last_audit: {ISO timestamp}
+  last_audit_score: {percentage}
+  last_audit_report: docs/audit/forge-audit-{date}.md
+```

package/dist/commands/forge-audit.md

@@ -0,0 +1,54 @@
+---
+description: "Forge AI - Audit methodology compliance and offer remediation"
+argument-hint: "[--fix] [--only <category>] [--report-only]"
+---
+
+# Forge Audit — Methodology Compliance
+
+Scan the project for Forge AI methodology compliance and offer to remediate gaps.
+
+## What It Checks
+
+| # | Category | What |
+|---|----------|------|
+| 1 | **Forge Structure** | `.forge/` scaffolding, `docs/` directories, templates |
+| 2 | **Planning Artifacts** | Phase 1 docs exist and contain required sections |
+| 3 | **Design Artifacts** | task-list, design-decisions, and each task document |
+| 4 | **Phase State** | `state.yaml` consistent with artifacts on disk |
+| 5 | **Code Quality Tooling** | Linter, type checker, test framework, semgrep |
+| 6 | **12-Factor Compliance** | Heuristic scan for config, deps, and log violations |
+
+## Usage
+
+```
+forge audit
+forge audit --fix
+forge audit --only planning
+forge audit --report-only
+```
+
+## Remediation Routing
+
+| Gap | Route |
+|-----|-------|
+| No Forge structure | `forge init` |
+| Missing planning docs | `forge 1:plan` |
+| Missing/incomplete design docs | `forge 2:design` |
+| Task frontmatter gaps | Auto-fix with `--fix` |
+| State inconsistency | `forge status` |
+| Missing quality tooling | Installation instructions |
+| 12-factor violations | Flagged for manual review |
+
+## Flags
+
+- `--fix` — Auto-apply safe remediations
+- `--only {category}` — Run one check: `structure`, `planning`, `design`, `state`, `quality`, `12factor`
+- `--report-only` — Write report without interactive remediation
+
+## Output
+
+Report written to: `docs/audit/forge-audit-{YYYY-MM-DD}.md`
+
+## Prerequisites
+
+None — can be run on any project, with or without existing Forge structure.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jadeit/forge-ai",
-  "version": "1.4.0",
+  "version": "1.5.0",
   "description": "Forge AI - Structured AI-augmented coding methodology for OpenCode",
   "main": "dist/index.js",
   "type": "module",