npm - @nano-step/skill-manager - Versions diffs - 5.6.0 → 5.6.1 - Mend

@nano-step/skill-manager 5.6.0 → 5.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/utils.d.ts +1 -1
package/dist/utils.js +1 -1
package/package.json +1 -1
package/skills/nano-brain/AGENTS_SNIPPET.md +0 -9
package/skills/rri-t-testing/SKILL.md +224 -0
package/skills/rri-t-testing/assets/rri-t-coverage-dashboard.md +138 -0
package/skills/rri-t-testing/assets/rri-t-memory-protocol.md +271 -0
package/skills/rri-t-testing/assets/rri-t-persona-interview.md +249 -0
package/skills/rri-t-testing/assets/rri-t-quality-scorecard.md +122 -0
package/skills/rri-t-testing/assets/rri-t-risk-matrix.md +87 -0
package/skills/rri-t-testing/assets/rri-t-stress-matrix.md +100 -0
package/skills/rri-t-testing/assets/rri-t-test-case.md +181 -0
package/skills/rri-t-testing/assets/rri-t-testability-gate.md +131 -0
package/skills/rri-t-testing/assets/rri-t-traceability-matrix.md +105 -0
package/skills/rri-t-testing/skill.json +9 -0

package/skills/rri-t-testing/assets/rri-t-test-case.md ADDED Viewed

@@ -0,0 +1,181 @@
+# RRI-T Test Cases — {Feature Name}
+**Feature:** {feature-name}
+**Generated from:** Persona Interview ({date})
+**Total Test Cases:** {count}
+## Priority Distribution
+| Priority | Count | Description |
+|----------|-------|-------------|
+| P0 | 0 | Critical — blocks release |
+| P1 | 0 | Major — fix before release |
+| P2 | 0 | Minor — next sprint |
+| P3 | 0 | Trivial — backlog |
+## Dimension Distribution
+| Dimension | Count | Target Coverage |
+|-----------|-------|----------------|
+| D1: UI/UX | 0 | >= 85% |
+| D2: API | 0 | >= 85% |
+| D3: Performance | 0 | >= 70% |
+| D4: Security | 0 | >= 85% |
+| D5: Data Integrity | 0 | >= 85% |
+| D6: Infrastructure | 0 | >= 70% |
+| D7: Edge Cases | 0 | >= 85% |
+---
+## Test Cases
+### TC-RRI-{FEATURE}-001
+- **Q (Question):** As an end user, what happens when I add an inventory item while on a weak 3G connection?
+- **A (Answer):** The item should be saved locally immediately, show a "syncing" indicator, and sync to the server when connection improves. No data loss should occur.
+- **R (Requirement):** REQ-OFFLINE-001: App must support offline-first operations with automatic sync
+- **P (Priority):** P0
+- **T (Test Case):**
+  - **Preconditions:**
+    - User logged in to household
+    - Device has weak 3G connection (simulated: 500ms latency, 50% packet loss)
+    - At least 1 existing inventory item for comparison
+  - **Steps:**
+    1. Navigate to Inventory screen
+    2. Tap "Add Item" button
+    3. Fill in: Name "Gao ST25", Quantity "5", Unit "kg", Expiration "2026-03-15"
+    4. Tap "Save"
+    5. Observe UI feedback
+    6. Wait 30 seconds
+    7. Check item appears in inventory list
+    8. Restore normal network connection
+    9. Wait for sync indicator to complete
+    10. Verify item exists on server (check from another device)
+  - **Expected Result:**
+    - Item appears in list immediately with "syncing" badge
+    - No error message shown
+    - After network restores, item syncs successfully
+    - Item visible from other devices within 5 seconds of sync
+  - **Dimension:** D3: Performance
+  - **Stress Axis:** TIME, INFRA
+  - **Source Persona:** End User
+- **Risk Category:** PERF
+- **Risk Score:** 6
+- **Traceability:** REQ-OFFLINE-001
+- **Result:** PASS
+- **Notes:** Tested on iPhone 12 with Network Link Conditioner. Sync completed in 3.2s after network restored.
+---
+### TC-RRI-{FEATURE}-002
+- **Q (Question):** As a business analyst, what happens when a household member with "viewer" role tries to delete an inventory item?
+- **A (Answer):** The delete button should be hidden or disabled for viewers. If they somehow trigger a delete (via API manipulation), the server should reject it with a 403 Forbidden error.
+- **R (Requirement):** REQ-RBAC-003: Viewers can only read data, not modify or delete
+- **P (Priority):** P1
+- **T (Test Case):**
+  - **Preconditions:**
+    - User "viewer@example.com" has "viewer" role in household "Test Family"
+    - Household has inventory item "Sua tuoi" (ID: inv_123)
+    - User logged in on mobile app
+  - **Steps:**
+    1. Login as viewer@example.com
+    2. Navigate to Inventory screen
+    3. Tap on "Sua tuoi" item to view details
+    4. Look for delete button/option
+    5. (If delete button exists) Attempt to tap it
+    6. (Alternative) Use GraphQL client to send deleteInventoryItem mutation directly
+  - **Expected Result:**
+    - Delete button should not be visible in UI
+    - If mutation sent directly, server returns error: `{"errors": [{"message": "Forbidden: insufficient permissions", "extensions": {"code": "FORBIDDEN"}}]}`
+    - Item remains in database unchanged
+  - **Dimension:** D4: Security
+  - **Stress Axis:** SECURITY
+  - **Source Persona:** Business Analyst
+- **Risk Category:** SEC
+- **Risk Score:** 6
+- **Traceability:** REQ-RBAC-003
+- **Result:** PAINFUL
+- **Notes:** Delete button is correctly hidden, but when mutation sent via GraphQL Playground, error message is generic "Unauthorized" instead of specific "Forbidden: insufficient permissions". UX improvement: add clearer error messages for debugging. Item was NOT deleted (security works), but error clarity needs improvement.
+---
+### TC-RRI-{FEATURE}-003
+- **Q (Question):** As a QA destroyer, what happens when I paste 50,000 characters into the "item name" field?
+- **A (Answer):** The field should enforce a maximum length (e.g., 200 characters), truncate or reject input gracefully, and show a validation error. The app should not crash or freeze.
+- **R (Requirement):** REQ-VALIDATION-005: All text inputs must have reasonable length limits
+- **P (Priority):** P1
+- **T (Test Case):**
+  - **Preconditions:**
+    - User logged in
+    - On "Add Inventory Item" screen
+    - Clipboard contains 50,000-character string
+  - **Steps:**
+    1. Tap into "Item Name" field
+    2. Paste 50,000-character string
+    3. Observe UI behavior
+    4. Attempt to save the form
+  - **Expected Result:**
+    - Field truncates input to max length (200 chars) OR shows validation error
+    - UI remains responsive (no freeze)
+    - Save button disabled or shows error: "Item name too long (max 200 characters)"
+    - No crash or GraphQL error
+  - **Dimension:** D7: Edge Cases
+  - **Stress Axis:** DATA, ERROR
+  - **Source Persona:** QA Destroyer
+- **Risk Category:** DATA
+- **Risk Score:** 4
+- **Traceability:** REQ-VALIDATION-005
+- **Result:** MISSING
+- **Notes:** Feature not yet implemented. Current behavior: field accepts all 50,000 characters, UI freezes for 2-3 seconds, GraphQL mutation fails with "Payload too large" error. Need to add client-side validation and maxLength attribute.
+---
+### TC-RRI-{FEATURE}-004
+- **Q (Question):** {From persona's perspective — what are they trying to do/verify?}
+- **A (Answer):** {Expected behavior — what SHOULD happen}
+- **R (Requirement):** {Requirement ID or description}
+- **P (Priority):** P0 | P1 | P2 | P3
+- **T (Test Case):**
+  - **Preconditions:** {required state}
+  - **Steps:**
+    1. {step 1}
+    2. {step 2}
+  - **Expected Result:** {specific, measurable outcome}
+  - **Dimension:** D{n}: {name}
+  - **Stress Axis:** {axis name} (if applicable)
+  - **Source Persona:** {persona name}
+- **Risk Category:** TECH | SEC | PERF | DATA | BUS | OPS
+- **Risk Score:** {1-9}
+- **Traceability:** {REQ-XXX}
+- **Result:** PASS | FAIL | PAINFUL | MISSING
+- **Notes:** {observations, screenshots, bug IDs}
+---
+### TC-RRI-{FEATURE}-005
+- **Q (Question):** {From persona's perspective — what are they trying to do/verify?}
+- **A (Answer):** {Expected behavior — what SHOULD happen}
+- **R (Requirement):** {Requirement ID or description}
+- **P (Priority):** P0 | P1 | P2 | P3
+- **T (Test Case):**
+  - **Preconditions:** {required state}
+  - **Steps:**
+    1. {step 1}
+    2. {step 2}
+  - **Expected Result:** {specific, measurable outcome}
+  - **Dimension:** D{n}: {name}
+  - **Stress Axis:** {axis name} (if applicable)
+  - **Source Persona:** {persona name}
+- **Risk Category:** TECH | SEC | PERF | DATA | BUS | OPS
+- **Risk Score:** {1-9}
+- **Traceability:** {REQ-XXX}
+- **Result:** PASS | FAIL | PAINFUL | MISSING
+- **Notes:** {observations, screenshots, bug IDs}
+---
+## Result Legend
+| Result | Symbol | Description |
+|--------|--------|-------------|
+| PASS | PASS | Test passed, feature works as expected |
+| FAIL | FAIL | Test failed, feature does not work |
+| PAINFUL | PAINFUL | Feature works but UX is poor |
+| MISSING | MISSING | Feature not implemented yet |

package/skills/rri-t-testing/assets/rri-t-testability-gate.md ADDED Viewed

@@ -0,0 +1,131 @@
+# RRI-T Testability Gate
+**Feature:** {feature-name}
+**Date:** {YYYY-MM-DD}
+**Assessor:** {agent/person}
+**Build:** {build-id}
+**Environment:** {dev/staging/prod}
+## Prerequisites Validation
+| # | Prerequisite | Status | Notes |
+|---|--------------|--------|-------|
+| PRE-1 | Environment accessible | PASS / FAIL | |
+| PRE-2 | Test data available | PASS / FAIL | |
+| PRE-3 | Feature deployed | PASS / FAIL | |
+| PRE-4 | Acceptance criteria exist | PASS / FAIL | |
+| PRE-5 | No blockers from dev | PASS / FAIL | |
+**Prerequisites Result:** {count}/5 PASS
+---
+## Testability Assessment
+| # | Testability Criteria | Status | Notes |
+|---|---------------------|--------|-------|
+| TEST-1 | Semantic locators present (data-testid, aria-label) | PASS / PARTIAL / FAIL | |
+| TEST-2 | API endpoints documented | PASS / PARTIAL / FAIL | |
+| TEST-3 | Auth flows accessible | PASS / PARTIAL / FAIL | |
+| TEST-4 | Error states reproducible | PASS / PARTIAL / FAIL | |
+| TEST-5 | Performance baselines available | PASS / PARTIAL / FAIL | |
+**Testability Result:** {count}/5 PASS
+---
+## Risk Assessment
+### Probability (1-3)
+| Score | Definition |
+|-------|------------|
+| 1 | Unlikely - well-tested area, minor change |
+| 2 | Possible - moderate complexity, some unknowns |
+| 3 | Likely - new area, high complexity, many dependencies |
+**Probability Score:** {1-3}
+**Rationale:** {why this score}
+### Impact (1-3)
+| Score | Definition |
+|-------|------------|
+| 1 | Low - cosmetic, workaround exists |
+| 2 | Medium - feature degraded, user friction |
+| 3 | High - data loss, security breach, revenue impact |
+**Impact Score:** {1-3}
+**Rationale:** {why this score}
+### Risk Score Calculation
+**Risk Score = Probability x Impact = {P} x {I} = {score}**
+| Score Range | Risk Level | Tier |
+|-------------|------------|------|
+| 1-2 | LOW | Minimal |
+| 3-5 | MEDIUM | Standard |
+| 6-8 | HIGH | Full |
+| 9 | CRITICAL | Full + blocks release if untested |
+---
+## Category Classification
+| Category | Code | Applies |
+|----------|------|---------|
+| Technical (architecture/integration) | TECH | Y / N |
+| Security (vulnerabilities) | SEC | Y / N |
+| Performance (scalability) | PERF | Y / N |
+| Data (integrity/corruption) | DATA | Y / N |
+| Business (logic errors) | BUS | Y / N |
+| Operational (deployment) | OPS | Y / N |
+**Primary Category:** {CODE}
+**Secondary Categories:** {CODE, CODE}
+---
+## Tier Selection
+Based on Risk Score: {score}
+| Selected | Tier | Personas | Dimensions | Stress Axes |
+|----------|------|----------|------------|-------------|
+| [ ] | Full | 5 | 7 | 8 |
+| [ ] | Standard | 3 | 4 | 4 |
+| [ ] | Minimal | 1 | 2 | 2 |
+**Selected Tier:** {tier}
+---
+## Decision
+| Decision | Criteria |
+|----------|----------|
+| PROCEED | All prerequisites PASS, testability >= 3/5 PASS |
+| CONCERNS | 1-2 prerequisites FAIL or testability 2/5 PASS |
+| BLOCK | >= 3 prerequisites FAIL or testability < 2/5 PASS |
+**Decision:** PROCEED / CONCERNS / BLOCK
+### Action Items (if CONCERNS or BLOCK)
+| # | Action | Owner | Due |
+|---|--------|-------|-----|
+| 1 | | | |
+| 2 | | | |
+| 3 | | | |
+---
+## Summary
+- **Feature:** {feature-name}
+- **Risk Score:** {score} ({level})
+- **Category:** {CODE}
+- **Tier:** {tier}
+- **Decision:** {decision}
+- **Next Phase:** {PREPARE / address blockers}

package/skills/rri-t-testing/assets/rri-t-traceability-matrix.md ADDED Viewed

@@ -0,0 +1,105 @@
+# RRI-T Traceability Matrix
+**Feature:** {feature-name}
+**Date:** {YYYY-MM-DD}
+**Scope:** {scope-description}
+**Phase:** {current-phase}
+## Coverage Summary
+| Priority | Total Reqs | Covered | Percentage | Status |
+|----------|------------|---------|------------|--------|
+| P0 | {count} | {count} | {pct}% | PASS / CONCERNS / FAIL |
+| P1 | {count} | {count} | {pct}% | PASS / CONCERNS / FAIL |
+| P2 | {count} | {count} | {pct}% | PASS / CONCERNS / FAIL |
+| P3 | {count} | {count} | {pct}% | PASS / CONCERNS / FAIL |
+| **Total** | {count} | {count} | {pct}% | {status} |
+### Status Thresholds
+| Status | P0 | P1 | Overall |
+|--------|----|----|---------|
+| PASS | 100% | >= 90% | >= 80% |
+| CONCERNS | 100% | 80-89% | 70-79% |
+| FAIL | < 100% | < 80% | < 70% |
+---
+## Detailed Traceability
+### P0 Requirements (Critical)
+| Req ID | Requirement | Test Cases | Coverage | Result |
+|--------|-------------|------------|----------|--------|
+| REQ-001 | User can login with valid credentials | TC-001, TC-002 | FULL | PASS |
+| REQ-002 | Data persists after session timeout | TC-003 | FULL | PASS |
+| REQ-003 | Payment transactions are atomic | TC-004, TC-005, TC-006 | FULL | FAIL |
+| REQ-004 | | | | |
+| REQ-005 | | | | |
+### P1 Requirements (Major)
+| Req ID | Requirement | Test Cases | Coverage | Result |
+|--------|-------------|------------|----------|--------|
+| REQ-101 | Search supports Vietnamese diacritics | TC-101 | FULL | PASS |
+| REQ-102 | Offline changes sync within 60s | TC-102, TC-103 | PARTIAL | CONCERNS |
+| REQ-103 | Role changes take effect immediately | | NONE | MISSING |
+| REQ-104 | | | | |
+| REQ-105 | | | | |
+### P2 Requirements (Minor)
+| Req ID | Requirement | Test Cases | Coverage | Result |
+|--------|-------------|------------|----------|--------|
+| REQ-201 | | | | |
+| REQ-202 | | | | |
+| REQ-203 | | | | |
+### P3 Requirements (Trivial)
+| Req ID | Requirement | Test Cases | Coverage | Result |
+|--------|-------------|------------|----------|--------|
+| REQ-301 | | | | |
+| REQ-302 | | | | |
+---
+## Coverage Legend
+| Coverage | Definition |
+|----------|------------|
+| FULL | All acceptance criteria have test cases |
+| PARTIAL | Some acceptance criteria have test cases |
+| NONE | No test cases mapped to requirement |
+---
+## Gap Prioritization
+| Gap # | Requirement | Priority | Risk | Recommendation |
+|-------|-------------|----------|------|----------------|
+| GAP-1 | REQ-103: Role changes take effect immediately | P1 | HIGH | Add TC for role revocation mid-session |
+| GAP-2 | REQ-102: Offline sync (partial coverage) | P1 | MEDIUM | Add TC for 50+ pending changes |
+| GAP-3 | | | | |
+| GAP-4 | | | | |
+| GAP-5 | | | | |
+### Gap Severity
+| Severity | Definition |
+|----------|------------|
+| CRITICAL | P0 requirement with NONE or PARTIAL coverage |
+| HIGH | P1 requirement with NONE coverage |
+| MEDIUM | P1 requirement with PARTIAL coverage |
+| LOW | P2/P3 requirement with NONE or PARTIAL coverage |
+---
+## Summary
+- **Total Requirements:** {count}
+- **Fully Covered:** {count} ({pct}%)
+- **Partially Covered:** {count} ({pct}%)
+- **Not Covered:** {count} ({pct}%)
+- **Critical Gaps:** {count}
+- **High Gaps:** {count}

package/skills/rri-t-testing/skill.json ADDED Viewed

@@ -0,0 +1,9 @@
+{
+  "name": "rri-t-testing",
+  "version": "2.0.0",
+  "description": "RRI-T v2: Rapid Risk-Informed Testing with BMAD-enhanced risk scoring, traceability, quality gates, and nano-brain memory persistence",
+  "compatibility": "OpenCode",
+  "agent": null,
+  "commands": [],
+  "tags": ["testing", "qa", "rri-t", "release-gates", "test-cases", "risk-scoring", "traceability", "bmad", "nano-brain"]
+}