@nklisch/pi-agile-workflow 0.16.1 → 0.16.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/.codex-plugin/plugin.json +1 -1
  3. package/docs/ARCHITECTURE.md +42 -21
  4. package/docs/PRINCIPLES.md +108 -38
  5. package/docs/SPEC.md +19 -2
  6. package/docs/VISION.md +17 -10
  7. package/hooks/scripts/prompt-context.py +8 -1
  8. package/hooks/scripts/test_prompt_context.py +16 -0
  9. package/package.json +1 -1
  10. package/scripts/work-view.sh +1 -1
  11. package/skills/autopilot/SKILL.md +54 -37
  12. package/skills/convert/SKILL.md +30 -4
  13. package/skills/epic-design/SKILL.md +21 -3
  14. package/skills/feature-design/SKILL.md +34 -11
  15. package/skills/gate-cruft/SKILL.md +69 -24
  16. package/skills/gate-docs/SKILL.md +56 -30
  17. package/skills/gate-patterns/SKILL.md +7 -3
  18. package/skills/gate-refactor/SKILL.md +18 -6
  19. package/skills/gate-security/SKILL.md +16 -7
  20. package/skills/gate-tests/SKILL.md +86 -71
  21. package/skills/implement/SKILL.md +18 -8
  22. package/skills/principles/SKILL.md +76 -21
  23. package/skills/principles/references/advisory-review.md +8 -1
  24. package/skills/principles/references/code-design.md +62 -5
  25. package/skills/principles/references/models.md +69 -57
  26. package/skills/refactor-design/SKILL.md +23 -13
  27. package/skills/review/SKILL.md +39 -19
  28. package/skills/review/references/review-lenses.md +14 -4
  29. package/skills/review/references/substrate-side-effects.md +17 -10
  30. package/skills/review/references/target-resolution.md +2 -1
  31. package/skills/scope/SKILL.md +20 -7
  32. package/work-view/crates/cli/.work-view-version +1 -1
  33. package/work-view/dist/aarch64-apple-darwin/work-view +0 -0
  34. package/work-view/dist/aarch64-unknown-linux-musl/work-view +0 -0
  35. package/work-view/dist/x86_64-apple-darwin/work-view +0 -0
  36. package/work-view/dist/x86_64-unknown-linux-musl/work-view +0 -0
@@ -3,7 +3,7 @@ name: gate-docs
3
3
  description: >
4
4
  Documentation gate that enforces the rolling-foundation principle. Delegates the full drift
5
5
  detection to a deep documentation scanner agent which scans the bundle's changes for
6
- foundation-doc drift (assertions in docs/ that no longer match implementation), changelog gaps,
6
+ foundation-doc drift (false, stale, or contradictory assertions—not missing coverage), changelog gaps,
7
7
  README staleness, and skill/pattern-skill staleness. The orchestrator converts findings into items
8
8
  in .work/active/ with gate_origin:docs and tags:[documentation]. Auto-triggers during
9
9
  /agile-workflow:release-deploy.
@@ -12,10 +12,12 @@ description: >
12
12
  # Gate-Docs
13
13
 
14
14
  You orchestrate a documentation gate that enforces the **rolling-foundation
15
- principle**: foundation docs in `docs/` describe current truth or intended
16
- future state, never past state. After implementation work, foundation-doc
17
- assertions can drift from reality or from the intended state they are meant to
18
- describe.
15
+ principle**: foundation docs in `docs/` may describe current truth or intended
16
+ future state, never superseded truth. Future-state claims do not become drift
17
+ merely because implementation has not reached them, and foundation docs are not
18
+ required to mention every capability or bundle change. Drift exists only when an
19
+ assertion is false for the time/state it claims, stale after intent changed, or
20
+ contradictory with another authoritative claim.
19
21
 
20
22
  The actual drift detection runs inside a **deep documentation scanner agent**
21
23
  (a generic sub-agent prompted with the scanner posture from `../principles/references/subagents.md`); your role is to
@@ -77,10 +79,14 @@ returns structured findings.
77
79
  **Brief template**:
78
80
 
79
81
  > You are conducting a documentation drift audit for release `<version>` as an
80
- > agile-workflow scanner. The principle: docs in `docs/` describe current truth
81
- > or intended future state, never past state. Drift = doc says X, but the
82
- > completed bundle now does Y or the intended future state has changed to Y. Use
83
- > read/search/shell tools as needed, but do not spawn nested sub-agents or fix docs.
82
+ > agile-workflow scanner. The principle: foundation docs in `docs/` may describe
83
+ > current truth or intended future state. Drift is assertion-only: a claim is
84
+ > false for the state/time it says it describes, stale because intent changed,
85
+ > or contradictory with another authoritative claim. A future-state assertion
86
+ > is not drift merely because code does not implement it yet. Missing foundation-
87
+ > doc coverage is allowed: do not flag, add, or request claims for bundle changes
88
+ > the foundation docs do not discuss. Use read/search/shell tools as needed, but
89
+ > do not spawn nested sub-agents or fix docs.
84
90
  >
85
91
  > **Bundle scope** (the changes that may have caused drift):
86
92
  > ```
@@ -110,8 +116,9 @@ returns structured findings.
110
116
  > - Generated files (look for `# generated`, `llms-full.txt` — never
111
117
  > edit; flag for regeneration)
112
118
  >
113
- > 2. **Classify each bound item's change type**:
114
- > | Change type | Doc owners |
119
+ > 2. **Classify each bound item's change type**. This table identifies places to
120
+ > check for existing claims; it does not require foundation-doc coverage:
121
+ > | Change type | Potential references |
115
122
  > |---|---|
116
123
  > | New feature / behavior | SPEC.md, ARCHITECTURE.md, relevant guide pages |
117
124
  > | New CLI command or flag | CLI reference, SPEC.md, guide pages |
@@ -123,10 +130,15 @@ returns structured findings.
123
130
  > | Changed interface used by repo skills | Repo-specific skills referencing it |
124
131
  >
125
132
  > 3. **Drift-check passes** — run each relevant pass yourself:
126
- > - **Foundation-doc drift** — for VISION.md, SPEC.md, ARCHITECTURE.md,
127
- > for each assertion (interface, contract, component, behavior), grep
128
- > the bundle's changed files. Flag any assertion where the doc says X
129
- > but the code now does Y. Cite file:line for the doc and the code.
133
+ > - **Foundation-doc drift** — inspect only assertions that exist in
134
+ > VISION.md, SPEC.md, ARCHITECTURE.md, and domain foundation docs. First
135
+ > classify each assertion as current-state or intended-future-state. For a
136
+ > current-state claim, flag only when authoritative implementation now
137
+ > contradicts it. For a future-state claim, flag only when newer accepted
138
+ > intent or another authoritative foundation claim contradicts it—not when
139
+ > implementation is absent. Never flag a bundle capability merely because
140
+ > no foundation doc mentions it. Cite file:line for the claim and its
141
+ > contradicting source.
130
142
  > - **README staleness** — verify quick-start, install steps, examples,
131
143
  > command names match the codebase post-bundle.
132
144
  > - **CHANGELOG gap** — for each item bound to release `<version>`,
@@ -155,11 +167,14 @@ returns structured findings.
155
167
  > changelog-gap | repo-skill-staleness | pattern-skill-staleness |
156
168
  > generated-file-needs-regen | doc-misplacement
157
169
  > - **Confidence**: High | Medium
170
+ > - **Relevance**: Release-relevant | Ambient
158
171
  > - **Doc location**: `<file>:<line>`
159
- > - **Code location**: `<file>:<line>` (for assertion drift; omit for gaps)
172
+ > - **Contradicting source**: `<file>:<line>` (implementation, newer intent,
173
+ > or another authoritative claim; omit for non-assertion categories)
160
174
  > - **Current doc text**:
161
175
  > > <quote — what the doc currently says>
162
- > - **Reality**: <what the code now does, post-bundle>
176
+ > - **Contradiction**: <why the quoted claim is false, stale, or contradictory
177
+ > for the state/time it claims to describe>
163
178
  > - **Required edit**: <roll the doc forward to match the new active truth.
164
179
  > Apply rolling-foundation: no "previously" prose, no "in v1.x" notes.
165
180
  > Replace the assertion in place. For generated files, give the
@@ -179,9 +194,13 @@ returns structured findings.
179
194
  > ```
180
195
  >
181
196
  > **Rules**:
182
- > - Scan only the bundle's changes plus the docs that own those areas.
183
- > Don't audit every doc in the repo.
197
+ > - Bundle changes and their owning docs are the focus, not a hard boundary.
198
+ > Follow concrete references into adjacent docs, generated catalogs, or
199
+ > system-wide documentation when needed; do not perform an aimless doc sweep.
184
200
  > - Cite file:line for every finding.
201
+ > - Absence is not a foundation-doc finding. Do not propose adding coverage for
202
+ > an undocumented bundle change, and do not treat unimplemented future intent
203
+ > as stale current-state documentation.
185
204
  > - Required edits ENFORCE rolling-foundation: replace stale assertions in
186
205
  > place. Do NOT propose adding "previously" or "in v1.x" prose. Git is the
187
206
  > audit trail; the doc carries the active truth.
@@ -210,7 +229,7 @@ stage: implementing # high-confidence drift
210
229
  tags: [documentation]
211
230
  parent: null
212
231
  depends_on: []
213
- release_binding: <version>
232
+ release_binding: <version> | null # null for ambient findings
214
233
  gate_origin: docs
215
234
  created: YYYY-MM-DD
216
235
  updated: YYYY-MM-DD
@@ -223,13 +242,13 @@ updated: YYYY-MM-DD
223
242
 
224
243
  ## Location
225
244
  - Doc: `<file>:<line>`
226
- - Code: `<file>:<line>` (for assertion drift)
245
+ - Contradicting source: `<file>:<line>` (for assertion drift)
227
246
 
228
247
  ## Current doc text
229
248
  > <quote the doc — what it currently says>
230
249
 
231
- ## Reality
232
- <what the code now does, post-bundle>
250
+ ## Contradiction
251
+ <why the claim is false, stale, or contradictory for its stated time/state>
233
252
 
234
253
  ## Required edit
235
254
  <roll the doc forward to match the new active truth. Apply rolling-foundation:
@@ -239,6 +258,10 @@ no "previously" prose, no "in v1.x" notes. Replace the assertion in place.>
239
258
  For generated files needing regeneration, the item describes the regeneration
240
259
  command rather than a manual edit.
241
260
 
261
+ Release-relevant drift uses the normal confidence mapping and binds to the
262
+ release. Ambient staleness merely discovered while following references goes to
263
+ the unbound backlog.
264
+
242
265
  Default confidence -> placement mapping:
243
266
  - **High** → `stage: implementing` in `.work/active/stories/`
244
267
  - **Medium** → `stage: drafting` in `.work/active/stories/`
@@ -257,22 +280,25 @@ In conversation:
257
280
  - **Drift found**: count by category
258
281
  - **Items created**: count, with new ids
259
282
  - **Generated files needing regen**: list (if any)
260
- - **Goal reminder**: rolling-foundation enforces docs describing current truth
261
- or intended future state, never past state. Findings here become items the
262
- release flow drains to `done` before shipping.
283
+ - **Goal reminder**: rolling-foundation permits current truth or intended future
284
+ state. Only false, stale, or contradictory assertions become findings; missing
285
+ coverage and unimplemented future intent do not. Findings here become items
286
+ the release flow drains to `done` before shipping.
263
287
 
264
288
  ## Guardrails
265
289
 
266
290
  - **The drift detection happens in the scanner agent, not here.** Your job is
267
291
  bundle prep, dispatch, and item-writing. Don't replicate the scanner's
268
292
  analysis in the orchestrator's context.
269
- - Foundation-doc drift is the gate's primary job. The scanner surfaces it;
270
- you turn it into items.
293
+ - Foundation-doc drift is assertion-only: false, stale, or contradictory
294
+ claims. Missing coverage and merely unimplemented future-state claims are not
295
+ findings and must not produce items or edits.
271
296
  - Required edits ENFORCE rolling-foundation: replace stale assertions in
272
297
  place. Do NOT propose adding "previously" or "in v1.x" prose.
273
298
  - Don't fix the docs in this skill — produce items only. Implementation of
274
299
  the fixes happens via `/agile-workflow:implement` on each item.
275
- - Audit only the bundle's changes plus the docs that own those areas — the
276
- scanner enforces this; don't override.
300
+ - Release-bound changes define focus, not a hard boundary. Follow concrete
301
+ documentation ownership and reference chains; route merely ambient drift to
302
+ the unbound backlog rather than silently expanding the release.
277
303
  - Generated files get items describing the regeneration command, not manual
278
304
  edits.
@@ -107,7 +107,7 @@ output.
107
107
  > Use read/search/shell tools as needed. Do not spawn nested sub-agents or modify
108
108
  > source files.
109
109
  >
110
- > **Bundle scope**:
110
+ > **Bundle focus** (start here; follow recurring shapes across the repository):
111
111
  > ```
112
112
  > <bundle-files>
113
113
  > ```
@@ -120,8 +120,10 @@ output.
120
120
  >
121
121
  > **Methodology**:
122
122
  >
123
- > 1. **Pattern discovery passes** — inspect the bundle's changed files plus
124
- > their immediate consumers (since reuse implies multiple call sites):
123
+ > 1. **Pattern discovery passes** — inspect the bundle's changed files first,
124
+ > then follow candidate shapes through consumers and the wider repository
125
+ > where needed to establish genuine recurrence. Bound files are the focus,
126
+ > not a hard scan boundary:
125
127
  > - **Shared abstractions & utilities** — find new shared/reusable code
126
128
  > introduced in the bundle: utility functions, base classes, common
127
129
  > helpers, types used across multiple modules. List each with
@@ -225,6 +227,8 @@ output.
225
227
  > the divergence instead.
226
228
  > - Don't fabricate patterns. If discovery yields nothing, return an empty
227
229
  > "New patterns" section.
230
+ > - Expansion beyond the bundle must follow a concrete candidate pattern or
231
+ > inconsistency; do not perform an unfocused whole-repo style audit.
228
232
 
229
233
  ### Phase 4: Write pattern files
230
234
 
@@ -139,8 +139,10 @@ M-times-N redundant file reads and allows cross-library finding deduplication.
139
139
  **Brief template**:
140
140
 
141
141
  > You are conducting a refactor gate scan for release `<version>` as an agile-workflow
142
- > scanner. Use read/search/shell tools as needed. Scan ONLY the bundle's changed files —
143
- > not the whole repo. Do not spawn nested sub-agents or implement fixes.
142
+ > scanner. Use read/search/shell tools as needed. Start with the bundle's changed
143
+ > files and follow concrete rule-relevant references into adjacent consumers,
144
+ > dependencies, or shared systems. Do not perform an aimless whole-repo sweep,
145
+ > spawn nested sub-agents, or implement fixes.
144
146
  >
145
147
  > **Bundle scope** (files changed by the bundle):
146
148
  > ```
@@ -169,6 +171,7 @@ M-times-N redundant file reads and allows cross-library finding deduplication.
169
171
  >
170
172
  > 1. Read every file in the bundle scope.
171
173
  > 2. For each file, check against all rules from all loaded libraries in a single pass.
174
+ > Expand only when a rule or concrete reference requires adjacent/system-wide context.
172
175
  > 3. For each finding, record:
173
176
  > - **Library tag**: which library's rule was violated (e.g. `structural`).
174
177
  > - **Rule slug**: which specific rule was violated (from the library's rule inventory).
@@ -176,11 +179,13 @@ M-times-N redundant file reads and allows cross-library finding deduplication.
176
179
  > - **Issue**: one-sentence description of the violation.
177
180
  > - **Fix**: specific proposed change (or "needs analysis" for findings requiring judgment).
178
181
  > - **Confidence**: `high` / `medium` / `low` per the library's guidance for that rule.
182
+ > - **Relevance**: `Release-relevant` or `Ambient`.
179
183
  > 4. Deduplicate against the already-tracked set.
180
184
  > 5. Return findings as a structured list.
181
185
  >
182
186
  > **Rules**:
183
- > - Scan only the bundle scope. Do not expand to the whole repo.
187
+ > - Bundle scope is the focus, not a hard boundary. Follow concrete rule-relevant
188
+ > evidence and record why any out-of-bundle surface was inspected.
184
189
  > - Cite file:line for every finding.
185
190
  > - Do not fabricate findings. If a rule produces no matches, emit nothing for it.
186
191
  > - Skip already-tracked findings (exact file:line + rule-slug match).
@@ -199,6 +204,7 @@ M-times-N redundant file reads and allows cross-library finding deduplication.
199
204
  > - **Library**: <library-tag>
200
205
  > - **Rule**: <rule-slug>
201
206
  > - **Confidence**: High | Medium | Low
207
+ > - **Relevance**: Release-relevant | Ambient
202
208
  > - **Location**: `<file>:<line>`
203
209
  > - **Issue**: <one sentence>
204
210
  > - **Fix**: <specific proposed change or "needs analysis">
@@ -248,7 +254,7 @@ stage: implementing | drafting # by gate_finding_routing
248
254
  tags: [refactor]
249
255
  parent: null
250
256
  depends_on: []
251
- release_binding: <version>
257
+ release_binding: <version> | null # null for ambient findings
252
258
  gate_origin: refactor
253
259
  created: YYYY-MM-DD
254
260
  updated: YYYY-MM-DD
@@ -265,7 +271,7 @@ stage: implementing | drafting # by gate_finding_routing
265
271
  tags: []
266
272
  parent: null
267
273
  depends_on: []
268
- release_binding: <version>
274
+ release_binding: <version> | null # null for ambient findings
269
275
  gate_origin: refactor
270
276
  created: YYYY-MM-DD
271
277
  updated: YYYY-MM-DD
@@ -296,6 +302,10 @@ High | Medium | Low
296
302
  <specific proposed change, or "needs analysis" for medium/low>
297
303
  ```
298
304
 
305
+ Release-relevant findings use the normal confidence mapping and bind to the
306
+ release. Ambient rule violations discovered outside the bundle go to the
307
+ unbound backlog regardless of confidence.
308
+
299
309
  Default confidence -> placement mapping:
300
310
 
301
311
  | Confidence | Stage | Tier |
@@ -343,7 +353,9 @@ In conversation:
343
353
 
344
354
  - **The scan happens in the scanner agent, not here.** Your job is library discovery, bundle prep,
345
355
  dispatch, and item-writing. Do not replicate the scanner's analysis.
346
- - Scan only the bundle's changed files, not the whole repo.
356
+ - Release-bound files define focus, not a hard boundary. Follow concrete
357
+ rule-relevant evidence into adjacent or system-wide code, but do not perform
358
+ an unfocused whole-repo scan; route ambient findings to the unbound backlog.
347
359
  - Never apply fixes in this skill — produce items only.
348
360
  - **No-libraries is not an error.** Graceful skip with a log entry is the correct behavior when
349
361
  no scan-* libraries are installed.
@@ -91,8 +91,8 @@ structured findings.
91
91
  > agile-workflow scanner. Use read/search/shell/current-source lookup tools as
92
92
  > needed, but do not spawn nested sub-agents or implement fixes.
93
93
  >
94
- > **Bundle scope** (audit ONLY these files; this is a release gate, not a
95
- > repo-wide audit):
94
+ > **Bundle focus** (start here; follow concrete security-relevant call paths,
95
+ > dependencies, shared infrastructure, and controls as needed):
96
96
  > ```
97
97
  > <bundle-files>
98
98
  > ```
@@ -138,7 +138,8 @@ structured findings.
138
138
  > logs, missing error boundaries, verbose prod errors. All prod apps.
139
139
  >
140
140
  > 3. **Domain audit passes** — for each selected domain, audit the bundle's
141
- > changed files against that domain's checklist. Use current-source lookup
141
+ > changed files against that domain's checklist, following concrete evidence
142
+ > into adjacent security boundaries, dependencies, and shared controls. Use current-source lookup
142
143
  > when needed to verify best practices for `<stack>+<domain>` combinations
143
144
  > before judging.
144
145
  >
@@ -160,6 +161,7 @@ structured findings.
160
161
  > - **Title**: <one-line>
161
162
  > - **Severity**: Critical | High | Medium | Low
162
163
  > - **Domain**: <domain name>
164
+ > - **Relevance**: Release-relevant | Ambient
163
165
  > - **Location**: `<file>:<line>`
164
166
  > - **Evidence**:
165
167
  > ```<lang>
@@ -182,7 +184,8 @@ structured findings.
182
184
  > ```
183
185
  >
184
186
  > **Rules**:
185
- > - Audit only the files listed in Bundle scope. Do NOT expand the audit.
187
+ > - Bundle files are the focus, not a hard boundary. Expand only along concrete
188
+ > security-relevant evidence and record why out-of-bundle surfaces were inspected.
186
189
  > - Cite file:line for every finding.
187
190
  > - Don't fabricate. If evidence is missing, don't report.
188
191
  > - Skip findings that match the already-tracked list.
@@ -211,7 +214,7 @@ stage: implementing # Critical or High
211
214
  tags: [security]
212
215
  parent: null
213
216
  depends_on: []
214
- release_binding: <version>
217
+ release_binding: <version> | null # null for ambient findings
215
218
  gate_origin: security
216
219
  created: YYYY-MM-DD
217
220
  updated: YYYY-MM-DD
@@ -237,6 +240,11 @@ Critical | High | Medium | Low
237
240
  <what should change — direction, not a finished fix>
238
241
  ```
239
242
 
243
+ Release-relevant findings use the normal severity mapping and bind to the
244
+ release. Ambient findings discovered outside the release's material risk go to
245
+ the unbound backlog regardless of severity; a genuinely critical repository
246
+ vulnerability is release-relevant when shipping would expose or perpetuate it.
247
+
240
248
  Default severity -> placement mapping:
241
249
  - **Critical** / **High** → `stage: implementing` in `.work/active/stories/`
242
250
  - **Medium** → `stage: drafting` in `.work/active/stories/`
@@ -271,5 +279,6 @@ In conversation:
271
279
  returns nothing. Don't paper that over.
272
280
  - Idempotent re-runs: pass already-tracked findings into the scanner brief so it
273
281
  skips duplicates. Double-check on item-write before creating.
274
- - Audit only the bundle's changes, not the whole repo. Repo-wide audits are
275
- a standalone `repo-eval`'s job, not a release gate's.
282
+ - Release-bound items define focus, not a hard boundary. Follow concrete
283
+ security evidence into adjacent or system-wide controls, but do not perform
284
+ an unfocused whole-repo audit. Route merely ambient findings to the unbound backlog.