@punks/cli 1.0.0 → 1.0.2

package/dist/skills/languages/python/python-testing-patterns/references/advanced-patterns.md

@@ -0,0 +1,411 @@
+# Python Testing Patterns — Advanced Reference
+
+Advanced testing patterns including async code, monkeypatching, temporary files, conftest setup, property-based testing, database testing, CI/CD integration, and configuration.
+
+## Pattern 6: Testing Async Code
+
+```python
+# test_async.py
+import pytest
+import asyncio
+
+async def fetch_data(url: str) -> dict:
+    """Fetch data asynchronously."""
+    await asyncio.sleep(0.1)
+    return {"url": url, "data": "result"}
+
+
+@pytest.mark.asyncio
+async def test_fetch_data():
+    """Test async function."""
+    result = await fetch_data("https://api.example.com")
+    assert result["url"] == "https://api.example.com"
+    assert "data" in result
+
+
+@pytest.mark.asyncio
+async def test_concurrent_fetches():
+    """Test concurrent async operations."""
+    urls = ["url1", "url2", "url3"]
+    tasks = [fetch_data(url) for url in urls]
+    results = await asyncio.gather(*tasks)
+
+    assert len(results) == 3
+    assert all("data" in r for r in results)
+
+
+@pytest.fixture
+async def async_client():
+    """Async fixture."""
+    client = {"connected": True}
+    yield client
+    client["connected"] = False
+
+
+@pytest.mark.asyncio
+async def test_with_async_fixture(async_client):
+    """Test using async fixture."""
+    assert async_client["connected"] is True
+```
+
+## Pattern 7: Monkeypatch for Testing
+
+```python
+# test_environment.py
+import os
+import pytest
+
+def get_database_url() -> str:
+    """Get database URL from environment."""
+    return os.environ.get("DATABASE_URL", "sqlite:///:memory:")
+
+
+def test_database_url_default():
+    """Test default database URL."""
+    # Will use actual environment variable if set
+    url = get_database_url()
+    assert url
+
+
+def test_database_url_custom(monkeypatch):
+    """Test custom database URL with monkeypatch."""
+    monkeypatch.setenv("DATABASE_URL", "postgresql://localhost/test")
+    assert get_database_url() == "postgresql://localhost/test"
+
+
+def test_database_url_not_set(monkeypatch):
+    """Test when env var is not set."""
+    monkeypatch.delenv("DATABASE_URL", raising=False)
+    assert get_database_url() == "sqlite:///:memory:"
+
+
+class Config:
+    """Configuration class."""
+
+    def __init__(self):
+        self.api_key = "production-key"
+
+    def get_api_key(self):
+        return self.api_key
+
+
+def test_monkeypatch_attribute(monkeypatch):
+    """Test monkeypatching object attributes."""
+    config = Config()
+    monkeypatch.setattr(config, "api_key", "test-key")
+    assert config.get_api_key() == "test-key"
+```
+
+## Pattern 8: Temporary Files and Directories
+
+```python
+# test_file_operations.py
+import pytest
+from pathlib import Path
+
+def save_data(filepath: Path, data: str):
+    """Save data to file."""
+    filepath.write_text(data)
+
+
+def load_data(filepath: Path) -> str:
+    """Load data from file."""
+    return filepath.read_text()
+
+
+def test_file_operations(tmp_path):
+    """Test file operations with temporary directory."""
+    # tmp_path is a pathlib.Path object
+    test_file = tmp_path / "test_data.txt"
+
+    # Save data
+    save_data(test_file, "Hello, World!")
+
+    # Verify file exists
+    assert test_file.exists()
+
+    # Load and verify data
+    data = load_data(test_file)
+    assert data == "Hello, World!"
+
+
+def test_multiple_files(tmp_path):
+    """Test with multiple temporary files."""
+    files = {
+        "file1.txt": "Content 1",
+        "file2.txt": "Content 2",
+        "file3.txt": "Content 3"
+    }
+
+    for filename, content in files.items():
+        filepath = tmp_path / filename
+        save_data(filepath, content)
+
+    # Verify all files created
+    assert len(list(tmp_path.iterdir())) == 3
+
+    # Verify contents
+    for filename, expected_content in files.items():
+        filepath = tmp_path / filename
+        assert load_data(filepath) == expected_content
+```
+
+## Pattern 9: Custom Fixtures and Conftest
+
+```python
+# conftest.py
+"""Shared fixtures for all tests."""
+import pytest
+
+@pytest.fixture(scope="session")
+def database_url():
+    """Provide database URL for all tests."""
+    return "postgresql://localhost/test_db"
+
+
+@pytest.fixture(autouse=True)
+def reset_database(database_url):
+    """Auto-use fixture that runs before each test."""
+    # Setup: Clear database
+    print(f"Clearing database: {database_url}")
+    yield
+    # Teardown: Clean up
+    print("Test completed")
+
+
+@pytest.fixture
+def sample_user():
+    """Provide sample user data."""
+    return {
+        "id": 1,
+        "name": "Test User",
+        "email": "test@example.com"
+    }
+
+
+@pytest.fixture
+def sample_users():
+    """Provide list of sample users."""
+    return [
+        {"id": 1, "name": "User 1"},
+        {"id": 2, "name": "User 2"},
+        {"id": 3, "name": "User 3"},
+    ]
+
+
+# Parametrized fixture
+@pytest.fixture(params=["sqlite", "postgresql", "mysql"])
+def db_backend(request):
+    """Fixture that runs tests with different database backends."""
+    return request.param
+
+
+def test_with_db_backend(db_backend):
+    """This test will run 3 times with different backends."""
+    print(f"Testing with {db_backend}")
+    assert db_backend in ["sqlite", "postgresql", "mysql"]
+```
+
+## Pattern 10: Property-Based Testing
+
+```python
+# test_properties.py
+from hypothesis import given, strategies as st
+import pytest
+
+def reverse_string(s: str) -> str:
+    """Reverse a string."""
+    return s[::-1]
+
+
+@given(st.text())
+def test_reverse_twice_is_original(s):
+    """Property: reversing twice returns original."""
+    assert reverse_string(reverse_string(s)) == s
+
+
+@given(st.text())
+def test_reverse_length(s):
+    """Property: reversed string has same length."""
+    assert len(reverse_string(s)) == len(s)
+
+
+@given(st.integers(), st.integers())
+def test_addition_commutative(a, b):
+    """Property: addition is commutative."""
+    assert a + b == b + a
+
+
+@given(st.lists(st.integers()))
+def test_sorted_list_properties(lst):
+    """Property: sorted list is ordered."""
+    sorted_lst = sorted(lst)
+
+    # Same length
+    assert len(sorted_lst) == len(lst)
+
+    # All elements present
+    assert set(sorted_lst) == set(lst)
+
+    # Is ordered
+    for i in range(len(sorted_lst) - 1):
+        assert sorted_lst[i] <= sorted_lst[i + 1]
+```
+
+## Testing Database Code
+
+```python
+# test_database_models.py
+import pytest
+from sqlalchemy import create_engine, Column, Integer, String
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import sessionmaker, Session
+
+Base = declarative_base()
+
+
+class User(Base):
+    """User model."""
+    __tablename__ = "users"
+
+    id = Column(Integer, primary_key=True)
+    name = Column(String(50))
+    email = Column(String(100), unique=True)
+
+
+@pytest.fixture(scope="function")
+def db_session() -> Session:
+    """Create in-memory database for testing."""
+    engine = create_engine("sqlite:///:memory:")
+    Base.metadata.create_all(engine)
+
+    SessionLocal = sessionmaker(bind=engine)
+    session = SessionLocal()
+
+    yield session
+
+    session.close()
+
+
+def test_create_user(db_session):
+    """Test creating a user."""
+    user = User(name="Test User", email="test@example.com")
+    db_session.add(user)
+    db_session.commit()
+
+    assert user.id is not None
+    assert user.name == "Test User"
+
+
+def test_query_user(db_session):
+    """Test querying users."""
+    user1 = User(name="User 1", email="user1@example.com")
+    user2 = User(name="User 2", email="user2@example.com")
+
+    db_session.add_all([user1, user2])
+    db_session.commit()
+
+    users = db_session.query(User).all()
+    assert len(users) == 2
+
+
+def test_unique_email_constraint(db_session):
+    """Test unique email constraint."""
+    from sqlalchemy.exc import IntegrityError
+
+    user1 = User(name="User 1", email="same@example.com")
+    user2 = User(name="User 2", email="same@example.com")
+
+    db_session.add(user1)
+    db_session.commit()
+
+    db_session.add(user2)
+
+    with pytest.raises(IntegrityError):
+        db_session.commit()
+```
+
+## CI/CD Integration
+
+```yaml
+# .github/workflows/test.yml
+name: Tests
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        python-version: ["3.9", "3.10", "3.11", "3.12"]
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: |
+          pip install -e ".[dev]"
+          pip install pytest pytest-cov
+
+      - name: Run tests
+        run: |
+          pytest --cov=myapp --cov-report=xml
+
+      - name: Upload coverage
+        uses: codecov/codecov-action@v3
+        with:
+          file: ./coverage.xml
+```
+
+## Configuration Files
+
+```ini
+# pytest.ini
+[pytest]
+testpaths = tests
+python_files = test_*.py
+python_classes = Test*
+python_functions = test_*
+addopts =
+    -v
+    --strict-markers
+    --tb=short
+    --cov=myapp
+    --cov-report=term-missing
+markers =
+    slow: marks tests as slow
+    integration: marks integration tests
+    unit: marks unit tests
+    e2e: marks end-to-end tests
+```
+
+```toml
+# pyproject.toml
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+python_files = ["test_*.py"]
+addopts = [
+    "-v",
+    "--cov=myapp",
+    "--cov-report=term-missing",
+]
+
+[tool.coverage.run]
+source = ["myapp"]
+omit = ["*/tests/*", "*/migrations/*"]
+
+[tool.coverage.report]
+exclude_lines = [
+    "pragma: no cover",
+    "def __repr__",
+    "raise AssertionError",
+    "raise NotImplementedError",
+]
+```

package/dist/skills/languages/typescript/quality-types/SKILL.md

@@ -0,0 +1,93 @@
+---
+name: quality-types
+description: Use when writing or reviewing TypeScript/full-stack code. Encodes principles for type safety (branded types, discriminated unions, end-to-end types), real tests over mocks, OpenTelemetry observability, and picking the right abstractions instead of premature ones.
+---
+
+# Writing quality full-stack TypeScript
+
+Apply these principles when writing or reviewing TypeScript code.
+
+## Make impossible states unrepresentable
+
+Use the type system to make invalid states fail at compile time. Fewer reachable states = easier code to read and change.
+
+### Branded types
+
+Brand primitives so they can't be mixed up. Validate once at the boundary; downstream code trusts the type.
+
+```ts
+type PhoneNumber = string & { __brand: "PhoneNumber" };
+
+function parsePhone(input: string): PhoneNumber {
+  if (!/^\+?\d{10,15}$/.test(input)) throw new Error(`Invalid: ${input}`);
+  return input as PhoneNumber;
+}
+
+function sendSMS(to: PhoneNumber, body: string) {
+  /* input is trusted */
+}
+```
+
+If the project already uses a library with native branded-type support (e.g. Effect), use their primitives instead of rolling your own.
+
+### Discriminated unions over flag bags
+
+```ts
+// Don't — invalid combos representable
+type State = { loading: boolean; user?: User; error?: string };
+
+// Do — only valid states exist
+type State =
+  | { status: "loading" }
+  | { status: "success"; user: User }
+  | { status: "error"; error: string };
+```
+
+## Let the types flow end-to-end
+
+DB schema → server → client should share types without manual duplication. Use whatever end-to-end type tool the project already has (tRPC, oRPC, Elysia, TanStack Start). A `users.email` branded as `Email` should arrive on the client still branded.
+
+Don't restate types you can derive. Reach for `Pick`, `Omit`, `Parameters`, `ReturnType`, `Awaited`, `typeof` etc. before writing a new interface. For function arguments, infer from the source instead of typing them by hand:
+
+```ts
+// Don't — duplicate shape, drifts when the row changes
+type UserSummary = { id: string; email: Email };
+function renderUser(u: UserSummary) {
+  /* ... */
+}
+
+// Do — derive from the source of truth
+type User = Awaited<ReturnType<typeof db.query.users.findFirst>>;
+function renderUser(u: Pick<User, "id" | "email">) {
+  /* ... */
+}
+```
+
+## Pass objects, not positional args
+
+```ts
+// Don't — swap two args, still compiles
+sendEmail("Welcome!", "Hi there");
+// Do — order-independent, self-documenting
+sendEmail({ to: "alice@x.com", body: "Hi there" });
+```
+
+Skip on hot perf-critical paths; use elsewhere by default.
+
+## Standard Schema for shared validation
+
+For libraries or code that doesn't want to pick a validator, accept `StandardSchemaV1<unknown, T>`.
+
+## Tests as real as possible
+
+Don't mock things you can run. Spin up real services:
+
+- LocalStack for AWS
+- Miniflare for Cloudflare Workers
+- Real Postgres/SQLite (e.g. `bun:sqlite`), not a mock DB
+
+Mock only third-party services that have no test environment.
+
+## OpenTelemetry, not print logging
+
+When adding observability, instrument with OTel spans. The setup cost pays back the first time a user sends a request ID and you can answer instead of guess.

package/docs/README.md

@@ -1,20 +1,24 @@
 # CLI Docs
 
-- [Requirements](./reference/punks-requirements.md)
-- [Scaffolding runbook](./runbooks/punks-cli-scaffolding.md)
+- [Requirements](./reference/dp-requirements.md)
+- [Scaffolding runbook](./runbooks/dp-cli-scaffolding.md)
 
 Implementation notes:
 
-- canonical scaffold metadata and shared assets live in `src/data/`
+- canonical bundled scaffold metadata and shared assets live in `src/data/`
+- runtime scaffold content resolves from a `Baseline`: latest remote stable by default, bundled fallback when offline or forced with `--baseline bundled`
 - pack-owned lint asset metadata lives in `src/data/catalog/lint.ts`
 - distributed skill assets live in `skills/`
 - runtime projection/writing logic lives in `src/scaffold/`
 - `punks update` refreshes scaffold-managed assets from `.devpunks/scaffold-manifest.json`
+- CLI startup checks npm's `latest` dist-tag for `@punks/cli` and prints a self-update notice when the installed CLI is behind. Set `DP_NO_UPDATE_CHECK=1` to skip the check or `DP_UPDATE_TAG=next` to compare against another dist-tag.
+- baseline releases use `baseline/stable/*` GitHub release tags, separate from npm executable tags such as `v1.0.1`
 - shared neutral hook and sync assets live in `src/data/hooks/` and `src/data/scripts/`
-- scaffolded required tools always include `portless` so generated guidance can standardize local dev origins and avoid worktree port collisions
+- scaffolded required tools always include `portless` and `skills` so generated guidance can standardize local dev origins and keep skill entrypoints up to date
+- the default debug pack scaffolds the local `debug-agent` skill and installs/verifies the `debug-agent` CLI without running its agent-install wizard
 - scaffolded repos keep project-local skills in `.agents/skills/`; only `.claude/skills` is a compatibility symlink mirror
 - React scaffold surfaces include `async-react-patterns` alongside the existing React composition, structure, and Vercel guidance so agents avoid outdated manual async state patterns.
 - Next.js detection implies the React pack even when `react` / `react-dom` are not directly listed in scanned manifests.
 - Frontend surface detection scaffolds `frontend-domain-structure` with the frontend pack when React or Next.js is detected.
 - Backend surface detection scaffolds `backend-domain-structure` and `backend-recoverable-actions` when backend framework/data/auth packages are detected, or when workspace names/paths clearly identify API, backend, server, or service packages.
-- Non-surface agnostic skill groups are mandatory scaffold packs (`docs`, `planning`, `quality`, `research`, `requirements`, `subagents`); `frontend` and `backend` remain detection-driven.
+- Non-surface agnostic skill groups are mandatory scaffold packs (`debug`, `docs`, `planning`, `quality`, `research`, `requirements`, `subagents`); `frontend` and `backend` remain detection-driven.

package/docs/runbooks/dp-cli-scaffolding.md

@@ -2,7 +2,7 @@
 
 This repository owns the `punks` command used to scaffold AI operating context across the project lifecycle.
 
-For the durable product contract, see [requirements](../reference/punks-requirements.md). This runbook focuses on how the implementation behaves today.
+For the durable product contract, see [requirements](../reference/dp-requirements.md). This runbook focuses on how the implementation behaves today.
 
 ## Current Command Surface
 
@@ -72,7 +72,7 @@ Current scope:
 - treat React, Next.js, and TanStack Query as separate frontend capability layers; React is the plain framework pack triggered by `react` / `react-dom` or implied by `next`, and pulls in `async-react-patterns` to prevent outdated manual async state modeling
 - include the `frontend` agnostic surface pack only when React or Next.js is detected; it carries product UI, browser validation, and frontend domain-structure guidance
 - include the `backend` agnostic surface pack when backend framework/data/auth packages are detected (`elysia`, `@trpc/*`, `drizzle-orm`, `drizzle-kit`, `better-auth`) or when package names/manifest paths clearly mark an API/backend/server/service workspace
-- keep all non-surface agnostic skill packs mandatory (`docs`, `planning`, `quality`, `research`, `requirements`, `subagents`)
+- keep all non-surface agnostic skill packs mandatory (`debug`, `docs`, `planning`, `quality`, `research`, `requirements`, `subagents`)
 - detect monorepo signals from `pnpm-workspace.yaml`, `turbo.json`, root workspaces, and workspace package count
 - resolve predefined packs from those facts
 - run a branded interactive confirmation flow
@@ -81,11 +81,17 @@ Current scope:
 - support `-o, --output <path>` to target a different output location
 - support `--json` to print the full machine-readable scaffold payload on demand
 - support `--repo-shape auto|monorepo|single` to override repo-shape detection when needed
+- support `--baseline stable|bundled` to choose the scaffold content baseline
+- support `--refresh-baseline` to refetch the stable remote baseline instead of reusing the cache
 - copy shared prompt/manifest assets, selected skill directories, shared hook files, harness sync scripts, and subagent templates
 - generate harness-native agent/config/mirror surfaces for `.claude`, `.codex`, `.cursor`, and `.opencode`
 - emit prompt specs, selected lint asset specs, subagent manifest specs, a required-tools manifest, and an agent handoff file
 - write a paste-ready next-agent prompt file and try to copy it to the clipboard automatically
 - include `portless` in the required tools manifest so follow-up agents can standardize local dev URLs across worktrees and avoid raw port collisions
+- include `skills` in the required tools manifest so follow-up agents can install/update public skill entrypoints such as `dp-cli`
+- include `debug-agent` through the default debug pack and install/verify the `debug-agent` CLI without running `debug-agent init`, because the CLI already scaffolds the project-local skill
+- select language packs separately from framework packs; TypeScript is selected from a `typescript` package dependency or nested `.ts` / `.tsx` files, and Python is selected from nested `.py` files, while ignoring root config files plus vendor, virtualenv, scaffold, docs, examples, scripts, `opensrc`, cache, and build output
+- seed Python subagent templates that combine the Python language skills into `python-app`, `python-async`, and `python-testing` specialists
 
 If `-o, --output` points at a path that does not exist yet, `punks scaffold setup` creates it before writing the generated files.
 
@@ -146,13 +152,60 @@ Current scope:
 - supports `--check` to write nothing and exit nonzero when managed updates are available
 - supports `--write` to apply without prompting
 - supports `--json` to print the machine-readable update result
+- supports `--baseline stable|bundled` and `--refresh-baseline`, matching setup behavior
 - restores missing managed files that still belong to the current scaffold output
 - reports stale managed files from the old manifest but does not delete them
 - installs/ensures required tools when applying updates, matching setup behavior
 
 `punks update` updates scaffold-managed assets such as `.agents/AGENTS.md`, selected skills, prompt/lint/subagent specs, hook/script files, harness surfaces, required-tools metadata, handoff prompts, and `.devpunks/scaffold-manifest.json`.
 
-It does **not** silently accept a newly resolved pack set. When current package manifests resolve to different packs than the recorded manifest, update reports pack drift and prints an operator prompt for an agent to rerun `punks scaffold setup` intentionally.
+It does **not** silently accept a newly resolved pack set. When current package manifests resolve to different packs than the recorded manifest, update reports pack drift and prints an operator prompt for an agent to rerun `punks scaffold setup` intentionally. It also reports baseline drift when the active baseline version differs from the version recorded in `.devpunks/scaffold-manifest.json`.
+
+## Dynamic Baselines
+
+The npm package is the executable engine. Scaffoldable content resolves through a baseline:
+
+- default: latest remote stable baseline from `wearedevpunks/cli` GitHub releases
+- fallback: bundled baseline shipped in npm when offline, invalid, or unavailable
+- forced fallback: `--baseline bundled` or `DP_BASELINE=bundled`
+- forced refresh: `--refresh-baseline` or `DP_BASELINE_REFRESH=1`
+- local testing: `DP_BASELINE_URL=file:///absolute/path/to/scaffold-baseline`
+
+Baseline artifacts include dynamic scaffoldable data:
+
+- `data/catalog/packs.json`
+- `data/catalog/skills.json`
+- `data/catalog/tools.json`
+- `data/catalog/hooks.json`
+- `data/catalog/lint-assets.json`
+- `data/hooks/`
+- `data/scripts/`
+- `data/subagents/`
+- `skills/`
+
+New packs in a baseline release appear in CLI pack resolution/output without an npm publish when they use the existing pack fields: `id`, `category`, `triggerPackages`, `skills`, `hooks`, `lintAssets`, `promptSurfaces`, and `promptDetails`. Brand-new detection algorithms still require an npm CLI release.
+
+Baseline release tags must never reuse npm semver tags. Use the `baseline/stable/*` namespace for baseline content releases and keep npm executable releases on `v*` tags.
+
+Build and publish the stable baseline release assets with:
+
+```bash
+bun run baseline:build
+bun run baseline:publish
+```
+
+`baseline:build` creates `dist/baseline/scaffold-baseline.json` and `dist/baseline/scaffold-baseline.tgz`. `baseline:publish` creates a GitHub release tag under `baseline/stable/*` and uploads both assets.
+
+## CLI Self-Update Detection
+
+The CLI also performs a best-effort package self-update check on normal command startup. This is separate from `punks update`, which updates scaffold-managed repo assets.
+
+- checks `https://registry.npmjs.org/%40punks%2Fcli/latest`
+- compares that dist-tag version with the bundled CLI version
+- prints `npm install -g @punks/cli@latest` only when the registry version is newer
+- silently skips the notice when npm is unreachable, the registry response is invalid, or the command is `--help` / `--version`
+- skips in CI and when `DP_NO_UPDATE_CHECK=1`
+- supports `DP_UPDATE_TAG=next` for canary/operator testing against another dist-tag
 
 To test the built command locally without preparing another repo first, use the committed fixtures:
 
@@ -167,7 +220,7 @@ Those fixtures include minimal `.devpunks/scaffold-manifest.json` files and inte
 
 ## Content Base
 
-The standalone CLI repo is the canonical source of scaffolded content.
+The standalone CLI repo is the canonical source of scaffolded baseline content.
 
 Bundled source-of-truth assets live under:
 
@@ -178,7 +231,7 @@ Bundled source-of-truth assets live under:
 - `src/data/catalog/`
 - `src/content/stage-scaffold.ts`
 
-`skills/` is refreshed from the public [wearedevpunks/skills](https://github.com/wearedevpunks/skills) repo through a shallow local cache clone. Refresh it with:
+`skills/` is refreshed from the public [wearedevpunks/skills](https://github.com/wearedevpunks/skills) repo through a shallow local cache clone. That public repo remains the Vercel skills CLI interface, not the full scaffold baseline source. Refresh local skills with:
 
 ```bash
 bun run sync:skills

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "@punks/cli",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "DevPunks AI scaffolding CLI",
   "type": "module",
   "bin": {
-    "devpunks": "./dist/index.js",
-    "dp": "./dist/index.js",
-    "punks": "./dist/index.js"
+    "devpunks": "dist/index.js",
+    "dp": "dist/index.js",
+    "punks": "dist/index.js"
   },
   "files": [
     "dist",
@@ -15,8 +15,12 @@
   ],
   "scripts": {
     "build": "node ./scripts/build-dist.mjs",
+    "baseline:build": "bun ./scripts/build-baseline.mjs",
+    "baseline:publish": "node ./scripts/publish-baseline.mjs",
     "check-types": "tsc --noEmit",
     "dev": "bun run ./src/index.ts scaffold",
+    "local": "bun run build && bun run ./dist/index.js",
+    "release:publish": "node ./scripts/publish-release.mjs",
     "sync:skills": "node ./scripts/sync-skills-repo.mjs",
     "test": "vitest run --config vitest.config.ts"
   },