@ryuenn3123/agentic-senior-core 2.0.4 → 2.0.7

package/.agent-context/skills/fullstack.md

@@ -10,18 +10,21 @@ Coordinate frontend and backend delivery as a single product system.
 - Shared validation contracts
 - End-to-end flows and release readiness
 - Performance, accessibility, and observability together
+- Release coordination and rollback preparation across services
 
 ## Must-Have Checks
 - Single feature directory with clear public API
 - Frontend and backend contracts aligned
 - End-to-end test coverage for critical paths
 - Release notes explain UX and API impact together
+- Cross-service rollout order and rollback trigger criteria are documented
 
 ## Evidence
 - Feature parity checklist
 - End-to-end test report
 - Contract validation output
 - Release artifact bundle
+- Rollout/rollback decision log for multi-service features
 
 ## Fallback
 - Split delivery only when the feature boundary is explicit and the evidence bundle is still complete.

package/.agent-context/skills/review-quality/.evidence/compatibility-manifest.json

@@ -0,0 +1,9 @@
+{
+  "schemaVersion": "compatibility-manifest-v1",
+  "artifactType": "skill-domain-evidence",
+  "domain": "review-quality",
+  "ides": ["cursor", "windsurf", "copilot", "gemini", "claude", "codex", "cline"],
+  "nodeMin": "18",
+  "platforms": ["windows", "linux", "macos"],
+  "validatedAt": "2026-04-11T12:00:00Z"
+}

package/.agent-context/skills/review-quality/.evidence/sbom-excerpt.json

@@ -0,0 +1,6 @@
+{
+  "format": "cyclonedx",
+  "component": "@agentic-skills/review-quality",
+  "version": "1.0.0",
+  "dependencies": []
+}

package/.agent-context/skills/review-quality/.evidence/test-report.json

@@ -0,0 +1,8 @@
+{
+  "passed": true,
+  "total": 15,
+  "failed": 0,
+  "skipped": 0,
+  "durationMs": 1400,
+  "lastRun": "2026-04-11T12:00:00Z"
+}

package/.agent-context/skills/review-quality/CHANGELOG.md

@@ -0,0 +1,7 @@
+---
+tier: production
+---
+# Changelog
+## 1.0.0
+- Expanded review-quality skill depth with release decisioning guidance.
+- Added evidence bundle metadata for trust-tier verification.

package/.agent-context/skills/review-quality/README.md

@@ -8,6 +8,7 @@ This domain formalizes review quality across planning discipline, security enfor
 - [Planning](planning.md) - Plan quality, scope control, and change strategy
 - [Security](security.md) - Critical vulnerability policy and boundary safeguards
 - [Benchmarking](benchmark.md) - Regression detection and evidence-based comparison
+- [Release Decisioning](release-decision.md) - Explicit readiness verdicts, blocker ownership, and escalation logic
 
 ## Operating Model
 - Use `expert` for standard review workflows.
@@ -16,4 +17,11 @@ This domain formalizes review quality across planning discipline, security enfor
 ## Above-Line Additions
 - Security halt protocol for critical findings.
 - Benchmark gate thresholds integrated in CI.
-- Review evidence bundle for auditability.
+- Review evidence bundle for auditability.
+
+## Usage Example
+
+```bash
+node ./scripts/governance-weekly-report.mjs
+node ./scripts/release-gate.mjs
+```

package/.agent-context/skills/review-quality/package.json

@@ -0,0 +1,5 @@
+{
+  "name": "@agentic-skills/review-quality",
+  "version": "1.0.0",
+  "author": "agentic"
+}

package/.agent-context/skills/review-quality/release-decision.md

@@ -0,0 +1,49 @@
+# Release Decisioning
+
+Tier: EXPERT
+
+Release decisioning converts technical signals into explicit ship, hold, or rollback recommendations with ownership.
+
+## Decision Inputs
+
+Use a standardized input set for every release review:
+
+- Validation and test status.
+- Release gate and forbidden-content status.
+- Benchmark and quality trend posture.
+- Security and architecture findings.
+- Trust-tier posture for required skill domains.
+
+## Decision Outcomes
+
+Each review must conclude with one outcome:
+
+- Ship: all mandatory gates pass and no unresolved critical findings.
+- Hold: one or more blockers remain unresolved.
+- Rollback: post-release signal confirms unacceptable risk or regression.
+
+## Blocker Policy
+
+A blocker record needs:
+
+- Title and category.
+- Owner and deadline.
+- User impact statement.
+- Mitigation and validation command.
+
+No blocker should remain in implicit or undocumented state.
+
+## Escalation Rules
+
+Escalate to maintainers immediately when:
+
+- Critical security issue is detected.
+- Gate output becomes inconsistent across environments.
+- Rollback readiness cannot be proven.
+
+## Review Checklist
+
+- [ ] Decision outcome is explicit (ship/hold/rollback).
+- [ ] Blockers include owner and due date.
+- [ ] Validation evidence is attached to decision log.
+- [ ] Escalation happened for critical unresolved risks.

package/.agent-context/skills/review-quality/tests/.gitkeep

@@ -0,0 +1 @@
+# Review-quality skill test fixtures placeholder

package/.agent-context/skills/review-quality.md

@@ -11,18 +11,21 @@ Turn code review, planning, and benchmark output into explicit quality decisions
 - Benchmark interpretation
 - Security and architecture audits
 - Evidence-driven approval
+- Explicit release decisions with blocker tracking and ownership
 
 ## Must-Have Checks
 - Every rejection includes a reason and a fix
 - Every approval includes evidence
 - Benchmark deltas are explicit
 - Security findings stop release when critical
+- Release readiness verdict includes blockers, owner, and due date
 
 ## Evidence
 - PR review report
 - Security audit output
 - Benchmark report
 - Approval or rejection rationale
+- Weekly governance report and release readiness summary
 
 ## Fallback
 - Standard mode can be used only for low-risk maintenance and still requires written evidence.

package/.agent-context/state/quality-trend-report.json

@@ -0,0 +1,89 @@
+{
+  "generatedAt": "2026-04-11T12:21:35.779Z",
+  "reportName": "quality-trend-report",
+  "methodology": {
+    "gateSources": [
+      "scripts/release-gate.mjs",
+      "scripts/benchmark-gate.mjs",
+      "scripts/benchmark-intelligence.mjs"
+    ],
+    "rollbackSource": "git log commit subjects within 30-day window",
+    "tokenSource": ".agent-context/state/token-optimization-benchmark.json"
+  },
+  "governanceHealth": {
+    "gateSummaries": [
+      {
+        "scriptPath": "scripts/release-gate.mjs",
+        "gateName": "release-gate",
+        "exitCode": 0,
+        "passed": true,
+        "parseError": null,
+        "failureCount": 0,
+        "generatedAt": "2026-04-11T12:21:35.292Z"
+      },
+      {
+        "scriptPath": "scripts/benchmark-gate.mjs",
+        "gateName": "benchmark-gate",
+        "exitCode": 0,
+        "passed": true,
+        "parseError": null,
+        "failureCount": 0,
+        "generatedAt": "2026-04-11T12:21:35.433Z"
+      },
+      {
+        "scriptPath": "scripts/benchmark-intelligence.mjs",
+        "gateName": "benchmark-intelligence",
+        "exitCode": 0,
+        "passed": true,
+        "parseError": null,
+        "failureCount": 0,
+        "generatedAt": "2026-04-11T12:21:35.480Z"
+      }
+    ],
+    "availableGateCount": 3,
+    "passedGateCount": 3,
+    "gatePassRatePercent": 100
+  },
+  "rejectionCategories": [],
+  "rollbackSignals": {
+    "windowDays": 30,
+    "commitCount": 46,
+    "rollbackCommitCount": 1,
+    "rollbackFrequencyPercent": 2.17,
+    "source": "git-log",
+    "error": null
+  },
+  "tokenEfficiency": {
+    "isAvailable": true,
+    "generatedAt": "2026-04-11T06:14:10.052Z",
+    "averageNativeSavingsPercent": 83.64,
+    "averageRtkSavingsPercent": 18.95,
+    "scenarioCount": 3
+  },
+  "artifact": {
+    "path": "E:\\Project\\Agentic-Senior-Core\\.agent-context\\state\\quality-trend-report.json",
+    "writeMode": "stdout-and-file"
+  },
+  "history": [
+    {
+      "generatedAt": "2026-04-11T09:46:02.646Z",
+      "gatePassRatePercent": 100,
+      "passedGateCount": 3,
+      "availableGateCount": 3,
+      "rollbackFrequencyPercent": 2.27,
+      "averageNativeSavingsPercent": 83.64,
+      "averageRtkSavingsPercent": 18.95,
+      "rejectionCategoryCount": 0
+    },
+    {
+      "generatedAt": "2026-04-11T12:21:35.779Z",
+      "gatePassRatePercent": 100,
+      "passedGateCount": 3,
+      "availableGateCount": 3,
+      "rollbackFrequencyPercent": 2.17,
+      "averageNativeSavingsPercent": 83.64,
+      "averageRtkSavingsPercent": 18.95,
+      "rejectionCategoryCount": 0
+    }
+  ]
+}

package/.agent-context/state/weekly-governance-report.json

@@ -0,0 +1,126 @@
+{
+  "generatedAt": "2026-04-11T12:21:37.776Z",
+  "reportName": "weekly-governance-report",
+  "methodology": {
+    "qualityTrendSource": "state-file",
+    "qualityTrendGeneratedAt": "2026-04-11T12:21:35.779Z",
+    "commitWindowDays": 7,
+    "requiredVerifiedDomains": [
+      "cli",
+      "frontend",
+      "fullstack",
+      "distribution",
+      "review-quality"
+    ]
+  },
+  "qualitySignals": {
+    "governanceHealth": {
+      "availableGateCount": 3,
+      "passedGateCount": 3,
+      "gatePassRatePercent": 100
+    },
+    "rejectionCategories": [],
+    "tokenEfficiency": {
+      "isAvailable": true,
+      "generatedAt": "2026-04-11T06:14:10.052Z",
+      "averageNativeSavingsPercent": 83.64,
+      "averageRtkSavingsPercent": 18.95,
+      "scenarioCount": 3
+    }
+  },
+  "skillTrust": {
+    "domains": [
+      {
+        "domain": "backend",
+        "tier": "experimental",
+        "score": 25
+      },
+      {
+        "domain": "cli",
+        "tier": "verified",
+        "score": 100
+      },
+      {
+        "domain": "distribution",
+        "tier": "verified",
+        "score": 100
+      },
+      {
+        "domain": "frontend",
+        "tier": "verified",
+        "score": 100
+      },
+      {
+        "domain": "fullstack",
+        "tier": "verified",
+        "score": 100
+      },
+      {
+        "domain": "review-quality",
+        "tier": "verified",
+        "score": 100
+      }
+    ],
+    "tierCounts": {
+      "verified": 5,
+      "community": 0,
+      "experimental": 1
+    },
+    "requiredVerifiedDomains": [
+      "cli",
+      "frontend",
+      "fullstack",
+      "distribution",
+      "review-quality"
+    ],
+    "requiredVerifiedDomainFailures": [],
+    "allRequiredVerified": true
+  },
+  "commitSignals": {
+    "windowDays": 7,
+    "commitCount": 18,
+    "releaseCommitCount": 7,
+    "rollbackCommitCount": 1,
+    "releaseFrequencyPercent": 38.89,
+    "rollbackFrequencyPercent": 5.56,
+    "error": null
+  },
+  "releaseReadiness": {
+    "isReady": true,
+    "blockers": [],
+    "summary": "Weekly governance posture is ready for maintenance releases."
+  },
+  "artifact": {
+    "path": "E:\\Project\\Agentic-Senior-Core\\.agent-context\\state\\weekly-governance-report.json",
+    "writeMode": "stdout-and-file"
+  },
+  "history": [
+    {
+      "generatedAt": "2026-04-11T12:14:52.483Z",
+      "readinessStatus": "blocked",
+      "blockerCount": 1,
+      "gatePassRatePercent": 100,
+      "verifiedSkillDomainCount": 1,
+      "releaseFrequencyPercent": 38.89,
+      "rollbackFrequencyPercent": 5.56
+    },
+    {
+      "generatedAt": "2026-04-11T12:19:25.182Z",
+      "readinessStatus": "ready",
+      "blockerCount": 0,
+      "gatePassRatePercent": 100,
+      "verifiedSkillDomainCount": 5,
+      "releaseFrequencyPercent": 38.89,
+      "rollbackFrequencyPercent": 5.56
+    },
+    {
+      "generatedAt": "2026-04-11T12:21:37.776Z",
+      "readinessStatus": "ready",
+      "blockerCount": 0,
+      "gatePassRatePercent": 100,
+      "verifiedSkillDomainCount": 5,
+      "releaseFrequencyPercent": 38.89,
+      "rollbackFrequencyPercent": 5.56
+    }
+  ]
+}

package/.cursorrules

@@ -1,6 +1,6 @@
 # AGENTIC-SENIOR-CORE DYNAMIC GOVERNANCE RULESET
 
-Generated by Agentic-Senior-Core CLI v2.0.4
+Generated by Agentic-Senior-Core CLI v2.0.7
 Timestamp: 2026-04-08T14:58:53.570Z
 Selected profile: beginner
 Selected policy file: .agent-context/policies/llm-judge-threshold.json

package/.gemini/instructions.md

@@ -1,97 +1,21 @@
-# Antigravity / Gemini Agent Instructions
+# Gemini Instructions - Thin Adapter
 
-> These instructions are loaded automatically by Antigravity (Google's AI coding agent).
-> The authoritative knowledge base is in `.agent-context/`.
+Adapter Mode: thin
+Adapter Source: .instructions.md
+Canonical Snapshot SHA256: 361ac86172268a2f20d4f7a1e407c7dd122f1b0c265d085e872254718b078d22
 
-## Identity
+Canonical policy source: [.instructions.md](../.instructions.md).
 
-You are a Senior Software Architect with 10+ years of production experience.
-You enforce professional engineering standards. No shortcuts. No "good enough" code.
+## Bootstrap Sequence
 
-## Knowledge Base Protocol
+1. Load [.instructions.md](../.instructions.md) first.
+2. Apply baseline rules from [.agent-context/rules/](../.agent-context/rules).
+3. Load language profile from [.agent-context/stacks/](../.agent-context/stacks).
+4. Use [.agent-context/blueprints/](../.agent-context/blueprints) when creating new modules/projects.
+5. Load domain skills from [.agent-context/skills/](../.agent-context/skills).
+6. Load request templates from [.agent-context/prompts/](../.agent-context/prompts).
+7. Apply team defaults from [.agent-context/profiles/](../.agent-context/profiles), state awareness from [.agent-context/state/](../.agent-context/state), and policy thresholds from [.agent-context/policies/](../.agent-context/policies).
 
-Before generating or modifying any code, load the relevant rules:
+## Completion Gate
 
-### Auto-Architect Trigger (MANDATORY FOR NEW PROJECTS)
-If the user's INTENT is to create a new project, system, module, or app (regardless of the exact words used), **IMMEDIATELY** enter Architect Mode:
-1. Read `.agent-context/rules/`, `.agent-context/stacks/`, and `.agent-context/blueprints/` without being asked.
-2. Propose the most efficient technology stack and architecture layer separation (Transport -> Service -> Repository).
-3. Draft a high-level plan and wait for the user's approval before generating any code.
-
-### Refactor & Legacy Code Trigger
-If the user's INTENT is to refactor, fix, update, or change existing code:
-1. Read `.agent-context/rules/architecture.md` and `.agent-context/rules/naming-conv.md`.
-2. Propose a refactor plan adhering to our standards before modifying any code.
-
-### Step 1: Universal Rules (Always Load)
-Read ALL files in `.agent-context/rules/`:
-- `naming-conv.md` — Descriptive naming, no single-letter variables
-- `architecture.md` — Separation of Concerns, feature-based grouping
-- `security.md` — Validate all input, parameterize queries, never hardcode secrets
-- `performance.md` — Evidence-based optimization, N+1 death penalty
-- `error-handling.md` — Never swallow errors, typed error codes, structured logging
-- `testing.md` — Test pyramid, behavior over implementation
-- `git-workflow.md` — Conventional Commits, atomic changes
-- `efficiency-vs-hype.md` — Stable dependencies over trendy ones
-- `api-docs.md` — OpenAPI mandatory, zero-doc death penalty
-- `microservices.md` — Monolith first, split triggers, strangler fig
-- `event-driven.md` — Event sourcing, CQRS, idempotency
-- `database-design.md` — 3NF default, index FKs, safe migrations
-- `realtime.md` — WebSockets scaling & strict pub/sub
-- `frontend-architecture.md` — Smart/Dumb UI, TanStack Query vs Zustand
-
-### Step 2: Language Profile (By Stack)
-Load the relevant stack from `.agent-context/stacks/`:
-- TypeScript/Node → `stacks/typescript.md`
-- Python → `stacks/python.md`
-- Java/Kotlin → `stacks/java.md`
-- PHP → `stacks/php.md`
-- Go → `stacks/go.md`
-- C#/.NET → `stacks/csharp.md`
-- Rust → `stacks/rust.md`
-- Ruby on Rails → `stacks/ruby.md`
-
-### Step 3: Blueprint (If Scaffolding)
-Load from `.agent-context/blueprints/` when creating new projects.
-
-### Step 4: Review (Before Completion)
-Run `.agent-context/review-checklists/pr-checklist.md` before declaring done.
-
-### Step 5: State + Override (V1.4)
-- Read `.agent-context/state/architecture-map.md` and `.agent-context/state/dependency-map.md` before high-impact refactors.
-- Use `.agent-override.md` only for explicit scoped exceptions.
-
-## The Reasoning Clause (MANDATORY)
-Every time you reject a code block, suggest a change, or enforce a rule, you MUST provide a Reasoning Chain:
-
-```
-REASONING CHAIN
-Problem: [WHY the user's current approach/request is dangerous or unprofessional]
-Solution: [The improved, production-grade approach]
-Why Better: [WHY this is more professional — teach the human]
-```
-
-## Zero Tolerance & Rejection Protocol
-If the user asks for "quick and dirty" code, skipping tests, or ignoring validation, you MUST politely but firmly refuse. Explain that today's hack is tomorrow's production incident. You do NOT tolerate shortcuts.
-
-### The Security Halt
-If you detect critical security vulnerabilities (e.g., hardcoded secrets, SQL injection, bypassing auth), you MUST halt feature development and refuse to proceed until the vulnerability is patched.
-
-### The "Plan First" Rule
-For any non-trivial request, do NOT generate full code immediately. You MUST first provide a bulleted "Implementation Plan" outlining the file structure, design patterns to be used, and security considerations. End your response with: *"Do you approve this plan? If yes, I will generate the code."*
-
-### Self-Correction Protocol
-Before outputting your final code, silently run a self-review against our Clean Code and Security standards. If your generated code contains `any` types, swallowed errors, or unvalidated inputs, CORRECT IT before showing it to the user. Never output code you wouldn't approve in a PR.
-
-### Dependency Defense
-If the user asks to install a new library, or if you feel the need to use one, evaluate it against the "stdlib-first" rule. If the functionality can be implemented safely in under 20 lines of code, write it yourself. If a dependency is strictly necessary, you MUST justify it by providing its bundle size, maintenance status, and why the standard library is insufficient.
-
-## Absolute Clean Code Laws
-1. **No Lazy Naming:** NEVER use generic variables like `data`, `res`, `temp`, `val`, `x`. Variables must be nouns answering "WHAT is this?". Functions must start with a verb (e.g., `validatePayment`). Booleans must use `is`/`has`/`can`/`should` prefixes.
-2. **No 'any' or 'magic':** If using TypeScript/Python, the `any` type is completely banned. All external data MUST be validated at the boundary using schemas (like Zod or Pydantic) before touching business logic.
-3. **Layer Separation:** Business logic does NOT touch HTTP. Database logic does NOT leak into services. No exceptions.
-4. **Context First:** NEVER write code without checking `.agent-context/rules/` first.
-5. **No Blind Dependencies:** NEVER introduce dependencies without justification.
-
-## Definition of Done
-**NEVER** declare a task "done" or ready for review without explicitly running and passing `.agent-context/review-checklists/pr-checklist.md`.
+Run [.agent-context/review-checklists/pr-checklist.md](../.agent-context/review-checklists/pr-checklist.md) before declaring completion.