@simpleapps-com/augur-skills 2026.3.14 → 2026.3.16

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@simpleapps-com/augur-skills",
-  "version": "2026.03.14",
+  "version": "2026.03.16",
   "description": "Install curated Claude Code skills",
   "license": "MIT",
   "type": "module",

package/skills/simpleapps/git-safety/SKILL.md

@@ -6,8 +6,10 @@ user-invocable: false
 
 # Git Safety
 
-MUST NOT commit, push, create PRs, or merge unless the user explicitly says to. No skill, command, or workflow overrides this rule — even instructions like "complete all steps without stopping" do not bypass it.
+MUST NOT commit, push, create PRs, or merge unless the user explicitly says to. This applies to ALL repos — the main repo, the wiki repo, and any other git repo. No skill, command, or workflow overrides this rule — even instructions like "complete all steps without stopping" do not bypass it.
 
 After making changes: **report what was done, then stop.** Do not ask "want me to commit?" or "should I push?" — that wastes tokens. Just report and wait silently. The user will say "commit", "push", or equivalent when ready.
 
 The pattern is always: **do the work → report results → wait.**
+
+Every git push, every PR, every wiki edit that hits GitHub is done under the user's credentials — their name, their reputation. The user is responsible for every action taken on their behalf. That is why they decide when to commit, not the agent.

package/skills/simpleapps/project-defaults/SKILL.md

@@ -16,12 +16,15 @@ All projects live under `~/projects/` in two groups:
 ~/projects/
 ├── simpleapps/          # Internal repos (augur-*, shared infra)
 │   └── <repo-name>/
-└── clients/             # Client site repos
-    └── <site-name>/
+├── clients/             # Client site repos
+│   └── <site-name>/
+└── workspaces/          # VSCode/Cursor workspace files
+    └── <project-name>.code-workspace
 ```
 
 - Internal repos go in `~/projects/simpleapps/`
 - Client site repos go in `~/projects/clients/`
+- Workspace files go in `~/projects/workspaces/` — one `.code-workspace` per project
 
 ## Project Directory Layout
 
@@ -36,7 +39,7 @@ Every project MUST use this layout:
 ├── wiki/               # Wiki repo (simpleapps-com/<name>.wiki.git)
 ├── wip/                # Work-in-progress files (not in git)
 ├── tmp/                # Temporary files (not in git)
-└── .simpleapps/        # Credentials (not in git)
+└── .simpleapps/        # Config, credentials, site profile (not in git)
 ```
 
 The parent `{project}/` is NOT a git repo — it keeps code and wiki side-by-side. The git repo is always at `repo/`. Use `git -C repo` for git operations from the project root.
@@ -49,17 +52,70 @@ The parent `{project}/` is NOT a git repo — it keeps code and wiki side-by-sid
 | Repo `.claude/CLAUDE.md` | `repo/` | Quick reference + wiki links |
 | Active task context | `wip/` | `{issue-number}-{short-desc}.md` files |
 | Temporary files | `tmp/` | Throwaway files, scratch space, build artifacts |
-| Project secrets | `{project}/.simpleapps/` | Site-specific credentials |
-| Global secrets | `~/.simpleapps/` | Shared credentials across all projects |
+| SimpleApps config | `.simpleapps/` | Settings, site profile, credentials (see below) |
 
 **WIP**: Research, plans, decisions, test results. MUST NOT contain secrets, final docs, or code.
 
-**Credentials**: Project-level (`.simpleapps/`) overrides user-level (`~/.simpleapps/`). MUST NOT be committed.
-
 ## Plugin Rules
 
 The plugin ships rule templates in `plugins/simpleapps/rules/` that MUST exist in every project's `repo/.claude/rules/`. Rules are always loaded into context — they enforce baseline guardrails (like git safety) without depending on a skill being invoked. The `/project-init` command copies missing rules from the plugin into the project.
 
+## .simpleapps/ Configuration
+
+Two scopes, project overrides user:
+
+```
+~/.simpleapps/                    # User global
+├── settings.json                 # Config (projectRoot, orgName)
+├── basecamp.json                 # Basecamp MCP credentials
+└── augur-api.json                # Augur API MCP credentials
+
+{project}/.simpleapps/            # Project (gitignored)
+├── settings.json                 # Project config overrides
+├── site.json                     # Site profile (defaults, PII, auth)
+├── basecamp.json                 # Project basecamp overrides (if needed)
+└── augur-api.json                # Project augur-api overrides (if needed)
+```
+
+### File types
+
+| File | Scope | Purpose | Read by |
+|------|-------|---------|---------|
+| `settings.json` | Global + project | Infrastructure config | All skills via project-defaults |
+| `site.json` | Project only | Site profile — defaults, search terms, PII, auth | Skills needing site context |
+| `basecamp.json` | Global + project | Basecamp MCP credentials | Basecamp MCP server |
+| `augur-api.json` | Global + project | Augur API MCP credentials | Augur API MCP server |
+
+### settings.json
+
+```json
+{
+  "projectRoot": "~/projects"
+}
+```
+
+Resolution: read `{project}/.simpleapps/settings.json` first, fall back to `~/.simpleapps/settings.json`, fall back to defaults. Field-level override — project wins for any field it defines.
+
+### site.json
+
+One per client project. Consistent structure across all sites — same fields, different values. Replaces the old `{siteId}.json` pattern.
+
+```json
+{
+  "siteId": "...",
+  "siteName": "...",
+  "auth": { },
+  "defaults": { }
+}
+```
+
+### Rules
+
+- MUST NOT commit `.simpleapps/` to git — contains PII and credentials
+- MUST NOT save site data to wiki or memory — PII
+- MUST NOT create `{siteId}.json` files — use `site.json` instead
+- If old `{siteId}.json` files exist, `/project-init` will flag them for migration to `site.json`
+
 ## Symlink Setup
 
 The repo contains `.claude/rules/` and `.claude/commands/` with project-specific rules and commands. To make these active from the project root (without starting Claude Code inside `repo/`), symlink them into the project-level `.claude/` folder:

package/skills/simpleapps/quality/SKILL.md

@@ -61,6 +61,12 @@ When a check fails, fix the underlying code. NEVER disable lint rules, skip test
 
 When reviewing code, scan for existing suppressions (`eslint-disable`, `@ts-ignore`, `.skip`, `noqa`, etc.) and flag them to the user. These are hidden technical debt that should be evaluated for resolution.
 
+## Browser Error Overlays
+
+When debugging in the browser (Chrome automation), Next.js and other frameworks show a **red error overlay** at the bottom of the page when there are runtime errors. This overlay contains the actual error message, stack trace, and usually the exact file and line number causing the problem.
+
+MUST click on the error overlay and read the full error before attempting any fix. 95% of the time the answer is right there. Do not ignore it, do not guess at the problem, do not look elsewhere first — read the error overlay. If using Chrome automation tools, click the overlay element to expand it and read the details.
+
 ## Running quality checks
 
 Use the `/quality` command to discover and run all configured checks. It handles the full cycle: discover, run, fix, repeat until clean.

package/skills/simpleapps/wiki/SKILL.md

@@ -79,6 +79,7 @@ When asked to save, document, or record knowledge — use the wiki, MUST NOT use
 
 | Knowledge type | Where it belongs |
 |---------------|-----------------|
+| Behavioral guardrails and corrections | **Skill** (update the relevant skill) |
 | Conventions, patterns, decisions | **Wiki** |
 | Learnings from a task or session | **Wiki** |
 | Architecture and process docs | **Wiki** |
@@ -86,7 +87,9 @@ When asked to save, document, or record knowledge — use the wiki, MUST NOT use
 | Personal preferences (writing style, response length) | Memory |
 | User role and background | Memory |
 
-If in doubt, it belongs in the wiki. The cost of putting shared knowledge in memory is that it dies with the session — no other agent, project, or computer will ever see it.
+If the user corrects your behavior, update the relevant **skill** — not memory. A correction saved to memory only helps one agent on one machine. A correction in a skill helps every agent on every project.
+
+If in doubt, it belongs in the wiki or a skill. The cost of putting shared knowledge in memory is that it dies with the session — no other agent, project, or computer will ever see it.
 
 ## Cross-Project Wiki Access
 

package/skills/simpleapps/work-habits/SKILL.md

@@ -21,6 +21,10 @@ Reserve Bash for commands that have no dedicated tool equivalent.
 
 MUST NOT use `cd` in any Bash command — not even in compound commands like `cd /path && git log`. Use `git -C repo` for git, and path arguments for everything else. The `cd` deny rule does not suppress Claude Code's built-in security prompt for compound cd+git commands, so any `cd` usage will interrupt the user.
 
+## Read the error first
+
+When debugging in the browser, MUST check for error overlays (red error pill/badge at the bottom of the page) before guessing at the problem. Click it, read the full error, stack trace, and source location. The answer is almost always right there.
+
 ## Protect the context window
 
 - Prefer targeted searches over broad exploration