@skillshub-labs/cli 0.1.17 → 0.1.19

package/data/official-presets/policies/policy-nextjs-ts-strict.md

@@ -0,0 +1,31 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project uses Next.js, React, and TypeScript.
+- Favor small, testable changes that preserve existing UI and data flow patterns.
+
+## Repository Layout
+
+- Keep route, UI, and data access concerns separated.
+- Prefer existing component and app-router conventions over introducing parallel structures.
+
+## Dev Commands
+
+- Run the existing lint, typecheck, and test commands before finalizing changes.
+- If a UI change affects rendering behavior, validate the relevant app or page flow manually as well.
+
+## Testing Instructions
+
+- Cover changed behavior with deterministic tests when practical.
+- If a change touches UI state or routing, check loading, empty, and error states.
+
+## Architecture Boundaries
+
+- Keep business logic out of UI components when possible.
+- Avoid introducing new abstractions unless the same pattern is clearly reused.
+
+## PR / Change Rules
+
+- Explain user-visible behavior changes directly.
+- Call out risky UI, routing, or state changes before merge.

package/data/official-presets/policies/policy-node-api-ts.md

@@ -0,0 +1,31 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project uses Node.js and TypeScript for API or backend service development.
+- Prefer explicit contracts, narrow changes, and clear error handling.
+
+## Repository Layout
+
+- Keep transport, validation, domain logic, and persistence responsibilities separated.
+- Reuse existing service and module boundaries instead of bypassing them.
+
+## Dev Commands
+
+- Run lint, typecheck, and tests before finalizing changes.
+- If schema or contract files are part of the repo, validate them alongside code changes.
+
+## Testing Instructions
+
+- Add regression coverage for behavior changes or bug fixes.
+- Exercise failure paths when input validation, auth, config, or persistence code changes.
+
+## Architecture Boundaries
+
+- Do not mix request parsing, domain logic, and storage concerns in one handler.
+- Keep migrations, config changes, and breaking contract changes explicit.
+
+## PR / Change Rules
+
+- Summarize API-facing behavior changes clearly.
+- Highlight contract risk, migration risk, and rollback considerations when relevant.

package/data/official-presets/policies/policy-python-api.md

@@ -0,0 +1,18 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project builds Python services or APIs.
+- Prefer explicit validation, narrow interfaces, and predictable operational behavior.
+
+## Engineering Rules
+
+- Keep route handlers thin.
+- Push reusable logic into services or domain modules.
+- Use typed models and validate external input at the edge.
+
+## Quality Bar
+
+- Add regression coverage for changed behavior.
+- Surface config, auth, and persistence risk explicitly.
+- Treat migrations and public contract changes as high-signal changes.

package/data/official-presets/policies/policy-release-ci.md

@@ -0,0 +1,18 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project supports release engineering, CI maintenance, and change-management workflows.
+- Prefer correctness, traceability, and safe automation over speed.
+
+## Engineering Rules
+
+- Keep release, documentation, and automation changes aligned.
+- Treat flaky CI and broken checks as root-cause problems, not cosmetic issues.
+- Preserve auditability for release notes, version bumps, and workflow edits.
+
+## Quality Bar
+
+- State what was verified locally and what still depends on CI.
+- Call out packaging, deployment, or rollback risk explicitly.
+- Avoid silent workflow changes without explaining impact.

package/data/official-presets/policies/policy-release-maintainer.md

@@ -0,0 +1,31 @@
+# AGENTS.md
+
+## Project Overview
+
+- This workflow supports releases, change summaries, and maintainer tasks.
+- Prefer correctness, traceability, and conservative changes over speed.
+
+## Repository Layout
+
+- Keep release metadata, automation, and user-facing documentation aligned with the code change set.
+- Reuse existing release and changelog conventions.
+
+## Dev Commands
+
+- Run the project checks needed to confirm release readiness.
+- Revalidate release-related config or automation when workflows change.
+
+## Testing Instructions
+
+- Confirm the relevant build, packaging, or release validation path still works.
+- Document any checks that could not be run locally.
+
+## Architecture Boundaries
+
+- Treat release automation, packaging, and changelog generation as separate concerns.
+- Keep manual release notes consistent with automated outputs.
+
+## PR / Change Rules
+
+- Summarize release impact, packaging impact, and compatibility notes clearly.
+- Highlight manual follow-up tasks when automation does not cover them.

package/data/official-presets/policies/policy-scientific-discovery.md

@@ -0,0 +1,18 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project supports scientific discovery, bioinformatics, or computational chemistry workflows.
+- Prefer reproducible analysis, explicit data provenance, and conservative interpretation.
+
+## Engineering Rules
+
+- Separate data access, processing, analysis, and reporting.
+- Keep domain assumptions visible near the code or report that depends on them.
+- Treat external scientific databases as versioned inputs.
+
+## Quality Bar
+
+- Document changed datasets, parameters, or biological assumptions.
+- Note reproducibility gaps when full reruns are too expensive.
+- Avoid claiming experimental validity when only computational evidence exists.

package/data/official-presets/policies/policy-scientific-python.md

@@ -0,0 +1,31 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project supports scientific Python, literature review, or reproducible analysis workflows.
+- Prefer traceable claims, reproducible steps, and explicit assumptions.
+
+## Repository Layout
+
+- Keep source data, derived outputs, and narrative artifacts clearly separated.
+- Avoid mixing exploratory notebooks, reusable code, and final reporting outputs without a clear reason.
+
+## Dev Commands
+
+- Run the relevant checks or scripts needed to reproduce changed outputs.
+- If notebooks or reports are touched, verify the dependent data and execution steps still line up.
+
+## Testing Instructions
+
+- Prefer deterministic validation for transformed data and reusable analysis code.
+- Document what was not re-run when full reproduction is too expensive.
+
+## Architecture Boundaries
+
+- Keep data acquisition, processing, analysis, and reporting concerns explicit.
+- Record assumptions around datasets, citations, and external scientific sources.
+
+## PR / Change Rules
+
+- Explain how conclusions, figures, or cited evidence changed.
+- Call out reproducibility gaps, missing inputs, or unverified claims directly.

package/data/official-presets/policies/policy-security-audit.md

@@ -0,0 +1,18 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project focuses on security review, vulnerability detection, or secure design analysis.
+- Prefer evidence-backed findings, clear impact statements, and conservative recommendations.
+
+## Audit Rules
+
+- Prioritize exploitable issues, unsafe defaults, and supply-chain risk.
+- Keep findings tied to concrete code paths, trust boundaries, or assets.
+- Distinguish confirmed issues from hypotheses or follow-up questions.
+
+## Quality Bar
+
+- Include reproduction guidance when practical.
+- State severity, exploitability, and mitigation direction clearly.
+- Avoid speculative findings without code or configuration evidence.

package/data/official-presets/policies/policy-web-frontend.md

@@ -0,0 +1,18 @@
+# AGENTS.md
+
+## Project Overview
+
+- This project focuses on frontend delivery with React or Next.js.
+- Optimize for UI clarity, performance, accessibility, and maintainable component boundaries.
+
+## Engineering Rules
+
+- Use TypeScript strictly and avoid `any`.
+- Prefer server rendering and code splitting where available.
+- Reuse existing component patterns before inventing new ones.
+
+## Quality Bar
+
+- Check loading, empty, and error states.
+- Preserve keyboard accessibility and semantic HTML.
+- Note performance-sensitive changes such as hydration, bundle weight, and image handling.

package/lib/core/kit-core.d.ts

@@ -1,4 +1,10 @@
-import type { KitLoadoutRecord, KitPolicyRecord, KitRecord } from './kit-types'
+import type {
+  ManagedKitSource,
+  KitLoadoutImportSource,
+  KitLoadoutRecord,
+  KitPolicyRecord,
+  KitRecord,
+} from './kit-types'
 
 export function ensureDb(): unknown
 export function getDbPath(): string
@@ -24,12 +30,14 @@ export function addKitLoadout(input: {
   name: string
   description?: string
   items: Array<{ skillPath: string; mode?: 'copy' | 'link'; sortOrder?: number }>
+  importSource?: KitLoadoutImportSource
 }): KitLoadoutRecord
 export function updateKitLoadout(input: {
   id: string
   name?: string
   description?: string
   items?: Array<{ skillPath: string; mode?: 'copy' | 'link'; sortOrder?: number }>
+  importSource?: KitLoadoutImportSource
 }): KitLoadoutRecord
 export function deleteKitLoadout(id: string): boolean
 
@@ -38,8 +46,9 @@ export function getKitById(id: string): KitRecord | null
 export function addKit(input: {
   name: string
   description?: string
-  policyId: string
-  loadoutId: string
+  policyId?: string
+  loadoutId?: string
+  managedSource?: ManagedKitSource
 }): KitRecord
 export function updateKit(input: {
   id: string
@@ -47,8 +56,10 @@ export function updateKit(input: {
   description?: string
   policyId?: string
   loadoutId?: string
+  managedSource?: ManagedKitSource | null
 }): KitRecord
 export function deleteKit(id: string): boolean
+export function restoreManagedKitBaseline(id: string): KitRecord
 export function markKitApplied(input: {
   id: string
   projectPath: string