@skilly-hand/skilly-hand 0.29.3 → 0.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -16,6 +16,21 @@ All notable changes to this project are documented in this file.
16
16
  ### Removed
17
17
  - _None._
18
18
 
19
+ ## [0.30.0] - 2026-06-20
20
+ [View on npm](https://www.npmjs.com/package/@skilly-hand/skilly-hand/v/0.30.0)
21
+
22
+ ### Added
23
+ - _None._
24
+
25
+ ### Changed
26
+ - Expanded `review-rangers` with an approval-gated Mender remediation loop, independent re-review, critical-stop rules, bounded termination, repository-native verification, and automatic `test-driven-development` installation.
27
+
28
+ ### Fixed
29
+ - _None._
30
+
31
+ ### Removed
32
+ - _None._
33
+
19
34
  ## [0.29.3] - 2026-06-20
20
35
  [View on npm](https://www.npmjs.com/package/@skilly-hand/skilly-hand/v/0.29.3)
21
36
 
package/README.md CHANGED
@@ -47,9 +47,9 @@ The full skill catalog is also discoverable through the [skills.sh](https://www.
47
47
  npx skills add Davecelot/skilly-hand --skill '*'
48
48
  ```
49
49
 
50
- Use `npx skills add Davecelot/skilly-hand --list` to inspect the available skills before installing. The `skills/` directory is a GitHub-facing overlay made of symlinks to `catalog/skills/`; it helps skills.sh discover the catalog without changing the regular `npx skilly-hand` npm package contents or CLI flow.
50
+ Use `npx skills add Davecelot/skilly-hand --list` to inspect the available skills before installing. The `skills/` directory is a generated GitHub-facing mirror of `catalog/skills/`, using real files because skills.sh discovers `SKILL.md` entries from GitHub's repository tree. Run `npm run skills:sync` after catalog changes; `npm run catalog:check` rejects mirror drift.
51
51
 
52
- Windows contributors who clone the repo locally should enable symlink support before checkout, for example with `git config --global core.symlinks true`, and may also need Developer Mode or elevated symlink privileges. If the repo was already checked out without symlinks, re-check out or reclone after enabling support.
52
+ skills.sh adds a repository to its public catalog after a skill is installed through the official CLI with telemetry enabled. The public page and automated security audits may take a few minutes to appear after the first installation.
53
53
 
54
54
  ---
55
55
 
package/catalog/README.md CHANGED
@@ -18,7 +18,7 @@ Published portable skills consumed by the `skilly-hand` CLI.
18
18
  | `project-teacher` | Scan the active project and teach any concept, code path, or decision using verified information, interactive questions, and simple explanations. Trigger: user asks to explain, understand, clarify, or learn about anything in the project or codebase. | core, workflow, education | all |
19
19
  | `prompt-engineering` | Guide users in writing, improving, evaluating, and tuning prompts for LLMs across factual, creative, structured, grounded, coding, safety-sensitive, and production scenarios. Trigger: writing, improving, evaluating, or tuning prompts for LLMs. | prompting, llm, workflow, quality | all |
20
20
  | `react-guidelines` | Guide React and Next.js code generation, review, and performance tuning using latest stable React verification and modern framework best practices. Trigger: generating, reviewing, refactoring, or optimizing React code artifacts in React projects. | react, frontend, workflow, best-practices | all |
21
- | `review-rangers` | Review code, decisions, and artifacts through a multi-perspective committee and a domain expert safety guard, then synthesize a structured verdict. | core, workflow, review, quality | all |
21
+ | `review-rangers` | Review code, decisions, and artifacts through an independent committee and safety guard, then optionally run bounded, approval-gated remediation. Trigger: reviewing risky artifacts or remediating structured review findings. | core, workflow, review, quality | all |
22
22
  | `roaster` | Challenge plans with constructive roast-style critique that exposes weak assumptions, missing angles, shallow sequencing, and unclear success criteria. Trigger: when the user proposes, requests, or evaluates a plan of any kind. | core, workflow, planning, quality | all |
23
23
  | `spec-driven-development` | Plan, execute, and verify multi-step work through versioned specs with small, testable tasks. Trigger: planning or executing feature work, bug fixes, and multi-phase implementation. | core, workflow, planning | all |
24
24
  | `test-driven-development` | Guide implementation through evidence-based RED, GREEN, and REFACTOR cycles without assuming a language, framework, or test runner. Trigger: implementing testable behavior or reproducing a regression with tests first. | testing, workflow, quality, core | all |
@@ -1,13 +1,13 @@
1
1
  ---
2
2
  name: "review-rangers"
3
- description: "Review code, decisions, and artifacts through a multi-perspective committee and a domain expert safety guard, then synthesize a structured verdict."
3
+ description: "Review code, decisions, and artifacts through an independent committee and safety guard, then optionally run bounded, approval-gated remediation. Trigger: reviewing risky artifacts or remediating structured review findings."
4
4
  skillMetadata:
5
5
  author: "skilly-hand"
6
- last-edit: "2026-04-26"
6
+ last-edit: "2026-06-20"
7
7
  license: "Apache-2.0"
8
- version: "1.1.0"
9
- changelog: "Added DECISIONS.md registry ownership guidance; preserves durable review insights and anti-slop decisions across sessions; affects review-rangers workflow, install scaffolding, and project memory usage"
10
- auto-invoke: "Reviewing code, decisions, or artifacts where adversarial multi-perspective evaluation adds value"
8
+ version: "1.2.0"
9
+ changelog: "Added approval-gated Mender remediation with bounded independent re-review; prevents unauthorized writes and unbounded fix loops; affects review orchestration, installation dependencies, and prompt assets"
10
+ auto-invoke: "Reviewing risky code, decisions, or artifacts, or remediating structured review findings"
11
11
  allowed-tools:
12
12
  - "Read"
13
13
  - "Edit"
@@ -48,8 +48,13 @@ Do not use this skill for:
48
48
  7. Run the committee and safety guard in parallel.
49
49
  8. Collect all outputs.
50
50
  9. Synthesize a structured verdict following the Synthesis Rules.
51
- 10. Emit the final verdict with confidence tier, top findings, and recommended action.
52
- 11. Decide whether any insight qualifies for `.ai/DECISIONS.md`; if yes, update the registry and its changelog in the same edit.
51
+ 10. If the verdict is `HIGH`, emit the final report and stop. If it is `VETO` or any critical-stop condition applies, return control to a human without modifying the target.
52
+ 11. For `MEDIUM` or `LOW`, present the open findings and request explicit approval before the first mutation. Skip this checkpoint only when the caller explicitly requested unattended or autonomous remediation in the current task.
53
+ 12. After approval, invoke The Mender using `assets/mender-template.md`. Pass only the target context and open findings; do not pass intermediate reviewer discussion.
54
+ 13. Run repository-native verification, then send the changed target to a fresh independent committee and safety guard. Reviewers from every round remain read-only.
55
+ 14. Repeat only while progress is material and no termination rule applies. Allow at most three remediation rounds and stop when the same finding survives two consecutive rounds without material progress.
56
+ 15. Emit the final report with confidence tier, finding-to-fix evidence, unresolved items, stop reason when applicable, and recommended action.
57
+ 16. Evaluate durable `.ai/DECISIONS.md` updates after the final `HIGH` report or terminal escalation; if an insight qualifies, update the registry and its changelog in the same edit.
53
58
 
54
59
  ---
55
60
 
@@ -80,6 +85,7 @@ Never assign the same lens to two committee members. Each member evaluates indep
80
85
  - Spawn committee members in parallel.
81
86
  - Pass only the target artifact and the member's assigned lens as context.
82
87
  - Do not share intermediate findings between members before synthesis.
88
+ - Committee members and the safety guard are read-only in every round. They MUST NOT modify the target, assign work, or reuse another reviewer's conclusions.
83
89
 
84
90
  ---
85
91
 
@@ -108,6 +114,66 @@ The safety guard:
108
114
 
109
115
  ---
110
116
 
117
+ ## Remediation Protocol
118
+
119
+ ### Role Separation
120
+
121
+ The Mender is the only role allowed to modify the target during a Review Rangers remediation cycle.
122
+
123
+ - Committee members and the safety guard remain independent, read-only judges.
124
+ - The Mender receives the synthesized open findings and target context, not reviewer identities or hidden reasoning.
125
+ - The Mender MUST NOT assign, raise, lower, or otherwise edit confidence tiers.
126
+ - The orchestrator owns approval, round counting, critical-stop evaluation, re-review, and the final verdict.
127
+ - A Mender MUST NOT invoke Review Rangers recursively. Re-review returns to the orchestrator.
128
+
129
+ ### Approval Boundary
130
+
131
+ Interactive review MUST pause before the first file mutation and obtain explicit approval.
132
+
133
+ - A request to review, assess, audit, or invoke this skill is not write approval.
134
+ - Skill invocation alone is not write approval.
135
+ - The checkpoint may be skipped only when the caller explicitly asks for unattended or autonomous remediation in the current task.
136
+ - Approval covers only the presented open findings and target. New scope or a critical-stop condition returns control to the caller.
137
+
138
+ ### Critical Stops
139
+
140
+ Stop before another mutation or remediation round when any of these applies:
141
+
142
+ - The verdict is `VETO`.
143
+ - A security, privacy, accessibility, or data-integrity blocker requires human judgment.
144
+ - A fix would cause a breaking public API change.
145
+ - A fix would alter a broadly shared foundation, architecture, release policy, CI/CD policy, or security policy without explicit authority.
146
+ - Required repository-native verification is unavailable or failing for reasons the remediation cannot safely resolve.
147
+ - Product intent, ownership, migration policy, or another authoritative decision is required.
148
+ - Three remediation rounds have completed.
149
+ - The same finding survives two consecutive rounds without material progress.
150
+
151
+ For every stop, report the unresolved finding, available evidence, stop reason, and required human decision. Do not broaden scope to conceal a failed check or force a higher confidence tier.
152
+
153
+ ### Repository-Native Verification
154
+
155
+ The Mender MUST discover and run the narrowest relevant verification supported by the target repository.
156
+
157
+ 1. Read repository instructions and declared scripts or commands.
158
+ 2. Choose relevant lint, test, type-check, build, artifact, or deterministic document checks.
159
+ 3. When testable behavior changes, follow the installed `test-driven-development` guidance and record RED, GREEN, REFACTOR, and regression evidence.
160
+ 4. For non-code artifacts, use the narrowest deterministic structural or content check.
161
+ 5. Report exact commands, outcomes, failures, and checks that could not run.
162
+
163
+ Never assume npm, a particular test runner, or a fixed toolchain. A failed required check blocks `HIGH` unless a human explicitly accepts the residual risk.
164
+
165
+ ### Re-review and Termination
166
+
167
+ - Every remediation round receives a monotonically increasing round number from 1 through 3.
168
+ - After verification, use a fresh committee and safety guard with the same independence rules as the initial review.
169
+ - Compare findings by underlying issue, not wording alone.
170
+ - Material progress means a finding is resolved, reduced in severity with evidence, or narrowed by a verified constraint.
171
+ - `HIGH` ends the loop successfully.
172
+ - `MEDIUM` or `LOW` may enter another approved round only when progress is material and no stop applies.
173
+ - Any stop ends the loop with a terminal escalation report.
174
+
175
+ ---
176
+
111
177
  ## Synthesis Rules
112
178
 
113
179
  ### Confidence Tiers
@@ -194,6 +260,8 @@ Every change to `.ai/DECISIONS.md` must update `## Changelog` in the same edit.
194
260
 
195
261
  If the changelog section is missing, add it as the final section before making any other registry change.
196
262
 
263
+ Evaluate registry writes only after the final `HIGH` report or terminal escalation. Intermediate remediation rounds MUST NOT create duplicate or provisional decision entries.
264
+
197
265
  ---
198
266
 
199
267
  ## Decision Tree
@@ -215,6 +283,17 @@ Does any committee member flag a security or data-integrity risk?
215
283
  Does committee majority agree the target is sound?
216
284
  YES and safety guard passes -> HIGH or MEDIUM depending on split
217
285
  NO -> LOW
286
+
287
+ Is the verdict MEDIUM or LOW without a critical stop?
288
+ YES -> obtain explicit mutation approval unless unattended remediation was explicitly requested
289
+
290
+ Is remediation approved and within the termination bounds?
291
+ YES -> invoke The Mender, verify with repository-native checks, then run a fresh independent review
292
+ NO -> emit a terminal escalation report
293
+
294
+ Did the review reach HIGH, three rounds, or two stagnant rounds?
295
+ YES -> stop and emit the final report
296
+ NO -> continue only when material progress is evidenced
218
297
  ```
219
298
 
220
299
  ---
@@ -227,6 +306,9 @@ cat .skilly-hand/catalog/review-rangers/assets/committee-member-template.md
227
306
 
228
307
  # Reference safety guard template when constructing agent prompts
229
308
  cat .skilly-hand/catalog/review-rangers/assets/safety-guard-template.md
309
+
310
+ # Reference the only write-capable remediation template after approval
311
+ cat .skilly-hand/catalog/review-rangers/assets/mender-template.md
230
312
  ```
231
313
 
232
314
  ---
@@ -235,3 +317,5 @@ cat .skilly-hand/catalog/review-rangers/assets/safety-guard-template.md
235
317
 
236
318
  - Committee member prompt template: [assets/committee-member-template.md](assets/committee-member-template.md)
237
319
  - Safety guard prompt template: [assets/safety-guard-template.md](assets/safety-guard-template.md)
320
+ - Mender prompt template: [assets/mender-template.md](assets/mender-template.md)
321
+ - Test-driven remediation guidance: [../test-driven-development/SKILL.md](../test-driven-development/SKILL.md)
@@ -0,0 +1,70 @@
1
+ # The Mender: Remediation Round {{ROUND_NUMBER}}
2
+
3
+ ## Role
4
+
5
+ You are The Mender, the only write-capable role in this Review Rangers remediation cycle. You repair approved findings; you do not judge the target or choose the final verdict.
6
+
7
+ ## Target
8
+
9
+ {{TARGET_CONTEXT}}
10
+
11
+ ## Approved Open Findings
12
+
13
+ {{OPEN_FINDINGS}}
14
+
15
+ ## Repository Context
16
+
17
+ {{REPOSITORY_INSTRUCTIONS_AND_COMMANDS}}
18
+
19
+ ## Remediation Instructions
20
+
21
+ 1. Confirm every requested change maps to an approved open finding.
22
+ 2. Read repository instructions, conventions, scripts, and the affected files before editing.
23
+ 3. Stop and return control when a critical-stop condition, new scope, or required authority is discovered.
24
+ 4. Apply the smallest coherent fix for each finding. Preserve unrelated behavior and user changes.
25
+ 5. For testable behavior, follow the installed `test-driven-development` guidance and record RED, GREEN, REFACTOR, and regression evidence.
26
+ 6. For non-code changes, use the narrowest deterministic structural or content check.
27
+ 7. Run repository-native verification. Do not assume a package manager, test runner, language, or fixed command.
28
+ 8. Return a finding-to-fix map, files changed, exact verification outcomes, unresolved items, and any required human decision.
29
+
30
+ ## Critical Stops
31
+
32
+ Do not mutate further when remediation requires any of the following without explicit authority:
33
+
34
+ - Resolving a `VETO` or a security, privacy, accessibility, or data-integrity blocker that requires human judgment.
35
+ - Introducing a breaking public API change.
36
+ - Changing a broadly shared foundation, architecture, release policy, CI/CD policy, or security policy.
37
+ - Proceeding without required verification or concealing a failing check.
38
+ - Choosing product intent, migration policy, ownership, or another authoritative decision.
39
+
40
+ ## Output Format
41
+
42
+ ```text
43
+ ROUND: {{ROUND_NUMBER}}
44
+
45
+ FINDING-TO-FIX MAP:
46
+ 1. Finding: {stable finding summary}
47
+ Fix: {what changed and why it addresses the finding}
48
+ Files: {paths}
49
+ Status: {Resolved | Partially resolved | Unresolved | Stopped}
50
+
51
+ VERIFICATION:
52
+ 1. {exact command or deterministic check} -> {PASS | FAIL | NOT_RUN}
53
+ Evidence: {short factual result}
54
+
55
+ UNRESOLVED ITEMS:
56
+ 1. {finding or none}
57
+
58
+ STOP REASON:
59
+ {none | critical-stop condition and required human decision}
60
+ ```
61
+
62
+ ## Constraints
63
+
64
+ - MUST modify only the approved target and findings.
65
+ - MUST preserve unrelated user changes.
66
+ - MUST use repository-native verification and report failures honestly.
67
+ - MUST NOT change confidence, assign a confidence tier, or claim the review passed.
68
+ - MUST NOT invoke Review Rangers, committee members, or the safety guard recursively.
69
+ - MUST NOT edit `.ai/DECISIONS.md`; final registry timing belongs to the orchestrator.
70
+ - MUST NOT begin another remediation round.
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "id": "review-rangers",
3
3
  "title": "Review Rangers",
4
- "description": "Review code, decisions, and artifacts through a multi-perspective committee and a domain expert safety guard, then synthesize a structured verdict.",
4
+ "description": "Review code, decisions, and artifacts through an independent committee and safety guard, then optionally run bounded, approval-gated remediation. Trigger: reviewing risky artifacts or remediating structured review findings.",
5
5
  "portable": true,
6
6
  "tags": ["core", "workflow", "review", "quality"],
7
7
  "detectors": ["always"],
@@ -10,11 +10,11 @@
10
10
  "agentSupport": ["codex", "claude", "cursor", "gemini", "copilot", "antigravity", "windsurf", "trae"],
11
11
  "skillMetadata": {
12
12
  "author": "skilly-hand",
13
- "last-edit": "2026-04-26",
13
+ "last-edit": "2026-06-20",
14
14
  "license": "Apache-2.0",
15
- "version": "1.1.0",
16
- "changelog": "Added DECISIONS.md registry ownership guidance; preserves durable review insights and anti-slop decisions across sessions; affects review-rangers workflow, install scaffolding, and project memory usage",
17
- "auto-invoke": "Reviewing code, decisions, or artifacts where adversarial multi-perspective evaluation adds value",
15
+ "version": "1.2.0",
16
+ "changelog": "Added approval-gated Mender remediation with bounded independent re-review; prevents unauthorized writes and unbounded fix loops; affects review orchestration, installation dependencies, and prompt assets",
17
+ "auto-invoke": "Reviewing risky code, decisions, or artifacts, or remediating structured review findings",
18
18
  "allowed-tools": [
19
19
  "Read",
20
20
  "Edit",
@@ -29,7 +29,8 @@
29
29
  "files": [
30
30
  { "path": "SKILL.md", "kind": "instruction" },
31
31
  { "path": "assets/committee-member-template.md", "kind": "asset" },
32
- { "path": "assets/safety-guard-template.md", "kind": "asset" }
32
+ { "path": "assets/safety-guard-template.md", "kind": "asset" },
33
+ { "path": "assets/mender-template.md", "kind": "asset" }
33
34
  ],
34
- "dependencies": []
35
+ "dependencies": ["test-driven-development"]
35
36
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@skilly-hand/skilly-hand",
3
- "version": "0.29.3",
3
+ "version": "0.30.0",
4
4
  "license": "CC-BY-NC-4.0",
5
5
  "type": "module",
6
6
  "repository": {
@@ -31,8 +31,10 @@
31
31
  "packageManager": "pnpm@11.1.2",
32
32
  "scripts": {
33
33
  "build": "node ./scripts/build-catalog-index.mjs",
34
- "catalog:check": "node ./scripts/check-catalog.mjs",
35
- "catalog:sync": "node ./scripts/sync-catalog.mjs",
34
+ "catalog:check": "node ./scripts/check-catalog.mjs && node ./scripts/sync-skills-overlay.mjs --check",
35
+ "catalog:sync": "node ./scripts/sync-catalog.mjs && node ./scripts/sync-skills-overlay.mjs",
36
+ "skills:check": "node ./scripts/sync-skills-overlay.mjs --check",
37
+ "skills:sync": "node ./scripts/sync-skills-overlay.mjs",
36
38
  "agentic:self:sync": "node ./scripts/sync-self-agentic.mjs",
37
39
  "test": "node --test tests/*.test.js && node ./scripts/test-in-sandbox.mjs",
38
40
  "deps:policy:check": "node ./scripts/dependency-policy-check.mjs",
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@skilly-hand/catalog",
3
- "version": "0.29.3",
3
+ "version": "0.30.0",
4
4
  "private": true,
5
5
  "type": "module"
6
6
  }
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@skilly-hand/cli",
3
- "version": "0.29.3",
3
+ "version": "0.30.0",
4
4
  "private": true,
5
5
  "type": "module",
6
6
  "bin": {
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@skilly-hand/core",
3
- "version": "0.29.3",
3
+ "version": "0.30.0",
4
4
  "private": true,
5
5
  "type": "module"
6
6
  }
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@skilly-hand/detectors",
3
- "version": "0.29.3",
3
+ "version": "0.30.0",
4
4
  "private": true,
5
5
  "type": "module"
6
6
  }