@t275005746/gse 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
- package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
- package/.github/ISSUE_TEMPLATE/config.yml +5 -5
- package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
- package/.github/workflows/validate-gse.yml +33 -33
- package/.gse/README.md +18 -18
- package/.gse/gse-development-protocol.md +50 -50
- package/.gse/project-profile.md +29 -29
- package/.gse/quality-gates.md +25 -25
- package/.gse/releases/public-registry-publication-npm.md +49 -0
- package/.gse/releases/public-release-owner-required.md +65 -65
- package/.gse/releases/public-security-contact-owner-required.md +45 -45
- package/.gse/state.json +147 -27
- package/CHANGELOG.md +31 -15
- package/CONTRIBUTING.md +64 -64
- package/LICENSE +21 -21
- package/README.md +14 -7
- package/README.zh-CN.md +14 -7
- package/SECURITY.md +41 -41
- package/SKILL.md +32 -12
- package/SUPPORT.md +38 -38
- package/assets/marketplace/README.md +7 -7
- package/assets/marketplace/gse-listing.json +75 -75
- package/assets/templates/acceptance-execution-packet.md +73 -73
- package/assets/templates/adr.md +14 -14
- package/assets/templates/change-brief.md +16 -16
- package/assets/templates/design.md +18 -18
- package/assets/templates/dispatch-packet.md +100 -92
- package/assets/templates/evidence.md +15 -9
- package/assets/templates/execution-quality-pack.md +65 -65
- package/assets/templates/goal-map.md +21 -21
- package/assets/templates/host-adapter.md +48 -48
- package/assets/templates/host-ui-invocation-record.md +42 -42
- package/assets/templates/incident-review.md +60 -60
- package/assets/templates/public-channel-publication-record.md +49 -49
- package/assets/templates/public-ci-run-record.md +53 -53
- package/assets/templates/public-release-record.md +65 -65
- package/assets/templates/public-repository-settings-record.md +59 -59
- package/assets/templates/public-security-contact-record.md +45 -45
- package/assets/templates/release-trust-record.md +32 -32
- package/assets/templates/review.md +18 -18
- package/assets/templates/role-fallback-packet.md +49 -0
- package/assets/templates/spec.md +16 -16
- package/assets/templates/target-adoption-evidence.md +29 -29
- package/assets/templates/tasks.md +17 -17
- package/assets/templates/update-release-acceptance-record.md +58 -58
- package/examples/README.md +22 -22
- package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
- package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
- package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
- package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
- package/examples/agent-runtime-host/.gse/tooling.md +5 -5
- package/examples/agent-runtime-host/.mcp.json +9 -9
- package/examples/agent-runtime-host/AGENTS.md +5 -5
- package/examples/agent-runtime-host/README.md +10 -10
- package/examples/agent-runtime-host/docs/model-routing.md +5 -5
- package/examples/cli-tool/.gse/project-profile.md +21 -21
- package/examples/cli-tool/AGENTS.md +5 -5
- package/examples/cli-tool/README.md +12 -12
- package/examples/cli-tool/package.json +21 -21
- package/examples/small-app/.env.example +2 -2
- package/examples/small-app/.github/workflows/ci.yml +8 -8
- package/examples/small-app/AGENTS.md +5 -5
- package/examples/small-app/README.md +12 -12
- package/examples/small-app/package.json +26 -26
- package/examples/small-app/playwright.config.ts +4 -4
- package/package.json +52 -44
- package/references/adoption-recipes.md +171 -171
- package/references/agent-roles.md +42 -21
- package/references/architecture-health.md +101 -101
- package/references/benchmark-audit.md +73 -73
- package/references/commands.md +74 -45
- package/references/community-channels.md +46 -46
- package/references/compatibility.md +70 -70
- package/references/design-basis.md +38 -38
- package/references/domain-model.md +129 -129
- package/references/domain-quality-gates.md +75 -75
- package/references/drift-audit.md +81 -80
- package/references/evidence-taxonomy.md +145 -108
- package/references/file-ownership.md +97 -93
- package/references/final-form-roadmap.md +201 -0
- package/references/final-readiness.md +84 -84
- package/references/forward-test.md +133 -133
- package/references/goal-map.md +36 -36
- package/references/host-adapters.md +129 -101
- package/references/learning-system.md +42 -26
- package/references/maintenance-cadence.md +51 -0
- package/references/marketplace-discovery.md +46 -46
- package/references/model-routing.md +103 -103
- package/references/open-source-defaults.md +39 -39
- package/references/operating-model.md +52 -52
- package/references/packaging.md +277 -277
- package/references/project-agent-workspace.md +89 -89
- package/references/project-bootstrap.md +122 -122
- package/references/project-guards.md +52 -0
- package/references/project-profile.md +57 -57
- package/references/public-release.md +174 -174
- package/references/quality-gates.md +96 -89
- package/references/recovery.md +176 -176
- package/references/release-trust.md +43 -43
- package/references/release.md +126 -126
- package/references/review.md +141 -141
- package/references/role-dispatch-fallback.md +54 -0
- package/references/router.md +90 -90
- package/references/spec-workflow.md +66 -66
- package/references/task-levels.md +81 -81
- package/references/tool-adapters.md +80 -70
- package/scripts/audit-acceptance-execution-packet.mjs +133 -133
- package/scripts/audit-adoption-recipes.mjs +99 -99
- package/scripts/audit-change-lifecycle.mjs +77 -77
- package/scripts/audit-change-system.mjs +134 -134
- package/scripts/audit-ci-readiness.mjs +107 -107
- package/scripts/audit-close-gate-hardening.mjs +188 -0
- package/scripts/audit-close-gate.mjs +448 -262
- package/scripts/audit-command-adapters.mjs +91 -91
- package/scripts/audit-command-execution.mjs +212 -199
- package/scripts/audit-commands.mjs +7 -5
- package/scripts/audit-compatibility.mjs +149 -149
- package/scripts/audit-completion-plan-drill.mjs +230 -0
- package/scripts/audit-completion-readiness.mjs +290 -287
- package/scripts/audit-continue-preflight.mjs +234 -0
- package/scripts/audit-distribution.mjs +251 -251
- package/scripts/audit-domain-quality-gates.mjs +108 -108
- package/scripts/audit-evidence-levels.mjs +217 -0
- package/scripts/audit-evidence-placeholders.mjs +126 -126
- package/scripts/audit-evidence-review-queue.mjs +206 -0
- package/scripts/audit-final-acceptance-packet.mjs +9 -9
- package/scripts/audit-final-form-progress-report.mjs +19 -18
- package/scripts/audit-final-form-roadmap.mjs +157 -0
- package/scripts/audit-final-form-stale-copy.mjs +2 -2
- package/scripts/audit-final-readiness-promotion.mjs +255 -255
- package/scripts/audit-final-readiness.mjs +226 -226
- package/scripts/audit-fixtures.mjs +154 -154
- package/scripts/audit-fresh-session-readiness.mjs +177 -177
- package/scripts/audit-host-capabilities.mjs +237 -0
- package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
- package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
- package/scripts/audit-host-runtime-invocations.mjs +254 -254
- package/scripts/audit-host-ui-invocation.mjs +132 -132
- package/scripts/audit-installed-sync.mjs +203 -0
- package/scripts/audit-learning-drift.mjs +292 -0
- package/scripts/audit-learning-promotion.mjs +351 -0
- package/scripts/audit-learning-system.mjs +24 -14
- package/scripts/audit-local-final-form-completion.mjs +11 -10
- package/scripts/audit-maintenance-cadence.mjs +139 -0
- package/scripts/audit-maintenance-snapshot.mjs +181 -0
- package/scripts/audit-marketplace-discovery.mjs +122 -122
- package/scripts/audit-npm-package-metadata.mjs +160 -154
- package/scripts/audit-npm-publish-dry-run.mjs +194 -166
- package/scripts/audit-npm-tarball-install.mjs +195 -189
- package/scripts/audit-open-source-defaults.mjs +92 -92
- package/scripts/audit-open-source-readiness.mjs +97 -97
- package/scripts/audit-owner-external-gate-kit.mjs +12 -11
- package/scripts/audit-project-guards.mjs +189 -0
- package/scripts/audit-project.mjs +144 -141
- package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
- package/scripts/audit-public-acceptance-handoff.mjs +10 -10
- package/scripts/audit-public-acceptance-readiness.mjs +222 -222
- package/scripts/audit-public-channel-publication.mjs +248 -248
- package/scripts/audit-public-ci-run.mjs +184 -184
- package/scripts/audit-public-collaboration-templates.mjs +98 -98
- package/scripts/audit-public-external-gate-probe.mjs +206 -206
- package/scripts/audit-public-release-checklist.mjs +17 -15
- package/scripts/audit-public-release-decision.mjs +201 -201
- package/scripts/audit-public-release-metadata.mjs +176 -176
- package/scripts/audit-public-repository-settings.mjs +237 -237
- package/scripts/audit-public-security-contact.mjs +171 -171
- package/scripts/audit-readme-docs.mjs +6 -4
- package/scripts/audit-recovery-readiness.mjs +98 -98
- package/scripts/audit-release-bundle.mjs +13 -11
- package/scripts/audit-release-owner-action-plan-drill.mjs +5 -4
- package/scripts/audit-release-owner-action-plan.mjs +10 -10
- package/scripts/audit-release-readiness.mjs +106 -106
- package/scripts/audit-release-status-manifest.mjs +4 -4
- package/scripts/audit-release-trust.mjs +62 -62
- package/scripts/audit-remote-distribution.mjs +266 -266
- package/scripts/audit-roadmap-consistency.mjs +234 -230
- package/scripts/audit-role-dispatch-fallback.mjs +212 -0
- package/scripts/audit-session-sync.mjs +127 -0
- package/scripts/audit-signing.mjs +147 -147
- package/scripts/audit-state-freshness.mjs +20 -14
- package/scripts/audit-state-repair.mjs +360 -0
- package/scripts/audit-target-adoption-evidence.mjs +117 -117
- package/scripts/audit-target-hardening-drills.mjs +267 -0
- package/scripts/audit-target-project.mjs +507 -507
- package/scripts/audit-tool-fallback-policy.mjs +180 -0
- package/scripts/audit-ui-browser-evidence-policy.mjs +191 -0
- package/scripts/audit-update-release-acceptance.mjs +136 -136
- package/scripts/audit-v1-target-validation.mjs +269 -269
- package/scripts/audit-validation-profiles.mjs +125 -123
- package/scripts/backfill-evidence-levels.mjs +98 -0
- package/scripts/check-encoding.mjs +72 -0
- package/scripts/close-change.mjs +116 -116
- package/scripts/discover-project-profile.mjs +307 -307
- package/scripts/generate-command-adapter.mjs +231 -231
- package/scripts/generate-continue-packet.mjs +1214 -0
- package/scripts/generate-final-acceptance-packet.mjs +188 -173
- package/scripts/generate-final-form-progress-report.mjs +191 -189
- package/scripts/generate-host-runtime-evidence-handoff.mjs +198 -191
- package/scripts/generate-maintenance-snapshot.mjs +216 -0
- package/scripts/generate-owner-external-gate-kit.mjs +295 -295
- package/scripts/generate-public-acceptance-handoff.mjs +168 -156
- package/scripts/generate-public-release-checklist.mjs +207 -207
- package/scripts/generate-release-bundle.mjs +505 -505
- package/scripts/generate-release-owner-action-plan.mjs +172 -171
- package/scripts/generate-release-status-manifest.mjs +199 -198
- package/scripts/generate-session-prompt.mjs +188 -188
- package/scripts/gse.mjs +67 -67
- package/scripts/init-change.mjs +265 -265
- package/scripts/init-project.mjs +793 -712
- package/scripts/install-gse.mjs +234 -234
- package/scripts/lib/evidence-placeholders.mjs +28 -28
- package/scripts/package-gse.mjs +174 -174
- package/scripts/probe-public-external-gates.mjs +167 -167
- package/scripts/record-host-invocation.mjs +151 -151
- package/scripts/record-learning.mjs +37 -8
- package/scripts/record-public-channel-publication.mjs +178 -178
- package/scripts/record-public-ci-run.mjs +180 -180
- package/scripts/record-public-release.mjs +175 -175
- package/scripts/record-public-repository-settings.mjs +209 -209
- package/scripts/record-public-security-contact.mjs +157 -157
- package/scripts/record-session-sync.mjs +87 -0
- package/scripts/run-gse-command.mjs +79 -47
- package/scripts/run-validation-profile.mjs +24 -5
- package/scripts/sign-gse-package.mjs +83 -83
- package/scripts/update-project-state.mjs +223 -223
- package/scripts/validate-gse.mjs +216 -0
- package/scripts/verify-gse-package.mjs +85 -85
|
@@ -1,35 +1,51 @@
|
|
|
1
|
-
# Learning System
|
|
2
|
-
|
|
3
|
-
Learnings keep long projects from repeating mistakes.
|
|
4
|
-
|
|
5
|
-
## Capture When
|
|
6
|
-
|
|
7
|
-
- User corrects an assumption.
|
|
8
|
-
- A command, tool, API, or integration fails unexpectedly.
|
|
9
|
-
- A bug root cause was non-obvious.
|
|
10
|
-
- A recurring workflow can be shortened or hardened.
|
|
11
|
-
- A missing quality gate allowed a defect through.
|
|
12
|
-
|
|
13
|
-
## Do Not Capture
|
|
14
|
-
|
|
15
|
-
- Raw chain of thought.
|
|
16
|
-
- Temporary attempts.
|
|
17
|
-
- Long command output.
|
|
18
|
-
- One-off details unlikely to help future work.
|
|
19
|
-
|
|
20
|
-
## Upgrade Rule
|
|
21
|
-
|
|
22
|
-
Use `references/drift-audit.md` when a repeated lesson suggests stale docs, stale project-profile facts, stale host adapters, stale tool assumptions, or stale evidence state.
|
|
23
|
-
|
|
1
|
+
# Learning System
|
|
2
|
+
|
|
3
|
+
Learnings keep long projects from repeating mistakes.
|
|
4
|
+
|
|
5
|
+
## Capture When
|
|
6
|
+
|
|
7
|
+
- User corrects an assumption.
|
|
8
|
+
- A command, tool, API, or integration fails unexpectedly.
|
|
9
|
+
- A bug root cause was non-obvious.
|
|
10
|
+
- A recurring workflow can be shortened or hardened.
|
|
11
|
+
- A missing quality gate allowed a defect through.
|
|
12
|
+
|
|
13
|
+
## Do Not Capture
|
|
14
|
+
|
|
15
|
+
- Raw chain of thought.
|
|
16
|
+
- Temporary attempts.
|
|
17
|
+
- Long command output.
|
|
18
|
+
- One-off details unlikely to help future work.
|
|
19
|
+
|
|
20
|
+
## Upgrade Rule
|
|
21
|
+
|
|
22
|
+
Use `references/drift-audit.md` when a repeated lesson suggests stale docs, stale project-profile facts, stale host adapters, stale tool assumptions, or stale evidence state.
|
|
23
|
+
|
|
24
24
|
- First occurrence: learning note.
|
|
25
25
|
- Second occurrence: checklist or template update.
|
|
26
|
-
- Third occurrence: project rule or quality gate.
|
|
26
|
+
- Third occurrence: project guard, project rule, or quality gate.
|
|
27
27
|
- Fifth occurrence: script, test, or dedicated skill.
|
|
28
28
|
|
|
29
|
-
|
|
29
|
+
Use `scripts/audit-learning-promotion.mjs --target <project-root> --json` to classify and count repeated lessons. The audit is read-only by default. Use `/gse learn --promote --execute` only to write `.gse/learning-promotions.md` candidate output; it does not mutate `.gse/project-guards.md`, `.gse/quality-gates.md`, templates, scripts, or skill files without a deliberate follow-up change.
|
|
30
|
+
|
|
31
|
+
Use `scripts/audit-learning-drift.mjs --root <gse-skill> --target <project-root> --json` after promotion analysis. It checks whether promoted guard or script candidates are covered by project guards, quality gates, `/gse continue`, `/gse close`, or a focused audit script. Uncovered high-severity candidates are surfaced as warnings so the next slice can deliberately promote them.
|
|
30
32
|
|
|
33
|
+
Promotion categories:
|
|
34
|
+
|
|
35
|
+
- `shell`: shell syntax, host command behavior, Windows/Unix command differences.
|
|
36
|
+
- `encoding`: UTF-8, mojibake, localized document handling.
|
|
37
|
+
- `evidence`: JSONL, evidence levels, stale records, close gates.
|
|
38
|
+
- `browser`: browser smoke, Playwright, screenshot, component-test downgrade.
|
|
39
|
+
- `git`: sparse checkout, staging, commit boundaries.
|
|
40
|
+
- `host-tool`: subagents, MCP, LSP, native slash commands, host runtime claims.
|
|
41
|
+
- `project-rule`: canonical plans, AGENTS.md, local project conventions.
|
|
42
|
+
- `release`: CI, registry, marketplace, security contact, release evidence.
|
|
43
|
+
|
|
44
|
+
## Suggested Stores
|
|
45
|
+
|
|
31
46
|
- `.gse/learnings.md` for portable project lessons.
|
|
47
|
+
- `.gse/project-guards.md` for recurring preflight rules promoted from lessons.
|
|
32
48
|
- `.learnings/` when the project already uses that convention.
|
|
33
49
|
- `AGENTS.md` for durable project rules.
|
|
34
50
|
- ADRs for architectural decisions.
|
|
35
|
-
|
|
51
|
+
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# GSE Maintenance Cadence
|
|
2
|
+
|
|
3
|
+
GSE final form requires recurring checks, not only one-time release proof. This cadence keeps benchmark coverage, drift detection, security review, forward testing, and target-project drills visible while host-native slash-command evidence remains an external gate.
|
|
4
|
+
|
|
5
|
+
## Cadence Table
|
|
6
|
+
|
|
7
|
+
| Area | Trigger | Minimum Cadence | Evidence | Command |
|
|
8
|
+
|---|---|---|---|---|
|
|
9
|
+
| Benchmark audit | Non-trivial GSE capability change or new comparable engineering skill | Monthly or before release | `.gse/benchmark-audits/` entry or roadmap update | `node scripts/audit-final-form-roadmap.mjs --root . --json` |
|
|
10
|
+
| Drift audit | Project guard, learning, adapter, command, or state model changes | Weekly or before close | Learning drift and state freshness output | `node scripts/audit-learning-drift.mjs --root . --target . --json` |
|
|
11
|
+
| Dependency and security review | Release, install, package, registry, CI, or external input changes | Monthly or before release | Release trust, CI readiness, and public acceptance outputs | `node scripts/audit-release-trust.mjs --root . --json` |
|
|
12
|
+
| Forward test | Non-trivial routing, command, scaffold, validation, or package change | Before release and after major workflow changes | Fixture or fresh-session forward-test evidence | `node scripts/forward-test-gse.mjs --root . --json` |
|
|
13
|
+
| Target-project hardening drill | GSE adoption, continue, close, host capability, or learning behavior changes | Weekly or before public release | Read-only target drill output | `node scripts/audit-target-hardening-drills.mjs --root . --json` |
|
|
14
|
+
| Public acceptance doctor | Public release, registry, marketplace, host, or owner evidence changes | Before release or public claim | Pending owner/external gate report | `node scripts/audit-public-acceptance-readiness.mjs --root . --json` |
|
|
15
|
+
| Command runner smoke | `/gse` command routing, portable command wrapper, or short-entry behavior changes | Every command-router change | Portable runner output from `scripts/run-gse-command.mjs` | `node scripts/run-gse-command.mjs --root . --target . --command "/gse maintenance" --json --compact` |
|
|
16
|
+
| Installed skill sync | Any capability upgrade shipped from source to installed skill | Every capability upgrade | Installed-copy hash comparison and command smoke from `scripts/audit-installed-sync.mjs` | `node scripts/audit-installed-sync.mjs --root . --installed-root <installed-skill-dir> --json` |
|
|
17
|
+
| Active session sync | Any capability upgrade that should reach active GSE-using sessions | Every capability upgrade when active sessions exist | Honest sent, archived, unavailable, failed, or skipped records from `scripts/record-session-sync.mjs` plus `scripts/audit-session-sync.mjs` | `node scripts/audit-session-sync.mjs --root . --require-installed --require-thread <thread-id> --json` |
|
|
18
|
+
|
|
19
|
+
## Maintenance Snapshot
|
|
20
|
+
|
|
21
|
+
Use a snapshot when the goal is to prove that the recurring checks actually ran, not only that the cadence is documented.
|
|
22
|
+
|
|
23
|
+
```powershell
|
|
24
|
+
node scripts/generate-maintenance-snapshot.mjs --root . --target . --installed-root <installed-skill-dir> --execute --json
|
|
25
|
+
```
|
|
26
|
+
|
|
27
|
+
The canonical output is `.gse/maintenance/latest-maintenance-snapshot.json` plus a Markdown sibling. Without `--installed-root`, the installed-sync row is package-only and must not be used as installed-copy freshness proof.
|
|
28
|
+
|
|
29
|
+
For an installed package smoke, use package mode so source-worktree-only roadmap and release-bundle freshness checks do not become false blockers:
|
|
30
|
+
|
|
31
|
+
```powershell
|
|
32
|
+
node scripts/generate-maintenance-snapshot.mjs --root <installed-skill-dir> --target <installed-skill-dir> --package-smoke --skip-release-bundle --json
|
|
33
|
+
```
|
|
34
|
+
|
|
35
|
+
Package smoke proves the installed copy can run the maintenance command set. The source repository remains responsible for canonical roadmap, release bundle, and installed-root freshness evidence.
|
|
36
|
+
|
|
37
|
+
## Close Rule
|
|
38
|
+
|
|
39
|
+
Maintenance evidence is not a substitute for native host evidence, public CI, marketplace approval, or owner acceptance. It only proves that GSE has a repeatable upkeep loop and that remaining external gates stay visible.
|
|
40
|
+
|
|
41
|
+
Before claiming a maintenance-sensitive slice complete, run:
|
|
42
|
+
|
|
43
|
+
```powershell
|
|
44
|
+
node scripts/audit-maintenance-cadence.mjs --root . --json
|
|
45
|
+
node scripts/generate-maintenance-snapshot.mjs --root . --target . --installed-root <installed-skill-dir> --execute --json
|
|
46
|
+
node scripts/audit-maintenance-snapshot.mjs --root . --json
|
|
47
|
+
node scripts/run-gse-command.mjs --root . --target . --command "/gse maintenance" --json --compact
|
|
48
|
+
node scripts/audit-installed-sync.mjs --root . --installed-root <installed-skill-dir> --json
|
|
49
|
+
node scripts/audit-session-sync.mjs --root . --json
|
|
50
|
+
node scripts/run-validation-profile.mjs --target . --profile lite --json
|
|
51
|
+
```
|
|
@@ -1,46 +1,46 @@
|
|
|
1
|
-
# Marketplace Discovery
|
|
2
|
-
|
|
3
|
-
Use this when preparing GSE for a public catalog, skill marketplace, plugin listing, GitHub release page, or internal agent-workflow registry.
|
|
4
|
-
|
|
5
|
-
Discovery metadata should help people find and evaluate GSE without overstating trust.
|
|
6
|
-
|
|
7
|
-
## Required Metadata
|
|
8
|
-
|
|
9
|
-
- Name and display name.
|
|
10
|
-
- Short tagline and summary.
|
|
11
|
-
- Categories and keywords that describe the workflow naturally.
|
|
12
|
-
- Entrypoints for humans and agents.
|
|
13
|
-
- Validation commands.
|
|
14
|
-
- Distribution and signing references.
|
|
15
|
-
- Host support status with honest labels.
|
|
16
|
-
- Boundaries and unverified claims.
|
|
17
|
-
|
|
18
|
-
The canonical local metadata file is:
|
|
19
|
-
|
|
20
|
-
```text
|
|
21
|
-
assets/marketplace/gse-listing.json
|
|
22
|
-
```
|
|
23
|
-
|
|
24
|
-
## Search Language
|
|
25
|
-
|
|
26
|
-
Use normal explanatory language around terms such as agentic engineering, spec-driven development, SDD, AI coding agents, goal maps, evidence gates, OpenSpec-style changes, and Superpowers-style execution. Do not add isolated search-term blocks that read like keyword stuffing.
|
|
27
|
-
|
|
28
|
-
## Trust Boundary
|
|
29
|
-
|
|
30
|
-
Discovery metadata is not marketplace approval.
|
|
31
|
-
|
|
32
|
-
A listing can be:
|
|
33
|
-
|
|
34
|
-
- `result`: drafted metadata exists.
|
|
35
|
-
- `verified`: metadata passes local audit and matches package validation.
|
|
36
|
-
- `accepted`: the target marketplace, catalog owner, or release owner accepts it.
|
|
37
|
-
|
|
38
|
-
## Validation
|
|
39
|
-
|
|
40
|
-
Run:
|
|
41
|
-
|
|
42
|
-
```text
|
|
43
|
-
node <skill>/scripts/audit-marketplace-discovery.mjs --root <skill> --json
|
|
44
|
-
```
|
|
45
|
-
|
|
46
|
-
For release trust, also use `references/release-trust.md`.
|
|
1
|
+
# Marketplace Discovery
|
|
2
|
+
|
|
3
|
+
Use this when preparing GSE for a public catalog, skill marketplace, plugin listing, GitHub release page, or internal agent-workflow registry.
|
|
4
|
+
|
|
5
|
+
Discovery metadata should help people find and evaluate GSE without overstating trust.
|
|
6
|
+
|
|
7
|
+
## Required Metadata
|
|
8
|
+
|
|
9
|
+
- Name and display name.
|
|
10
|
+
- Short tagline and summary.
|
|
11
|
+
- Categories and keywords that describe the workflow naturally.
|
|
12
|
+
- Entrypoints for humans and agents.
|
|
13
|
+
- Validation commands.
|
|
14
|
+
- Distribution and signing references.
|
|
15
|
+
- Host support status with honest labels.
|
|
16
|
+
- Boundaries and unverified claims.
|
|
17
|
+
|
|
18
|
+
The canonical local metadata file is:
|
|
19
|
+
|
|
20
|
+
```text
|
|
21
|
+
assets/marketplace/gse-listing.json
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
## Search Language
|
|
25
|
+
|
|
26
|
+
Use normal explanatory language around terms such as agentic engineering, spec-driven development, SDD, AI coding agents, goal maps, evidence gates, OpenSpec-style changes, and Superpowers-style execution. Do not add isolated search-term blocks that read like keyword stuffing.
|
|
27
|
+
|
|
28
|
+
## Trust Boundary
|
|
29
|
+
|
|
30
|
+
Discovery metadata is not marketplace approval.
|
|
31
|
+
|
|
32
|
+
A listing can be:
|
|
33
|
+
|
|
34
|
+
- `result`: drafted metadata exists.
|
|
35
|
+
- `verified`: metadata passes local audit and matches package validation.
|
|
36
|
+
- `accepted`: the target marketplace, catalog owner, or release owner accepts it.
|
|
37
|
+
|
|
38
|
+
## Validation
|
|
39
|
+
|
|
40
|
+
Run:
|
|
41
|
+
|
|
42
|
+
```text
|
|
43
|
+
node <skill>/scripts/audit-marketplace-discovery.mjs --root <skill> --json
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
For release trust, also use `references/release-trust.md`.
|
|
@@ -1,103 +1,103 @@
|
|
|
1
|
-
# Model Routing
|
|
2
|
-
|
|
3
|
-
Use this when GSE work needs to choose a model, provider, hosted tool, local tool, browser agent, worker, or role-specific agent capability.
|
|
4
|
-
|
|
5
|
-
## Core Rule
|
|
6
|
-
|
|
7
|
-
Route by capability first, then cost, latency, privacy, context size, tool use, reliability, and evidence.
|
|
8
|
-
|
|
9
|
-
Do not hard-code one provider, one model family, or one host as the GSE default. Projects may define preferred providers, but GSE must preserve a portable fallback path.
|
|
10
|
-
|
|
11
|
-
## Capability-First Selection
|
|
12
|
-
|
|
13
|
-
Define the task capability before picking a model:
|
|
14
|
-
|
|
15
|
-
| Capability | Typical use | Routing preference |
|
|
16
|
-
|---|---|---|
|
|
17
|
-
| Fast classification | triage, route selection, small labels | lowest reliable latency/cost |
|
|
18
|
-
| Code location | symbol search, call chains, existing tests | LSP/index/search before stronger model reasoning |
|
|
19
|
-
| Mechanical edit | narrow transforms, boilerplate, local fixes | lower-cost coding-capable model if verification is strong |
|
|
20
|
-
| Implementation | bounded code slice, tests, integration | standard coding model with project context |
|
|
21
|
-
| Architecture/root cause | invariants, multi-file reasoning, debugging | highest-reasoning model available and approved |
|
|
22
|
-
| Review/QA | spec compliance, security, regressions, UI evidence | independent reviewer model or fresh context when risk is high |
|
|
23
|
-
| Long context synthesis | session working set, docs, logs, migration notes | model with adequate context and summarization behavior |
|
|
24
|
-
| Tool/worker execution | browser, shell, MCP, CI, queue, runtime worker | verified host/tool adapter, not just model choice |
|
|
25
|
-
|
|
26
|
-
## Status Vocabulary
|
|
27
|
-
|
|
28
|
-
Keep model availability separate from model behavior.
|
|
29
|
-
|
|
30
|
-
- `documented`: project docs, provider config, or host settings mention the model/tool.
|
|
31
|
-
- `verified`: this session or project evidence ran the model/tool successfully for the relevant capability.
|
|
32
|
-
- `unknown`: no trustworthy evidence yet.
|
|
33
|
-
- `unavailable`: expected model/tool is missing, blocked, failing, or forbidden.
|
|
34
|
-
|
|
35
|
-
A documented model is not verified. A verified chat response does not verify tool use, long context, latency, cost, or privacy behavior.
|
|
36
|
-
|
|
37
|
-
## Routing Inputs
|
|
38
|
-
|
|
39
|
-
Record these in `.gse/project-profile.md`, `.gse/tooling.md`, or a host adapter when relevant:
|
|
40
|
-
|
|
41
|
-
- Provider or host:
|
|
42
|
-
- Model/tool id:
|
|
43
|
-
- Capability:
|
|
44
|
-
- Status: documented | verified | unknown | unavailable
|
|
45
|
-
- Evidence path or command:
|
|
46
|
-
- Cost tier:
|
|
47
|
-
- Latency expectation:
|
|
48
|
-
- Context limit or practical context budget:
|
|
49
|
-
- Tool-use support:
|
|
50
|
-
- Privacy/security boundary:
|
|
51
|
-
- Fallback:
|
|
52
|
-
- Known failure modes:
|
|
53
|
-
|
|
54
|
-
## Decision Order
|
|
55
|
-
|
|
56
|
-
1. Use project-specific routing rules if they exist and do not conflict with current user instruction.
|
|
57
|
-
2. Prefer verified local tools for code location, tests, browser smoke, and CI before spending model reasoning.
|
|
58
|
-
3. Choose the cheapest/fastest model that can satisfy the capability with adequate verification.
|
|
59
|
-
4. Escalate to a stronger model when there is a clear reasoning, context, safety, or integration gap.
|
|
60
|
-
5. Use fresh context for review, QA, or high-risk architecture when current-session context may bias the result.
|
|
61
|
-
6. Fall back to a documented or generic model only when the task risk is low or verification can catch mistakes.
|
|
62
|
-
7. Record residual risk when model behavior is unknown or only structurally verified.
|
|
63
|
-
|
|
64
|
-
## Fallback Rules
|
|
65
|
-
|
|
66
|
-
- If preferred model is unavailable, use the next project-approved model with the same capability class.
|
|
67
|
-
- If tool-use support is unavailable, switch to manual shell/browser/CI verification when possible.
|
|
68
|
-
- If long-context support is unavailable, build a smaller working set and record omitted context.
|
|
69
|
-
- If privacy constraints forbid remote models, use local tools, local models, or ask for a project-approved path.
|
|
70
|
-
- If cost is high, reduce context, split the task, or use lower-tier models for locator/QA roles.
|
|
71
|
-
- Do not claim a fallback preserved quality unless focused evidence proves it.
|
|
72
|
-
|
|
73
|
-
## Evidence Requirements
|
|
74
|
-
|
|
75
|
-
For model routing claims, record:
|
|
76
|
-
|
|
77
|
-
```text
|
|
78
|
-
Capability:
|
|
79
|
-
Chosen model/tool:
|
|
80
|
-
Why this route:
|
|
81
|
-
Status: documented | verified | unknown | unavailable
|
|
82
|
-
Cost/latency notes:
|
|
83
|
-
Context/tool-use notes:
|
|
84
|
-
Privacy/security notes:
|
|
85
|
-
Fallback:
|
|
86
|
-
Evidence:
|
|
87
|
-
Residual risk:
|
|
88
|
-
```
|
|
89
|
-
|
|
90
|
-
## What Not To Do
|
|
91
|
-
|
|
92
|
-
- Do not route all tasks to the strongest model by default.
|
|
93
|
-
- Do not route all tasks to the cheapest model when failure would be expensive.
|
|
94
|
-
- Do not treat provider marketing claims as project evidence.
|
|
95
|
-
- Do not expose secrets, raw provider payloads, hidden reasoning, or private tool traces in user-facing output.
|
|
96
|
-
- Do not confuse model routing with provider adapter implementation.
|
|
97
|
-
|
|
98
|
-
## Project Integration
|
|
99
|
-
|
|
100
|
-
- `references/project-profile.md` records project-approved providers, model/tool ids, privacy limits, and fallback policy.
|
|
101
|
-
- `references/tool-adapters.md` records availability and verification status for host tools and model-backed tools.
|
|
102
|
-
- `references/host-adapters.md` records host-specific model, subagent, MCP, browser, and worker capabilities.
|
|
103
|
-
- `references/evidence-taxonomy.md` decides whether routing evidence is result, verified, or accepted.
|
|
1
|
+
# Model Routing
|
|
2
|
+
|
|
3
|
+
Use this when GSE work needs to choose a model, provider, hosted tool, local tool, browser agent, worker, or role-specific agent capability.
|
|
4
|
+
|
|
5
|
+
## Core Rule
|
|
6
|
+
|
|
7
|
+
Route by capability first, then cost, latency, privacy, context size, tool use, reliability, and evidence.
|
|
8
|
+
|
|
9
|
+
Do not hard-code one provider, one model family, or one host as the GSE default. Projects may define preferred providers, but GSE must preserve a portable fallback path.
|
|
10
|
+
|
|
11
|
+
## Capability-First Selection
|
|
12
|
+
|
|
13
|
+
Define the task capability before picking a model:
|
|
14
|
+
|
|
15
|
+
| Capability | Typical use | Routing preference |
|
|
16
|
+
|---|---|---|
|
|
17
|
+
| Fast classification | triage, route selection, small labels | lowest reliable latency/cost |
|
|
18
|
+
| Code location | symbol search, call chains, existing tests | LSP/index/search before stronger model reasoning |
|
|
19
|
+
| Mechanical edit | narrow transforms, boilerplate, local fixes | lower-cost coding-capable model if verification is strong |
|
|
20
|
+
| Implementation | bounded code slice, tests, integration | standard coding model with project context |
|
|
21
|
+
| Architecture/root cause | invariants, multi-file reasoning, debugging | highest-reasoning model available and approved |
|
|
22
|
+
| Review/QA | spec compliance, security, regressions, UI evidence | independent reviewer model or fresh context when risk is high |
|
|
23
|
+
| Long context synthesis | session working set, docs, logs, migration notes | model with adequate context and summarization behavior |
|
|
24
|
+
| Tool/worker execution | browser, shell, MCP, CI, queue, runtime worker | verified host/tool adapter, not just model choice |
|
|
25
|
+
|
|
26
|
+
## Status Vocabulary
|
|
27
|
+
|
|
28
|
+
Keep model availability separate from model behavior.
|
|
29
|
+
|
|
30
|
+
- `documented`: project docs, provider config, or host settings mention the model/tool.
|
|
31
|
+
- `verified`: this session or project evidence ran the model/tool successfully for the relevant capability.
|
|
32
|
+
- `unknown`: no trustworthy evidence yet.
|
|
33
|
+
- `unavailable`: expected model/tool is missing, blocked, failing, or forbidden.
|
|
34
|
+
|
|
35
|
+
A documented model is not verified. A verified chat response does not verify tool use, long context, latency, cost, or privacy behavior.
|
|
36
|
+
|
|
37
|
+
## Routing Inputs
|
|
38
|
+
|
|
39
|
+
Record these in `.gse/project-profile.md`, `.gse/tooling.md`, or a host adapter when relevant:
|
|
40
|
+
|
|
41
|
+
- Provider or host:
|
|
42
|
+
- Model/tool id:
|
|
43
|
+
- Capability:
|
|
44
|
+
- Status: documented | verified | unknown | unavailable
|
|
45
|
+
- Evidence path or command:
|
|
46
|
+
- Cost tier:
|
|
47
|
+
- Latency expectation:
|
|
48
|
+
- Context limit or practical context budget:
|
|
49
|
+
- Tool-use support:
|
|
50
|
+
- Privacy/security boundary:
|
|
51
|
+
- Fallback:
|
|
52
|
+
- Known failure modes:
|
|
53
|
+
|
|
54
|
+
## Decision Order
|
|
55
|
+
|
|
56
|
+
1. Use project-specific routing rules if they exist and do not conflict with current user instruction.
|
|
57
|
+
2. Prefer verified local tools for code location, tests, browser smoke, and CI before spending model reasoning.
|
|
58
|
+
3. Choose the cheapest/fastest model that can satisfy the capability with adequate verification.
|
|
59
|
+
4. Escalate to a stronger model when there is a clear reasoning, context, safety, or integration gap.
|
|
60
|
+
5. Use fresh context for review, QA, or high-risk architecture when current-session context may bias the result.
|
|
61
|
+
6. Fall back to a documented or generic model only when the task risk is low or verification can catch mistakes.
|
|
62
|
+
7. Record residual risk when model behavior is unknown or only structurally verified.
|
|
63
|
+
|
|
64
|
+
## Fallback Rules
|
|
65
|
+
|
|
66
|
+
- If preferred model is unavailable, use the next project-approved model with the same capability class.
|
|
67
|
+
- If tool-use support is unavailable, switch to manual shell/browser/CI verification when possible.
|
|
68
|
+
- If long-context support is unavailable, build a smaller working set and record omitted context.
|
|
69
|
+
- If privacy constraints forbid remote models, use local tools, local models, or ask for a project-approved path.
|
|
70
|
+
- If cost is high, reduce context, split the task, or use lower-tier models for locator/QA roles.
|
|
71
|
+
- Do not claim a fallback preserved quality unless focused evidence proves it.
|
|
72
|
+
|
|
73
|
+
## Evidence Requirements
|
|
74
|
+
|
|
75
|
+
For model routing claims, record:
|
|
76
|
+
|
|
77
|
+
```text
|
|
78
|
+
Capability:
|
|
79
|
+
Chosen model/tool:
|
|
80
|
+
Why this route:
|
|
81
|
+
Status: documented | verified | unknown | unavailable
|
|
82
|
+
Cost/latency notes:
|
|
83
|
+
Context/tool-use notes:
|
|
84
|
+
Privacy/security notes:
|
|
85
|
+
Fallback:
|
|
86
|
+
Evidence:
|
|
87
|
+
Residual risk:
|
|
88
|
+
```
|
|
89
|
+
|
|
90
|
+
## What Not To Do
|
|
91
|
+
|
|
92
|
+
- Do not route all tasks to the strongest model by default.
|
|
93
|
+
- Do not route all tasks to the cheapest model when failure would be expensive.
|
|
94
|
+
- Do not treat provider marketing claims as project evidence.
|
|
95
|
+
- Do not expose secrets, raw provider payloads, hidden reasoning, or private tool traces in user-facing output.
|
|
96
|
+
- Do not confuse model routing with provider adapter implementation.
|
|
97
|
+
|
|
98
|
+
## Project Integration
|
|
99
|
+
|
|
100
|
+
- `references/project-profile.md` records project-approved providers, model/tool ids, privacy limits, and fallback policy.
|
|
101
|
+
- `references/tool-adapters.md` records availability and verification status for host tools and model-backed tools.
|
|
102
|
+
- `references/host-adapters.md` records host-specific model, subagent, MCP, browser, and worker capabilities.
|
|
103
|
+
- `references/evidence-taxonomy.md` decides whether routing evidence is result, verified, or accepted.
|
|
@@ -1,39 +1,39 @@
|
|
|
1
|
-
# GSE Open-Source Defaults
|
|
2
|
-
|
|
3
|
-
Use this reference when preparing GSE for a public repository or when a project asks to follow the mainstream open-source path.
|
|
4
|
-
|
|
5
|
-
## Recommended Default
|
|
6
|
-
|
|
7
|
-
GSE's owner-approved default route is:
|
|
8
|
-
|
|
9
|
-
- License: MIT.
|
|
10
|
-
- Repository: public GitHub repository.
|
|
11
|
-
- CI: GitHub Actions with required checks.
|
|
12
|
-
- Security: `SECURITY.md` plus GitHub Security Advisory or another owner-approved public disclosure path.
|
|
13
|
-
- Release channel: GitHub Release first; package registry or marketplace only after real publication evidence exists.
|
|
14
|
-
- Command UX: portable `/gse ...` commands, with native slash-command claims only after a host runtime record proves native execution.
|
|
15
|
-
|
|
16
|
-
## Why This Default
|
|
17
|
-
|
|
18
|
-
- MIT is widely understood by open-source tool users and keeps integration friction low.
|
|
19
|
-
- GitHub public repository plus GitHub Actions gives public, linkable evidence for repository settings and CI.
|
|
20
|
-
- GitHub Release provides a simple first public channel without pretending a registry or marketplace approved the package.
|
|
21
|
-
- Portable `/gse ...` command semantics work across hosts even when native slash-command APIs differ.
|
|
22
|
-
|
|
23
|
-
## Claim Boundaries
|
|
24
|
-
|
|
25
|
-
- A local `LICENSE` file proves the license text exists; accepted license status requires an owner-approved release record.
|
|
26
|
-
- A local GitHub Actions workflow file does not prove public CI. Use a real public run URL and `scripts/record-public-ci-run.mjs`.
|
|
27
|
-
- A local `SECURITY.md` does not prove a public security contact. Use `scripts/record-public-security-contact.mjs` after the disclosure path is public and owner-approved.
|
|
28
|
-
- A generated package or release bundle does not prove public publication. Use `scripts/record-public-channel-publication.mjs` after a real channel URL exists.
|
|
29
|
-
- Generated host adapter pointers do not prove native slash commands. Use `scripts/record-host-invocation.mjs` with real host evidence.
|
|
30
|
-
|
|
31
|
-
## Minimal Public Release Order
|
|
32
|
-
|
|
33
|
-
1. Record the owner-approved MIT license decision.
|
|
34
|
-
2. Publish or mirror GSE into a public GitHub repository.
|
|
35
|
-
3. Enable repository settings: issues, pull requests, security policy visibility, branch protection, required checks, review before merge, conversation resolution, force-push restriction, and deletion restriction.
|
|
36
|
-
4. Run public GitHub Actions and record the run URL, commit SHA, branch, and required checks.
|
|
37
|
-
5. Create a GitHub Release and record the release URL.
|
|
38
|
-
6. Record host runtime invocation evidence for each claimed host.
|
|
39
|
-
7. Re-run final readiness and public acceptance audits.
|
|
1
|
+
# GSE Open-Source Defaults
|
|
2
|
+
|
|
3
|
+
Use this reference when preparing GSE for a public repository or when a project asks to follow the mainstream open-source path.
|
|
4
|
+
|
|
5
|
+
## Recommended Default
|
|
6
|
+
|
|
7
|
+
GSE's owner-approved default route is:
|
|
8
|
+
|
|
9
|
+
- License: MIT.
|
|
10
|
+
- Repository: public GitHub repository.
|
|
11
|
+
- CI: GitHub Actions with required checks.
|
|
12
|
+
- Security: `SECURITY.md` plus GitHub Security Advisory or another owner-approved public disclosure path.
|
|
13
|
+
- Release channel: GitHub Release first; package registry or marketplace only after real publication evidence exists.
|
|
14
|
+
- Command UX: portable `/gse ...` commands, with native slash-command claims only after a host runtime record proves native execution.
|
|
15
|
+
|
|
16
|
+
## Why This Default
|
|
17
|
+
|
|
18
|
+
- MIT is widely understood by open-source tool users and keeps integration friction low.
|
|
19
|
+
- GitHub public repository plus GitHub Actions gives public, linkable evidence for repository settings and CI.
|
|
20
|
+
- GitHub Release provides a simple first public channel without pretending a registry or marketplace approved the package.
|
|
21
|
+
- Portable `/gse ...` command semantics work across hosts even when native slash-command APIs differ.
|
|
22
|
+
|
|
23
|
+
## Claim Boundaries
|
|
24
|
+
|
|
25
|
+
- A local `LICENSE` file proves the license text exists; accepted license status requires an owner-approved release record.
|
|
26
|
+
- A local GitHub Actions workflow file does not prove public CI. Use a real public run URL and `scripts/record-public-ci-run.mjs`.
|
|
27
|
+
- A local `SECURITY.md` does not prove a public security contact. Use `scripts/record-public-security-contact.mjs` after the disclosure path is public and owner-approved.
|
|
28
|
+
- A generated package or release bundle does not prove public publication. Use `scripts/record-public-channel-publication.mjs` after a real channel URL exists.
|
|
29
|
+
- Generated host adapter pointers do not prove native slash commands. Use `scripts/record-host-invocation.mjs` with real host evidence.
|
|
30
|
+
|
|
31
|
+
## Minimal Public Release Order
|
|
32
|
+
|
|
33
|
+
1. Record the owner-approved MIT license decision.
|
|
34
|
+
2. Publish or mirror GSE into a public GitHub repository.
|
|
35
|
+
3. Enable repository settings: issues, pull requests, security policy visibility, branch protection, required checks, review before merge, conversation resolution, force-push restriction, and deletion restriction.
|
|
36
|
+
4. Run public GitHub Actions and record the run URL, commit SHA, branch, and required checks.
|
|
37
|
+
5. Create a GitHub Release and record the release URL.
|
|
38
|
+
6. Record host runtime invocation evidence for each claimed host.
|
|
39
|
+
7. Re-run final readiness and public acceptance audits.
|
|
@@ -1,52 +1,52 @@
|
|
|
1
|
-
# Operating Model
|
|
2
|
-
|
|
3
|
-
Use the same loop for every task, scaled by task level.
|
|
4
|
-
|
|
5
|
-
## 1. Goal
|
|
6
|
-
|
|
7
|
-
Identify the project goal, user outcome, current priority, and non-goals.
|
|
8
|
-
|
|
9
|
-
For long-running work, bind to `.gse/goal-map.md` or the project's existing goal map.
|
|
10
|
-
|
|
11
|
-
## 2. Spec
|
|
12
|
-
|
|
13
|
-
Define boundaries before implementation:
|
|
14
|
-
|
|
15
|
-
- Inputs and outputs
|
|
16
|
-
- UI/API/state behavior
|
|
17
|
-
- Error and recovery behavior
|
|
18
|
-
- Permissions and privacy boundaries
|
|
19
|
-
- Acceptance criteria
|
|
20
|
-
- Test or smoke plan
|
|
21
|
-
|
|
22
|
-
Do not over-spec Level 1 tasks.
|
|
23
|
-
|
|
24
|
-
## 3. Execute
|
|
25
|
-
|
|
26
|
-
Use the smallest verifiable slice.
|
|
27
|
-
|
|
28
|
-
- Locate code with `rg`, `rg --files`, LSP, or an index before editing.
|
|
29
|
-
- Follow existing patterns.
|
|
30
|
-
- Keep unrelated refactors out.
|
|
31
|
-
- Use subagents only when actual dispatch tools exist and ownership is clear.
|
|
32
|
-
- Use `references/file-ownership.md` before editing dirty files, shared files, or files assigned to another role.
|
|
33
|
-
- Avoid making every internal state transition its own product slice. When several small states only matter as one user-visible chain, merge them and verify the chain.
|
|
34
|
-
|
|
35
|
-
## 4. Evidence
|
|
36
|
-
|
|
37
|
-
Completion needs evidence appropriate to the risk:
|
|
38
|
-
|
|
39
|
-
- Unit/component/contract test
|
|
40
|
-
- API smoke
|
|
41
|
-
- Browser or Playwright smoke
|
|
42
|
-
- Build/typecheck/lint
|
|
43
|
-
- Screenshot or trace for UI
|
|
44
|
-
- Commit hash or change summary
|
|
45
|
-
|
|
46
|
-
Choose the gate profile from `references/task-levels.md` and `references/quality-gates.md`. A small docs or state slice should not pay the same verification cost as a release/install/cross-host slice. Conversely, release, public contract, install, and host-runtime claims need hard gates and cannot be proven by narrow tests alone.
|
|
47
|
-
|
|
48
|
-
## 5. Learn
|
|
49
|
-
|
|
50
|
-
Record reusable lessons when a failure, correction, tool gap, repeated bug, or better process is discovered.
|
|
51
|
-
|
|
52
|
-
Escalate repeated lessons into quality gates or project rules.
|
|
1
|
+
# Operating Model
|
|
2
|
+
|
|
3
|
+
Use the same loop for every task, scaled by task level.
|
|
4
|
+
|
|
5
|
+
## 1. Goal
|
|
6
|
+
|
|
7
|
+
Identify the project goal, user outcome, current priority, and non-goals.
|
|
8
|
+
|
|
9
|
+
For long-running work, bind to `.gse/goal-map.md` or the project's existing goal map.
|
|
10
|
+
|
|
11
|
+
## 2. Spec
|
|
12
|
+
|
|
13
|
+
Define boundaries before implementation:
|
|
14
|
+
|
|
15
|
+
- Inputs and outputs
|
|
16
|
+
- UI/API/state behavior
|
|
17
|
+
- Error and recovery behavior
|
|
18
|
+
- Permissions and privacy boundaries
|
|
19
|
+
- Acceptance criteria
|
|
20
|
+
- Test or smoke plan
|
|
21
|
+
|
|
22
|
+
Do not over-spec Level 1 tasks.
|
|
23
|
+
|
|
24
|
+
## 3. Execute
|
|
25
|
+
|
|
26
|
+
Use the smallest verifiable slice.
|
|
27
|
+
|
|
28
|
+
- Locate code with `rg`, `rg --files`, LSP, or an index before editing.
|
|
29
|
+
- Follow existing patterns.
|
|
30
|
+
- Keep unrelated refactors out.
|
|
31
|
+
- Use subagents only when actual dispatch tools exist and ownership is clear.
|
|
32
|
+
- Use `references/file-ownership.md` before editing dirty files, shared files, or files assigned to another role.
|
|
33
|
+
- Avoid making every internal state transition its own product slice. When several small states only matter as one user-visible chain, merge them and verify the chain.
|
|
34
|
+
|
|
35
|
+
## 4. Evidence
|
|
36
|
+
|
|
37
|
+
Completion needs evidence appropriate to the risk:
|
|
38
|
+
|
|
39
|
+
- Unit/component/contract test
|
|
40
|
+
- API smoke
|
|
41
|
+
- Browser or Playwright smoke
|
|
42
|
+
- Build/typecheck/lint
|
|
43
|
+
- Screenshot or trace for UI
|
|
44
|
+
- Commit hash or change summary
|
|
45
|
+
|
|
46
|
+
Choose the gate profile from `references/task-levels.md` and `references/quality-gates.md`. A small docs or state slice should not pay the same verification cost as a release/install/cross-host slice. Conversely, release, public contract, install, and host-runtime claims need hard gates and cannot be proven by narrow tests alone.
|
|
47
|
+
|
|
48
|
+
## 5. Learn
|
|
49
|
+
|
|
50
|
+
Record reusable lessons when a failure, correction, tool gap, repeated bug, or better process is discovered.
|
|
51
|
+
|
|
52
|
+
Escalate repeated lessons into quality gates or project rules.
|