@t275005746/gse 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (228) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -42
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -50
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -5
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -38
  5. package/.github/workflows/validate-gse.yml +33 -33
  6. package/.gse/README.md +18 -18
  7. package/.gse/gse-development-protocol.md +50 -50
  8. package/.gse/project-profile.md +29 -29
  9. package/.gse/quality-gates.md +25 -25
  10. package/.gse/releases/public-registry-publication-npm.md +49 -0
  11. package/.gse/releases/public-release-owner-required.md +65 -65
  12. package/.gse/releases/public-security-contact-owner-required.md +45 -45
  13. package/.gse/state.json +147 -27
  14. package/CHANGELOG.md +31 -15
  15. package/CONTRIBUTING.md +64 -64
  16. package/LICENSE +21 -21
  17. package/README.md +14 -7
  18. package/README.zh-CN.md +14 -7
  19. package/SECURITY.md +41 -41
  20. package/SKILL.md +32 -12
  21. package/SUPPORT.md +38 -38
  22. package/assets/marketplace/README.md +7 -7
  23. package/assets/marketplace/gse-listing.json +75 -75
  24. package/assets/templates/acceptance-execution-packet.md +73 -73
  25. package/assets/templates/adr.md +14 -14
  26. package/assets/templates/change-brief.md +16 -16
  27. package/assets/templates/design.md +18 -18
  28. package/assets/templates/dispatch-packet.md +100 -92
  29. package/assets/templates/evidence.md +15 -9
  30. package/assets/templates/execution-quality-pack.md +65 -65
  31. package/assets/templates/goal-map.md +21 -21
  32. package/assets/templates/host-adapter.md +48 -48
  33. package/assets/templates/host-ui-invocation-record.md +42 -42
  34. package/assets/templates/incident-review.md +60 -60
  35. package/assets/templates/public-channel-publication-record.md +49 -49
  36. package/assets/templates/public-ci-run-record.md +53 -53
  37. package/assets/templates/public-release-record.md +65 -65
  38. package/assets/templates/public-repository-settings-record.md +59 -59
  39. package/assets/templates/public-security-contact-record.md +45 -45
  40. package/assets/templates/release-trust-record.md +32 -32
  41. package/assets/templates/review.md +18 -18
  42. package/assets/templates/role-fallback-packet.md +49 -0
  43. package/assets/templates/spec.md +16 -16
  44. package/assets/templates/target-adoption-evidence.md +29 -29
  45. package/assets/templates/tasks.md +17 -17
  46. package/assets/templates/update-release-acceptance-record.md +58 -58
  47. package/examples/README.md +22 -22
  48. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -6
  49. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -7
  50. package/examples/agent-runtime-host/.gse/goal-map.md +7 -7
  51. package/examples/agent-runtime-host/.gse/project-profile.md +27 -27
  52. package/examples/agent-runtime-host/.gse/tooling.md +5 -5
  53. package/examples/agent-runtime-host/.mcp.json +9 -9
  54. package/examples/agent-runtime-host/AGENTS.md +5 -5
  55. package/examples/agent-runtime-host/README.md +10 -10
  56. package/examples/agent-runtime-host/docs/model-routing.md +5 -5
  57. package/examples/cli-tool/.gse/project-profile.md +21 -21
  58. package/examples/cli-tool/AGENTS.md +5 -5
  59. package/examples/cli-tool/README.md +12 -12
  60. package/examples/cli-tool/package.json +21 -21
  61. package/examples/small-app/.env.example +2 -2
  62. package/examples/small-app/.github/workflows/ci.yml +8 -8
  63. package/examples/small-app/AGENTS.md +5 -5
  64. package/examples/small-app/README.md +12 -12
  65. package/examples/small-app/package.json +26 -26
  66. package/examples/small-app/playwright.config.ts +4 -4
  67. package/package.json +52 -44
  68. package/references/adoption-recipes.md +171 -171
  69. package/references/agent-roles.md +42 -21
  70. package/references/architecture-health.md +101 -101
  71. package/references/benchmark-audit.md +73 -73
  72. package/references/commands.md +74 -45
  73. package/references/community-channels.md +46 -46
  74. package/references/compatibility.md +70 -70
  75. package/references/design-basis.md +38 -38
  76. package/references/domain-model.md +129 -129
  77. package/references/domain-quality-gates.md +75 -75
  78. package/references/drift-audit.md +81 -80
  79. package/references/evidence-taxonomy.md +145 -108
  80. package/references/file-ownership.md +97 -93
  81. package/references/final-form-roadmap.md +201 -0
  82. package/references/final-readiness.md +84 -84
  83. package/references/forward-test.md +133 -133
  84. package/references/goal-map.md +36 -36
  85. package/references/host-adapters.md +129 -101
  86. package/references/learning-system.md +42 -26
  87. package/references/maintenance-cadence.md +51 -0
  88. package/references/marketplace-discovery.md +46 -46
  89. package/references/model-routing.md +103 -103
  90. package/references/open-source-defaults.md +39 -39
  91. package/references/operating-model.md +52 -52
  92. package/references/packaging.md +277 -277
  93. package/references/project-agent-workspace.md +89 -89
  94. package/references/project-bootstrap.md +122 -122
  95. package/references/project-guards.md +52 -0
  96. package/references/project-profile.md +57 -57
  97. package/references/public-release.md +174 -174
  98. package/references/quality-gates.md +96 -89
  99. package/references/recovery.md +176 -176
  100. package/references/release-trust.md +43 -43
  101. package/references/release.md +126 -126
  102. package/references/review.md +141 -141
  103. package/references/role-dispatch-fallback.md +54 -0
  104. package/references/router.md +90 -90
  105. package/references/spec-workflow.md +66 -66
  106. package/references/task-levels.md +81 -81
  107. package/references/tool-adapters.md +80 -70
  108. package/scripts/audit-acceptance-execution-packet.mjs +133 -133
  109. package/scripts/audit-adoption-recipes.mjs +99 -99
  110. package/scripts/audit-change-lifecycle.mjs +77 -77
  111. package/scripts/audit-change-system.mjs +134 -134
  112. package/scripts/audit-ci-readiness.mjs +107 -107
  113. package/scripts/audit-close-gate-hardening.mjs +188 -0
  114. package/scripts/audit-close-gate.mjs +448 -262
  115. package/scripts/audit-command-adapters.mjs +91 -91
  116. package/scripts/audit-command-execution.mjs +212 -199
  117. package/scripts/audit-commands.mjs +7 -5
  118. package/scripts/audit-compatibility.mjs +149 -149
  119. package/scripts/audit-completion-plan-drill.mjs +230 -0
  120. package/scripts/audit-completion-readiness.mjs +290 -287
  121. package/scripts/audit-continue-preflight.mjs +234 -0
  122. package/scripts/audit-distribution.mjs +251 -251
  123. package/scripts/audit-domain-quality-gates.mjs +108 -108
  124. package/scripts/audit-evidence-levels.mjs +217 -0
  125. package/scripts/audit-evidence-placeholders.mjs +126 -126
  126. package/scripts/audit-evidence-review-queue.mjs +206 -0
  127. package/scripts/audit-final-acceptance-packet.mjs +9 -9
  128. package/scripts/audit-final-form-progress-report.mjs +19 -18
  129. package/scripts/audit-final-form-roadmap.mjs +157 -0
  130. package/scripts/audit-final-form-stale-copy.mjs +2 -2
  131. package/scripts/audit-final-readiness-promotion.mjs +255 -255
  132. package/scripts/audit-final-readiness.mjs +226 -226
  133. package/scripts/audit-fixtures.mjs +154 -154
  134. package/scripts/audit-fresh-session-readiness.mjs +177 -177
  135. package/scripts/audit-host-capabilities.mjs +237 -0
  136. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -159
  137. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -240
  138. package/scripts/audit-host-runtime-invocations.mjs +254 -254
  139. package/scripts/audit-host-ui-invocation.mjs +132 -132
  140. package/scripts/audit-installed-sync.mjs +203 -0
  141. package/scripts/audit-learning-drift.mjs +292 -0
  142. package/scripts/audit-learning-promotion.mjs +351 -0
  143. package/scripts/audit-learning-system.mjs +24 -14
  144. package/scripts/audit-local-final-form-completion.mjs +11 -10
  145. package/scripts/audit-maintenance-cadence.mjs +139 -0
  146. package/scripts/audit-maintenance-snapshot.mjs +181 -0
  147. package/scripts/audit-marketplace-discovery.mjs +122 -122
  148. package/scripts/audit-npm-package-metadata.mjs +160 -154
  149. package/scripts/audit-npm-publish-dry-run.mjs +194 -166
  150. package/scripts/audit-npm-tarball-install.mjs +195 -189
  151. package/scripts/audit-open-source-defaults.mjs +92 -92
  152. package/scripts/audit-open-source-readiness.mjs +97 -97
  153. package/scripts/audit-owner-external-gate-kit.mjs +12 -11
  154. package/scripts/audit-project-guards.mjs +189 -0
  155. package/scripts/audit-project.mjs +144 -141
  156. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -203
  157. package/scripts/audit-public-acceptance-handoff.mjs +10 -10
  158. package/scripts/audit-public-acceptance-readiness.mjs +222 -222
  159. package/scripts/audit-public-channel-publication.mjs +248 -248
  160. package/scripts/audit-public-ci-run.mjs +184 -184
  161. package/scripts/audit-public-collaboration-templates.mjs +98 -98
  162. package/scripts/audit-public-external-gate-probe.mjs +206 -206
  163. package/scripts/audit-public-release-checklist.mjs +17 -15
  164. package/scripts/audit-public-release-decision.mjs +201 -201
  165. package/scripts/audit-public-release-metadata.mjs +176 -176
  166. package/scripts/audit-public-repository-settings.mjs +237 -237
  167. package/scripts/audit-public-security-contact.mjs +171 -171
  168. package/scripts/audit-readme-docs.mjs +6 -4
  169. package/scripts/audit-recovery-readiness.mjs +98 -98
  170. package/scripts/audit-release-bundle.mjs +13 -11
  171. package/scripts/audit-release-owner-action-plan-drill.mjs +5 -4
  172. package/scripts/audit-release-owner-action-plan.mjs +10 -10
  173. package/scripts/audit-release-readiness.mjs +106 -106
  174. package/scripts/audit-release-status-manifest.mjs +4 -4
  175. package/scripts/audit-release-trust.mjs +62 -62
  176. package/scripts/audit-remote-distribution.mjs +266 -266
  177. package/scripts/audit-roadmap-consistency.mjs +234 -230
  178. package/scripts/audit-role-dispatch-fallback.mjs +212 -0
  179. package/scripts/audit-session-sync.mjs +127 -0
  180. package/scripts/audit-signing.mjs +147 -147
  181. package/scripts/audit-state-freshness.mjs +20 -14
  182. package/scripts/audit-state-repair.mjs +360 -0
  183. package/scripts/audit-target-adoption-evidence.mjs +117 -117
  184. package/scripts/audit-target-hardening-drills.mjs +267 -0
  185. package/scripts/audit-target-project.mjs +507 -507
  186. package/scripts/audit-tool-fallback-policy.mjs +180 -0
  187. package/scripts/audit-ui-browser-evidence-policy.mjs +191 -0
  188. package/scripts/audit-update-release-acceptance.mjs +136 -136
  189. package/scripts/audit-v1-target-validation.mjs +269 -269
  190. package/scripts/audit-validation-profiles.mjs +125 -123
  191. package/scripts/backfill-evidence-levels.mjs +98 -0
  192. package/scripts/check-encoding.mjs +72 -0
  193. package/scripts/close-change.mjs +116 -116
  194. package/scripts/discover-project-profile.mjs +307 -307
  195. package/scripts/generate-command-adapter.mjs +231 -231
  196. package/scripts/generate-continue-packet.mjs +1214 -0
  197. package/scripts/generate-final-acceptance-packet.mjs +188 -173
  198. package/scripts/generate-final-form-progress-report.mjs +191 -189
  199. package/scripts/generate-host-runtime-evidence-handoff.mjs +198 -191
  200. package/scripts/generate-maintenance-snapshot.mjs +216 -0
  201. package/scripts/generate-owner-external-gate-kit.mjs +295 -295
  202. package/scripts/generate-public-acceptance-handoff.mjs +168 -156
  203. package/scripts/generate-public-release-checklist.mjs +207 -207
  204. package/scripts/generate-release-bundle.mjs +505 -505
  205. package/scripts/generate-release-owner-action-plan.mjs +172 -171
  206. package/scripts/generate-release-status-manifest.mjs +199 -198
  207. package/scripts/generate-session-prompt.mjs +188 -188
  208. package/scripts/gse.mjs +67 -67
  209. package/scripts/init-change.mjs +265 -265
  210. package/scripts/init-project.mjs +793 -712
  211. package/scripts/install-gse.mjs +234 -234
  212. package/scripts/lib/evidence-placeholders.mjs +28 -28
  213. package/scripts/package-gse.mjs +174 -174
  214. package/scripts/probe-public-external-gates.mjs +167 -167
  215. package/scripts/record-host-invocation.mjs +151 -151
  216. package/scripts/record-learning.mjs +37 -8
  217. package/scripts/record-public-channel-publication.mjs +178 -178
  218. package/scripts/record-public-ci-run.mjs +180 -180
  219. package/scripts/record-public-release.mjs +175 -175
  220. package/scripts/record-public-repository-settings.mjs +209 -209
  221. package/scripts/record-public-security-contact.mjs +157 -157
  222. package/scripts/record-session-sync.mjs +87 -0
  223. package/scripts/run-gse-command.mjs +79 -47
  224. package/scripts/run-validation-profile.mjs +24 -5
  225. package/scripts/sign-gse-package.mjs +83 -83
  226. package/scripts/update-project-state.mjs +223 -223
  227. package/scripts/validate-gse.mjs +216 -0
  228. package/scripts/verify-gse-package.mjs +85 -85
@@ -1,89 +1,89 @@
1
- # Project Agent Workspace
2
-
3
- Use this when the user asks whether GSE can create a project-local directory for agent workflow files, hooks, skills, roles, LSP notes, MCP notes, plugins, and tool adapters.
4
-
5
- ## Design Rule
6
-
7
- GSE owns `.gse/` as the portable layer. Tool-specific folders are adapters, not the source of truth.
8
-
9
- ```text
10
- project-root/
11
- .gse/
12
- README.md
13
- goal-map.md
14
- quality-gates.md
15
- tooling.md
16
- learnings.md
17
- agent-workspace.md
18
- agents/
19
- roles.md
20
- dispatch.md
21
- hooks/
22
- README.md
23
- skills/
24
- README.md
25
- mcp/
26
- README.md
27
- lsp/
28
- README.md
29
- plugins/
30
- README.md
31
- changes/
32
- evidence/
33
- templates/
34
- ```
35
-
36
- ## Why `.gse/` Instead of `.claude/` or `.codex/`
37
-
38
- - `.claude/`, `.codex/`, `.agents/`, and product-specific runtime folders can be useful, but they bind the project to one host.
39
- - `.gse/` is the neutral contract any agent can read.
40
- - Adapters may mirror or link from `.gse/`, but durable workflow decisions should remain in `.gse/`.
41
-
42
- ## Directory Responsibilities
43
-
44
- | Path | Purpose | Required |
45
- |---|---|---|
46
- | `.gse/goal-map.md` | Current goals, priorities, risks, next slice | yes |
47
- | `.gse/quality-gates.md` | Verification and release gates | yes |
48
- | `.gse/tooling.md` | Available tools and optional adapters | yes |
49
- | `.gse/agent-workspace.md` | Map of local agent folders and host adapters | standard+ |
50
- | `.gse/agents/roles.md` | Role definitions and boundaries | standard+ |
51
- | `.gse/agents/dispatch.md` | How to delegate work when subagents exist | standard+ |
52
- | `.gse/hooks/README.md` | Hook ideas and host-specific hook mapping | enterprise |
53
- | `.gse/skills/README.md` | Project-local skill inventory and install notes | standard+ |
54
- | `.gse/mcp/README.md` | MCP servers, permissions, and setup notes | enterprise |
55
- | `.gse/lsp/README.md` | Indexing/LSP commands and symbol navigation notes | standard+ |
56
- | `.gse/plugins/README.md` | Optional plugins and runtime adapters | enterprise |
57
-
58
- ## Host Adapter Pattern
59
-
60
- Use adapters only when the host supports them:
61
-
62
- - Codex: `.codex/`, Codex skills, MCP config, available subagent tools.
63
- - Claude Code: `.claude/`, commands, hooks, agents, MCP config.
64
- - Hermes or AION-like runtimes: runtime skills, worker adapters, memory, tool substrate.
65
- - WorkBuddy or other hosts: local docs, commands, MCP, index, and automation conventions.
66
-
67
- When an adapter is needed, write a short pointer from the host folder back to `.gse/` rather than duplicating the whole process.
68
-
69
- ## Lessons Borrowed From Skill Repositories
70
-
71
- Verified local observations from `mattpocock/skills` snapshot:
72
-
73
- - Skills are organized by bucket, such as `engineering/` and `productivity/`.
74
- - It has a setup skill that configures per-repo assumptions before other skills rely on them.
75
- - It uses project docs such as `CONTEXT.md`, ADRs, issue tracker config, and a router skill.
76
- - It distinguishes user-invoked and model-invoked skills.
77
-
78
- GSE adopts the same principles at a workflow level: setup first, local context first, small composable roles, and a router-like goal map. GSE does not copy its Claude-specific plugin layout as a hard requirement.
79
-
80
- ## Missing Areas To Keep Tracking
81
-
82
- - Secrets and permission boundaries for MCP/tools.
83
- - Cross-agent lock files or ownership rules for concurrent edits.
84
- - CI integration for quality gates.
85
- - Release and rollback playbooks.
86
- - Observability for long-running agent work: traces, cost, failed commands, retries.
87
- - Prompt/context budgets and compaction handoff format.
88
- - Drift audits for stale local skills, hooks, or generated docs.
89
-
1
+ # Project Agent Workspace
2
+
3
+ Use this when the user asks whether GSE can create a project-local directory for agent workflow files, hooks, skills, roles, LSP notes, MCP notes, plugins, and tool adapters.
4
+
5
+ ## Design Rule
6
+
7
+ GSE owns `.gse/` as the portable layer. Tool-specific folders are adapters, not the source of truth.
8
+
9
+ ```text
10
+ project-root/
11
+ .gse/
12
+ README.md
13
+ goal-map.md
14
+ quality-gates.md
15
+ tooling.md
16
+ learnings.md
17
+ agent-workspace.md
18
+ agents/
19
+ roles.md
20
+ dispatch.md
21
+ hooks/
22
+ README.md
23
+ skills/
24
+ README.md
25
+ mcp/
26
+ README.md
27
+ lsp/
28
+ README.md
29
+ plugins/
30
+ README.md
31
+ changes/
32
+ evidence/
33
+ templates/
34
+ ```
35
+
36
+ ## Why `.gse/` Instead of `.claude/` or `.codex/`
37
+
38
+ - `.claude/`, `.codex/`, `.agents/`, and product-specific runtime folders can be useful, but they bind the project to one host.
39
+ - `.gse/` is the neutral contract any agent can read.
40
+ - Adapters may mirror or link from `.gse/`, but durable workflow decisions should remain in `.gse/`.
41
+
42
+ ## Directory Responsibilities
43
+
44
+ | Path | Purpose | Required |
45
+ |---|---|---|
46
+ | `.gse/goal-map.md` | Current goals, priorities, risks, next slice | yes |
47
+ | `.gse/quality-gates.md` | Verification and release gates | yes |
48
+ | `.gse/tooling.md` | Available tools and optional adapters | yes |
49
+ | `.gse/agent-workspace.md` | Map of local agent folders and host adapters | standard+ |
50
+ | `.gse/agents/roles.md` | Role definitions and boundaries | standard+ |
51
+ | `.gse/agents/dispatch.md` | How to delegate work when subagents exist | standard+ |
52
+ | `.gse/hooks/README.md` | Hook ideas and host-specific hook mapping | enterprise |
53
+ | `.gse/skills/README.md` | Project-local skill inventory and install notes | standard+ |
54
+ | `.gse/mcp/README.md` | MCP servers, permissions, and setup notes | enterprise |
55
+ | `.gse/lsp/README.md` | Indexing/LSP commands and symbol navigation notes | standard+ |
56
+ | `.gse/plugins/README.md` | Optional plugins and runtime adapters | enterprise |
57
+
58
+ ## Host Adapter Pattern
59
+
60
+ Use adapters only when the host supports them:
61
+
62
+ - Codex: `.codex/`, Codex skills, MCP config, available subagent tools.
63
+ - Claude Code: `.claude/`, commands, hooks, agents, MCP config.
64
+ - Hermes or AION-like runtimes: runtime skills, worker adapters, memory, tool substrate.
65
+ - WorkBuddy or other hosts: local docs, commands, MCP, index, and automation conventions.
66
+
67
+ When an adapter is needed, write a short pointer from the host folder back to `.gse/` rather than duplicating the whole process.
68
+
69
+ ## Lessons Borrowed From Skill Repositories
70
+
71
+ Verified local observations from `mattpocock/skills` snapshot:
72
+
73
+ - Skills are organized by bucket, such as `engineering/` and `productivity/`.
74
+ - It has a setup skill that configures per-repo assumptions before other skills rely on them.
75
+ - It uses project docs such as `CONTEXT.md`, ADRs, issue tracker config, and a router skill.
76
+ - It distinguishes user-invoked and model-invoked skills.
77
+
78
+ GSE adopts the same principles at a workflow level: setup first, local context first, small composable roles, and a router-like goal map. GSE does not copy its Claude-specific plugin layout as a hard requirement.
79
+
80
+ ## Missing Areas To Keep Tracking
81
+
82
+ - Secrets and permission boundaries for MCP/tools.
83
+ - Cross-agent lock files or ownership rules for concurrent edits.
84
+ - CI integration for quality gates.
85
+ - Release and rollback playbooks.
86
+ - Observability for long-running agent work: traces, cost, failed commands, retries.
87
+ - Prompt/context budgets and compaction handoff format.
88
+ - Drift audits for stale local skills, hooks, or generated docs.
89
+
@@ -1,122 +1,122 @@
1
- # Project Bootstrap
2
-
3
- Use this when initializing GSE in a project.
4
-
5
- Use `references/adoption-recipes.md` when choosing between fresh install, existing repo adoption, GSE update, or host adapter adoption paths.
6
-
7
- ## Modes
8
-
9
- - `auto`: default mode; chooses a scaffold from project files, scripts, CI, host folders, and runtime/tooling signals.
10
- - `lite`: minimal workflow files for small tasks or small projects.
11
- - `standard`: adds project-local agent workspace files for durable agent-assisted development.
12
- - `enterprise`: adds hooks, MCP, plugins, release, incident, and audit placeholders for large or long-running projects.
13
-
14
- ## Minimal `.gse/` Files
15
-
16
- ```text
17
- .gse/
18
- README.md
19
- state.json
20
- project-profile.md
21
- goal-map.md
22
- goals/
23
- README.md
24
- quality-gates.md
25
- tooling.md
26
- learnings.md
27
- changes/
28
- evidence/
29
- index.jsonl
30
- templates/
31
- ```
32
-
33
- ## Standard Agent Workspace Files
34
-
35
- See `project-agent-workspace.md` for responsibilities.
36
-
37
- ```text
38
- .gse/
39
- agent-workspace.md
40
- agents/
41
- roles.md
42
- dispatch.md
43
- skills/
44
- README.md
45
- lsp/
46
- README.md
47
- ```
48
-
49
- ## Enterprise Files
50
-
51
- ```text
52
- .gse/
53
- hooks/README.md
54
- mcp/README.md
55
- plugins/README.md
56
- release.md
57
- incident-review.md
58
- audit.md
59
- ```
60
-
61
- ## Host Adapter Files
62
-
63
- When `enterprise` mode is selected and host folders already exist, `init-project.mjs` can add thin adapters such as:
64
-
65
- ```text
66
- .codex/gse-adapter.md
67
- .claude/gse-adapter.md
68
- ```
69
-
70
- These files point back to `.gse/` and must not duplicate the portable goal map, quality gates, or evidence log.
71
-
72
- For new host command/pointer adapters, prefer:
73
-
74
- ```bash
75
- node <skill-dir>/scripts/generate-command-adapter.mjs --target <project-root> --host claude|codex|hermes|workbuddy|copilot|gemini|generic|all
76
- ```
77
-
78
- The older `.codex/gse-adapter.md` and `.claude/gse-adapter.md` files remain compatibility pointers for existing scaffold and fixture coverage.
79
-
80
- ## Recommended Command
81
-
82
- ```bash
83
- node <skill-dir>/scripts/init-project.mjs --target <project-root>
84
- ```
85
-
86
- This uses `--mode auto`. Pass `--mode lite`, `--mode standard`, or `--mode enterprise` when the project owner wants a specific scaffold.
87
-
88
- The script should not overwrite existing files unless `--force` is passed.
89
-
90
- ## Bootstrap Smoke
91
-
92
- Use this after changing scaffold behavior or before trusting a packaged GSE skill:
93
-
94
- ```bash
95
- node <skill-dir>/scripts/audit-project.mjs --root <skill-dir>
96
- ```
97
-
98
- This verifies `lite`, `standard`, `enterprise`, and representative `auto` scaffold selection in temporary directories and checks rerun safety. It does not certify arbitrary real repositories, package installs, CI, or fresh-session acceptance.
99
-
100
- ## AGENTS.md Integration
101
-
102
- Add a short project rule only with explicit approval:
103
-
104
- ```markdown
105
- ## GSE Workflow
106
-
107
- This project follows GSE (Goal-Spec-Evidence Engineering). Start meaningful work by reading `.gse/README.md`, bind non-trivial tasks to `.gse/goal-map.md`, and finish with evidence in `.gse/evidence/` or the project-specific evidence log.
108
- ```
109
-
110
- ## Bootstrap Acceptance
111
-
112
- - `.gse/README.md` exists.
113
- - `.gse/state.json` exists and records mode, phase, current slice status, tool statuses, last evidence, and residual risks.
114
- - `.gse/project-profile.md` exists and can capture project-specific standards, commands, tools, and permissions.
115
- - Goal map has a North Star and Current Focus section.
116
- - `.gse/evidence/index.jsonl` exists and contains at least one machine-readable adoption or slice record.
117
- - `.gse/goals/README.md` exists so large projects can place module-level goal details outside the root goal map.
118
- - Quality gates list at least universal, code, UI, release, and learning gates.
119
- - Tooling file records available and optional tools.
120
- - Standard mode records project-local agent workspace files.
121
- - Enterprise mode records hooks, MCP, plugins, release, incident, and audit placeholders.
122
- - Enterprise auto mode writes compatibility host adapter files for existing `.codex/` or `.claude/` folders; command adapters for broader hosts use `generate-command-adapter.mjs`.
1
+ # Project Bootstrap
2
+
3
+ Use this when initializing GSE in a project.
4
+
5
+ Use `references/adoption-recipes.md` when choosing between fresh install, existing repo adoption, GSE update, or host adapter adoption paths.
6
+
7
+ ## Modes
8
+
9
+ - `auto`: default mode; chooses a scaffold from project files, scripts, CI, host folders, and runtime/tooling signals.
10
+ - `lite`: minimal workflow files for small tasks or small projects.
11
+ - `standard`: adds project-local agent workspace files for durable agent-assisted development.
12
+ - `enterprise`: adds hooks, MCP, plugins, release, incident, and audit placeholders for large or long-running projects.
13
+
14
+ ## Minimal `.gse/` Files
15
+
16
+ ```text
17
+ .gse/
18
+ README.md
19
+ state.json
20
+ project-profile.md
21
+ goal-map.md
22
+ goals/
23
+ README.md
24
+ quality-gates.md
25
+ tooling.md
26
+ learnings.md
27
+ changes/
28
+ evidence/
29
+ index.jsonl
30
+ templates/
31
+ ```
32
+
33
+ ## Standard Agent Workspace Files
34
+
35
+ See `project-agent-workspace.md` for responsibilities.
36
+
37
+ ```text
38
+ .gse/
39
+ agent-workspace.md
40
+ agents/
41
+ roles.md
42
+ dispatch.md
43
+ skills/
44
+ README.md
45
+ lsp/
46
+ README.md
47
+ ```
48
+
49
+ ## Enterprise Files
50
+
51
+ ```text
52
+ .gse/
53
+ hooks/README.md
54
+ mcp/README.md
55
+ plugins/README.md
56
+ release.md
57
+ incident-review.md
58
+ audit.md
59
+ ```
60
+
61
+ ## Host Adapter Files
62
+
63
+ When `enterprise` mode is selected and host folders already exist, `init-project.mjs` can add thin adapters such as:
64
+
65
+ ```text
66
+ .codex/gse-adapter.md
67
+ .claude/gse-adapter.md
68
+ ```
69
+
70
+ These files point back to `.gse/` and must not duplicate the portable goal map, quality gates, or evidence log.
71
+
72
+ For new host command/pointer adapters, prefer:
73
+
74
+ ```bash
75
+ node <skill-dir>/scripts/generate-command-adapter.mjs --target <project-root> --host claude|codex|hermes|workbuddy|copilot|gemini|generic|all
76
+ ```
77
+
78
+ The older `.codex/gse-adapter.md` and `.claude/gse-adapter.md` files remain compatibility pointers for existing scaffold and fixture coverage.
79
+
80
+ ## Recommended Command
81
+
82
+ ```bash
83
+ node <skill-dir>/scripts/init-project.mjs --target <project-root>
84
+ ```
85
+
86
+ This uses `--mode auto`. Pass `--mode lite`, `--mode standard`, or `--mode enterprise` when the project owner wants a specific scaffold.
87
+
88
+ The script should not overwrite existing files unless `--force` is passed.
89
+
90
+ ## Bootstrap Smoke
91
+
92
+ Use this after changing scaffold behavior or before trusting a packaged GSE skill:
93
+
94
+ ```bash
95
+ node <skill-dir>/scripts/audit-project.mjs --root <skill-dir>
96
+ ```
97
+
98
+ This verifies `lite`, `standard`, `enterprise`, and representative `auto` scaffold selection in temporary directories and checks rerun safety. It does not certify arbitrary real repositories, package installs, CI, or fresh-session acceptance.
99
+
100
+ ## AGENTS.md Integration
101
+
102
+ Add a short project rule only with explicit approval:
103
+
104
+ ```markdown
105
+ ## GSE Workflow
106
+
107
+ This project follows GSE (Goal-Spec-Evidence Engineering). Start meaningful work by reading `.gse/README.md`, bind non-trivial tasks to `.gse/goal-map.md`, and finish with evidence in `.gse/evidence/` or the project-specific evidence log.
108
+ ```
109
+
110
+ ## Bootstrap Acceptance
111
+
112
+ - `.gse/README.md` exists.
113
+ - `.gse/state.json` exists and records mode, phase, current slice status, tool statuses, last evidence, and residual risks.
114
+ - `.gse/project-profile.md` exists and can capture project-specific standards, commands, tools, and permissions.
115
+ - Goal map has a North Star and Current Focus section.
116
+ - `.gse/evidence/index.jsonl` exists and contains at least one machine-readable adoption or slice record.
117
+ - `.gse/goals/README.md` exists so large projects can place module-level goal details outside the root goal map.
118
+ - Quality gates list at least universal, code, UI, release, and learning gates.
119
+ - Tooling file records available and optional tools.
120
+ - Standard mode records project-local agent workspace files.
121
+ - Enterprise mode records hooks, MCP, plugins, release, incident, and audit placeholders.
122
+ - Enterprise auto mode writes compatibility host adapter files for existing `.codex/` or `.claude/` folders; command adapters for broader hosts use `generate-command-adapter.mjs`.
@@ -0,0 +1,52 @@
1
+ # Project Guards
2
+
3
+ Project guards are reusable preflight rules promoted from repeated project lessons.
4
+
5
+ They sit between learning notes and hard quality gates:
6
+
7
+ ```text
8
+ lesson -> project guard -> quality gate -> script/test/skill update
9
+ ```
10
+
11
+ Use guards when a mistake is likely to recur across sessions, but the rule still needs project context.
12
+
13
+ ## Guard File
14
+
15
+ Default project-local path:
16
+
17
+ ```text
18
+ .gse/project-guards.md
19
+ ```
20
+
21
+ The file uses a small table so humans can edit it and scripts can audit it:
22
+
23
+ | ID | Guard | Severity | Trigger | Check | Status |
24
+ |---|---|---|---|---|---|
25
+ | UTF8-DOC | Use UTF-8-safe readers for Chinese or multilingual docs before judging mojibake. | high | Chinese docs or encoding complaint | Read with Node UTF-8 or another UTF-8-safe viewer; run the project encoding check when docs changed. | active |
26
+
27
+ ## Default Guard Set
28
+
29
+ - `WIN-SHELL`: shell syntax must match the active host.
30
+ - `SPARSE-GIT`: sparse checkout must be checked before staging generated workflow folders.
31
+ - `UTF8-DOC`: multilingual docs need UTF-8-safe reads and encoding checks.
32
+ - `EVIDENCE-STALE`: stale or broken evidence is a preflight issue.
33
+ - `UI-EVIDENCE`: UI/browser downgrades must be labeled explicitly.
34
+ - `SUBAGENT-HONEST`: subagent dispatch claims require real host evidence.
35
+ - `SYNC-NO-INTERRUPT`: cross-thread GSE upgrade sync must not interrupt a running project session.
36
+
37
+ ## Continue Behavior
38
+
39
+ `/gse continue` reads `.gse/project-guards.md` when present and returns an active guard summary in the compact packet.
40
+
41
+ Missing guard files are a warning for mature projects, not a hard failure. Broken state or evidence remains the hard preflight failure.
42
+
43
+ ## Promotion
44
+
45
+ - First occurrence: record in `.gse/learnings.md`.
46
+ - Second occurrence: update a checklist, template, or guard candidate.
47
+ - Third occurrence: promote to `.gse/project-guards.md` or `.gse/quality-gates.md`.
48
+ - Fifth occurrence: automate as a script, test, or skill update.
49
+
50
+ Do not hardcode product-specific behavior into the GSE skill. AION and MuseFlow can supply examples and evidence, but project guards must stay generic.
51
+
52
+ Cross-thread sync is a guard-sensitive action: prefer evidence records, release notes, or owner action notes. Send a message to another active project session only when it is idle or the owner explicitly asks for immediate sync.
@@ -1,57 +1,57 @@
1
- # Project Profile
2
-
3
- Use this when a project has its own development standards, commands, tool connections, CI, MCP servers, LSP/index setup, release process, security rules, or agent-host conventions.
4
-
5
- ## Principle
6
-
7
- Project-local rules override generic GSE defaults. GSE should adapt to the project, not flatten the project into a generic workflow.
8
-
9
- ## Discovery Order
10
-
11
- Read only what is relevant to the task and risk level:
12
-
13
- 1. Agent rules: `AGENTS.md`, `CLAUDE.md`, `GEMINI.md`, `.cursorrules`, `.windsurfrules`, or host equivalents.
14
- 2. Project docs: README, CONTRIBUTING, CODING_STANDARDS, architecture docs, ADRs, `CONTEXT.md`.
15
- 3. Commands and scripts: `package.json`, `Makefile`, task runners, CI workflows, test config.
16
- 4. Tooling connections: MCP config, browser/Playwright config, LSP/index config, deployment config, observability config.
17
- 5. Secrets and permissions: `.env.example`, secret docs, write-capable tools, destructive commands.
18
- 6. Existing GSE files: `.gse/project-profile.md`, `.gse/tooling.md`, `.gse/quality-gates.md`.
19
-
20
- Avoid reading generated output, large logs, lockfiles, caches, screenshots, or archives unless the current task needs them.
21
-
22
- ## What To Capture
23
-
24
- Keep `.gse/project-profile.md` short and factual:
25
-
26
- - Product or system identity.
27
- - Repository type and main languages/frameworks.
28
- - Development commands and focused verification commands.
29
- - Coding standards and formatting rules.
30
- - Testing strategy and required gates.
31
- - Tool connections: MCP, LSP/index, browser automation, CI, deploy, observability.
32
- - Model routing: project-approved providers, model/tool ids, capability fit, cost/latency expectations, privacy limits, and fallback policy.
33
- - Agent host adapters: Codex, Claude Code, Hermes/AION-style runtime, WorkBuddy, or other hosts; use `references/compatibility.md` for support status labels.
34
- - Security and permission boundaries.
35
- - Release and rollback expectations.
36
- - Known gotchas.
37
-
38
- ## Conflict Rules
39
-
40
- - User instruction in the current conversation wins.
41
- - Project rules beat GSE generic defaults.
42
- - More specific docs beat broad docs when they clearly apply to the current subsystem.
43
- - If two project rules conflict, surface the conflict before editing.
44
- - Never invent tool availability. Mark unverified connections as `unknown` until tested or documented.
45
-
46
- ## Refresh Triggers
47
-
48
- Use `references/drift-audit.md` when current project facts may have diverged from recorded profile, tooling, host, release, or permission assumptions.
49
-
50
- Refresh `.gse/project-profile.md` when:
51
-
52
- - The user says a tool/config/standard exists but GSE cannot see it.
53
- - A command fails because the wrong package manager, shell, or service was assumed.
54
- - CI/test/deploy config changes.
55
- - New MCP, LSP, browser, worker, model, or plugin connections are added.
56
- - A recurring issue appears in evidence or incident reviews.
57
-
1
+ # Project Profile
2
+
3
+ Use this when a project has its own development standards, commands, tool connections, CI, MCP servers, LSP/index setup, release process, security rules, or agent-host conventions.
4
+
5
+ ## Principle
6
+
7
+ Project-local rules override generic GSE defaults. GSE should adapt to the project, not flatten the project into a generic workflow.
8
+
9
+ ## Discovery Order
10
+
11
+ Read only what is relevant to the task and risk level:
12
+
13
+ 1. Agent rules: `AGENTS.md`, `CLAUDE.md`, `GEMINI.md`, `.cursorrules`, `.windsurfrules`, or host equivalents.
14
+ 2. Project docs: README, CONTRIBUTING, CODING_STANDARDS, architecture docs, ADRs, `CONTEXT.md`.
15
+ 3. Commands and scripts: `package.json`, `Makefile`, task runners, CI workflows, test config.
16
+ 4. Tooling connections: MCP config, browser/Playwright config, LSP/index config, deployment config, observability config.
17
+ 5. Secrets and permissions: `.env.example`, secret docs, write-capable tools, destructive commands.
18
+ 6. Existing GSE files: `.gse/project-profile.md`, `.gse/tooling.md`, `.gse/quality-gates.md`.
19
+
20
+ Avoid reading generated output, large logs, lockfiles, caches, screenshots, or archives unless the current task needs them.
21
+
22
+ ## What To Capture
23
+
24
+ Keep `.gse/project-profile.md` short and factual:
25
+
26
+ - Product or system identity.
27
+ - Repository type and main languages/frameworks.
28
+ - Development commands and focused verification commands.
29
+ - Coding standards and formatting rules.
30
+ - Testing strategy and required gates.
31
+ - Tool connections: MCP, LSP/index, browser automation, CI, deploy, observability.
32
+ - Model routing: project-approved providers, model/tool ids, capability fit, cost/latency expectations, privacy limits, and fallback policy.
33
+ - Agent host adapters: Codex, Claude Code, Hermes/AION-style runtime, WorkBuddy, or other hosts; use `references/compatibility.md` for support status labels.
34
+ - Security and permission boundaries.
35
+ - Release and rollback expectations.
36
+ - Known gotchas.
37
+
38
+ ## Conflict Rules
39
+
40
+ - User instruction in the current conversation wins.
41
+ - Project rules beat GSE generic defaults.
42
+ - More specific docs beat broad docs when they clearly apply to the current subsystem.
43
+ - If two project rules conflict, surface the conflict before editing.
44
+ - Never invent tool availability. Mark unverified connections as `unknown` until tested or documented.
45
+
46
+ ## Refresh Triggers
47
+
48
+ Use `references/drift-audit.md` when current project facts may have diverged from recorded profile, tooling, host, release, or permission assumptions.
49
+
50
+ Refresh `.gse/project-profile.md` when:
51
+
52
+ - The user says a tool/config/standard exists but GSE cannot see it.
53
+ - A command fails because the wrong package manager, shell, or service was assumed.
54
+ - CI/test/deploy config changes.
55
+ - New MCP, LSP, browser, worker, model, or plugin connections are added.
56
+ - A recurring issue appears in evidence or incident reviews.
57
+