@t275005746/gse 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (207) hide show
  1. package/.github/ISSUE_TEMPLATE/bug_report.yml +42 -0
  2. package/.github/ISSUE_TEMPLATE/change_request.yml +50 -0
  3. package/.github/ISSUE_TEMPLATE/config.yml +5 -0
  4. package/.github/PULL_REQUEST_TEMPLATE.md +38 -0
  5. package/.github/workflows/validate-gse.yml +33 -0
  6. package/.gse/README.md +18 -0
  7. package/.gse/gse-development-protocol.md +50 -0
  8. package/.gse/project-profile.md +29 -0
  9. package/.gse/quality-gates.md +25 -0
  10. package/.gse/releases/public-channel-publication-pending.md +49 -0
  11. package/.gse/releases/public-ci-run-pending.md +53 -0
  12. package/.gse/releases/public-release-owner-required.md +65 -0
  13. package/.gse/releases/public-repository-settings-owner-required.md +59 -0
  14. package/.gse/releases/public-security-contact-owner-required.md +45 -0
  15. package/.gse/state.json +27 -0
  16. package/CHANGELOG.md +24 -0
  17. package/CONTRIBUTING.md +64 -0
  18. package/LICENSE +21 -0
  19. package/README.md +236 -0
  20. package/README.zh-CN.md +236 -0
  21. package/SECURITY.md +41 -0
  22. package/SKILL.md +148 -0
  23. package/SUPPORT.md +38 -0
  24. package/agents/openai.yaml +4 -0
  25. package/assets/marketplace/README.md +7 -0
  26. package/assets/marketplace/gse-listing.json +75 -0
  27. package/assets/templates/acceptance-execution-packet.md +73 -0
  28. package/assets/templates/adr.md +14 -0
  29. package/assets/templates/change-brief.md +16 -0
  30. package/assets/templates/design.md +18 -0
  31. package/assets/templates/dispatch-packet.md +104 -0
  32. package/assets/templates/evidence.md +14 -0
  33. package/assets/templates/execution-quality-pack.md +65 -0
  34. package/assets/templates/goal-map.md +21 -0
  35. package/assets/templates/host-adapter.md +48 -0
  36. package/assets/templates/host-ui-invocation-record.md +42 -0
  37. package/assets/templates/incident-review.md +60 -0
  38. package/assets/templates/public-channel-publication-record.md +49 -0
  39. package/assets/templates/public-ci-run-record.md +53 -0
  40. package/assets/templates/public-release-record.md +65 -0
  41. package/assets/templates/public-repository-settings-record.md +59 -0
  42. package/assets/templates/public-security-contact-record.md +45 -0
  43. package/assets/templates/release-trust-record.md +32 -0
  44. package/assets/templates/review.md +18 -0
  45. package/assets/templates/spec.md +16 -0
  46. package/assets/templates/target-adoption-evidence.md +29 -0
  47. package/assets/templates/tasks.md +17 -0
  48. package/assets/templates/update-release-acceptance-record.md +58 -0
  49. package/examples/README.md +22 -0
  50. package/examples/agent-runtime-host/.claude/gse-adapter.md +6 -0
  51. package/examples/agent-runtime-host/.codex/gse-adapter.md +7 -0
  52. package/examples/agent-runtime-host/.gse/goal-map.md +7 -0
  53. package/examples/agent-runtime-host/.gse/project-profile.md +27 -0
  54. package/examples/agent-runtime-host/.gse/tooling.md +5 -0
  55. package/examples/agent-runtime-host/.mcp.json +9 -0
  56. package/examples/agent-runtime-host/AGENTS.md +5 -0
  57. package/examples/agent-runtime-host/README.md +10 -0
  58. package/examples/agent-runtime-host/docs/model-routing.md +5 -0
  59. package/examples/cli-tool/.gse/project-profile.md +21 -0
  60. package/examples/cli-tool/AGENTS.md +5 -0
  61. package/examples/cli-tool/README.md +12 -0
  62. package/examples/cli-tool/package.json +21 -0
  63. package/examples/small-app/.env.example +2 -0
  64. package/examples/small-app/.github/workflows/ci.yml +8 -0
  65. package/examples/small-app/AGENTS.md +5 -0
  66. package/examples/small-app/README.md +12 -0
  67. package/examples/small-app/package.json +26 -0
  68. package/examples/small-app/playwright.config.ts +4 -0
  69. package/package.json +53 -0
  70. package/references/adoption-recipes.md +171 -0
  71. package/references/agent-roles.md +49 -0
  72. package/references/architecture-health.md +101 -0
  73. package/references/benchmark-audit.md +73 -0
  74. package/references/commands.md +295 -0
  75. package/references/community-channels.md +46 -0
  76. package/references/compatibility.md +70 -0
  77. package/references/design-basis.md +38 -0
  78. package/references/domain-model.md +129 -0
  79. package/references/domain-quality-gates.md +75 -0
  80. package/references/drift-audit.md +81 -0
  81. package/references/evidence-taxonomy.md +123 -0
  82. package/references/file-ownership.md +107 -0
  83. package/references/final-readiness.md +84 -0
  84. package/references/forward-test.md +133 -0
  85. package/references/goal-map.md +36 -0
  86. package/references/host-adapters.md +119 -0
  87. package/references/learning-system.md +35 -0
  88. package/references/marketplace-discovery.md +46 -0
  89. package/references/model-routing.md +103 -0
  90. package/references/open-source-defaults.md +39 -0
  91. package/references/operating-model.md +52 -0
  92. package/references/packaging.md +277 -0
  93. package/references/project-agent-workspace.md +89 -0
  94. package/references/project-bootstrap.md +122 -0
  95. package/references/project-profile.md +57 -0
  96. package/references/public-release.md +174 -0
  97. package/references/quality-gates.md +100 -0
  98. package/references/recovery.md +176 -0
  99. package/references/release-trust.md +43 -0
  100. package/references/release.md +126 -0
  101. package/references/review.md +141 -0
  102. package/references/router.md +90 -0
  103. package/references/spec-workflow.md +66 -0
  104. package/references/task-levels.md +81 -0
  105. package/references/tool-adapters.md +73 -0
  106. package/scripts/audit-acceptance-execution-packet.mjs +133 -0
  107. package/scripts/audit-adoption-recipes.mjs +99 -0
  108. package/scripts/audit-adoption.mjs +154 -0
  109. package/scripts/audit-change-lifecycle.mjs +77 -0
  110. package/scripts/audit-change-system.mjs +134 -0
  111. package/scripts/audit-ci-readiness.mjs +107 -0
  112. package/scripts/audit-close-gate.mjs +323 -0
  113. package/scripts/audit-command-adapters.mjs +91 -0
  114. package/scripts/audit-command-execution.mjs +210 -0
  115. package/scripts/audit-commands.mjs +117 -0
  116. package/scripts/audit-compatibility.mjs +149 -0
  117. package/scripts/audit-completion-readiness.mjs +292 -0
  118. package/scripts/audit-distribution.mjs +251 -0
  119. package/scripts/audit-domain-quality-gates.mjs +108 -0
  120. package/scripts/audit-evidence-placeholders.mjs +126 -0
  121. package/scripts/audit-final-acceptance-packet.mjs +148 -0
  122. package/scripts/audit-final-form-progress-report.mjs +161 -0
  123. package/scripts/audit-final-form-stale-copy.mjs +221 -0
  124. package/scripts/audit-final-readiness-promotion.mjs +255 -0
  125. package/scripts/audit-final-readiness.mjs +226 -0
  126. package/scripts/audit-fixtures.mjs +154 -0
  127. package/scripts/audit-fresh-session-readiness.mjs +177 -0
  128. package/scripts/audit-gse.mjs +275 -0
  129. package/scripts/audit-host-adapters.mjs +119 -0
  130. package/scripts/audit-host-runtime-evidence-handoff.mjs +159 -0
  131. package/scripts/audit-host-runtime-invocation-drill.mjs +240 -0
  132. package/scripts/audit-host-runtime-invocations.mjs +254 -0
  133. package/scripts/audit-host-ui-invocation.mjs +132 -0
  134. package/scripts/audit-learning-system.mjs +103 -0
  135. package/scripts/audit-local-final-form-completion.mjs +131 -0
  136. package/scripts/audit-marketplace-discovery.mjs +122 -0
  137. package/scripts/audit-npm-package-metadata.mjs +155 -0
  138. package/scripts/audit-npm-publish-dry-run.mjs +169 -0
  139. package/scripts/audit-npm-tarball-install.mjs +191 -0
  140. package/scripts/audit-open-source-defaults.mjs +92 -0
  141. package/scripts/audit-open-source-readiness.mjs +97 -0
  142. package/scripts/audit-owner-external-gate-kit.mjs +218 -0
  143. package/scripts/audit-project.mjs +323 -0
  144. package/scripts/audit-public-acceptance-command-dry-run-drill.mjs +203 -0
  145. package/scripts/audit-public-acceptance-handoff.mjs +142 -0
  146. package/scripts/audit-public-acceptance-readiness.mjs +224 -0
  147. package/scripts/audit-public-channel-publication.mjs +248 -0
  148. package/scripts/audit-public-ci-run.mjs +184 -0
  149. package/scripts/audit-public-collaboration-templates.mjs +98 -0
  150. package/scripts/audit-public-external-gate-probe.mjs +206 -0
  151. package/scripts/audit-public-release-checklist.mjs +133 -0
  152. package/scripts/audit-public-release-decision.mjs +201 -0
  153. package/scripts/audit-public-release-metadata.mjs +176 -0
  154. package/scripts/audit-public-repository-settings.mjs +237 -0
  155. package/scripts/audit-public-security-contact.mjs +171 -0
  156. package/scripts/audit-readme-docs.mjs +185 -0
  157. package/scripts/audit-recovery-readiness.mjs +98 -0
  158. package/scripts/audit-release-bundle.mjs +251 -0
  159. package/scripts/audit-release-owner-action-plan-drill.mjs +277 -0
  160. package/scripts/audit-release-owner-action-plan.mjs +164 -0
  161. package/scripts/audit-release-readiness.mjs +106 -0
  162. package/scripts/audit-release-status-manifest.mjs +165 -0
  163. package/scripts/audit-release-trust.mjs +62 -0
  164. package/scripts/audit-remote-distribution.mjs +266 -0
  165. package/scripts/audit-roadmap-consistency.mjs +235 -0
  166. package/scripts/audit-signing.mjs +147 -0
  167. package/scripts/audit-state-freshness.mjs +113 -0
  168. package/scripts/audit-target-adoption-evidence.mjs +117 -0
  169. package/scripts/audit-target-project.mjs +507 -0
  170. package/scripts/audit-update-release-acceptance.mjs +136 -0
  171. package/scripts/audit-v1-target-validation.mjs +269 -0
  172. package/scripts/audit-validation-profiles.mjs +125 -0
  173. package/scripts/close-change.mjs +116 -0
  174. package/scripts/discover-project-profile.mjs +307 -0
  175. package/scripts/forward-test-gse.mjs +146 -0
  176. package/scripts/generate-command-adapter.mjs +231 -0
  177. package/scripts/generate-final-acceptance-packet.mjs +181 -0
  178. package/scripts/generate-final-form-progress-report.mjs +205 -0
  179. package/scripts/generate-host-adapter.mjs +73 -0
  180. package/scripts/generate-host-runtime-evidence-handoff.mjs +206 -0
  181. package/scripts/generate-owner-external-gate-kit.mjs +295 -0
  182. package/scripts/generate-public-acceptance-handoff.mjs +168 -0
  183. package/scripts/generate-public-release-checklist.mjs +207 -0
  184. package/scripts/generate-release-bundle.mjs +505 -0
  185. package/scripts/generate-release-owner-action-plan.mjs +172 -0
  186. package/scripts/generate-release-status-manifest.mjs +200 -0
  187. package/scripts/generate-session-prompt.mjs +188 -0
  188. package/scripts/gse.mjs +67 -0
  189. package/scripts/init-change.mjs +265 -0
  190. package/scripts/init-project.mjs +785 -0
  191. package/scripts/install-gse.mjs +234 -0
  192. package/scripts/lib/evidence-placeholders.mjs +28 -0
  193. package/scripts/package-gse.mjs +174 -0
  194. package/scripts/probe-public-external-gates.mjs +167 -0
  195. package/scripts/record-host-invocation.mjs +151 -0
  196. package/scripts/record-learning.mjs +137 -0
  197. package/scripts/record-public-channel-publication.mjs +178 -0
  198. package/scripts/record-public-ci-run.mjs +180 -0
  199. package/scripts/record-public-release.mjs +175 -0
  200. package/scripts/record-public-repository-settings.mjs +209 -0
  201. package/scripts/record-public-security-contact.mjs +157 -0
  202. package/scripts/run-gse-command.mjs +538 -0
  203. package/scripts/run-validation-profile.mjs +146 -0
  204. package/scripts/sign-gse-package.mjs +83 -0
  205. package/scripts/update-project-state.mjs +223 -0
  206. package/scripts/validate-gse.mjs +1168 -0
  207. package/scripts/verify-gse-package.mjs +85 -0
@@ -0,0 +1,42 @@
1
+ # Host UI Invocation Record
2
+
3
+ Use this when a real host UI, slash-command runtime, command palette, plugin UI, or background-thread host invokes GSE.
4
+
5
+ ## Host
6
+
7
+ - Host name:
8
+ - Host version:
9
+ - Project:
10
+ - Adapter path:
11
+ - Invocation method:
12
+
13
+ ## Command
14
+
15
+ ```text
16
+ /gse help
17
+ ```
18
+
19
+ ## Result
20
+
21
+ - Status: result | verified | accepted | failed
22
+ - Started at:
23
+ - Finished at:
24
+ - Evidence owner:
25
+
26
+ ## Evidence
27
+
28
+ - Screenshot, transcript, thread id, terminal output, or host log:
29
+ - Files read by the host:
30
+ - Files written by the host:
31
+ - Verification command:
32
+
33
+ ## Boundaries
34
+
35
+ - Does this prove native slash-command support? true | false | unknown
36
+ - Does this prove portable text-command routing only? true | false | unknown
37
+ - Does this rely on a generated pointer file? true | false | unknown
38
+ - Does this require owner acceptance before being called trusted? true | false | unknown
39
+
40
+ ## Residual Risk
41
+
42
+ -
@@ -0,0 +1,60 @@
1
+ # Incident Review
2
+
3
+ ## Summary
4
+
5
+ - Incident title:
6
+ - Date/time range:
7
+ - Status: investigating | mitigated | resolved | follow-up
8
+ - Owner:
9
+ - Evidence status: result | verified | accepted
10
+
11
+ ## Impact
12
+
13
+ - Affected users/systems:
14
+ - Severity:
15
+ - User-visible symptoms:
16
+ - Data/security/privacy impact:
17
+ - Release or rollback impact:
18
+
19
+ ## Timeline
20
+
21
+ - Detected at:
22
+ - Mitigated at:
23
+ - Resolved at:
24
+ - Key events:
25
+
26
+ ## Root Cause
27
+
28
+ - Direct cause:
29
+ - Contributing factors:
30
+ - Why existing gates missed it:
31
+
32
+ ## What Detected It
33
+
34
+ - Signal, report, test, monitor, or user feedback:
35
+ - Detection gap:
36
+
37
+ ## Stabilization
38
+
39
+ - Immediate action taken:
40
+ - Rollback, revert, or mitigation:
41
+ - Verification that stabilization worked:
42
+
43
+ ## What Prevents Recurrence
44
+
45
+ - Prevention change:
46
+ - New or updated gate:
47
+ - Documentation, script, test, monitor, or ownership update:
48
+
49
+ ## Action Items
50
+
51
+ | Action | Owner | Evidence needed | Due | Status |
52
+ |---|---|---|---|---|
53
+ | | | | | |
54
+
55
+ ## Follow-Up Evidence
56
+
57
+ - Evidence log:
58
+ - Release/recovery record:
59
+ - Remaining risk:
60
+ - Next action:
@@ -0,0 +1,49 @@
1
+ # Public Channel Publication Record
2
+
3
+ Publication status: pending | accepted
4
+
5
+ Channel type: github-release | package-registry | marketplace | catalog | other
6
+
7
+ Channel name:
8
+
9
+ Channel URL:
10
+
11
+ Package or listing version:
12
+
13
+ Artifact digest:
14
+
15
+ Review or approval status:
16
+
17
+ Evidence owner:
18
+
19
+ Evidence date:
20
+
21
+ Evidence URL or run id:
22
+
23
+ ## Verification
24
+
25
+ Verification command:
26
+
27
+ Verification result:
28
+
29
+ ## Acceptance
30
+
31
+ Evidence status: pending | accepted
32
+
33
+ Accepted by:
34
+
35
+ Accepted at:
36
+
37
+ ## Boundaries
38
+
39
+ - Does this prove public registry publication? true | false | unknown
40
+ - Does this prove marketplace approval? true | false | unknown
41
+ - Does this prove installability from the channel? true | false | unknown
42
+
43
+ ## Residual Risk
44
+
45
+ -
46
+
47
+ ## Next Action
48
+
49
+ -
@@ -0,0 +1,53 @@
1
+ # Public CI Run Record
2
+
3
+ Repository URL:
4
+
5
+ Workflow name:
6
+
7
+ Workflow file:
8
+
9
+ Run URL:
10
+
11
+ Run status: pending | accepted
12
+
13
+ Run conclusion: pending | success | failure | cancelled | skipped | timed_out | unknown
14
+
15
+ Commit SHA:
16
+
17
+ Branch:
18
+
19
+ Required checks:
20
+
21
+ Evidence owner:
22
+
23
+ Evidence date:
24
+
25
+ Evidence URL or run id:
26
+
27
+ ## Verification
28
+
29
+ Verification command:
30
+
31
+ Verification result:
32
+
33
+ ## Acceptance
34
+
35
+ Evidence status: pending | accepted
36
+
37
+ Accepted by:
38
+
39
+ Accepted at:
40
+
41
+ ## Boundaries
42
+
43
+ - Does this prove a public CI run?
44
+ - Does this prove required checks passed?
45
+ - Does this prove the current release commit?
46
+
47
+ ## Residual Risk
48
+
49
+ -
50
+
51
+ ## Next Action
52
+
53
+ -
@@ -0,0 +1,65 @@
1
+ # Public Release Record
2
+
3
+ Release name:
4
+
5
+ Release version or label:
6
+
7
+ Release date:
8
+
9
+ Distribution channel:
10
+
11
+ Release scope:
12
+
13
+ ## License
14
+
15
+ License status: owner-required
16
+
17
+ SPDX identifier:
18
+
19
+ License file:
20
+
21
+ Approved by:
22
+
23
+ Decision date:
24
+
25
+ Notes:
26
+
27
+ ## Artifacts
28
+
29
+ Package or source path:
30
+
31
+ Changelog path:
32
+
33
+ Install/update instructions:
34
+
35
+ Integrity or signing record:
36
+
37
+ Marketplace/catalog record:
38
+
39
+ ## Verification
40
+
41
+ Validation command:
42
+
43
+ Validation result:
44
+
45
+ Focused smoke:
46
+
47
+ Acceptance evidence:
48
+
49
+ ## Risks
50
+
51
+ Known unsupported claims:
52
+
53
+ Known compatibility limits:
54
+
55
+ Rollback or unpublish path:
56
+
57
+ ## Acceptance
58
+
59
+ Evidence status: result
60
+
61
+ Accepted by:
62
+
63
+ Accepted at:
64
+
65
+ Next action:
@@ -0,0 +1,59 @@
1
+ # Public Repository Settings Record
2
+
3
+ Repository URL:
4
+
5
+ Default branch:
6
+
7
+ Visibility: public | private | internal | unknown
8
+
9
+ Settings status: pending | verified | accepted
10
+
11
+ Evidence owner:
12
+
13
+ Evidence date:
14
+
15
+ Evidence URL or run id:
16
+
17
+ ## Required Public Settings
18
+
19
+ - Issues enabled:
20
+ - Pull requests enabled:
21
+ - Discussions enabled:
22
+ - Security policy visible:
23
+ - Branch protection enabled:
24
+ - Required status checks enabled:
25
+ - Required checks:
26
+ - Require review before merge:
27
+ - Require conversation resolution:
28
+ - Restrict force pushes:
29
+ - Restrict deletions:
30
+
31
+ ## GSE-Specific Checks
32
+
33
+ - CI workflow path: `.github/workflows/validate-gse.yml`
34
+ - PR template path: `.github/PULL_REQUEST_TEMPLATE.md`
35
+ - Issue templates path: `.github/ISSUE_TEMPLATE/`
36
+ - Public release record path: `.gse/releases/public-release-owner-required.md`
37
+ - Final acceptance packet path: `.gse/acceptance/final-acceptance-packet.md`
38
+
39
+ ## Verification
40
+
41
+ Verification command:
42
+
43
+ Verification result:
44
+
45
+ ## Acceptance
46
+
47
+ Evidence status: pending | verified | accepted
48
+
49
+ Accepted by:
50
+
51
+ Accepted at:
52
+
53
+ ## Residual Risk
54
+
55
+ -
56
+
57
+ ## Next Action
58
+
59
+ -
@@ -0,0 +1,45 @@
1
+ # Public Security Contact Record
2
+
3
+ Contact status: pending | accepted
4
+
5
+ Contact type: email | url | github-security-advisory | other
6
+
7
+ Contact value:
8
+
9
+ Policy path: `SECURITY.md`
10
+
11
+ Evidence owner:
12
+
13
+ Evidence date:
14
+
15
+ Evidence URL or run id:
16
+
17
+ ## Public Disclosure Policy
18
+
19
+ - Is this contact public? true | false | unknown
20
+ - Security policy updated? true | false | unknown
21
+ - Private fallback channel:
22
+ - Response expectation:
23
+ - Embargo or disclosure notes:
24
+
25
+ ## Verification
26
+
27
+ Verification command:
28
+
29
+ Verification result:
30
+
31
+ ## Acceptance
32
+
33
+ Evidence status: pending | accepted
34
+
35
+ Accepted by:
36
+
37
+ Accepted at:
38
+
39
+ ## Residual Risk
40
+
41
+ -
42
+
43
+ ## Next Action
44
+
45
+ -
@@ -0,0 +1,32 @@
1
+ # Release Trust Record
2
+
3
+ Release label:
4
+ Package digest:
5
+ Public key fingerprint:
6
+ Signing algorithm: ed25519
7
+
8
+ ## Release Owner
9
+
10
+ Owner:
11
+ Accepted by:
12
+ Accepted at:
13
+
14
+ ## Key Custody
15
+
16
+ Private key location:
17
+ Signing environment:
18
+ Rotation policy:
19
+ Revocation path:
20
+
21
+ ## Verification
22
+
23
+ Package URL:
24
+ Public key URL or path:
25
+ Signature path:
26
+ Verification command:
27
+ Install command:
28
+
29
+ ## Residual Risk
30
+
31
+ ## Notes
32
+
@@ -0,0 +1,18 @@
1
+ # Review
2
+
3
+ ## Spec Compliance
4
+
5
+ ## Code Quality
6
+
7
+ ## Architecture / Ownership
8
+
9
+ ## Security / Privacy
10
+
11
+ ## Regression Risk
12
+
13
+ ## Evidence Review
14
+
15
+ ## Findings
16
+
17
+ ## Closure
18
+
@@ -0,0 +1,16 @@
1
+ # Spec
2
+
3
+ ## User Outcome
4
+
5
+ ## Behavior
6
+
7
+ ## State / Data Flow
8
+
9
+ ## Error and Recovery
10
+
11
+ ## Permissions and Privacy
12
+
13
+ ## Acceptance Criteria
14
+
15
+ ## Non-goals
16
+
@@ -0,0 +1,29 @@
1
+ # Target Project Adoption Evidence
2
+
3
+ Use this record when applying or testing GSE against a real target project without claiming broad certification.
4
+
5
+ ```text
6
+ Target project:
7
+ Adoption path: existing repo | fresh install | update existing GSE | host adapter | fresh session
8
+ Project rules read:
9
+ Files inspected:
10
+ Files changed:
11
+ Commands run:
12
+ Detected project type:
13
+ Detected package manager:
14
+ Detected scripts:
15
+ Host/tool statuses:
16
+ Evidence status: result | verified | accepted | not ready
17
+ Accepted by:
18
+ Residual risks:
19
+ Next action:
20
+ ```
21
+
22
+ ## Rules
23
+
24
+ - Use `Files changed: none` for read-only adoption evidence.
25
+ - Treat discovered commands, package scripts, config files, and host rules as `documented` until executed.
26
+ - Treat tool availability as `unknown` unless the tool was actually checked in the current project/session.
27
+ - Do not claim arbitrary real-repo certification from one target-project adoption record.
28
+ - Do not claim host runtime support, subagent support, browser support, MCP support, CI support, release publication, or owner acceptance without direct evidence.
29
+ - Keep `accepted` separate from `verified`; use `Accepted by: not accepted` unless a real acceptance gate ran.
@@ -0,0 +1,17 @@
1
+ # Tasks
2
+
3
+ ## Slice Plan
4
+
5
+ - [ ] Define outcome, scope, acceptance, evidence, risk, and next action.
6
+ - [ ] Locate existing patterns and ownership boundaries.
7
+ - [ ] Implement the smallest verifiable change.
8
+ - [ ] Run focused verification.
9
+ - [ ] Record evidence and residual risk.
10
+ - [ ] Update state, goal map, and handoff notes when relevant.
11
+
12
+ ## Non-Goals
13
+
14
+ ## Dependencies
15
+
16
+ ## Stop Conditions
17
+
@@ -0,0 +1,58 @@
1
+ # Update Or Release Acceptance Record
2
+
3
+ Use this in a project evidence log when a GSE update, workflow update, scaffold change, package release, or project release needs a compact acceptance record.
4
+
5
+ Keep the record short. Link to command output, CI, smoke reports, or evidence files instead of pasting long logs.
6
+
7
+ ```text
8
+ Record type: update | release | scaffold | adapter | incident hotfix
9
+ Project path:
10
+ Goal or slice:
11
+ Release label or change id:
12
+ Evidence status: result | verified | accepted | not ready
13
+
14
+ Local decisions preserved:
15
+ Files changed:
16
+ Files intentionally not changed:
17
+ Commands run:
18
+ Focused verification:
19
+ Compatibility evidence:
20
+ Migration notes:
21
+ Rollback notes:
22
+ Owner or acceptance gate:
23
+ Accepted by:
24
+ Residual risks:
25
+ Next action:
26
+ ```
27
+
28
+ ## Status Rules
29
+
30
+ - `result`: the update, release notes, scaffold, adapter, or record exists.
31
+ - `verified`: focused checks prove the affected behavior in the current environment, and residual risk is recorded.
32
+ - `accepted`: the required owner, release policy, CI gate, smoke gate, archive gate, or explicitly named acceptance policy has accepted the verified result.
33
+ - `not ready`: required evidence is missing, contradicted, or outside the current environment.
34
+
35
+ ## Anti-Overclaim Rules
36
+
37
+ - Do not mark `accepted` only because `validate-gse.mjs`, tests, lint, or a local smoke passed.
38
+ - Do not claim release publication, package install, production rollout, host runtime support, registry access, subagent support, MCP support, browser support, or owner approval unless the evidence names that gate.
39
+ - Keep unavailable or unverified tools as `unknown`, `documented`, or `unavailable`; do not convert them to `verified` through this record.
40
+ - If rollback is unknown, say `unknown`; do not infer rollback safety from file existence.
41
+ - If the user or release owner has not accepted a user-visible or irreversible change, write `Accepted by: not accepted`.
42
+
43
+ ## Minimal Examples
44
+
45
+ ```text
46
+ Evidence status: verified
47
+ Focused verification: node <skill>/scripts/validate-gse.mjs --root <skill> passed
48
+ Owner or acceptance gate: not required for internal template wording update
49
+ Accepted by: policy: Lite focused smoke policy
50
+ ```
51
+
52
+ ```text
53
+ Evidence status: verified
54
+ Focused verification: npm run smoke passed in target project
55
+ Owner or acceptance gate: release owner approval required
56
+ Accepted by: not accepted
57
+ Residual risks: production publish not executed; rollback not exercised
58
+ ```
@@ -0,0 +1,22 @@
1
+ # GSE Example Fixtures
2
+
3
+ These fixtures are intentionally small. They are project shapes for forward tests and future agents, not full applications.
4
+
5
+ Use `references/adoption-recipes.md` to map fixture behavior to fresh install, existing repo adoption, update, or host adapter adoption paths.
6
+
7
+ ## Fixtures
8
+
9
+ | Fixture | Shape | GSE workflows it can exercise |
10
+ |---|---|---|
11
+ | `small-app` | JavaScript/TypeScript app shape with package scripts, CI, Playwright config, and `.env.example` | bootstrap, project-profile discovery, quality gates, release evidence |
12
+ | `agent-runtime-host` | Agent-runtime product shape with `.gse/`, host adapter notes, MCP config placeholder, and runtime docs | host adapter, drift audit, recovery/handoff, tool/model status classification |
13
+ | `cli-tool` | JavaScript/TypeScript CLI package shape with `bin`, smoke, build, lint, typecheck, and package dry-run scripts | package adoption, command smoke evidence, release dry-run evidence, project-profile discovery |
14
+
15
+ ## Rules
16
+
17
+ - No secrets. Use `.env.example` with placeholder names only.
18
+ - No lockfiles, caches, screenshots, build outputs, or generated noise.
19
+ - Keep fixture files short enough for a future agent to inspect quickly.
20
+ - Treat config presence as documented, not verified, until a focused command is run.
21
+ - Use these fixtures for structural and fixture forward tests; do not claim fresh-session acceptance from fixture presence alone.
22
+ - Run `node scripts/audit-fixtures.mjs --root <gse-skill-root> --json` for the repeatable fixture smoke.
@@ -0,0 +1,6 @@
1
+ # Claude Code Adapter
2
+
3
+ Source of truth: `.gse/`.
4
+
5
+ - Commands and agents should point back to `.gse/` for goals, evidence, quality gates, and learning rules.
6
+ - Do not copy the goal map into this folder.
@@ -0,0 +1,7 @@
1
+ # Codex Adapter
2
+
3
+ Source of truth: `.gse/`.
4
+
5
+ - Read `.gse/project-profile.md` before using host-specific tools.
6
+ - Mark subagent, MCP, browser, and LSP capabilities as verified only after current-session evidence.
7
+ - Use `references/drift-audit.md` when adapter claims and current tools disagree.
@@ -0,0 +1,7 @@
1
+ # Goal Map
2
+
3
+ ## Current Focus
4
+
5
+ - Priority: P1
6
+ - Active slice: Verify host adapter and drift audit behavior.
7
+ - Next action: Inspect host adapter notes before claiming capabilities.
@@ -0,0 +1,27 @@
1
+ # Project Profile
2
+
3
+ ## Identity
4
+
5
+ - Product/system name: Example Runtime
6
+ - Repository type: agent-runtime product fixture
7
+ - Main languages/frameworks: TypeScript, Node.js
8
+
9
+ ## Tool Connections
10
+
11
+ | Tool | Purpose | Command/config | Status |
12
+ |---|---|---|---|
13
+ | MCP | external tools/data | `.mcp.json` | documented |
14
+ | Subagents | delegated work | host-specific | unknown |
15
+ | Browser | UI smoke | not configured | unknown |
16
+ | Model router | provider/model routing | docs/model-routing.md | documented |
17
+
18
+ ## Agent Host Adapters
19
+
20
+ - Codex: `.codex/gse-adapter.md` documented.
21
+ - Claude Code: `.claude/gse-adapter.md` documented.
22
+ - Other hosts: unknown.
23
+
24
+ ## Known Gotchas
25
+
26
+ - Config presence is documented, not verified.
27
+ - Drift audit is required before trusting old host capability claims.
@@ -0,0 +1,5 @@
1
+ # Tooling
2
+
3
+ - MCP config: documented by `.mcp.json`, not verified.
4
+ - Model routing docs: documented by `docs/model-routing.md`, not verified.
5
+ - Subagent capability: unknown until host tools are visible in the active session.
@@ -0,0 +1,9 @@
1
+ {
2
+ "mcpServers": {
3
+ "fixture-docs": {
4
+ "command": "node",
5
+ "args": ["scripts/fixture-mcp.js"],
6
+ "status": "documented-not-verified"
7
+ }
8
+ }
9
+ }
@@ -0,0 +1,5 @@
1
+ # Fixture Agent Runtime Rules
2
+
3
+ - Product identity in this fixture is `Example Runtime`; runtime internals are not user-facing product names.
4
+ - `.gse/` is the portable source of truth.
5
+ - Host folders are adapters and must not duplicate the goal map or evidence log.
@@ -0,0 +1,10 @@
1
+ # agent-runtime-host fixture
2
+
3
+ Purpose: representative agent-runtime product shape for host adapter, drift audit, recovery/handoff, and model/tool status tests.
4
+
5
+ Suggested checks:
6
+
7
+ - Inspect `.gse/project-profile.md` for host/tool status vocabulary.
8
+ - Inspect `.codex/gse-adapter.md` and `.claude/gse-adapter.md` for `.gse/` source-of-truth pointers.
9
+ - Run drift audit guidance against host capability claims and `.gse/tooling.md`.
10
+ - Confirm no runtime or subagent capability is marked verified without evidence.
@@ -0,0 +1,5 @@
1
+ # Model Routing Fixture
2
+
3
+ - Default model route: unknown until provider config is verified.
4
+ - Fallback policy: do not claim provider support from docs alone.
5
+ - Privacy: avoid sending secrets or raw internal traces to model providers.
@@ -0,0 +1,21 @@
1
+ # CLI Tool Project Profile
2
+
3
+ Status: fixture documentation only.
4
+
5
+ ## Identity
6
+
7
+ - Repository type: JavaScript/TypeScript CLI package.
8
+ - Primary interface: package `bin` command.
9
+ - User-visible risk: command output, exit codes, package install/update, and release notes.
10
+
11
+ ## Adoption Notes
12
+
13
+ - Preserve existing package scripts and release metadata.
14
+ - Treat `smoke`, `release:dry-run`, and `bin` entries as `documented` until executed.
15
+ - Keep package manager, registry, signing, and publish permissions as `unknown` unless checked in the target project.
16
+
17
+ ## Suggested Evidence
18
+
19
+ - Profile discovery result from `scripts/discover-project-profile.mjs`.
20
+ - Focused CLI smoke such as `npm run smoke` or project equivalent.
21
+ - Package dry-run evidence such as `npm pack --dry-run` when release scope is involved.