@urielsh/prodify 0.1.0

package/.prodify/skills/quality-policy/security-hardening.skill.json

@@ -0,0 +1,32 @@
+{
+  "schema_version": "1",
+  "id": "security-hardening",
+  "name": "Security Hardening",
+  "version": "1.0.0",
+  "category": "quality-policy",
+  "description": "Applies explicit scrutiny when the repository has exposed surfaces or dependency risk signals.",
+  "intended_use": [
+    "Use in diagnose and validate when risk signals suggest stronger security review."
+  ],
+  "stage_compatibility": [
+    "diagnose",
+    "validate"
+  ],
+  "activation_conditions": [
+    {
+      "all": [
+        {
+          "fact": "risk_signal",
+          "includes": "external-dependencies"
+        }
+      ]
+    }
+  ],
+  "execution_guidance": [
+    "Check exposed command or network surfaces before declaring validation success.",
+    "Treat dependency-driven risk as additive evidence, not a blocker by itself."
+  ],
+  "caution_guidance": [
+    "Do not infer a security defect without repository evidence."
+  ]
+}

package/.prodify/skills/quality-policy/test-hardening.skill.json

@@ -0,0 +1,23 @@
+{
+  "schema_version": "1",
+  "id": "test-hardening",
+  "name": "Test Hardening",
+  "version": "1.0.0",
+  "category": "quality-policy",
+  "description": "Improves confidence through regression-focused test additions or validation checks.",
+  "intended_use": [
+    "Use in refactor and validate when executable checks should be strengthened."
+  ],
+  "stage_compatibility": [
+    "refactor",
+    "validate"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Add or strengthen tests around the selected behavior change boundary.",
+    "Prefer deterministic assertions over snapshot-like broad checks."
+  ],
+  "caution_guidance": [
+    "Do not add unrelated test churn outside the selected step."
+  ]
+}

package/.prodify/skills/registry.json

@@ -0,0 +1,16 @@
+{
+  "schema_version": "1",
+  "skills": [
+    "domain/react-frontend.skill.json",
+    "domain/typescript-backend.skill.json",
+    "quality-policy/maintainability-review.skill.json",
+    "quality-policy/security-hardening.skill.json",
+    "quality-policy/test-hardening.skill.json",
+    "stage-method/architecture-method.skill.json",
+    "stage-method/codebase-scanning.skill.json",
+    "stage-method/diagnosis-method.skill.json",
+    "stage-method/planning-method.skill.json",
+    "stage-method/refactoring-method.skill.json",
+    "stage-method/validation-method.skill.json"
+  ]
+}

package/.prodify/skills/stage-method/architecture-method.skill.json

@@ -0,0 +1,22 @@
+{
+  "schema_version": "1",
+  "id": "architecture-method",
+  "name": "Architecture Method",
+  "version": "1.0.0",
+  "category": "stage-method",
+  "description": "Focuses architecture work on boundaries, dependency direction, and modular responsibility splits.",
+  "intended_use": [
+    "Use during architecture to propose structural changes that preserve the contract model."
+  ],
+  "stage_compatibility": [
+    "architecture"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Describe boundaries before proposing new modules or layers.",
+    "Flag mixed concerns and outward domain dependencies explicitly."
+  ],
+  "caution_guidance": [
+    "Do not treat architecture guidance as permission to rewrite unrelated code."
+  ]
+}

package/.prodify/skills/stage-method/codebase-scanning.skill.json

@@ -0,0 +1,22 @@
+{
+  "schema_version": "1",
+  "id": "codebase-scanning",
+  "name": "Codebase Scanning",
+  "version": "1.0.0",
+  "category": "stage-method",
+  "description": "Guides the understand stage toward deterministic inventory, dependency, and ownership mapping.",
+  "intended_use": [
+    "Use during understand to scan the repository surface before drawing conclusions."
+  ],
+  "stage_compatibility": [
+    "understand"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Inventory verified files and directories before summarizing the repository.",
+    "Prefer direct evidence over inferred structure."
+  ],
+  "caution_guidance": [
+    "Do not speculate about missing modules or undocumented ownership."
+  ]
+}

package/.prodify/skills/stage-method/diagnosis-method.skill.json

@@ -0,0 +1,22 @@
+{
+  "schema_version": "1",
+  "id": "diagnosis-method",
+  "name": "Diagnosis Method",
+  "version": "1.0.0",
+  "category": "stage-method",
+  "description": "Keeps diagnosis anchored to observed evidence, root causes, and production-readiness risks.",
+  "intended_use": [
+    "Use during diagnose to separate symptoms, causes, and unsupported claims."
+  ],
+  "stage_compatibility": [
+    "diagnose"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Tie every issue to observable evidence.",
+    "Separate root causes from downstream symptoms."
+  ],
+  "caution_guidance": [
+    "Do not prescribe implementation changes in the diagnosis stage."
+  ]
+}

package/.prodify/skills/stage-method/planning-method.skill.json

@@ -0,0 +1,22 @@
+{
+  "schema_version": "1",
+  "id": "planning-method",
+  "name": "Planning Method",
+  "version": "1.0.0",
+  "category": "stage-method",
+  "description": "Shapes implementation plans into bounded, testable, behavior-preserving steps.",
+  "intended_use": [
+    "Use during plan to convert diagnosis and architecture outputs into ordered steps."
+  ],
+  "stage_compatibility": [
+    "plan"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Keep steps small, testable, and directly linked to diagnosed issues.",
+    "Call out guardrails when behavior must remain stable."
+  ],
+  "caution_guidance": [
+    "Do not introduce implementation detail that belongs in refactor."
+  ]
+}

package/.prodify/skills/stage-method/refactoring-method.skill.json

@@ -0,0 +1,22 @@
+{
+  "schema_version": "1",
+  "id": "refactoring-method",
+  "name": "Refactoring Method",
+  "version": "1.0.0",
+  "category": "stage-method",
+  "description": "Keeps refactor work bounded to a single selected step with minimal diff discipline.",
+  "intended_use": [
+    "Use during refactor when implementing one approved plan step."
+  ],
+  "stage_compatibility": [
+    "refactor"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Implement one planned step at a time.",
+    "Preserve behavior unless the plan explicitly authorizes a change."
+  ],
+  "caution_guidance": [
+    "Do not expand the edit set beyond the selected step."
+  ]
+}

package/.prodify/skills/stage-method/validation-method.skill.json

@@ -0,0 +1,22 @@
+{
+  "schema_version": "1",
+  "id": "validation-method",
+  "name": "Validation Method",
+  "version": "1.0.0",
+  "category": "stage-method",
+  "description": "Ensures validation checks regressions, contract conformance, and structural improvements explicitly.",
+  "intended_use": [
+    "Use during validate to assess pass or fail after refactor work."
+  ],
+  "stage_compatibility": [
+    "validate"
+  ],
+  "activation_conditions": [],
+  "execution_guidance": [
+    "Check contract conformance before interpreting broader quality signals.",
+    "Record regressions and architecture violations explicitly."
+  ],
+  "caution_guidance": [
+    "Do not treat validation as optional after refactor."
+  ]
+}

package/.prodify/state.json

@@ -0,0 +1,30 @@
+{
+  "schema_version": "2",
+  "preset_name": "default",
+  "preset_version": "4.0.0",
+  "runtime": {
+    "status": "not_bootstrapped",
+    "current_state": "not_bootstrapped",
+    "mode": null,
+    "current_stage": null,
+    "current_task_id": null,
+    "pending_stage": null,
+    "completed_stages": [],
+    "awaiting_user_validation": false,
+    "last_validation_result": "unknown",
+    "last_validation": null,
+    "last_validated_contract_versions": {},
+    "resumable": false,
+    "blocked_reason": null,
+    "failure_metadata": null,
+    "bootstrap": {
+      "bootstrapped": false
+    },
+    "next_action": "$prodify-init",
+    "timestamps": {
+      "bootstrapped_at": null,
+      "last_transition_at": null,
+      "completed_at": null
+    }
+  }
+}

package/.prodify/tasks/01-understand.md

@@ -0,0 +1,83 @@
+---
+task_id: 01-understand
+reads: []
+writes:
+  - .prodify/artifacts/01-understand.md
+next_task: 02-diagnose
+mode: analysis
+---
+# Task 01 — Understand: Repository Architectural Orientation
+
+## Goal
+Transform a raw repository into a machine-parseable architectural map.
+
+## Scope
+Survey the repository structure conservatively and produce an evidence-based orientation artifact without modifying source code.
+
+## Inputs
+- Absolute path to repository root
+
+## Execution Instructions
+1. **Scan boundaries**
+   - Execute a shallow scan of the repository first.
+   - Read `.gitignore` to establish the scope of valid source files.
+   - Exclude generated, vendored, cache, and build-output directories unless explicitly needed.
+
+2. **Tech stack detection**
+   - Locate ecosystem marker files such as:
+     - `package.json`
+     - `pyproject.toml`
+     - `go.mod`
+     - `Cargo.toml`
+     - `*.csproj`
+     - `pom.xml`
+   - Infer primary languages, frameworks, package managers, and runtime environment.
+
+3. **Entry point discovery**
+   - Search for standard startup patterns such as:
+     - `main.ts`, `index.ts`
+     - `app.py`, `main.py`
+     - `Program.cs`
+     - framework-specific bootstraps
+   - Record all likely entry points, and label confidence when ambiguous.
+
+4. **Monorepo identification**
+   - Check for markers such as:
+     - `nx.json`
+     - `turbo.json`
+     - `pnpm-workspace.yaml`
+     - `lerna.json`
+     - workspace definitions in root manifests
+   - If found, recursively map sub-projects and package boundaries.
+
+5. **Module mapping**
+   - Identify high-internal-cohesion directories such as:
+     - `src/services`
+     - `lib/core`
+     - `apps/*`
+     - `packages/*`
+   - For each major module, infer:
+     - purpose
+     - responsibility
+     - approximate boundary
+
+6. **Output discipline**
+   - Be conservative.
+   - Do not invent structure that is not supported by repository evidence.
+   - Mark uncertainty explicitly.
+   - MUST NOT modify source code.
+
+## Output Specification
+Use `.prodify/templates/01-understand.template.md` and fill every section explicitly. Do not substitute a freeform structure.
+
+## Failure Conditions
+- MUST STOP if the repository root cannot be read.
+- MUST STOP if required repository evidence cannot be inspected safely.
+- MUST STOP if the output cannot be produced in `.prodify/templates/01-understand.template.md`.
+- MUST NOT modify source code.
+
+## Definition of Done
+- The repository has a clear, evidence-based orientation map.
+- Likely entry points are identified.
+- Major modules and monorepo boundaries are captured.
+- No code changes are made.

package/.prodify/tasks/02-diagnose.md

@@ -0,0 +1,67 @@
+---
+task_id: 02-diagnose
+reads:
+  - .prodify/artifacts/01-understand.md
+writes:
+  - .prodify/artifacts/02-diagnose.md
+next_task: 03-architecture
+mode: analysis
+---
+# Task 02 — Diagnose: Health and Risk Assessment
+
+## Goal
+Detect technical debt, architectural erosion, and reliability risks.
+
+## Scope
+Review the repository areas mapped in Task 01 and produce a concrete diagnostic snapshot without modifying source code.
+
+## Inputs
+- `.prodify/artifacts/01-understand.md`
+- read access to the mapped modules and entrypoints
+
+## Execution Instructions
+1. **Target selection**
+   - Prioritize core modules identified in Task 01.
+   - Focus first on high-centrality modules, entry points, and shared infrastructure.
+
+2. **Structural audit**
+   - Detect circular dependencies or import cycles.
+   - Detect mixed concerns, such as:
+     - SQL inside view or UI files
+     - business logic inside controllers or routes
+     - infrastructure details leaking into domain logic
+
+3. **Code smell detection**
+   - Identify functions longer than 50 lines.
+   - Identify files longer than 500 lines.
+   - Call out excessive branching, duplicated logic, and naming inconsistency when clearly supported.
+
+4. **Reliability check**
+   - Find I/O operations lacking explicit error handling.
+   - Look for missing `try/catch`, missing result handling, or unsafe fall-through behavior.
+   - Highlight unvalidated input at critical boundaries.
+
+5. **Vibe signal check**
+   - Detect dense clusters of `TODO`, `FIXME`, or `HACK`.
+   - Detect unreachable code, obviously dead code, or abandoned stubs.
+   - Note inconsistent naming or contradictory patterns across similar modules.
+
+6. **Severity discipline**
+   - Only elevate issues to critical when they materially affect correctness, operability, or architectural integrity.
+   - Prefer signal over noise.
+   - MUST NOT modify source code.
+
+## Output Specification
+Use `.prodify/templates/02-diagnose.template.md` and fill every section explicitly. Do not substitute a freeform structure.
+
+## Failure Conditions
+- MUST STOP if `.prodify/artifacts/01-understand.md` is missing.
+- MUST STOP if the mapped repository areas cannot be inspected.
+- MUST STOP if the output cannot be produced in `.prodify/templates/02-diagnose.template.md`.
+- MUST NOT modify source code.
+
+## Definition of Done
+- The codebase has a concrete health snapshot.
+- Critical issues are tied to specific files.
+- Reliability risks are explicitly listed.
+- No fixes or refactors are proposed yet.

package/.prodify/tasks/03-architecture.md

@@ -0,0 +1,70 @@
+---
+task_id: 03-architecture
+reads:
+  - .prodify/artifacts/01-understand.md
+  - .prodify/artifacts/02-diagnose.md
+writes:
+  - .prodify/artifacts/03-architecture.md
+next_task: 04-plan
+mode: analysis
+---
+# Task 03 — Architecture: Strategic Alignment
+
+## Goal
+Define the target architecture and identify structural gaps against the current repository.
+
+## Scope
+Use the outputs of Tasks 01 and 02 to define a grounded architecture target and explicit structural violations without modifying source code.
+
+## Inputs
+- `.prodify/artifacts/01-understand.md`
+- `.prodify/artifacts/02-diagnose.md`
+
+## Execution Instructions
+1. **Pattern detection**
+   - Classify the current architecture style as one of:
+     - Layered
+     - MVC
+     - Hexagonal / Clean
+     - Vibe Architecture
+   - Include a confidence score from `0.0` to `1.0`.
+
+2. **North Star design**
+   - Define a target **Modular Clean Architecture** composed of four layers:
+     - Domain
+     - Application
+     - Infrastructure
+     - Interface
+   - Tailor the recommendation to the actual tech stack and project type.
+
+3. **Dependency mapping**
+   - Mandate that dependencies point inward toward the Domain.
+   - Explicitly define which layers may depend on which.
+
+4. **Gap analysis**
+   - Identify places where:
+     - dependencies point outward
+     - layers are skipped
+     - responsibilities are mixed
+     - modules violate boundary expectations
+
+5. **Decision quality**
+   - Be opinionated, but ground all decisions in repository evidence.
+   - Do not choose a target style that the project cannot reasonably evolve toward.
+   - MUST NOT modify source code.
+
+## Output Specification
+Use `.prodify/templates/03-architecture.template.md` and fill every section explicitly. Do not substitute a freeform structure.
+
+## Failure Conditions
+- MUST STOP if `.prodify/artifacts/01-understand.md` is missing.
+- MUST STOP if `.prodify/artifacts/02-diagnose.md` is missing.
+- MUST STOP if the target architecture cannot be grounded in repository evidence.
+- MUST STOP if the output cannot be produced in `.prodify/templates/03-architecture.template.md`.
+- MUST NOT modify source code.
+
+## Definition of Done
+- The current architecture is classified with confidence.
+- The target architecture is clearly defined.
+- Dependency rules are explicit.
+- Structural violations are listed with concrete locations.

package/.prodify/tasks/04-plan.md

@@ -0,0 +1,71 @@
+---
+task_id: 04-plan
+reads:
+  - .prodify/artifacts/02-diagnose.md
+  - .prodify/artifacts/03-architecture.md
+writes:
+  - .prodify/artifacts/04-plan.md
+next_task: 05-refactor
+mode: planning
+---
+# Task 04 — Plan: Actionable Refactoring Strategy
+
+## Goal
+Decompose architectural shifts into atomic, testable increments.
+
+## Scope
+Turn the diagnosis and architecture outputs into a deterministic refactor plan that can be executed one step at a time without modifying source code.
+
+## Inputs
+- `.prodify/artifacts/02-diagnose.md`
+- `.prodify/artifacts/03-architecture.md`
+
+## Execution Instructions
+1. **Phase sequencing**
+   - Order the refactor into phases:
+     1. Hygiene (rename, isolate, add safety checks)
+     2. Peripheral systems (logging, notifications, integrations)
+     3. Core domain restructuring
+     4. Cleanup and consolidation
+
+2. **Atomicity**
+   - Each step must be small enough to execute independently.
+   - Each step must leave the codebase in a buildable state.
+
+3. **Risk weighting**
+   - Assign risk weights:
+     - Low = 1
+     - Med = 3
+     - High = 10
+   - Use these to estimate effort and execution difficulty.
+
+4. **Verification design**
+   - Define a concrete validation command for every step, such as:
+     - `npm test`
+     - `npm run build`
+     - `pytest`
+     - `dotnet test`
+
+5. **Planning discipline**
+   - Prefer safe sequencing over aggressive optimization.
+   - Avoid steps that combine unrelated concerns.
+   - Make sure the plan can be executed one step at a time by an autonomous coding agent.
+   - Every step block MUST use the exact repeated structure required by `.prodify/templates/04-plan.template.md`.
+   - Every step MUST have a stable step ID and `Status: pending`.
+   - MUST NOT modify source code.
+
+## Output Specification
+Use `.prodify/templates/04-plan.template.md` and fill every section explicitly. Do not substitute a freeform structure.
+
+## Failure Conditions
+- MUST STOP if `.prodify/artifacts/02-diagnose.md` is missing.
+- MUST STOP if `.prodify/artifacts/03-architecture.md` is missing.
+- MUST STOP if any plan step is ambiguous, combines unrelated concerns, or cannot be executed independently.
+- MUST STOP if the output cannot be produced in `.prodify/templates/04-plan.template.md`.
+- MUST NOT modify source code.
+
+## Definition of Done
+- The codebase has an ordered, atomic refactor plan.
+- Every step is independently executable.
+- Risk is assigned per step.
+- Validation expectations are explicit.

package/.prodify/tasks/05-refactor.md

@@ -0,0 +1,61 @@
+---
+task_id: 05-refactor
+reads:
+  - .prodify/artifacts/04-plan.md
+writes:
+  - .prodify/artifacts/05-refactor.md
+next_task: 06-validate
+mode: execution
+---
+# Task 05 — Refactor: Controlled Step Execution
+
+## Goal
+Surgically implement exactly one atomic refactoring step.
+
+## Scope
+Execute one selected step from `04-plan.md`, update only the necessary source files for that step, and summarize the exact implementation result.
+
+## Inputs
+- `.prodify/artifacts/04-plan.md`
+- one selected step from the fixed step structure
+- the target source files named by that selected step
+
+## Execution Instructions
+1. **Isolation**
+   - Read only the files specified by the selected plan step, unless a dependency is strictly required.
+   - Do not widen scope without documenting why.
+
+2. **Behavior preservation**
+   - Improve structure without changing external API behavior unless the selected step explicitly requires it.
+   - Preserve public contracts, side effects, and expected execution flow.
+
+3. **Standard compliance**
+   - Follow naming conventions, error handling style, and code organization patterns discovered in Task 01.
+   - Prefer consistency with the project over personal preference.
+
+4. **Diff minimization**
+   - Prefer surgical block updates over whole-file rewrites.
+   - Avoid opportunistic cleanup unrelated to the selected step.
+
+5. **Execution discipline**
+   - Implement one plan step only.
+   - Summarize exactly what changed and why.
+   - MUST execute exactly one selected refactor step.
+   - MUST NOT modify unrelated files.
+   - MUST STOP if the selected step is ambiguous, missing, malformed, or combines unrelated concerns.
+
+## Output Specification
+Use `.prodify/templates/05-refactor.template.md` and fill every section explicitly. Do not substitute a freeform structure for the summary artifact.
+
+## Failure Conditions
+- MUST STOP if `.prodify/artifacts/04-plan.md` is missing.
+- MUST STOP if no single selected step can be resolved safely from the plan.
+- MUST STOP if execution would require widening scope to unrelated files.
+- MUST STOP if the output cannot be produced in `.prodify/templates/05-refactor.template.md`.
+- MUST NOT modify unrelated files.
+
+## Definition of Done
+- Exactly one plan step is implemented.
+- Only necessary files are changed.
+- The diff is minimal and traceable to the selected step.
+- Changes preserve behavior unless otherwise required.

package/.prodify/tasks/06-validate.md

@@ -0,0 +1,69 @@
+---
+task_id: 06-validate
+reads:
+  - .prodify/artifacts/03-architecture.md
+  - .prodify/artifacts/04-plan.md
+  - .prodify/artifacts/05-refactor.md
+writes:
+  - .prodify/artifacts/06-validate.md
+next_task: 05-refactor
+mode: validation
+---
+# Task 06 — Validate: Production Readiness Audit
+
+## Goal
+Rigorously audit the refactored code against the declared architecture and plan.
+
+## Scope
+Validate the most recently executed refactor step using the current source files and the required runtime artifacts, without modifying source code.
+
+## Inputs
+- `.prodify/artifacts/03-architecture.md`
+- `.prodify/artifacts/04-plan.md`
+- `.prodify/artifacts/05-refactor.md`
+- current source files affected by the selected step
+
+## Execution Instructions
+1. **Architectural check**
+   - Verify adherence to the layer boundaries defined in Task 03.
+   - Call out every remaining boundary violation.
+
+2. **Dependency audit**
+   - Run or simulate cycle detection to confirm zero circular dependencies remain where applicable.
+   - Highlight any regressions.
+
+3. **Quality scoring**
+   - Grade the system from `0-100` across:
+     - Architecture
+     - Maintainability
+     - Reliability
+     - Testability
+
+4. **Regression check**
+   - Identify any new issues introduced after refactoring that were not present in the original Task 02 results.
+
+5. **Validation discipline**
+   - Be strict.
+   - Prefer evidence-based failure over optimistic passing.
+   - Recommend rerunning earlier steps when the result is not production ready.
+   - MUST run after Task 05 for the same selected step.
+   - MUST explicitly report PASS or FAIL.
+   - MUST NOT modify source code.
+
+## Output Specification
+Use `.prodify/templates/06-validate.template.md` and fill every section explicitly. Do not substitute a freeform structure.
+
+## Failure Conditions
+- MUST STOP if `.prodify/artifacts/03-architecture.md` is missing.
+- MUST STOP if `.prodify/artifacts/04-plan.md` is missing.
+- MUST STOP if `.prodify/artifacts/05-refactor.md` is missing.
+- MUST STOP if Task 05 context for the selected step is missing or ambiguous.
+- MUST STOP if a PASS or FAIL verdict cannot be supported by evidence.
+- MUST STOP if the output cannot be produced in `.prodify/templates/06-validate.template.md`.
+- MUST NOT modify source code.
+
+## Definition of Done
+- The refactored code has a strict readiness verdict.
+- Category scores are provided.
+- Remaining issues and regressions are clearly listed.
+- The report explicitly states PASS or FAIL.

package/.prodify/tasks/README.md

@@ -0,0 +1,3 @@
+# Prodify Tasks
+
+This directory is reserved for task-scoped runtime artifacts and deterministic task definitions when a repository extends the default flow.