@windyroad/risk-scorer 0.5.0-preview.270 → 0.5.0-preview.273

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +19 -0
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -51,6 +51,7 @@ This creates a `RISK-POLICY.md` tailored to your project, defining impact levels
51
51
  | `wip-risk-mark.sh` | After edit | Records WIP risk assessment |
52
52
  | `risk-score-mark.sh` | Agent completes | Marks risk review as done; writes external-comms marker on `wr-risk-scorer:external-comms` PASS |
53
53
  | `risk-hash-refresh.sh` | After Bash | Refreshes content hashes |
54
+ | `risk-slide-marker.sh` | Agent or Bash | Slides the review marker forward across non-edit operations so an active review session is not invalidated by intervening Bash or sub-agent calls |
54
55
 
55
56
  ## Agents
56
57
 
@@ -106,6 +107,24 @@ The canonical hook lives at `packages/shared/hooks/external-comms-gate.sh` and
106
107
  is synced into each consumer plugin via `scripts/sync-external-comms-gate.sh`
107
108
  per ADR-017 (CI runs `npm run check:external-comms-gate` to detect drift).
108
109
 
110
+ ## Jobs to be Done
111
+
112
+ This plugin serves the [Jobs to be Done](../../docs/jtbd/) below. Per [ADR-051](../../docs/decisions/051-jtbd-anchored-readme-with-drift-advisory.proposed.md), the persona-grouped JTBD anchor is the canonical source of truth for the README's value framing.
113
+
114
+ ### Tech lead / consultant
115
+
116
+ - **[JTBD-202 Run Pre-Flight Governance Checks Before Release or Handover](../../docs/jtbd/tech-lead/JTBD-202-pre-flight-governance-check.proposed.md)** — `/wr-risk-scorer:assess-release` produces a structured release-readiness score (commit, push, release layers) that is attachable to a release note or handover doc.
117
+
118
+ ### Solo developer
119
+
120
+ - **[JTBD-001 Enforce Governance Without Slowing Down](../../docs/jtbd/solo-developer/JTBD-001-enforce-governance.proposed.md)** — pipeline risk is scored on every edit, commit, and push without manual invocation; secret-leak detection runs in the same gate.
121
+ - **[JTBD-002 Ship AI-Assisted Code with Confidence](../../docs/jtbd/solo-developer/JTBD-002-ship-with-confidence.proposed.md)** — every release passes through ISO 31000-aligned criteria defined in the project's own `RISK-POLICY.md` so the safety bar is the team's, not the agent's.
122
+ - **[JTBD-005 Invoke Governance Assessments On Demand](../../docs/jtbd/solo-developer/JTBD-005-assess-on-demand.proposed.md)** — `/wr-risk-scorer:assess-wip`, `assess-release`, and `assess-external-comms` give an on-demand assessment surface outside the hook gate cycle.
123
+
124
+ ### Plugin user
125
+
126
+ - **[JTBD-302 Trust That the README Describes the Plugin I Just Installed](../../docs/jtbd/plugin-user/JTBD-302-trust-readme-describes-installed-behaviour.proposed.md)** — this README is anchored on current JTBD job IDs; drift between prose and shipped behaviour is detectable at retro time per ADR-051.
127
+
109
128
  ## Updating and Uninstalling
110
129
 
111
130
  ```bash
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@windyroad/risk-scorer",
3
- "version": "0.5.0-preview.270",
3
+ "version": "0.5.0-preview.273",
4
4
  "description": "Pipeline risk scoring, commit/push gates, and secret leak detection",
5
5
  "bin": {
6
6
  "windyroad-risk-scorer": "./bin/install.mjs"