@wrongstack/core 0.148.0 → 0.236.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{agent-bridge-r9y6gdn4.d.ts → agent-bridge-Cimv7bK7.d.ts} +1 -1
- package/dist/{agent-subagent-runner-1GeQE_L0.d.ts → agent-subagent-runner-C658wj_c.d.ts} +9 -8
- package/dist/{brain-Cp_3GIS2.d.ts → brain-sCZ3lCjq.d.ts} +28 -2
- package/dist/{compactor-BueGt7LG.d.ts → compactor-BRfg3QPd.d.ts} +1 -1
- package/dist/{config-BaVThgnT.d.ts → config-Koq6f3fs.d.ts} +2 -2
- package/dist/{context-C7G_MtLV.d.ts → context-CLz3z_E8.d.ts} +126 -2
- package/dist/coordination/index.d.ts +70 -13
- package/dist/coordination/index.js +2126 -151
- package/dist/coordination/index.js.map +1 -1
- package/dist/defaults/index.d.ts +27 -27
- package/dist/defaults/index.js +1328 -354
- package/dist/defaults/index.js.map +1 -1
- package/dist/execution/index.d.ts +45 -16
- package/dist/execution/index.js +367 -59
- package/dist/execution/index.js.map +1 -1
- package/dist/execution/prompt-enhancer.d.ts +86 -0
- package/dist/execution/prompt-enhancer.js +125 -0
- package/dist/execution/prompt-enhancer.js.map +1 -0
- package/dist/extension/index.d.ts +6 -6
- package/dist/extension/index.js +3 -1
- package/dist/extension/index.js.map +1 -1
- package/dist/{goal-preamble-CYJLg0wk.d.ts → goal-preamble-CnbzyVvl.d.ts} +19 -10
- package/dist/{index-BZdezm3g.d.ts → index-BlMqh5GO.d.ts} +8 -8
- package/dist/{index-CPweVoFM.d.ts → index-C2eSNPsB.d.ts} +7 -5
- package/dist/index.d.ts +439 -129
- package/dist/index.js +5206 -905
- package/dist/index.js.map +1 -1
- package/dist/infrastructure/index.d.ts +7 -7
- package/dist/infrastructure/index.js +72 -15
- package/dist/infrastructure/index.js.map +1 -1
- package/dist/kernel/index.d.ts +9 -9
- package/dist/kernel/index.js +7 -1
- package/dist/kernel/index.js.map +1 -1
- package/dist/{llm-selector-CP72f1lC.d.ts → llm-selector-D22R4AFz.d.ts} +2 -2
- package/dist/logger-DmmQhf4P.d.ts +65 -0
- package/dist/{mcp-servers-Bl5LTvQg.d.ts → mcp-servers-DFbirBv6.d.ts} +11 -4
- package/dist/models/index.d.ts +5 -5
- package/dist/models/index.js +89 -9
- package/dist/models/index.js.map +1 -1
- package/dist/{models-registry-D90K9UnM.d.ts → models-registry-CnJRjTXc.d.ts} +1 -1
- package/dist/{multi-agent-coordinator-QWEzJDlm.d.ts → multi-agent-coordinator-60weDZoA.d.ts} +8 -8
- package/dist/{null-fleet-bus-BUyfqh23.d.ts → null-fleet-bus-1068dEnr.d.ts} +7 -7
- package/dist/observability/index.d.ts +2 -2
- package/dist/package-outdated-watcher-pzJ5w7y8.d.ts +560 -0
- package/dist/{parallel-eternal-engine-C75QuhAI.d.ts → parallel-eternal-engine-DtG1fjc9.d.ts} +13 -9
- package/dist/{path-resolver-DRjQBkoO.d.ts → path-resolver-CA1ULU0J.d.ts} +3 -3
- package/dist/{permission-B7nKnEvQ.d.ts → permission-DbWPbuoA.d.ts} +1 -1
- package/dist/{permission-policy-8-6zBmfA.d.ts → permission-policy-AOk0LVsV.d.ts} +2 -2
- package/dist/pipeline-DsmlwTXu.d.ts +493 -0
- package/dist/{plan-templates-CkKNPU3I.d.ts → plan-templates-DPABrDvy.d.ts} +19 -8
- package/dist/{provider-runner-BNpuIyOL.d.ts → provider-runner-D0HgUqwV.d.ts} +3 -3
- package/dist/{retry-policy-rutAfVeR.d.ts → retry-policy-BVnkbMET.d.ts} +1 -1
- package/dist/sdd/index.d.ts +8 -8
- package/dist/sdd/index.js +358 -85
- package/dist/sdd/index.js.map +1 -1
- package/dist/{secret-vault-DoISxaKO.d.ts → secret-vault-BJDY28ev.d.ts} +7 -1
- package/dist/{secret-vault-BTcC_T5v.d.ts → secret-vault-CeVNiy_f.d.ts} +4 -3
- package/dist/security/index.d.ts +6 -5
- package/dist/security/index.js +214 -35
- package/dist/security/index.js.map +1 -1
- package/dist/{selector-4vDFZKt3.d.ts → selector-Cb4_9-hf.d.ts} +1 -1
- package/dist/{session-event-bridge-DWlvglC2.d.ts → session-event-bridge-BhtkkFFy.d.ts} +4 -2
- package/dist/{session-reader-BAtCxdaw.d.ts → session-reader-CCOssnBS.d.ts} +1 -1
- package/dist/skills/index.js +171 -21
- package/dist/skills/index.js.map +1 -1
- package/dist/storage/index.d.ts +151 -13
- package/dist/storage/index.js +1117 -256
- package/dist/storage/index.js.map +1 -1
- package/dist/types/index.d.ts +68 -21
- package/dist/types/index.js +616 -74
- package/dist/types/index.js.map +1 -1
- package/dist/utils/expect-defined.js +3 -1
- package/dist/utils/expect-defined.js.map +1 -1
- package/dist/utils/index.d.ts +80 -4
- package/dist/utils/index.js +100 -15
- package/dist/utils/index.js.map +1 -1
- package/dist/{wstack-paths-DD50Omgn.d.ts → wstack-paths-CJjEwPXn.d.ts} +14 -1
- package/package.json +7 -3
- package/skills/chimera/SKILL.md +105 -0
- package/skills/research-web/SKILL.md +342 -0
- package/dist/logger-B9J5puGM.d.ts +0 -32
- package/dist/pipeline-BG7UgbDc.d.ts +0 -239
|
@@ -94,6 +94,19 @@ interface WstackPathOptions {
|
|
|
94
94
|
/** Override the global root (e.g. for tests). Default: `${userHome}/.wrongstack`. */
|
|
95
95
|
globalRoot?: string | undefined;
|
|
96
96
|
}
|
|
97
|
+
/**
|
|
98
|
+
* The global `~/.wrongstack` root, honoring the `WRONGSTACK_HOME` env
|
|
99
|
+
* override. The override exists so tests (and sandboxed runs) can redirect
|
|
100
|
+
* ALL global state — config, secrets, logs, projects/, mailboxes — away from
|
|
101
|
+
* the real user home. Before it existed, `pnpm test` booted runtimes against
|
|
102
|
+
* the real `~/.wrongstack`: it read the user's real config.json (starting a
|
|
103
|
+
* second live Telegram poller), appended to the real wrongstack.log, and left
|
|
104
|
+
* ~20k orphaned fixture dirs under projects/.
|
|
105
|
+
*
|
|
106
|
+
* Every code path that wants the global dir must come through here (or
|
|
107
|
+
* through `resolveWstackPaths`) instead of `path.join(os.homedir(), '.wrongstack')`.
|
|
108
|
+
*/
|
|
109
|
+
declare function wstackGlobalRoot(): string;
|
|
97
110
|
declare function resolveWstackPaths(opts: WstackPathOptions): WstackPaths;
|
|
98
111
|
|
|
99
|
-
export { type WstackPaths as W, type WstackPathOptions as a, projectSlug as b, projectHash as p, resolveWstackPaths as r };
|
|
112
|
+
export { type WstackPaths as W, type WstackPathOptions as a, projectSlug as b, projectHash as p, resolveWstackPaths as r, wstackGlobalRoot as w };
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@wrongstack/core",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.236.0",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "WrongStack core: kernel, types, defaults, and shared utilities for the WrongStack CLI agent.",
|
|
6
6
|
"repository": {
|
|
@@ -44,6 +44,10 @@
|
|
|
44
44
|
"types": "./dist/execution/index.d.ts",
|
|
45
45
|
"import": "./dist/execution/index.js"
|
|
46
46
|
},
|
|
47
|
+
"./execution/prompt-enhancer": {
|
|
48
|
+
"types": "./dist/execution/prompt-enhancer.d.ts",
|
|
49
|
+
"import": "./dist/execution/prompt-enhancer.js"
|
|
50
|
+
},
|
|
47
51
|
"./coordination": {
|
|
48
52
|
"types": "./dist/coordination/index.d.ts",
|
|
49
53
|
"import": "./dist/coordination/index.js"
|
|
@@ -93,9 +97,9 @@
|
|
|
93
97
|
],
|
|
94
98
|
"wrongstackApiVersion": "0.1.10",
|
|
95
99
|
"devDependencies": {
|
|
96
|
-
"@types/node": "^
|
|
100
|
+
"@types/node": "^25.9.2",
|
|
97
101
|
"tsup": "^8.5.1",
|
|
98
|
-
"typescript": "^6.0.
|
|
102
|
+
"typescript": "^6.0.3"
|
|
99
103
|
},
|
|
100
104
|
"publishConfig": {
|
|
101
105
|
"access": "public"
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: chimera
|
|
3
|
+
description: |
|
|
4
|
+
Use this skill when performing a post-session code quality review of files
|
|
5
|
+
changed during an AI coding session. Activated automatically by the chimera
|
|
6
|
+
plugin after each session completes.
|
|
7
|
+
Triggers: post-session review, chimera agent, session-end code check.
|
|
8
|
+
version: 1.0.0
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
# Chimera — Post-Session Code Guardian
|
|
12
|
+
|
|
13
|
+
## Overview
|
|
14
|
+
|
|
15
|
+
You are Chimera, a post-session code quality agent. You run automatically after
|
|
16
|
+
each WrongStack session ends. Your job: review files that were **added or
|
|
17
|
+
modified** during the session and produce a concise, actionable quality report.
|
|
18
|
+
|
|
19
|
+
You do NOT re-litigate decisions the session already discussed. You surface NEW
|
|
20
|
+
issues the session agent may have missed.
|
|
21
|
+
|
|
22
|
+
## Rules
|
|
23
|
+
|
|
24
|
+
1. **Only review changed files.** The list of files is provided to you — do not
|
|
25
|
+
expand scope.
|
|
26
|
+
2. **Read before judging.** Always read the file before flagging an issue.
|
|
27
|
+
3. **Be surgical.** Flag real bugs, not style preferences. If it compiles and
|
|
28
|
+
the logic is sound, it's fine.
|
|
29
|
+
4. **No re-litigation.** Do not re-raise issues already discussed in the session
|
|
30
|
+
chat history.
|
|
31
|
+
5. **Severity-ranked.** Critical > High > Medium > Low. Only report Medium+
|
|
32
|
+
unless a Low is egregious.
|
|
33
|
+
6. **One finding per line.** Each finding must have: severity, file:line, and a
|
|
34
|
+
one-sentence fix.
|
|
35
|
+
|
|
36
|
+
## What to look for
|
|
37
|
+
|
|
38
|
+
| Category | Examples | Severity |
|
|
39
|
+
|----------|----------|----------|
|
|
40
|
+
| **Logic bugs** | Off-by-one, inverted condition, null deref without guard | Critical / High |
|
|
41
|
+
| **Type safety** | `as any`, missing return type on export, `!` assertion | Medium |
|
|
42
|
+
| **Error handling** | Missing try/catch on async, swallowed errors | High |
|
|
43
|
+
| **Security** | Hardcoded secret, shell injection, innerHTML XSS | Critical |
|
|
44
|
+
| **Resource leaks** | Event listener not removed, file handle not closed | Medium |
|
|
45
|
+
| **Test gaps** | New logic without corresponding test | Medium |
|
|
46
|
+
| **API design** | Wrong status code, missing validation, secrets in URL | High |
|
|
47
|
+
|
|
48
|
+
## Report format
|
|
49
|
+
|
|
50
|
+
Write your report as a single message appended to the chat. Use this structure:
|
|
51
|
+
|
|
52
|
+
```
|
|
53
|
+
## 🦂 Chimera Review — <session title or date>
|
|
54
|
+
|
|
55
|
+
### Critical (N)
|
|
56
|
+
1. [BUG] `path/file.ts:42` — null deref on `user.name` when `user` is undefined
|
|
57
|
+
→ Add guard: `if (!user) throw new NotFoundError()`
|
|
58
|
+
|
|
59
|
+
### High (N)
|
|
60
|
+
2. [SEC] `path/config.ts:8` — plaintext API key in source
|
|
61
|
+
→ Move to env var via `process.env.MY_API_KEY`
|
|
62
|
+
|
|
63
|
+
### Medium (N)
|
|
64
|
+
3. [TYPE] `path/helper.ts:15` — `as any` cast silences type error
|
|
65
|
+
→ Use `as unknown as T` with a comment explaining the trust boundary
|
|
66
|
+
|
|
67
|
+
### Summary
|
|
68
|
+
- Files reviewed: N
|
|
69
|
+
- Findings: C critical, H high, M medium
|
|
70
|
+
- Clean files: N
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
If you find **nothing** worth flagging: write a single line.
|
|
74
|
+
|
|
75
|
+
```
|
|
76
|
+
## 🦂 Chimera Review — all clear ✅
|
|
77
|
+
No issues found in N changed files across M packages.
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
## Anti-patterns
|
|
81
|
+
|
|
82
|
+
- **Don't flag TODOs or FIXMEs** — those are intentional markers.
|
|
83
|
+
- **Don't flag test fixtures or mock data** for secrets — those are expected.
|
|
84
|
+
- **Don't suggest full rewrites** — be surgical, offer the minimal fix.
|
|
85
|
+
- **Don't review unchanged files** — stick to the provided file list.
|
|
86
|
+
- **Don't produce walls of text** — one finding = one line + one fix line.
|
|
87
|
+
|
|
88
|
+
## Context you receive
|
|
89
|
+
|
|
90
|
+
The chimera plugin provides:
|
|
91
|
+
- A list of changed file paths (relative to project root)
|
|
92
|
+
- The full content of each changed file
|
|
93
|
+
- A summary of the session (what was worked on, key decisions)
|
|
94
|
+
- The chat history from the session
|
|
95
|
+
|
|
96
|
+
Use the chat history to understand intent — flag only issues the session agent
|
|
97
|
+
likely missed, not decisions it explicitly made.
|
|
98
|
+
|
|
99
|
+
## Skills in scope
|
|
100
|
+
|
|
101
|
+
- `bug-hunter` — for systematic bug detection patterns
|
|
102
|
+
- `security-scanner` — for security vulnerability patterns
|
|
103
|
+
- `typescript-strict` — for TypeScript type safety rules
|
|
104
|
+
- `api-design` — for API design review patterns
|
|
105
|
+
- `testing` — for test coverage assessment
|
|
@@ -0,0 +1,342 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: research-web
|
|
3
|
+
description: |
|
|
4
|
+
Use this skill when searching the web for current, up-to-date data during
|
|
5
|
+
a research phase — version checks, ecosystem changes, API deprecations,
|
|
6
|
+
tool comparisons, or any claim that needs live verification against sources
|
|
7
|
+
newer than the model's training cutoff.
|
|
8
|
+
Triggers: user says "research", "current version", "is this still true",
|
|
9
|
+
"latest", "what's new in", "breaking changes", "find current",
|
|
10
|
+
"web research", "search the web", "look up".
|
|
11
|
+
version: 1.0.0
|
|
12
|
+
---
|
|
13
|
+
|
|
14
|
+
# Research Web — WrongStack
|
|
15
|
+
|
|
16
|
+
## Overview
|
|
17
|
+
|
|
18
|
+
Teaches the agent how to conduct current-data web research with discipline:
|
|
19
|
+
when to search, how to cross-validate, how to inject findings for reuse, and
|
|
20
|
+
how to delegate research to subagents. Complements the `research-web` mode
|
|
21
|
+
(which provides tool prioritization and behavioral gating); this skill
|
|
22
|
+
provides the deep methodology and patterns the mode prompt can't fit.
|
|
23
|
+
|
|
24
|
+
## Rules
|
|
25
|
+
|
|
26
|
+
1. Verify before claiming. Never state a version number, deprecation status,
|
|
27
|
+
or API surface from training data without a live check.
|
|
28
|
+
2. Two-source minimum. Single-source claims are tentative; two agreeing
|
|
29
|
+
sources is a signal; three is confirmation.
|
|
30
|
+
3. Inject, don't repeat. After research, use `context_manager` with `add_note`
|
|
31
|
+
to inject a structured summary. Never re-research the same topic.
|
|
32
|
+
4. Respect the stop rule. 2-3 searches + 1-2 fetches per topic. If no clear
|
|
33
|
+
answer after that, surface the ambiguity rather than research-looping.
|
|
34
|
+
5. Cite every claim. Domain name minimum; date if visible on the page.
|
|
35
|
+
6. Match tool to task. `web_search` for discovery, `web_fetch` for detail,
|
|
36
|
+
`fetch` for raw API responses, `search` for source-code-specific queries.
|
|
37
|
+
|
|
38
|
+
## Research Workflow Taxonomy
|
|
39
|
+
|
|
40
|
+
Not every research task needs the same approach. Match the workflow to the need:
|
|
41
|
+
|
|
42
|
+
### Quick Lookup (1-2 turns)
|
|
43
|
+
**When**: "What's the latest version of React?" "Is package X still maintained?"
|
|
44
|
+
**Pattern**:
|
|
45
|
+
```
|
|
46
|
+
web_search("React latest stable version 2025") → discover version
|
|
47
|
+
web_fetch("https://react.dev/versions") → confirm from authoritative source
|
|
48
|
+
context_manager add_note("## Research: React version\n- 19.2.0 (March 2025)\n- Source: react.dev")
|
|
49
|
+
```
|
|
50
|
+
**Budget**: 1 search + 1 fetch = ~2000 tokens. Done in one turn.
|
|
51
|
+
|
|
52
|
+
### Deep Investigation (3-4 turns)
|
|
53
|
+
**When**: "How has Next.js middleware changed across 14.x → 15.x?"
|
|
54
|
+
**Pattern**:
|
|
55
|
+
```
|
|
56
|
+
Turn 1: web_search("Next.js middleware changes 14 to 15") → collect URLs
|
|
57
|
+
Turn 2: web_fetch(upgrade guide), web_fetch(changelog) → parallel fetches
|
|
58
|
+
Turn 3: cross-reference, inject structured findings
|
|
59
|
+
```
|
|
60
|
+
**Budget**: 2 searches + 2-3 fetches = ~5000 tokens. Use parallel fetches.
|
|
61
|
+
|
|
62
|
+
### Landscape Survey (fan-out)
|
|
63
|
+
**When**: "Compare the top 5 React state management libraries in 2025"
|
|
64
|
+
**Pattern**: Delegate to subagents. Each researches one library, leader aggregates.
|
|
65
|
+
See "Subagent Delegation" section below.
|
|
66
|
+
|
|
67
|
+
## Tool Selection Guide
|
|
68
|
+
|
|
69
|
+
| Tool | Best for | Avoid for |
|
|
70
|
+
|------|----------|-----------|
|
|
71
|
+
| `web_search` | Broad discovery, finding current URLs, getting an overview | Deep detail (use `web_fetch` after) |
|
|
72
|
+
| `web_fetch` | Reading a specific page for detail, authoritative confirmation | Broad queries (use `web_search` first) |
|
|
73
|
+
| `search` | Technical docs, source code, API references (DuckDuckGo) | General web queries (use `web_search`) |
|
|
74
|
+
| `fetch` | Raw API responses (JSON), registry endpoints, structured data | HTML pages (use `web_fetch` for markdown conversion) |
|
|
75
|
+
| `context_manager` | Injecting research findings into conversation for future turns | Research itself (this is the *output* tool) |
|
|
76
|
+
|
|
77
|
+
### Decision heuristic
|
|
78
|
+
```
|
|
79
|
+
┌─────────────────┐
|
|
80
|
+
│ What do I need? │
|
|
81
|
+
└────────┬────────┘
|
|
82
|
+
┌────────────────┼────────────────┐
|
|
83
|
+
▼ ▼ ▼
|
|
84
|
+
"Discover URLs" "Read a page" "Raw API data"
|
|
85
|
+
│ │ │
|
|
86
|
+
web_search web_fetch fetch
|
|
87
|
+
│ │
|
|
88
|
+
└────────┬───────┘
|
|
89
|
+
▼
|
|
90
|
+
context_manager
|
|
91
|
+
add_note
|
|
92
|
+
```
|
|
93
|
+
|
|
94
|
+
## Source Quality Evaluation
|
|
95
|
+
|
|
96
|
+
Rate every source before citing it:
|
|
97
|
+
|
|
98
|
+
| Tier | Examples | Trust |
|
|
99
|
+
|------|----------|-------|
|
|
100
|
+
| **Primary** | Official docs, GitHub releases, registry APIs, RFCs | Cite as fact |
|
|
101
|
+
| **Secondary** | Well-known tech blogs, conference talks by maintainers | Cite with "according to" |
|
|
102
|
+
| **Tertiary** | Stack Overflow, Reddit, personal blogs, LLM-generated content | Corroborate before citing |
|
|
103
|
+
|
|
104
|
+
**Recency check**:
|
|
105
|
+
- Package version: must be ≤ 6 months old to claim "current"
|
|
106
|
+
- API change: must reference the specific version that introduced it
|
|
107
|
+
- Deprecation claim: must cite the deprecation notice (not just "I heard")
|
|
108
|
+
- Ecosystem trend: multiple sources from the current year
|
|
109
|
+
|
|
110
|
+
## Injection Format Templates
|
|
111
|
+
|
|
112
|
+
Structured `add_note` formats for different research outcomes. The format matters —
|
|
113
|
+
future turns need to parse these quickly without re-reading raw search results.
|
|
114
|
+
|
|
115
|
+
### Version check
|
|
116
|
+
|
|
117
|
+
```
|
|
118
|
+
## Research: [package] version
|
|
119
|
+
- Current latest: [version] ([date])
|
|
120
|
+
- Previous: [version] (for context)
|
|
121
|
+
- Registry source: [npm/pypi/crates.io URL]
|
|
122
|
+
- Confirmed via: [source URL]
|
|
123
|
+
```
|
|
124
|
+
|
|
125
|
+
### API / breaking change
|
|
126
|
+
|
|
127
|
+
```
|
|
128
|
+
## Research: [package] [feature] changes
|
|
129
|
+
- [Version]: [what changed]
|
|
130
|
+
- [Version]: [what changed]
|
|
131
|
+
- Breaking: [list of breaks]
|
|
132
|
+
- Migration path: [if documented]
|
|
133
|
+
- Source: [upgrade guide URL]
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
### Ecosystem comparison
|
|
137
|
+
|
|
138
|
+
```
|
|
139
|
+
## Research: [topic] comparison
|
|
140
|
+
- [Tool A]: [key points, version, status]
|
|
141
|
+
- [Tool B]: [key points, version, status]
|
|
142
|
+
- Recommendation: [with rationale]
|
|
143
|
+
- Sources: [URL, URL]
|
|
144
|
+
```
|
|
145
|
+
|
|
146
|
+
### Null result (important — prevents re-search)
|
|
147
|
+
|
|
148
|
+
```
|
|
149
|
+
## Research: [topic] — no current changes found
|
|
150
|
+
- Searched: [query, query]
|
|
151
|
+
- Result: No breaking changes / deprecations / version bumps found
|
|
152
|
+
- Checked on: [date]
|
|
153
|
+
```
|
|
154
|
+
|
|
155
|
+
**Always include a null-result note.** Without it, future turns may re-research
|
|
156
|
+
the same topic thinking the data was never gathered.
|
|
157
|
+
|
|
158
|
+
## Subagent Delegation
|
|
159
|
+
|
|
160
|
+
For landscape surveys and parallel research, delegate to subagents carrying
|
|
161
|
+
this skill. The `research` and `search` roster roles are tuned for this.
|
|
162
|
+
|
|
163
|
+
### Fan-out pattern (parallel)
|
|
164
|
+
|
|
165
|
+
```typescript
|
|
166
|
+
// Leader: fan out one topic per subagent
|
|
167
|
+
batch_tool_use([
|
|
168
|
+
{
|
|
169
|
+
tool: "delegate",
|
|
170
|
+
input: {
|
|
171
|
+
task: "Research current state of Zustand: latest version, breaking changes in 5.x, ecosystem position. Inject findings via context_manager.",
|
|
172
|
+
role: "research"
|
|
173
|
+
}
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
tool: "delegate",
|
|
177
|
+
input: {
|
|
178
|
+
task: "Research current state of Jotai: latest version, breaking changes, ecosystem position. Inject findings via context_manager.",
|
|
179
|
+
role: "research"
|
|
180
|
+
}
|
|
181
|
+
},
|
|
182
|
+
{
|
|
183
|
+
tool: "delegate",
|
|
184
|
+
input: {
|
|
185
|
+
task: "Research current state of Valtio: latest version, breaking changes, ecosystem position. Inject findings via context_manager.",
|
|
186
|
+
role: "research"
|
|
187
|
+
}
|
|
188
|
+
},
|
|
189
|
+
])
|
|
190
|
+
```
|
|
191
|
+
|
|
192
|
+
### Sequential deep-dive
|
|
193
|
+
|
|
194
|
+
```typescript
|
|
195
|
+
// Leader: one topic, phased research
|
|
196
|
+
delegate({
|
|
197
|
+
task: "Research React 19 Server Components: what changed from 18→19, current best practices for 'use client' boundaries, known pitfalls. Cross-reference react.dev docs and the GitHub release notes. Inject structured findings.",
|
|
198
|
+
role: "research"
|
|
199
|
+
})
|
|
200
|
+
```
|
|
201
|
+
|
|
202
|
+
### Subagent budget guidance
|
|
203
|
+
|
|
204
|
+
| Research type | `maxIterations` | `maxToolCalls` | Notes |
|
|
205
|
+
|---|---|---|---|
|
|
206
|
+
| Quick lookup | 3 | 6 | 1 search + 1 fetch + inject |
|
|
207
|
+
| Deep investigation | 8 | 20 | Multiple searches + cross-ref |
|
|
208
|
+
| Landscape survey | 12 | 30 | Multiple searches + fetches per topic |
|
|
209
|
+
|
|
210
|
+
## Cross-Validation Patterns
|
|
211
|
+
|
|
212
|
+
### When sources agree
|
|
213
|
+
```
|
|
214
|
+
Source A (official docs): React 19.2.0
|
|
215
|
+
Source B (npm registry): 19.2.0
|
|
216
|
+
Source C (GitHub releases): 19.2.0
|
|
217
|
+
→ Cite as confirmed. No need to fetch a 4th source.
|
|
218
|
+
```
|
|
219
|
+
|
|
220
|
+
### When sources disagree
|
|
221
|
+
```
|
|
222
|
+
Source A (blog post): Next.js 15.2 deprecated middleware edge runtime
|
|
223
|
+
Source B (official docs): Middleware now defaults to Node.js, edge still available
|
|
224
|
+
→ Dig deeper. The blog conflated "default change" with "deprecation".
|
|
225
|
+
→ Fetch the actual upgrade guide for the precise language.
|
|
226
|
+
→ Flag the disagreement in your findings.
|
|
227
|
+
```
|
|
228
|
+
|
|
229
|
+
### When only one source exists
|
|
230
|
+
```
|
|
231
|
+
Source A (GitHub issue comment): "This API is being removed in v4"
|
|
232
|
+
→ Mark as TENTATIVE. State: "One source claims... cannot confirm."
|
|
233
|
+
→ If the claim is critical, search specifically for confirmation.
|
|
234
|
+
→ Otherwise, move on — don't spend budget chasing unconfirmed rumors.
|
|
235
|
+
```
|
|
236
|
+
|
|
237
|
+
## Cost Awareness
|
|
238
|
+
|
|
239
|
+
| Action | Approximate cost | When to use |
|
|
240
|
+
|--------|-----------------|-------------|
|
|
241
|
+
| `web_search` (5 results) | ~500 tokens | Always first — cheap discovery |
|
|
242
|
+
| `web_fetch` (single page) | ~1000-2000 tokens | Only for authoritative sources |
|
|
243
|
+
| `context_manager add_note` | ~0 tokens (metadata op) | After every research cycle |
|
|
244
|
+
| `delegate` (quick lookup subagent) | ~$0.05-0.15 | When research would bloat your context |
|
|
245
|
+
| `delegate` (deep investigation) | ~$0.20-0.50 | Landscape surveys only |
|
|
246
|
+
|
|
247
|
+
**Rule of thumb**: Don't spend more on research than the answer is worth.
|
|
248
|
+
A version check shouldn't cost $0.50. A landscape survey justifying an
|
|
249
|
+
architecture decision might be worth $2.00.
|
|
250
|
+
|
|
251
|
+
## Anti-Patterns
|
|
252
|
+
|
|
253
|
+
### Re-researching known data
|
|
254
|
+
|
|
255
|
+
```typescript
|
|
256
|
+
// ❌ Turn 5: Agent forgets it already researched React version
|
|
257
|
+
web_search("React latest version")
|
|
258
|
+
|
|
259
|
+
// ✅ Turn 2: Agent injected findings via add_note
|
|
260
|
+
// Turn 3-5: Agent sees the note in conversation — skips re-search
|
|
261
|
+
```
|
|
262
|
+
|
|
263
|
+
### Fetching without searching first
|
|
264
|
+
|
|
265
|
+
```typescript
|
|
266
|
+
// ❌ Guessing URLs wastes fetches
|
|
267
|
+
web_fetch("https://react.dev/blog/2025/03/15/react-19-2") // 404
|
|
268
|
+
|
|
269
|
+
// ✅ Search discovers the real URL first
|
|
270
|
+
web_search("React 19.2 release blog post")
|
|
271
|
+
web_fetch(<result from search>)
|
|
272
|
+
```
|
|
273
|
+
|
|
274
|
+
### Injecting raw dumps
|
|
275
|
+
|
|
276
|
+
```typescript
|
|
277
|
+
// ❌ Bloating context with raw JSON
|
|
278
|
+
context_manager add_note(JSON.stringify(searchResults))
|
|
279
|
+
|
|
280
|
+
// ✅ Structured summary
|
|
281
|
+
context_manager add_note("## Research: React version\n- 19.2.0\n- Source: react.dev")
|
|
282
|
+
```
|
|
283
|
+
|
|
284
|
+
### Single-source claims
|
|
285
|
+
|
|
286
|
+
```typescript
|
|
287
|
+
// ❌ One blog post becomes "truth"
|
|
288
|
+
"The React team recommends X" — based on one Medium article from 2023
|
|
289
|
+
|
|
290
|
+
// ✅ Cross-referenced
|
|
291
|
+
"The React docs recommend Y (react.dev). A 2024 blog post also suggests Y.
|
|
292
|
+
One 2023 article suggests X, but this appears outdated."
|
|
293
|
+
```
|
|
294
|
+
|
|
295
|
+
### Research-looping
|
|
296
|
+
|
|
297
|
+
```typescript
|
|
298
|
+
// ❌ 7 searches on the same topic, each slightly rephrased
|
|
299
|
+
web_search("React 19 new features")
|
|
300
|
+
web_search("React 19 what changed")
|
|
301
|
+
web_search("React 19 release notes changes")
|
|
302
|
+
web_search("React 19 difference from 18")
|
|
303
|
+
// ...
|
|
304
|
+
|
|
305
|
+
// ✅ 1-2 broad searches, then targeted fetches
|
|
306
|
+
web_search("React 19 release notes breaking changes")
|
|
307
|
+
web_fetch(<react.dev blog>)
|
|
308
|
+
web_fetch(<GitHub releases>)
|
|
309
|
+
// Done. Inject findings.
|
|
310
|
+
```
|
|
311
|
+
|
|
312
|
+
### Researching during tactical work
|
|
313
|
+
|
|
314
|
+
```typescript
|
|
315
|
+
// ❌ User asks for a quick null-check fix, agent starts web searching
|
|
316
|
+
User: "fix the null deref in auth.ts line 42"
|
|
317
|
+
Agent: web_search("TypeScript null check best practices") // NO
|
|
318
|
+
|
|
319
|
+
// ✅ Research mode is for analysis/discussion phases, not tactical edits
|
|
320
|
+
// The agent already knows how to fix a null deref — just fix it.
|
|
321
|
+
```
|
|
322
|
+
|
|
323
|
+
## Workflow
|
|
324
|
+
|
|
325
|
+
```
|
|
326
|
+
1. TRIGGER — User asks for current data OR agent realizes knowledge is stale
|
|
327
|
+
2. CLASSIFY — Quick lookup? Deep investigation? Landscape survey?
|
|
328
|
+
3. SEARCH — web_search with 5-8 results for broad discovery
|
|
329
|
+
4. FETCH — web_fetch 1-2 authoritative results for detail (parallelize if >1)
|
|
330
|
+
5. VALIDATE — Cross-reference: 2+ sources agree? Flag single-source claims
|
|
331
|
+
6. INJECT — context_manager add_note with structured findings
|
|
332
|
+
7. CITE — In your response, cite sources for every factual claim
|
|
333
|
+
```
|
|
334
|
+
|
|
335
|
+
## Skills in scope
|
|
336
|
+
|
|
337
|
+
- `tech-stack` — for package version verification and ecosystem validation
|
|
338
|
+
- `node-modern` — for Node.js-specific version and API checks
|
|
339
|
+
- `react-modern` — for React-specific version and API checks
|
|
340
|
+
- `security-scanner` — for CVE and vulnerability research
|
|
341
|
+
- `prompt-engineering` — for crafting effective search queries
|
|
342
|
+
- `multi-agent` — for fanning out research to subagents
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
import { L as Logger, a as LogLevel } from './logger-B63L5bTg.js';
|
|
2
|
-
|
|
3
|
-
interface DefaultLoggerOptions {
|
|
4
|
-
level?: LogLevel | undefined;
|
|
5
|
-
file?: string | undefined;
|
|
6
|
-
pretty?: boolean | undefined;
|
|
7
|
-
bindings?: Record<string, unknown>;
|
|
8
|
-
/**
|
|
9
|
-
* When false, suppress stderr output entirely — only write to the log
|
|
10
|
-
* file (if configured). Use this in TUI mode so plugin/library log
|
|
11
|
-
* messages don't interleave with Ink's terminal rendering.
|
|
12
|
-
* Default: true (stderr output is enabled).
|
|
13
|
-
*/
|
|
14
|
-
stderr?: boolean | undefined;
|
|
15
|
-
}
|
|
16
|
-
declare class DefaultLogger implements Logger {
|
|
17
|
-
level: LogLevel;
|
|
18
|
-
private readonly file?;
|
|
19
|
-
private readonly bindings;
|
|
20
|
-
private readonly pretty;
|
|
21
|
-
private readonly stderr;
|
|
22
|
-
constructor(opts?: DefaultLoggerOptions);
|
|
23
|
-
error(msg: string, ctx?: unknown): void;
|
|
24
|
-
warn(msg: string, ctx?: unknown): void;
|
|
25
|
-
info(msg: string, ctx?: unknown): void;
|
|
26
|
-
debug(msg: string, ctx?: unknown): void;
|
|
27
|
-
trace(msg: string, ctx?: unknown): void;
|
|
28
|
-
child(bindings: Record<string, unknown>): Logger;
|
|
29
|
-
private log;
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
export { DefaultLogger as D, type DefaultLoggerOptions as a };
|