npm - @yottagraph-app/aether-instructions - Versions diffs - 1.1.49 → 1.1.51 - Mend

@yottagraph-app/aether-instructions 1.1.49 → 1.1.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/AGENTS.md +2 -2
package/commands/build_my_app.md +13 -5
package/package.json +1 -1
package/skills/aether/SKILL.md +25 -24
package/skills/aether/bigquery.md +200 -0
package/skills/aether/data.md +7 -0
package/skills/aether/git-support.md +11 -6
package/skills/aether/storage.md +7 -0
package/variants/mcp-only/commands/build_my_app.md +12 -5

package/AGENTS.md CHANGED Viewed

@@ -8,11 +8,11 @@
 **Data:** This app runs on the Lovelace platform -- entities, news, filings, sentiment, relationships, events. See [`data.md`](.agents/skills/aether/data.md) in the `aether` skill for access patterns and gotchas. Additional skill docs: `.agents/skills/data-model/` (entity types, properties, relationships; `SKILL.md` first), `.agents/skills/elemental-mcp-patterns/` (MCP response shapes, property type handling, Python patterns for agent tools). Do NOT call external APIs for data the platform provides.
-**Storage:** KV (Upstash Redis) for preferences and lightweight state via `Pref<T>` from `usePrefsStore()`. Neon Postgres for relational data if connected (see [`storage.md`](.agents/skills/aether/storage.md) in the `aether` skill).
+**Storage:** KV (Upstash Redis) for preferences and lightweight state via `Pref<T>` from `usePrefsStore()`. Neon Postgres for relational data if connected (see [`storage.md`](.agents/skills/aether/storage.md) in the `aether` skill). BigQuery for analytical/warehouse data when configured — go through `server/utils/bigquery.ts` (which proxies the Broadchurch Portal gateway), never `@google-cloud/bigquery` or a pasted service-account key. See [`bigquery.md`](.agents/skills/aether/bigquery.md) in the `aether` skill.
 **Source of truth:** `DESIGN.md` -- read before starting work, update when changing features. The starter UI is placeholder -- replace freely. Feature docs in `design/` for implementation planning.
-**Git:** Commit meaningful units of work. Run `npm run format` before commit. Message format: `[Agent commit] {summary}`. Push directly to main — do NOT create PRs or feature branches.
+**Git:** Commit meaningful units of work. Run `npm run format` before commit. Message format: `[Agent commit] {summary}`. Push directly to `main` with `git push origin main` — do NOT create PRs, do NOT run `gh pr create`, and do NOT use feature branches. This project's `main` is not protected; Vercel auto-deploys on push to `main`, and that's how the app gets live. A PR blocks the auto-deploy and breaks the smooth first-run flow.
 **First action for a new project:** Run `/build_my_app`.

package/commands/build_my_app.md CHANGED Viewed

@@ -112,6 +112,7 @@ Key capabilities:
 - **Query Server / Elemental API** -- the primary data source. Use `useElementalClient()` from `@yottagraph-app/elemental-api/client`. See [`data.md`](../skills/aether/data.md) in the `aether` skill.
 - **KV storage** -- always available for preferences and lightweight data (see [`pref.md`](../skills/aether/pref.md) in the `aether` skill)
 - **Neon Postgres** -- may be available for relational data; see [`storage.md`](../skills/aether/storage.md) in the `aether` skill for how to check and how to use it
+- **BigQuery** -- may be available for analytical / warehouse data via the portal gateway. **If the brief mentions BigQuery, analytics, a warehouse, dashboards over event data, or anything in that family, read [`bigquery.md`](../skills/aether/bigquery.md) in the `aether` skill BEFORE writing any code.** A pre-built `server/utils/bigquery.ts` helper is already scaffolded — do NOT add `@google-cloud/bigquery` to `package.json` and do NOT ask the user to paste a service-account key. The build will fail if you try (a prebuild guard catches it).
 - **AI agent chat** -- use the `useAgentChat` composable to build a chat UI for deployed agents
 - **MCP servers** -- Lovelace MCP servers may be available (check `.agents/mcp.json`)
 - **Components** -- Vuetify 3 component library is available
@@ -228,16 +229,23 @@ git add -A
 git commit -m "[Agent commit] Initial app build from project brief"
 ```
-**Push directly to main.** Vercel auto-deploys on push to main, so this
-gets the app live immediately. Do NOT try to create a pull request via
-`gh pr create` — in Cursor Cloud environments, the GitHub integration
-token lacks PR permissions (known Cursor issue). Pushing to main is the
-correct workflow.
+**Push directly to main. Do NOT create a pull request or a feature branch.**
+Vercel auto-deploys on push to `main`, which is how this project gets
+live. Creating a PR blocks that auto-deploy and breaks the smooth
+first-run experience the user is expecting from the wizard. This
+project's `main` is **not** protected — `git push origin main` will
+succeed.
 ```bash
 git push origin main
 ```
+Specifically: do NOT run `gh pr create`, do NOT create a feature
+branch, and do NOT push to anything other than `main`. If a push to
+`main` fails because of a real permission issue (not branch
+protection), report the exact error rather than falling back to a PR.
 If running locally (not in Cursor Cloud), the user may prefer a PR-based
 workflow — ask before pushing directly to main in that case.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@yottagraph-app/aether-instructions",
-    "version": "1.1.49",
+    "version": "1.1.51",
     "description": "Cursor commands and skills for Aether development",
     "files": [
         "commands",

package/skills/aether/SKILL.md CHANGED Viewed

@@ -32,27 +32,28 @@ topics that apply.
 ## Files
-| File                                               | When to read                                                                                                                                                                                                                                                    |
-| -------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [architecture.md](architecture.md)                 | Project structure, navigation, server routes, agents, MCP. Read when adding pages, navigation, or server-side functionality.                                                                                                                                    |
-| [data.md](data.md)                                 | How this app reads platform data (clients, schema discovery, entity/news/filings access, common gotchas). Read when building any feature that fetches or displays platform data.                                                                                |
-| [cookbook.md](cookbook.md)                         | Copy-paste UI patterns for common pages: data table, form, chart, dialog, master-detail. For data-fetching recipes see `cookbook-data.md`.                                                                                                                      |
-| [cookbook-data.md](cookbook-data.md)               | Data-fetching UI recipes: entity search, news feed, filings, and related helpers. Read with `data.md` when building pages that display platform data.                                                                                                           |
-| [design.md](design.md)                             | `DESIGN.md` workflow, feature docs, starter-app-is-placeholder guidance. Read when starting work, planning features, or updating project design.                                                                                                                |
-| [ui.md](ui.md)                                     | Vue/Vuetify page templates, layouts, scrollable content, data tables, loading states. Applies when creating or editing page templates (`pages/**`, `components/**`).                                                                                            |
-| [pref.md](pref.md)                                 | User preferences and KV storage: `usePrefsStore`, `Pref<T>`, app namespacing (`NUXT_PUBLIC_APP_ID`). Read when working on settings persistence.                                                                                                                 |
-| [branding.md](branding.md)                         | Visual styling, colors, typography, theming, branding, UI appearance. Read when updating brand assets or theme code.                                                                                                                                            |
-| [server.md](server.md)                             | Nitro server-side API routes (`server/**`): file-based routing, event handlers, image proxy. Read when adding server routes. For storage backends see `storage.md`; for platform-data proxying see `server-data.md`.                                            |
-| [server-data.md](server-data.md)                   | Reading platform data from Nitro server routes (`server/**`). Read when a server route needs to fetch platform data on behalf of the app.                                                                                                                       |
-| [storage.md](storage.md)                           | Storage backends: KV (always on) vs Neon Postgres (if provisioned). Read when choosing persistence, wiring `getRedis()`/`getDb()`, creating tables, or handling missing credentials gracefully.                                                                 |
-| [agents.md](agents.md)                             | Conventions for developing ADK agents in `agents/**`. Read when writing or editing agent code.                                                                                                                                                                  |
-| [agents-data.md](agents-data.md)                   | How ADK agents access platform data (authentication, local testing env vars, mode-specific wiring). Read when an agent needs platform data (`agents/**`).                                                                                                       |
-| [mcp-servers.md](mcp-servers.md)                   | Conventions for developing MCP servers in `mcp-servers/**`. Read when writing or editing FastMCP servers.                                                                                                                                                       |
-| [deployment.md](deployment.md)                     | App, agent, and MCP server deployment targets (Vercel, Vertex AI Agent Engine, Cloud Run). Read when pushing to main, running `/deploy_agent` or `/deploy_mcp`, or explaining how code reaches production.                                                      |
-| [env.md](env.md)                                   | `.env` variable reference (`APP_ID`, `USER_NAME`, `QUERY_SERVER_ADDRESS`, etc.). Read when adding env vars, configuring Auth0 bypass, or inspecting runtime config.                                                                                             |
-| [local-setup.md](local-setup.md)                   | Manual local dev setup (`npm run init -- --local`, `npm run dev`). Read when running the app locally outside Cursor Cloud.                                                                                                                                      |
-| [cursor-cloud.md](cursor-cloud.md)                 | Cursor Cloud environment quirks (Node managed by env, dev server auto-started, skip browser testing during initial setup). Read when `$HOME` is under `/root` or `/home/ubuntu`, or when a dev-server terminal was auto-started.                                |
-| [claude-code-cloud.md](claude-code-cloud.md)       | Claude Code (claude.ai/code) cloud session quirks (ephemeral sessions, Claude GitHub App, env auto-runs init + dev server, skip browser testing during initial setup). Read when running in claude.ai/code, especially `$HOME` under `/root` or `/home/ubuntu`. |
-| [git-support.md](git-support.md)                   | Git commit workflow and conventions. Read when finishing implementation work, making commits, or troubleshooting git/pre-commit failures.                                                                                                                       |
-| [something-broke.md](something-broke.md)           | Error recovery and build failure troubleshooting. Read when something broke, build failed, `npm run build` errors, or the user wants to restore previous behavior.                                                                                              |
-| [instructions_warning.md](instructions_warning.md) | Warning about editing `.agents/` files managed by `@yottagraph-app/aether-instructions`. Read before modifying installed instruction files.                                                                                                                     |
+| File                                               | When to read                                                                                                                                                                                                                                                        |
+| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [architecture.md](architecture.md)                 | Project structure, navigation, server routes, agents, MCP. Read when adding pages, navigation, or server-side functionality.                                                                                                                                        |
+| [data.md](data.md)                                 | How this app reads platform data (clients, schema discovery, entity/news/filings access, common gotchas). Read when building any feature that fetches or displays platform data.                                                                                    |
+| [cookbook.md](cookbook.md)                         | Copy-paste UI patterns for common pages: data table, form, chart, dialog, master-detail. For data-fetching recipes see `cookbook-data.md`.                                                                                                                          |
+| [cookbook-data.md](cookbook-data.md)               | Data-fetching UI recipes: entity search, news feed, filings, and related helpers. Read with `data.md` when building pages that display platform data.                                                                                                               |
+| [design.md](design.md)                             | `DESIGN.md` workflow, feature docs, starter-app-is-placeholder guidance. Read when starting work, planning features, or updating project design.                                                                                                                    |
+| [ui.md](ui.md)                                     | Vue/Vuetify page templates, layouts, scrollable content, data tables, loading states. Applies when creating or editing page templates (`pages/**`, `components/**`).                                                                                                |
+| [pref.md](pref.md)                                 | User preferences and KV storage: `usePrefsStore`, `Pref<T>`, app namespacing (`NUXT_PUBLIC_APP_ID`). Read when working on settings persistence.                                                                                                                     |
+| [branding.md](branding.md)                         | Visual styling, colors, typography, theming, branding, UI appearance. Read when updating brand assets or theme code.                                                                                                                                                |
+| [server.md](server.md)                             | Nitro server-side API routes (`server/**`): file-based routing, event handlers, image proxy. Read when adding server routes. For storage backends see `storage.md`; for platform-data proxying see `server-data.md`.                                                |
+| [server-data.md](server-data.md)                   | Reading platform data from Nitro server routes (`server/**`). Read when a server route needs to fetch platform data on behalf of the app.                                                                                                                           |
+| [storage.md](storage.md)                           | Storage backends: KV (always on) vs Neon Postgres (if provisioned). Read when choosing persistence, wiring `getRedis()`/`getDb()`, creating tables, or handling missing credentials gracefully.                                                                     |
+| [bigquery.md](bigquery.md)                         | Analytical reads via the portal gateway: `isBigQueryConfigured()`, `listDatasets()`, `listTables()`, `runQuery()`. Read whenever the task touches BigQuery — and DO NOT add `@google-cloud/bigquery` or paste service-account keys (BC 1.0 pattern, not supported). |
+| [agents.md](agents.md)                             | Conventions for developing ADK agents in `agents/**`. Read when writing or editing agent code.                                                                                                                                                                      |
+| [agents-data.md](agents-data.md)                   | How ADK agents access platform data (authentication, local testing env vars, mode-specific wiring). Read when an agent needs platform data (`agents/**`).                                                                                                           |
+| [mcp-servers.md](mcp-servers.md)                   | Conventions for developing MCP servers in `mcp-servers/**`. Read when writing or editing FastMCP servers.                                                                                                                                                           |
+| [deployment.md](deployment.md)                     | App, agent, and MCP server deployment targets (Vercel, Vertex AI Agent Engine, Cloud Run). Read when pushing to main, running `/deploy_agent` or `/deploy_mcp`, or explaining how code reaches production.                                                          |
+| [env.md](env.md)                                   | `.env` variable reference (`APP_ID`, `USER_NAME`, `QUERY_SERVER_ADDRESS`, etc.). Read when adding env vars, configuring Auth0 bypass, or inspecting runtime config.                                                                                                 |
+| [local-setup.md](local-setup.md)                   | Manual local dev setup (`npm run init -- --local`, `npm run dev`). Read when running the app locally outside Cursor Cloud.                                                                                                                                          |
+| [cursor-cloud.md](cursor-cloud.md)                 | Cursor Cloud environment quirks (Node managed by env, dev server auto-started, skip browser testing during initial setup). Read when `$HOME` is under `/root` or `/home/ubuntu`, or when a dev-server terminal was auto-started.                                    |
+| [claude-code-cloud.md](claude-code-cloud.md)       | Claude Code (claude.ai/code) cloud session quirks (ephemeral sessions, Claude GitHub App, env auto-runs init + dev server, skip browser testing during initial setup). Read when running in claude.ai/code, especially `$HOME` under `/root` or `/home/ubuntu`.     |
+| [git-support.md](git-support.md)                   | Git commit workflow and conventions. Read when finishing implementation work, making commits, or troubleshooting git/pre-commit failures.                                                                                                                           |
+| [something-broke.md](something-broke.md)           | Error recovery and build failure troubleshooting. Read when something broke, build failed, `npm run build` errors, or the user wants to restore previous behavior.                                                                                                  |
+| [instructions_warning.md](instructions_warning.md) | Warning about editing `.agents/` files managed by `@yottagraph-app/aether-instructions`. Read before modifying installed instruction files.                                                                                                                         |

package/skills/aether/bigquery.md ADDED Viewed

@@ -0,0 +1,200 @@
+# BigQuery
+The tenant app reads BigQuery through the **Broadchurch Portal gateway**.
+The Vercel-hosted Aether app NEVER holds GCP credentials directly — the
+portal runs queries in the tenant's per-tenant GCP project on the app's
+behalf, using its own service account.
+| Capability                | How to check                                                      | Env var                                                                                               | Utility file                                |
+| ------------------------- | ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------------------------- |
+| **BigQuery (analytical)** | `process.env.NUXT_PUBLIC_BIGQUERY_ENABLED === 'true'`             | `NUXT_PUBLIC_BIGQUERY_ENABLED`                                                                        | `server/utils/bigquery.ts` (pre-scaffolded) |
+|                           | OR `curl <gateway.url>/api/tenants/<org_id>` → `gcp.bigquery` set | `NUXT_PUBLIC_BIGQUERY_DATASET_ID`, `NUXT_PUBLIC_BIGQUERY_PROJECT_ID`, `NUXT_PUBLIC_BIGQUERY_LOCATION` |                                             |
+Only available if the tenant was provisioned with BigQuery enabled (or
+had it enabled later via the portal's "Enable BigQuery" action). Check
+`isBigQueryConfigured()` before calling any of the helpers.
+For transactional / relational data see [storage.md](storage.md)
+(Postgres + KV); BigQuery is the analytical store, optimized for
+append-only / large columnar scans.
+## Critical: never do these
+The agent reflexively reaches for `@google-cloud/bigquery` and a
+service-account-key env var when asked to talk to BigQuery — that's the
+**BC 1.0 pattern** and it is not supported here. If you find yourself
+about to write any of these, **stop**, re-read this file, and use
+`server/utils/bigquery.ts` instead:
+- DO NOT add `@google-cloud/bigquery` to `package.json`. It only ships
+  with the Broadchurch Portal where the SA actually exists; in the
+  tenant app it would fail at runtime with "could not load default
+  credentials".
+- DO NOT paste a JSON service-account key into Vercel env (as
+  `GCP_SERVICE_ACCOUNT_KEY` or any other name). There is no key for the
+  app to use — the portal is what holds credentials. The Vercel env is
+  also not a secure place to put long-lived GCP keys.
+- DO NOT add `GOOGLE_APPLICATION_CREDENTIALS`. That env var points at a
+  key file on disk; Vercel has no such file and no way to obtain one.
+- DO NOT call the BigQuery REST API directly from `<script setup>` or
+  any client-side code. Always go through a Nitro server route
+  (`server/api/**`).
+## Where credentials come from
+There is no credential on the tenant side. The portal gateway resolves
+the tenant's GCP project from `org_id` (passed in the URL) and runs
+jobs with the portal SA's ADC. Inside `bc-{slug}` the portal SA has:
+- `roles/bigquery.jobUser` + `roles/bigquery.metadataViewer` at the
+  project level (list datasets/tables, run SELECT jobs).
+- `roles/bigquery.dataEditor` on `bc_{slug}_analytics` (read row data).
+That last binding scopes read access: the picker can list every dataset
+the agent or tenant has created in the project, but `runQuery()` will
+fail on datasets the portal hasn't been ACL'd into. The intended
+analytical write target is `bc_{slug}_analytics`.
+## `isBigQueryConfigured()` — feature gating
+The provisioner injects `NUXT_PUBLIC_BIGQUERY_ENABLED=true` into the
+Vercel env when BQ is on. Use it to gate UI:
+```vue
+<script setup lang="ts">
+    const bqEnabled = useRuntimeConfig().public.bigqueryEnabled === 'true';
+</script>
+<template>
+    <v-card v-if="bqEnabled">…analytics UI…</v-card>
+    <v-card v-else>
+        <v-card-title>BigQuery is not configured</v-card-title>
+        <v-card-text> Ask the platform operator to enable BigQuery for this app. </v-card-text>
+    </v-card>
+</template>
+```
+For server routes, use `isBigQueryConfigured()` from
+`server/utils/bigquery.ts` and return a 503-style message when it's
+false (don't throw — the page should still render).
+## Server-route pattern
+All BQ access lives in `server/api/**`. Helpers exposed by
+`server/utils/bigquery.ts`:
+| Helper                            | Returns                                  |
+| --------------------------------- | ---------------------------------------- |
+| `isBigQueryConfigured()`          | `boolean`                                |
+| `getDefaultDataset()`             | `string \| null` — `bc_{slug}_analytics` |
+| `getBigQueryProjectId()`          | `string \| null` — `bc-{slug}`           |
+| `getBigQueryLocation()`           | `string \| null` — e.g. `us-central1`    |
+| `listDatasets()`                  | `BqDataset[]`                            |
+| `listTables(datasetId, options?)` | `BqTable[]`                              |
+| `runQuery(sql, options?)`         | `BqQueryResult`                          |
+| `toRowObjects(result)`            | `Record<string, unknown>[]`              |
+### Example: list datasets
+```typescript
+// server/api/bq/datasets.get.ts
+import { isBigQueryConfigured, listDatasets } from '~/server/utils/bigquery';
+export default defineEventHandler(async () => {
+    if (!isBigQueryConfigured()) {
+        throw createError({ statusCode: 503, statusMessage: 'BigQuery not configured' });
+    }
+    return await listDatasets();
+});
+```
+### Example: list tables in a dataset
+```typescript
+// server/api/bq/tables/[dataset].get.ts
+import { isBigQueryConfigured, listTables } from '~/server/utils/bigquery';
+export default defineEventHandler(async (event) => {
+    if (!isBigQueryConfigured()) {
+        throw createError({ statusCode: 503, statusMessage: 'BigQuery not configured' });
+    }
+    const dataset = getRouterParam(event, 'dataset');
+    if (!dataset) {
+        throw createError({ statusCode: 400, statusMessage: 'dataset is required' });
+    }
+    return await listTables(dataset);
+});
+```
+### Example: run a parameterized SELECT
+```typescript
+// server/api/bq/events.get.ts
+import { isBigQueryConfigured, runQuery, toRowObjects } from '~/server/utils/bigquery';
+export default defineEventHandler(async (event) => {
+    if (!isBigQueryConfigured()) {
+        throw createError({ statusCode: 503, statusMessage: 'BigQuery not configured' });
+    }
+    const { date, limit } = getQuery(event);
+    const result = await runQuery(
+        `SELECT * FROM events WHERE event_date = @date ORDER BY ts DESC LIMIT @limit`,
+        {
+            params: [
+                { name: 'date', type: 'DATE', value: String(date ?? '2026-01-01') },
+                { name: 'limit', type: 'INT64', value: Number(limit ?? 100) },
+            ],
+        }
+    );
+    return {
+        schema: result.schema,
+        rows: toRowObjects(result),
+        truncated: result.truncated,
+    };
+});
+```
+`defaultDataset` is set automatically to `bc_{slug}_analytics` for
+unqualified table refs. Pass `options.defaultDataset` to override.
+## Guardrails the gateway enforces
+The portal will reject:
+- DML / DDL (`INSERT`, `DELETE`, `UPDATE`, `CREATE`, `DROP`, `MERGE`,
+  `TRUNCATE`, etc.). Only `SELECT` / `WITH` / `CALL` (for TVFs) are
+  allowed. If you need to write to BigQuery, do it from a Cloud Run
+  Job in the tenant project — that's the documented append path.
+- Queries that would scan more than 10 GB (default cap 1 GB). The
+  gateway sets BigQuery's `maximumBytesBilled` server-side; over-scope
+  queries fail with a clear error from BQ before any cost is incurred.
+- More than 10,000 rows returned in one call (default 1,000). Paginate
+  with `LIMIT … OFFSET` in SQL if you need more.
+- 30s wall-clock. The response sets `truncated: true` if BQ ran out of
+  time producing the first page.
+## Local dev
+`NUXT_PUBLIC_BIGQUERY_*` are intentionally unset in local `.env`.
+`isBigQueryConfigured()` returns false, helpers throw with a clear
+message ("BigQuery is not configured for this tenant…"). Test BQ
+features on the deployed preview/production URL where the env vars
+are injected.
+## Where the data goes
+Cloud Run Jobs and Workflows in the tenant project write to
+`bc_{slug}_analytics` (see [`deployment.md`](deployment.md) and the
+portal's compute-jobs docs). The tenant app reads from that dataset
+through this gateway. Round-trip:
+```
+Cloud Run Job → BigQuery (bc_{slug}_analytics) → Portal gateway → Aether app
+                                                       ↑
+                                                  portal SA's ADC
+```
+If you see "Permission denied on resource project" in the gateway
+response, the dataset's IAM was likely created in a previous tenant
+version and is missing the portal SA. Re-run "Enable BigQuery" in the
+portal cockpit to reconcile.

package/skills/aether/data.md CHANGED Viewed

@@ -5,6 +5,12 @@ primary data source — use it first for any data needs (entities, news,
 filings, sentiment, relationships, events). Do NOT call external APIs
 (e.g. sec.gov, Wikipedia) for data that the platform already provides.
+Tenant-owned analytical data (event streams, derived tables, time-series
+features that Cloud Run Jobs write into the tenant project) lives in
+BigQuery, not the Elemental API. For that see [`bigquery.md`](bigquery.md)
+— and importantly, do NOT add `@google-cloud/bigquery` or any GCP
+credentials to this app. Queries go through the portal gateway.
 The Elemental API provides access to the Lovelace Knowledge Graph through
 the Query Server. Use it to search for entities, retrieve properties,
 explore relationships, and analyze sentiment. New data sources are added
@@ -236,6 +242,7 @@ types or property names. Instead, discover them at runtime:
    and properties (PIDs) available in the system. See `schema.md`.
     The schema response contains:
     - **Flavors** (entity types): Company, Person, GovernmentOrg, etc.
       Each flavor has a numeric ID and a human-readable name.
     - **PIDs** (properties): name, country, industry, lei_code, etc.

package/skills/aether/git-support.md CHANGED Viewed

@@ -40,17 +40,22 @@ If a user asks about this error, explain the `npm run format` requirement.
 ## Pushing
-**Push directly to main.** Vercel auto-deploys on push to main, so this
-gets the app live immediately.
+**Push directly to main.** Vercel auto-deploys on push to `main`, which
+is how this project gets live. Creating a PR blocks that auto-deploy
+and disrupts the smooth first-run experience.
-**Do NOT create pull requests** — do not run `gh pr create` or create
-feature branches. In Cursor Cloud environments, the GitHub integration
-token lacks PR permissions (known Cursor issue). Pushing to main is the
-correct workflow.
+**Do NOT create pull requests** — do not run `gh pr create`, do not
+create a feature branch, and do not push to anything other than `main`.
+This project's `main` is **not** protected; `git push origin main`
+will succeed.
 ```bash
 git push origin main
 ```
+If a push to `main` fails because of an actual permission issue (not
+branch protection), report the exact error to the user — do not fall
+back to a PR as a workaround.
 If running locally (not in Cursor Cloud), the user may prefer a PR-based
 workflow — ask before pushing directly to main in that case.

package/skills/aether/storage.md CHANGED Viewed

@@ -1,5 +1,12 @@
 # Storage
+This skill covers **transactional / state** storage — KV (always on) and
+Neon Postgres (if provisioned). For **analytical / append-only** reads
+from large datasets (anything you'd reach for a data warehouse for), see
+[`bigquery.md`](bigquery.md) instead — BigQuery is provisioned per-tenant
+in the GCP tenant project and read through the portal gateway, NOT via
+direct GCP credentials.
 Two storage services are available. KV is always connected; Neon Postgres
 is only present if the tenant was provisioned with it. Each store has its
 own way of checking availability — see the **How to check** column below:

package/variants/mcp-only/commands/build_my_app.md CHANGED Viewed

@@ -170,16 +170,23 @@ git add -A
 git commit -m "[Agent commit] Initial app build from project brief"
 ```
-**Push directly to main.** Vercel auto-deploys on push to main, so this
-gets the app live immediately. Do NOT try to create a pull request via
-`gh pr create` — in Cursor Cloud environments, the GitHub integration
-token lacks PR permissions (known Cursor issue). Pushing to main is the
-correct workflow.
+**Push directly to main. Do NOT create a pull request or a feature branch.**
+Vercel auto-deploys on push to `main`, which is how this project gets
+live. Creating a PR blocks that auto-deploy and breaks the smooth
+first-run experience the user is expecting from the wizard. This
+project's `main` is **not** protected — `git push origin main` will
+succeed.
 ```bash
 git push origin main
 ```
+Specifically: do NOT run `gh pr create`, do NOT create a feature
+branch, and do NOT push to anything other than `main`. If a push to
+`main` fails because of a real permission issue (not branch
+protection), report the exact error rather than falling back to a PR.
 If running locally (not in Cursor Cloud), the user may prefer a PR-based
 workflow — ask before pushing directly to main in that case.