bmad-module-skill-forge 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (110) hide show
  1. package/README.md +88 -44
  2. package/docs/agents.md +1 -1
  3. package/docs/architecture.md +49 -20
  4. package/docs/examples.md +13 -2
  5. package/docs/getting-started.md +15 -13
  6. package/docs/index.md +3 -1
  7. package/docs/workflows.md +2 -2
  8. package/package.json +5 -3
  9. package/src/forger/forge-tier.yaml +1 -1
  10. package/src/forger/preferences.yaml +8 -1
  11. package/src/knowledge/doc-fetcher.md +55 -0
  12. package/src/knowledge/overview.md +17 -16
  13. package/src/knowledge/progressive-capability.md +9 -1
  14. package/src/knowledge/provenance-tracking.md +31 -23
  15. package/src/knowledge/qmd-registry.md +132 -0
  16. package/src/knowledge/skf-knowledge-index.csv +2 -0
  17. package/src/workflows/analyze-source/data/skill-brief-schema.md +24 -4
  18. package/src/workflows/analyze-source/steps-c/step-01-init.md +19 -9
  19. package/src/workflows/analyze-source/steps-c/step-01b-continue.md +2 -2
  20. package/src/workflows/analyze-source/steps-c/step-02-scan-project.md +10 -2
  21. package/src/workflows/analyze-source/steps-c/step-04-map-and-detect.md +17 -2
  22. package/src/workflows/analyze-source/steps-c/step-05-recommend.md +2 -1
  23. package/src/workflows/analyze-source/steps-c/step-06-generate-briefs.md +3 -3
  24. package/src/workflows/analyze-source/templates/analysis-report-template.md +1 -1
  25. package/src/workflows/analyze-source/validation-report.md +1 -1
  26. package/src/workflows/analyze-source/workflow-plan-analyze-source.md +1 -1
  27. package/src/workflows/analyze-source/workflow.md +1 -1
  28. package/src/workflows/audit-skill/steps-c/step-01-init.md +8 -5
  29. package/src/workflows/audit-skill/steps-c/step-02-re-index.md +12 -2
  30. package/src/workflows/audit-skill/validation-report.md +2 -2
  31. package/src/workflows/audit-skill/workflow-plan-audit-skill.md +1 -1
  32. package/src/workflows/brief-skill/data/scope-templates.md +60 -0
  33. package/src/workflows/brief-skill/data/skill-brief-schema.md +38 -3
  34. package/src/workflows/brief-skill/steps-c/step-01-gather-intent.md +20 -4
  35. package/src/workflows/brief-skill/steps-c/step-03-scope-definition.md +20 -64
  36. package/src/workflows/brief-skill/steps-c/step-04-confirm-brief.md +1 -1
  37. package/src/workflows/brief-skill/steps-c/step-05-write-brief.md +60 -5
  38. package/src/workflows/brief-skill/workflow.md +2 -1
  39. package/src/workflows/create-skill/data/compile-assembly-rules.md +110 -0
  40. package/src/workflows/create-skill/data/extraction-patterns.md +248 -0
  41. package/src/workflows/create-skill/data/skill-sections.md +79 -25
  42. package/src/workflows/create-skill/data/source-resolution-protocols.md +130 -0
  43. package/src/workflows/create-skill/steps-c/step-01-load-brief.md +7 -4
  44. package/src/workflows/create-skill/steps-c/step-02-ecosystem-check.md +10 -7
  45. package/src/workflows/create-skill/steps-c/step-03-extract.md +49 -9
  46. package/src/workflows/create-skill/steps-c/step-03b-fetch-temporal.md +238 -0
  47. package/src/workflows/create-skill/steps-c/step-03c-fetch-docs.md +220 -0
  48. package/src/workflows/create-skill/steps-c/step-04-enrich.md +40 -10
  49. package/src/workflows/create-skill/steps-c/step-05-compile.md +48 -81
  50. package/src/workflows/create-skill/steps-c/step-06-validate.md +149 -63
  51. package/src/workflows/create-skill/steps-c/step-07-generate-artifacts.md +53 -3
  52. package/src/workflows/create-skill/steps-c/step-08-report.md +1 -1
  53. package/src/workflows/create-skill/workflow-plan-create-skill.md +42 -10
  54. package/src/workflows/create-skill/workflow.md +3 -2
  55. package/src/workflows/create-stack-skill/data/stack-skill-template.md +20 -7
  56. package/src/workflows/create-stack-skill/steps-c/step-01-init.md +2 -2
  57. package/src/workflows/create-stack-skill/steps-c/step-04-parallel-extract.md +14 -0
  58. package/src/workflows/create-stack-skill/steps-c/step-06-compile-stack.md +28 -7
  59. package/src/workflows/create-stack-skill/steps-c/step-07-generate-output.md +10 -7
  60. package/src/workflows/create-stack-skill/steps-c/step-08-validate.md +66 -68
  61. package/src/workflows/create-stack-skill/validation-report.md +1 -1
  62. package/src/workflows/create-stack-skill/workflow-plan-create-stack-skill.md +4 -4
  63. package/src/workflows/export-skill/data/managed-section-format.md +1 -0
  64. package/src/workflows/export-skill/data/snippet-format.md +33 -14
  65. package/src/workflows/export-skill/steps-c/step-01-load-skill.md +16 -2
  66. package/src/workflows/export-skill/steps-c/step-03-generate-snippet.md +29 -22
  67. package/src/workflows/export-skill/steps-c/step-04-update-context.md +1 -1
  68. package/src/workflows/export-skill/steps-c/step-05-token-report.md +1 -1
  69. package/src/workflows/export-skill/validation-report.md +1 -1
  70. package/src/workflows/export-skill/workflow-plan-export-skill.md +8 -8
  71. package/src/workflows/quick-skill/data/skill-template.md +27 -7
  72. package/src/workflows/quick-skill/steps-c/step-04-compile.md +44 -13
  73. package/src/workflows/quick-skill/steps-c/step-05-validate.md +79 -16
  74. package/src/workflows/quick-skill/validation-report.md +4 -4
  75. package/src/workflows/quick-skill/workflow-plan-quick-skill.md +4 -4
  76. package/src/workflows/quick-skill/workflow.md +2 -0
  77. package/src/workflows/setup-forge/steps-c/step-01-detect-and-tier.md +12 -3
  78. package/src/workflows/setup-forge/steps-c/step-02-write-config.md +10 -2
  79. package/src/workflows/setup-forge/steps-c/step-03-auto-index.md +111 -40
  80. package/src/workflows/setup-forge/steps-c/step-04-report.md +13 -0
  81. package/src/workflows/setup-forge/workflow.md +1 -0
  82. package/src/workflows/test-skill/data/scoring-rules.md +14 -6
  83. package/src/workflows/test-skill/data/source-access-protocol.md +37 -0
  84. package/src/workflows/test-skill/steps-c/step-01-init.md +38 -13
  85. package/src/workflows/test-skill/steps-c/step-02-detect-mode.md +2 -3
  86. package/src/workflows/test-skill/steps-c/step-03-coverage-check.md +25 -5
  87. package/src/workflows/test-skill/steps-c/step-04-coherence-check.md +18 -43
  88. package/src/workflows/test-skill/steps-c/step-04b-external-validators.md +213 -0
  89. package/src/workflows/test-skill/steps-c/step-05-score.md +24 -27
  90. package/src/workflows/test-skill/steps-c/step-06-report.md +9 -4
  91. package/src/workflows/test-skill/templates/test-report-template.md +2 -1
  92. package/src/workflows/test-skill/validation-report.md +1 -1
  93. package/src/workflows/test-skill/workflow-plan-test-skill.md +7 -3
  94. package/src/workflows/test-skill/workflow.md +1 -1
  95. package/src/workflows/update-skill/data/remote-source-resolution.md +43 -0
  96. package/src/workflows/update-skill/steps-c/step-01-init.md +13 -7
  97. package/src/workflows/update-skill/steps-c/step-02-detect-changes.md +26 -0
  98. package/src/workflows/update-skill/steps-c/step-03-re-extract.md +37 -9
  99. package/src/workflows/update-skill/steps-c/step-04-merge.md +3 -3
  100. package/src/workflows/update-skill/steps-c/step-05-validate.md +63 -67
  101. package/src/workflows/update-skill/steps-c/step-06-write.md +37 -14
  102. package/src/workflows/update-skill/steps-c/step-07-report.md +1 -1
  103. package/src/workflows/update-skill/validation-report.md +4 -4
  104. package/src/workflows/update-skill/workflow-plan-update-skill.md +4 -4
  105. package/src/workflows/update-skill/workflow.md +1 -1
  106. package/tools/cli/commands/status.js +4 -4
  107. package/tools/cli/commands/uninstall.js +1 -1
  108. package/tools/cli/commands/update.js +2 -2
  109. package/tools/cli/lib/ui.js +60 -16
  110. package/tools/cli/lib/version-check.js +2 -2
@@ -2,6 +2,7 @@
2
2
  name: 'step-07-generate-artifacts'
3
3
  description: 'Write all output files — 4 deliverables to skills/ and 3 workspace artifacts to forge-data/'
4
4
  nextStepFile: './step-08-report.md'
5
+ forgeTierConfig: '{sidecar_path}/forge-tier.yaml'
5
6
  ---
6
7
 
7
8
  # Step 7: Generate Artifacts
@@ -124,16 +125,62 @@ Display brief confirmation:
124
125
 
125
126
  Proceeding to compilation report..."
126
127
 
127
- ### 5. Menu Handling Logic
128
+ ### 5. QMD Collection Registration (Deep Tier Only)
129
+
130
+ **IF forge tier is Deep AND QMD tool is available:**
131
+
132
+ Index the generated skill artifacts into a QMD collection so that audit-skill and update-skill can perform high-signal searches against curated extraction data instead of raw source files.
133
+
134
+ **Collection creation:**
135
+
136
+ Create a QMD collection from both artifact directories:
137
+ ```bash
138
+ qmd collection add {project-root}/skills/{name} --name {name}-extraction --mask "**/*"
139
+ qmd embed
140
+ ```
141
+
142
+ If collection already exists (re-run): remove and recreate for atomic replace:
143
+ ```bash
144
+ qmd collection remove {name}-extraction
145
+ qmd collection add {project-root}/skills/{name} --name {name}-extraction --mask "**/*"
146
+ qmd embed
147
+ ```
148
+
149
+ **Note:** `qmd embed` generates vector embeddings required for `vector_search` and `deep_search`. Without it, only BM25 keyword `search` works.
150
+
151
+ **Registry update:**
152
+
153
+ Read `{forgeTierConfig}` and update the `qmd_collections` array.
154
+
155
+ If an entry with `name: "{name}-extraction"` already exists, replace it. Otherwise, append:
156
+
157
+ ```yaml
158
+ - name: "{name}-extraction"
159
+ type: "extraction"
160
+ source_workflow: "create-skill"
161
+ skill_name: "{name}"
162
+ created_at: "{current ISO date}"
163
+ ```
164
+
165
+ Write the updated forge-tier.yaml.
166
+
167
+ **Error handling:**
168
+ - If QMD collection creation fails: log the error, note that indexing can be retried via [SF] setup-forge. Do NOT fail the workflow.
169
+ - If forge-tier.yaml update fails: log the error, continue. The collection exists in QMD even if the registry entry failed.
170
+
171
+ **IF forge tier is NOT Deep:** Skip this section silently. No messaging.
172
+
173
+ ### 6. Menu Handling Logic
128
174
 
129
175
  **Auto-proceed step — no user interaction.**
130
176
 
131
- After all artifacts are written and verified, immediately load, read entire file, then execute `{nextStepFile}`.
177
+ After all artifacts are written, verified, and optionally indexed into QMD, immediately load, read entire file, then execute `{nextStepFile}`.
132
178
 
133
179
  #### EXECUTION RULES:
134
180
 
135
181
  - This is an auto-proceed file writing step with no user choices
136
182
  - All 7 files must be written before proceeding
183
+ - QMD indexing failure does NOT block proceeding
137
184
  - File write failures are real errors — halt, do not proceed with partial output
138
185
  - Proceed directly to next step after successful generation
139
186
 
@@ -151,6 +198,8 @@ ONLY WHEN all 7 artifact files are written and verified will you proceed to load
151
198
  - All 4 deliverable files written to skills/{name}/
152
199
  - All 3 workspace artifact files written to forge-data/{name}/
153
200
  - Write completion verified — all 7 files exist
201
+ - Deep tier: QMD collection `{name}-extraction` created/updated and registered in forge-tier.yaml
202
+ - Non-Deep tier: QMD indexing skipped silently
154
203
  - Brief confirmation displayed with file list
155
204
  - Auto-proceeded to step-08
156
205
 
@@ -161,5 +210,6 @@ ONLY WHEN all 7 artifact files are written and verified will you proceed to load
161
210
  - Proceeding with partial output if a write fails
162
211
  - Not creating directories before writing
163
212
  - Not verifying all files were written
213
+ - Failing the workflow due to QMD indexing errors (should degrade gracefully)
164
214
 
165
- **Master Rule:** This step ONLY writes. All content was compiled and validated in previous steps. Write faithfully, verify completely.
215
+ **Master Rule:** This step writes artifacts and registers QMD collections. All content was compiled and validated in previous steps. Write faithfully, verify completely. QMD indexing failures never block the workflow.
@@ -66,7 +66,7 @@ Where `{primary_confidence}` is the predominant confidence tier (T1 if Forge/Dee
66
66
  | **Language** | {language} |
67
67
  | **Forge Tier** | {tier} — {tier_description} |
68
68
  | **Files Scanned** | {file_count} |
69
- | **Exports Documented** | {documented_count} of {total_count} ({coverage}%) |
69
+ | **Exports Documented** | {documented_count} public API ({public_api_coverage}%) / {total_count} total ({total_coverage}%) |
70
70
 
71
71
  **Confidence Distribution:**
72
72
  | Tier | Count | Description |
@@ -34,7 +34,7 @@ Compile a skill from a brief — the core compilation engine. Takes a skill-brie
34
34
  **Step 3:** extract — AST extraction of exports, signatures, types (tier-dependent: Quick=source reading, Forge=AST, Deep=AST)
35
35
  **Step 4:** enrich — QMD knowledge search for temporal context (Deep tier only, skip for Quick/Forge)
36
36
  **Step 5:** compile — Assemble SKILL.md sections from extracted data with confidence tiers
37
- **Step 6:** validate — Validate against agentskills.io spec via skills_ref tool
37
+ **Step 6:** validate — Validate against agentskills.io spec via skill-check tool
38
38
  **Step 7:** generate-artifacts — Write SKILL.md, provenance-map.json, evidence-report.md, metadata.json, context-snippet.md, extraction-rules.yaml
39
39
  **Step 8:** report — Display compilation summary with confidence tiers, suggest next steps
40
40
 
@@ -164,7 +164,7 @@ Compile a skill from a brief — the core compilation engine. Takes a skill-brie
164
164
 
165
165
  **Success Criteria:**
166
166
  - All 7 output files generated without errors
167
- - SKILL.md validates against agentskills.io spec (via skills_ref)
167
+ - SKILL.md validates against agentskills.io spec (via skill-check)
168
168
  - Every instruction has provenance citation with confidence tier (T1/T2/T3)
169
169
  - Zero hallucinated content — uncitable claims excluded, not guessed
170
170
  - Confidence tier distribution reported (e.g., "20 T1, 3 T2, 0 T3")
@@ -187,7 +187,7 @@ Compile a skill from a brief — the core compilation engine. Takes a skill-brie
187
187
  - **Brainstorming:** Excluded — no ideation phases, all steps are deterministic operations
188
188
 
189
189
  **LLM Features:**
190
- - **Web-Browsing:** Excluded — source access via gh_bridge, ecosystem check via skills_ref. No raw web needed.
190
+ - **Web-Browsing:** Excluded — source access via gh_bridge, ecosystem check via skill-check. No raw web needed.
191
191
  - **File I/O:** Included — essential. Reads skill-brief.yaml, forge-tier.yaml, source files. Writes 7 output files across 2 directory trees (skills/{name}/, forge-data/{name}/).
192
192
  - **Sub-Agents:** Excluded — linear pipeline with step dependencies, no parallelizable specialized tasks for single skill compilation
193
193
  - **Sub-Processes:** Excluded — sequential dependency chain. Batch mode is a loop wrapper, not parallel processes.
@@ -200,7 +200,7 @@ Compile a skill from a brief — the core compilation engine. Takes a skill-brie
200
200
 
201
201
  **External Integrations (SKF MCP Tools — all pre-detected by setup-forge):**
202
202
  - **gh_bridge:** Required all tiers — source reading, file trees, issues, releases, changelog
203
- - **skills_ref:** Required all tiers — agentskills.io spec validation, ecosystem check (5s timeout, 24h cache)
203
+ - **skill-check:** Required all tiers — `npx skill-check check --fix --format json` for validation + auto-fix + quality scoring (0-100), `--no-security-scan` for fast validation, security scan for prompt injection detection, `split-body` for oversized body remediation
204
204
  - **ast_bridge:** Required Forge/Deep tiers — AST scan_definitions, run_rule, detect_co_imports
205
205
  - **qmd_bridge:** Required Deep tier only — search, vector_search, deep_search for temporal context
206
206
 
@@ -226,6 +226,8 @@ create-skill/
226
226
  ├── step-01-load-brief.md (~150 lines, Init with Input Discovery)
227
227
  ├── step-02-ecosystem-check.md (~120 lines, conditional gate)
228
228
  ├── step-03-extract.md (~200 lines, complex middle)
229
+ ├── step-03b-fetch-temporal.md (~240 lines, conditional auto-proceed)
230
+ ├── step-03c-fetch-docs.md (~215 lines, conditional auto-proceed)
229
231
  ├── step-04-enrich.md (~130 lines, conditional middle)
230
232
  ├── step-05-compile.md (~200 lines, complex middle)
231
233
  ├── step-06-validate.md (~120 lines, simple middle)
@@ -240,6 +242,8 @@ create-skill/
240
242
  | 01 | load-brief | Init (Input Discovery) | Auto-proceed (P3) | Load brief, resolve source, load forge tier |
241
243
  | 02 | ecosystem-check | Middle (Simple) | Conditional: auto if no match, user choice if match | Check ecosystem |
242
244
  | 03 | extract | Middle (Standard) | C only (P2) — Gate 2 | Tier-dependent extraction |
245
+ | 03b | fetch-temporal | Middle (Simple) | Auto-proceed (P3) — Deep only | Fetch temporal context (issues, PRs, changelogs) and index into QMD |
246
+ | 03c | fetch-docs | Middle (Simple) | Auto-proceed (P3) — when doc_urls present | Fetch remote documentation from brief-specified URLs for T3-confidence content |
243
247
  | 04 | enrich | Middle (Simple) | Auto-proceed (P3) — Deep only | QMD enrichment |
244
248
  | 05 | compile | Middle (Simple) | Auto-proceed (P3) | Assemble SKILL.md |
245
249
  | 06 | validate | Middle (Simple) | Auto-proceed (P3) | Validate spec |
@@ -258,10 +262,11 @@ create-skill/
258
262
  - Auto-proceed to step-02
259
263
 
260
264
  **step-02-ecosystem-check** (Conditional Gate)
261
- - Call skills_ref.check_ecosystem(brief.name) — 5-second timeout, 24-hour cache
265
+ - Query agentskills.io registry API for brief.name — 5-second timeout, 24-hour cache
262
266
  - If match found: present to user with [P] Proceed / [I] Install existing / [A] Abort
263
267
  - If no match OR timeout: auto-proceed silently
264
- - If skills_ref unavailable: skip silently (tool unavailability is not an error)
268
+ - If registry API unavailable: skip silently (API unavailability is not an error)
269
+ - Note: ecosystem lookup requires registry API, not `skill-check` CLI (which validates local skills only)
265
270
 
266
271
  **step-03-extract** (Standard Middle — Gate 2)
267
272
  - Load extraction-patterns.md data file
@@ -270,6 +275,27 @@ create-skill/
270
275
  - Build extraction inventory: export count, signatures, types, confidence breakdown
271
276
  - Present summary, user confirms [C] Continue
272
277
 
278
+ **step-03b-fetch-temporal** (Simple Middle — Conditional Auto-proceed)
279
+ - Deep tier only — Quick/Forge skip silently
280
+ - GitHub repos only — non-GitHub sources skip silently
281
+ - Fetch temporal context (issues, PRs, releases, changelog) via `gh` CLI
282
+ - Targeted function searches using top_exports from extraction inventory
283
+ - Index fetched content into QMD collection (`{skill-name}-temporal`)
284
+ - Register collection in forge-tier.yaml; clean up staging directory
285
+ - Cache-aware: skip re-fetch if collection < 7 days old
286
+ - All failures degrade gracefully — never blocks the workflow
287
+
288
+ **step-03c-fetch-docs** (Simple Middle — Conditional Auto-proceed)
289
+ - Runs at any tier when `doc_urls` are present in the brief
290
+ - Tool-agnostic: uses whatever web fetching capability is available (Firecrawl, WebFetch, web-reader, curl, etc.)
291
+ - Fetches remote documentation from brief-specified URLs for T3-confidence content
292
+ - Root URL detection: discovers and fetches relevant subpages for documentation sites
293
+ - All extracted items cited as T3 with `[EXT:{url}]` provenance
294
+ - T3 items never override existing T1/T1-low/T2 extractions
295
+ - Supports docs-only briefs (T3 inventory replaces empty extraction inventory)
296
+ - Deep tier: indexes fetched docs into QMD collection (`{skill-name}-docs`)
297
+ - All failures degrade gracefully — never blocks the workflow
298
+
273
299
  **step-04-enrich** (Simple Middle — Conditional)
274
300
  - Deep tier: QMD searches per extracted function — issues, PRs, changelogs. T2 annotations.
275
301
  - Not Deep: skip silently, auto-proceed
@@ -283,9 +309,9 @@ create-skill/
283
309
  - Auto-proceed
284
310
 
285
311
  **step-06-validate** (Simple Middle)
286
- - skills_ref.validate_schema() + validate_frontmatter()
312
+ - `npx skill-check check --fix --format json` (schema + frontmatter + auto-fix + quality score)
287
313
  - Pass: auto-proceed. Fail: attempt auto-fix, re-validate, halt if still failing.
288
- - skills_ref unavailable: skip, add warning to evidence report
314
+ - skill-check unavailable: skip automated validation, add warning to evidence report
289
315
 
290
316
  **step-07-generate-artifacts** (Simple Middle)
291
317
  - Create directories: skills/{name}/, skills/{name}/references/, forge-data/{name}/
@@ -305,12 +331,18 @@ create-skill/
305
331
  step-01 READS: forge-tier.yaml, skill-brief.yaml
306
332
  SETS: tier, brief_data, source_location
307
333
 
308
- step-02 READS: skills_ref ecosystem
334
+ step-02 READS: agentskills.io registry API (ecosystem check — not skill-check CLI)
309
335
  SETS: ecosystem_status
310
336
 
311
337
  step-03 READS: source code via gh_bridge/ast_bridge
312
338
  SETS: extraction_inventory
313
339
 
340
+ step-03b READS: source_repo via gh CLI, top_exports from extraction_inventory (Deep only)
341
+ CREATES: QMD temporal collection ({skill-name}-temporal)
342
+
343
+ step-03c READS: doc_urls from brief_data (when present, any tier)
344
+ SETS: T3 items merged into extraction_inventory
345
+
314
346
  step-04 READS: QMD collections (Deep only)
315
347
  SETS: enrichment_annotations
316
348
 
@@ -449,7 +481,7 @@ Low-priority: Pattern 4 could parallelize batch --batch per-brief, not primary u
449
481
  - Next Step: step-07-generate-artifacts.md
450
482
 
451
483
  **Key Design Decisions:**
452
- - skills_ref validation: schema + frontmatter + metadata cross-check
484
+ - skill-check validation: `check --fix --format json` (schema + frontmatter + quality score + auto-fix + security scan)
453
485
  - Auto-fix pattern: validate → fix → re-validate (once per failure)
454
486
  - Tool unavailability: skip with warning, not halt
455
487
  - Validation failures are warnings — proceed to generation
@@ -2,13 +2,14 @@
2
2
  name: create-skill
3
3
  description: Compile a skill from a brief. Supports --batch for multiple briefs.
4
4
  web_bundle: true
5
+ installed_path: '{project-root}/_bmad/skf/workflows/skillforge/create-skill'
5
6
  ---
6
7
 
7
8
  # Create Skill
8
9
 
9
10
  **Goal:** Compile a verified agent skill from a skill-brief.yaml and source code, producing an agentskills.io-compliant SKILL.md with provenance map, evidence report, and progressive disclosure references.
10
11
 
11
- **Your Role:** You are a skill compilation engine performing structural extraction and assembly. This workflow is mostly autonomous with two strategic confirmation gates — one after ecosystem check (if a match is found) and one after source extraction (to confirm findings before compilation). All other steps auto-proceed. Apply zero hallucination tolerance: every instruction in the output must trace to source code with a confidence tier citation.
12
+ **Your Role:** You are a skill compilation engine performing structural extraction and assembly. This workflow is mostly autonomous with three interaction points — one after ecosystem check (if a match is found), one after source extraction (to confirm findings before compilation), and one after content quality review (when tessl produces suggestions). All other steps auto-proceed. Apply zero hallucination tolerance: every instruction in the output must trace to source code with a confidence tier citation.
12
13
 
13
14
  ## WORKFLOW ARCHITECTURE
14
15
 
@@ -45,7 +46,7 @@ web_bundle: true
45
46
 
46
47
  Load and read full config from {project-root}/_bmad/skf/config.yaml and resolve:
47
48
 
48
- - `project_name`, `output_folder`, `user_name`, `communication_language`, `document_output_language`
49
+ - `project_name`, `output_folder`, `user_name`, `communication_language`, `document_output_language`, `sidecar_path`, `skills_output_folder`, `forge_data_folder`
49
50
 
50
51
  ### 2. First Step Execution
51
52
 
@@ -3,6 +3,14 @@
3
3
  ## SKILL.md Section Structure
4
4
 
5
5
  ```markdown
6
+ ---
7
+ name: {project_name}-stack
8
+ description: >
9
+ Stack skill for {project_name} — {lib_count} libraries with
10
+ {integration_count} integration patterns. Use when working with
11
+ this project's technology stack.
12
+ ---
13
+
6
14
  # {project_name} Stack Skill
7
15
 
8
16
  > {lib_count} libraries | {integration_count} integration patterns | Forge tier: {tier}
@@ -41,13 +49,16 @@
41
49
  - {convention_2}
42
50
  ```
43
51
 
44
- ## context-snippet.md Format (ADR-L)
52
+ ## context-snippet.md Format (Vercel-Aligned)
45
53
 
46
- Two-line format per library, targeting ~30 tokens per entry:
54
+ Indexed format targeting ~80-120 tokens per stack:
47
55
 
48
56
  ```markdown
49
- **{library}** ({import_count} imports): {top_3_exports}
50
- → integrates with: {comma-separated integration partners}
57
+ [{project}-stack v{version}]|root: skills/{project}-stack/
58
+ |IMPORTANT: {project}-stack — read SKILL.md before writing integration code. Do NOT rely on training data.
59
+ |stack: {dep-1}@{v1}, {dep-2}@{v2}, {dep-3}@{v3}
60
+ |integrations: {pattern-1}, {pattern-2}
61
+ |gotchas: {1-2 most critical integration pitfalls}
51
62
  ```
52
63
 
53
64
  ## metadata.json Structure
@@ -55,10 +66,12 @@ Two-line format per library, targeting ~30 tokens per entry:
55
66
  ```json
56
67
  {
57
68
  "skill_type": "stack",
58
- "skill_name": "{project}-stack",
69
+ "name": "{project}-stack",
59
70
  "version": "1.0.0",
60
- "created": "{date}",
61
- "forge_tier": "{Quick|Forge|Deep}",
71
+ "generation_date": "{ISO-8601}",
72
+ "confidence_tier": "{Quick|Forge|Deep}",
73
+ "source_authority": "{official|community|internal}",
74
+ "exports": [],
62
75
  "library_count": 0,
63
76
  "integration_count": 0,
64
77
  "libraries": ["lib1", "lib2"],
@@ -68,10 +68,10 @@ STOP — do not proceed.
68
68
 
69
69
  Extract:
70
70
  - `forge_tier` — Quick, Forge, or Deep
71
- - `available_tools` — list of detected tools (gh_bridge, ast_bridge, qmd_bridge, skills_ref)
71
+ - `available_tools` — list of detected tools (gh_bridge, ast_bridge, qmd_bridge, skill-check)
72
72
  - `project_root` — project root path
73
73
 
74
- Check for `tier_override` in preferences.yaml if it exists.
74
+ **Apply tier override:** Read `{sidecar_path}/preferences.yaml`. If `tier_override` is set and is a valid tier value (Quick, Forge, or Deep), use it instead of the detected tier.
75
75
 
76
76
  ### 2. Validate Available Tools
77
77
 
@@ -52,6 +52,20 @@ For each confirmed dependency, extract key exports, usage patterns, and API surf
52
52
 
53
53
  ### 1. Prepare Extraction Plan
54
54
 
55
+ **AST Tool Availability Check (Forge/Deep only):**
56
+
57
+ This workflow operates on local project files and installed library packages. Remote source resolution does not apply — libraries are analyzed as they exist within the project's dependency tree.
58
+
59
+ **If AST tool is unavailable at Forge/Deep tier:**
60
+
61
+ ⚠️ **Warn the user explicitly:** "AST tools are unavailable — extraction will use source reading (T1-low). Run [SF] Setup Forge to detect and configure AST tools for T1 confidence."
62
+
63
+ Degrade to Quick tier extraction. Note the degradation reason in context for the evidence report.
64
+
65
+ **Per-file AST failure handling:**
66
+
67
+ If ast-grep fails on an individual file (parse error, unsupported syntax), fall back to source reading for that file only. Label the affected file's results T1-low; unaffected files retain T1. Log a warning noting which file degraded and why.
68
+
55
69
  For each library in `confirmed_dependencies`, determine extraction strategy based on forge tier:
56
70
 
57
71
  **Quick Tier:**
@@ -55,7 +55,28 @@ Assemble the main SKILL.md by combining per-library extractions with the integra
55
55
 
56
56
  Load `{stackSkillTemplate}` and prepare SKILL.md section structure.
57
57
 
58
- ### 2. Compile Integration Layer
58
+ ### 2. Generate Frontmatter
59
+
60
+ The SKILL.md MUST begin with YAML frontmatter (agentskills.io compliance):
61
+
62
+ ```yaml
63
+ ---
64
+ name: {project_name}-stack
65
+ description: >
66
+ Stack skill for {project_name} — {lib_count} libraries with
67
+ {integration_count} integration patterns. Use when working with
68
+ this project's technology stack. NOT for: individual library usage
69
+ outside this project's conventions.
70
+ ---
71
+ ```
72
+
73
+ **Frontmatter rules:**
74
+
75
+ - `name`: lowercase alphanumeric + hyphens only, must match skill output directory name
76
+ - `description`: non-empty, max 1024 chars, trigger-optimized for agent discovery
77
+ - No other frontmatter fields — only `name`, `description`, `license`, `compatibility`, `metadata`, `allowed-tools` are permitted by spec
78
+
79
+ ### 3. Compile Integration Layer
59
80
 
60
81
  **This is the core value of the stack skill.** Compile in order:
61
82
 
@@ -75,7 +96,7 @@ Load `{stackSkillTemplate}` and prepare SKILL.md section structure.
75
96
  - Role in the stack architecture
76
97
  - How it connects to partner libraries
77
98
 
78
- ### 3. Compile Per-Library Sections
99
+ ### 4. Compile Per-Library Sections
79
100
 
80
101
  For each confirmed library (ordered by integration connectivity, then import count):
81
102
 
@@ -85,7 +106,7 @@ For each confirmed library (ordered by integration connectivity, then import cou
85
106
  - Confidence tier label
86
107
  - Link to reference file: `./references/{library}.md`
87
108
 
88
- ### 4. Compile Project Conventions
109
+ ### 5. Compile Project Conventions
89
110
 
90
111
  Extract project-specific conventions from the extractions:
91
112
  - Common initialization patterns
@@ -93,7 +114,7 @@ Extract project-specific conventions from the extractions:
93
114
  - Configuration conventions
94
115
  - Import organization patterns
95
116
 
96
- ### 5. Compile Library Reference Index
117
+ ### 6. Compile Library Reference Index
97
118
 
98
119
  Create the reference index table:
99
120
 
@@ -101,7 +122,7 @@ Create the reference index table:
101
122
  |---------|---------|-------------|------------|-----------|
102
123
  | ... | ... | ... | ... | ... |
103
124
 
104
- ### 6. Present Compiled SKILL.md Preview
125
+ ### 7. Present Compiled SKILL.md Preview
105
126
 
106
127
  "**Stack skill compilation complete. Please review:**
107
128
 
@@ -122,7 +143,7 @@ Create the reference index table:
122
143
  - Are the per-library summaries accurate?
123
144
  - Any sections to adjust before writing output?"
124
145
 
125
- ### 7. Present MENU OPTIONS
146
+ ### 8. Present MENU OPTIONS
126
147
 
127
148
  Display: **Select:** [C] Continue to Output Generation
128
149
 
@@ -134,7 +155,7 @@ Display: **Select:** [C] Continue to Output Generation
134
155
  #### Menu Handling Logic:
135
156
 
136
157
  - IF C: Store skill_content, then load, read entire file, then execute {nextStepFile}
137
- - IF Any other: Process as feedback, adjust compilation, redisplay preview, then [Redisplay Menu Options](#7-present-menu-options)
158
+ - IF Any other: Process as feedback, adjust compilation, redisplay preview, then [Redisplay Menu Options](#8-present-menu-options)
138
159
 
139
160
  ---
140
161
 
@@ -100,10 +100,13 @@ Load structure from `{stackSkillTemplate}` integrations section:
100
100
 
101
101
  Write `{skills_output_folder}/{project_name}-stack/context-snippet.md`:
102
102
 
103
- Use ADR-L two-line format targeting ~30 tokens per library entry:
103
+ Use the Vercel-aligned indexed format targeting ~80-120 tokens:
104
104
  ```
105
- **{library}** ({import_count} imports): {top_3_exports}
106
- → integrates with: {comma-separated integration partners}
105
+ [{project_name}-stack v{version}]|root: skills/{project_name}-stack/
106
+ |IMPORTANT: {project_name}-stack — read SKILL.md before writing integration code. Do NOT rely on training data.
107
+ |stack: {dep-1}@{v1}, {dep-2}@{v2}, {dep-3}@{v3}
108
+ |integrations: {pattern-1}, {pattern-2}
109
+ |gotchas: {1-2 most critical integration pitfalls}
107
110
  ```
108
111
 
109
112
  ### 6. Write metadata.json
@@ -113,10 +116,10 @@ Write `{skills_output_folder}/{project_name}-stack/metadata.json`:
113
116
  ```json
114
117
  {
115
118
  "skill_type": "stack",
116
- "skill_name": "{project_name}-stack",
117
- "version": "1.0.0",
118
- "created": "{current_date}",
119
- "forge_tier": "{tier}",
119
+ "name": "{project_name}-stack",
120
+ "version": "{primary_library_version or 1.0.0}",
121
+ "generation_date": "{current_date}",
122
+ "confidence_tier": "{tier}",
120
123
  "library_count": N,
121
124
  "integration_count": N,
122
125
  "libraries": ["lib1", "lib2"],
@@ -68,103 +68,104 @@ Check that all expected files exist from written_files[]:
68
68
 
69
69
  Record any missing files as **ERROR** findings.
70
70
 
71
- ### 2. Validate SKILL.md Structure
71
+ ### 2. Check Tool Availability
72
+
73
+ Run: `npx skill-check -h`
74
+
75
+ - If succeeds: Use skill-check for automated validation in sections 3, 9
76
+ - If fails: Use manual fallback paths in those sections
77
+
78
+ **Important:** Do not assume availability — empirical check required.
79
+
80
+ ### 3. Validate SKILL.md via skill-check (if available)
81
+
82
+ **If available**, run: `npx skill-check check <skill-dir> --fix --format json --no-security-scan`
83
+
84
+ This validates frontmatter, description, body limits, links, formatting — and auto-fixes deterministic issues. Parse JSON for `qualityScore`, `diagnostics[]`, `fixed[]`.
85
+
86
+ **If `body.max_lines` reported**, run: `npx skill-check split-body <skill-dir> --write`, then re-validate.
87
+
88
+ **If unavailable**, perform manual frontmatter check:
89
+ - [ ] Frontmatter present with `---` delimiters
90
+ - [ ] `name` — present, non-empty, lowercase alphanumeric + hyphens, 1-64 chars, matches `{project_name}-stack`
91
+ - [ ] `description` — present, non-empty, 1-1024 characters
92
+ - [ ] No unknown fields — only `name`, `description`, `license`, `compatibility`, `metadata`, `allowed-tools` permitted
93
+
94
+ Record frontmatter violations as **WARNING** findings. Invalid frontmatter will fail `npx skills add` and `npx skill-check check`.
95
+
96
+ ### 4. Validate SKILL.md Body Structure
72
97
 
73
98
  Load `{stackSkillTemplate}` and verify SKILL.md contains expected sections:
74
99
 
75
100
  - [ ] Header with project name, library count, integration count, forge tier
76
- - [ ] Integration Patterns section (should appear BEFORE per-library summaries)
101
+ - [ ] Integration Patterns section (before per-library summaries)
77
102
  - [ ] Library Reference Index table
78
103
  - [ ] Per-Library Summaries section
79
104
  - [ ] Conventions section
80
105
 
81
106
  Record missing sections as **WARNING** findings.
82
107
 
83
- ### 3. Validate metadata.json Fields
108
+ ### 5. Validate metadata.json Fields
84
109
 
85
110
  Parse metadata.json and verify required fields:
86
111
 
87
112
  - [ ] `skill_type` equals "stack"
88
- - [ ] `skill_name` matches `{project_name}-stack`
89
- - [ ] `version` is present
90
- - [ ] `created` is present
91
- - [ ] `forge_tier` matches the tier from step 01
92
- - [ ] `library_count` matches actual number of reference files
93
- - [ ] `integration_count` matches actual integration pair files
94
- - [ ] `libraries` array is present and non-empty
95
- - [ ] `confidence_distribution` object is present with T1/T1-low/T2 keys
113
+ - [ ] `name` matches `{project_name}-stack`
114
+ - [ ] `version` and `generation_date` present
115
+ - [ ] `confidence_tier` matches tier from step 01
116
+ - [ ] `library_count` matches actual reference files; `integration_count` matches pair files
117
+ - [ ] `libraries` array present and non-empty
118
+ - [ ] `confidence_distribution` object present with T1/T1-low/T2 keys
96
119
 
97
120
  Record mismatches as **WARNING** findings.
98
121
 
99
- ### 4. Validate Reference File Completeness
122
+ ### 6. Validate Reference File Completeness
100
123
 
101
- For each confirmed library, verify `references/{library}.md` exists and contains:
102
- - [ ] Library name header
103
- - [ ] Version from manifest
104
- - [ ] Key Exports section
105
- - [ ] Usage Patterns section
124
+ For each confirmed library, verify `references/{library}.md` contains: library name header, version from manifest, Key Exports section, Usage Patterns section.
106
125
 
107
- For each integration pair (if any), verify `references/integrations/{libraryA}-{libraryB}.md` exists and contains:
108
- - [ ] Integration pair header
109
- - [ ] Type classification
110
- - [ ] Integration Pattern section
111
- - [ ] Key Files section
126
+ For each integration pair, verify `references/integrations/{libraryA}-{libraryB}.md` contains: integration pair header, type classification, Integration Pattern section, Key Files section.
112
127
 
113
128
  Record missing or incomplete files as **WARNING** findings.
114
129
 
115
- ### 5. Validate Confidence Tier Labels
130
+ ### 7. Validate Confidence Tier Labels
116
131
 
117
- Scan across all output files for confidence tier coverage:
132
+ Scan all output files for confidence tier coverage:
118
133
 
119
- - [ ] SKILL.md: Each per-library summary has a confidence label
120
- - [ ] SKILL.md: Each integration pair entry has a confidence label
121
- - [ ] Reference files: Each has a confidence label in its header
134
+ - [ ] SKILL.md: each per-library summary and integration pair entry has a confidence label
135
+ - [ ] Reference files: each has a confidence label in its header
122
136
  - [ ] metadata.json: confidence_distribution sums match library_count
123
137
 
124
138
  Record missing tier labels as **WARNING** findings.
125
139
 
126
- ### 6. Validate context-snippet.md
140
+ ### 8. Validate context-snippet.md
127
141
 
128
- Verify context-snippet.md follows ADR-L two-line format:
129
- - [ ] Each library has an entry with import count and top exports
130
- - [ ] Integration partners listed on second line
131
- - [ ] No library from confirmed list is missing
142
+ Verify context-snippet.md follows Vercel-aligned indexed format:
143
+ - [ ] First line matches: `[{project}-stack v{version}]|root: skills/{project}-stack/`
144
+ - [ ] Second line starts with `|IMPORTANT:`
145
+ - [ ] Stack and integrations lines present
146
+ - [ ] Approximate token count is ~80-120 tokens
132
147
 
133
148
  Record format violations as **WARNING** findings.
134
149
 
135
- ### 7. Display Validation Results
136
-
137
- **If all checks pass:**
138
-
139
- "**Validation complete — all checks passed.**
150
+ ### 9. Security Scan (if skill-check available)
140
151
 
141
- - **Files:** {file_count}/{file_count} present
142
- - **SKILL.md:** Structure valid
143
- - **metadata.json:** All required fields present
144
- - **References:** {lib_count} library + {pair_count} integration files verified
145
- - **Confidence tiers:** Complete coverage
152
+ Run: `npx skill-check check <skill-dir> --format json` (security scan enabled by default).
146
153
 
147
- **Proceeding to summary report...**"
154
+ Record security findings as advisory **WARNING** findings they do not block the report.
148
155
 
149
- **If warnings found:**
156
+ **If unavailable:** Skip with note in validation results.
150
157
 
151
- "**Validation complete with {warning_count} finding(s).**
158
+ ### 10. Display Validation Results
152
159
 
153
- **Findings:**
154
- {For each finding:}
155
- - ⚠ {severity}: {description} — {file_path}
160
+ **If all checks pass:**
156
161
 
157
- **Summary:**
158
- - **Files:** {present_count}/{expected_count} present
159
- - **Warnings:** {warning_count}
160
- - **Errors:** {error_count}
162
+ "**Validation complete — all checks passed.** Files: {count}/{count} present. SKILL.md structure valid. metadata.json fields verified. {lib_count} library + {pair_count} integration files verified. Confidence tiers: complete coverage. **Proceeding to summary report...**"
161
163
 
162
- {If errors (missing files):}
163
- **Note:** Missing files may indicate a write failure in step 07. Review evidence-report.md for details.
164
+ **If warnings found:**
164
165
 
165
- **Proceeding to summary report...**"
166
+ "**Validation complete with {warning_count} finding(s).** Findings: {list each: severity, description, file_path}. Files: {present}/{expected} present. Warnings: {count}. Errors: {count}. {If errors: Note missing files may indicate a write failure in step 07.} **Proceeding to summary report...**"
166
167
 
167
- ### 8. Auto-Proceed to Next Step
168
+ ### 11. Auto-Proceed to Next Step
168
169
 
169
170
  Load, read the full file and then execute `{nextStepFile}`.
170
171
 
@@ -174,20 +175,17 @@ Load, read the full file and then execute `{nextStepFile}`.
174
175
 
175
176
  ### ✅ SUCCESS:
176
177
 
177
- - All expected files checked for existence
178
- - SKILL.md validated against template structure
179
- - metadata.json fields verified
180
- - Reference files checked for completeness
181
- - Confidence tier coverage verified
182
- - Validation results displayed with specific findings
178
+ - All expected files checked; `npx skill-check check --fix` executed if available (or manual fallback)
179
+ - Quality score captured; auto-fix and split-body applied as needed; security scan executed (or skipped with note)
180
+ - SKILL.md validated against template; metadata.json fields verified; reference files checked
181
+ - Confidence tier coverage verified; validation results displayed with specific findings
183
182
  - Advisory mode: always proceeded to report
184
183
 
185
184
  ### ❌ SYSTEM FAILURE:
186
185
 
187
- - Modifying any output files during validation
188
- - Halting the workflow on validation warnings
189
- - Not checking all expected files
190
- - Reporting vague findings without file paths
191
- - Skipping the confidence tier check
186
+ - Modifying output files during validation (except via skill-check --fix)
187
+ - Halting on validation warnings; not checking all expected files
188
+ - Reporting vague findings without file paths; skipping confidence tier check
189
+ - Not recording quality score when skill-check is available
192
190
 
193
- **Master Rule:** Validate everything, modify nothing. Advisory findings — always proceed to report.
191
+ **Master Rule:** Validate everything, fix what's deterministic via skill-check, scan for security issues. Advisory findings — always proceed to report.