bmad-module-skill-forge 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (115) hide show
  1. package/README.md +73 -159
  2. package/docs/agents.md +2 -2
  3. package/docs/architecture.md +155 -25
  4. package/docs/concepts.md +96 -0
  5. package/docs/examples.md +52 -2
  6. package/docs/getting-started.md +30 -14
  7. package/docs/index.md +16 -41
  8. package/docs/workflows.md +3 -3
  9. package/package.json +6 -4
  10. package/src/forger/forge-tier.yaml +1 -1
  11. package/src/forger/preferences.yaml +8 -1
  12. package/src/knowledge/doc-fetcher.md +55 -0
  13. package/src/knowledge/overview.md +17 -16
  14. package/src/knowledge/progressive-capability.md +9 -1
  15. package/src/knowledge/provenance-tracking.md +31 -23
  16. package/src/knowledge/qmd-registry.md +132 -0
  17. package/src/knowledge/skf-knowledge-index.csv +2 -0
  18. package/src/module.yaml +2 -2
  19. package/src/workflows/analyze-source/data/skill-brief-schema.md +24 -4
  20. package/src/workflows/analyze-source/steps-c/step-01-init.md +19 -9
  21. package/src/workflows/analyze-source/steps-c/step-01b-continue.md +2 -2
  22. package/src/workflows/analyze-source/steps-c/step-02-scan-project.md +10 -2
  23. package/src/workflows/analyze-source/steps-c/step-04-map-and-detect.md +17 -2
  24. package/src/workflows/analyze-source/steps-c/step-05-recommend.md +2 -1
  25. package/src/workflows/analyze-source/steps-c/step-06-generate-briefs.md +3 -3
  26. package/src/workflows/analyze-source/templates/analysis-report-template.md +1 -1
  27. package/src/workflows/analyze-source/validation-report.md +1 -1
  28. package/src/workflows/analyze-source/workflow-plan-analyze-source.md +1 -1
  29. package/src/workflows/analyze-source/workflow.md +1 -1
  30. package/src/workflows/audit-skill/steps-c/step-01-init.md +8 -5
  31. package/src/workflows/audit-skill/steps-c/step-02-re-index.md +12 -2
  32. package/src/workflows/audit-skill/validation-report.md +2 -2
  33. package/src/workflows/audit-skill/workflow-plan-audit-skill.md +1 -1
  34. package/src/workflows/brief-skill/data/scope-templates.md +60 -0
  35. package/src/workflows/brief-skill/data/skill-brief-schema.md +38 -3
  36. package/src/workflows/brief-skill/steps-c/step-01-gather-intent.md +20 -4
  37. package/src/workflows/brief-skill/steps-c/step-03-scope-definition.md +20 -64
  38. package/src/workflows/brief-skill/steps-c/step-04-confirm-brief.md +1 -1
  39. package/src/workflows/brief-skill/steps-c/step-05-write-brief.md +60 -5
  40. package/src/workflows/brief-skill/workflow.md +2 -1
  41. package/src/workflows/create-skill/data/compile-assembly-rules.md +110 -0
  42. package/src/workflows/create-skill/data/extraction-patterns.md +216 -3
  43. package/src/workflows/create-skill/data/skill-sections.md +81 -27
  44. package/src/workflows/create-skill/data/source-resolution-protocols.md +138 -0
  45. package/src/workflows/create-skill/data/tier-degradation-rules.md +46 -0
  46. package/src/workflows/create-skill/steps-c/step-01-load-brief.md +7 -4
  47. package/src/workflows/create-skill/steps-c/step-02-ecosystem-check.md +10 -7
  48. package/src/workflows/create-skill/steps-c/step-03-extract.md +51 -10
  49. package/src/workflows/create-skill/steps-c/step-03b-fetch-temporal.md +238 -0
  50. package/src/workflows/create-skill/steps-c/step-03c-fetch-docs.md +220 -0
  51. package/src/workflows/create-skill/steps-c/step-04-enrich.md +40 -10
  52. package/src/workflows/create-skill/steps-c/step-05-compile.md +49 -82
  53. package/src/workflows/create-skill/steps-c/step-06-validate.md +152 -63
  54. package/src/workflows/create-skill/steps-c/step-07-generate-artifacts.md +53 -3
  55. package/src/workflows/create-skill/steps-c/step-08-report.md +1 -1
  56. package/src/workflows/create-skill/workflow-plan-create-skill.md +42 -10
  57. package/src/workflows/create-skill/workflow.md +3 -2
  58. package/src/workflows/create-stack-skill/data/stack-skill-template.md +20 -7
  59. package/src/workflows/create-stack-skill/steps-c/step-01-init.md +2 -2
  60. package/src/workflows/create-stack-skill/steps-c/step-04-parallel-extract.md +14 -0
  61. package/src/workflows/create-stack-skill/steps-c/step-06-compile-stack.md +28 -7
  62. package/src/workflows/create-stack-skill/steps-c/step-07-generate-output.md +10 -7
  63. package/src/workflows/create-stack-skill/steps-c/step-08-validate.md +66 -68
  64. package/src/workflows/create-stack-skill/validation-report.md +1 -1
  65. package/src/workflows/create-stack-skill/workflow-plan-create-stack-skill.md +4 -4
  66. package/src/workflows/export-skill/data/managed-section-format.md +1 -0
  67. package/src/workflows/export-skill/data/snippet-format.md +33 -14
  68. package/src/workflows/export-skill/steps-c/step-01-load-skill.md +16 -2
  69. package/src/workflows/export-skill/steps-c/step-03-generate-snippet.md +29 -22
  70. package/src/workflows/export-skill/steps-c/step-04-update-context.md +1 -1
  71. package/src/workflows/export-skill/steps-c/step-05-token-report.md +1 -1
  72. package/src/workflows/export-skill/validation-report.md +1 -1
  73. package/src/workflows/export-skill/workflow-plan-export-skill.md +8 -8
  74. package/src/workflows/export-skill/workflow.md +1 -1
  75. package/src/workflows/quick-skill/data/skill-template.md +27 -7
  76. package/src/workflows/quick-skill/steps-c/step-04-compile.md +44 -13
  77. package/src/workflows/quick-skill/steps-c/step-05-validate.md +79 -16
  78. package/src/workflows/quick-skill/validation-report.md +4 -4
  79. package/src/workflows/quick-skill/workflow-plan-quick-skill.md +4 -4
  80. package/src/workflows/quick-skill/workflow.md +2 -0
  81. package/src/workflows/setup-forge/steps-c/step-01-detect-and-tier.md +12 -3
  82. package/src/workflows/setup-forge/steps-c/step-02-write-config.md +10 -2
  83. package/src/workflows/setup-forge/steps-c/step-03-auto-index.md +111 -40
  84. package/src/workflows/setup-forge/steps-c/step-04-report.md +13 -0
  85. package/src/workflows/setup-forge/workflow.md +1 -0
  86. package/src/workflows/test-skill/data/scoring-rules.md +14 -6
  87. package/src/workflows/test-skill/data/source-access-protocol.md +45 -0
  88. package/src/workflows/test-skill/steps-c/step-01-init.md +38 -13
  89. package/src/workflows/test-skill/steps-c/step-02-detect-mode.md +2 -3
  90. package/src/workflows/test-skill/steps-c/step-03-coverage-check.md +25 -5
  91. package/src/workflows/test-skill/steps-c/step-04-coherence-check.md +22 -47
  92. package/src/workflows/test-skill/steps-c/step-04b-external-validators.md +219 -0
  93. package/src/workflows/test-skill/steps-c/step-05-score.md +25 -27
  94. package/src/workflows/test-skill/steps-c/step-06-report.md +9 -4
  95. package/src/workflows/test-skill/templates/test-report-template.md +2 -1
  96. package/src/workflows/test-skill/validation-report.md +1 -1
  97. package/src/workflows/test-skill/workflow-plan-test-skill.md +7 -3
  98. package/src/workflows/test-skill/workflow.md +1 -1
  99. package/src/workflows/update-skill/data/remote-source-resolution.md +43 -0
  100. package/src/workflows/update-skill/data/tier-degradation-rules.md +46 -0
  101. package/src/workflows/update-skill/steps-c/step-01-init.md +13 -7
  102. package/src/workflows/update-skill/steps-c/step-02-detect-changes.md +26 -0
  103. package/src/workflows/update-skill/steps-c/step-03-re-extract.md +38 -9
  104. package/src/workflows/update-skill/steps-c/step-04-merge.md +3 -3
  105. package/src/workflows/update-skill/steps-c/step-05-validate.md +63 -67
  106. package/src/workflows/update-skill/steps-c/step-06-write.md +37 -14
  107. package/src/workflows/update-skill/steps-c/step-07-report.md +1 -1
  108. package/src/workflows/update-skill/validation-report.md +4 -4
  109. package/src/workflows/update-skill/workflow-plan-update-skill.md +4 -4
  110. package/src/workflows/update-skill/workflow.md +1 -1
  111. package/tools/cli/commands/status.js +4 -4
  112. package/tools/cli/commands/uninstall.js +1 -1
  113. package/tools/cli/commands/update.js +2 -2
  114. package/tools/cli/lib/ui.js +60 -16
  115. package/tools/cli/lib/version-check.js +2 -2
@@ -54,64 +54,76 @@ Validate the merged skill content against the agentskills.io specification, veri
54
54
 
55
55
  **CRITICAL:** Follow this sequence exactly. Do not skip, reorder, or improvise unless user explicitly requests a change.
56
56
 
57
- ### 1. Launch Parallel Validation Checks
57
+ ### 1. Check Tool Availability and Validation Timing
58
+
59
+ Run: `npx skill-check -h`
60
+
61
+ - If succeeds: skill-check is available for Checks A, E, F below
62
+ - If fails: Use manual fallback paths in those checks
63
+
64
+ **Important:** Do not assume availability — empirical check required.
65
+
66
+ **Validation timing note:** Step-04 produces an edit plan, not written files. Checks that require files on disk (skill-check Checks A, E, F) will be **deferred to post-write** — step-06 runs them after writing files. Structural checks (B, C, D) validate the planned merge content and run here.
67
+
68
+ ### 2. Launch Parallel Validation Checks
58
69
 
59
70
  Launch subprocesses in parallel for each validation category, aggregating results when complete:
60
71
 
61
- **Check A — Spec Compliance:**
62
- - Validate merged SKILL.md structure against agentskills.io specification (via skills_ref if available)
63
- - Verify required sections present: exports, usage patterns, conventions
64
- - Verify export entries have: name, type, signature, file:line reference
65
- - Flag missing or incomplete sections
72
+ **Check A — Spec Compliance (via skill-check):**
73
+
74
+ **If available**, run: `npx skill-check check <skill-dir> --fix --format json --no-security-scan`
75
+
76
+ Parse JSON output for quality score (0-100), auto-fixed issues, and remaining diagnostics. If `body.max_lines` reported, run: `npx skill-check split-body <skill-dir> --write`
77
+
78
+ **If unavailable**, perform manual check: validate merged SKILL.md structure, verify required sections (exports, usage patterns, conventions), verify export entries have name/type/signature/file:line reference, flag missing sections.
66
79
 
67
80
  **Check B — [MANUAL] Section Integrity:**
68
81
  - Compare [MANUAL] inventory from step 01 against merged content
69
- - Verify every [MANUAL] block from inventory exists in merged result
70
- - Verify [MANUAL] content is byte-identical (zero modification)
71
- - Flag any [MANUAL] blocks that were moved, truncated, or missing
82
+ - Verify every [MANUAL] block exists in merged result, byte-identical (zero modification)
83
+ - Flag any [MANUAL] blocks moved, truncated, or missing
72
84
 
73
85
  **Check C — Confidence Tier Consistency:**
74
86
  - Verify all re-extracted exports have confidence labels (T1/T1-low/T2)
75
- - Verify tier labels match forge tier capabilities:
76
- - Quick tier: only T1-low allowed
77
- - Forge tier: T1 expected (T1-low for degraded operations)
78
- - Deep tier: T1 + T2 expected
87
+ - Verify tier labels match forge tier: Quick=T1-low only, Forge=T1 (T1-low for degraded), Deep=T1+T2
79
88
  - Flag mismatched or missing tier labels
80
89
 
81
90
  **Check D — Provenance Completeness:**
82
- - Verify every export in merged SKILL.md has a provenance map entry
83
- - Verify file:line references point to actual source locations
91
+ - Verify every export has a provenance map entry with valid file:line references
84
92
  - Verify no stale references to old file paths or line numbers
85
93
  - Flag orphaned provenance entries (export removed but provenance remains)
86
94
 
87
- ### 2. Aggregate Validation Results
95
+ **Check E Diff Comparison (via skill-check):**
96
+
97
+ **If available** and previous skill version exists: `npx skill-check diff <original-skill-dir> <updated-skill-dir>`
98
+
99
+ Shows diagnostic changes between original and updated skill. Record diff results as informational context.
100
+
101
+ **If unavailable or no previous version:** Skip with note.
102
+
103
+ **Check F — Security Scan:**
104
+
105
+ **If available**, run: `npx skill-check check <skill-dir> --format json` (security scan enabled by default).
106
+
107
+ Record security findings as advisory warnings — they do not block the update.
108
+
109
+ **If unavailable:** Skip with note: "Security scan skipped — skill-check tool unavailable"
110
+
111
+ ### 3. Aggregate Validation Results
88
112
 
89
113
  Compile results from all checks:
90
114
 
91
115
  ```
92
116
  Validation Results:
93
- spec_compliance:
94
- status: PASS|WARN|FAIL
95
- findings: [{severity, description, location}]
96
-
97
- manual_integrity:
98
- status: PASS|WARN|FAIL
99
- sections_verified: [count]
100
- sections_intact: [count]
101
- findings: [{severity, description, section_name}]
102
-
103
- confidence_consistency:
104
- status: PASS|WARN|FAIL
105
- exports_checked: [count]
106
- findings: [{severity, description, export_name, expected_tier, actual_tier}]
107
-
108
- provenance_completeness:
109
- status: PASS|WARN|FAIL
110
- entries_checked: [count]
111
- findings: [{severity, description, export_name}]
117
+ spec_compliance: {status: PASS|WARN|FAIL, findings: [{severity, description, location}]}
118
+ manual_integrity: {status, sections_verified, sections_intact, findings}
119
+ confidence_consistency: {status, exports_checked, findings}
120
+ provenance_completeness: {status, entries_checked, findings}
121
+ diff_comparison: {status: PASS|SKIP, new_issues, fixed_issues, unchanged}
122
+ security_scan: {status: PASS|WARN|SKIP, findings}
123
+ quality_score: [0-100] # from skill-check, if available
112
124
  ```
113
125
 
114
- ### 3. For Stack Skills — Validate Reference Files
126
+ ### 4. For Stack Skills — Validate Reference Files
115
127
 
116
128
  **ONLY if skill_type == "stack":**
117
129
 
@@ -121,43 +133,28 @@ Repeat checks A-D for each reference file:
121
133
 
122
134
  **If skill_type != "stack":** Skip with notice.
123
135
 
124
- ### 4. Display Validation Summary
136
+ ### 5. Display Validation Summary
125
137
 
126
138
  "**Validation Results:**
127
139
 
128
140
  | Check | Status | Findings |
129
141
  |-------|--------|----------|
130
- | Spec Compliance | {PASS/WARN/FAIL} | {count} findings |
142
+ | Spec Compliance | {PASS/WARN/FAIL} | {count} findings (quality score: {score}/100) |
131
143
  | [MANUAL] Integrity | {PASS/WARN/FAIL} | {count} findings |
132
144
  | Confidence Tiers | {PASS/WARN/FAIL} | {count} findings |
133
145
  | Provenance | {PASS/WARN/FAIL} | {count} findings |
146
+ | Diff Comparison | {PASS/SKIP} | {new} new, {fixed} fixed |
147
+ | Security Scan | {PASS/WARN/SKIP} | {count} findings |
134
148
 
135
149
  **Overall: {ALL_PASS / WARNINGS_FOUND / FAILURES_FOUND}**"
136
150
 
137
- **If WARNINGS or FAILURES found:**
138
-
139
- List each finding with severity and description:
151
+ **If findings exist:** List each with severity, description, and location. Add: "Validation is advisory. Findings do not block the update."
140
152
 
141
- "**Findings:**
142
- 1. [{severity}] {description} — {location}
143
- 2. [{severity}] {description} — {location}
144
- ..."
145
-
146
- "**Note:** Validation is advisory. These findings are reported for your awareness but do not block the update. You may choose to address them after the update completes."
147
-
148
- ### 5. Present MENU OPTIONS
153
+ ### 6. Present MENU OPTIONS
149
154
 
150
155
  Display: "**Proceeding to write updated files...**"
151
156
 
152
- #### Menu Handling Logic:
153
-
154
- - After validation summary is displayed, immediately load, read entire file, then execute {nextStepFile}
155
-
156
- #### EXECUTION RULES:
157
-
158
- - This is an auto-proceed validation step with no user choices
159
- - Validation is advisory — findings are informational, not blocking
160
- - Proceed directly to next step after summary display
157
+ After validation summary is displayed, immediately load, read entire file, then execute {nextStepFile}. This is an auto-proceed step — validation is advisory, not blocking.
161
158
 
162
159
  ## CRITICAL STEP COMPLETION NOTE
163
160
 
@@ -169,19 +166,18 @@ ONLY WHEN all validation checks have completed and findings are displayed will y
169
166
 
170
167
  ### ✅ SUCCESS:
171
168
 
172
- - All four validation checks executed (spec, [MANUAL], confidence, provenance)
169
+ - All six checks executed (spec, [MANUAL], confidence, provenance, diff, security)
170
+ - `npx skill-check check --fix` and `diff` executed if available (or fallbacks used)
171
+ - Quality score captured; auto-fix applied for deterministic issues
173
172
  - Stack skill reference files validated if applicable
174
- - Findings reported with severity and specific locations
175
- - [MANUAL] integrity verified with byte-level comparison
176
- - Validation results displayed clearly
173
+ - Findings reported with severity and specific locations; [MANUAL] integrity verified
177
174
  - Auto-proceeds regardless of findings (advisory mode)
178
175
 
179
176
  ### ❌ SYSTEM FAILURE:
180
177
 
181
- - Skipping any of the four validation checks
182
- - Blocking the workflow on validation warnings
183
- - Not verifying [MANUAL] section integrity
184
- - Hallucinating validation findings not backed by actual comparison
185
- - Modifying merged content during validation
178
+ - Skipping any of the six checks; blocking on validation warnings
179
+ - Not verifying [MANUAL] integrity; hallucinating findings not backed by comparison
180
+ - Modifying merged content during validation (except via skill-check --fix)
181
+ - Not recording quality score when skill-check is available
186
182
 
187
183
  **Master Rule:** Skipping steps, optimizing sequences, or not following exact instructions is FORBIDDEN and constitutes SYSTEM FAILURE.
@@ -64,10 +64,17 @@ Write the merged SKILL.md content to `{skills_output_folder}/{skill_name}/SKILL.
64
64
  ### 2. Write Updated metadata.json
65
65
 
66
66
  Update `{skills_output_folder}/{skill_name}/metadata.json`:
67
- - Update `version` (increment patch version)
68
- - Update `last_updated` timestamp to current date
69
- - Update `export_count` to reflect current total
70
- - Update `confidence_distribution` with new T1/T1-low/T2 counts
67
+ - Update `version`: if a source version was detected during re-extraction and differs from the current metadata version, use the source version; otherwise increment patch version
68
+ - Update `generation_date` timestamp to current ISO-8601 date
69
+ - Update `exports` array to reflect current export list
70
+ - Update `stats` from re-extraction results:
71
+ - `exports_documented`: count of exports with documentation in the merged skill
72
+ - `exports_public_api`: count of exports from public entry points (`__init__.py`, `index.ts`, `lib.rs`, or equivalent)
73
+ - `exports_internal`: count of all other non-underscore-prefixed exports
74
+ - `exports_total`: `exports_public_api` + `exports_internal`
75
+ - `public_api_coverage`: `exports_documented / exports_public_api` (`null` if `exports_public_api` is 0)
76
+ - `total_coverage`: `exports_documented / exports_total` (`null` if `exports_total` is 0)
77
+ - `confidence_t1`, `confidence_t2`, `confidence_t3`: update counts from re-extraction results
71
78
  - For stack skills: update `library_count`, `integration_count` if changed
72
79
 
73
80
  ### 3. Write Updated provenance-map.json
@@ -75,26 +82,28 @@ Update `{skills_output_folder}/{skill_name}/metadata.json`:
75
82
  Write to `{forge_data_folder}/{skill_name}/provenance-map.json`:
76
83
 
77
84
  **For each export in the updated skill:**
78
- - Update `file_path` if moved
79
- - Update `start_line`, `end_line` from fresh extraction
80
- - Update `extraction_timestamp` to current date for re-extracted exports
81
- - Update `confidence_tier` from extraction results
82
- - Update `content_hash` for modified exports
85
+ - Update `export_name` if renamed
86
+ - Update `params[]` array if parameters changed (add, remove, or modify individual entries)
87
+ - Update `return_type` if changed
88
+ - Update `source_file` if moved
89
+ - Update `source_line` from fresh extraction
90
+ - Update `confidence` from extraction results
91
+ - Update `extraction_method` and `ast_node_type` if re-extracted with different tools
83
92
 
84
93
  **For deleted exports:**
85
94
  - Remove entry from provenance map
86
95
 
87
96
  **For new exports:**
88
- - Add new entry with full extraction metadata
97
+ - Add new entry with full structured fields: `export_name`, `export_type`, `params[]`, `return_type`, `source_file`, `source_line`, `confidence`, `extraction_method`, `ast_node_type`
89
98
 
90
99
  **Add update operation metadata:**
91
100
  ```json
92
101
  {
93
102
  "last_update": "{current_date}",
94
- "update_type": "incremental",
103
+ "update_type": "{incremental if normal mode | full if degraded_mode}",
95
104
  "files_changed": {count},
96
105
  "exports_affected": {count},
97
- "forge_tier": "{tier}",
106
+ "confidence_tier": "{tier}",
98
107
  "manual_sections_preserved": {count}
99
108
  }
100
109
  ```
@@ -162,13 +171,27 @@ For each file written:
162
171
 
163
172
  **All files written and verified.**"
164
173
 
165
- ### 7. Present MENU OPTIONS
174
+ ### 7. Run Post-Write Validation (Deferred from Step 05)
175
+
176
+ External tool checks deferred from step-05 now run against the written files:
177
+
178
+ **If skill-check available:**
179
+ - Run: `npx skill-check check {skills_output_folder}/{skill_name} --fix --format json --no-security-scan`
180
+ - If `body.max_lines` reported, run: `npx skill-check split-body {skills_output_folder}/{skill_name} --write`
181
+ - Run: `npx skill-check diff` if original version was preserved
182
+ - Run: `npx skill-check check {skills_output_folder}/{skill_name} --format json` for security scan
183
+
184
+ Record findings in the evidence report (section 4). These are advisory — do not block on warnings.
185
+
186
+ **If skill-check unavailable:** Skip with note — structural checks from step-05 are sufficient.
187
+
188
+ ### 8. Present MENU OPTIONS
166
189
 
167
190
  Display: "**Proceeding to report...**"
168
191
 
169
192
  #### Menu Handling Logic:
170
193
 
171
- - After all writes verified, immediately load, read entire file, then execute {nextStepFile}
194
+ - After all writes verified and post-write validation complete, immediately load, read entire file, then execute {nextStepFile}
172
195
 
173
196
  #### EXECUTION RULES:
174
197
 
@@ -76,7 +76,7 @@ Source code matches provenance map exactly. The skill `{skill_name}` is current
76
76
 
77
77
  | Metric | Value |
78
78
  |--------|-------|
79
- | **Skill** | {skill_name} ({individual/stack}) |
79
+ | **Skill** | {skill_name} ({single/stack}) |
80
80
  | **Forge Tier** | {tier} |
81
81
  | **Mode** | {normal/degraded} |
82
82
  | **Duration** | {step count} steps |
@@ -192,7 +192,7 @@ Workflow is SKF module — correctly references `{project-root}/_bmad/skf/config
192
192
 
193
193
  ### Detailed Analysis
194
194
 
195
- **step-01-init:** Init with Input Discovery pattern. Requests skill path from user, validates required artifacts (SKILL.md, metadata.json, forge-tier.yaml), offers degraded mode for missing provenance, inventories [MANUAL] sections. C-only gate (no A/P — correct for init). Non-continuable (correct for single-session).
195
+ **step-01-init:** Init with Input Discovery pattern. Requests skill path from user, validates required artifacts (SKILL.md, metadata.json, forge-tier.yaml), checks `preferences.yaml` for `tier_override`, offers degraded mode for missing provenance, inventories [MANUAL] sections. C-only gate (no A/P — correct for init). Non-continuable (correct for single-session).
196
196
 
197
197
  **step-02-detect-changes:** Auto-proceed middle step with Pattern 4 parallel subprocess. No-change shortcut correctly routes to final step. No user interaction.
198
198
 
@@ -237,7 +237,7 @@ YES — This workflow modifies code-derived artifacts with provenance tracking.
237
237
 
238
238
  | Criterion | Status |
239
239
  |-----------|--------|
240
- | Loads validation data/standards (skills_ref) | ✅ |
240
+ | Loads validation data/standards (skill-check) | ✅ |
241
241
  | Systematic check sequence (4 parallel checks) | ✅ |
242
242
  | Auto-proceeds through checks | ✅ |
243
243
  | Clear pass/fail criteria (PASS/WARN/FAIL per check) | ✅ |
@@ -246,7 +246,7 @@ YES — This workflow modifies code-derived artifacts with provenance tracking.
246
246
 
247
247
  ### 4 Validation Checks Assessed
248
248
 
249
- 1. **Spec Compliance** — validates against agentskills.io via skills_ref
249
+ 1. **Spec Compliance** — validates against agentskills.io via skill-check
250
250
  2. **[MANUAL] Section Integrity** — byte-level comparison against step-01 inventory ✅
251
251
  3. **Confidence Tier Consistency** — verifies tier labels match forge capabilities ✅
252
252
  4. **Provenance Completeness** — verifies export-to-source mapping integrity ✅
@@ -495,7 +495,7 @@ None. The workflow is well-designed and should function correctly in its current
495
495
  | ast_bridge | External | Referenced in step-03 | ✅ |
496
496
  | gh_bridge | External | Implied in source file access | ✅ |
497
497
  | qmd_bridge | External | Referenced in step-03 (Deep tier) | ✅ |
498
- | skills_ref | External | Referenced in step-05 | ✅ |
498
+ | skill-check | External | Referenced in step-05 | ✅ |
499
499
  | manual-section-rules.md | Data file | Created | ✅ |
500
500
  | merge-conflict-rules.md | Data file | Created | ✅ |
501
501
 
@@ -213,7 +213,7 @@ Document-producing workflow that outputs:
213
213
  - **ast_bridge:** required for Forge/Deep tier AST extraction (pre-detected by setup-forge)
214
214
  - **gh_bridge:** required for all tiers to read source files
215
215
  - **qmd_bridge:** required for Deep tier semantic enrichment only
216
- - **skills_ref:** required for validation against agentskills.io spec (Step 05)
216
+ - **skill-check:** required for validation against agentskills.io spec (Step 05) — `npx skill-check check --fix --format json` for validation + auto-fix + quality scoring, `diff` for before/after comparison, security scan for prompt injection detection, `split-body` for oversized body remediation
217
217
 
218
218
  **Installation Requirements:**
219
219
  - None — all tools pre-detected by setup-forge workflow
@@ -264,8 +264,8 @@ Step 04 (merge)
264
264
  OUT: merged SKILL.md content with [MANUAL] sections preserved
265
265
 
266
266
  Step 05 (validate)
267
- IN: merged content, agentskills.io spec (via skills_ref)
268
- OUT: validation results (pass/fail with details)
267
+ IN: merged content, agentskills.io spec (via `npx skill-check check --fix --format json`)
268
+ OUT: validation results (pass/fail with quality score, diff comparison, security findings)
269
269
 
270
270
  Step 06 (write)
271
271
  IN: validated merged content, updated provenance data
@@ -416,7 +416,7 @@ Fallback: All operations executable in main thread if subprocesses unavailable.
416
416
  ### Step 05: validate (~190 lines)
417
417
  - Type: Validation Sequence, Auto-proceed (advisory, non-blocking)
418
418
  - Pattern 4 parallel validation across 4 checks:
419
- - Check A: Spec compliance (agentskills.io via skills_ref)
419
+ - Check A: Spec compliance (agentskills.io via skill-check)
420
420
  - Check B: [MANUAL] section integrity (byte-level comparison)
421
421
  - Check C: Confidence tier consistency (tier vs forge capabilities)
422
422
  - Check D: Provenance completeness (export-to-source mapping)
@@ -49,7 +49,7 @@ installed_path: '{project-root}/_bmad/skf/workflows/update-skill'
49
49
  Load and read full config from {project-root}/_bmad/skf/config.yaml and resolve:
50
50
 
51
51
  - `project_name`, `output_folder`, `user_name`, `communication_language`, `document_output_language`
52
- - `skills_output_folder`, `forge_data_folder`
52
+ - `skills_output_folder`, `forge_data_folder`, `sidecar_path`
53
53
 
54
54
  ### 2. First Step Execution
55
55
 
@@ -99,13 +99,13 @@ async function getStatus(projectDir) {
99
99
 
100
100
  function displayStatus(status, version) {
101
101
  console.log('');
102
- console.log(chalk.cyan.bold(' Skill Forge — Status'));
102
+ console.log(chalk.hex('#F59E0B').bold(' Skill Forge — Status'));
103
103
  console.log(chalk.dim(` v${version}`));
104
104
  console.log('');
105
105
 
106
106
  if (!status.installed) {
107
107
  console.log(chalk.yellow(' Not installed.'));
108
- console.log(chalk.dim(' Run: npx skill-forge install'));
108
+ console.log(chalk.dim(' Run: npx bmad-module-skill-forge install'));
109
109
  console.log('');
110
110
  return;
111
111
  }
@@ -115,7 +115,7 @@ function displayStatus(status, version) {
115
115
  // Installation
116
116
  const manifest = status.manifest;
117
117
  console.log(chalk.white.bold(' Installation'));
118
- console.log(` Project: ${chalk.cyan(config.project_name || '(unknown)')}`);
118
+ console.log(` Project: ${chalk.hex('#FBBF24')(config.project_name || '(unknown)')}`);
119
119
  console.log(` SKF folder: ${chalk.dim(SKF_FOLDER + '/')}`);
120
120
  console.log(` Agent: ${status.agentCompiled ? chalk.green('compiled') : chalk.yellow('not compiled')}`);
121
121
  console.log(` Workflows: ${chalk.white(status.workflowCount)}`);
@@ -146,7 +146,7 @@ function displayStatus(status, version) {
146
146
  const tools = ft.tools || {};
147
147
  console.log(chalk.white.bold(' Forge Tier'));
148
148
  if (status.tierDetected) {
149
- const tierColors = { Quick: chalk.yellow, Forge: chalk.cyan, Deep: chalk.magenta };
149
+ const tierColors = { Quick: chalk.yellow, Forge: chalk.hex('#F59E0B'), Deep: chalk.hex('#FCD34D') };
150
150
  const tierColor = tierColors[ft.tier] || chalk.white;
151
151
  console.log(` Tier: ${tierColor(ft.tier)}`);
152
152
  console.log(` Detected: ${chalk.dim(ft.tier_detected_at || '(unknown)')}`);
@@ -113,7 +113,7 @@ module.exports = {
113
113
  const skfExists = await fs.pathExists(path.join(projectDir, '_bmad/skf'));
114
114
  if (skfExists) {
115
115
  log.warn(
116
- 'No manifest found. Reinstall first to generate one,\nthen run uninstall again for clean removal.\nRun: npx skill-forge install',
116
+ 'No manifest found. Reinstall first to generate one,\nthen run uninstall again for clean removal.\nRun: npx bmad-module-skill-forge install',
117
117
  );
118
118
  } else {
119
119
  log.warn('SKF is not installed in this directory.');
@@ -24,13 +24,13 @@ module.exports = {
24
24
 
25
25
  if (!(await fs.pathExists(skfDir))) {
26
26
  console.log(chalk.yellow('\n SKF is not installed in this directory.'));
27
- console.log(chalk.dim(' Run: npx skill-forge install\n'));
27
+ console.log(chalk.dim(' Run: npx bmad-module-skill-forge install\n'));
28
28
  process.exit(0);
29
29
  return;
30
30
  }
31
31
 
32
32
  console.log('');
33
- console.log(chalk.cyan.bold(' Skill Forge — Quick Update'));
33
+ console.log(chalk.hex('#F59E0B').bold(' Skill Forge — Quick Update'));
34
34
  console.log(chalk.dim(' Replacing SKF files, preserving config and sidecar.\n'));
35
35
 
36
36
  const installer = new Installer();
@@ -1,6 +1,12 @@
1
1
  /**
2
2
  * SKF Installer UI - Banner, prompts, and success message.
3
3
  * Uses @clack/prompts for terminal UI.
4
+ *
5
+ * Brand palette (from skf-logo.svg):
6
+ * amber #F59E0B — primary (anvil top)
7
+ * gold #FBBF24 — accent, highlights (anvil horn)
8
+ * dark #D97706 — frame, deep emphasis (anvil body)
9
+ * spark #FCD34D — sparks, icons
4
10
  */
5
11
 
6
12
  const { intro, outro, text, select, multiselect, confirm, note, isCancel, cancel, log } = require('@clack/prompts');
@@ -12,18 +18,54 @@ const yaml = require('js-yaml');
12
18
 
13
19
  const SKF_FOLDER = '_bmad/skf';
14
20
 
21
+ // Brand colors derived from skf-logo.svg
22
+ const brand = {
23
+ amber: chalk.hex('#F59E0B'),
24
+ gold: chalk.hex('#FBBF24'),
25
+ dark: chalk.hex('#D97706'),
26
+ spark: chalk.hex('#FCD34D'),
27
+ };
28
+
15
29
  class UI {
16
30
  displayBanner() {
17
- let banner;
31
+ const packageJson = require('../../../package.json');
32
+ const version = packageJson.version;
33
+
34
+ let logoLines;
18
35
  try {
19
- banner = figlet.textSync('SKF', { font: 'Standard' });
36
+ logoLines = figlet.textSync('SKF', { font: 'ANSI Shadow' }).trimEnd().split('\n');
37
+ // Remove trailing empty lines from figlet output
38
+ while (logoLines.length > 0 && !logoLines.at(-1).trim()) logoLines.pop();
20
39
  } catch {
21
- banner = '\n S K F';
40
+ logoLines = [' S K F'];
22
41
  }
23
- const packageJson = require('../../../package.json');
24
- intro(
25
- `${chalk.cyan(banner)}\n${chalk.white.bold(' Skill Forge')} ${chalk.dim(`v${packageJson.version}`)}\n${chalk.dim(' AST-verified, provenance-backed agent skills from code\n repositories, documentation, and developer discourse')}`,
26
- );
42
+
43
+ const w = 54;
44
+ const frame = brand.dark;
45
+ const top = frame(' ╔' + '═'.repeat(w) + '╗');
46
+ const mid = frame(' ╟' + '─'.repeat(w) + '╢');
47
+ const bottom = frame(' ╚' + '═'.repeat(w) + '╝');
48
+ const row = (content) => {
49
+ // eslint-disable-next-line no-control-regex -- stripping ANSI escape codes for visual width calculation
50
+ const stripped = content.replaceAll(/\u001B\[\d+(?:;\d+)*m/g, '');
51
+ const pad = Math.max(0, w - stripped.length - 2);
52
+ return frame(' ║ ') + content + ' '.repeat(pad) + frame(' ║');
53
+ };
54
+
55
+ console.log();
56
+ console.log(top);
57
+ for (const line of logoLines) {
58
+ console.log(row(brand.amber.bold(line.replace(/\s+$/, ''))));
59
+ }
60
+ console.log(mid);
61
+ console.log(row(chalk.white.bold('Skill Forge') + chalk.dim(` v${version}`)));
62
+ console.log(row(chalk.dim('Agent Skill Compiler') + ' '.repeat(15) + brand.spark('⚒')));
63
+ console.log(mid);
64
+ console.log(row(chalk.dim('Code · Docs · Discourse → Verified agent skills')));
65
+ console.log(bottom);
66
+ console.log();
67
+
68
+ intro(brand.amber('Skill Forge Installer'));
27
69
  }
28
70
 
29
71
  async detectInstallation(projectDir) {
@@ -47,7 +89,7 @@ class UI {
47
89
  const detection = await this.detectInstallation(projectDir);
48
90
  const skfFolder = detection.folder;
49
91
 
50
- log.info(`Target: ${chalk.cyan(projectDir)}`);
92
+ log.info(`Target: ${brand.gold(projectDir)}`);
51
93
 
52
94
  let action = 'fresh';
53
95
 
@@ -109,7 +151,7 @@ class UI {
109
151
  const detectedIdes = await this.detectIdes(projectDir);
110
152
  if (detectedIdes.length > 0) {
111
153
  initialIdes = detectedIdes;
112
- log.info(`Auto-detected IDEs: ${detectedIdes.join(', ')}`);
154
+ log.info(`Auto-detected IDEs: ${brand.gold(detectedIdes.join(', '))}`);
113
155
  }
114
156
  }
115
157
 
@@ -244,25 +286,25 @@ class UI {
244
286
  let noteTitle;
245
287
  let noteBody;
246
288
 
289
+ const activateCmd = brand.gold('/bmad-agent-skf-forger');
290
+
247
291
  if (action === 'update') {
248
- noteTitle = 'Update complete!';
292
+ noteTitle = brand.amber.bold('Update complete!');
249
293
  noteBody = [
250
294
  `${chalk.white.bold('What Changed')}`,
251
295
  'SKF files and agents have been refreshed.',
252
296
  'Your config.yaml and sidecar state are preserved.',
253
297
  '',
254
298
  `${chalk.white.bold('Next Steps')}`,
255
- `1. Reload the agent in ${ideDisplay}:`,
256
- ` ${chalk.cyan(`"Read and activate ${skfFolder}/agents/forger.md"`)}`,
299
+ `1. Reload the agent in ${ideDisplay}: ${activateCmd}`,
257
300
  '2. Run @Ferris SF to re-detect tools if needed',
258
301
  ].join('\n');
259
302
  } else {
260
- noteTitle = 'Installation complete!';
303
+ noteTitle = brand.amber.bold('Installation complete!');
261
304
  noteBody = [
262
305
  `${chalk.white.bold('Get Started')}`,
263
306
  `1. Open this folder in ${ideDisplay}`,
264
- '2. Locate the chat window and type:',
265
- ` ${chalk.cyan(`"Read and activate ${skfFolder}/agents/forger.md"`)}`,
307
+ `2. Activate Ferris: ${activateCmd}`,
266
308
  '3. Ferris (your Skill Architect) will guide you through',
267
309
  ' setting up and forging your first agent skill',
268
310
  ].join('\n');
@@ -270,7 +312,9 @@ class UI {
270
312
 
271
313
  note(noteBody, noteTitle);
272
314
 
273
- outro(`Agent: Ferris (Skill Architect & Integrity Guardian)\nDocs: https://github.com/armelhbobdad/bmad-module-skill-forge`);
315
+ outro(
316
+ `${brand.spark('⚒')} Agent: ${chalk.white('Ferris')} ${chalk.dim('(Skill Architect & Integrity Guardian)')}\n${brand.dark('⚡')} Docs: ${brand.amber('https://armelhbobdad.github.io/bmad-module-skill-forge')}`,
317
+ );
274
318
  }
275
319
  }
276
320
 
@@ -64,9 +64,9 @@ function startVersionCheck(currentVersion) {
64
64
  }
65
65
  return (
66
66
  '\n' +
67
- chalk.yellow(` Update available: ${chalk.dim(currentVersion)} → ${chalk.green(latestVersion)}`) +
67
+ chalk.hex('#F59E0B')(` Update available: ${chalk.dim(currentVersion)} → ${chalk.hex('#FBBF24').bold(latestVersion)}`) +
68
68
  '\n' +
69
- chalk.dim(` Run: npx skill-forge@latest install`) +
69
+ chalk.dim(` Run: npx bmad-module-skill-forge@latest install`) +
70
70
  '\n'
71
71
  );
72
72
  });