bmad-module-skill-forge 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (115) hide show
  1. package/README.md +73 -159
  2. package/docs/agents.md +2 -2
  3. package/docs/architecture.md +155 -25
  4. package/docs/concepts.md +96 -0
  5. package/docs/examples.md +52 -2
  6. package/docs/getting-started.md +30 -14
  7. package/docs/index.md +16 -41
  8. package/docs/workflows.md +3 -3
  9. package/package.json +6 -4
  10. package/src/forger/forge-tier.yaml +1 -1
  11. package/src/forger/preferences.yaml +8 -1
  12. package/src/knowledge/doc-fetcher.md +55 -0
  13. package/src/knowledge/overview.md +17 -16
  14. package/src/knowledge/progressive-capability.md +9 -1
  15. package/src/knowledge/provenance-tracking.md +31 -23
  16. package/src/knowledge/qmd-registry.md +132 -0
  17. package/src/knowledge/skf-knowledge-index.csv +2 -0
  18. package/src/module.yaml +2 -2
  19. package/src/workflows/analyze-source/data/skill-brief-schema.md +24 -4
  20. package/src/workflows/analyze-source/steps-c/step-01-init.md +19 -9
  21. package/src/workflows/analyze-source/steps-c/step-01b-continue.md +2 -2
  22. package/src/workflows/analyze-source/steps-c/step-02-scan-project.md +10 -2
  23. package/src/workflows/analyze-source/steps-c/step-04-map-and-detect.md +17 -2
  24. package/src/workflows/analyze-source/steps-c/step-05-recommend.md +2 -1
  25. package/src/workflows/analyze-source/steps-c/step-06-generate-briefs.md +3 -3
  26. package/src/workflows/analyze-source/templates/analysis-report-template.md +1 -1
  27. package/src/workflows/analyze-source/validation-report.md +1 -1
  28. package/src/workflows/analyze-source/workflow-plan-analyze-source.md +1 -1
  29. package/src/workflows/analyze-source/workflow.md +1 -1
  30. package/src/workflows/audit-skill/steps-c/step-01-init.md +8 -5
  31. package/src/workflows/audit-skill/steps-c/step-02-re-index.md +12 -2
  32. package/src/workflows/audit-skill/validation-report.md +2 -2
  33. package/src/workflows/audit-skill/workflow-plan-audit-skill.md +1 -1
  34. package/src/workflows/brief-skill/data/scope-templates.md +60 -0
  35. package/src/workflows/brief-skill/data/skill-brief-schema.md +38 -3
  36. package/src/workflows/brief-skill/steps-c/step-01-gather-intent.md +20 -4
  37. package/src/workflows/brief-skill/steps-c/step-03-scope-definition.md +20 -64
  38. package/src/workflows/brief-skill/steps-c/step-04-confirm-brief.md +1 -1
  39. package/src/workflows/brief-skill/steps-c/step-05-write-brief.md +60 -5
  40. package/src/workflows/brief-skill/workflow.md +2 -1
  41. package/src/workflows/create-skill/data/compile-assembly-rules.md +110 -0
  42. package/src/workflows/create-skill/data/extraction-patterns.md +216 -3
  43. package/src/workflows/create-skill/data/skill-sections.md +81 -27
  44. package/src/workflows/create-skill/data/source-resolution-protocols.md +138 -0
  45. package/src/workflows/create-skill/data/tier-degradation-rules.md +46 -0
  46. package/src/workflows/create-skill/steps-c/step-01-load-brief.md +7 -4
  47. package/src/workflows/create-skill/steps-c/step-02-ecosystem-check.md +10 -7
  48. package/src/workflows/create-skill/steps-c/step-03-extract.md +51 -10
  49. package/src/workflows/create-skill/steps-c/step-03b-fetch-temporal.md +238 -0
  50. package/src/workflows/create-skill/steps-c/step-03c-fetch-docs.md +220 -0
  51. package/src/workflows/create-skill/steps-c/step-04-enrich.md +40 -10
  52. package/src/workflows/create-skill/steps-c/step-05-compile.md +49 -82
  53. package/src/workflows/create-skill/steps-c/step-06-validate.md +152 -63
  54. package/src/workflows/create-skill/steps-c/step-07-generate-artifacts.md +53 -3
  55. package/src/workflows/create-skill/steps-c/step-08-report.md +1 -1
  56. package/src/workflows/create-skill/workflow-plan-create-skill.md +42 -10
  57. package/src/workflows/create-skill/workflow.md +3 -2
  58. package/src/workflows/create-stack-skill/data/stack-skill-template.md +20 -7
  59. package/src/workflows/create-stack-skill/steps-c/step-01-init.md +2 -2
  60. package/src/workflows/create-stack-skill/steps-c/step-04-parallel-extract.md +14 -0
  61. package/src/workflows/create-stack-skill/steps-c/step-06-compile-stack.md +28 -7
  62. package/src/workflows/create-stack-skill/steps-c/step-07-generate-output.md +10 -7
  63. package/src/workflows/create-stack-skill/steps-c/step-08-validate.md +66 -68
  64. package/src/workflows/create-stack-skill/validation-report.md +1 -1
  65. package/src/workflows/create-stack-skill/workflow-plan-create-stack-skill.md +4 -4
  66. package/src/workflows/export-skill/data/managed-section-format.md +1 -0
  67. package/src/workflows/export-skill/data/snippet-format.md +33 -14
  68. package/src/workflows/export-skill/steps-c/step-01-load-skill.md +16 -2
  69. package/src/workflows/export-skill/steps-c/step-03-generate-snippet.md +29 -22
  70. package/src/workflows/export-skill/steps-c/step-04-update-context.md +1 -1
  71. package/src/workflows/export-skill/steps-c/step-05-token-report.md +1 -1
  72. package/src/workflows/export-skill/validation-report.md +1 -1
  73. package/src/workflows/export-skill/workflow-plan-export-skill.md +8 -8
  74. package/src/workflows/export-skill/workflow.md +1 -1
  75. package/src/workflows/quick-skill/data/skill-template.md +27 -7
  76. package/src/workflows/quick-skill/steps-c/step-04-compile.md +44 -13
  77. package/src/workflows/quick-skill/steps-c/step-05-validate.md +79 -16
  78. package/src/workflows/quick-skill/validation-report.md +4 -4
  79. package/src/workflows/quick-skill/workflow-plan-quick-skill.md +4 -4
  80. package/src/workflows/quick-skill/workflow.md +2 -0
  81. package/src/workflows/setup-forge/steps-c/step-01-detect-and-tier.md +12 -3
  82. package/src/workflows/setup-forge/steps-c/step-02-write-config.md +10 -2
  83. package/src/workflows/setup-forge/steps-c/step-03-auto-index.md +111 -40
  84. package/src/workflows/setup-forge/steps-c/step-04-report.md +13 -0
  85. package/src/workflows/setup-forge/workflow.md +1 -0
  86. package/src/workflows/test-skill/data/scoring-rules.md +14 -6
  87. package/src/workflows/test-skill/data/source-access-protocol.md +45 -0
  88. package/src/workflows/test-skill/steps-c/step-01-init.md +38 -13
  89. package/src/workflows/test-skill/steps-c/step-02-detect-mode.md +2 -3
  90. package/src/workflows/test-skill/steps-c/step-03-coverage-check.md +25 -5
  91. package/src/workflows/test-skill/steps-c/step-04-coherence-check.md +22 -47
  92. package/src/workflows/test-skill/steps-c/step-04b-external-validators.md +219 -0
  93. package/src/workflows/test-skill/steps-c/step-05-score.md +25 -27
  94. package/src/workflows/test-skill/steps-c/step-06-report.md +9 -4
  95. package/src/workflows/test-skill/templates/test-report-template.md +2 -1
  96. package/src/workflows/test-skill/validation-report.md +1 -1
  97. package/src/workflows/test-skill/workflow-plan-test-skill.md +7 -3
  98. package/src/workflows/test-skill/workflow.md +1 -1
  99. package/src/workflows/update-skill/data/remote-source-resolution.md +43 -0
  100. package/src/workflows/update-skill/data/tier-degradation-rules.md +46 -0
  101. package/src/workflows/update-skill/steps-c/step-01-init.md +13 -7
  102. package/src/workflows/update-skill/steps-c/step-02-detect-changes.md +26 -0
  103. package/src/workflows/update-skill/steps-c/step-03-re-extract.md +38 -9
  104. package/src/workflows/update-skill/steps-c/step-04-merge.md +3 -3
  105. package/src/workflows/update-skill/steps-c/step-05-validate.md +63 -67
  106. package/src/workflows/update-skill/steps-c/step-06-write.md +37 -14
  107. package/src/workflows/update-skill/steps-c/step-07-report.md +1 -1
  108. package/src/workflows/update-skill/validation-report.md +4 -4
  109. package/src/workflows/update-skill/workflow-plan-update-skill.md +4 -4
  110. package/src/workflows/update-skill/workflow.md +1 -1
  111. package/tools/cli/commands/status.js +4 -4
  112. package/tools/cli/commands/uninstall.js +1 -1
  113. package/tools/cli/commands/update.js +2 -2
  114. package/tools/cli/lib/ui.js +60 -16
  115. package/tools/cli/lib/version-check.js +2 -2
@@ -0,0 +1,96 @@
1
+ ---
2
+ title: Concepts
3
+ description: Plain-English definitions of key Skill Forge terms — agent skills, provenance, confidence tiers, drift, and more
4
+ ---
5
+
6
+ # Concepts
7
+
8
+ This page defines the key terms you'll encounter in Skill Forge. Each one is explained in plain English with a concrete example.
9
+
10
+ ---
11
+
12
+ ## Agent Skills
13
+
14
+ An agent skill is an instruction file that tells an AI agent how to use your code. Instead of the agent guessing your API from its training data, it reads the skill and gets real function names, real parameter types, and real usage patterns.
15
+
16
+ Skills follow the [agentskills.io](https://agentskills.io) open standard, so they work across Claude, Cursor, Copilot, and other AI tools.
17
+
18
+ **Example:** A skill for `better-auth` tells your agent: "The function is `authClient.signIn.email()`, it takes `{ email: string, password: string }`, and it returns a `Promise<Session>`. Here's the source: `src/client.ts:L47`."
19
+
20
+ ---
21
+
22
+ ## Provenance
23
+
24
+ Provenance means every instruction in a skill traces back to where it came from. For code, that's a file and line number. For documentation, it's a URL. For developer discourse, it's an issue or PR reference. If SKF can't point to a source, it doesn't include the instruction.
25
+
26
+ **Examples** (from a [real generated skill](https://github.com/armelhbobdad/oh-my-skills)):
27
+ - `[AST:cognee/api/v1/search/search.py:L26]` — extracted from source code via AST parsing
28
+ - `[SRC:cognee/api/v1/session/__init__.py:L8]` — read from source code without AST verification
29
+ - `[EXT:docs.cognee.ai/getting-started/quickstart]` — sourced from external documentation
30
+ - `[QMD:cognee-temporal:issues.md]` — surfaced from indexed developer discourse
31
+
32
+ ---
33
+
34
+ ## Confidence Tiers (T1/T2/T3)
35
+
36
+ Each piece of information in a skill carries a confidence level based on where it came from:
37
+
38
+ - **T1 — AST extraction:** Pulled directly from source code via AST parsing. This is structural truth — the function signature actually exists in the code right now.
39
+ - **T2 — Evidence:** Found in issues, PRs, changelogs, or documentation within the repository. Reliable context, but not as definitive as code.
40
+ - **T3 — External:** Pulled from external documentation or websites. Treated with caution and clearly marked.
41
+
42
+ **Example:** A function signature is T1. A deprecation warning from a closed GitHub issue is T2. A usage example from a blog post is T3.
43
+
44
+ ---
45
+
46
+ ## Capability Tiers (Quick/Forge/Deep)
47
+
48
+ Your capability tier depends on which tools you have installed. Each tier builds on the previous one:
49
+
50
+ - **Quick** — GitHub CLI only. SKF reads source files and builds best-effort skills. Works in under a minute.
51
+ - **Forge** — Adds [ast-grep](https://ast-grep.github.io). SKF uses AST parsing for structural truth. Instructions are verified against the actual code structure.
52
+ - **Deep** — Adds [QMD](https://github.com/tobi/qmd). SKF indexes knowledge for semantic search. Skills get enriched with historical context, deprecation warnings, and cross-reference intelligence.
53
+
54
+ You don't need all tools to start. SKF detects what you have and sets your tier automatically. See [How It Works](../architecture.md) for the full technical treatment.
55
+
56
+ ---
57
+
58
+ ## Drift
59
+
60
+ Drift happens when the source code changes but the skill instructions haven't been updated to match. A skill might still reference a function that was renamed, removed, or had its signature changed.
61
+
62
+ SKF detects drift by comparing the skill's recorded provenance against the current code. The `audit-skill` workflow (`@Ferris AS`) scans for these mismatches.
63
+
64
+ **Example:** Your skill says `createUser(name: string)` but the function was renamed to `registerUser(name: string, email: string)` in the last release. That's drift.
65
+
66
+ ---
67
+
68
+ ## Version Pinning
69
+
70
+ Every skill records the exact version (or commit) of the source code it was built from. This means you always know which version of the library the instructions apply to.
71
+
72
+ When the source updates, you can re-run `@Ferris US` (update-skill) to regenerate the skill for the new version while preserving any manual additions you've made.
73
+
74
+ ---
75
+
76
+ ## BMAD Module
77
+
78
+ SKF is a plugin (called a "module") for the [BMad Method](https://github.com/bmad-code-org/BMAD-METHOD), a framework for running structured AI workflows. BMad provides the workflow engine — step-by-step execution, shared knowledge bases, and consistent outputs. SKF plugs into that engine and focuses specifically on skill compilation.
79
+
80
+ You don't need to know BMad to use SKF. The standalone installer sets everything up.
81
+
82
+ ---
83
+
84
+ ## Ferris
85
+
86
+ Ferris is the AI agent persona that runs all SKF workflows. When you type `@Ferris CS`, you're telling Ferris to run the create-skill workflow.
87
+
88
+ Ferris switches between four modes depending on which workflow is active: Architect (exploring and building), Surgeon (precise updates), Audit (quality checks), and Delivery (packaging for distribution).
89
+
90
+ ---
91
+
92
+ ## Zero Hallucination
93
+
94
+ SKF's core principle: if an instruction can't be traced back to actual source code, it doesn't get included in the skill. This is the opposite of how most AI tools work — they generate plausible-sounding content from training data. SKF only includes what it can verify.
95
+
96
+ This doesn't mean skills are perfect. Quick-tier skills read source files without AST verification, so they rely on best-effort extraction. But even Quick skills cite their sources, and no tier includes invented information.
package/docs/examples.md CHANGED
@@ -9,6 +9,45 @@ This section provides practical examples for using SKF: Skill Forge.
9
9
 
10
10
  ---
11
11
 
12
+ ## What the Output Looks Like
13
+
14
+ When SKF generates a skill, you get a `SKILL.md` file with machine-readable frontmatter and provenance-backed instructions. Here's a trimmed example from a real skill generated for [cognee](https://github.com/topoteretes/cognee) (browse the full output at [oh-my-skills](https://github.com/armelhbobdad/oh-my-skills)):
15
+
16
+ **Frontmatter (tells AI agents when to load this skill):**
17
+
18
+ ```yaml
19
+ name: cognee
20
+ description: Use when cognee is a Python AI memory engine that transforms
21
+ documents into knowledge graphs with vector and graph storage for semantic
22
+ search and reasoning. Use this skill when writing code that calls cognee's
23
+ Python API (add, cognify, search, memify, config, datasets, prune, session).
24
+ ```
25
+
26
+ **Body (what your AI agent reads):**
27
+
28
+ ```
29
+ ## Key API Summary
30
+
31
+ | Function | Purpose | Key Params | Source |
32
+ |----------|---------|------------|--------|
33
+ | add() | Ingest text, files, binary data | data, dataset_name | [AST:cognee/api/v1/add/add.py:L22] |
34
+ | cognify() | Build knowledge graph | datasets, graph_model | [AST:cognee/api/v1/cognify/cognify.py:L47] |
35
+ | search() | Query knowledge graph | query_text, query_type | [AST:cognee/api/v1/search/search.py:L26] |
36
+ | memify() | Enrich graph with custom tasks | extraction_tasks, data | [AST:cognee/modules/memify/memify.py:L27] |
37
+ | session.* | Session history and feedback | get_session(), add_feedback() | [SRC:cognee/api/v1/session/__init__.py:L8] |
38
+ | DataPoint | Base class for custom graph nodes | inherit and add fields | [EXT:docs.cognee.ai/guides/custom-data-models] |
39
+ ```
40
+
41
+ Provenance tags trace each instruction to its source:
42
+ - `[AST:file:line]` — extracted from code via AST parsing (highest confidence)
43
+ - `[SRC:file:line]` — read from source code without AST verification
44
+ - `[EXT:url]` — sourced from external documentation
45
+ - `[QMD:collection:doc]` — surfaced from indexed developer discourse (issues, PRs, changelogs)
46
+
47
+ See [How It Works](../architecture.md) for the full output structure.
48
+
49
+ ---
50
+
12
51
  ## Example Workflows
13
52
 
14
53
  ### Quick Skill — 47 Seconds
@@ -93,7 +132,17 @@ Checks ecosystem first. If no official skill exists: generates from source. `sou
93
132
 
94
133
  No source code available — only documentation.
95
134
 
96
- Generate from docs + QMD-indexed content. T2/T3 confidence only. `source_authority: community`.
135
+ ```
136
+ @Ferris BS
137
+ # When asked for target, provide documentation URLs:
138
+ # https://docs.cognee.ai/
139
+ # Ferris sets source_type: "docs-only" and collects doc_urls
140
+ @Ferris CS
141
+ # step-03 skips (no source), step-03c fetches docs via doc_fetcher
142
+ # All content is T3 [EXT:url] confidence. source_authority: community
143
+ ```
144
+
145
+ The brief's `doc_urls` field drives the doc_fetcher step. The agent uses whatever web fetching tool is available in its environment (Firecrawl, WebFetch, curl, etc.) to retrieve documentation as markdown and extract API information with T3 citations.
97
146
 
98
147
  ---
99
148
 
@@ -139,6 +188,7 @@ Quick mode reads source without AST analysis. Install ast-grep to upgrade to For
139
188
 
140
189
  - Run `/bmad-help` — analyzes your current state and suggests what to do next
141
190
  (e.g. `/bmad-help my batch creation failed halfway, how do I resume?`)
191
+ *Provided by the [BMad Method](https://github.com/bmad-code-org/BMAD-METHOD) — not available in standalone SKF installations.*
142
192
  - Run `@Ferris SF` to check your current tier and tool availability
143
- - Review `forge-config.yaml` for runtime configuration
193
+ - Review `forge-tier.yaml` in your forger sidecar for runtime configuration
144
194
  - Check module configuration in your BMAD settings
@@ -11,7 +11,7 @@ Welcome to Skill Forge! This guide will help you get up and running.
11
11
 
12
12
  ## What This Module Does
13
13
 
14
- Skill Forge is an automated skill compiler for the AI agent ecosystem. It transforms code repositories, documentation websites, and developer discourse into agentskills.io-compliant, version-pinned, provenance-backed agent skills. Every instruction traces to actual code zero hallucination tolerance.
14
+ Skill Forge analyzes code repositories, documentation websites, and developer discourse to build verified instruction files ("skills") for AI agents. Instead of your agent guessing API calls from training data, it follows instructions where every function, type, and pattern traces back to its source — a file and line for code, a URL for documentation, an issue or PR for discourse. Skills comply with the [agentskills.io](https://agentskills.io) open standard and work across Claude, Cursor, Copilot, and other AI tools. See the [Concepts](../concepts.md) page for definitions of key terms.
15
15
 
16
16
  ---
17
17
 
@@ -22,11 +22,9 @@ There are three ways to install SKF, depending on your setup.
22
22
  ### Standalone (recommended for trying SKF)
23
23
 
24
24
  ```bash
25
- npx skill-forge install
25
+ npx bmad-module-skill-forge install
26
26
  ```
27
27
 
28
- Or equivalently: `npx bmad-module-skill-forge install`
29
-
30
28
  Installs SKF on its own. You'll be prompted for project name, output folders, and which IDEs to configure. The installer generates IDE-specific command files (e.g. `.claude/commands/`, `.cursor/commands/`) so workflows appear in your IDE's command palette.
31
29
 
32
30
  ### As a custom module during BMad Method installation
@@ -48,7 +46,7 @@ This installs BMad core + SKF together with full IDE integration, manifests, and
48
46
  If you already have BMad installed, you can add SKF afterward by running the standalone installer in the same directory:
49
47
 
50
48
  ```bash
51
- npx skill-forge install
49
+ npx bmad-module-skill-forge install
52
50
  ```
53
51
 
54
52
  The installer detects the existing `_bmad/` directory and installs SKF alongside your current modules.
@@ -57,13 +55,30 @@ The installer detects the existing `_bmad/` directory and installs SKF alongside
57
55
 
58
56
  ## Prerequisites
59
57
 
60
- | Tool | Required For | Install |
61
- |------------------------------------------------------------------------|--------------------|-----------------------------|
62
- | `gh` (GitHub CLI) | All modes | <https://cli.github.com> |
63
- | `ast-grep` (CLI tool for code structural search, lint, and rewriting) | Forge + Deep modes | <https://ast-grep.github.io> |
64
- | `qmd` (local hybrid search engine for markdown) | Deep mode | <https://github.com/tobi/qmd> |
58
+ | Tool | Required For | Install |
59
+ |------------------------------------------------------------------------|----------------------------|--------------------------------------------------------|
60
+ | [Node.js](https://nodejs.org/) >= 22 | Installation, npx commands | <https://nodejs.org> |
61
+ | `gh` (GitHub CLI) | All modes | <https://cli.github.com> |
62
+ | `ast-grep` (CLI tool for code structural search, lint, and rewriting) | Forge + Deep modes | <https://ast-grep.github.io> |
63
+ | `ast-grep` MCP server (recommended alongside CLI) | Forge + Deep modes | <https://github.com/ast-grep/ast-grep-mcp> |
64
+ | `qmd` (local hybrid search engine for project files) | Deep mode | <https://github.com/tobi/qmd> |
65
+ | `SNYK_TOKEN` (Snyk API token — **Enterprise plan required**) | Optional security scan | <https://docs.snyk.io/snyk-api/authentication-for-api> |
66
+
67
+ Don't worry if you don't have all tools — SKF detects what's available and sets your tier automatically. Security scanning via Snyk is optional and requires an Enterprise plan; it does not affect your tier level.
68
+
69
+ ---
70
+
71
+ ## Configuration
72
+
73
+ SKF has two install-time variables (defined in `src/module.yaml`) and one runtime preference:
74
+
75
+ | Variable | Purpose | Default |
76
+ |------------------------|------------------------------------------------------------------------------------------------------|-----------------------------|
77
+ | `skills_output_folder` | Where generated skills are saved | `{project-root}/skills` |
78
+ | `forge_data_folder` | Where workspace artifacts are stored | `{project-root}/forge-data` |
79
+ | `tier_override` | Force a specific tier for comparison or testing (in `_bmad/_memory/forger-sidecar/preferences.yaml`) | `~` (auto-detect) |
65
80
 
66
- Don't worry if you don't have all tools SKF detects what's available and sets your tier automatically.
81
+ Runtime configuration (tool detection, tier, parallel settings) is managed by the `setup-forge` workflow in `forge-tier.yaml`.
67
82
 
68
83
  ---
69
84
 
@@ -148,13 +163,13 @@ Analyze Source scans the project, identifies skillable units, maps exports, and
148
163
 
149
164
  ### I want the highest accuracy possible
150
165
 
151
- Quick mode reads source files. Forge mode adds AST parsing for structural truth. Deep mode goes further — QMD indexes your project's markdown (docs, changelogs, issues, migration guides) into searchable collections, then uses BM25 keyword search, vector semantic search, and LLM-powered re-ranking to surface context no other tool can find.
166
+ Quick mode reads source files. Forge mode adds AST parsing for structural truth. Deep mode goes further — as skills are compiled, SKF indexes curated extraction artifacts and skill briefs into QMD collections, then uses BM25 keyword search, vector semantic search, and LLM-powered re-ranking to surface context no other tool can find.
152
167
 
153
168
  ```
154
169
  @Ferris SF # Setup detects your tools and sets tier automatically
155
170
  ```
156
171
 
157
- If `ast-grep` and `qmd` are available, Ferris activates Deep mode. Every skill gets AST-verified signatures (T1) enriched with deep knowledge search (T2) — deprecation warnings, breaking change history, common pitfalls surfaced by hybrid search across your indexed documentation.
172
+ If `ast-grep` and `qmd` are available, Ferris activates Deep mode. Every skill gets AST-verified signatures (T1) enriched with deep knowledge search (T2) — deprecation warnings, breaking change history, common pitfalls surfaced by searching across your indexed skill artifacts.
158
173
 
159
174
  ### I maintain an OSS library and want official skills
160
175
 
@@ -194,5 +209,6 @@ Your existing skill is now out of date. Audit detects the drift, Update regenera
194
209
  If you run into issues:
195
210
  1. Run `/bmad-help` — analyzes your current state and suggests what to do next
196
211
  (e.g. `/bmad-help my quick skill has low confidence scores, how do I improve them?`)
212
+ *Provided by the [BMad Method](https://github.com/bmad-code-org/BMAD-METHOD) — not available in standalone SKF installations.*
197
213
  2. Run `@Ferris SF` to check your tool availability and tier
198
- 3. Check `forge-config.yaml` for your current configuration
214
+ 3. Check `forge-tier.yaml` in your forger sidecar for your current configuration
package/docs/index.md CHANGED
@@ -1,10 +1,10 @@
1
1
  ---
2
2
  title: Skill Forge (SKF)
3
- description: AST-verified, provenance-backed agent skills from code repositories, documentation, and developer discourse
3
+ description: Turn code and docs into instructions AI agents can actually follow
4
4
  template: splash
5
5
  hero:
6
6
  title: Skill Forge (SKF)
7
- tagline: AST-verified, provenance-backed agent skills from code repositories, documentation, and developer discourse
7
+ tagline: Turn code and docs into instructions AI agents can actually follow.
8
8
  actions:
9
9
  - text: Getting Started
10
10
  link: ./getting-started/
@@ -15,60 +15,35 @@ hero:
15
15
  icon: external
16
16
  ---
17
17
 
18
- ## What is Skill Forge?
18
+ ## What does Skill Forge do?
19
19
 
20
- Skill Forge is an automated skill compiler for the AI agent ecosystem. It transforms code repositories, documentation, and developer discourse into [agentskills.io](https://agentskills.io)-compliant, version-pinned, provenance-backed agent skills. Every instruction traces to verifiable sources zero hallucination tolerance.
21
-
22
- - **AST-Verified**: Structural truth via ast-grep — no guessing, no hallucination.
23
- - **Provenance-Backed**: Every claim traces to source code with file and line references.
24
- - **Progressive Tiers**: Quick (no setup) → Forge (ast-grep) → Deep (QMD knowledge).
25
- - **Ecosystem-First**: Checks for official skills before generating community ones.
20
+ AI agents hallucinate API calls. They invent function names, guess parameter types, and produce code that doesn't compile. Skill Forge fixes this by analyzing code repositories, documentation, and developer discourse — extracting real signatures and patterns and compiling them into verified instruction files that any AI agent can follow. Every instruction traces back to where it came from.
26
21
 
27
22
  ## Quick Install
28
23
 
29
- **Standalone:**
24
+ Requires [Node.js](https://nodejs.org/) >= 22.
30
25
 
31
26
  ```bash
32
- npx skill-forge install
27
+ npx bmad-module-skill-forge install
33
28
  ```
34
29
 
35
- **Or as a custom module with BMad Method** (for the full development workflow):
30
+ Then set up your environment and generate your first skill:
36
31
 
37
- ```bash
38
- npx bmad-method install # select "Add custom modules" and point to src/
39
32
  ```
40
-
41
- Then interact with the forge agent:
42
-
33
+ @Ferris SF # Set up your forge
34
+ @Ferris QS <package> # Generate a skill in under a minute
43
35
  ```
44
- @Ferris SF # Setup your forge environment
45
- @Ferris QS # Quick Skill — generate in under a minute
46
- ```
47
-
48
- See the [Getting Started](./getting-started.md) guide for all installation methods.
49
-
50
- ## Core Workflows
51
36
 
52
- | Workflow | Trigger | Purpose |
53
- |----------|---------|---------|
54
- | [Setup Forge](/workflows/#setup-forge-sf) | SF | Initialize forge, detect tools, set tier |
55
- | [Brief Skill](/workflows/#brief-skill-bs) | BS | Scope and design a skill |
56
- | [Create Skill](/workflows/#create-skill-cs) | CS | Compile a skill from a brief |
57
- | [Quick Skill](/workflows/#quick-skill-qs) | QS | Fast skill, no brief needed |
58
- | [Stack Skill](/workflows/#stack-skill-ss) | SS | Consolidated project stack skill |
59
- | [Update Skill](/workflows/#update-skill-us) | US | Regenerate after source changes |
60
- | [Audit Skill](/workflows/#audit-skill-as) | AS | Drift detection |
61
- | [Test Skill](/workflows/#test-skill-ts) | TS | Verify completeness |
62
- | [Export Skill](/workflows/#export-skill-ex) | EX | Package for distribution |
63
- | [Analyze Source](/workflows/#analyze-source-an) | AN | Discover what to skill |
37
+ See the [Getting Started](./getting-started/) guide for full installation and usage instructions.
64
38
 
65
39
  ## Documentation
66
40
 
67
- - **[Getting Started](./getting-started.md)** — Installation, prerequisites, first steps
68
- - **[Architecture](./architecture.md)** — Output format, confidence model, tiers, tool ecosystem
69
- - **[Agents](./agents.md)** — Ferris agent: modes, capabilities, communication style
70
- - **[Workflows](./workflows.md)** — All 10 workflows with commands and connection diagram
71
- - **[Examples](./examples.md)** — Real-world scenarios, tips, and troubleshooting
41
+ - **[Getting Started](./getting-started/)** — Installation, prerequisites, and your first skill
42
+ - **[Concepts](./concepts/)** — Plain-English definitions of key terms (provenance, tiers, drift, and more)
43
+ - **[How It Works](./architecture/)** — Architecture, capability model, output format, and design decisions
44
+ - **[Workflows](./workflows/)** — All 10 workflows with commands and connection diagrams
45
+ - **[Agents](./agents/)** — Ferris: the AI agent that runs all SKF workflows
46
+ - **[Examples](./examples/)** — Real-world scenarios, tips, and troubleshooting
72
47
 
73
48
  ## Support
74
49
 
package/docs/workflows.md CHANGED
@@ -5,7 +5,7 @@ description: All 10 SKF workflows with commands, steps, and connection diagram
5
5
 
6
6
  # Workflows Reference
7
7
 
8
- SKF includes 10 workflows organized by purpose:
8
+ SKF has 10 workflows. You trigger them by typing commands to [Ferris](../agents.md), the AI agent that runs everything. Each workflow handles a specific part of the skill lifecycle — from analyzing source code to packaging for distribution. If any terms are unfamiliar, see the [Concepts](../concepts.md) page for plain-English definitions.
9
9
 
10
10
  ---
11
11
 
@@ -15,11 +15,11 @@ SKF includes 10 workflows organized by purpose:
15
15
 
16
16
  **Command:** `@Ferris SF`
17
17
 
18
- **Purpose:** Initialize forge environment, detect tools, set capability tier, auto-index project.
18
+ **Purpose:** Initialize forge environment, detect tools, set capability tier, verify QMD collection health.
19
19
 
20
20
  **When to Use:** First time using SKF in a project. Run once per project.
21
21
 
22
- **Key Steps:** Detect tools → Determine tier → Create forge-config.yaml → Auto-index (Deep)
22
+ **Key Steps:** Detect tools → Determine tier → Write forge-tier.yaml → QMD hygiene (Deep)
23
23
 
24
24
  **Agent:** Ferris (Architect mode)
25
25
 
package/package.json CHANGED
@@ -1,14 +1,17 @@
1
1
  {
2
2
  "$schema": "https://json.schemastore.org/package.json",
3
3
  "name": "bmad-module-skill-forge",
4
- "version": "0.2.0",
5
- "description": "BMAD module — AST-verified, provenance-backed agent skills compiler with progressive capability tiers (Quick/Forge/Deep)",
4
+ "version": "0.4.0",
5
+ "description": "BMAD module — Turn code and docs into instructions AI agents can actually follow. Progressive capability tiers (Quick/Forge/Deep).",
6
6
  "keywords": [
7
7
  "bmad",
8
+ "bmad-method",
9
+ "bmad-module",
8
10
  "agent-skills",
9
11
  "agentskills",
10
12
  "skill-forge",
11
13
  "ast-grep",
14
+ "qmd",
12
15
  "provenance",
13
16
  "code-analysis"
14
17
  ],
@@ -20,8 +23,7 @@
20
23
  "author": "armelhbobdad",
21
24
  "main": "tools/cli/skf-cli.js",
22
25
  "bin": {
23
- "bmad-module-skill-forge": "tools/skf-npx-wrapper.js",
24
- "skill-forge": "tools/skf-npx-wrapper.js"
26
+ "bmad-module-skill-forge": "tools/skf-npx-wrapper.js"
25
27
  },
26
28
  "scripts": {
27
29
  "docs:build": "node tools/build-docs.js",
@@ -8,6 +8,6 @@ tools:
8
8
  qmd: ~
9
9
 
10
10
  # Capability tier (derived from tool availability)
11
- # Quick = no tools | Forge = ast-grep | Deep = ast-grep + gh + qmd
11
+ # Quick = no tools required | Forge = + ast-grep | Deep = + ast-grep + gh + QMD
12
12
  tier: ~
13
13
  tier_detected_at: ~
@@ -1,5 +1,12 @@
1
1
  # Ferris Sidecar: User Preferences
2
- # Written by setup-forge workflow on first run
2
+ # Created by setup-forge workflow on first run
3
+ # Edit this file to customize Ferris behavior
4
+
5
+ # Override detected tier (set to Quick, Forge, or Deep to force a tier)
6
+ tier_override: ~
7
+
8
+ # Passive context injection (set to false to skip snippet generation and CLAUDE.md updates during export)
9
+ passive_context: true
3
10
 
4
11
  # Language defaults
5
12
  output_language: ~
@@ -0,0 +1,55 @@
1
+ # Doc Fetcher
2
+
3
+ ## Purpose
4
+
5
+ T3 external documentation fetching retrieves content from URLs specified in the extraction brief. It serves as the primary extraction source in Scenario D (docs-only, SaaS, closed-source) where no source code is available, and as a supplemental source when a brief includes `doc_urls` alongside a source repository.
6
+
7
+ ## Tool-Agnostic Principle
8
+
9
+ `doc_fetcher` is not a wrapper around any specific CLI tool. The LLM agent uses whatever web fetching capability is available in its environment — Firecrawl MCP, WebFetch, curl, browser automation tools, or any other URL retrieval mechanism. The extraction workflow never assumes a particular fetching tool exists; it discovers available capabilities at runtime and uses the best option present.
10
+
11
+ ## T3 Quarantine Rules
12
+
13
+ All content obtained through doc fetching is classified as **external, untrusted** and subject to quarantine constraints:
14
+
15
+ 1. **Citation format** — every doc-fetched claim uses `[EXT:{url}]` citation format
16
+ 2. **Conflict resolution priority** — T3 has the lowest priority: `T1 > T2 > source reading > T3`
17
+ 3. **Source authority cap** — T3 content forces `source_authority: community` in metadata; it never qualifies as `official`
18
+ 4. **No structural claims** — T3 cannot assert verified signatures or line-level precision
19
+
20
+ ## When to Use
21
+
22
+ | Scenario | Role | Example |
23
+ | --- | --- | --- |
24
+ | Scenario D — docs-only / SaaS / closed-source | **Primary source** | Stripe API, Twilio SDK docs |
25
+ | Brief includes `doc_urls` alongside source repo | **Supplemental enrichment** | README links, hosted API reference |
26
+
27
+ When used as supplemental enrichment, T3 content adds context but never overrides T1 or T1-low claims extracted from the actual source code.
28
+
29
+ ## Security Considerations
30
+
31
+ - URLs specified in the brief are transmitted to external services for content extraction — the agent must inform the user which URLs will be fetched before initiating retrieval
32
+ - Fetched content should not be trusted as authoritative; it may be outdated, modified, or incorrect
33
+ - The agent should not follow redirects to unexpected domains without user confirmation
34
+
35
+ ## Interaction with Other Tiers
36
+
37
+ - **T3 never replaces T1 (AST) or T2 (QMD)** content for the same export — quarantine rules enforce this
38
+ - **Deep tier**: T3 content can be enriched by QMD (T2 annotations layered onto a T3 base), producing richer output while preserving the T3 confidence label on the base claim
39
+ - **Forge tier**: T3 content exists alongside T1 AST content; T1 takes precedence for any overlapping claims
40
+ - **Quick tier**: T3 may be the only external enrichment available, but T1-low source-read claims still outrank it
41
+
42
+ ## Anti-Patterns
43
+
44
+ - Citing doc-fetched content with `[AST:...]` or `[SRC:...]` format — always use `[EXT:{url}]`
45
+ - Promoting T3 claims to `source_authority: official` regardless of the documentation source
46
+ - Fetching URLs without informing the user which external services will be contacted
47
+ - Using T3 content to override a contradicting T1 or T1-low extraction
48
+
49
+ ## Related Fragments
50
+
51
+ - [confidence-tiers.md](confidence-tiers.md) — tier definitions, citation formats, and precedence rules
52
+ - [progressive-capability.md](progressive-capability.md) — how capability tiers determine available extraction methods
53
+ - [zero-hallucination.md](zero-hallucination.md) — the foundational principle that T3 quarantine enforces
54
+
55
+ _Source: consolidated from extraction brief schema, create-skill Scenario D handling, and confidence tier conflict resolution rules_
@@ -20,15 +20,16 @@ With knowledge files:
20
20
 
21
21
  ## Knowledge Map
22
22
 
23
- | File | Purpose | Key Workflows |
24
- | --- | --- | --- |
25
- | [zero-hallucination.md](zero-hallucination.md) | Every claim traces to source; uncitable content excluded | AN, BS, CS, QS, SS, US, AS, TS |
26
- | [confidence-tiers.md](confidence-tiers.md) | T1/T1-low/T2/T3 trust model and citation formats | AN, BS, CS, QS, SS, US, AS, TS, EX |
27
- | [progressive-capability.md](progressive-capability.md) | Quick/Forge/Deep tier philosophy and behavior adaptation | All 10 |
28
- | [agentskills-spec.md](agentskills-spec.md) | agentskills.io output format principles and compliance | CS, QS, SS, US, TS, EX |
29
- | [skill-lifecycle.md](skill-lifecycle.md) | End-to-end pipeline, artifact flow, workflow selection | All 10 |
30
- | [provenance-tracking.md](provenance-tracking.md) | Provenance-map.json, evidence reports, claim traceability | CS, QS, SS, US, AS, TS |
31
- | [manual-section-integrity.md](manual-section-integrity.md) | \[MANUAL\] marker preservation and merge algorithm | CS, US, AS, TS, EX |
23
+ | File | Purpose | Key Workflows |
24
+ |------------------------------------------------------------|-------------------------------------------------------------------|------------------------------------|
25
+ | [zero-hallucination.md](zero-hallucination.md) | Every claim traces to source; uncitable content excluded | AN, BS, CS, QS, SS, US, AS, TS |
26
+ | [confidence-tiers.md](confidence-tiers.md) | T1/T1-low/T2/T3 trust model and citation formats | AN, BS, CS, QS, SS, US, AS, TS, EX |
27
+ | [progressive-capability.md](progressive-capability.md) | Quick/Forge/Deep tier philosophy and behavior adaptation | All 10 |
28
+ | [agentskills-spec.md](agentskills-spec.md) | agentskills.io output format principles and compliance | CS, QS, SS, US, TS, EX |
29
+ | [skill-lifecycle.md](skill-lifecycle.md) | End-to-end pipeline, artifact flow, workflow selection | All 10 |
30
+ | [provenance-tracking.md](provenance-tracking.md) | Provenance-map.json, evidence reports, claim traceability | CS, QS, SS, US, AS, TS |
31
+ | [manual-section-integrity.md](manual-section-integrity.md) | \[MANUAL\] marker preservation and merge algorithm | CS, US, AS, TS, EX |
32
+ | [qmd-registry.md](qmd-registry.md) | Progressive QMD collection registry and collection gate principle | SF, BS, CS, US, AS |
32
33
 
33
34
  ## JiT Loading Protocol
34
35
 
@@ -39,13 +40,13 @@ With knowledge files:
39
40
 
40
41
  ## Knowledge vs. Data
41
42
 
42
- | Aspect | Knowledge Files (`knowledge/`) | Data Files (`data/`) |
43
- | --- | --- | --- |
44
- | Scope | Cross-cutting, multi-workflow | Single workflow, single step |
45
- | Content | Principles, patterns, judgment rules | Schemas, templates, scoring formulas |
46
- | Loading | JiT via index lookup | JiT via step instruction |
47
- | Examples | Zero hallucination, confidence tiers | skill-brief-schema.md, scoring-rules.md |
48
- | Stability | Rarely changes | Changes with workflow evolution |
43
+ | Aspect | Knowledge Files (`knowledge/`) | Data Files (`data/`) |
44
+ |-----------|--------------------------------------|-----------------------------------------|
45
+ | Scope | Cross-cutting, multi-workflow | Single workflow, single step |
46
+ | Content | Principles, patterns, judgment rules | Schemas, templates, scoring formulas |
47
+ | Loading | JiT via index lookup | JiT via step instruction |
48
+ | Examples | Zero hallucination, confidence tiers | skill-brief-schema.md, scoring-rules.md |
49
+ | Stability | Rarely changes | Changes with workflow evolution |
49
50
 
50
51
  ## Related Fragments
51
52
 
@@ -87,7 +87,7 @@ Deep: "Full intelligence pipeline — AST verification plus GitHub exploration
87
87
  **Context:** The test-skill workflow adjusts scoring weights based on the forge tier.
88
88
 
89
89
  **Implementation:**
90
- - **Quick (Naive mode):** Export Coverage 50%, Signature Accuracy 30%, Type Coverage 20%. No coherence check — AST verification unavailable.
90
+ - **Quick (Naive mode):** Export Coverage 45%, Signature Accuracy 25%, Type Coverage 20%, External Validation 10%. No coherence check — AST verification unavailable. When external validation tools (skill-check, tessl) are unavailable, their 10% is redistributed proportionally across the remaining categories.
91
91
  - **Forge (Contextual mode):** Export Coverage 40%, Signature Accuracy 25%, Type Coverage 15%, Coherence 20%. Full AST-backed verification.
92
92
  - **Deep (Contextual mode):** Same weights as Forge, plus cross-repo verification and QMD coherence checks feed into the coherence score.
93
93
 
@@ -104,12 +104,20 @@ When a tool becomes unavailable mid-session (e.g., ast-grep uninstalled between
104
104
  3. New extractions use the current tier's capabilities
105
105
  4. The tier change is logged in the sidecar for audit trail
106
106
 
107
+ When source is remote (GitHub URL) and tier is Forge or Deep:
108
+ 1. AST extraction requires local files — ast-grep cannot operate on remote URLs
109
+ 2. The extraction step attempts an **ephemeral shallow clone** to a system temp path (if `git` is available)
110
+ 3. If the clone succeeds: AST extraction proceeds on the local clone, then the temp directory is cleaned up
111
+ 4. If the clone fails (or `git` is unavailable): the step warns the user explicitly and degrades to source reading (T1-low) with actionable guidance
112
+ 5. Silent degradation is forbidden — the user must always know when AST extraction was skipped and why
113
+
107
114
  ## Anti-Patterns
108
115
 
109
116
  - Describing Quick tier as "basic" or "limited" — it is fast and legitimate
110
117
  - Requiring ast-grep for workflows that work fine without it (setup-forge, brief-skill)
111
118
  - Mixing tier capabilities in a single extraction (e.g., T1 citations when only source reading was used)
112
119
  - Failing a workflow because the tier is "too low" — adapt behavior instead
120
+ - Silent degradation when source is remote at Forge/Deep tier — always warn with actionable guidance
113
121
 
114
122
  ## Related Fragments
115
123