bmad-module-skill-forge 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +1 -1
  2. package/docs/concepts.md +1 -1
  3. package/docs/examples.md +1 -1
  4. package/docs/index.md +1 -1
  5. package/package.json +1 -1
  6. package/src/knowledge/agentskills-spec.md +25 -0
  7. package/src/knowledge/manual-section-integrity.md +8 -0
  8. package/src/knowledge/overview.md +2 -1
  9. package/src/knowledge/provenance-tracking.md +13 -0
  10. package/src/knowledge/skf-knowledge-index.csv +3 -2
  11. package/src/knowledge/skill-lifecycle.md +2 -2
  12. package/src/knowledge/split-body-strategy.md +41 -0
  13. package/src/workflows/analyze-source/data/skill-brief-schema.md +2 -0
  14. package/src/workflows/analyze-source/data/unit-detection-heuristics.md +26 -0
  15. package/src/workflows/analyze-source/steps-c/step-02-scan-project.md +1 -1
  16. package/src/workflows/analyze-source/steps-c/step-03-identify-units.md +1 -1
  17. package/src/workflows/analyze-source/steps-c/step-04-map-and-detect.md +5 -4
  18. package/src/workflows/analyze-source/steps-c/step-05-recommend.md +1 -1
  19. package/src/workflows/analyze-source/steps-c/step-06-generate-briefs.md +1 -1
  20. package/src/workflows/audit-skill/steps-c/step-01-init.md +2 -0
  21. package/src/workflows/audit-skill/steps-c/step-03-structural-diff.md +14 -0
  22. package/src/workflows/brief-skill/data/scope-templates.md +4 -0
  23. package/src/workflows/brief-skill/data/skill-brief-schema.md +4 -0
  24. package/src/workflows/brief-skill/steps-c/step-03-scope-definition.md +12 -0
  25. package/src/workflows/create-skill/data/compile-assembly-rules.md +43 -2
  26. package/src/workflows/create-skill/data/extraction-patterns-tracing.md +110 -0
  27. package/src/workflows/create-skill/data/extraction-patterns.md +4 -38
  28. package/src/workflows/create-skill/data/skill-sections.md +29 -3
  29. package/src/workflows/create-skill/steps-c/step-03-extract.md +22 -1
  30. package/src/workflows/create-skill/steps-c/step-05-compile.md +6 -2
  31. package/src/workflows/create-skill/steps-c/step-06-validate.md +8 -9
  32. package/src/workflows/create-skill/steps-c/step-07-generate-artifacts.md +14 -1
  33. package/src/workflows/create-stack-skill/steps-c/step-06-compile-stack.md +2 -2
  34. package/src/workflows/create-stack-skill/steps-c/step-08-validate.md +1 -1
  35. package/src/workflows/export-skill/data/snippet-format.md +1 -1
  36. package/src/workflows/export-skill/steps-c/step-02-package.md +7 -3
  37. package/src/workflows/export-skill/steps-c/step-03-generate-snippet.md +3 -1
  38. package/src/workflows/quick-skill/steps-c/step-04-compile.md +3 -2
  39. package/src/workflows/test-skill/data/scoring-rules.md +9 -0
  40. package/src/workflows/test-skill/steps-c/step-03-coverage-check.md +3 -1
  41. package/src/workflows/test-skill/steps-c/step-04-coherence-check.md +4 -1
  42. package/src/workflows/test-skill/steps-c/step-04b-external-validators.md +7 -3
  43. package/src/workflows/test-skill/steps-c/step-05-score.md +1 -1
  44. package/src/workflows/test-skill/steps-c/step-06-report.md +27 -0
  45. package/src/workflows/update-skill/steps-c/step-02-detect-changes.md +11 -0
  46. package/src/workflows/update-skill/steps-c/step-04-merge.md +8 -0
  47. package/src/workflows/update-skill/steps-c/step-05-validate.md +1 -1
  48. package/src/workflows/update-skill/steps-c/step-06-write.md +6 -1
  49. /package/docs/{architecture.md → how-it-works.md} +0 -0
package/README.md CHANGED
@@ -89,7 +89,7 @@ See the [workflows docs](https://armelhbobdad.github.io/bmad-module-skill-forge/
89
89
 
90
90
  - **[Getting Started](https://armelhbobdad.github.io/bmad-module-skill-forge/getting-started/)** — Installation, prerequisites, and your first skill
91
91
  - **[Concepts](https://armelhbobdad.github.io/bmad-module-skill-forge/concepts/)** — Plain-English definitions of all key terms
92
- - **[How It Works](https://armelhbobdad.github.io/bmad-module-skill-forge/architecture/)** — Architecture, capability tiers, output format, and design decisions
92
+ - **[How It Works](https://armelhbobdad.github.io/bmad-module-skill-forge/how-it-works/)** — Architecture, capability tiers, output format, and design decisions
93
93
  - **[Workflows](https://armelhbobdad.github.io/bmad-module-skill-forge/workflows/)** — All 10 workflows with commands and connection diagrams
94
94
  - **[Agents](https://armelhbobdad.github.io/bmad-module-skill-forge/agents/)** — Ferris: the AI agent that runs all SKF workflows
95
95
  - **[Examples](https://armelhbobdad.github.io/bmad-module-skill-forge/examples/)** — Real-world scenarios, tips, and troubleshooting
package/docs/concepts.md CHANGED
@@ -51,7 +51,7 @@ Your capability tier depends on which tools you have installed. Each tier builds
51
51
  - **Forge** — Adds [ast-grep](https://ast-grep.github.io). SKF uses AST parsing for structural truth. Instructions are verified against the actual code structure.
52
52
  - **Deep** — Adds [QMD](https://github.com/tobi/qmd). SKF indexes knowledge for semantic search. Skills get enriched with historical context, deprecation warnings, and cross-reference intelligence.
53
53
 
54
- You don't need all tools to start. SKF detects what you have and sets your tier automatically. See [How It Works](../architecture.md) for the full technical treatment.
54
+ You don't need all tools to start. SKF detects what you have and sets your tier automatically. See [How It Works](../how-it-works.md) for the full technical treatment.
55
55
 
56
56
  ---
57
57
 
package/docs/examples.md CHANGED
@@ -44,7 +44,7 @@ Provenance tags trace each instruction to its source:
44
44
  - `[EXT:url]` — sourced from external documentation
45
45
  - `[QMD:collection:doc]` — surfaced from indexed developer discourse (issues, PRs, changelogs)
46
46
 
47
- See [How It Works](../architecture.md) for the full output structure.
47
+ See [How It Works](../how-it-works.md) for the full output structure.
48
48
 
49
49
  ---
50
50
 
package/docs/index.md CHANGED
@@ -40,7 +40,7 @@ See the [Getting Started](./getting-started/) guide for full installation and us
40
40
 
41
41
  - **[Getting Started](./getting-started/)** — Installation, prerequisites, and your first skill
42
42
  - **[Concepts](./concepts/)** — Plain-English definitions of key terms (provenance, tiers, drift, and more)
43
- - **[How It Works](./architecture/)** — Architecture, capability model, output format, and design decisions
43
+ - **[How It Works](./how-it-works/)** — Architecture, capability model, output format, and design decisions
44
44
  - **[Workflows](./workflows/)** — All 10 workflows with commands and connection diagrams
45
45
  - **[Agents](./agents/)** — Ferris: the AI agent that runs all SKF workflows
46
46
  - **[Examples](./examples/)** — Real-world scenarios, tips, and troubleshooting
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "$schema": "https://json.schemastore.org/package.json",
3
3
  "name": "bmad-module-skill-forge",
4
- "version": "0.4.0",
4
+ "version": "0.5.0",
5
5
  "description": "BMAD module — Turn code and docs into instructions AI agents can actually follow. Progressive capability tiers (Quick/Forge/Deep).",
6
6
  "keywords": [
7
7
  "bmad",
@@ -36,7 +36,9 @@ description: >
36
36
 
37
37
  **Frontmatter constraints:**
38
38
  - `name`: 1-64 characters, lowercase alphanumeric + hyphens, must match parent directory name
39
+ - **Naming convention:** Prefer gerund form (verb + -ing) for clarity: `processing-pdfs`, `analyzing-spreadsheets`, `managing-databases`. Noun phrases (`pdf-processing`) and action-oriented forms (`process-pdfs`) are acceptable alternatives. Avoid vague names (`helper`, `utils`, `tools`).
39
40
  - `description`: 1-1024 characters, trigger-optimized for agent matching
41
+ - **MUST use third-person voice.** The description is injected into the system prompt; inconsistent point-of-view causes discovery problems. Write "Processes Excel files and generates reports" — never "I can help you process Excel files" or "You can use this to process Excel files."
40
42
 
41
43
  **Body:** Free-form markdown — no structural restrictions, but Skill Forge follows a consistent section order (see skill-sections.md in create-skill/data/).
42
44
 
@@ -52,6 +54,8 @@ skill-name/
52
54
 
53
55
  All subdirectories are exactly one level deep. Files are loaded on demand when SKILL.md directs — never automatically.
54
56
 
57
+ Scripts and assets extracted by Skill Forge inherit provenance from their source repository. Each file receives a `[SRC:{source_path}:L1]` citation (T1-low confidence) and a SHA-256 content hash for drift detection. Scripts must follow the quality principles in the Script Quality section below. Assets are static files loaded on demand — agents use them as directed by SKILL.md instructions.
58
+
55
59
  ## Progressive Disclosure Model
56
60
 
57
61
  The format implements a three-phase loading model:
@@ -141,6 +145,24 @@ the user's configuration against the expected structure.
141
145
  - Line count is a guideline — exceeding 500 lines produces a warning
142
146
  - Path validation prevents broken references in the published skill
143
147
 
148
+ ## MCP Tool References
149
+
150
+ If a skill references MCP (Model Context Protocol) tools, always use fully qualified names to avoid "tool not found" errors: `ServerName:tool_name` (e.g., `BigQuery:bigquery_schema`, `GitHub:create_issue`). Without the server prefix, agents may fail to locate the tool when multiple MCP servers are available.
151
+
152
+ ## Script Quality
153
+
154
+ Skills that include executable scripts in `scripts/` must follow these principles:
155
+
156
+ - **Solve, don't punt.** Scripts handle errors explicitly rather than failing and leaving the agent to figure it out. Provide fallback behavior, descriptive error messages, and recovery paths.
157
+ - **No voodoo constants.** Every magic number or configuration value must be justified with a comment explaining why that value was chosen. If you don't know the right value, the agent won't either.
158
+ - **Descriptive error output.** Write error messages to stdout/stderr that enable agents to self-correct without user intervention (e.g., "Field 'signature_date' not found. Available fields: customer_name, order_total").
159
+
160
+ ## Development Methodology
161
+
162
+ - **Evaluation-driven development.** Define 2-3 concrete use cases and realistic test prompts before building the skill. Build evaluations before writing extensive documentation — this ensures the skill solves real problems rather than documenting imagined ones.
163
+ - **Realistic test prompts.** Test with prompts the way real users actually talk — with typos, casual abbreviations, and incomplete context. A skill tested only with clean prompts will break in unexpected ways in production.
164
+ - **Iterative refinement.** Observe how agents navigate and use the skill. Watch for unexpected exploration paths, missed references, overreliance on certain sections, and ignored content. Iterate based on observed behavior, not assumptions.
165
+
144
166
  ## Anti-Patterns
145
167
 
146
168
  - Writing skills as documentation (README-style) instead of procedural agent instructions
@@ -148,6 +170,9 @@ the user's configuration against the expected structure.
148
170
  - Vague descriptions ("helps with databases") — descriptions must be specific and trigger-optimized
149
171
  - Including redundant content that duplicates what the agent already knows (standard language features, basic CLI commands)
150
172
  - Bundling large library code inside skills — skills reference existing tools, not replace them
173
+ - Time-sensitive instructions ("If before August 2025, use the old API") — use versioned sections instead
174
+ - Offering too many tool/library options without a clear default — provide one recommended approach with escape hatches for edge cases
175
+ - Inconsistent terminology — mixing synonyms ("API endpoint", "URL", "route") confuses agent execution
151
176
 
152
177
  ## Related Fragments
153
178
 
@@ -38,6 +38,14 @@ by the forge during updates or regeneration.
38
38
  - Nested \[MANUAL\] blocks are forbidden — trigger an ERROR if detected
39
39
  - Markers apply to any output file: `SKILL.md`, `references/*.md`, integration files
40
40
 
41
+ ### [MANUAL] Subdirectories
42
+
43
+ User-authored scripts and assets are placed in `scripts/[MANUAL]/` and `assets/[MANUAL]/` subdirectories within the skill package. These follow the same preservation principle as markdown `<!-- [MANUAL] -->` markers:
44
+
45
+ - Files in `[MANUAL]/` subdirectories are preserved unconditionally during `update-skill`
46
+ - Source-derived scripts/assets (outside `[MANUAL]/`) are refreshed from source during updates
47
+ - Conflicts (user file has same name as source file outside `[MANUAL]/`) are flagged as HIGH severity
48
+
41
49
  ## Pattern Examples
42
50
 
43
51
  ### Example 1: Adding Manual Context to a Generated Skill
@@ -27,9 +27,10 @@ With knowledge files:
27
27
  | [progressive-capability.md](progressive-capability.md) | Quick/Forge/Deep tier philosophy and behavior adaptation | All 10 |
28
28
  | [agentskills-spec.md](agentskills-spec.md) | agentskills.io output format principles and compliance | CS, QS, SS, US, TS, EX |
29
29
  | [skill-lifecycle.md](skill-lifecycle.md) | End-to-end pipeline, artifact flow, workflow selection | All 10 |
30
- | [provenance-tracking.md](provenance-tracking.md) | Provenance-map.json, evidence reports, claim traceability | CS, QS, SS, US, AS, TS |
30
+ | [provenance-tracking.md](provenance-tracking.md) | Provenance-map.json entries and file_entries, evidence reports, claim traceability | CS, QS, SS, US, AS, TS |
31
31
  | [manual-section-integrity.md](manual-section-integrity.md) | \[MANUAL\] marker preservation and merge algorithm | CS, US, AS, TS, EX |
32
32
  | [qmd-registry.md](qmd-registry.md) | Progressive QMD collection registry and collection gate principle | SF, BS, CS, US, AS |
33
+ | [split-body-strategy.md](split-body-strategy.md) | Selective vs full split-body, detection pattern, agent accuracy | CS, QS, US, TS, EX |
33
34
 
34
35
  ## JiT Loading Protocol
35
36
 
@@ -147,6 +147,19 @@ With provenance tracking:
147
147
  - Provenance timestamps show when each entry was last verified
148
148
  - The merge preserves \[MANUAL\] section provenance (author: "manual", no source location)
149
149
 
150
+ ### File-Level Provenance (file_entries)
151
+
152
+ Scripts and assets use a separate `file_entries` array in `provenance-map.json`, distinct from the export-level `entries` array:
153
+
154
+ | Field | Description |
155
+ |-------|-------------|
156
+ | `file_name` | Path relative to skill root (e.g., `scripts/validate.sh`) |
157
+ | `file_type` | `script` or `asset` |
158
+ | `source_file` | Path relative to source root |
159
+ | `confidence` | Always `T1-low` (file-copy, not AST-verified) |
160
+ | `extraction_method` | Always `file-copy` |
161
+ | `content_hash` | SHA-256 of file content (for drift detection) |
162
+
150
163
  ## Inline Citation Rules
151
164
 
152
165
  Citations appear directly in SKILL.md content:
@@ -3,9 +3,10 @@ overview,Knowledge Overview,"Entry point — knowledge map, JiT loading protocol
3
3
  zero-hallucination,Zero Hallucination Principle,"Foundational principle — uncitable content is excluded not guessed, every claim traces to source","integrity,provenance,extraction",core,knowledge/zero-hallucination.md
4
4
  confidence-tiers,Confidence Tiers,"Trust model — T1/T1-low/T2/T3 labels, citation formats, tier interaction rules","confidence,citations,evidence,tiers",core,knowledge/confidence-tiers.md
5
5
  progressive-capability,Progressive Capability,"Quick/Forge/Deep philosophy — every tier is legitimate, positive framing, graceful degradation","tiers,quick,forge,deep,capability",core,knowledge/progressive-capability.md
6
- agentskills-spec,agentskills.io Specification,"Format principles — frontmatter, progressive disclosure, directory structure, compliance rules","agentskills,format,compliance,output",core,knowledge/agentskills-spec.md
6
+ agentskills-spec,agentskills.io Specification,"Format principles — frontmatter, progressive disclosure, directory structure, compliance rules, MCP tool naming, script quality, development methodology","agentskills,format,compliance,output,mcp,scripts,methodology",core,knowledge/agentskills-spec.md
7
7
  skill-lifecycle,Skill Lifecycle,"End-to-end pipeline — workflow connections, artifact flow, decision rules for workflow selection","lifecycle,pipeline,workflows,artifacts",core,knowledge/skill-lifecycle.md
8
- provenance-tracking,Provenance Tracking,"Provenance mechanism — provenance-map.json, evidence reports, claim traceability","provenance,evidence,traceability,citations",core,knowledge/provenance-tracking.md
8
+ provenance-tracking,Provenance Tracking,"Provenance mechanism — provenance-map.json entries and file_entries, evidence reports, claim traceability","provenance,evidence,traceability,citations,file-entries",core,knowledge/provenance-tracking.md
9
9
  manual-section-integrity,Manual Section Integrity,"[MANUAL] preservation — marker format, merge algorithm, orphan detection","manual,preservation,merge,markers",core,knowledge/manual-section-integrity.md
10
10
  qmd-registry,QMD Collection Registry,"Progressive registry architecture — producer/consumer/janitor roles, collection gate principle, forge-tier.yaml registry schema","qmd,registry,collections,deep,indexing",core,knowledge/qmd-registry.md
11
11
  doc-fetcher,Doc Fetcher,"T3 external documentation — tool-agnostic URL fetching, quarantine rules, conflict resolution","doc-fetcher,t3,external,documentation,quarantine",extended,knowledge/doc-fetcher.md
12
+ split-body-strategy,Split-Body Strategy,"Selective split guidance — detection pattern, recommended approach, impact on tessl scores and snippet anchors","split-body,selective-split,references,body-size",core,knowledge/split-body-strategy.md
@@ -25,7 +25,7 @@ With lifecycle awareness:
25
25
  | Setup | SF (Setup Forge) | Detect environment and set capability tier | `forge-tier.yaml` |
26
26
  | Discovery | AN (Analyze Source) | Scan project, identify skillable units | Analysis report, skill briefs |
27
27
  | Design | BS (Brief Skill) | Interactive scope definition for one skill | `skill-brief.yaml` |
28
- | Compilation | CS, QS, SS (Create/Quick/Stack) | Extract source and compile skill | `SKILL.md`, metadata, provenance |
28
+ | Compilation | CS, QS, SS (Create/Quick/Stack) | Extract source and compile skill | `SKILL.md`, metadata, provenance, `scripts/`, `assets/` (when source contains them) |
29
29
  | Maintenance | US, AS (Update/Audit) | Detect drift and refresh skills | Updated `SKILL.md`, drift report |
30
30
  | Verification | TS (Test Skill) | Quality gate — completeness scoring | Test report, pass/fail decision |
31
31
  | Distribution | EX (Export Skill) | Package and inject into agent context | agentskills.io bundle, snippets |
@@ -108,7 +108,7 @@ SF → forge-tier.yaml
108
108
  ↓ (read by all subsequent workflows)
109
109
  AN → analysis-report.md + skill-brief.yaml[]
110
110
  ↓ (briefs consumed by CS)
111
- CS → SKILL.md + metadata.json + provenance-map.json + evidence-report.md
111
+ CS → SKILL.md + metadata.json + provenance-map.json + scripts/ + assets/ (when present) + evidence-report.md
112
112
  ↓ (skill consumed by TS)
113
113
  TS → test-report.md (pass/fail gate)
114
114
  ↓ (passing skill consumed by EX)
@@ -0,0 +1,41 @@
1
+ # Split-Body Strategy
2
+
3
+ ## Principle
4
+
5
+ Selective split is the recommended strategy when `split-body` is needed. Extract only the largest Tier 2 section(s) to stay under the `body.max_lines` limit — keep all actionable Tier 1 content inline. Full split-body reduces agent accuracy because on-demand retrieval underperforms inline passive context.
6
+
7
+ ## Rationale
8
+
9
+ Vercel research shows inline passive context achieves 100% task accuracy vs 79% for on-demand retrieval. Full split-body moves all Tier 2 content to `references/`, forcing agents to retrieve it on demand. Selective split preserves the most-used content inline while still satisfying the body size constraint.
10
+
11
+ Without selective split awareness:
12
+ - `skill-check split-body --write` extracts everything, reducing agent effectiveness
13
+ - tessl content scores drop dramatically (65% → 38%) because only SKILL.md body is evaluated
14
+ - Context snippet anchors (`#quick-start`, `#key-types`) may break if those sections move to references
15
+
16
+ With selective split awareness:
17
+ - Only the largest Tier 2 section(s) are extracted (usually Full API Reference or Full Type Definitions)
18
+ - Quick Start, Key API Summary, Key Types, Migration Warnings stay inline
19
+ - Agent accuracy remains high for common tasks
20
+ - tessl scores reflect actual inline content quality
21
+
22
+ ## Split-Body Detection Pattern
23
+
24
+ A split-body skill is identified by:
25
+ 1. A `references/` directory exists alongside SKILL.md
26
+ 2. SKILL.md Tier 2 sections (headings starting with `## Full`) contain only stubs or are absent — their content lives in `references/*.md`
27
+ 3. The skill's full documented content spans SKILL.md + `references/*.md`
28
+
29
+ When processing a split-body skill, any workflow step that reads SKILL.md content must also traverse `references/*.md` to get the complete picture.
30
+
31
+ ## Recommended Approach
32
+
33
+ When `body.max_lines` is exceeded:
34
+ 1. Identify which Tier 2 section(s) are largest (usually `## Full API Reference`)
35
+ 2. Extract only those specific sections to `references/`
36
+ 3. Keep all Tier 1 sections and smaller Tier 2 sections inline
37
+ 4. Verify context snippet anchors still resolve after extraction
38
+
39
+ ## Scripts and Assets Interaction
40
+
41
+ Split-body affects only SKILL.md content movement to `references/`. The `scripts/` and `assets/` directories are unaffected — they remain as top-level siblings of SKILL.md regardless of split-body decisions. They do not count toward the body line limit.
@@ -24,6 +24,8 @@ Defines the output contract for skill-brief.yaml files generated by analyze-sour
24
24
  |-------|------|------------|-------------|
25
25
  | source_type | string | `source` or `docs-only` | Default `source`. When `docs-only`: `source_repo` optional, `doc_urls` required |
26
26
  | doc_urls | array | `{url, label}` objects | Documentation URLs for T3 content. Required when `source_type: "docs-only"` |
27
+ | `scripts_intent` | string | `detect` / `none` / free-text | Describes whether scripts should be extracted. Values: `detect` (auto-detect from source — default when absent), `none` (skip scripts), or a free-text description of expected scripts (e.g., "CLI validation tools in bin/"). |
28
+ | `assets_intent` | string | `detect` / `none` / free-text | Describes whether assets should be extracted. Values: `detect` (auto-detect from source — default when absent), `none` (skip assets), or a free-text description of expected assets (e.g., "JSON schemas in schemas/"). |
27
29
 
28
30
  ## Version Detection
29
31
 
@@ -70,6 +70,32 @@ Do NOT recommend as a skillable unit if:
70
70
  5. **Vendor/dependency**: Third-party code copied into project
71
71
  6. **Already skilled**: Existing skill found in forge_data_folder (recommend update-skill instead)
72
72
 
73
+ ## Script/Asset Detection Signals
74
+
75
+ During per-unit analysis, check for scripts and assets alongside code exports.
76
+
77
+ **Script signals:**
78
+
79
+ | Strength | Signal | Example |
80
+ |----------|--------|---------|
81
+ | Strong | Entry point in `package.json` `bin`, Cargo.toml `[[bin]]`, pyproject.toml `[project.scripts]` | `"bin": { "migrate": "scripts/migrate.js" }` |
82
+ | Strong | Shebang + executable file | `#!/usr/bin/env python` in `scripts/setup.py` |
83
+ | Moderate | File in `scripts/`, `bin/`, `tools/`, `cli/` directory | `scripts/validate.sh` |
84
+ | Moderate | CI/CD reference to script | `.github/workflows/test.yml` runs `scripts/test.sh` |
85
+
86
+ **Asset signals:**
87
+
88
+ | Strength | Signal | Example |
89
+ |----------|--------|---------|
90
+ | Strong | JSON Schema file with `$schema` key | `schemas/config.schema.json` |
91
+ | Strong | Config template with `.example` or `.template` extension | `config.yaml.example` |
92
+ | Moderate | File in `assets/`, `templates/`, `schemas/`, `configs/`, `examples/` directory | `templates/report.hbs` |
93
+ | Moderate | OpenAPI/GraphQL definition | `openapi.json`, `schema.graphql` |
94
+
95
+ **Per-unit output:** Record `has_scripts: boolean`, `has_assets: boolean`, `script_files: string[]`, `asset_files: string[]`.
96
+
97
+ **Disqualify:** Generated files (dist/, build/), vendored dependencies, IDE configs (.vscode/, .idea/), binary files (.so, .dll, .jar).
98
+
73
99
  ## Stack Skill Candidate Detection
74
100
 
75
101
  Flag units as stack skill candidates when:
@@ -167,7 +167,7 @@ Replace the placeholder `[Appended by step-02-scan-project]` with the full scan
167
167
 
168
168
  Update {outputFile} frontmatter:
169
169
  ```yaml
170
- stepsCompleted: ['step-01-init', 'step-02-scan-project']
170
+ stepsCompleted: [append 'step-02-scan-project' to existing array]
171
171
  lastStep: 'step-02-scan-project'
172
172
  ```
173
173
 
@@ -150,7 +150,7 @@ Replace the placeholder `[Appended by step-03-identify-units]` with:
150
150
 
151
151
  Update {outputFile} frontmatter:
152
152
  ```yaml
153
- stepsCompleted: ['step-01-init', 'step-02-scan-project', 'step-03-identify-units']
153
+ stepsCompleted: [append 'step-03-identify-units' to existing array]
154
154
  lastStep: 'step-03-identify-units'
155
155
  ```
156
156
 
@@ -91,13 +91,14 @@ DO NOT BE LAZY — For EACH qualifying unit, launch a subprocess (or analyze in
91
91
  - Primary export patterns (barrel exports, direct exports, re-exports)
92
92
  - Public API surface size estimate
93
93
  - Key entry points
94
+ - Script/asset presence: check for `scripts/`, `bin/`, `assets/`, `templates/` directories and files matching detection signals in `{heuristicsFile}`. Record counts in per-unit findings.
94
95
  - Analysis strategy used and coverage confidence
95
96
 
96
97
  **Per-unit export summary:**
97
98
 
98
- | Unit | Files | Exports | Export Pattern | API Surface |
99
- |------|-------|---------|----------------|-------------|
100
- | {name} | {count} | {count} | {pattern} | {small/medium/large} |
99
+ | Unit | Files | Exports | Export Pattern | API Surface | Scripts/Assets |
100
+ |------|-------|---------|----------------|-------------|----------------|
101
+ | {name} | {count} | {count} | {pattern} | {small/medium/large} | {N scripts, M assets or --} |
101
102
 
102
103
  ### 3. Map Import Graph
103
104
 
@@ -187,7 +188,7 @@ Replace `[Appended by step-04-map-and-detect]` under Integration Points with:
187
188
 
188
189
  Update {outputFile} frontmatter:
189
190
  ```yaml
190
- stepsCompleted: ['step-01-init', 'step-02-scan-project', 'step-03-identify-units', 'step-04-map-and-detect']
191
+ stepsCompleted: [append 'step-04-map-and-detect' to existing array]
191
192
  lastStep: 'step-04-map-and-detect'
192
193
  stack_skill_candidates: [{list flagged candidate groupings}]
193
194
  ```
@@ -181,7 +181,7 @@ Replace `[Appended by step-05-recommend]` with:
181
181
 
182
182
  Update {outputFile} frontmatter:
183
183
  ```yaml
184
- stepsCompleted: ['step-01-init', 'step-02-scan-project', 'step-03-identify-units', 'step-04-map-and-detect', 'step-05-recommend']
184
+ stepsCompleted: [append 'step-05-recommend' to existing array]
185
185
  lastStep: 'step-05-recommend'
186
186
  confirmed_units: [{list of confirmed unit names}]
187
187
  stack_skill_candidates: [{updated list with user decisions}]
@@ -179,7 +179,7 @@ Replace `[Appended by step-06-generate-briefs]` with:
179
179
 
180
180
  Update {outputFile} frontmatter:
181
181
  ```yaml
182
- stepsCompleted: ['step-01-init', 'step-02-scan-project', 'step-03-identify-units', 'step-04-map-and-detect', 'step-05-recommend', 'step-06-generate-briefs']
182
+ stepsCompleted: [append 'step-06-generate-briefs' to existing array]
183
183
  lastStep: 'step-06-generate-briefs'
184
184
  nextWorkflow: '{primary recommendation}'
185
185
  ```
@@ -99,6 +99,8 @@ Load the following from the skill directory:
99
99
  - `name`, `version`, `generation_date`, `confidence_tier` used during creation
100
100
  - `source_root` — Resolved source code path used during extraction
101
101
 
102
+ **Detect split-body state:** If a `references/` directory exists and SKILL.md's `## Full` headings are absent or stubs, this is a split-body skill. Flag `split_body: true` in the baseline so downstream steps (especially semantic diff in step-04) know to also read `references/*.md` for complete content comparison.
103
+
102
104
  ### 4. Load Provenance Map
103
105
 
104
106
  Search for provenance map at `{forge_data_folder}/{skill_name}/provenance-map.json`
@@ -108,6 +108,20 @@ For each changed export, record:
108
108
  - What changed (signature / type / location)
109
109
  - Confidence tier
110
110
 
111
+ ### 4b. Detect Script/Asset Drift
112
+
113
+ **Only execute if provenance-map.json contains `file_entries`.**
114
+
115
+ For each entry in `file_entries`:
116
+ 1. Locate the source file at the original `source_file` path
117
+ 2. Compute current SHA-256 content hash
118
+ 3. Compare against stored `content_hash`
119
+ - CHANGED: hash mismatch → record as script/asset content drift
120
+ - MISSING: source file no longer exists → record as removed
121
+ - NEW: source contains files matching script/asset patterns not in `file_entries` → record as added
122
+
123
+ Append results to the Structural Drift section as "### Script/Asset Drift ({count})".
124
+
111
125
  ### 5. Compile Structural Drift Section
112
126
 
113
127
  Append to {outputFile}:
@@ -58,3 +58,7 @@ Prompt: "Which of these would you like to include? (Enter numbers, or 'all'):"
58
58
 
59
59
  Exclusions will include all internal implementation files, tests, and utilities.
60
60
  Prompt: "Any additional items you'd like to include or exclude?"
61
+
62
+ ## Scripts & Assets Detection (Optional Refinement)
63
+
64
+ When `scripts_intent` or `assets_intent` is `detect` (default), SKF auto-detects from source directories matching: `scripts/`, `bin/`, `tools/`, `cli/` (for scripts) and `assets/`, `templates/`, `schemas/`, `configs/`, `examples/` (for assets). Detection applies to all scope types except `docs-only`.
@@ -20,6 +20,8 @@
20
20
  |-------|------|-------------|------------|
21
21
  | source_type | string | Source mode: `source` or `docs-only` | Default `source`. When `docs-only`: `source_repo` optional, `doc_urls` required |
22
22
  | doc_urls | array | Documentation URLs for T3 content | Each entry: `{url, label}`. Required when `source_type: "docs-only"` |
23
+ | `scripts_intent` | string | Describes whether scripts should be extracted. Values: `detect` (auto-detect from source — default when absent), `none` (skip scripts), or a free-text description of expected scripts (e.g., "CLI validation tools in bin/"). |
24
+ | `assets_intent` | string | Describes whether assets should be extracted. Values: `detect` (auto-detect from source — default when absent), `none` (skip assets), or a free-text description of expected assets (e.g., "JSON schemas in schemas/"). |
23
25
 
24
26
  When `source_type: "docs-only"`:
25
27
  - `source_repo` becomes optional (set to doc site URL for reference)
@@ -79,6 +81,8 @@ scope:
79
81
  # doc_urls:
80
82
  # - url: "https://docs.example.com/api"
81
83
  # label: "API Reference"
84
+ # scripts_intent: detect # Optional: detect | none | description
85
+ # assets_intent: detect # Optional: detect | none | description
82
86
  ---
83
87
  ```
84
88
 
@@ -135,6 +135,18 @@ Does this look right? You can adjust before we continue."
135
135
 
136
136
  Wait for confirmation. Make adjustments if requested.
137
137
 
138
+ ### 5b. Scripts & Assets Intent (Optional)
139
+
140
+ **Only ask when `scope.type` is `full-library` or `specific-modules` (skip for `public-api` and `docs-only`).**
141
+
142
+ "Does this library include executable scripts (CLI tools, validation scripts, setup helpers) or static assets (config templates, JSON schemas, example configs) that should be packaged with the skill?"
143
+
144
+ - **[D] Auto-detect** from source (default) — SKF will scan for `scripts/`, `bin/`, `assets/`, `templates/`, `schemas/` directories
145
+ - **[N] None expected** — skip script/asset detection
146
+ - Or describe what you expect (free text)
147
+
148
+ Record the response as `scripts_intent` and `assets_intent` in the brief. Default to `detect` if user does not respond or skips.
149
+
138
150
  ### 6. Present MENU OPTIONS
139
151
 
140
152
  Display: **Select an Option:** [A] Advanced Elicitation [P] Party Mode [C] Continue to Brief Confirmation
@@ -14,8 +14,8 @@ description: >
14
14
 
15
15
  **Frontmatter rules:**
16
16
 
17
- - `name`: lowercase alphanumeric + hyphens only, must match the skill output directory name
18
- - `description`: non-empty, max 1024 chars, optimized for agent discovery
17
+ - `name`: lowercase alphanumeric + hyphens only, must match the skill output directory name. Prefer gerund form (`processing-pdfs`, `analyzing-spreadsheets`) for clarity.
18
+ - `description`: non-empty, max 1024 chars, optimized for agent discovery. **MUST use third-person voice** ("Processes Excel files..." not "I can help you..." or "You can use this to..."). Inconsistent point-of-view causes discovery problems since the description is injected into the system prompt.
19
19
  - Only `name` and `description` in frontmatter — `version` and `author` go in metadata.json
20
20
  - No other frontmatter fields for standard skills (only `name`, `description`, `license`, `compatibility`, `metadata`, `allowed-tools` are permitted by spec)
21
21
 
@@ -77,6 +77,14 @@ These sections form the essential standalone body. Target: **under 300 lines tot
77
77
  - Basic CLI commands if the library has a CLI interface
78
78
  - Skip if no CLI exists
79
79
 
80
+ **Section 7b — Scripts & Assets (~10 lines, if applicable):**
81
+ - Manifest table of included scripts with filename, one-line purpose, and provenance citation
82
+ - Manifest table of included assets with filename, one-line purpose, and provenance citation
83
+ - Each entry: `scripts/{filename}` or `assets/{filename}`, purpose, `[SRC:{source_path}:L1]`
84
+ - Include a note: "Load scripts from `scripts/` and assets from `assets/` when directed by the instructions above."
85
+ - **Skip entirely** when no scripts or assets detected in extraction inventory — do not emit an empty section
86
+ - Like Sections 4b and 7, parsers must treat this section as optional
87
+
80
88
  **Section 8 — Manual Sections:**
81
89
  - Seed empty `<!-- [MANUAL] -->` markers:
82
90
  ```markdown
@@ -108,3 +116,36 @@ Do NOT repeat Tier 1's name/purpose/key-params table format in Tier 2. Tier 2 is
108
116
  4. If Tier 1 alone exceeds 300 lines, reduce Key API Summary and Architecture at a Glance
109
117
  5. Tier 1 sections are kept short enough that `split-body` targets the larger Tier 2 sections (`## Full ...` headings) instead
110
118
  6. After split-body, SKILL.md must still contain all Tier 1 sections with actionable content
119
+
120
+ ### Reference File Rules
121
+
122
+ - **Table of contents required** for any reference file exceeding 100 lines — include a `## Contents` section at the top listing all sub-sections. This ensures agents can see the full scope even when previewing with partial reads.
123
+ - One file per major function group or type — group by module, file, or functional area
124
+ - Name files descriptively: `form_validation_rules.md`, not `doc2.md`
125
+
126
+ ### Content Quality Rules
127
+
128
+ These rules apply to all content assembled in SKILL.md and reference files.
129
+
130
+ **Degrees of freedom:** Match instruction specificity to the task's fragility and variability:
131
+ - **High freedom** (text guidance): When multiple approaches are valid and context determines the best one. Example: code review patterns, architecture suggestions.
132
+ - **Medium freedom** (pseudocode/parameterized scripts): When a preferred pattern exists but variation is acceptable. Example: configuration templates, report generation.
133
+ - **Low freedom** (exact scripts, no parameters): When operations are fragile and consistency is critical. Example: database migrations, deployment sequences. Use "Run exactly this" language.
134
+
135
+ **Consistent terminology:** Choose one term per concept and use it throughout the skill. Do not mix synonyms (e.g., "API endpoint" vs "URL" vs "route", or "field" vs "box" vs "element"). Consistency helps agents understand and follow instructions deterministically.
136
+
137
+ **Avoid time-sensitive information:** Do not include date-conditional instructions ("If before August 2025, use the old API"). Instead, document the current method and place deprecated patterns in a collapsible "Old patterns" section with the deprecation date.
138
+
139
+ **Template and examples patterns:**
140
+ - **For strict requirements** (API responses, data formats): Provide an exact template with "ALWAYS use this exact structure" language.
141
+ - **For flexible guidance** (reports, analysis): Provide a sensible default template with "Adjust sections as needed" language.
142
+ - **Input/output examples:** When output quality depends on seeing examples and concrete pairs exist in source tests or official docs, include 2-3 input/output pairs sourced from those tests or docs. Examples help agents understand desired style and detail more clearly than descriptions alone. If no examples exist in source, note the gap rather than fabricating pairs — zero hallucination applies.
143
+
144
+ **Workflow checklist pattern:** When a skill includes multi-step workflows, provide a copy-paste checklist that agents can track progress against:
145
+ ```markdown
146
+ Copy this checklist and track your progress:
147
+ - [ ] Step 1: {action}
148
+ - [ ] Step 2: {action}
149
+ ```
150
+
151
+ **Verifiable intermediate outputs:** For skills involving batch operations, destructive changes, or complex validation, recommend the plan-validate-execute pattern: create a structured plan file (e.g., `changes.json`), validate it with a script, then execute. This catches errors before changes are applied.
@@ -0,0 +1,110 @@
1
+ # Extraction Patterns: Tracing and File-Level Extraction
2
+
3
+ This file covers re-export tracing protocols and script/asset file-level extraction patterns. For core tier strategies and AST extraction protocol, see `extraction-patterns.md`.
4
+
5
+ ---
6
+
7
+ ## Re-Export Tracing
8
+
9
+ After initial AST extraction, some top-level exports may resolve to **module imports** rather than direct function definitions. This is common in Python libraries that use `__init__.py` re-exports for a clean public API.
10
+
11
+ **Detection heuristic:** For each top-level export from `__init__.py` (or equivalent entry point), check if the import path resolves to a directory (contains `__init__.py`) rather than a `.py` file with a matching `def` or `class`. If the initial AST scan found no function/class definition for a known public export, it is likely a module re-export.
12
+
13
+ **Tracing protocol:**
14
+
15
+ 1. Read the entry point file (e.g., `{package}/__init__.py`) and extract all `from .X import Y` statements
16
+ 2. For each import where Y was NOT found by the initial AST scan:
17
+ - Check if the import path resolves to a directory (e.g., `{package}/api/v1/delete/` exists with `__init__.py`)
18
+ - If directory: read its `__init__.py` to find the actual re-exported symbol
19
+ - **Handle aliases:** Check for `from .module import A as B` patterns in the intermediate `__init__.py`. If the parent imports `B`, trace through to `A` in `.module`. If the parent imports `A` but the `__init__.py` only exports it as `B` (via `from .module import A as B`), match by original name `A` and note the alias
20
+ - Trace the symbol to its definition file and run AST extraction on that file
21
+ 3. Cite the actual definition location: `[AST:{definition_file}:L{line}]`
22
+
23
+ **Examples:**
24
+
25
+ ```python
26
+ # Module re-export — follow required
27
+ from .api.v1.delete import delete # delete/ is a directory → read delete/__init__.py
28
+
29
+ # Direct function import — no follow needed
30
+ from .api.v1.add.add import add # add.py exists with def add()
31
+
32
+ # Aliased re-export — follow through alias
33
+ # In cognee/api/v1/visualize/__init__.py:
34
+ # from .start_visualization_server import visualization_server
35
+ # In cognee/__init__.py:
36
+ # from .api.v1.visualize import start_visualization_server
37
+ # → Match start_visualization_server against both definition names AND alias names
38
+ # in the intermediate __init__.py to resolve the chain
39
+ ```
40
+
41
+ **Unresolvable imports:** If the import statement is a star-import (`from .X import *`) or a conditional import (`try`/`except`), the symbol cannot be reliably traced via this protocol. Record it with `[SRC:{package}/__init__.py:L{line}]` (T1-low) and a note: "star/conditional import — manual trace required."
42
+
43
+ **Scope limit:** Only trace re-exports for symbols listed in the top-level entry point's public API. Do not recursively trace beyond one level of `__init__.py` indirection. If a re-export cannot be resolved after one level, record it with a `[SRC:{package}/__init__.py:L{line}]` citation (T1-low) from the import statement itself.
44
+
45
+ **Other languages:** JS/TS barrel files (`index.ts` with `export { X } from './module'`) follow the same principle — trace the re-export to the definition file. Rust `pub use` and Go package-level re-exports are less common but follow the same heuristic when encountered.
46
+
47
+ ---
48
+
49
+ ## Script/Asset Extraction Patterns
50
+
51
+ Scripts and assets are file-level artifacts, not code exports. They follow the **file-copy extraction method** — detected in source, copied with provenance citations.
52
+
53
+ ### Detection Heuristics
54
+
55
+ **Script directories:** `scripts/`, `bin/`, `tools/`, `cli/`
56
+ **Asset directories:** `assets/`, `templates/`, `schemas/`, `configs/`, `examples/`
57
+
58
+ **Script file signals:**
59
+
60
+ | Signal | Strength | Pattern |
61
+ |--------|----------|---------|
62
+ | Entry point declaration | Strong | `package.json` `bin` field, Cargo.toml `[[bin]]`, pyproject.toml `[project.scripts]` |
63
+ | Shebang + executable | Strong | `#!/bin/bash`, `#!/usr/bin/env python`, `#!/usr/bin/env node` |
64
+ | CLI argument parser | Moderate | `argparse`, `yargs`, `commander`, `cobra`, `clap` imports in file |
65
+ | Directory convention | Moderate | File in `scripts/`, `bin/`, `tools/` directory |
66
+ | CI/CD reference | Moderate | Script referenced in `.github/workflows/*.yml` |
67
+
68
+ **Asset file signals:**
69
+
70
+ | Signal | Strength | Pattern |
71
+ |--------|----------|---------|
72
+ | JSON Schema | Strong | `*.schema.json`, file contains `"$schema"` key |
73
+ | Config template | Strong | `*.example`, `*.template.*`, `*.sample` extension |
74
+ | Official example | Moderate | File in `examples/` directory, referenced in README |
75
+ | OpenAPI/GraphQL | Moderate | `openapi.json`, `*.graphql`, `swagger.yaml` |
76
+ | Design tokens | Weak | `tokens.json`, `theme.json` in `assets/` |
77
+
78
+ ### Inclusion Rules
79
+
80
+ - Only include files within brief's `scope.include` patterns (or auto-detected directories)
81
+ - Exclude binary files (check extension: `.so`, `.dll`, `.jar`, `.wasm`, `.exe`)
82
+ - Exclude generated files (`dist/`, `build/`, `.webpack/` output)
83
+ - Exclude vendored/third-party files
84
+ - Flag files >500 lines for user confirmation (may be too large for skill package)
85
+ - If `scripts_intent: "none"` or `assets_intent: "none"` in brief, skip that category
86
+
87
+ ### Provenance and Hashing
88
+
89
+ Each extracted file receives:
90
+ - Citation: `[SRC:{source_path}:L1]` (T1-low — file verified to exist but content not AST-analyzed)
91
+ - Content hash: SHA-256 of file content (for drift detection in audit-skill)
92
+ - Extraction method: `"file-copy"` (distinct from `"ast_bridge"` for code exports)
93
+
94
+ ### Inventory Structure
95
+
96
+ **Script inventory entry:**
97
+ - `name`: filename (e.g., `validate-config.sh`)
98
+ - `source_file`: path relative to source root
99
+ - `purpose`: extracted from file header comments or README reference (if none found, use filename)
100
+ - `language`: detected from extension or shebang
101
+ - `content_hash`: SHA-256
102
+ - `confidence`: T1-low
103
+
104
+ **Asset inventory entry:**
105
+ - `name`: filename (e.g., `config-schema.json`)
106
+ - `source_file`: path relative to source root
107
+ - `purpose`: extracted from file header or schema `title`/`description` field
108
+ - `type`: `template`, `schema`, `config`, `example`
109
+ - `content_hash`: SHA-256
110
+ - `confidence`: T1-low