bmad-module-skill-forge 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +1 -1
  2. package/docs/concepts.md +1 -1
  3. package/docs/examples.md +1 -1
  4. package/docs/index.md +1 -1
  5. package/package.json +1 -1
  6. package/src/knowledge/agentskills-spec.md +25 -0
  7. package/src/knowledge/manual-section-integrity.md +8 -0
  8. package/src/knowledge/overview.md +2 -1
  9. package/src/knowledge/provenance-tracking.md +13 -0
  10. package/src/knowledge/skf-knowledge-index.csv +3 -2
  11. package/src/knowledge/skill-lifecycle.md +2 -2
  12. package/src/knowledge/split-body-strategy.md +41 -0
  13. package/src/workflows/analyze-source/data/skill-brief-schema.md +2 -0
  14. package/src/workflows/analyze-source/data/unit-detection-heuristics.md +26 -0
  15. package/src/workflows/analyze-source/steps-c/step-02-scan-project.md +1 -1
  16. package/src/workflows/analyze-source/steps-c/step-03-identify-units.md +1 -1
  17. package/src/workflows/analyze-source/steps-c/step-04-map-and-detect.md +5 -4
  18. package/src/workflows/analyze-source/steps-c/step-05-recommend.md +1 -1
  19. package/src/workflows/analyze-source/steps-c/step-06-generate-briefs.md +1 -1
  20. package/src/workflows/audit-skill/steps-c/step-01-init.md +2 -0
  21. package/src/workflows/audit-skill/steps-c/step-03-structural-diff.md +14 -0
  22. package/src/workflows/brief-skill/data/scope-templates.md +4 -0
  23. package/src/workflows/brief-skill/data/skill-brief-schema.md +4 -0
  24. package/src/workflows/brief-skill/steps-c/step-03-scope-definition.md +12 -0
  25. package/src/workflows/create-skill/data/compile-assembly-rules.md +43 -2
  26. package/src/workflows/create-skill/data/extraction-patterns-tracing.md +110 -0
  27. package/src/workflows/create-skill/data/extraction-patterns.md +4 -38
  28. package/src/workflows/create-skill/data/skill-sections.md +29 -3
  29. package/src/workflows/create-skill/steps-c/step-03-extract.md +22 -1
  30. package/src/workflows/create-skill/steps-c/step-05-compile.md +6 -2
  31. package/src/workflows/create-skill/steps-c/step-06-validate.md +8 -9
  32. package/src/workflows/create-skill/steps-c/step-07-generate-artifacts.md +14 -1
  33. package/src/workflows/create-stack-skill/steps-c/step-06-compile-stack.md +2 -2
  34. package/src/workflows/create-stack-skill/steps-c/step-08-validate.md +1 -1
  35. package/src/workflows/export-skill/data/snippet-format.md +1 -1
  36. package/src/workflows/export-skill/steps-c/step-02-package.md +7 -3
  37. package/src/workflows/export-skill/steps-c/step-03-generate-snippet.md +3 -1
  38. package/src/workflows/quick-skill/steps-c/step-04-compile.md +3 -2
  39. package/src/workflows/test-skill/data/scoring-rules.md +9 -0
  40. package/src/workflows/test-skill/steps-c/step-03-coverage-check.md +3 -1
  41. package/src/workflows/test-skill/steps-c/step-04-coherence-check.md +4 -1
  42. package/src/workflows/test-skill/steps-c/step-04b-external-validators.md +7 -3
  43. package/src/workflows/test-skill/steps-c/step-05-score.md +1 -1
  44. package/src/workflows/test-skill/steps-c/step-06-report.md +27 -0
  45. package/src/workflows/update-skill/steps-c/step-02-detect-changes.md +11 -0
  46. package/src/workflows/update-skill/steps-c/step-04-merge.md +8 -0
  47. package/src/workflows/update-skill/steps-c/step-05-validate.md +1 -1
  48. package/src/workflows/update-skill/steps-c/step-06-write.md +6 -1
  49. /package/docs/{architecture.md → how-it-works.md} +0 -0
@@ -234,43 +234,9 @@ constraints:
234
234
  regex: '^[A-Z]'
235
235
  ```
236
236
 
237
- ### Re-Export Tracing
237
+ ### Re-Export Tracing and Script/Asset Extraction
238
238
 
239
- After initial AST extraction, some top-level exports may resolve to **module imports** rather than direct function definitions. This is common in Python libraries that use `__init__.py` re-exports for a clean public API.
240
-
241
- **Detection heuristic:** For each top-level export from `__init__.py` (or equivalent entry point), check if the import path resolves to a directory (contains `__init__.py`) rather than a `.py` file with a matching `def` or `class`. If the initial AST scan found no function/class definition for a known public export, it is likely a module re-export.
242
-
243
- **Tracing protocol:**
244
-
245
- 1. Read the entry point file (e.g., `{package}/__init__.py`) and extract all `from .X import Y` statements
246
- 2. For each import where Y was NOT found by the initial AST scan:
247
- - Check if the import path resolves to a directory (e.g., `{package}/api/v1/delete/` exists with `__init__.py`)
248
- - If directory: read its `__init__.py` to find the actual re-exported symbol
249
- - **Handle aliases:** Check for `from .module import A as B` patterns in the intermediate `__init__.py`. If the parent imports `B`, trace through to `A` in `.module`. If the parent imports `A` but the `__init__.py` only exports it as `B` (via `from .module import A as B`), match by original name `A` and note the alias
250
- - Trace the symbol to its definition file and run AST extraction on that file
251
- 3. Cite the actual definition location: `[AST:{definition_file}:L{line}]`
252
-
253
- **Examples:**
254
-
255
- ```python
256
- # Module re-export — follow required
257
- from .api.v1.delete import delete # delete/ is a directory → read delete/__init__.py
258
-
259
- # Direct function import — no follow needed
260
- from .api.v1.add.add import add # add.py exists with def add()
261
-
262
- # Aliased re-export — follow through alias
263
- # In cognee/api/v1/visualize/__init__.py:
264
- # from .start_visualization_server import visualization_server
265
- # In cognee/__init__.py:
266
- # from .api.v1.visualize import start_visualization_server
267
- # → Match start_visualization_server against both definition names AND alias names
268
- # in the intermediate __init__.py to resolve the chain
269
- ```
270
-
271
- **Unresolvable imports:** If the import statement is a star-import (`from .X import *`) or a conditional import (`try`/`except`), the symbol cannot be reliably traced via this protocol. Record it with `[SRC:{package}/__init__.py:L{line}]` (T1-low) and a note: "star/conditional import — manual trace required."
272
-
273
- **Scope limit:** Only trace re-exports for symbols listed in the top-level entry point's public API. Do not recursively trace beyond one level of `__init__.py` indirection. If a re-export cannot be resolved after one level, record it with a `[SRC:{package}/__init__.py:L{line}]` citation (T1-low) from the import statement itself.
274
-
275
- **Other languages:** JS/TS barrel files (`index.ts` with `export { X } from './module'`) follow the same principle — trace the re-export to the definition file. Rust `pub use` and Go package-level re-exports are less common but follow the same heuristic when encountered.
239
+ See `extraction-patterns-tracing.md` for:
240
+ - **Re-export tracing protocol** — resolving module imports through `__init__.py`, barrel files, `pub use`
241
+ - **Script/asset extraction patterns** detection heuristics, inclusion rules, provenance, inventory structure
276
242
 
@@ -17,8 +17,8 @@ description: >
17
17
 
18
18
  **Frontmatter rules (agentskills.io specification):**
19
19
 
20
- - `name`: 1-64 characters, lowercase alphanumeric + hyphens only, must match parent directory name
21
- - `description`: 1-1024 characters, trigger-optimized for agent matching
20
+ - `name`: 1-64 characters, lowercase alphanumeric + hyphens only, must match parent directory name. Prefer gerund form (`processing-pdfs`, `analyzing-spreadsheets`) for clarity; noun phrases and action-oriented forms are acceptable alternatives.
21
+ - `description`: 1-1024 characters, trigger-optimized for agent matching. MUST use third-person voice ("Processes..." not "I can..." or "You can...").
22
22
  - Only 6 fields permitted: `name`, `description`, `license`, `compatibility`, `metadata`, `allowed-tools`
23
23
  - `version` and `author` belong in metadata.json, NOT in frontmatter
24
24
 
@@ -38,6 +38,7 @@ SKILL.md uses a two-tier structure to ensure actionable content survives `split-
38
38
  | 5 | **Key Types** | ~20 lines | Most important enum/type values inline |
39
39
  | 6 | **Architecture at a Glance** | ~10 lines | Bullet list of subsystem categories |
40
40
  | 7 | **CLI** | ~10 lines | Basic CLI commands (skip if no CLI) |
41
+ | 7b | **Scripts & Assets** | ~10 lines | Manifest of included scripts and assets (skip if none detected) |
41
42
  | 8 | **Manual Sections** | ~5 lines | `<!-- [MANUAL] -->` markers for update-skill |
42
43
 
43
44
  #### Tier 2 — Reference-Eligible (extracted by split-body into references/)
@@ -56,6 +57,7 @@ SKILL.md uses a two-tier structure to ensure actionable content survives `split-
56
57
  - After split-body, SKILL.md retains all Tier 1 content — actionable without loading references
57
58
  - An agent loading only SKILL.md (no references) must get enough to act
58
59
  - **Section 4b (Migration & Deprecation Warnings)** is conditional: only emitted for Deep tier when T2-future annotations exist. Quick/Forge tiers and Deep tiers without T2-future annotations omit it entirely (no empty section). Parsers and validators must treat this section as optional.
60
+ - **Section 7b (Scripts & Assets)** is conditional: only emitted when `scripts_inventory` or `assets_inventory` is non-empty. Omitted entirely when no scripts or assets are detected. Parsers and validators must treat this section as optional.
59
61
 
60
62
  ### Provenance Citation Format
61
63
 
@@ -121,6 +123,9 @@ Indexed pipe-delimited format for CLAUDE.md managed section (~80-120 tokens per
121
123
  "confidence_tier": "{Quick|Forge|Deep}",
122
124
  "spec_version": "1.3",
123
125
  "generation_date": "{ISO-8601}",
126
+ "description": "{SKILL.md frontmatter description}",
127
+ "language": "{primary-source-language}",
128
+ "ast_node_count": "{number-or-omitted-if-no-ast}",
124
129
  "exports": [],
125
130
  "tool_versions": {
126
131
  "ast_grep": "{version-or-null}",
@@ -136,8 +141,16 @@ Indexed pipe-delimited format for CLAUDE.md managed section (~80-120 tokens per
136
141
  "total_coverage": 0.0,
137
142
  "confidence_t1": 0,
138
143
  "confidence_t2": 0,
139
- "confidence_t3": 0
144
+ "confidence_t3": 0,
145
+ "scripts_count": 0,
146
+ "assets_count": 0
140
147
  },
148
+ "scripts": [
149
+ { "file": "scripts/{name}", "purpose": "{description}", "source_file": "{source-path}", "confidence": "T1-low" }
150
+ ],
151
+ "assets": [
152
+ { "file": "assets/{name}", "purpose": "{description}", "source_file": "{source-path}", "confidence": "T1-low" }
153
+ ],
141
154
  "dependencies": [],
142
155
  "compatibility": "{semver-range}"
143
156
  }
@@ -163,6 +176,7 @@ Each reference file includes:
163
176
  - Complete usage examples
164
177
  - Related functions cross-references
165
178
  - Temporal annotations (Deep tier: T2-past, T2-future)
179
+ - **Table of contents** (required for files exceeding 100 lines) — a `## Contents` section at the top listing all sub-sections for agent discoverability
166
180
 
167
181
  ---
168
182
 
@@ -186,10 +200,22 @@ Each reference file includes:
186
200
  "extraction_method": "ast_bridge.scan_definitions",
187
201
  "ast_node_type": "export_function_declaration"
188
202
  }
203
+ ],
204
+ "file_entries": [
205
+ {
206
+ "file_name": "scripts/{name}",
207
+ "file_type": "script",
208
+ "source_file": "{source-path}",
209
+ "confidence": "T1-low",
210
+ "extraction_method": "file-copy",
211
+ "content_hash": "sha256:{hash}"
212
+ }
189
213
  ]
190
214
  }
191
215
  ```
192
216
 
217
+ `scripts` and `assets` arrays in metadata.json are optional — omit entirely (not empty arrays) when no scripts/assets exist. `file_entries` in provenance-map.json is optional — omit when no scripts/assets exist.
218
+
193
219
  ---
194
220
 
195
221
  ## evidence-report.md Structure
@@ -3,6 +3,7 @@ name: 'step-03-extract'
3
3
  description: 'Tier-dependent source code extraction — AST or source reading for exports, signatures, and types'
4
4
  nextStepFile: './step-03b-fetch-temporal.md'
5
5
  extractionPatternsData: '../data/extraction-patterns.md'
6
+ extractionPatternsTracingData: '../data/extraction-patterns-tracing.md'
6
7
  tierDegradationRulesData: '../data/tier-degradation-rules.md'
7
8
  sourceResolutionData: '../data/source-resolution-protocols.md'
8
9
  ---
@@ -118,7 +119,7 @@ Degrade to Quick tier extraction. Note the degradation reason in context for the
118
119
 
119
120
  **Re-export tracing (Forge/Deep only):**
120
121
 
121
- After the initial AST scan, check for public exports from the entry point (`__init__.py`, `index.ts`, `lib.rs`) that were NOT found by AST extraction. These are likely module-level re-exports. Follow the **Re-Export Tracing** protocol in `{extractionPatternsData}` to resolve them to their actual definition files. This ensures module re-export patterns (common in Python libraries with clean public APIs) do not create gaps in the extraction inventory.
122
+ After the initial AST scan, check for public exports from the entry point (`__init__.py`, `index.ts`, `lib.rs`) that were NOT found by AST extraction. These are likely module-level re-exports. Follow the **Re-Export Tracing** protocol in `{extractionPatternsTracingData}` to resolve them to their actual definition files. This ensures module re-export patterns (common in Python libraries with clean public APIs) do not create gaps in the extraction inventory.
122
123
 
123
124
  ### 4b. Validate Exports Against Package Entry Point
124
125
 
@@ -135,6 +136,20 @@ Use the entry point as the authoritative source for `metadata.json`'s `exports[]
135
136
 
136
137
  **If entry point is missing or unreadable:** Skip validation with a warning. Use the AST-extracted list as-is.
137
138
 
139
+ ### 4c. Detect and Inventory Scripts/Assets
140
+
141
+ **If `scripts_intent: "none"` AND `assets_intent: "none"` in brief:** Skip this section.
142
+
143
+ After export extraction, scan the source for scripts and assets using the detection patterns in `{extractionPatternsTracingData}`:
144
+
145
+ 1. Scan source tree for directories/files matching detection heuristics (scripts/, bin/, tools/, cli/ for scripts; assets/, templates/, schemas/, configs/, examples/ for assets)
146
+ 2. For each candidate: verify file exists, check size (flag if >500 lines for user confirmation), exclude binary files
147
+ 3. Compute SHA-256 content hash for each included file
148
+ 4. Extract purpose from file header comments, shebang, README references, or schema `title`/`description` fields. If no purpose found, use filename.
149
+ 5. Record: file_path, purpose, source_path, language (for scripts), type (for assets), content_hash, confidence (T1-low)
150
+
151
+ Add results to `scripts_inventory[]` and `assets_inventory[]` alongside the existing export inventory.
152
+
138
153
  ### 5. Build Extraction Inventory
139
154
 
140
155
  Compile all extracted data into a structured inventory:
@@ -155,6 +170,10 @@ Compile all extracted data into a structured inventory:
155
170
  - Confidence breakdown (T1 count, T1-low count)
156
171
  - `top_exports[]` — sorted list of the top 10-20 public API function names by prominence (import frequency or documentation position). This named field is consumed by step-03b for targeted temporal fetching and cache fingerprinting.
157
172
 
173
+ **Script/asset counts (when detected):**
174
+ - `scripts_found`: count of scripts detected
175
+ - `assets_found`: count of assets detected
176
+
158
177
  **Co-import patterns (Forge/Deep only):**
159
178
  - Libraries commonly imported alongside extracted exports
160
179
  - Integration point suggestions
@@ -170,6 +189,8 @@ Display the extraction findings for user confirmation:
170
189
  **Confidence:** {t1_count} T1 (AST-verified), {t1_low_count} T1-low (source reading)
171
190
  **Tier used:** {tier}
172
191
  **Co-import patterns:** {pattern_count} detected
192
+ {if scripts_found > 0: **Scripts detected:** {scripts_found}}
193
+ {if assets_found > 0: **Assets detected:** {assets_found}}
173
194
 
174
195
  **Top exports:**
175
196
  {list top 10 exports with signatures}
@@ -61,7 +61,7 @@ Load `{skillSectionsData}` and `{assemblyRulesData}` completely. These define th
61
61
 
62
62
  ### 2. Build SKILL.md Content
63
63
 
64
- Assemble each section in order using the assembly rules data file (`{assemblyRulesData}`). The data file specifies frontmatter format, Tier 1 section details (Sections 1-8), Tier 2 section details (Sections 9-11), and assembly ordering rules. Follow it exactly.
64
+ Assemble each section in order using the assembly rules data file (`{assemblyRulesData}`). The data file specifies frontmatter format, Tier 1 section details (Sections 1-8, including conditional Section 7b for scripts/assets), Tier 2 section details (Sections 9-11), and assembly ordering rules. Follow it exactly. Assemble Section 7b (Scripts & Assets) only if `scripts_inventory` or `assets_inventory` is non-empty.
65
65
 
66
66
  ### 3. Build context-snippet.md Content
67
67
 
@@ -97,7 +97,11 @@ Following the structure from the skill-sections data file:
97
97
  - `exports_total`: `exports_public_api` + `exports_internal`
98
98
  - `public_api_coverage`: `exports_documented / exports_public_api` (1.0 when all public API exports are documented; `null` if `exports_public_api` is 0)
99
99
  - `total_coverage`: `exports_documented / exports_total` (may be low for large codebases — this is expected; `null` if `exports_total` is 0)
100
+ - Set `description` from the SKILL.md frontmatter `description` field (already assembled in section 2)
101
+ - Set `language` from source analysis (e.g., `"typescript"`, `"python"`) — use the primary language of the entry point file
102
+ - Set `ast_node_count` from extraction stats if ast-grep was used (Forge/Deep tier), otherwise omit
100
103
  - Set `tool_versions` based on tier and available tools. Resolve `{skf_version}` from the SKF module's `package.json` `version` field (run `node -p "require('./node_modules/bmad-module-skill-forge/package.json').version"` or read the installed module's `package.json`). If unresolvable, fall back to `git describe --tags --abbrev=0` in the SKF module root. Never hardcode the version.
104
+ - If `scripts_inventory` is non-empty, populate `scripts[]` array and set `stats.scripts_count`. If `assets_inventory` is non-empty, populate `assets[]` array and set `stats.assets_count`. Omit these fields entirely when inventories are empty.
101
105
 
102
106
  ### 5. Build references/ Content
103
107
 
@@ -111,7 +115,7 @@ Group functions logically by module, file, or functional area.
111
115
 
112
116
  ### 6. Build provenance-map.json Content
113
117
 
114
- One entry per extracted export: export_name, export_type, params[] (typed strings), return_type, source_file, source_line, confidence tier (T1/T1-low/T2), extraction_method, ast_node_type. See `{skillSectionsData}` for full schema.
118
+ One entry per extracted export: export_name, export_type, params[] (typed strings), return_type, source_file, source_line, confidence tier (T1/T1-low/T2), extraction_method, ast_node_type. If `scripts_inventory` or `assets_inventory` is non-empty, add `file_entries[]` with file_name, file_type, source_file, content_hash, confidence, extraction_method. See `{skillSectionsData}` for full schema.
115
119
 
116
120
  ### 7. Build evidence-report.md Content
117
121
 
@@ -101,10 +101,16 @@ If fails: auto-fix (deterministic), re-validate once, record result. If passes:
101
101
 
102
102
  **If step 2 reported `body.max_lines` failure:**
103
103
 
104
+ **Preferred approach — selective split:** Rather than a full `split-body`, identify which Tier 2 section(s) are largest (usually `## Full API Reference`) and manually extract only those to `references/`. Keep all Tier 1 content and smaller Tier 2 sections inline. This preserves agent accuracy — inline passive context achieves 100% task accuracy vs 79% for on-demand retrieval (per Vercel research). See `knowledge/split-body-strategy.md` for the full rationale.
105
+
106
+ **If manual selective split is not feasible**, fall back to the automated full split:
107
+
104
108
  ```bash
105
109
  npx skill-check split-body <staging-skill-dir> --write
106
110
  ```
107
111
 
112
+ After any split (selective or full), verify that context snippet section anchors (`#quick-start`, `#key-types`) still resolve to headings in SKILL.md.
113
+
108
114
  Then re-validate: `npx skill-check check <staging-skill-dir> --format json --no-security-scan`
109
115
 
110
116
  **If skill-check unavailable or no body size issue:** Skip.
@@ -123,15 +129,7 @@ Record any security warnings in evidence-report. Security findings are advisory
123
129
 
124
130
  **If security scan fails due to missing SNYK_TOKEN:**
125
131
 
126
- Display actionable guidance:
127
-
128
- "Security scan requires a Snyk API token. **Important:** The Snyk API requires an Enterprise plan ([authentication docs](https://docs.snyk.io/snyk-api/authentication-for-api)). To enable:
129
- 1. Obtain a Snyk Enterprise account with API access
130
- 2. Get your API token from Account Settings → API Token
131
- 3. Set `SNYK_TOKEN=your-token` in your environment or `.env`
132
- 4. Re-run [SF] Setup Forge to update tool detection, then re-run [CS] Create Skill
133
-
134
- If you don't have an Enterprise account, use `--no-security-scan` flag in skill-check to skip, or `--security-scan-runner pipx|uvx|local` to control the execution method. Security scanning is optional and does not affect tier level or block skill compilation."
132
+ Display: "Security scan requires a Snyk Enterprise API token ([docs](https://docs.snyk.io/snyk-api/authentication-for-api)). Set `SNYK_TOKEN=your-token` in environment or `.env`, then re-run [SF] Setup Forge. Without Enterprise, use `--no-security-scan` to skip. Security scanning is optional and does not block skill compilation."
135
133
 
136
134
  Record: "Security scan skipped — SNYK_TOKEN not configured"
137
135
 
@@ -185,6 +183,7 @@ Cross-check metadata.json against extraction inventory:
185
183
  - `stats.public_api_coverage` and `stats.total_coverage` are correctly computed (null when denominator is 0)
186
184
  - `confidence_t1`, `confidence_t2`, `confidence_t3` match actual counts
187
185
  - `spec_version` is "1.3"
186
+ - If `scripts[]` or `assets[]` arrays present: verify `stats.scripts_count`/`stats.assets_count` match array lengths; verify `file_entries` count in provenance-map.json matches
188
187
 
189
188
  Auto-fix any discrepancies (these are computed values).
190
189
 
@@ -62,6 +62,9 @@ skills/{name}/references/
62
62
  forge-data/{name}/
63
63
  ```
64
64
 
65
+ If `scripts_inventory` is non-empty, also create: `skills/{name}/scripts/`
66
+ If `assets_inventory` is non-empty, also create: `skills/{name}/assets/`
67
+
65
68
  Where `{name}` is the skill name from the brief (kebab-case).
66
69
 
67
70
  If directories already exist, do not error — proceed with file writing (overwrites existing files).
@@ -85,6 +88,14 @@ Write these 4 files from the compiled content:
85
88
  - One file per function group or type
86
89
  - Progressive disclosure detail files
87
90
 
91
+ **Files 4b (conditional):** `skills/{name}/scripts/*`
92
+ - One file per detected script, copied from source with content preserved
93
+ - Only created when `scripts_inventory` is non-empty
94
+
95
+ **Files 4c (conditional):** `skills/{name}/assets/*`
96
+ - One file per detected asset, copied from source with content preserved
97
+ - Only created when `assets_inventory` is non-empty
98
+
88
99
  ### 3. Write Workspace Artifacts to forge-data/{name}/
89
100
 
90
101
  Write these 3 files from the compiled content:
@@ -101,7 +112,7 @@ Write these 3 files from the compiled content:
101
112
  ### 4. Verify Write Completion
102
113
 
103
114
  After all files are written, verify:
104
- - All 7 files exist at their expected paths
115
+ - All 7 base files exist at their expected paths, plus scripts/ and assets/ files when inventories are non-empty
105
116
  - List each file with its path and size
106
117
 
107
118
  **If any write failed:**
@@ -116,6 +127,8 @@ Display brief confirmation:
116
127
  - SKILL.md
117
128
  - context-snippet.md
118
129
  - metadata.json
130
+ {if scripts: - scripts/ ({scripts_count} files)}
131
+ {if assets: - assets/ ({assets_count} files)}
119
132
  - references/ ({reference_count} files)
120
133
 
121
134
  **Workspace (forge-data/{name}/):**
@@ -72,8 +72,8 @@ description: >
72
72
 
73
73
  **Frontmatter rules:**
74
74
 
75
- - `name`: lowercase alphanumeric + hyphens only, must match skill output directory name
76
- - `description`: non-empty, max 1024 chars, trigger-optimized for agent discovery
75
+ - `name`: lowercase alphanumeric + hyphens only, must match skill output directory name. Prefer gerund form (`processing-pdfs`) for clarity.
76
+ - `description`: non-empty, max 1024 chars, trigger-optimized for agent discovery. MUST use third-person voice ("Processes..." not "I can..." or "You can...").
77
77
  - No other frontmatter fields — only `name`, `description`, `license`, `compatibility`, `metadata`, `allowed-tools` are permitted by spec
78
78
 
79
79
  ### 3. Compile Integration Layer
@@ -83,7 +83,7 @@ Run: `npx skill-check -h`
83
83
 
84
84
  This validates frontmatter, description, body limits, links, formatting — and auto-fixes deterministic issues. Parse JSON for `qualityScore`, `diagnostics[]`, `fixed[]`.
85
85
 
86
- **If `body.max_lines` reported**, run: `npx skill-check split-body <skill-dir> --write`, then re-validate.
86
+ **If `body.max_lines` reported**, prefer selective split: extract only the largest Tier 2 section(s) to `references/`, keeping Tier 1 content inline (see `knowledge/split-body-strategy.md`). Fall back to `npx skill-check split-body <skill-dir> --write` if not feasible. Verify `#quick-start` and `#key-types` anchors still resolve after split. Then re-validate.
87
87
 
88
88
  **If unavailable**, perform manual frontmatter check:
89
89
  - [ ] Frontmatter present with `---` delimiters
@@ -47,5 +47,5 @@
47
47
  - **integrations line**: Co-import patterns from metadata.json `integrations` for stack skills
48
48
  - If fewer exports than the limit, list all available
49
49
  - If no exports data available, omit the api line
50
- - Section anchors must be verified against actual SKILL.md headings during generation
50
+ - Section anchors must be verified against actual SKILL.md headings during generation. For split-body skills (where `references/` exists and `## Full` headings are stubs), if a heading is missing from SKILL.md, rewrite the anchor to point to the reference file path (preferred). Omit the anchor line only if the heading cannot be found in either SKILL.md or `references/*.md`
51
51
  - Skill path is relative to project root
@@ -59,9 +59,11 @@ Verify the skill directory contains the expected agentskills.io package layout:
59
59
  ├── SKILL.md ← Required: Active skill document
60
60
  ├── metadata.json ← Required: Machine-readable metadata
61
61
  ├── context-snippet.md ← Will be generated/updated in step-03
62
- └── references/ ← Optional: Progressive disclosure
63
- ├── {function-a}.md
64
- └── {function-b}.md
62
+ ├── references/ ← Optional: Progressive disclosure
63
+ ├── {function-a}.md
64
+ └── {function-b}.md
65
+ ├── scripts/ ← Optional: Executable automation
66
+ └── assets/ ← Optional: Templates, schemas, configs
65
67
  ```
66
68
 
67
69
  **Check each component:**
@@ -75,6 +77,8 @@ Verify the skill directory contains the expected agentskills.io package layout:
75
77
  - `generation_date` (ISO date string)
76
78
  - `confidence_tier` ("Quick", "Forge", or "Deep")
77
79
  3. `references/` — If exists, check at least one .md file present
80
+ 4. `scripts/` — If exists, verify at least one file present and each file referenced in SKILL.md Section 7b exists. Warn for orphaned scripts (present but not referenced).
81
+ 5. `assets/` — If exists, verify at least one file present and each file referenced in SKILL.md Section 7b exists. Warn for orphaned assets (present but not referenced).
78
82
 
79
83
  ### 2. Validate Metadata Completeness
80
84
 
@@ -73,7 +73,8 @@ Load {snippetFormatData} and read the format template for the skill type.
73
73
  1. Read metadata.json for `version`, `exports` array
74
74
  2. Select top exports (up to 10 for Deep tier, 5 otherwise). Append `()` to function names.
75
75
  3. Read SKILL.md to extract: heading slugs for `#quick-start` and `#key-types`, inline summary of key types (~10 words)
76
- 4. Derive gotchas from: T2-future annotations in evidence report (breaking changes), async requirements, version-specific behavior. If no gotchas, omit the gotchas line.
76
+ 4. **Anchor verification (split-body awareness):** For each section anchor (`#quick-start`, `#key-types`), verify the heading exists in SKILL.md. If a `references/` directory exists and `## Full` headings in SKILL.md are absent or stubs (indicating split-body, not a stack skill's structural references), rewrite the anchor to point to the reference file path (e.g., `references/{file}.md#key-types`). If the heading cannot be resolved in either location, omit that anchor line from the snippet.
77
+ 5. Derive gotchas from: T2-future annotations in evidence report (breaking changes), async requirements, version-specific behavior. If no gotchas, omit the gotchas line.
77
78
 
78
79
  Generate:
79
80
  ```
@@ -157,6 +158,7 @@ ONLY WHEN snippet generation is complete (or skipped due to passive_context opt-
157
158
 
158
159
  - Snippet format loaded from {snippetFormatData}
159
160
  - Content generated matching exact Vercel-aligned format
161
+ - Section anchors verified against SKILL.md headings (split-body anchors rewritten or omitted)
160
162
  - Token count estimated and within target
161
163
  - File written (or previewed in dry-run)
162
164
  - Passive context opt-out correctly handled (skip when disabled)
@@ -79,8 +79,8 @@ description: >
79
79
  ```
80
80
 
81
81
  **Frontmatter rules:**
82
- - `name`: lowercase alphanumeric + hyphens only, must match the skill output directory name
83
- - `description`: non-empty, max 1024 chars, optimized for agent discovery
82
+ - `name`: lowercase alphanumeric + hyphens only, must match the skill output directory name. Prefer gerund form (`processing-pdfs`) for clarity.
83
+ - `description`: non-empty, max 1024 chars, optimized for agent discovery. MUST use third-person voice ("Processes..." not "I can..." or "You can...").
84
84
  - No other frontmatter fields — only `name` and `description` for community skills
85
85
 
86
86
  **Required sections (after frontmatter):**
@@ -93,6 +93,7 @@ description: >
93
93
  - **Configuration:** If configuration options were found in source
94
94
  - **Dependencies:** Key dependencies from manifest
95
95
  - **Notes:** Caveats, limitations, extraction confidence level
96
+ - **Scripts & Assets Note** (if source contains `scripts/`, `bin/`, `assets/`, `templates/`, or `schemas/` directories): "This package may include scripts and assets. Run create-skill for full extraction with provenance tracking."
96
97
 
97
98
  **If confidence is low:**
98
99
  - Include a note: "This skill was generated with limited source data. Consider running create-skill for a more thorough compilation."
@@ -27,6 +27,10 @@ When running in naive mode (no coherence category):
27
27
 
28
28
  When neither skill-check nor tessl is available, redistribute the 10% external validation weight proportionally to the other active categories. When only one tool is available, use that tool's score as the external validation score.
29
29
 
30
+ ## tessl and Split-Body Interaction
31
+
32
+ tessl evaluates SKILL.md body content only — it does not read `references/*.md` files. After split-body extraction, the tessl content score will drop significantly (e.g., 65% to 38%) because Tier 2 content is no longer inline. This is expected behavior and does not reflect actual content quality. When reporting scores for a split-body skill, note: "tessl content score reflects post-split inline content only. Use the pre-split tessl score as the content quality baseline."
33
+
30
34
  ## Tier-Dependent Scoring
31
35
 
32
36
  ### Quick Tier (no tools)
@@ -78,5 +82,10 @@ If no integration patterns exist, combined coherence equals reference validity.
78
82
  | High | Signature mismatch between source and SKILL.md |
79
83
  | Medium | Missing type or interface documentation |
80
84
  | Medium | Migration section present/absent mismatch with T2-future annotation data (Deep tier) |
85
+ | Medium | Script/asset directory exists but no Scripts & Assets section in SKILL.md |
86
+ | Medium | Scripts & Assets section references file not found in scripts/ or assets/ directory |
87
+ | Low | Script/asset file present without provenance entry in provenance-map.json file_entries |
81
88
  | Low | Missing optional metadata or examples |
89
+ | Low | Description trigger optimization recommended (third-person voice, negative triggers, or keyword coverage gaps) |
82
90
  | Info | Style suggestions, non-blocking observations |
91
+ | Info | Discovery testing not performed — realistic prompt testing recommended before export |
@@ -85,6 +85,8 @@ Read SKILL.md and extract all documented items:
85
85
 
86
86
  Build the **documented inventory** — a list of everything the SKILL.md claims the source provides.
87
87
 
88
+ **Split-body traversal:** If a `references/` directory exists alongside SKILL.md and SKILL.md's `## Full` headings are absent or stubs (not a stack skill's structural references), extend the documented inventory scan to include all `references/*.md` files. After split-body, Tier 2 content (Full API Reference, Full Type Definitions) lives in reference files — the inventory must reflect the full skill content regardless of where it resides.
89
+
88
90
  ### 2. Analyze Source Code (Tier-Dependent)
89
91
 
90
92
  Start from the package entry point (see 0b) and identify the public API surface. Then analyze those exports at the appropriate tier depth.
@@ -223,7 +225,7 @@ ONLY WHEN all source files have been analyzed, the Coverage Analysis section has
223
225
 
224
226
  ### ✅ SUCCESS:
225
227
 
226
- - All source files analyzed at appropriate tier depth
228
+ - All source files analyzed at appropriate tier depth; split-body references/ traversed when present
227
229
  - Every finding has file:line citation (Forge/Deep) or file-level reference (Quick)
228
230
  - Per-export status table complete
229
231
  - Category scores calculated per scoring rules
@@ -72,6 +72,7 @@ Perform lightweight structural checks:
72
72
  - Section headers are properly formatted
73
73
  - Code examples have language annotations
74
74
  - No broken markdown (unclosed code blocks, malformed tables)
75
+ - If `scripts/` or `assets/` directory exists alongside SKILL.md, a "Scripts & Assets" section (Section 7b) should be present
75
76
 
76
77
  **Internal consistency:**
77
78
  - Exports referenced in usage examples match exports listed in exports section
@@ -101,6 +102,7 @@ Scan SKILL.md for all cross-references:
101
102
  - Skill references (`See SKILL.md for {other-skill}`, `Integrates with {package}`)
102
103
  - Type imports (`import { Type } from './module'`)
103
104
  - Integration pattern references (middleware chains, plugin hooks, shared state)
105
+ - Script/asset references (`scripts/{file}`, `assets/{file}`) in SKILL.md body
104
106
 
105
107
  Launch a subprocess to grep/regex SKILL.md for reference patterns and return all found references with line numbers as structured JSON (`references_found[]` with line, type, target fields). If subprocess unavailable, scan in main thread.
106
108
 
@@ -114,6 +116,7 @@ DO NOT BE LAZY — For EACH reference found, launch a subprocess that:
114
116
  - Type imports: type is actually exported from the referenced module
115
117
  - Skill references: referenced skill exists in skills output folder
116
118
  - Integration patterns: documented pattern matches actual implementation
119
+ - Script/asset references: verify the referenced file exists in the skill's `scripts/` or `assets/` directory
117
120
  3. Returns structured validation JSON per reference (reference, line, target_exists, type_match, signature_match, issues[])
118
121
 
119
122
  If subprocess unavailable, validate each reference in main thread.
@@ -147,7 +150,7 @@ Build integration completeness findings:
147
150
 
148
151
  **Only execute if forge tier is Deep.** Skip silently for Quick/Forge tiers.
149
152
 
150
- Check whether SKILL.md contains a "Migration & Deprecation Warnings" section (Section 4b). Then check the skill's `evidence-report.md` (at `forge-data/{skill_name}/evidence-report.md`) for T2-future annotation counts.
153
+ Check whether SKILL.md contains a "Migration & Deprecation Warnings" section (Section 4b). Then check the skill's `evidence-report.md` (at `{forge_data_folder}/{skill_name}/evidence-report.md`) for T2-future annotation counts.
151
154
 
152
155
  - **If T2-future annotations > 0 AND Section 4b is absent:** Flag as Medium severity gap: "Migration section missing — T2-future annotations exist but Section 4b is not present in SKILL.md Tier 1."
153
156
  - **If T2-future annotations = 0 AND Section 4b is present:** Flag as Medium severity gap: "Migration section unexpected — Section 4b is present but no T2-future annotations were produced."
@@ -58,9 +58,13 @@ Read {outputFile} frontmatter to get the skill directory path (`skillDir`).
58
58
 
59
59
  ### 1b. Check for Recent Validation Results (Auto-Reuse)
60
60
 
61
- Before running external validators, check if `{forge_data_folder}/{skill_name}/evidence-report.md` contains validation results (a `## Validation Results` section with quality scores). If recent results exist (from a create-skill run that just completed), auto-reuse them — skip re-running validators and use the existing scores from the evidence report. Record: "External validation: reused from create-skill evidence report." Skip to section 5 (append results).
61
+ Before running external validators, check if `{forge_data_folder}/{skill_name}/evidence-report.md` contains validation results (a `## Validation Results` section with quality scores).
62
62
 
63
- If no evidence report exists or it contains no validation section, proceed to section 2 (fresh run).
63
+ **Staleness check:** Compare the evidence report's generation date against SKILL.md's last-modified timestamp (or `metadata.json` `generation_date`). If SKILL.md was modified after the evidence report was generated (e.g., after update-skill), the cached results are stale — skip auto-reuse and proceed to section 2 for a fresh run.
64
+
65
+ If recent, non-stale results exist (from a create-skill run that just completed), auto-reuse them — skip re-running validators and use the existing scores. Record: "External validation: reused from create-skill evidence report." Skip to section 5 (append results).
66
+
67
+ If no evidence report exists, it contains no validation section, or results are stale, proceed to section 2 (fresh run).
64
68
 
65
69
  ### 2. Run skill-check
66
70
 
@@ -118,7 +122,7 @@ Store in context: `tessl_description_score`, `tessl_content_score`, `tessl_avera
118
122
 
119
123
  **If tessl content score < 70%:** Flag a warning:
120
124
 
121
- "**Content quality warning:** tessl scored content at {score}%. This often indicates SKILL.md lacks inline actionable content (e.g., after split-body). Consider inlining Quick Start and common workflows directly in SKILL.md."
125
+ "**Content quality warning:** tessl scored content at {score}%. This often indicates SKILL.md lacks inline actionable content (e.g., after split-body). If this is a split-body skill, the score drop is expected — tessl evaluates only SKILL.md body, not `references/*.md` (see scoring-rules.md). Consider using selective split to keep actionable content inline."
122
126
 
123
127
  **If tessl fails entirely:** Record `tessl_score: N/A`, log warning, continue.
124
128
 
@@ -5,7 +5,7 @@ description: 'Calculate completeness score from coverage and coherence findings'
5
5
  nextStepFile: './step-06-report.md'
6
6
  outputFile: '{forge_data_folder}/{skill_name}/test-report-{skill_name}.md'
7
7
  scoringRulesFile: '../data/scoring-rules.md'
8
- sourceAccessProtocol: '../data/{sourceAccessProtocol}'
8
+ sourceAccessProtocol: '../data/source-access-protocol.md'
9
9
  ---
10
10
 
11
11
  # Step 5: Score
@@ -83,8 +83,13 @@ Load `{scoringRulesFile}` for gap severity classification:
83
83
  | **High** | Signature mismatch between source and SKILL.md |
84
84
  | **Medium** | Missing type or interface documentation |
85
85
  | **Medium** | Migration section present/absent mismatch with T2-future annotation data (Deep tier) |
86
+ | **Medium** | Script/asset directory exists but no Scripts & Assets section in SKILL.md |
87
+ | **Medium** | Scripts & Assets section references file not found in scripts/ or assets/ directory |
88
+ | **Low** | Script/asset file present without provenance entry in provenance-map.json file_entries |
86
89
  | **Low** | Missing optional metadata or examples |
90
+ | **Low** | Description trigger optimization recommended (third-person voice, negative triggers, or keyword coverage gaps) |
87
91
  | **Info** | Style suggestions, non-blocking observations |
92
+ | **Info** | Discovery testing not performed — realistic prompt testing recommended before export |
88
93
 
89
94
  ### 3. Classify and Order Gaps
90
95
 
@@ -98,6 +103,25 @@ Load the Gap Report section format from `{outputFormatsFile}`. Count gaps by sev
98
103
 
99
104
  If no gaps found, append a clean pass message recommending **export-skill** workflow.
100
105
 
106
+ ### 4b. Discovery and Description Quality Recommendations
107
+
108
+ After gap enumeration, append a **Discovery Quality** subsection to the gap report. Use the `Gap Entry Format` from `{outputFormatsFile}` for any Low/Info entries. The prose recommendations below are appended after the gap entries:
109
+
110
+ **Description optimization:** If tessl `description_score` (from step 04b) is below 90%, or if skill-check flagged description issues, recommend description improvements:
111
+ - Check that the description uses third-person voice consistently
112
+ - Check for specific trigger keywords that match how users would phrase requests
113
+ - Check for negative triggers ("NOT for: ...") to prevent false matches
114
+ - Check for alternative skill references for excluded use cases
115
+
116
+ **Discovery testing recommendation:** Regardless of pass/fail, always append:
117
+
118
+ "**Discovery testing recommended.** Before export, test the skill with 3-5 realistic prompts phrased the way real users actually talk — with casual language, typos, incomplete context, and implicit references. A skill tested only with clean prompts may fail to trigger in production. Example realistic prompt patterns:
119
+ - Vague: 'can you help me with this csv file my boss sent'
120
+ - Implicit: 'why did revenue drop last quarter'
121
+ - Abbreviated: 'run the {skill-name} thing on this data'"
122
+
123
+ Record discovery testing status as Info-level in the gap table. This is advisory — it does not affect the score.
124
+
101
125
  ### 5. Finalize Output Document
102
126
 
103
127
  Update `{outputFile}` frontmatter:
@@ -132,6 +156,8 @@ Update `{outputFile}` frontmatter:
132
156
 
133
157
  ---
134
158
 
159
+ **See Discovery Quality section in the report for description optimization and realistic prompt testing recommendations.**
160
+
135
161
  **Test report finalized.**"
136
162
 
137
163
  ### 7. Present MENU OPTIONS
@@ -163,6 +189,7 @@ This is the final step of the test-skill workflow. When the user selects C, the
163
189
  - Gaps classified by severity using scoring rules
164
190
  - Gaps ordered by severity (Critical first)
165
191
  - Every gap has a specific, actionable remediation suggestion
192
+ - Discovery quality section appended with description optimization and testing recommendations
166
193
  - Remediation summary with counts and effort estimates
167
194
  - Output document finalized with all stepsCompleted
168
195
  - Correct next workflow recommended (export-skill or update-skill)
@@ -112,6 +112,14 @@ Launch subprocesses in parallel that compare source state against provenance map
112
112
  - Cross-reference deleted files/exports with added files/exports
113
113
  - If content similarity > 80%: classify as RENAMED instead of deleted+added
114
114
 
115
+ **Category D — Script/asset file changes:**
116
+ - Compare `file_entries` from provenance-map.json against current source files
117
+ - For each file_entry: compute current SHA-256 content hash, compare against stored hash
118
+ - Files with changed hashes → MODIFIED_FILE
119
+ - Files in provenance but missing from source → DELETED_FILE
120
+ - Files in source matching detection patterns (scripts/, bin/, assets/, templates/) but not in provenance → NEW_FILE
121
+ - Files in `scripts/[MANUAL]/` or `assets/[MANUAL]/` → SKIP (user-authored, preserved)
122
+
115
123
  Aggregate all subprocess results into a unified change manifest.
116
124
 
117
125
  **If degraded mode (no provenance map):**
@@ -136,6 +144,9 @@ Change Manifest:
136
144
  exports_renamed: [count]
137
145
  exports_moved: [count]
138
146
 
147
+ scripts_modified, scripts_added, scripts_deleted: {counts}
148
+ assets_modified, assets_added, assets_deleted: {counts}
149
+
139
150
  Per-file detail:
140
151
  {file_path}:
141
152
  status: MODIFIED|ADDED|DELETED|MOVED
@@ -100,6 +100,14 @@ Follow the merge priority order from {mergeConflictRulesFile}:
100
100
  - Place before any [MANUAL] blocks at section boundary
101
101
  - No conflicts expected (new content, no existing [MANUAL])
102
102
 
103
+ **Priority 6 — Process script/asset file changes (from Category D in change manifest):**
104
+ - MODIFIED_FILE: queue file for re-copy from source, update `file_entries` content_hash
105
+ - DELETED_FILE: queue file for removal from `scripts/` or `assets/`, remove from `file_entries`
106
+ - NEW_FILE: queue file for copy from source, add to `file_entries`
107
+ - Files in `scripts/[MANUAL]/` or `assets/[MANUAL]/` are never modified (user-authored)
108
+ - Update Section 7b manifest table to reflect changes
109
+ - Update `metadata.json` `scripts[]`/`assets[]` arrays and `stats.scripts_count`/`stats.assets_count`
110
+
103
111
  ### 4. Check for Conflicts
104
112
 
105
113
  Scan all merge operations for flagged conflicts:
@@ -73,7 +73,7 @@ Launch subprocesses in parallel for each validation category, aggregating result
73
73
 
74
74
  **If available**, run: `npx skill-check check <skill-dir> --fix --format json --no-security-scan`
75
75
 
76
- Parse JSON output for quality score (0-100), auto-fixed issues, and remaining diagnostics. If `body.max_lines` reported, run: `npx skill-check split-body <skill-dir> --write`
76
+ Parse JSON output for quality score (0-100), auto-fixed issues, and remaining diagnostics. If `body.max_lines` reported, prefer selective split: extract only the largest Tier 2 section(s) to `references/`, keeping all Tier 1 content inline (see `knowledge/split-body-strategy.md`). Fall back to `npx skill-check split-body <skill-dir> --write` only if selective split is not feasible. After any split, verify `#quick-start` and `#key-types` anchors still resolve in SKILL.md.
77
77
 
78
78
  **If unavailable**, perform manual check: validate merged SKILL.md structure, verify required sections (exports, usage patterns, conventions), verify export entries have name/type/signature/file:line reference, flag missing sections.
79
79