bmad-module-skill-forge 0.7.0 → 0.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/docs/how-it-works.md +2 -0
  2. package/package.json +1 -1
  3. package/src/knowledge/ccc-bridge.md +2 -1
  4. package/src/knowledge/overview.md +1 -0
  5. package/src/knowledge/progressive-capability.md +2 -0
  6. package/src/knowledge/qmd-registry.md +6 -1
  7. package/src/knowledge/skf-knowledge-index.csv +1 -0
  8. package/src/knowledge/tool-resolution.md +55 -0
  9. package/src/workflows/analyze-source/steps-c/step-04-map-and-detect.md +2 -2
  10. package/src/workflows/audit-skill/steps-c/step-01-init.md +1 -1
  11. package/src/workflows/audit-skill/steps-c/step-02-re-index.md +3 -1
  12. package/src/workflows/audit-skill/steps-c/step-03-structural-diff.md +2 -2
  13. package/src/workflows/audit-skill/steps-c/step-04-semantic-diff.md +1 -1
  14. package/src/workflows/audit-skill/steps-c/step-05-severity-classify.md +1 -1
  15. package/src/workflows/brief-skill/data/skill-brief-schema.md +15 -0
  16. package/src/workflows/brief-skill/steps-c/step-01-gather-intent.md +16 -0
  17. package/src/workflows/brief-skill/steps-c/step-02-analyze-target.md +34 -6
  18. package/src/workflows/brief-skill/steps-c/step-03-scope-definition.md +14 -0
  19. package/src/workflows/brief-skill/steps-c/step-04-confirm-brief.md +20 -0
  20. package/src/workflows/brief-skill/steps-c/step-05-write-brief.md +34 -9
  21. package/src/workflows/brief-skill/workflow.md +1 -1
  22. package/src/workflows/create-skill/data/extraction-patterns.md +16 -3
  23. package/src/workflows/create-skill/data/source-resolution-protocols.md +16 -2
  24. package/src/workflows/create-skill/data/tier-degradation-rules.md +1 -1
  25. package/src/workflows/create-skill/steps-c/step-01-load-brief.md +5 -5
  26. package/src/workflows/create-skill/steps-c/step-02b-ccc-discover.md +5 -1
  27. package/src/workflows/create-skill/steps-c/step-03-extract.md +5 -1
  28. package/src/workflows/create-skill/steps-c/step-03b-fetch-temporal.md +16 -1
  29. package/src/workflows/create-skill/steps-c/step-03c-fetch-docs.md +9 -3
  30. package/src/workflows/create-skill/steps-c/step-04-enrich.md +2 -0
  31. package/src/workflows/create-skill/steps-c/step-05-compile.md +6 -1
  32. package/src/workflows/create-skill/steps-c/step-07-generate-artifacts.md +1 -1
  33. package/src/workflows/create-stack-skill/data/manifest-patterns.md +23 -1
  34. package/src/workflows/create-stack-skill/steps-c/step-01-init.md +2 -0
  35. package/src/workflows/create-stack-skill/steps-c/step-02-detect-manifests.md +2 -1
  36. package/src/workflows/create-stack-skill/steps-c/step-03-rank-and-confirm.md +3 -1
  37. package/src/workflows/create-stack-skill/steps-c/step-04-parallel-extract.md +26 -7
  38. package/src/workflows/create-stack-skill/steps-c/step-05-detect-integrations.md +5 -1
  39. package/src/workflows/quick-skill/steps-c/step-04-compile.md +1 -1
  40. package/src/workflows/setup-forge/steps-c/step-01b-ccc-index.md +4 -2
  41. package/src/workflows/test-skill/data/output-section-formats.md +15 -0
  42. package/src/workflows/test-skill/data/scoring-rules.md +12 -0
  43. package/src/workflows/test-skill/steps-c/step-03-coverage-check.md +39 -5
  44. package/src/workflows/test-skill/steps-c/step-04-coherence-check.md +48 -4
  45. package/src/workflows/test-skill/steps-c/step-04b-external-validators.md +9 -1
  46. package/src/workflows/test-skill/steps-c/step-05-score.md +2 -0
  47. package/src/workflows/update-skill/steps-c/step-02-detect-changes.md +1 -1
  48. package/src/workflows/update-skill/steps-c/step-03-re-extract.md +3 -1
  49. package/src/workflows/update-skill/steps-c/step-05-validate.md +1 -1
  50. package/tools/cli/lib/installer.js +4 -0
@@ -332,6 +332,8 @@ Export injects a managed section between markers:
332
332
  | **`qmd_bridge`** | QMD (local search) | BM25 keyword search, vector semantic search, collection indexing |
333
333
  | **`doc_fetcher`** | Environment web tools | Remote documentation fetching for T3-confidence content. Tool-agnostic — uses whatever web fetching is available (Firecrawl, WebFetch, curl, etc.). Output quarantined as T3. |
334
334
 
335
+ Bridge names are **conceptual interfaces** used throughout workflow steps. Each bridge resolves to concrete MCP tools, CLI commands, or fallback behavior depending on the IDE environment. See [`src/knowledge/tool-resolution.md`](https://github.com/armelhbobdad/bmad-module-skill-forge/blob/main/src/knowledge/tool-resolution.md) for the complete resolution table.
336
+
335
337
  ### Conflict Resolution
336
338
 
337
339
  When tools disagree, higher priority wins for instructions. Lower priority is preserved as annotations:
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "$schema": "https://json.schemastore.org/package.json",
3
3
  "name": "bmad-module-skill-forge",
4
- "version": "0.7.0",
4
+ "version": "0.7.2",
5
5
  "description": "BMAD module — Turn code and docs into instructions AI agents can actually follow. Progressive capability tiers (Quick/Forge/Forge+/Deep).",
6
6
  "keywords": [
7
7
  "bmad",
@@ -2,7 +2,7 @@
2
2
 
3
3
  ## Principle
4
4
 
5
- `ccc_bridge.*` references in workflow steps are **conceptual interfaces**, not callable functions. They describe a semantic code discovery operation to perform. Use the `ccc` MCP server tools (when available) or `ccc` CLI commands to execute these operations. See the TOOL/SUBPROCESS FALLBACK rule — if ccc is unavailable, the calling step falls back to direct ast-grep or source reading without ccc pre-discovery.
5
+ `ccc_bridge.*` references in workflow steps are **conceptual interfaces**, not callable functions. They describe a semantic code discovery operation to perform. Use the `ccc` MCP server tools (when available) or `ccc` CLI commands to execute these operations. See the TOOL/SUBPROCESS FALLBACK rule — if ccc is unavailable, the calling step falls back to direct ast-grep or source reading without ccc pre-discovery. For the complete bridge-to-tool resolution table covering all IDE environments, see [tool-resolution.md](tool-resolution.md).
6
6
 
7
7
  ## Rationale
8
8
 
@@ -103,6 +103,7 @@ To prevent excessive daemon calls, workflow steps cap ccc queries:
103
103
 
104
104
  ## Related Fragments
105
105
 
106
+ - [tool-resolution.md](tool-resolution.md) — canonical bridge-to-tool and subprocess-to-tool mapping per IDE
106
107
  - [progressive-capability.md](progressive-capability.md) — Forge+ tier definition and positive framing
107
108
  - [confidence-tiers.md](confidence-tiers.md) — why ccc does not create a new confidence tier
108
109
  - [qmd-registry.md](qmd-registry.md) — the parallel but separate registry for QMD collections
@@ -31,6 +31,7 @@ With knowledge files:
31
31
  | [manual-section-integrity.md](manual-section-integrity.md) | \[MANUAL\] marker preservation and merge algorithm | CS, US, AS, TS, EX |
32
32
  | [qmd-registry.md](qmd-registry.md) | Progressive QMD collection registry and collection gate principle | SF, BS, CS, US, AS |
33
33
  | [ccc-bridge.md](ccc-bridge.md) | ccc_bridge interface, indexing lifecycle, Forge+ discovery-before-extraction | SF, AN, CS, SS, US, AS |
34
+ | [tool-resolution.md](tool-resolution.md) | Bridge-to-tool and subprocess-to-tool mapping per IDE environment | CS, QS, SS, US, AS, AN, BS, RA |
34
35
  | [architecture-verification.md](architecture-verification.md) | Pre-code verification pipeline, integration verdicts, iteration loop | VS, RA, SS |
35
36
  | [doc-fetcher.md](doc-fetcher.md) | T3 external documentation fetching, quarantine rules, tool-agnostic | CS, QS |
36
37
  | [split-body-strategy.md](split-body-strategy.md) | Selective vs full split-body, detection pattern, agent accuracy | CS, QS, US, TS, EX |
@@ -84,6 +84,8 @@ Deep: "Full intelligence pipeline — AST verification plus GitHub exploration
84
84
  - **Forge+:** Identical extraction to Forge, plus ccc semantic pre-discovery narrows the file set before ast-grep runs. For large codebases, `ccc_bridge.search()` produces a ranked candidate list. ast-grep operates on that list rather than the full tree. All results remain T1 (AST-verified) — ccc is upstream, not in the extraction chain.
85
85
  - **Deep:** Identical extraction to Forge, plus QMD enrichment in a separate step. T2 annotations layer on top of the T1 base without replacing it.
86
86
 
87
+ *Bridge names (`gh_bridge`, `ast_bridge`, `ccc_bridge`, `qmd_bridge`) are conceptual interfaces. See [tool-resolution.md](tool-resolution.md) for concrete tool resolution per IDE.*
88
+
87
89
  **Key Points:**
88
90
  - Extraction quality increases with tier, but every tier produces complete output
89
91
  - Forge and Deep share the same extraction core — Deep adds enrichment, not better parsing
@@ -21,7 +21,7 @@ The progressive registry solves all three by indexing **curated workflow artifac
21
21
  | Role | Workflow | Responsibility |
22
22
  | --- | --- | --- |
23
23
  | **Producer** | brief-skill, create-skill | Creates QMD collections from workflow artifacts and registers them in forge-tier.yaml |
24
- | **Consumer** | audit-skill, update-skill | Reads the registry, discovers collections by skill name and type, queries via qmd_bridge |
24
+ | **Consumer** | audit-skill, update-skill, create-stack-skill | Reads the registry, discovers collections by skill name and type, queries via qmd_bridge (see [tool-resolution.md](tool-resolution.md) for concrete resolution) |
25
25
  | **Janitor** | setup-forge | Cross-references live QMD collections against the registry, cleans orphans and stale entries |
26
26
 
27
27
  ### Registry Schema
@@ -40,8 +40,13 @@ qmd_collections:
40
40
  source_workflow: "brief-skill"
41
41
  skill_name: "my-lib"
42
42
  created_at: "2026-03-14"
43
+ # status: "pending" # Optional — see below
43
44
  ```
44
45
 
46
+ **Optional field: `status`**
47
+
48
+ The `status` field is only present when QMD embed verification fails during collection creation. When `status: "pending"` is set, the collection exists in QMD but vector embeddings may be incomplete — only BM25 keyword `search` is reliable. `vector_search` and `deep_search` may return no results until re-embedded. Collections without a `status` field are fully operational. The setup-forge janitor should flag `"pending"` collections for re-embedding.
49
+
45
50
  ### Collection Types
46
51
 
47
52
  | Type | Producer | Content | Primary Consumers |
@@ -12,3 +12,4 @@ qmd-registry,QMD Collection Registry,"Progressive registry architecture — prod
12
12
  doc-fetcher,Doc Fetcher,"T3 external documentation — tool-agnostic URL fetching, quarantine rules, conflict resolution","doc-fetcher,t3,external,documentation,quarantine",extended,knowledge/doc-fetcher.md
13
13
  architecture-verification,Architecture Verification,"Pre-code verification pipeline — VS/RA/SS-compose lifecycle, integration verdicts, coverage analysis, iteration loop","architecture,verification,stack,feasibility,integration,vs,ra,ss,compose",core,knowledge/architecture-verification.md
14
14
  split-body-strategy,Split-Body Strategy,"Selective split guidance — detection pattern, recommended approach, impact on tessl scores and snippet anchors","split-body,selective-split,references,body-size",core,knowledge/split-body-strategy.md
15
+ tool-resolution,Tool Resolution,"Bridge-to-tool and subprocess-to-tool mapping — ast_bridge, ccc_bridge, qmd_bridge, gh_bridge resolution per IDE, subprocess Pattern 1-4 definitions","bridge,tools,resolution,subprocess,mcp,cli,ide",core,knowledge/tool-resolution.md
@@ -0,0 +1,55 @@
1
+ # Tool Resolution
2
+
3
+ Bridge names (`ast_bridge`, `ccc_bridge`, `qmd_bridge`, `gh_bridge`) and subprocess patterns (Pattern 1–4) used throughout SKF workflows are **conceptual interfaces**, not callable functions. This document provides the canonical mapping from abstract names to concrete tools per IDE environment.
4
+
5
+ ## Bridge Resolution Table
6
+
7
+ | Bridge | Operation | Claude Code | Cursor | CLI | Fallback |
8
+ |--------------|----------------------------------|------------------------------------------------------------------|----------------|----------------------------------------------------|----------------------------------|
9
+ | `ast_bridge` | `scan_definitions()` | `mcp__ast-grep__find_code` or `mcp__ast-grep__find_code_by_rule` | ast-grep MCP | `sg run` / `ast-grep -p` | Source reading (T1-low) |
10
+ | `ast_bridge` | `detect_co_imports()` | `mcp__ast-grep__find_code_by_rule` with co-import YAML rule | ast-grep MCP | `ast-grep -p 'import $$$' --json=stream` | grep-based co-import count |
11
+ | `ccc_bridge` | `search(query, root, top_k)` | `/ccc` skill search | ccc MCP server | `ccc search "{query}" --path {root} --top {top_k}` | Skip silently |
12
+ | `ccc_bridge` | `ensure_index(root)` | `/ccc` skill indexing | ccc MCP server | `ccc init` + `ccc index {root}` | Skip silently |
13
+ | `ccc_bridge` | `status()` | `/ccc` skill status | ccc MCP server | `ccc --help` + `ccc doctor` | Unavailable = `tools.ccc: false` |
14
+ | `qmd_bridge` | `search(query)` | `mcp__plugin_qmd-plugin_qmd__search` | qmd MCP server | `qmd search "{query}"` | Skip enrichment |
15
+ | `qmd_bridge` | `vector_search(query)` | `mcp__plugin_qmd-plugin_qmd__vector_search` | qmd MCP server | `qmd vector_search "{query}"` | Use BM25 search only |
16
+ | `gh_bridge` | `list_tree(owner, repo, branch)` | `gh api repos/{owner}/{repo}/git/trees/{branch}?recursive=1` | gh CLI | `gh api ...` | Direct file listing if local |
17
+ | `gh_bridge` | `read_file(owner, repo, path)` | `gh api repos/{owner}/{repo}/contents/{path}` | gh CLI | `gh api ...` | Direct file read if local |
18
+
19
+ ## Subprocess Pattern Definitions
20
+
21
+ Workflow steps reference "subprocess" execution with numbered patterns. These map to concrete mechanisms per IDE:
22
+
23
+ | Pattern | Purpose | Claude Code | Cursor | CLI |
24
+ |----------------------------------------|-------------------------------------------------------|----------------------------------------------------------------------|-----------------------------------|------------------------------------|
25
+ | **Pattern 1** (grep/search) | Search across files for imports, co-imports | Grep tool or Bash with `rg` | Built-in search | `grep` / `rg` |
26
+ | **Pattern 2** (per-file deep analysis) | Deep analysis of individual files or units | Agent tool (sequential per unit) | Sequential analysis | Per-unit script |
27
+ | **Pattern 3** (data operations) | QMD queries, severity classification, data transforms | Main thread (Read + process) | Main thread | Script |
28
+ | **Pattern 4** (parallel execution) | Parallel per-library extraction, parallel diffing | Agent tool with multiple parallel calls or `run_in_background: true` | Parallel requests (IDE-dependent) | `xargs -P` or background processes |
29
+
30
+ ### max_parallel_generation
31
+
32
+ Referenced by Pattern 4 steps. Defines the maximum concurrent subprocess spawns:
33
+
34
+ | Environment | Recommended Value | Notes |
35
+ |-------------|----------------------------------|-----------------------------------------------------------------------|
36
+ | Claude Code | 3–5 | Concurrent Agent tool calls; higher values may cause context pressure |
37
+ | Cursor | IDE-dependent | Follow Cursor's agent concurrency limits |
38
+ | CLI | CPU core count or user-specified | Use `xargs -P {n}` or equivalent |
39
+
40
+ ## Resolution Protocol
41
+
42
+ When a workflow step references a bridge name or subprocess pattern:
43
+
44
+ 1. **Identify** the bridge name (`ast_bridge`, `ccc_bridge`, etc.) or pattern number (Pattern 1–4)
45
+ 2. **Check tool availability** in `{sidecar_path}/forge-tier.yaml` → `tools.*` section
46
+ 3. **Resolve** using the tables above — use the first available option in priority order: MCP tool → CLI command → Fallback
47
+ 4. **Apply fallback** if no resolution is available — fallbacks are always defined and never block the workflow
48
+ 5. **Log degradation** when falling back — note the reason in context for the evidence report
49
+
50
+ ## Related Fragments
51
+
52
+ - [ccc-bridge.md](ccc-bridge.md) — CCC semantic discovery interface and lifecycle
53
+ - [progressive-capability.md](progressive-capability.md) — Quick/Forge/Forge+/Deep tier philosophy
54
+ - [confidence-tiers.md](confidence-tiers.md) — T1/T1-low/T2/T3 trust model and citation formats
55
+ - [qmd-registry.md](qmd-registry.md) — QMD collection producer/consumer/janitor architecture
@@ -33,7 +33,7 @@ To analyze each qualifying unit's export surface and import graph, detect cross-
33
33
 
34
34
  ### Step-Specific Rules:
35
35
 
36
- - 🎯 Use subprocess optimization (Pattern 2) — per-unit analysis for export mapping
36
+ - 🎯 Use subprocess optimization (Pattern 2 — per-unit deep analysis): In Claude Code, use Agent tool for each unit sequentially. In CLI, use a per-unit script. See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md)
37
37
  - 💬 DO NOT BE LAZY — For EACH qualifying unit, perform thorough export surface analysis
38
38
  - 🚫 FORBIDDEN to make recommendations in this step (that's step 05)
39
39
  - 📋 Tier-aware depth: Quick (file-level exports), Forge (AST export analysis), Deep (AST + semantic relationships)
@@ -82,7 +82,7 @@ DO NOT BE LAZY — For EACH qualifying unit, launch a subprocess (or analyze in
82
82
  - **Quick tier:** Count files by type, identify index/barrel files, list directory structure
83
83
  - **Forge tier:** Parse export statements, identify public API surface, count exported functions/classes/types
84
84
  - **Forge+ tier:** All Forge analysis plus:
85
- - If `tools.ccc` is true: run `ccc_bridge.search("{unit_name} exports public API", top_k=15)` to discover semantically relevant files beyond directory scan
85
+ - If `tools.ccc` is true: run `ccc_bridge.search("{unit_name} exports public API", top_k=15)` — **Tool resolution:** `/ccc` skill search (Claude Code), ccc MCP server (Cursor), or `ccc search` CLI; see [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md) — to discover semantically relevant files beyond directory scan
86
86
  - Merge CCC-discovered files with scoped file list — files from CCC that are within the unit's directory are added to the analysis queue
87
87
  - Record CCC signals in per-unit findings: top 3 CCC-ranked file names (or "—" if no ccc results)
88
88
  - **Deep tier:** All Forge analysis plus:
@@ -83,7 +83,7 @@ Load `{sidecar_path}/forge-tier.yaml` to detect available tools.
83
83
 
84
84
  **If found:**
85
85
  - Extract tier level: Quick / Forge / Forge+ / Deep
86
- - Extract available tools: gh_bridge, ast_bridge, qmd_bridge
86
+ - Extract available tools: gh_bridge, ast_bridge, qmd_bridge — see [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md) for concrete tool resolution per IDE
87
87
 
88
88
  **Apply tier override:** Read `{sidecar_path}/preferences.yaml`. If `tier_override` is set and is a valid tier value (Quick, Forge, Forge+, or Deep), use it instead of the detected tier.
89
89
 
@@ -78,6 +78,8 @@ Based on forge tier detected in Step 01:
78
78
  - Query qmd_bridge for temporal context: when exports were added, modification history, usage frequency
79
79
  - Confidence labels: T1 for structural, T2 for temporal context
80
80
 
81
+ **Tool resolution:** `gh_bridge` → `gh api` commands or direct file I/O if local. `ast_bridge` → ast-grep MCP tools (`find_code`, `find_code_by_rule`) or `ast-grep` CLI. `qmd_bridge` → QMD MCP tools (`search`, `vector_search`) or `qmd` CLI. See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md).
82
+
81
83
  ### 2. Scan Source Files
82
84
 
83
85
  Identify all source files in the source directory that contain public exports.
@@ -148,7 +150,7 @@ Skip this section. Temporal context requires Deep tier.
148
150
 
149
151
  For each export in the skill baseline that was NOT found at its recorded file path during re-extraction (potential "deleted" export):
150
152
 
151
- 1. Run `ccc_bridge.search("{export_name}", source_root, top_k=5)` to find candidate current locations
153
+ 1. Run `ccc_bridge.search("{export_name}", source_root, top_k=5)` — **Tool resolution:** Use `/ccc` skill search (Claude Code), ccc MCP server (Cursor), or `ccc search "{export_name}" --path {source_root} --top 5` (CLI) — to find candidate current locations
152
154
  2. If CCC returns files containing the export name:
153
155
  - Run ast-grep verification on each candidate file
154
156
  - If verified at a new location: reclassify from "deleted" to "moved" with the new file:line reference
@@ -33,7 +33,7 @@ Compare the original provenance map extractions from create-skill against the cu
33
33
  - 🎯 Focus only on structural comparison — added/removed/changed exports
34
34
  - 🚫 FORBIDDEN to classify severity — that happens in Step 05
35
35
  - 🚫 FORBIDDEN to suggest remediation — that happens in Step 06
36
- - 💬 Use subprocess Pattern 4 (parallel execution) when available to compare export categories simultaneously
36
+ - 💬 Use subprocess Pattern 4 (parallel): In Claude Code, use multiple parallel Agent tool calls or `run_in_background: true`. In Cursor, use parallel requests (IDE-dependent). In CLI, use `xargs -P` or background processes. See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md)
37
37
  - ⚙️ If subprocess unavailable, compare categories sequentially in main thread
38
38
 
39
39
  ## EXECUTION PROTOCOLS:
@@ -70,7 +70,7 @@ Normalize both sets for comparison:
70
70
 
71
71
  ### 2. Detect Added Exports
72
72
 
73
- **Launch subprocess (Pattern 4 — parallel execution):**
73
+ **Launch subprocess (Pattern 4 — parallel execution):** In Claude Code, use multiple parallel Agent tool calls. In CLI, use `xargs -P` or equivalent.
74
74
 
75
75
  Find exports that exist in current scan but NOT in provenance map.
76
76
 
@@ -33,7 +33,7 @@ Compare QMD knowledge context between the original skill creation and current st
33
33
  - 🎯 Focus only on semantic/meaning-level changes via QMD context
34
34
  - 🚫 FORBIDDEN to classify severity — that happens in Step 05
35
35
  - 🚫 FORBIDDEN to repeat structural findings from Step 03
36
- - 💬 Use subprocess Pattern 3 (data operations) when available for QMD queries
36
+ - 💬 Use subprocess Pattern 3 (data operations — main thread Read + process in Claude Code, script in CLI) when available for QMD queries. See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md)
37
37
  - ⚙️ If subprocess unavailable, query QMD in main thread
38
38
  - 🔀 CONDITIONAL: Skip entire analysis at Quick/Forge/Forge+ tier — append skip notice only
39
39
 
@@ -34,7 +34,7 @@ Grade every drift finding from Steps 03 and 04 by severity level (CRITICAL/HIGH/
34
34
  - 🎯 Focus only on classifying severity of existing findings
35
35
  - 🚫 FORBIDDEN to discover new drift items — only classify what Steps 03-04 found
36
36
  - 🚫 FORBIDDEN to suggest remediation — that happens in Step 06
37
- - 💬 Use subprocess Pattern 3 (data operations) to load severity rules and classify
37
+ - 💬 Use subprocess Pattern 3 (data operations — main thread Read + process in Claude Code, script in CLI) to load severity rules and classify. See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md)
38
38
  - ⚙️ If subprocess unavailable, load rules and classify in main thread
39
39
 
40
40
  ## EXECUTION PROTOCOLS:
@@ -106,6 +106,21 @@ Scope: {scope.type}
106
106
  Exclude: {scope.exclude patterns, one per line}
107
107
  Notes: {scope.notes}
108
108
 
109
+ {If source_type is "docs-only":}
110
+ Source Type: docs-only
111
+ Doc URLs:
112
+ {doc_urls, one per line with labels}
113
+
114
+ {If source_type is "source" AND supplemental doc_urls collected:}
115
+ Supplemental Docs:
116
+ {doc_urls, one per line with labels}
117
+
118
+ {If scripts_intent or assets_intent was explicitly set (not default "detect"):}
119
+ Scripts: {scripts_intent}
120
+ Assets: {assets_intent}
121
+
122
+ Source Authority: {source_authority}
123
+
109
124
  Version: {version}
110
125
  Created: {created}
111
126
  Created by: {created_by}
@@ -82,6 +82,9 @@ We'll work through this together:
82
82
  3. **Then:** Define scope boundaries
83
83
  4. **Finally:** Confirm and write the brief
84
84
 
85
+ {If tier override was applied:}
86
+ **Your forge tier:** {override tier} (overridden from {original tier}) — this determines what compilation capabilities are available.
87
+ {Else:}
85
88
  **Your forge tier:** {detected tier} — this determines what compilation capabilities are available.
86
89
 
87
90
  Let's get started."
@@ -110,6 +113,14 @@ Wait for user response.
110
113
  - Optionally ask: "Are there any documentation URLs you'd like to include for supplemental context? (These will be fetched as T3 external references.)"
111
114
  - If yes: collect doc URLs into `doc_urls`
112
115
 
116
+ **Source authority (for all source-type skills):**
117
+ "**Are you the maintainer of this library, or creating a community skill?**"
118
+ - If maintainer: set `source_authority: "official"`
119
+ - If community user: set `source_authority: "community"` (default)
120
+ - If internal/proprietary: set `source_authority: "internal"`
121
+
122
+ Default to `"community"` if user does not specify or skips. For `docs-only` skills, `source_authority` is always forced to `"community"`.
123
+
113
124
  Confirm the target.
114
125
 
115
126
  ### 4. Gather User Intent
@@ -154,6 +165,10 @@ Wait for confirmation or alternative.
154
165
  - **Intent:** {user's intent summary}
155
166
  - **Scope hints:** {any hints, or "None — we'll define scope after analysis"}
156
167
  - **Skill name:** {confirmed name}
168
+ - **Source type:** {source or docs-only}
169
+ - **Source authority:** {official/community/internal}
170
+ {If doc_urls collected:}
171
+ - **Doc URLs:** {count} supplemental documentation URLs
157
172
  - **Forge tier:** {tier}
158
173
 
159
174
  Ready to analyze the target repository?"
@@ -187,6 +202,7 @@ ONLY WHEN C is selected and target repository is confirmed will you load and rea
187
202
  - User intent captured with enough context for scoping
188
203
  - Skill name derived and confirmed
189
204
  - Scope hints noted (if provided)
205
+ - Source type and source authority captured
190
206
  - User ready to proceed to analysis
191
207
 
192
208
  ### ❌ SYSTEM FAILURE:
@@ -135,7 +135,12 @@ Based on detected language, identify public API surface:
135
135
 
136
136
  If `tools.ccc` is true in forge-tier.yaml, supplement the module listing with a semantic discovery pass:
137
137
 
138
- Run `ccc_bridge.search("{repo_name} public API exports modules", source_path, top_k=10)`.
138
+ **CCC Semantic Discovery:**
139
+ - **Claude Code:** Use `/ccc search "{repo_name} public API exports modules" {source_path}`
140
+ - **Cursor:** Use `ccc` MCP server `search` tool with query `"{repo_name} public API exports modules"` and path `{source_path}`
141
+ - **CLI fallback:** `ccc search "{repo_name} public API exports modules" --path {source_path} --limit 10`
142
+
143
+ See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md) for full bridge-to-tool mapping.
139
144
 
140
145
  If results are returned, display:
141
146
 
@@ -146,6 +151,22 @@ This supplements — never replaces — the explicit module list above. CCC may
146
151
 
147
152
  If CCC is unavailable or returns no results: skip this subsection silently.
148
153
 
154
+ ### 4b. Detect Source Version
155
+
156
+ Attempt to auto-detect the source version using the rules from the skill-brief-schema.md Version Detection section:
157
+
158
+ **For Python:** Check `pyproject.toml` `[project] version` (static) → if `dynamic = ["version"]`, check `__init__.py` for `__version__` → `_version.py` if exists → `setup.py` `version=` → `git describe --tags --abbrev=0`
159
+ **For JavaScript/TypeScript:** Check `package.json` `"version"` field
160
+ **For Rust:** Check `Cargo.toml` `[package] version` (static) → if `version = { workspace = true }`, resolve from workspace root `Cargo.toml` → `git describe --tags --abbrev=0`
161
+ **For Go:** Check `go.mod` or `git describe --tags --abbrev=0`
162
+
163
+ **For GitHub repos:** Use `gh api repos/{owner}/{repo}/contents/{file}` to read version files (decode base64 content).
164
+ **For local repos:** Read the file directly.
165
+
166
+ Display: "**Detected version:** {version or 'Not detected — will default to 1.0.0'}"
167
+
168
+ If detection fails or returns a non-semver value: note that version will default to `"1.0.0"` and the user can override in step 04.
169
+
149
170
  ### 5. Report Analysis Summary
150
171
 
151
172
  Present the complete analysis:
@@ -169,6 +190,7 @@ Present the complete analysis:
169
190
  - Tests: {found/not found — location}
170
191
  - Docs: {found/not found — location}
171
192
  - Config: {list of config files found}
193
+ - Version: {detected version or "Not detected — defaulting to 1.0.0"}
172
194
 
173
195
  ---
174
196
 
@@ -179,16 +201,21 @@ Moving to scope definition where you'll choose what to include and exclude."
179
201
 
180
202
  ### 6. Auto-Proceed to Scope Definition
181
203
 
182
- Display: "**Proceeding to scope definition...**"
204
+ Display: "**Proceeding to scope definition...**
205
+
206
+ Review the analysis above. If anything looks wrong, let me know now — otherwise I'll proceed to scope definition."
207
+
208
+ Pause briefly for user input. If the user provides corrections or asks questions, address them and re-present any updated analysis findings. Then proceed.
183
209
 
184
210
  #### Menu Handling Logic:
185
211
 
186
- - After analysis report is presented to user, immediately load, read entire file, then execute {nextStepFile}
212
+ - After analysis report is presented to user and any corrections addressed, load, read entire file, then execute {nextStepFile}
187
213
 
188
214
  #### EXECUTION RULES:
189
215
 
190
- - This is an auto-proceed step — analysis is factual reporting with no user choices
191
- - Proceed directly to step 03 after presenting the analysis summary
216
+ - This is a soft auto-proceed step — present the pause prompt, wait briefly for user input
217
+ - If user provides corrections: address them, then proceed
218
+ - If no user input after a brief pause: proceed directly to step 03
192
219
 
193
220
  ## CRITICAL STEP COMPLETION NOTE
194
221
 
@@ -204,8 +231,9 @@ ONLY WHEN the analysis is complete and the summary has been presented to the use
204
231
  - Repository structure listed clearly
205
232
  - Primary language detected with confidence level
206
233
  - Top-level modules and exports identified
234
+ - Source version detected (or default noted)
207
235
  - Analysis summary presented factually
208
- - Auto-proceeded to scope definition
236
+ - Auto-proceeded to scope definition (with pause for corrections)
209
237
 
210
238
  ### ❌ SYSTEM FAILURE:
211
239
 
@@ -90,6 +90,20 @@ Wait for confirmation. Then skip to section 5 (Summarize Scope Decisions) with:
90
90
 
91
91
  **If `source_type: "source"` (default):** Continue to scope templates below.
92
92
 
93
+ ### 2c. Confirm Supplemental Documentation (if doc_urls collected)
94
+
95
+ **If `source_type: "source"` AND supplemental `doc_urls` were collected in step 01:**
96
+
97
+ "**Supplemental documentation URLs:**
98
+ {numbered list of collected doc_urls with labels}
99
+
100
+ These will be included as T3 external references in the skill brief.
101
+ Add, remove, or confirm these URLs."
102
+
103
+ Wait for confirmation. Record any changes to `doc_urls`.
104
+
105
+ **If no supplemental doc_urls were collected:** Skip this subsection.
106
+
93
107
  ### 2b. Offer Scope Templates
94
108
 
95
109
  Load `{scopeTemplatesFile}` for the scope type options ([F], [M], [P]) and their descriptions.
@@ -78,6 +78,11 @@ Compile all gathered data from steps 01-03 into the complete brief:
78
78
  - **scope.include:** {include patterns from step 03}
79
79
  - **scope.exclude:** {exclude patterns from step 03}
80
80
  - **scope.notes:** {any scope notes from step 03}
81
+ - **source_type:** {source or docs-only, from step 01}
82
+ - **doc_urls:** {collected documentation URLs with labels, from steps 01/03 — include if source_type is "docs-only" or supplemental URLs were collected}
83
+ - **scripts_intent:** {detect/none/description from step 03, or "detect" if not explicitly set}
84
+ - **assets_intent:** {detect/none/description from step 03, or "detect" if not explicitly set}
85
+ - **source_authority:** {official/community/internal from step 01 — default "community"}
81
86
 
82
87
  ### 3. Present Brief for Review
83
88
 
@@ -101,6 +106,21 @@ Scope: {scope.type}
101
106
  Exclude: {scope.exclude patterns, one per line}
102
107
  Notes: {scope.notes}
103
108
 
109
+ {If source_type is "docs-only":}
110
+ Source Type: docs-only
111
+ Doc URLs:
112
+ {doc_urls, one per line with labels}
113
+
114
+ {If source_type is "source" AND supplemental doc_urls collected:}
115
+ Supplemental Docs:
116
+ {doc_urls, one per line with labels}
117
+
118
+ {If scripts_intent or assets_intent was explicitly set (not default "detect"):}
119
+ Scripts: {scripts_intent}
120
+ Assets: {assets_intent}
121
+
122
+ Source Authority: {source_authority}
123
+
104
124
  Version: {version}
105
125
  Created: {created}
106
126
  Created by: {created_by}
@@ -87,19 +87,36 @@ scope:
87
87
  exclude:
88
88
  - "{approved exclude patterns}"
89
89
  notes: "{approved scope notes or empty string}"
90
- # Include doc_urls when source_type is "docs-only" or when supplemental doc URLs were provided
91
- # doc_urls:
92
- # - url: "{documentation URL}"
93
- # label: "{page label}"
94
- # scripts_intent: detect # Optional: detect | none | description of expected scripts
95
- # assets_intent: detect # Optional: detect | none | description of expected assets
96
- # source_authority: community # Optional: official | community | internal
97
90
  ---
98
91
  ```
99
92
 
100
- **If `source_type: "docs-only"`:** Include `doc_urls` array (required). `source_repo` may be set to the doc site URL for reference or omitted. `source_authority` must be `community`.
93
+ **Conditional optional field inclusion:**
101
94
 
102
- **If `doc_urls` were collected during scope definition (supplemental mode):** Include the `doc_urls` array even when `source_type: "source"`.
95
+ **If `source_type: "docs-only"` OR supplemental `doc_urls` were collected:**
96
+ Include the `doc_urls` array (uncommented) in the generated YAML:
97
+ ```yaml
98
+ doc_urls:
99
+ - url: "{documentation URL}"
100
+ label: "{page label}"
101
+ ```
102
+ When `source_type: "docs-only"`: `doc_urls` is required (at least one entry), `source_repo` may be set to the doc site URL for reference or omitted.
103
+
104
+ **If `scripts_intent` was collected and is not the default `"detect"`:**
105
+ Include the `scripts_intent` field (uncommented):
106
+ ```yaml
107
+ scripts_intent: "{none or description}"
108
+ ```
109
+
110
+ **If `assets_intent` was collected and is not the default `"detect"`:**
111
+ Include the `assets_intent` field (uncommented):
112
+ ```yaml
113
+ assets_intent: "{none or description}"
114
+ ```
115
+
116
+ **Always include** `source_authority` (default: `"community"`, forced to `"community"` when `source_type: "docs-only"`):
117
+ ```yaml
118
+ source_authority: "{official|community|internal}"
119
+ ```
103
120
 
104
121
  ### 4. Write the File
105
122
 
@@ -128,6 +145,13 @@ qmd collection add {forge_data_folder}/{skill-name} --name {skill-name}-brief --
128
145
  qmd embed
129
146
  ```
130
147
 
148
+ **Embed verification:**
149
+
150
+ After `qmd embed` completes, verify the collection was embedded:
151
+ - Run `qmd status` or `qmd collection list` and confirm `{skill-name}-brief` shows document count > 0
152
+ - If verification succeeds: proceed to registry update normally
153
+ - If verification fails: log warning "QMD embed verification failed for {skill-name}-brief — collection may not be searchable yet", still proceed to registry update but add `status: "pending"` field to the registry entry
154
+
131
155
  **Registry update:**
132
156
 
133
157
  Read `{sidecar_path}/forge-tier.yaml` and update the `qmd_collections` array.
@@ -140,6 +164,7 @@ If an entry with `name: "{skill-name}-brief"` already exists, replace it. Otherw
140
164
  source_workflow: "brief-skill"
141
165
  skill_name: "{skill-name}"
142
166
  created_at: "{current ISO date}"
167
+ # status: "pending" # Added only when embed verification fails
143
168
  ```
144
169
 
145
170
  Write the updated forge-tier.yaml.
@@ -51,7 +51,7 @@ installed_path: '{project-root}/_bmad/skf/workflows/skillforge/brief-skill'
51
51
 
52
52
  Load and read full config from {project-root}/_bmad/skf/config.yaml and resolve:
53
53
 
54
- - `project_name`, `output_folder`, `user_name`, `communication_language`, `document_output_language`, `forge_data_folder`, `sidecar_path`
54
+ - `project_name`, `output_folder`, `user_name`, `communication_language`, `forge_data_folder`, `sidecar_path`
55
55
 
56
56
  ### 2. First Step Execution
57
57
 
@@ -28,7 +28,13 @@ Source reading via gh_bridge — infer exports from file structure and content.
28
28
 
29
29
  Structural extraction via ast-grep — verified exports with line-level citations.
30
30
 
31
- > **Note:** `ast_bridge.*`, `qmd_bridge.*`, and `ccc_bridge.*` references below are **conceptual interfaces**, not callable functions. They describe the operation to perform. Use ast-grep (MCP tool or CLI) for `ast_bridge.*` operations, QMD (MCP tool or CLI) for `qmd_bridge.*` operations, and ccc CLI or MCP for `ccc_bridge.*` operations. See the AST Extraction Protocol section below and the TOOL/SUBPROCESS FALLBACK rule for dispatch details.
31
+ > **Note:** `ast_bridge.*`, `qmd_bridge.*`, and `ccc_bridge.*` references below are **conceptual interfaces**, not callable functions. Resolve them as follows:
32
+ > - `ast_bridge.*` → ast-grep MCP tools (`mcp__ast-grep__find_code`, `mcp__ast-grep__find_code_by_rule`) or `ast-grep` CLI
33
+ > - `qmd_bridge.*` → QMD MCP tools (`mcp__plugin_qmd-plugin_qmd__search`, `vector_search`) or `qmd` CLI
34
+ > - `ccc_bridge.*` → `/ccc` skill (Claude Code), ccc MCP server (Cursor), or `ccc` CLI
35
+ > - `gh_bridge.*` → `gh api` commands or direct file I/O for local sources
36
+ >
37
+ > See [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md) for the complete resolution table. Also see the AST Extraction Protocol section below and the TOOL/SUBPROCESS FALLBACK rule for dispatch details.
32
38
 
33
39
  ### Strategy
34
40
 
@@ -162,12 +168,19 @@ find_code_by_rule(
162
168
 
163
169
  When MCP tools are unavailable or the repo exceeds 500 files in scope, use `--json=stream` (NEVER `--json` or `--json=pretty`) with line-by-line Python processing:
164
170
 
171
+ **Head cap selection:** The `| head -N` cap at the end of the pipeline controls how many exports are captured. Select `N` based on scope and tier:
172
+ - **Default (Quick/Forge, any scope):** `N = 200`
173
+ - **Forge+/Deep with `scope.type: "full-library"`:** `N = 500`
174
+
175
+ For full-library skills at higher tiers, the larger cap prevents silently dropping internal module exports that maintainers need. The cap is applied AFTER exclude-pattern filtering, so useful results are not wasted on excluded files.
176
+
165
177
  ```bash
166
178
  # Note: use $$$ for variadic params in ast-grep patterns (e.g., 'def $NAME($$$PARAMS)')
167
179
  # {exclude_patterns} = Python list from brief's scope.exclude, e.g. ['tests/**', '**/test_*']
168
180
  # If scope.exclude is absent or empty in the brief, inject [] as the default.
169
181
  # Patterns are matched against the full file path as emitted by ast-grep.
170
182
  # Ensure paths are relative to the same root as the patterns (strip ./ prefix if needed).
183
+ # {HEAD_CAP} = 200 (default) or 500 (Forge+/Deep full-library) — see head cap selection above.
171
184
  ast-grep -p '{pattern}' -l {language} --json=stream {path} | python3 -c "
172
185
  import sys, json, fnmatch, signal
173
186
  signal.signal(signal.SIGPIPE, signal.SIG_DFL)
@@ -187,7 +200,7 @@ for line in sys.stdin:
187
200
  sig = m.get('text','').split(chr(10))[0].strip()
188
201
  print(f'[AST:{f}:L{ln}] {sig}')
189
202
  except: pass
190
- " | head -200
203
+ " | head -{HEAD_CAP}
191
204
  ```
192
205
 
193
206
  **Critical constraints:**
@@ -195,7 +208,7 @@ for line in sys.stdin:
195
208
  - ALWAYS use `--json=stream` — never `--json` (loads entire array into memory)
196
209
  - ALWAYS process line-by-line (`for line in sys.stdin`) — never `json.load(sys.stdin)`
197
210
  - ALWAYS cap output with `| head -N` as a safety valve
198
- - For repos > 500 files, process in directory batches of 20-50 files each
211
+ - For repos > 500 files, process in directory batches of 20-50 files each: split by top-level source directory, run the CLI streaming template per batch with the same head cap, then merge results and deduplicate by export name (keep the first occurrence if duplicates exist across batches)
199
212
 
200
213
  ### YAML Rule Recipes by Language
201
214
 
@@ -102,7 +102,7 @@ If `source_repo` is a remote URL (GitHub URL or owner/repo format) AND tier is F
102
102
 
103
103
  After checkout, apply the original glob `include_patterns` as file-level filters when building the extraction file list — sparse-checkout gets the right directories, glob filtering narrows to the exact files. When `--no-cone` mode was used, most exclude filtering is already done at the git level, but apply `exclude_patterns` as a final pass to catch any edge cases where gitignore pattern matching diverges from the brief's glob semantics. Always-included root files (see above) are exempt from post-checkout filtering.
104
104
 
105
- 3. **If clone succeeds:** Update the working source path to `{temp_path}` for all subsequent AST operations in this step. Proceed with the **Forge/Deep Tier** extraction strategy below. Mark `ephemeral_clone_active = true` for cleanup.
105
+ 3. **If clone succeeds:** Update the working source path to `{temp_path}` for all subsequent AST operations in this step. Capture the source commit: `git -C {temp_path} rev-parse HEAD` — store as `source_commit` in context. Proceed with the **Forge/Deep Tier** extraction strategy below. Mark `ephemeral_clone_active = true` for cleanup.
106
106
 
107
107
  4. **If clone fails (network error, auth failure, timeout):**
108
108
 
@@ -116,6 +116,20 @@ If `source_repo` is a remote URL (GitHub URL or owner/repo format) AND tier is F
116
116
 
117
117
  ---
118
118
 
119
+ ## Source Commit Capture (all tiers, source mode only)
120
+
121
+ **If `source_type: "docs-only"`:** skip — set `source_commit: null`.
122
+
123
+ After the source path is accessible, capture the current commit hash for provenance tracking:
124
+
125
+ - **Local path:** `git -C {source_root} rev-parse HEAD` — if the path is a git repo
126
+ - **Ephemeral clone (Forge/Deep):** already captured during clone (step 3 above)
127
+ - **Quick tier (remote, no clone):** `gh api repos/{owner}/{repo}/commits/{branch} --jq '.sha'`
128
+
129
+ Store the result as `source_commit` in context. If capture fails (not a git repo, API unavailable), set `source_commit: null` — this is not an error.
130
+
131
+ ---
132
+
119
133
  ## Version Reconciliation (all tiers, source mode only)
120
134
 
121
135
  **If `source_type: "docs-only"`:** skip this section — no source files exist to reconcile.
@@ -135,4 +149,4 @@ Update the working version in context to the source version. Record the mismatch
135
149
 
136
150
  **If no version file is found or version cannot be extracted:** keep `brief.version` as-is. No warning needed.
137
151
 
138
- **If source is remote and accessed via Quick tier (gh_bridge, no local files):** attempt to read the version file via `gh_bridge.read_file(owner, repo, "{version_file}")` for the primary version file of the detected language. If the read fails, keep `brief.version`.
152
+ **If source is remote and accessed via Quick tier (gh_bridge, no local files):** attempt to read the version file via `gh_bridge.read_file(owner, repo, "{version_file}")` — resolved as `gh api repos/{owner}/{repo}/contents/{version_file}` or direct file read if local (see [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md)) — for the primary version file of the detected language. If the read fails, keep `brief.version`.
@@ -20,7 +20,7 @@ When `source_repo` is a remote URL (GitHub URL or owner/repo format) and the tie
20
20
  - The extraction step MUST warn the user explicitly before degrading
21
21
  - **create-skill:** Warning must include actionable guidance — clone locally and update `source_repo` in the brief to the local path
22
22
  - **update-skill:** Warning must include actionable guidance — clone locally, re-run [CS] Create Skill with the local path to regenerate provenance data, then re-run the update
23
- - Extraction proceeds using Quick tier strategy (source reading via gh_bridge)
23
+ - Extraction proceeds using Quick tier strategy (source reading via gh_bridge — resolved as `gh api` commands or direct file I/O; see [knowledge/tool-resolution.md](../../../knowledge/tool-resolution.md))
24
24
  - All results labeled T1-low with `[SRC:...]` citations
25
25
  - The degradation reason is recorded in the evidence report
26
26