clean-room-skill 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. package/.claude-plugin/marketplace.json +19 -0
  2. package/.claude-plugin/plugin.json +20 -0
  3. package/.codex-plugin/plugin.json +36 -0
  4. package/LICENSE +21 -0
  5. package/README.md +376 -0
  6. package/agents/clean-architect.md +27 -0
  7. package/agents/clean-qa-editor.md +27 -0
  8. package/agents/contaminated-manager-verifier.md +35 -0
  9. package/agents/contaminated-source-analyst.md +26 -0
  10. package/bin/install.js +535 -0
  11. package/examples/codex/.codex/agents/clean-architect.toml +17 -0
  12. package/examples/codex/.codex/agents/clean-qa-editor.toml +17 -0
  13. package/examples/codex/.codex/agents/contaminated-manager-verifier.toml +21 -0
  14. package/examples/codex/.codex/agents/contaminated-source-analyst.toml +17 -0
  15. package/hooks/check-artifact-leakage.py +317 -0
  16. package/hooks/clean-room-hook.py +88 -0
  17. package/hooks/clean_room_paths.py +130 -0
  18. package/hooks/deny-clean-room-shell.py +30 -0
  19. package/hooks/deny-clean-source-read.py +104 -0
  20. package/hooks/deny-contaminated-clean-write.py +134 -0
  21. package/hooks/hooks.json +44 -0
  22. package/hooks/require-clean-room-env.py +127 -0
  23. package/hooks/validate-handoff-package.py +140 -0
  24. package/hooks/validate-json-schema.py +283 -0
  25. package/lib/fs-utils.cjs +123 -0
  26. package/lib/hooks.cjs +214 -0
  27. package/package.json +49 -0
  28. package/plugin.json +20 -0
  29. package/skills/attended/SKILL.md +25 -0
  30. package/skills/clean-room/SKILL.md +134 -0
  31. package/skills/clean-room/assets/behavior-spec.schema.json +367 -0
  32. package/skills/clean-room/assets/contamination-incident.schema.json +60 -0
  33. package/skills/clean-room/assets/coverage-ledger.schema.json +139 -0
  34. package/skills/clean-room/assets/evidence-ledger.schema.json +80 -0
  35. package/skills/clean-room/assets/handoff-package.schema.json +114 -0
  36. package/skills/clean-room/assets/qc-report.schema.json +248 -0
  37. package/skills/clean-room/assets/skeleton-manifest.schema.json +239 -0
  38. package/skills/clean-room/assets/source-index.schema.json +622 -0
  39. package/skills/clean-room/assets/task-manifest.schema.json +593 -0
  40. package/skills/clean-room/examples/README.md +18 -0
  41. package/skills/clean-room/examples/minimal-spec-package/behavior-spec.json +61 -0
  42. package/skills/clean-room/examples/minimal-spec-package/coverage-ledger.json +27 -0
  43. package/skills/clean-room/examples/minimal-spec-package/evidence-ledger.json +17 -0
  44. package/skills/clean-room/examples/minimal-spec-package/handoff-package.json +26 -0
  45. package/skills/clean-room/examples/minimal-spec-package/qc-report.json +25 -0
  46. package/skills/clean-room/examples/minimal-spec-package/skeleton-manifest.json +45 -0
  47. package/skills/clean-room/examples/minimal-spec-package/source-index.json +156 -0
  48. package/skills/clean-room/examples/minimal-spec-package/task-manifest.json +220 -0
  49. package/skills/clean-room/references/LEAKAGE-RULES.md +92 -0
  50. package/skills/clean-room/references/PROCESS.md +185 -0
  51. package/skills/clean-room/references/SPEC-SCHEMA.md +185 -0
  52. package/skills/clean-room/references/TARGET-LANGUAGE-GUIDE.md +43 -0
  53. package/skills/clean-room/scripts/build_source_index.py +1253 -0
  54. package/skills/clean-room/scripts/clean_room_tool_manager.py +199 -0
  55. package/skills/clean-room/scripts/clean_room_tooling.py +370 -0
  56. package/skills/unattended/SKILL.md +26 -0
package/skills/clean-room/assets/coverage-ledger.schema.json ADDED
@@ -0,0 +1,139 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "title": "Clean-Room Coverage Ledger",
4
+ "type": "object",
5
+ "additionalProperties": false,
6
+ "required": [
7
+ "ledger_id",
8
+ "task_id",
9
+ "updated_by_role",
10
+ "source_units",
11
+ "behavior_spec_refs",
12
+ "coverage_status",
13
+ "abstract_delta_tickets",
14
+ "review_history"
15
+ ],
16
+ "properties": {
17
+ "ledger_id": {
18
+ "type": "string",
19
+ "minLength": 1
20
+ },
21
+ "task_id": {
22
+ "type": "string",
23
+ "minLength": 1
24
+ },
25
+ "updated_by_role": {
26
+ "const": "contaminated-manager-verifier"
27
+ },
28
+ "source_units": {
29
+ "type": "array",
30
+ "items": {
31
+ "type": "object",
32
+ "additionalProperties": false,
33
+ "required": [
34
+ "unit_id",
35
+ "coverage_state",
36
+ "evidence_refs"
37
+ ],
38
+ "properties": {
39
+ "unit_id": {
40
+ "type": "string",
41
+ "minLength": 1
42
+ },
43
+ "coverage_state": {
44
+ "enum": [
45
+ "not-started",
46
+ "in-progress",
47
+ "covered",
48
+ "gap",
49
+ "out-of-scope",
50
+ "blocked"
51
+ ]
52
+ },
53
+ "evidence_refs": {
54
+ "type": "array",
55
+ "items": {
56
+ "type": "string",
57
+ "pattern": "^evidence-ledger:"
58
+ }
59
+ },
60
+ "notes": {
61
+ "type": "string"
62
+ }
63
+ }
64
+ }
65
+ },
66
+ "behavior_spec_refs": {
67
+ "type": "array",
68
+ "items": {
69
+ "type": "string"
70
+ }
71
+ },
72
+ "coverage_status": {
73
+ "enum": [
74
+ "complete",
75
+ "partial",
76
+ "blocked"
77
+ ]
78
+ },
79
+ "abstract_delta_tickets": {
80
+ "type": "array",
81
+ "items": {
82
+ "type": "object",
83
+ "additionalProperties": false,
84
+ "required": [
85
+ "ticket_id",
86
+ "unit_id",
87
+ "summary",
88
+ "status"
89
+ ],
90
+ "properties": {
91
+ "ticket_id": {
92
+ "type": "string",
93
+ "minLength": 1
94
+ },
95
+ "unit_id": {
96
+ "type": "string",
97
+ "minLength": 1
98
+ },
99
+ "summary": {
100
+ "type": "string",
101
+ "minLength": 1
102
+ },
103
+ "status": {
104
+ "enum": [
105
+ "open",
106
+ "resolved",
107
+ "deferred"
108
+ ]
109
+ }
110
+ }
111
+ }
112
+ },
113
+ "review_history": {
114
+ "type": "array",
115
+ "items": {
116
+ "type": "object",
117
+ "additionalProperties": false,
118
+ "required": [
119
+ "reviewer_role",
120
+ "status",
121
+ "notes"
122
+ ],
123
+ "properties": {
124
+ "reviewer_role": {
125
+ "type": "string",
126
+ "minLength": 1
127
+ },
128
+ "status": {
129
+ "type": "string",
130
+ "minLength": 1
131
+ },
132
+ "notes": {
133
+ "type": "string"
134
+ }
135
+ }
136
+ }
137
+ }
138
+ }
139
+ }
package/skills/clean-room/assets/evidence-ledger.schema.json ADDED
@@ -0,0 +1,80 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "title": "Clean-Room Evidence Ledger",
4
+ "type": "object",
5
+ "additionalProperties": false,
6
+ "required": [
7
+ "ledger_id",
8
+ "task_id",
9
+ "domain",
10
+ "entries"
11
+ ],
12
+ "properties": {
13
+ "ledger_id": {
14
+ "type": "string",
15
+ "minLength": 1
16
+ },
17
+ "task_id": {
18
+ "type": "string",
19
+ "minLength": 1
20
+ },
21
+ "domain": {
22
+ "const": "contaminated"
23
+ },
24
+ "entries": {
25
+ "type": "array",
26
+ "items": {
27
+ "type": "object",
28
+ "additionalProperties": false,
29
+ "required": [
30
+ "evidence_id",
31
+ "source_unit_ref",
32
+ "evidence_type",
33
+ "description",
34
+ "evidence_location_ref",
35
+ "retained_in_contaminated_domain"
36
+ ],
37
+ "properties": {
38
+ "evidence_id": {
39
+ "type": "string",
40
+ "minLength": 1
41
+ },
42
+ "source_unit_ref": {
43
+ "type": "string",
44
+ "minLength": 1
45
+ },
46
+ "evidence_type": {
47
+ "enum": [
48
+ "source-observation",
49
+ "public-doc",
50
+ "runtime-observation",
51
+ "tool-output",
52
+ "manual-note"
53
+ ]
54
+ },
55
+ "description": {
56
+ "type": "string",
57
+ "minLength": 1
58
+ },
59
+ "evidence_location_ref": {
60
+ "type": "string",
61
+ "minLength": 1
62
+ },
63
+ "source_hash": {
64
+ "type": "string"
65
+ },
66
+ "sensitivity": {
67
+ "enum": [
68
+ "low",
69
+ "medium",
70
+ "high"
71
+ ]
72
+ },
73
+ "retained_in_contaminated_domain": {
74
+ "const": true
75
+ }
76
+ }
77
+ }
78
+ }
79
+ }
80
+ }
package/skills/clean-room/assets/handoff-package.schema.json ADDED
@@ -0,0 +1,114 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "title": "Clean-Room Handoff Package",
4
+ "type": "object",
5
+ "additionalProperties": false,
6
+ "required": [
7
+ "package_id",
8
+ "task_id",
9
+ "from_domain",
10
+ "to_domain",
11
+ "created_by_role",
12
+ "artifacts",
13
+ "excluded_material",
14
+ "leakage_review"
15
+ ],
16
+ "properties": {
17
+ "package_id": {
18
+ "type": "string",
19
+ "minLength": 1
20
+ },
21
+ "task_id": {
22
+ "type": "string",
23
+ "minLength": 1
24
+ },
25
+ "from_domain": {
26
+ "const": "contaminated"
27
+ },
28
+ "to_domain": {
29
+ "const": "clean"
30
+ },
31
+ "created_by_role": {
32
+ "enum": [
33
+ "contaminated-source-analyst",
34
+ "contaminated-manager-verifier"
35
+ ]
36
+ },
37
+ "artifacts": {
38
+ "type": "array",
39
+ "items": {
40
+ "type": "object",
41
+ "additionalProperties": false,
42
+ "required": [
43
+ "artifact_id",
44
+ "artifact_type",
45
+ "path",
46
+ "sha256"
47
+ ],
48
+ "properties": {
49
+ "artifact_id": {
50
+ "type": "string",
51
+ "minLength": 1
52
+ },
53
+ "artifact_type": {
54
+ "enum": [
55
+ "task-manifest",
56
+ "behavior-spec",
57
+ "coverage-ledger-summary",
58
+ "open-questions",
59
+ "test-plan",
60
+ "abstract-delta-ticket"
61
+ ]
62
+ },
63
+ "path": {
64
+ "type": "string",
65
+ "minLength": 1
66
+ },
67
+ "sha256": {
68
+ "type": "string",
69
+ "pattern": "^[a-fA-F0-9]{64}$"
70
+ }
71
+ }
72
+ }
73
+ },
74
+ "excluded_material": {
75
+ "type": "array",
76
+ "items": {
77
+ "enum": [
78
+ "source_excerpt",
79
+ "raw_diff",
80
+ "private_identifier",
81
+ "source_shaped_pseudocode",
82
+ "copied_comments",
83
+ "decompiled_output",
84
+ "other"
85
+ ]
86
+ }
87
+ },
88
+ "leakage_review": {
89
+ "type": "object",
90
+ "additionalProperties": false,
91
+ "required": [
92
+ "status",
93
+ "reviewer_role",
94
+ "notes"
95
+ ],
96
+ "properties": {
97
+ "status": {
98
+ "enum": [
99
+ "passed",
100
+ "failed",
101
+ "quarantined"
102
+ ]
103
+ },
104
+ "reviewer_role": {
105
+ "type": "string",
106
+ "minLength": 1
107
+ },
108
+ "notes": {
109
+ "type": "string"
110
+ }
111
+ }
112
+ }
113
+ }
114
+ }
package/skills/clean-room/assets/qc-report.schema.json ADDED
@@ -0,0 +1,248 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "title": "Clean-Room QC Report",
4
+ "type": "object",
5
+ "additionalProperties": false,
6
+ "required": [
7
+ "report_id",
8
+ "reviewer_role",
9
+ "reviewed_at",
10
+ "reviewed_artifacts",
11
+ "artifact_hashes",
12
+ "schema_validator_version",
13
+ "schema_status",
14
+ "leakage_status",
15
+ "leakage_scan_summary",
16
+ "coverage_status",
17
+ "required_rerun",
18
+ "contamination_incidents",
19
+ "findings",
20
+ "abstract_delta_tickets",
21
+ "final_status"
22
+ ],
23
+ "properties": {
24
+ "report_id": {
25
+ "type": "string",
26
+ "minLength": 1
27
+ },
28
+ "reviewer_role": {
29
+ "enum": [
30
+ "clean-qa-editor",
31
+ "contaminated-manager-verifier"
32
+ ]
33
+ },
34
+ "reviewed_at": {
35
+ "type": "string",
36
+ "format": "date-time"
37
+ },
38
+ "reviewed_artifacts": {
39
+ "type": "array",
40
+ "items": {
41
+ "type": "string"
42
+ }
43
+ },
44
+ "artifact_hashes": {
45
+ "type": "array",
46
+ "items": {
47
+ "type": "object",
48
+ "additionalProperties": false,
49
+ "required": [
50
+ "artifact",
51
+ "sha256"
52
+ ],
53
+ "properties": {
54
+ "artifact": {
55
+ "type": "string",
56
+ "minLength": 1
57
+ },
58
+ "sha256": {
59
+ "type": "string",
60
+ "pattern": "^[a-fA-F0-9]{64}$"
61
+ }
62
+ }
63
+ }
64
+ },
65
+ "schema_validator_version": {
66
+ "type": "string",
67
+ "minLength": 1
68
+ },
69
+ "schema_status": {
70
+ "enum": [
71
+ "passed",
72
+ "failed",
73
+ "not-run"
74
+ ]
75
+ },
76
+ "leakage_status": {
77
+ "enum": [
78
+ "passed",
79
+ "failed",
80
+ "quarantined",
81
+ "not-run"
82
+ ]
83
+ },
84
+ "leakage_scan_summary": {
85
+ "type": "string",
86
+ "minLength": 1
87
+ },
88
+ "coverage_status": {
89
+ "enum": [
90
+ "complete",
91
+ "partial",
92
+ "blocked",
93
+ "not-run"
94
+ ]
95
+ },
96
+ "required_rerun": {
97
+ "type": "boolean"
98
+ },
99
+ "contamination_incidents": {
100
+ "type": "array",
101
+ "items": {
102
+ "$ref": "#/$defs/contamination_incident"
103
+ }
104
+ },
105
+ "findings": {
106
+ "type": "array",
107
+ "items": {
108
+ "$ref": "#/$defs/finding"
109
+ }
110
+ },
111
+ "abstract_delta_tickets": {
112
+ "type": "array",
113
+ "items": {
114
+ "$ref": "#/$defs/abstract_delta_ticket"
115
+ }
116
+ },
117
+ "final_status": {
118
+ "enum": [
119
+ "passed",
120
+ "passed-with-gaps",
121
+ "failed",
122
+ "blocked",
123
+ "quarantined"
124
+ ]
125
+ }
126
+ },
127
+ "$defs": {
128
+ "contamination_incident": {
129
+ "type": "object",
130
+ "additionalProperties": false,
131
+ "required": [
132
+ "incident_id",
133
+ "artifact",
134
+ "blocked_material_type",
135
+ "action",
136
+ "clean_context_invalidated",
137
+ "notes"
138
+ ],
139
+ "properties": {
140
+ "incident_id": {
141
+ "type": "string",
142
+ "minLength": 1
143
+ },
144
+ "artifact": {
145
+ "type": "string",
146
+ "minLength": 1
147
+ },
148
+ "blocked_material_type": {
149
+ "enum": [
150
+ "source_excerpt",
151
+ "raw_diff",
152
+ "private_identifier",
153
+ "source_shaped_pseudocode",
154
+ "other"
155
+ ]
156
+ },
157
+ "action": {
158
+ "enum": [
159
+ "quarantined",
160
+ "deleted",
161
+ "regenerated"
162
+ ]
163
+ },
164
+ "clean_context_invalidated": {
165
+ "type": "boolean"
166
+ },
167
+ "notes": {
168
+ "type": "string"
169
+ }
170
+ }
171
+ },
172
+ "finding": {
173
+ "type": "object",
174
+ "additionalProperties": false,
175
+ "required": [
176
+ "severity",
177
+ "category",
178
+ "summary"
179
+ ],
180
+ "properties": {
181
+ "severity": {
182
+ "enum": [
183
+ "info",
184
+ "low",
185
+ "medium",
186
+ "high",
187
+ "blocker"
188
+ ]
189
+ },
190
+ "category": {
191
+ "enum": [
192
+ "schema",
193
+ "leakage",
194
+ "coverage",
195
+ "ambiguity",
196
+ "testability",
197
+ "terminology",
198
+ "process"
199
+ ]
200
+ },
201
+ "summary": {
202
+ "type": "string",
203
+ "minLength": 1
204
+ },
205
+ "affected_artifacts": {
206
+ "type": "array",
207
+ "items": {
208
+ "type": "string"
209
+ }
210
+ },
211
+ "recommended_action": {
212
+ "type": "string"
213
+ }
214
+ }
215
+ },
216
+ "abstract_delta_ticket": {
217
+ "type": "object",
218
+ "additionalProperties": false,
219
+ "required": [
220
+ "ticket_id",
221
+ "summary",
222
+ "requested_clean_change",
223
+ "status"
224
+ ],
225
+ "properties": {
226
+ "ticket_id": {
227
+ "type": "string",
228
+ "minLength": 1
229
+ },
230
+ "summary": {
231
+ "type": "string",
232
+ "minLength": 1
233
+ },
234
+ "requested_clean_change": {
235
+ "type": "string",
236
+ "minLength": 1
237
+ },
238
+ "status": {
239
+ "enum": [
240
+ "open",
241
+ "resolved",
242
+ "deferred"
243
+ ]
244
+ }
245
+ }
246
+ }
247
+ }
248
+ }