create-claude-cabinet 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +196 -0
- package/bin/create-claude-cabinet.js +8 -0
- package/lib/cli.js +624 -0
- package/lib/copy.js +152 -0
- package/lib/db-setup.js +51 -0
- package/lib/metadata.js +42 -0
- package/lib/reset.js +193 -0
- package/lib/settings-merge.js +93 -0
- package/package.json +29 -0
- package/templates/EXTENSIONS.md +311 -0
- package/templates/README.md +485 -0
- package/templates/briefing/_briefing-api-template.md +21 -0
- package/templates/briefing/_briefing-architecture-template.md +16 -0
- package/templates/briefing/_briefing-cabinet-template.md +20 -0
- package/templates/briefing/_briefing-identity-template.md +18 -0
- package/templates/briefing/_briefing-scopes-template.md +39 -0
- package/templates/briefing/_briefing-template.md +148 -0
- package/templates/briefing/_briefing-work-tracking-template.md +18 -0
- package/templates/cabinet/committees-template.yaml +49 -0
- package/templates/cabinet/composition-patterns.md +240 -0
- package/templates/cabinet/eval-protocol.md +208 -0
- package/templates/cabinet/lifecycle.md +93 -0
- package/templates/cabinet/output-contract.md +148 -0
- package/templates/cabinet/prompt-guide.md +266 -0
- package/templates/hooks/cor-upstream-guard.sh +79 -0
- package/templates/hooks/git-guardrails.sh +67 -0
- package/templates/hooks/skill-telemetry.sh +66 -0
- package/templates/hooks/skill-tool-telemetry.sh +54 -0
- package/templates/hooks/stop-hook.md +56 -0
- package/templates/memory/patterns/_pattern-template.md +119 -0
- package/templates/memory/patterns/pattern-intelligence-first.md +41 -0
- package/templates/rules/enforcement-pipeline.md +151 -0
- package/templates/scripts/cor-drift-check.cjs +84 -0
- package/templates/scripts/finding-schema.json +94 -0
- package/templates/scripts/load-triage-history.js +151 -0
- package/templates/scripts/merge-findings.js +126 -0
- package/templates/scripts/pib-db-schema.sql +68 -0
- package/templates/scripts/pib-db.js +365 -0
- package/templates/scripts/triage-server.mjs +98 -0
- package/templates/scripts/triage-ui.html +536 -0
- package/templates/skills/audit/SKILL.md +273 -0
- package/templates/skills/audit/phases/finding-output.md +56 -0
- package/templates/skills/audit/phases/member-execution.md +83 -0
- package/templates/skills/audit/phases/member-selection.md +44 -0
- package/templates/skills/audit/phases/structural-checks.md +54 -0
- package/templates/skills/audit/phases/triage-history.md +45 -0
- package/templates/skills/cabinet-accessibility/SKILL.md +180 -0
- package/templates/skills/cabinet-anti-confirmation/SKILL.md +172 -0
- package/templates/skills/cabinet-architecture/SKILL.md +279 -0
- package/templates/skills/cabinet-boundary-man/SKILL.md +265 -0
- package/templates/skills/cabinet-cor-health/SKILL.md +342 -0
- package/templates/skills/cabinet-data-integrity/SKILL.md +157 -0
- package/templates/skills/cabinet-debugger/SKILL.md +221 -0
- package/templates/skills/cabinet-historian/SKILL.md +253 -0
- package/templates/skills/cabinet-organized-mind/SKILL.md +338 -0
- package/templates/skills/cabinet-process-therapist/SKILL.md +261 -0
- package/templates/skills/cabinet-qa/SKILL.md +205 -0
- package/templates/skills/cabinet-record-keeper/SKILL.md +168 -0
- package/templates/skills/cabinet-roster-check/SKILL.md +297 -0
- package/templates/skills/cabinet-security/SKILL.md +181 -0
- package/templates/skills/cabinet-small-screen/SKILL.md +154 -0
- package/templates/skills/cabinet-speed-freak/SKILL.md +169 -0
- package/templates/skills/cabinet-system-advocate/SKILL.md +194 -0
- package/templates/skills/cabinet-technical-debt/SKILL.md +115 -0
- package/templates/skills/cabinet-usability/SKILL.md +189 -0
- package/templates/skills/cabinet-workflow-cop/SKILL.md +238 -0
- package/templates/skills/cor-upgrade/SKILL.md +302 -0
- package/templates/skills/debrief/SKILL.md +409 -0
- package/templates/skills/debrief/phases/auto-maintenance.md +48 -0
- package/templates/skills/debrief/phases/close-work.md +88 -0
- package/templates/skills/debrief/phases/health-checks.md +54 -0
- package/templates/skills/debrief/phases/inventory.md +40 -0
- package/templates/skills/debrief/phases/loose-ends.md +52 -0
- package/templates/skills/debrief/phases/record-lessons.md +67 -0
- package/templates/skills/debrief/phases/report.md +59 -0
- package/templates/skills/debrief/phases/update-state.md +48 -0
- package/templates/skills/debrief/phases/upstream-feedback.md +129 -0
- package/templates/skills/debrief-quick/SKILL.md +12 -0
- package/templates/skills/execute/SKILL.md +293 -0
- package/templates/skills/execute/phases/cabinet.md +49 -0
- package/templates/skills/execute/phases/commit-and-deploy.md +66 -0
- package/templates/skills/execute/phases/load-plan.md +49 -0
- package/templates/skills/execute/phases/validators.md +50 -0
- package/templates/skills/execute/phases/verification-tools.md +67 -0
- package/templates/skills/extract/SKILL.md +168 -0
- package/templates/skills/investigate/SKILL.md +160 -0
- package/templates/skills/link/SKILL.md +52 -0
- package/templates/skills/menu/SKILL.md +61 -0
- package/templates/skills/onboard/SKILL.md +356 -0
- package/templates/skills/onboard/phases/detect-state.md +79 -0
- package/templates/skills/onboard/phases/generate-briefing.md +127 -0
- package/templates/skills/onboard/phases/generate-session-loop.md +87 -0
- package/templates/skills/onboard/phases/interview.md +233 -0
- package/templates/skills/onboard/phases/modularity-menu.md +162 -0
- package/templates/skills/onboard/phases/options.md +98 -0
- package/templates/skills/onboard/phases/post-onboard-audit.md +121 -0
- package/templates/skills/onboard/phases/summary.md +122 -0
- package/templates/skills/onboard/phases/work-tracking.md +231 -0
- package/templates/skills/orient/SKILL.md +251 -0
- package/templates/skills/orient/phases/auto-maintenance.md +48 -0
- package/templates/skills/orient/phases/briefing.md +53 -0
- package/templates/skills/orient/phases/cabinet.md +46 -0
- package/templates/skills/orient/phases/context.md +63 -0
- package/templates/skills/orient/phases/data-sync.md +35 -0
- package/templates/skills/orient/phases/health-checks.md +50 -0
- package/templates/skills/orient/phases/work-scan.md +69 -0
- package/templates/skills/orient-quick/SKILL.md +12 -0
- package/templates/skills/plan/SKILL.md +358 -0
- package/templates/skills/plan/phases/cabinet-critique.md +47 -0
- package/templates/skills/plan/phases/calibration-examples.md +75 -0
- package/templates/skills/plan/phases/completeness-check.md +44 -0
- package/templates/skills/plan/phases/composition-check.md +36 -0
- package/templates/skills/plan/phases/overlap-check.md +62 -0
- package/templates/skills/plan/phases/plan-template.md +69 -0
- package/templates/skills/plan/phases/present.md +60 -0
- package/templates/skills/plan/phases/research.md +43 -0
- package/templates/skills/plan/phases/work-tracker.md +95 -0
- package/templates/skills/publish/SKILL.md +74 -0
- package/templates/skills/pulse/SKILL.md +242 -0
- package/templates/skills/pulse/phases/auto-fix-scope.md +40 -0
- package/templates/skills/pulse/phases/checks.md +58 -0
- package/templates/skills/pulse/phases/output.md +54 -0
- package/templates/skills/seed/SKILL.md +257 -0
- package/templates/skills/seed/phases/build-member.md +93 -0
- package/templates/skills/seed/phases/evaluate-existing.md +61 -0
- package/templates/skills/seed/phases/maintain.md +92 -0
- package/templates/skills/seed/phases/scan-signals.md +86 -0
- package/templates/skills/triage-audit/SKILL.md +251 -0
- package/templates/skills/triage-audit/phases/apply-verdicts.md +90 -0
- package/templates/skills/triage-audit/phases/load-findings.md +38 -0
- package/templates/skills/triage-audit/phases/triage-ui.md +66 -0
- package/templates/skills/unlink/SKILL.md +35 -0
- package/templates/skills/validate/SKILL.md +116 -0
- package/templates/skills/validate/phases/validators.md +53 -0
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
# Cabinet Member Lifecycle
|
|
2
|
+
|
|
3
|
+
How cabinet members enter, evolve, and leave your project's expertise cabinet.
|
|
4
|
+
Adding a cabinet member is hiring an expert. Retiring one is letting someone
|
|
5
|
+
go when their expertise is no longer needed. Both decisions require judgment.
|
|
6
|
+
|
|
7
|
+
## When to Adopt a Cabinet Member
|
|
8
|
+
|
|
9
|
+
**Technology signal.** Adopted React? Consider accessibility and
|
|
10
|
+
small-screen. Using SQLite? Consider data-integrity. Chose a
|
|
11
|
+
UI framework? Consider a framework-quality cabinet member. The technology
|
|
12
|
+
choice itself is the signal — you don't wait for an incident.
|
|
13
|
+
|
|
14
|
+
**Incident signal.** A security breach, a data loss, a deployment that
|
|
15
|
+
broke production — each reveals expertise the project lacked. Build a
|
|
16
|
+
cabinet member to carry that expertise forward so the system remembers
|
|
17
|
+
what the human might forget.
|
|
18
|
+
|
|
19
|
+
**Growth signal.** Working with a team? Consider workflow-cop and record-keeper.
|
|
20
|
+
Managing multiple areas? Consider organized-mind. Tracking complex state?
|
|
21
|
+
Consider data-integrity with broader scope.
|
|
22
|
+
|
|
23
|
+
**Audit gap signal.** During audit triage, you notice recurring friction
|
|
24
|
+
that no cabinet member covers. Before hiring a new cabinet member, check whether
|
|
25
|
+
an existing one could expand its scope. If not, that's a genuine gap.
|
|
26
|
+
|
|
27
|
+
## When to Retire a Cabinet Member
|
|
28
|
+
|
|
29
|
+
**No signal, no findings.** If a cabinet member hasn't caught a real issue
|
|
30
|
+
(approved finding) in 3+ audit cycles, it may be dead weight. Check:
|
|
31
|
+
- Has the domain it covers changed? (Migrated off the framework, removed
|
|
32
|
+
the feature)
|
|
33
|
+
- Are its paths stale? (Files it checks no longer exist)
|
|
34
|
+
- Has another cabinet member absorbed its concerns?
|
|
35
|
+
|
|
36
|
+
**High rejection rate.** If >50% of a cabinet member's findings are rejected
|
|
37
|
+
at triage, it's miscalibrated. Either refine it (via `eval-protocol.md`)
|
|
38
|
+
or retire it if the domain isn't worth the maintenance.
|
|
39
|
+
|
|
40
|
+
**Domain no longer relevant.** Dropped the UI framework the cabinet member
|
|
41
|
+
checked. Moved to a managed database that handles integrity itself.
|
|
42
|
+
Retired the feature the cabinet member watched.
|
|
43
|
+
|
|
44
|
+
Retirement is healthy. A lean cabinet of active cabinet members is better
|
|
45
|
+
than a large one with dead weight. The system stays lean by actively
|
|
46
|
+
pruning, not just actively growing.
|
|
47
|
+
|
|
48
|
+
## How to Assess
|
|
49
|
+
|
|
50
|
+
Use `eval-protocol.md` for structured assessment:
|
|
51
|
+
|
|
52
|
+
1. Define 3-5 assertions about what the cabinet member should catch
|
|
53
|
+
2. Sample recent audit runs for evidence
|
|
54
|
+
3. Score: pass / partial / fail / untestable
|
|
55
|
+
4. Track over time: declining pass rate = drift
|
|
56
|
+
|
|
57
|
+
**Key metric: triage acceptance rate.** What fraction of a cabinet member's
|
|
58
|
+
findings does the user approve vs reject? This is the strongest signal
|
|
59
|
+
of calibration quality.
|
|
60
|
+
|
|
61
|
+
## Cross-Portfolio vs Committee-Assigned
|
|
62
|
+
|
|
63
|
+
Most cabinet members belong in exactly one committee (see `committees-template.yaml`).
|
|
64
|
+
They cover a specific domain and stay in their portfolio.
|
|
65
|
+
|
|
66
|
+
**Cross-portfolio cabinet members** intentionally span domains. Their expertise
|
|
67
|
+
(reasoning quality, cognitive load, test coverage) touches everything.
|
|
68
|
+
These activate via `standing-mandate` in their SKILL.md frontmatter,
|
|
69
|
+
not by committee membership. Examples: anti-confirmation, qa, debugger,
|
|
70
|
+
organized-mind.
|
|
71
|
+
|
|
72
|
+
Don't put a cross-portfolio cabinet member in a committee. It would run in committee
|
|
73
|
+
audits where it doesn't belong, and miss unassigned contexts where it does.
|
|
74
|
+
|
|
75
|
+
## Creating a New Cabinet Member
|
|
76
|
+
|
|
77
|
+
A cabinet member is a skill with `user-invocable: false`. Create it in
|
|
78
|
+
`.claude/skills/cabinet-{name}/SKILL.md` with:
|
|
79
|
+
|
|
80
|
+
1. **Identity** — who is this expert? What do they care about?
|
|
81
|
+
2. **Convening Criteria** — `standing-mandate`, `files`, `topics`
|
|
82
|
+
3. **Research Method** — what to examine, what tools to use, what to
|
|
83
|
+
reason about
|
|
84
|
+
4. **Boundaries** — what this cabinet member does NOT own (prevents overlap)
|
|
85
|
+
5. **Calibration Examples** — good findings, wrong-portfolio findings, severity
|
|
86
|
+
anchors
|
|
87
|
+
|
|
88
|
+
Add the cabinet member to your `committees.yaml` under the appropriate committee.
|
|
89
|
+
It's automatically discovered by the audit skill.
|
|
90
|
+
|
|
91
|
+
The best cabinet members emerge from real incidents and real audit findings.
|
|
92
|
+
Start rough, refine through use. A cabinet member that catches one real issue
|
|
93
|
+
is worth more than one that catches nothing precisely.
|
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
# Audit Output Contract
|
|
2
|
+
|
|
3
|
+
This file defines how cabinet members produce output when consumed by the
|
|
4
|
+
audit system. Cabinet members themselves are domain-neutral expert lenses;
|
|
5
|
+
this contract adds the audit-specific framing.
|
|
6
|
+
|
|
7
|
+
## Your Role
|
|
8
|
+
|
|
9
|
+
You are a system auditor producing structured findings. You are NOT
|
|
10
|
+
fixing anything — you are observing, reasoning, and proposing. Every
|
|
11
|
+
finding is a suggestion that the user will confirm, modify, or reject.
|
|
12
|
+
|
|
13
|
+
### Audit vs Review
|
|
14
|
+
|
|
15
|
+
An audit examines **the tool** — is it healthy, maintainable, delivering
|
|
16
|
+
on its promises? A review examines **the user's work** — what needs
|
|
17
|
+
attention, what's stalled, where is energy? You are doing an audit,
|
|
18
|
+
not a review.
|
|
19
|
+
|
|
20
|
+
You may observe usage patterns as evidence. But the finding must land
|
|
21
|
+
on the tool: "the routing workflow creates friction that discourages
|
|
22
|
+
processing" — not on the user: "the inbox hasn't been processed in
|
|
23
|
+
two weeks."
|
|
24
|
+
|
|
25
|
+
Every finding should answer: **what should the tool do differently?**
|
|
26
|
+
|
|
27
|
+
## Finding Quality Standards
|
|
28
|
+
|
|
29
|
+
**Good finding:** States what was observed, what assumption was made
|
|
30
|
+
about intent, what the concern is, and asks a question the human can
|
|
31
|
+
answer.
|
|
32
|
+
|
|
33
|
+
**Bad finding:** "This code doesn't follow best practices" — whose
|
|
34
|
+
practices? Why do they matter here? What's the actual risk?
|
|
35
|
+
|
|
36
|
+
Every finding MUST include:
|
|
37
|
+
- `assumption`: What you think the code/system was trying to do
|
|
38
|
+
- `evidence`: What you actually observed
|
|
39
|
+
- `question`: What you're uncertain about (invites human judgment)
|
|
40
|
+
|
|
41
|
+
These three fields are what make a finding useful. Without them, the
|
|
42
|
+
finding is just an opinion.
|
|
43
|
+
|
|
44
|
+
### Finding Hygiene
|
|
45
|
+
|
|
46
|
+
Group related issues into a single finding when they share a root cause
|
|
47
|
+
(e.g., "5 files duplicate the AREAS constant" is one finding, not five).
|
|
48
|
+
|
|
49
|
+
Trivial style issues, minor inconsistencies, and "technically correct
|
|
50
|
+
but contextually irrelevant" observations waste triage energy. Every
|
|
51
|
+
finding the user rejects is a tax on their trust in the audit system.
|
|
52
|
+
When in doubt about whether something is worth flagging, include it
|
|
53
|
+
but calibrate the severity honestly.
|
|
54
|
+
|
|
55
|
+
### Severity Calibration
|
|
56
|
+
|
|
57
|
+
Calibrate severity to actual risk in your project's context, not to
|
|
58
|
+
generic compliance frameworks. Read `_briefing.md` for the project's
|
|
59
|
+
priorities and risk profile.
|
|
60
|
+
|
|
61
|
+
<!-- Customize these anchors for your project. The examples below
|
|
62
|
+
illustrate the calibration pattern — replace with your own. -->
|
|
63
|
+
|
|
64
|
+
- **critical** — Something is broken right now, or data loss /
|
|
65
|
+
corruption is actively possible. A broken API endpoint, a sync that
|
|
66
|
+
silently fails, a constraint violation. The user would want to know
|
|
67
|
+
immediately.
|
|
68
|
+
- **warn** — Degradation, drift, or a real risk that hasn't
|
|
69
|
+
materialized yet but will if the system grows. A pattern that becomes
|
|
70
|
+
a problem at 2x current scale. A convention violation that causes
|
|
71
|
+
confusion.
|
|
72
|
+
- **info** — A genuine improvement opportunity. The system works but
|
|
73
|
+
could work better. Consolidation of duplicated code, better component
|
|
74
|
+
usage, clearer documentation.
|
|
75
|
+
- **idea** — A strategic suggestion or opportunity. Not a problem at all.
|
|
76
|
+
|
|
77
|
+
### Positive Findings (Health Confirmations)
|
|
78
|
+
|
|
79
|
+
Not everything an audit discovers is a problem. When a subsystem is
|
|
80
|
+
working well, confirming that health is valuable ongoing signal. Mark
|
|
81
|
+
these with `"type": "positive"`:
|
|
82
|
+
|
|
83
|
+
```json
|
|
84
|
+
{
|
|
85
|
+
"id": "{cabinet-member}-p{NNNN}",
|
|
86
|
+
"type": "positive",
|
|
87
|
+
"perspective": "{cabinet-member-name}",
|
|
88
|
+
"severity": "info",
|
|
89
|
+
"title": "Healthy subsystem confirmation",
|
|
90
|
+
"description": "What was checked and found healthy",
|
|
91
|
+
"evidence": "Specific checks that passed",
|
|
92
|
+
"autoFixable": false
|
|
93
|
+
}
|
|
94
|
+
```
|
|
95
|
+
|
|
96
|
+
**When to emit positive findings:**
|
|
97
|
+
- A subsystem you checked is healthy and functioning as intended
|
|
98
|
+
- A previously-flagged area has been fully resolved
|
|
99
|
+
- Infrastructure (sync, backups, pipelines) is operating normally
|
|
100
|
+
|
|
101
|
+
**Guidelines:**
|
|
102
|
+
- Keep positive findings concise — one per healthy subsystem
|
|
103
|
+
- Positive findings do NOT enter the triage queue (no approve/reject/defer)
|
|
104
|
+
- They are never suppressed by triage history (generated fresh each run)
|
|
105
|
+
- Use `severity: "info"` for positive findings
|
|
106
|
+
|
|
107
|
+
### The `autoFixable` Field
|
|
108
|
+
|
|
109
|
+
Mark `autoFixable: true` ONLY when a fix agent could resolve the
|
|
110
|
+
finding in under 5 minutes with zero design decisions:
|
|
111
|
+
|
|
112
|
+
- **True:** Add an aria-label, fix a typo, add a missing column to
|
|
113
|
+
an INSERT, add .env to .gitignore, update a stale string.
|
|
114
|
+
- **False:** Extract a shared component, split a monolith file,
|
|
115
|
+
redesign a workflow, choose between architectural approaches,
|
|
116
|
+
anything requiring "should this be X or Y?"
|
|
117
|
+
|
|
118
|
+
When in doubt, mark false.
|
|
119
|
+
|
|
120
|
+
## Output Format
|
|
121
|
+
|
|
122
|
+
Return valid JSON matching `scripts/finding-schema.json`.
|
|
123
|
+
|
|
124
|
+
```json
|
|
125
|
+
{
|
|
126
|
+
"findings": [
|
|
127
|
+
{
|
|
128
|
+
"id": "{cabinet-member}-{NNNN}",
|
|
129
|
+
"type": "finding",
|
|
130
|
+
"perspective": "{cabinet-member-name}",
|
|
131
|
+
"severity": "critical|warn|info|idea",
|
|
132
|
+
"title": "Short description (max 120 chars)",
|
|
133
|
+
"description": "Full explanation",
|
|
134
|
+
"assumption": "What you think the intent was",
|
|
135
|
+
"evidence": "What you actually observed",
|
|
136
|
+
"question": "What you're uncertain about",
|
|
137
|
+
"autoFixable": false
|
|
138
|
+
}
|
|
139
|
+
],
|
|
140
|
+
"meta": {
|
|
141
|
+
"perspective": "{cabinet-member-name}",
|
|
142
|
+
"timestamp": "ISO-8601"
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
```
|
|
146
|
+
|
|
147
|
+
Your response must be ONLY the JSON object — no markdown fences, no
|
|
148
|
+
commentary outside the JSON.
|
|
@@ -0,0 +1,266 @@
|
|
|
1
|
+
# Cabinet Member Prompt Guide
|
|
2
|
+
|
|
3
|
+
What makes a good cabinet member prompt. This guide is craft knowledge for
|
|
4
|
+
writing and evaluating cabinet member prompts — the `SKILL.md` files in
|
|
5
|
+
`.claude/skills/cabinet-{name}/` that teach Claude how to think about a
|
|
6
|
+
dimension of quality. It's not generic prompt engineering advice. It's
|
|
7
|
+
patterns specific to this system.
|
|
8
|
+
|
|
9
|
+
## Principles
|
|
10
|
+
|
|
11
|
+
### 1. Teach Thinking, Not Checklists
|
|
12
|
+
A good prompt gives an analytical framework — *how to reason*
|
|
13
|
+
about a domain. A bad prompt gives a list of things to grep for.
|
|
14
|
+
|
|
15
|
+
**Good:** "Think about structural sustainability — whether the codebase
|
|
16
|
+
can absorb change without accumulating hidden costs. Use Fowler's debt
|
|
17
|
+
quadrant to classify what you find."
|
|
18
|
+
|
|
19
|
+
**Bad:** "Check for: unused imports, any types, missing interfaces,
|
|
20
|
+
TODO comments, console.log statements."
|
|
21
|
+
|
|
22
|
+
The checklist approach breaks when the codebase changes. The thinking
|
|
23
|
+
approach adapts because the agent understands *why* it's looking.
|
|
24
|
+
|
|
25
|
+
### 2. Each Expert Owns a Domain
|
|
26
|
+
Every cabinet member must have a clear "Boundaries" section that
|
|
27
|
+
names which other cabinet members own adjacent concerns. This prevents
|
|
28
|
+
duplicate work and keeps each expert focused.
|
|
29
|
+
|
|
30
|
+
**Pattern:** "Mobile layout issues (that's small-screen)" /
|
|
31
|
+
"UI framework component choices (that's framework-quality)" / "Code quality
|
|
32
|
+
issues (that's technical-debt)"
|
|
33
|
+
|
|
34
|
+
When two cabinet members could plausibly flag the same thing, decide which
|
|
35
|
+
one owns it and update both prompts.
|
|
36
|
+
|
|
37
|
+
### 3. Use Authoritative External Knowledge
|
|
38
|
+
Cabinet members should go to primary sources, not rely on baked-in
|
|
39
|
+
knowledge that goes stale:
|
|
40
|
+
|
|
41
|
+
- **MCP documentation servers** — your project's framework docs via
|
|
42
|
+
MCP tools like `list_doc_sources` and `fetch_docs`
|
|
43
|
+
- **llms.txt pattern** — fetch the docs index, then drill into specific
|
|
44
|
+
pages for detail
|
|
45
|
+
- **WebSearch** — verify current standards, check for ecosystem updates
|
|
46
|
+
|
|
47
|
+
**Anti-pattern:** Embedding a static list of framework components in
|
|
48
|
+
the prompt. It goes stale when the framework updates.
|
|
49
|
+
|
|
50
|
+
**Pattern:** Instruct the agent to fetch the framework's docs index at
|
|
51
|
+
start, then consult specific component pages as needed.
|
|
52
|
+
|
|
53
|
+
### 4. Preview Tools for Runtime Evaluation
|
|
54
|
+
Cabinet members that evaluate the running app (usability, mobile,
|
|
55
|
+
accessibility, performance) should use preview tools to actually
|
|
56
|
+
interact with the app, not just read code and imagine.
|
|
57
|
+
|
|
58
|
+
Mark these cabinet members as `interactive-only: true` in frontmatter.
|
|
59
|
+
|
|
60
|
+
### 5. Observations Land on the Tool
|
|
61
|
+
Findings are about what the *tool* should do differently, not about
|
|
62
|
+
what the *user* should do differently.
|
|
63
|
+
|
|
64
|
+
Usage patterns can be *evidence* ("inbox items pile up" → the routing
|
|
65
|
+
workflow has too much friction). But the observation is about the tool.
|
|
66
|
+
|
|
67
|
+
### 6. Flag Divergence Without Presuming Direction
|
|
68
|
+
When documentation and code disagree, present both options:
|
|
69
|
+
- "Update the docs to match the code" OR
|
|
70
|
+
- "Update the code to match the documented convention"
|
|
71
|
+
|
|
72
|
+
The human decides reconciliation direction. The expert flags the gap.
|
|
73
|
+
|
|
74
|
+
### 7. Discover, Don't Prescribe
|
|
75
|
+
Agents should discover the current state rather than follow hardcoded
|
|
76
|
+
lists that go stale.
|
|
77
|
+
|
|
78
|
+
### 8. Acknowledge the Evolving System
|
|
79
|
+
Check `system-status.md` (or equivalent) and don't flag planned features
|
|
80
|
+
as missing. But *do* evaluate whether planned features are the right
|
|
81
|
+
priorities.
|
|
82
|
+
|
|
83
|
+
### 9. Deep Over Wide
|
|
84
|
+
3-5 well-researched observations with concrete evidence beat 15
|
|
85
|
+
shallow ones. Depth of research matters more than breadth.
|
|
86
|
+
|
|
87
|
+
### 10. Know Your Cabinet
|
|
88
|
+
Each cabinet member should be aware of what the others cover. The
|
|
89
|
+
shared briefing (`_briefing.md`) lists the full cabinet with committees.
|
|
90
|
+
Individual prompts should reference specific neighbors in "Boundaries."
|
|
91
|
+
|
|
92
|
+
## Cognitive Architecture Principles
|
|
93
|
+
|
|
94
|
+
These principles, derived from Daniel Levitin's *The Organized Mind*,
|
|
95
|
+
govern how the skill and cabinet member system itself is designed. They
|
|
96
|
+
apply to anyone creating or modifying skills, cabinet members, or the
|
|
97
|
+
consuming skills that invoke them. Consult the organized-mind cabinet member
|
|
98
|
+
for the full framework.
|
|
99
|
+
|
|
100
|
+
### 11. Agent Isolation as Designated Places
|
|
101
|
+
Each cabinet member runs in its own agent context — a clean cognitive space
|
|
102
|
+
free from contamination by other cabinet members' findings. This is
|
|
103
|
+
Levitin's "designated place" principle: the hippocampus encodes fixed
|
|
104
|
+
locations reliably; nomadic items get lost. A cabinet member that runs in
|
|
105
|
+
a shared, cluttered context is a nomadic item. An agent is its
|
|
106
|
+
designated place.
|
|
107
|
+
|
|
108
|
+
Consuming skills (/plan, /execute, /audit) invoke cabinet members via the
|
|
109
|
+
Agent tool, spawning them in parallel. Each agent receives: shared
|
|
110
|
+
briefing + its SKILL.md + the relevant output contract + input data.
|
|
111
|
+
Results are collected and synthesized by the main session.
|
|
112
|
+
|
|
113
|
+
### 12. Associative Access, Not Single-Path Retrieval
|
|
114
|
+
A skill or cabinet member should be findable via multiple routes — not just
|
|
115
|
+
its canonical name. This is why convening criteria exist: file patterns,
|
|
116
|
+
topic keywords, and standing-mandate declarations create multiple associative
|
|
117
|
+
pathways to the same expert lens. If the only way to find organized-mind
|
|
118
|
+
is to already know it's called "organized-mind," that's single-path
|
|
119
|
+
retrieval — the failure mode Levitin identifies.
|
|
120
|
+
|
|
121
|
+
When writing descriptions and convening criteria, optimize for
|
|
122
|
+
discoverability from multiple angles.
|
|
123
|
+
|
|
124
|
+
### 13. Functional Grouping Over Taxonomic
|
|
125
|
+
The cabinet member committees (Code & Architecture, User Experience,
|
|
126
|
+
System Health...) are taxonomic — useful for humans reading the list.
|
|
127
|
+
But when a consuming skill selects cabinet members, it thinks functionally:
|
|
128
|
+
"which lenses are relevant to *this specific change*?" The convening
|
|
129
|
+
criteria are the functional index. Both indexes coexist; neither replaces
|
|
130
|
+
the other.
|
|
131
|
+
|
|
132
|
+
When organizing skills, ask: "Would someone looking for this by *what
|
|
133
|
+
it does* find it?" not just "Is it in the right category?"
|
|
134
|
+
|
|
135
|
+
### 14. Respect the Working Memory Limit
|
|
136
|
+
Claude's context window is large but attention is finite. A checkpoint
|
|
137
|
+
that activates 7 cabinet members is viable because each runs in its own
|
|
138
|
+
agent. Within a single context, aim for 3-4 active concerns at a time.
|
|
139
|
+
Escalation logic (any block stops, 3+ conditional = block) respects
|
|
140
|
+
this by collapsing many verdicts into one decision.
|
|
141
|
+
|
|
142
|
+
### 15. The Legitimate Junk Drawer
|
|
143
|
+
Not everything fits a category. Process-therapist doesn't cleanly belong to
|
|
144
|
+
any committee. Emerging cabinet members may not have clear boundaries yet.
|
|
145
|
+
Forcing premature classification degrades the taxonomy. The
|
|
146
|
+
"uncategorized" state is legitimate infrastructure, not technical debt.
|
|
147
|
+
|
|
148
|
+
### 16. Affordances in Skill Templates
|
|
149
|
+
The template structure (Identity → Convening Criteria → Research Method
|
|
150
|
+
→ Boundaries → Calibration Examples) is itself an affordance system.
|
|
151
|
+
Each section tells the agent *how to use the skill* without needing
|
|
152
|
+
external memory. If a new skill requires reading documentation outside
|
|
153
|
+
itself to be invoked correctly, the template has failed.
|
|
154
|
+
|
|
155
|
+
### 17. Externalization Enables
|
|
156
|
+
The cabinet member cabinet isn't just a quality-checking mechanism — its
|
|
157
|
+
structure should reveal what dimensions of quality are covered and what
|
|
158
|
+
aren't. When you add a new feature area and no cabinet member covers it,
|
|
159
|
+
the cabinet's structure should make that gap visible. This is Levitin's
|
|
160
|
+
deepest claim: externalized structure doesn't just prevent errors, it
|
|
161
|
+
makes patterns visible that were invisible from the raw material.
|
|
162
|
+
|
|
163
|
+
## Skill Sizing
|
|
164
|
+
|
|
165
|
+
Skills should stay under **500 lines** in their primary SKILL.md file.
|
|
166
|
+
This isn't arbitrary — LLMs have limited attention, and shorter skills
|
|
167
|
+
get followed more reliably. (Source: Anthropic's skill-creator docs.)
|
|
168
|
+
|
|
169
|
+
**When a skill approaches 500 lines:**
|
|
170
|
+
- Extract detailed reference material to a `REFERENCE.md` file in the
|
|
171
|
+
skill's directory. The SKILL.md stays lean (core workflow), the
|
|
172
|
+
reference file holds the detail (API specs, exhaustive examples).
|
|
173
|
+
- Extract extended examples to an `EXAMPLES.md` file.
|
|
174
|
+
- Claude Code automatically loads all `.md` files in a skill's directory,
|
|
175
|
+
so the extracted files remain accessible.
|
|
176
|
+
|
|
177
|
+
**When to keep a skill large (>300 lines):**
|
|
178
|
+
- The workflow is genuinely sequential and splitting would lose context
|
|
179
|
+
that earlier steps need
|
|
180
|
+
- The skill has multiple modes that share significant setup
|
|
181
|
+
|
|
182
|
+
**When to split:**
|
|
183
|
+
- A skill has 3+ independent workflows that rarely run together
|
|
184
|
+
- Different sections serve different consumers (e.g., a reference section
|
|
185
|
+
that only one skill needs should be in a separate file)
|
|
186
|
+
|
|
187
|
+
## Behavioral Calibration Standard
|
|
188
|
+
|
|
189
|
+
Key skills should include **Without Skill (Bad) / With Skill (Good)**
|
|
190
|
+
calibration pairs — concrete scenarios showing what goes wrong without
|
|
191
|
+
the skill's guidance and how the guidance changes the outcome.
|
|
192
|
+
|
|
193
|
+
**Format:**
|
|
194
|
+
```
|
|
195
|
+
## Calibration
|
|
196
|
+
|
|
197
|
+
### Without Skill (Bad)
|
|
198
|
+
[Concrete scenario showing what goes wrong]
|
|
199
|
+
|
|
200
|
+
### With Skill (Good)
|
|
201
|
+
[Same scenario, showing how the skill's guidance changes the outcome]
|
|
202
|
+
```
|
|
203
|
+
|
|
204
|
+
Calibration examples ground the skill's instructions in reality. They're
|
|
205
|
+
especially important for skills where "following the instructions" is
|
|
206
|
+
ambiguous — a /plan that produces "vague AC" vs. one that produces
|
|
207
|
+
"testable AC" is the difference between a session that executes cleanly
|
|
208
|
+
and one that stalls.
|
|
209
|
+
|
|
210
|
+
Not every skill needs these — simple utilities (/menu) don't benefit.
|
|
211
|
+
Focus calibration on skills where miscalibration has high cost: planning,
|
|
212
|
+
execution, session lifecycle, inbox processing.
|
|
213
|
+
|
|
214
|
+
## Structural Template
|
|
215
|
+
|
|
216
|
+
Every cabinet member skill should have these sections:
|
|
217
|
+
|
|
218
|
+
```
|
|
219
|
+
---
|
|
220
|
+
name: cabinet-{name}
|
|
221
|
+
description: Rich 2-3 sentence description for ambient discovery
|
|
222
|
+
user-invocable: false
|
|
223
|
+
---
|
|
224
|
+
|
|
225
|
+
# {Name}
|
|
226
|
+
|
|
227
|
+
## Identity
|
|
228
|
+
What this expert thinks about. The analytical framework.
|
|
229
|
+
What makes this cabinet member unique.
|
|
230
|
+
|
|
231
|
+
## Convening Criteria
|
|
232
|
+
Files: glob patterns that trigger this cabinet member
|
|
233
|
+
Topics: keywords that trigger this cabinet member
|
|
234
|
+
Standing-mandate: which skill types always activate this cabinet member
|
|
235
|
+
|
|
236
|
+
## Research Method
|
|
237
|
+
Where to get information, how to investigate, what to examine.
|
|
238
|
+
Merged from Knowledge Base + What to Reason About + Paths.
|
|
239
|
+
|
|
240
|
+
## Boundaries
|
|
241
|
+
What you do NOT examine. Which other cabinet members own it.
|
|
242
|
+
|
|
243
|
+
## Calibration Examples
|
|
244
|
+
Plain-text observations (not JSON) showing the kind of things
|
|
245
|
+
this cabinet member notices.
|
|
246
|
+
```
|
|
247
|
+
|
|
248
|
+
## Common Failure Modes
|
|
249
|
+
|
|
250
|
+
1. **Checklist prompt** — Lists things to grep for instead of teaching
|
|
251
|
+
how to think. Breaks when the codebase changes.
|
|
252
|
+
2. **Stale references** — Mentions specific file paths, component names,
|
|
253
|
+
or conventions that no longer exist.
|
|
254
|
+
3. **Boundary violation** — Produces observations that another cabinet member
|
|
255
|
+
owns. Creates duplicate work.
|
|
256
|
+
4. **Static knowledge** — Embeds framework/library details that go stale.
|
|
257
|
+
Should point to live docs instead.
|
|
258
|
+
5. **Vague observations** — "This could be improved" without specific
|
|
259
|
+
evidence or assumption. Not actionable.
|
|
260
|
+
6. **Presumed direction** — "Fix this by doing X" when the right fix
|
|
261
|
+
might be updating the convention instead. Present options.
|
|
262
|
+
7. **Passive conditional** — Uses "If this session modified X" as a gate
|
|
263
|
+
without a scan mechanism. Claude is expected to remember what it did,
|
|
264
|
+
which is exactly the kind of subjective recall that produces false
|
|
265
|
+
negatives. The fix: add a `git diff --name-only` + `git status` scan
|
|
266
|
+
before the conditional, and gate on the scan output.
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
# CoR Upstream Guard — PreToolUse hook for Edit and Write tool calls
|
|
3
|
+
#
|
|
4
|
+
# Blocks modifications to files managed by Claude Cabinet. These files
|
|
5
|
+
# are upstream-owned: updates come through /cor-upgrade, not direct edits.
|
|
6
|
+
# Project-specific customization goes in briefing files and phase files.
|
|
7
|
+
#
|
|
8
|
+
# How it works:
|
|
9
|
+
# Reads .corrc.json manifest (list of CoR-installed files with hashes).
|
|
10
|
+
# If the target file_path is in the manifest, block the write.
|
|
11
|
+
#
|
|
12
|
+
# ROLLBACK: Comment out the PreToolUse entry for this hook in
|
|
13
|
+
# .claude/settings.json to disable it immediately.
|
|
14
|
+
#
|
|
15
|
+
# Hook contract:
|
|
16
|
+
# Input: $CLAUDE_TOOL_INPUT has the tool use JSON with "file_path" field
|
|
17
|
+
# Output: JSON on stdout with { "decision": "block"|"allow", "reason": "..." }
|
|
18
|
+
|
|
19
|
+
# Extract file_path from tool input
|
|
20
|
+
FILE_PATH=$(echo "$CLAUDE_TOOL_INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('file_path',''))" 2>/dev/null)
|
|
21
|
+
|
|
22
|
+
if [ -z "$FILE_PATH" ]; then
|
|
23
|
+
echo '{"decision":"allow"}'
|
|
24
|
+
exit 0
|
|
25
|
+
fi
|
|
26
|
+
|
|
27
|
+
# Find the project root (where .corrc.json lives)
|
|
28
|
+
# Walk up from current directory
|
|
29
|
+
find_project_root() {
|
|
30
|
+
local dir="$PWD"
|
|
31
|
+
while [ "$dir" != "/" ]; do
|
|
32
|
+
if [ -f "$dir/.corrc.json" ]; then
|
|
33
|
+
echo "$dir"
|
|
34
|
+
return 0
|
|
35
|
+
fi
|
|
36
|
+
dir=$(dirname "$dir")
|
|
37
|
+
done
|
|
38
|
+
return 1
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
PROJECT_ROOT=$(find_project_root)
|
|
42
|
+
|
|
43
|
+
if [ -z "$PROJECT_ROOT" ]; then
|
|
44
|
+
# No .corrc.json found — not a CoR project, allow everything
|
|
45
|
+
echo '{"decision":"allow"}'
|
|
46
|
+
exit 0
|
|
47
|
+
fi
|
|
48
|
+
|
|
49
|
+
# Resolve file_path to a relative path from project root
|
|
50
|
+
# Handle both absolute and relative paths
|
|
51
|
+
if [[ "$FILE_PATH" = /* ]]; then
|
|
52
|
+
# Absolute path — make relative to project root
|
|
53
|
+
REL_PATH="${FILE_PATH#$PROJECT_ROOT/}"
|
|
54
|
+
# If the path didn't change, the file is outside the project
|
|
55
|
+
if [ "$REL_PATH" = "$FILE_PATH" ]; then
|
|
56
|
+
echo '{"decision":"allow"}'
|
|
57
|
+
exit 0
|
|
58
|
+
fi
|
|
59
|
+
else
|
|
60
|
+
REL_PATH="$FILE_PATH"
|
|
61
|
+
fi
|
|
62
|
+
|
|
63
|
+
# Check if this relative path is in the manifest
|
|
64
|
+
IN_MANIFEST=$(python3 -c "
|
|
65
|
+
import json, sys
|
|
66
|
+
try:
|
|
67
|
+
with open('$PROJECT_ROOT/.corrc.json') as f:
|
|
68
|
+
data = json.load(f)
|
|
69
|
+
manifest = data.get('manifest', {})
|
|
70
|
+
print('yes' if '$REL_PATH' in manifest else 'no')
|
|
71
|
+
except:
|
|
72
|
+
print('no')
|
|
73
|
+
" 2>/dev/null)
|
|
74
|
+
|
|
75
|
+
if [ "$IN_MANIFEST" = "yes" ]; then
|
|
76
|
+
echo "{\"decision\":\"block\",\"reason\":\"Blocked: $REL_PATH is managed by Claude Cabinet. CoR-managed files are upstream-owned — edits come through /cor-upgrade, not direct modification. Put project-specific content in briefing files or phase files instead.\"}"
|
|
77
|
+
else
|
|
78
|
+
echo '{"decision":"allow"}'
|
|
79
|
+
fi
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
# Git Guardrails — PreToolUse hook for Bash tool calls
|
|
3
|
+
#
|
|
4
|
+
# Blocks truly destructive git operations on main. Allows routine solo-dev ops.
|
|
5
|
+
# Single enforcement point (replaces any deny list entries in settings.json).
|
|
6
|
+
#
|
|
7
|
+
# ROLLBACK: If this hook causes problems, comment out the PreToolUse entry
|
|
8
|
+
# in .claude/settings.json to disable it immediately.
|
|
9
|
+
#
|
|
10
|
+
# Hook contract:
|
|
11
|
+
# Input: $CLAUDE_TOOL_INPUT has the tool use JSON with "command" field
|
|
12
|
+
# Output: JSON on stdout with { "decision": "block"|"allow", "reason": "..." }
|
|
13
|
+
|
|
14
|
+
# Read the command from the tool input
|
|
15
|
+
COMMAND=$(echo "$CLAUDE_TOOL_INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('command',''))" 2>/dev/null)
|
|
16
|
+
|
|
17
|
+
if [ -z "$COMMAND" ]; then
|
|
18
|
+
echo '{"decision":"allow"}'
|
|
19
|
+
exit 0
|
|
20
|
+
fi
|
|
21
|
+
|
|
22
|
+
# Check if command contains git operations worth blocking
|
|
23
|
+
# Returns the block JSON if blocked, empty string if allowed
|
|
24
|
+
check_command() {
|
|
25
|
+
local cmd="$1"
|
|
26
|
+
|
|
27
|
+
# BLOCK: force push to main/master
|
|
28
|
+
if echo "$cmd" | grep -qE 'git\s+push\s+.*--force(\s|$)' && echo "$cmd" | grep -qE '\b(main|master)\b'; then
|
|
29
|
+
echo '{"decision":"block","reason":"Blocked: force push to main/master. Use --force-with-lease for safer force push, or push to a feature branch."}'
|
|
30
|
+
return
|
|
31
|
+
fi
|
|
32
|
+
|
|
33
|
+
# BLOCK: bare force push (no explicit non-main branch)
|
|
34
|
+
if echo "$cmd" | grep -qE 'git\s+push\s+(-f|--force)(\s|$)' && ! echo "$cmd" | grep -qE '--force-with-lease'; then
|
|
35
|
+
# Allow if pushing to an explicitly named non-main branch
|
|
36
|
+
if echo "$cmd" | grep -qE 'git\s+push\s+(-f|--force)\s+\S+\s+\S+' && ! echo "$cmd" | grep -qE '\b(main|master)\b'; then
|
|
37
|
+
return # explicit remote + non-main branch is OK
|
|
38
|
+
fi
|
|
39
|
+
echo '{"decision":"block","reason":"Blocked: git push --force without specifying a non-main branch. Use --force-with-lease or specify the branch explicitly."}'
|
|
40
|
+
return
|
|
41
|
+
fi
|
|
42
|
+
|
|
43
|
+
# BLOCK: git reset --hard on main
|
|
44
|
+
if echo "$cmd" | grep -qE 'git\s+reset\s+--hard'; then
|
|
45
|
+
local current_branch
|
|
46
|
+
current_branch=$(git branch --show-current 2>/dev/null)
|
|
47
|
+
if [ "$current_branch" = "main" ] || [ "$current_branch" = "master" ]; then
|
|
48
|
+
echo "{\"decision\":\"block\",\"reason\":\"Blocked: git reset --hard on $current_branch. This permanently discards commits. Switch to a feature branch first, or use git reset --soft.\"}"
|
|
49
|
+
return
|
|
50
|
+
fi
|
|
51
|
+
fi
|
|
52
|
+
|
|
53
|
+
# BLOCK: git clean -f (deletes untracked files permanently)
|
|
54
|
+
if echo "$cmd" | grep -qE 'git\s+clean\s+-[a-zA-Z]*f'; then
|
|
55
|
+
echo '{"decision":"block","reason":"Blocked: git clean -f permanently deletes untracked files. Use git clean -n (dry run) first to see what would be deleted."}'
|
|
56
|
+
return
|
|
57
|
+
fi
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
# Check the full command (handles compound commands since grep matches substrings)
|
|
61
|
+
RESULT=$(check_command "$COMMAND")
|
|
62
|
+
|
|
63
|
+
if [ -n "$RESULT" ]; then
|
|
64
|
+
echo "$RESULT"
|
|
65
|
+
else
|
|
66
|
+
echo '{"decision":"allow"}'
|
|
67
|
+
fi
|