create-hq 5.0.0

package/template/workers/content-brand/worker.yaml

@@ -0,0 +1,81 @@
+worker:
+  id: content-brand
+  name: "Content Worker - Brand Voice"
+  type: ContentWorker
+  version: "1.0"
+
+execution:
+  mode: on_demand
+  max_runtime: 5m
+
+context:
+  base:
+    - workers/public/content-brand/
+    - workers/public/content-shared/
+    - companies/example-company/knowledge/brand-guidelines.md
+    - companies/example-company/knowledge/messaging/
+  exclude:
+    - node_modules/
+    - dist/
+
+output:
+  destination: workspace/reports/content/
+  format: markdown
+  naming: "{date}-content-brand-{page}.md"
+
+skills:
+  - voice-analysis
+  - tone-check
+  - messaging-alignment
+
+instructions: |
+  Brand Voice Analyst for ExampleCo
+
+  Purpose: Ensure all content aligns with ExampleCo brand voice and messaging guidelines.
+
+  ## Analysis Process
+  1. Load page content from content/ directory (JSON format)
+  2. Extract all text (headings, paragraphs, CTAs)
+  3. Score against brand guidelines
+  4. Generate recommendations
+
+  ## Brand Voice Characteristics
+  - Professional but approachable
+  - Confident without arrogance
+  - Technical accuracy with clarity
+  - Trust-building through proof
+  - Enterprise-ready credibility
+  - Human-centered AI messaging
+
+  ## Scoring Categories
+  - Tone alignment (0-100): Does content match brand tone?
+  - Messaging consistency (0-100): Aligned with key messages?
+  - Jargon appropriateness (0-100): Right level of technical language?
+  - Overall brand score (0-100): Weighted average
+
+  ## Analysis Checklist
+  - [ ] Voice matches professional-approachable balance
+  - [ ] No overpromising or hype language
+  - [ ] Technical terms explained when needed
+  - [ ] Consistent terminology throughout
+  - [ ] Trust signals present (proof points, credentials)
+  - [ ] Human benefit emphasized over features
+
+  ## Red Flags to Identify
+  - Overly casual language ("awesome", "cool", "amazing")
+  - Aggressive sales language ("act now", "limited time")
+  - Unexplained jargon
+  - Inconsistent terminology
+  - Missing trust elements
+  - Feature-heavy without benefits
+
+  ## Output
+  Generate markdown report to workspace/reports/content/ with:
+  - Overall brand voice score
+  - Category breakdown
+  - Specific findings with evidence
+  - Prioritized recommendations
+
+  ## Knowledge Dependencies
+  - brand-guidelines.md: Core voice/tone guidelines
+  - messaging/: Key messages by audience

package/template/workers/content-legal/README.md

@@ -0,0 +1,80 @@
+# Content Worker: Regulatory Compliance
+
+Regulatory compliance analysis worker for content review.
+
+## Purpose
+
+Scans website content for regulated terms, verifies claim substantiation, and identifies missing disclaimers. Helps ensure content meets regulatory requirements for financial services and enterprise software marketing.
+
+## Skills
+
+| Skill | Description |
+|-------|-------------|
+| compliance-scan | Scan for regulated terms and language |
+| disclaimer-check | Verify required disclaimers are present |
+| claim-substantiation | Check claims have proper support |
+
+## Knowledge Sources
+
+Compliance terms and requirements are defined inline in worker.yaml to ensure they're always available and version-controlled with the worker.
+
+## Scoring Categories
+
+| Category | Weight | Description |
+|----------|--------|-------------|
+| Regulated Terms | 30% | Proper use of regulated language |
+| Disclaimers | 30% | Required disclaimers present |
+| Substantiation | 25% | Claims properly supported |
+| Risk Language | 15% | Appropriate risk disclosure |
+
+## Compliance Principles
+
+1. **Substantiate Everything** - Every claim needs backup
+2. **Disclose Appropriately** - Required disclaimers present
+3. **Avoid Absolutes** - No unqualified guarantees
+4. **Link to Proof** - Security/compliance claims need documentation
+5. **When in Doubt, Flag** - Better to over-flag for legal review
+
+## Regulated Term Categories
+
+### High-Risk (Require Documentation)
+- Security certifications (SOC 2, ISO 27001)
+- Compliance claims (HIPAA, PCI DSS, GDPR)
+- Financial guarantees
+
+### Medium-Risk (Need Context)
+- Performance claims
+- Comparative statements
+- Award references
+
+### Low-Risk (Monitor)
+- General superlatives
+- Customer testimonials
+- Feature claims
+
+## Usage
+
+```bash
+# Run via HQ
+/run content-legal --page homepage
+
+# Or directly
+cd workers/content-legal
+npx ts-node src/analyze.ts --input content/homepage.json
+```
+
+## Output
+
+Reports go to `workspace/reports/content/` with format:
+- `{date}-content-legal-{page}.md`
+
+## Disclaimer
+
+This worker provides content guidance only, not legal advice. All flagged items should be reviewed by qualified legal counsel before making decisions.
+
+## Integration
+
+Part of the Content Team worker group. Works alongside:
+- content-brand (voice consistency)
+- content-sales (conversion optimization)
+- content-product (accuracy verification)

package/template/workers/content-legal/skills/claim-substantiation.md

@@ -0,0 +1,150 @@
+# Skill: Claim Substantiation
+
+Verify that marketing claims have proper substantiation.
+
+## Input
+
+- Page content JSON
+- Available proof sources
+- Claim type classification
+
+## Process
+
+1. **Extract all claims**
+   - Performance claims
+   - Comparative claims
+   - Superlative claims
+   - Quantitative claims
+
+2. **Classify substantiation requirement**
+   - Must have proof
+   - Should have proof
+   - Nice to have proof
+
+3. **Search for substantiation**
+   - On-page evidence
+   - Linked documentation
+   - Referenced sources
+
+4. **Evaluate quality**
+   - Source credibility
+   - Data currency
+   - Methodology clarity
+
+## Substantiation Requirements by Claim Type
+
+### Must Substantiate (Legal Risk)
+
+| Claim Type | Required Proof |
+|------------|----------------|
+| "SOC 2 certified" | Audit report or trust page |
+| "X% improvement" | Customer data, methodology |
+| "#1 in category" | Third-party ranking |
+| "Award-winning" | Award citation, date |
+| Security claims | Certification documentation |
+| Regulatory compliance | Compliance documentation |
+
+### Should Substantiate (Credibility Risk)
+
+| Claim Type | Recommended Proof |
+|------------|-------------------|
+| "Leading platform" | Market share, analyst quote |
+| "Trusted by X" | Customer permission, logos |
+| "Faster than Y" | Benchmark comparison |
+| "Proven results" | Case studies, testimonials |
+| "Enterprise-grade" | Feature comparison |
+
+### Nice to Substantiate (Best Practice)
+
+| Claim Type | Optional Proof |
+|------------|----------------|
+| "Easy to use" | User testimonials |
+| "Powerful" | Feature demonstration |
+| "Modern" | Screenshots, demos |
+| "Innovative" | Feature descriptions |
+
+## Substantiation Quality Levels
+
+### Strong Substantiation
+- Third-party validation
+- Published research
+- Audited data
+- Named customer reference
+
+### Adequate Substantiation
+- Internal data with methodology
+- Multiple customer examples
+- Industry benchmarks
+- Time-bound claims
+
+### Weak Substantiation
+- Anecdotal evidence
+- Undated claims
+- Single example
+- Self-reported data
+
+### No Substantiation
+- No supporting evidence
+- Claim stands alone
+- Source not provided
+- Evidence not accessible
+
+## Red Flags
+
+| Issue | Example | Action |
+|-------|---------|--------|
+| Unqualified superlative | "Best AI platform" | Add qualifier or proof |
+| Vague percentage | "Significant improvement" | Quantify or remove |
+| Implied comparison | "Better results" | State comparison clearly |
+| Outdated proof | "2020 study shows..." | Update or remove |
+| Inaccessible source | "Research proves..." | Provide link |
+
+## Output
+
+```yaml
+claim_substantiation:
+  total_claims: 12
+  fully_substantiated: 7
+  partially_substantiated: 3
+  unsubstantiated: 2
+  score: 75
+  claims:
+    - claim: "SOC 2 Type II certified"
+      type: "security"
+      requirement: "must"
+      substantiation: "strong"
+      evidence: "Link to trust center with audit details"
+      status: "compliant"
+    - claim: "40% reduction in call volume"
+      type: "performance"
+      requirement: "must"
+      substantiation: "adequate"
+      evidence: "Case study link"
+      status: "needs_improvement"
+      issue: "Claim is absolute but based on single customer"
+      recommendation: "Change to 'up to 40%' or add more examples"
+    - claim: "Industry-leading AI"
+      type: "superlative"
+      requirement: "should"
+      substantiation: "none"
+      evidence: null
+      status: "non-compliant"
+      recommendation: "Remove claim or add analyst quote/ranking"
+    - claim: "Trusted by 500+ organizations"
+      type: "quantitative"
+      requirement: "must"
+      substantiation: "partial"
+      evidence: "Logo section shows ~20 logos"
+      status: "needs_improvement"
+      recommendation: "Ensure count is accurate and current"
+  required_actions:
+    - priority: "high"
+      claim: "Industry-leading AI"
+      action: "Substantiate or remove"
+    - priority: "medium"
+      claim: "40% reduction"
+      action: "Add qualifier 'up to'"
+    - priority: "low"
+      claim: "500+ organizations"
+      action: "Verify current count"
+```

package/template/workers/content-legal/skills/compliance-scan.md

@@ -0,0 +1,123 @@
+# Skill: Compliance Scan
+
+Scan content for regulated terms and potentially problematic language.
+
+## Input
+
+Page content JSON with all text elements.
+
+## Process
+
+1. **Tokenize content**
+   - Extract all text
+   - Identify terms and phrases
+   - Note context/location
+
+2. **Match against term lists**
+   - High-risk terms
+   - Medium-risk terms
+   - Prohibited terms
+
+3. **Evaluate context**
+   - Is term used appropriately?
+   - Is substantiation provided?
+   - Is disclaimer present?
+
+4. **Flag issues**
+   - Severity level
+   - Context
+   - Required action
+
+## Regulated Terms Database
+
+### Security/Compliance Certifications
+| Term | Risk Level | Requirement |
+|------|------------|-------------|
+| SOC 2 / SOC2 | High | Link to audit report or trust page |
+| ISO 27001 | High | Link to certification |
+| HIPAA | High | BAA availability, compliance details |
+| PCI DSS | High | Certification level, date |
+| GDPR | High | DPA availability, compliance scope |
+| CCPA | High | Privacy policy link |
+| FedRAMP | High | Authorization status |
+
+### Financial Terms
+| Term | Risk Level | Requirement |
+|------|------------|-------------|
+| FDIC | High | Only if actually FDIC insured |
+| NCUA | High | Only if actually NCUA insured |
+| Guaranteed | High | Conditions must be stated |
+| Risk-free | Prohibited | Cannot use for financial products |
+| Insured | High | Proof of insurance required |
+
+### Performance Claims
+| Term | Risk Level | Requirement |
+|------|------------|-------------|
+| Best / #1 | Medium | Third-party validation |
+| Fastest | Medium | Benchmark data |
+| Leading | Medium | Market data or remove |
+| Proven | Medium | Proof required |
+| Award-winning | Low | Award citation |
+
+### Absolute Terms
+| Term | Risk Level | Requirement |
+|------|------------|-------------|
+| Always | High | Rarely accurate, avoid |
+| Never | High | Rarely accurate, avoid |
+| 100% | High | Must be literally true |
+| Guaranteed | High | Conditions required |
+| Ensures | Medium | Context needed |
+
+## Context Evaluation
+
+### Acceptable Usage
+- "SOC 2 Type II certified" + link to trust center
+- "HIPAA-compliant" + BAA available statement
+- "Up to 40% faster" + methodology note
+
+### Unacceptable Usage
+- "SOC 2 compliant" with no documentation link
+- "HIPAA certified" (HIPAA has no certification)
+- "Guaranteed results" with no conditions
+
+## Output
+
+```yaml
+compliance_scan:
+  total_terms_found: 15
+  high_risk: 4
+  medium_risk: 6
+  low_risk: 5
+  issues: 3
+  findings:
+    - term: "SOC 2 Type II"
+      location: "Security section"
+      risk: "high"
+      status: "compliant"
+      note: "Links to trust center"
+    - term: "HIPAA certified"
+      location: "Healthcare page hero"
+      risk: "high"
+      status: "non-compliant"
+      issue: "HIPAA has no certification; misleading term"
+      recommendation: "Change to 'HIPAA-compliant' and link to BAA"
+    - term: "guaranteed"
+      location: "Pricing section"
+      risk: "high"
+      status: "non-compliant"
+      issue: "No conditions stated"
+      recommendation: "Add 'subject to terms' or remove"
+    - term: "fastest"
+      location: "Features section"
+      risk: "medium"
+      status: "unsubstantiated"
+      issue: "No benchmark provided"
+      recommendation: "Add benchmark source or use 'faster'"
+  required_actions:
+    - severity: "high"
+      item: "Fix 'HIPAA certified' language"
+    - severity: "high"
+      item: "Add conditions to guarantee"
+    - severity: "medium"
+      item: "Substantiate 'fastest' claim"
+```

package/template/workers/content-legal/skills/disclaimer-check.md

@@ -0,0 +1,146 @@
+# Skill: Disclaimer Check
+
+Verify required disclaimers are present and properly formatted.
+
+## Input
+
+- Page content JSON
+- Claim types found on page
+- Page type/context
+
+## Process
+
+1. **Identify required disclaimers**
+   - Based on claims made
+   - Based on page type
+   - Based on industry
+
+2. **Search for disclaimers**
+   - Footer content
+   - Inline disclaimers
+   - Linked pages
+
+3. **Evaluate completeness**
+   - All required present?
+   - Properly formatted?
+   - Appropriately placed?
+
+4. **Flag missing/incomplete**
+   - Missing disclaimers
+   - Incomplete disclaimers
+   - Poorly placed disclaimers
+
+## Required Disclaimers by Claim Type
+
+### Security/Compliance Claims
+| Claim | Required Disclaimer |
+|-------|---------------------|
+| SOC 2 | Link to trust/security page |
+| HIPAA | BAA availability statement |
+| Encryption | Technical details or link |
+| "Secure" | Security measures link |
+
+### Performance Claims
+| Claim | Required Disclaimer |
+|-------|---------------------|
+| % improvement | "Results may vary" + methodology |
+| Speed claims | Benchmark conditions |
+| ROI claims | Sample size, time period |
+| Customer results | "Individual results may vary" |
+
+### Financial Content
+| Context | Required Disclaimer |
+|---------|---------------------|
+| Pricing page | Terms and conditions link |
+| ROI calculator | "Estimates only" |
+| Cost comparison | Assumptions stated |
+| Free trial | What happens after trial |
+
+### Testimonials
+| Type | Required Disclaimer |
+|------|---------------------|
+| Customer quote | Attribution |
+| Case study | Customer permission |
+| Results cited | Verification available |
+| Video testimonial | Disclosure if compensated |
+
+### General Website
+| Page Type | Required Elements |
+|-----------|-------------------|
+| All pages | Privacy policy link |
+| All pages | Terms of service link |
+| Cookie use | Cookie consent/policy |
+| Forms | Data use statement |
+
+## Disclaimer Placement Guidelines
+
+### Acceptable Placement
+- Adjacent to claim
+- Footer with clear link
+- Dedicated disclosure page (linked)
+- Tooltip/hover text
+
+### Unacceptable Placement
+- Buried in unrelated content
+- Tiny/illegible text
+- Multiple clicks away
+- No placement at all
+
+## Disclaimer Format Requirements
+
+### Must Include
+- Clear language
+- Reasonable font size
+- Visible contrast
+- Accessible location
+
+### Should Avoid
+- Legalese
+- Excessive length
+- Hidden visibility
+- Misdirection
+
+## Output
+
+```yaml
+disclaimer_check:
+  required: 8
+  present: 5
+  missing: 3
+  incomplete: 1
+  score: 62
+  inventory:
+    - disclaimer: "Privacy policy link"
+      required: true
+      present: true
+      location: "Footer"
+      status: "compliant"
+    - disclaimer: "Results may vary"
+      required: true
+      present: false
+      trigger: "40% efficiency improvement claim"
+      location: null
+      status: "missing"
+      recommendation: "Add disclaimer near performance claim"
+    - disclaimer: "Security documentation link"
+      required: true
+      present: true
+      location: "Footer"
+      status: "incomplete"
+      issue: "Links to generic page, not specific security docs"
+      recommendation: "Link directly to trust center"
+    - disclaimer: "Cookie consent"
+      required: true
+      present: false
+      trigger: "Website uses cookies"
+      location: null
+      status: "missing"
+      recommendation: "Add cookie consent banner"
+  required_actions:
+    - priority: "high"
+      action: "Add 'results may vary' to performance claims"
+    - priority: "high"
+      action: "Implement cookie consent"
+    - priority: "medium"
+      action: "Update security link to trust center"
+```

package/template/workers/content-legal/worker.yaml

@@ -0,0 +1,118 @@
+worker:
+  id: content-legal
+  name: "Content Worker - Regulatory Compliance"
+  type: ContentWorker
+  version: "1.0"
+
+execution:
+  mode: on_demand
+  max_runtime: 5m
+
+context:
+  base:
+    - workers/public/content-legal/
+    - workers/public/content-shared/
+  exclude:
+    - node_modules/
+    - dist/
+
+output:
+  destination: workspace/reports/content/
+  format: markdown
+  naming: "{date}-content-legal-{page}.md"
+
+skills:
+  - compliance-scan
+  - disclaimer-check
+  - claim-substantiation
+
+instructions: |
+  Regulatory Compliance Analyst
+
+  Purpose: Flag regulated terms, verify claim substantiation, and identify missing disclaimers.
+
+  ## Analysis Process
+  1. Load page content from content/ directory
+  2. Scan for regulated terms and claims
+  3. Check for required disclaimers
+  4. Verify claim substantiation
+  5. Flag compliance issues
+
+  ## Scoring Categories
+  - Regulated terms (0-100): Proper use of regulated language
+  - Disclaimers (0-100): Required disclaimers present
+  - Substantiation (0-100): Claims properly supported
+  - Risk language (0-100): Appropriate risk disclosure
+
+  ## Regulated Terms (Financial Services)
+
+  ### High-Risk Terms (Require Substantiation)
+  - "Guaranteed"
+  - "Risk-free"
+  - "Secure" / "Security"
+  - "Compliant" / "Compliance"
+  - "FDIC" / "NCUA"
+  - "SOC 2" / "SOC2"
+  - "HIPAA"
+  - "PCI DSS" / "PCI"
+  - "GDPR"
+  - "ISO 27001"
+
+  ### Claim Terms (Need Proof)
+  - "Best" / "Leading" / "#1"
+  - "Fastest" / "Most efficient"
+  - "Proven" / "Trusted"
+  - "Award-winning"
+  - Specific percentages
+  - ROI claims
+  - Time savings claims
+
+  ### Prohibited/Restricted Terms
+  - "Guarantee" (without conditions)
+  - "No risk" (for financial products)
+  - "Always" / "Never" (absolute claims)
+  - Competitor names (in comparisons)
+
+  ## Required Disclaimers
+
+  ### Security Claims
+  - Link to security/trust page
+  - Certification details available
+  - Date of last audit
+
+  ### Performance Claims
+  - "Results may vary"
+  - Sample size/methodology
+  - Time period specified
+
+  ### Financial Claims
+  - Not financial advice
+  - Past performance disclaimer
+  - Risk acknowledgment
+
+  ## Compliance Checklist
+  - [ ] No unsubstantiated guarantees
+  - [ ] Security claims link to documentation
+  - [ ] Compliance certifications verifiable
+  - [ ] Performance claims have context
+  - [ ] Required disclaimers present
+  - [ ] No misleading comparisons
+  - [ ] Testimonials have disclosure
+
+  ## Red Flags
+  - Absolute guarantees without conditions
+  - Security claims without certification proof
+  - Compliance claims without documentation
+  - Missing privacy policy links
+  - Testimonials without disclosure
+  - Competitor disparagement
+
+  ## Output
+  Generate markdown report with:
+  - Compliance score by category
+  - Flagged terms with context
+  - Missing disclaimers
+  - Recommendations for compliance
+
+  ## Note
+  This is content guidance, not legal advice. All flagged items should be reviewed by legal counsel.