docguard-cli 0.9.8 → 0.9.10

package/cli/shared-ignore.mjs

@@ -0,0 +1,76 @@
+/**
+ * Shared Ignore Utility — Unified file filtering for all validators.
+ *
+ * Provides consistent glob matching for config ignore arrays:
+ *   - config.ignore        (global — all validators)
+ *   - config.securityIgnore (security validator only)
+ *   - config.todoIgnore     (TODO-tracking validator only)
+ *
+ * Supports exact paths AND glob patterns:
+ *   - "src/foo.ts"           → exact match
+ *   - "packages/cdk/**"      → match any file under packages/cdk/
+ *   - "backend/src/__tests__/**" → match any file under that path
+ *   - "*.test.ts"            → match files ending in .test.ts
+ *
+ * Zero NPM dependencies — pure Node.js built-ins only.
+ */
+
+/**
+ * Convert a glob pattern to a RegExp.
+ * Supports: * (any chars except /), ** (any path segments), . (literal dot).
+ *
+ * @param {string} pattern - Glob pattern
+ * @returns {RegExp}
+ */
+function globToRegex(pattern) {
+  const escaped = pattern
+    .replace(/\./g, '\\.')
+    .replace(/\*\*/g, '§§')     // temp placeholder for **
+    .replace(/\*/g, '[^/]*')
+    .replace(/§§/g, '.*');
+  // Match if the relative path:
+  //   - equals the pattern exactly
+  //   - ends with /pattern
+  //   - starts with pattern/
+  //   - contains /pattern/
+  return new RegExp(`^${escaped}$|/${escaped}$|^${escaped}/|/${escaped}/`);
+}
+
+/**
+ * Build a filter function from an array of glob patterns.
+ * Returns a function that returns true if a relative path should be SKIPPED.
+ *
+ * @param {string[]} patterns - Glob patterns (from config.ignore, config.securityIgnore, etc.)
+ * @returns {(relPath: string) => boolean} - true if file should be ignored
+ */
+export function buildIgnoreFilter(patterns = []) {
+  if (!patterns || patterns.length === 0) return () => false;
+
+  const regexes = patterns.map(p => globToRegex(p));
+  return (relPath) => regexes.some(regex => regex.test(relPath));
+}
+
+/**
+ * Check if a relative path should be ignored by BOTH
+ * global ignore + validator-specific ignore.
+ *
+ * @param {string} relPath - Relative file path (e.g., "backend/src/__tests__/foo.test.ts")
+ * @param {object} config - DocGuard config object
+ * @param {string} [validatorKey] - Optional validator-specific key (e.g., 'securityIgnore', 'todoIgnore')
+ * @returns {boolean} - true if file should be skipped
+ */
+export function shouldIgnore(relPath, config, validatorKey) {
+  // Check global ignore
+  if (config.ignore && config.ignore.length > 0) {
+    const globalFilter = buildIgnoreFilter(config.ignore);
+    if (globalFilter(relPath)) return true;
+  }
+
+  // Check validator-specific ignore
+  if (validatorKey && config[validatorKey] && config[validatorKey].length > 0) {
+    const validatorFilter = buildIgnoreFilter(config[validatorKey]);
+    if (validatorFilter(relPath)) return true;
+  }
+
+  return false;
+}

package/cli/validators/architecture.mjs

@@ -10,10 +10,14 @@
  * - Circular dependencies (A → B → A)
  * - Layer boundary violations (routes importing from routes, etc.)
  * - Orphan modules (code files with 0 inbound imports)
+ *
+ * Respects config.ignore (global) for file filtering.
+ * Uses shared-ignore.mjs for consistent filtering (Constitution IV, v1.1.0).
  */
 
 import { existsSync, readFileSync, readdirSync, statSync } from 'node:fs';
 import { resolve, join, extname, relative, dirname, basename } from 'node:path';
+import { shouldIgnore } from '../shared-ignore.mjs';
 
 const IGNORE_DIRS = new Set([
   'node_modules', '.git', '.next', 'dist', 'build',
@@ -33,7 +37,7 @@ export function validateArchitecture(projectDir, config) {
   }
 
   // ── 2. Auto-detect import graph ──
-  const importGraph = buildImportGraph(projectDir);
+  const importGraph = buildImportGraph(projectDir, config);
   if (importGraph.files.length === 0) return results;
 
   // ── 3. Detect circular dependencies ──
@@ -84,7 +88,7 @@ function validateConfigLayers(projectDir, config, layers, results) {
     const layerDir = resolve(projectDir, dir);
     if (!existsSync(layerDir)) continue;
 
-    const files = getFilesRecursive(layerDir);
+    const files = getFilesRecursive(layerDir, config, projectDir);
     for (const file of files) {
       if (!CODE_EXTENSIONS.has(extname(file))) continue;
 
@@ -110,14 +114,18 @@ function validateConfigLayers(projectDir, config, layers, results) {
 
 // ── Import Graph Builder ────────────────────────────────────────────────────
 
-function buildImportGraph(projectDir) {
+function buildImportGraph(projectDir, config) {
   const graph = { files: [], edges: [], fileMap: new Map() };
 
-  const allFiles = getFilesRecursive(projectDir);
+  const allFiles = getFilesRecursive(projectDir, config, projectDir);
   const codeFiles = allFiles.filter(f => CODE_EXTENSIONS.has(extname(f)));
 
   for (const file of codeFiles) {
     const relPath = relative(projectDir, file);
+
+    // Skip files in ignored directories (config.ignore)
+    if (config && shouldIgnore(relPath, config)) continue;
+
     graph.files.push(relPath);
 
     try {
@@ -355,7 +363,7 @@ function getFileLayer(filePath, layerDirMap) {
 
 // ── Utilities ───────────────────────────────────────────────────────────────
 
-function getFilesRecursive(dir) {
+function getFilesRecursive(dir, config, projectDir) {
   const results = [];
   if (!existsSync(dir)) return results;
 
@@ -366,11 +374,18 @@ function getFilesRecursive(dir) {
 
   for (const entry of entries) {
     if (IGNORE_DIRS.has(entry) || entry.startsWith('.')) continue;
+
+    // Check config.ignore for this directory
+    if (config && projectDir) {
+      const relPath = relative(projectDir, join(dir, entry));
+      if (shouldIgnore(relPath, config)) continue;
+    }
+
     const fullPath = join(dir, entry);
     try {
       const stat = statSync(fullPath);
       if (stat.isDirectory()) {
-        results.push(...getFilesRecursive(fullPath));
+        results.push(...getFilesRecursive(fullPath, config, projectDir));
       } else {
         results.push(fullPath);
       }

package/cli/validators/doc-quality.mjs

@@ -18,7 +18,7 @@
  *
  * Optional: If `understanding` CLI is installed, runs a full 31-metric deep scan.
  *
- * Zero dependencies — pure Node.js built-ins only.
+ * Zero NPM runtime dependencies — pure Node.js built-ins only.
  */
 
 import { existsSync, readFileSync, readdirSync, statSync } from 'node:fs';

package/cli/validators/docs-diff.mjs

@@ -4,10 +4,14 @@
  * Runs as part of `docguard guard` on every invocation.
  * Detects undocumented code artifacts and documented items not found in code.
  * Returns warnings (not errors) since drift is a soft signal.
+ *
+ * Respects config.ignore and config.testPatterns for test file discovery.
+ * Uses shared-ignore.mjs for consistent filtering (Constitution IV, v1.1.0).
  */
 
 import { existsSync, readFileSync, readdirSync, statSync } from 'node:fs';
-import { resolve, join, extname, basename } from 'node:path';
+import { resolve, join, extname, basename, relative } from 'node:path';
+import { shouldIgnore, buildIgnoreFilter } from '../shared-ignore.mjs';
 
 const IGNORE_DIRS = new Set([
   'node_modules', '.git', '.next', 'dist', 'build',
@@ -32,7 +36,7 @@ export function validateDocsDiff(projectDir, config) {
   const checks = [
     diffTechStack(projectDir),
     diffEnvVars(projectDir),
-    diffTests(projectDir),
+    diffTests(projectDir, config),
   ];
 
   for (const result of checks) {
@@ -131,7 +135,13 @@ function diffEnvVars(dir) {
   };
 }
 
-function diffTests(dir) {
+/**
+ * Diff test files between TEST-SPEC.md and actual code.
+ * Uses config.testPatterns if available, otherwise falls back to
+ * scanning standard test directories.
+ * Always ignores node_modules via shared ignore filter.
+ */
+function diffTests(dir, config) {
   const testSpecPath = resolve(dir, 'docs-canonical/TEST-SPEC.md');
   if (!existsSync(testSpecPath)) return null;
 
@@ -144,13 +154,30 @@ function diffTests(dir) {
   }
 
   const codeTests = new Set();
-  const testDirs = ['tests', 'test', '__tests__', 'spec', 'e2e'];
-  for (const td of testDirs) {
-    const testDir = resolve(dir, td);
-    if (!existsSync(testDir)) continue;
-    const files = getFilesRecursive(testDir);
-    for (const f of files) {
-      codeTests.add(f.replace(dir + '/', ''));
+
+  // Use testPatterns from config if available
+  const testPatterns = config?.testPatterns || [];
+  if (testPatterns.length > 0) {
+    // Use configured patterns to find test files
+    const patternFilter = buildIgnoreFilter(testPatterns.map(p => {
+      // Invert the pattern: we WANT files matching these patterns
+      return p;
+    }));
+    // Walk the project and collect matching test files
+    const allTestFiles = getTestFilesFromPatterns(dir, testPatterns, config);
+    for (const f of allTestFiles) {
+      codeTests.add(f);
+    }
+  } else {
+    // Fall back to standard test directories
+    const testDirs = ['tests', 'test', '__tests__', 'spec', 'e2e'];
+    for (const td of testDirs) {
+      const testDir = resolve(dir, td);
+      if (!existsSync(testDir)) continue;
+      const files = getFilesRecursive(testDir, config);
+      for (const f of files) {
+        codeTests.add(f.replace(dir + '/', ''));
+      }
     }
   }
 
@@ -163,7 +190,47 @@ function diffTests(dir) {
   };
 }
 
-function getFilesRecursive(dir) {
+/**
+ * Find test files matching configured testPatterns.
+ * Walks the project tree, skipping node_modules and ignored dirs.
+ */
+function getTestFilesFromPatterns(dir, patterns, config) {
+  const results = [];
+  const testFileRegex = /\.(test|spec)\.(mjs|cjs|[jt]sx?)$/;
+
+  function walk(currentDir) {
+    let entries;
+    try { entries = readdirSync(currentDir); } catch { return; }
+
+    for (const entry of entries) {
+      if (IGNORE_DIRS.has(entry) || entry.startsWith('.')) continue;
+      const fullPath = join(currentDir, entry);
+      try {
+        const stat = statSync(fullPath);
+        if (stat.isDirectory()) {
+          walk(fullPath);
+        } else if (stat.isFile()) {
+          const relPath = relative(dir, fullPath);
+          // Skip files in ignored paths
+          if (config && shouldIgnore(relPath, config)) continue;
+          // Check if it matches test file naming patterns
+          if (testFileRegex.test(entry) || /__(tests|test)__/.test(relPath)) {
+            // Check if it matches any of the configured test patterns
+            const patternFilter = buildIgnoreFilter(patterns);
+            if (patternFilter(relPath)) {
+              results.push(relPath);
+            }
+          }
+        }
+      } catch { /* skip */ }
+    }
+  }
+
+  walk(dir);
+  return results;
+}
+
+function getFilesRecursive(dir, config) {
   const results = [];
   if (!existsSync(dir)) return results;
   let entries;
@@ -175,7 +242,7 @@ function getFilesRecursive(dir) {
     try {
       const stat = statSync(fullPath);
       if (stat.isDirectory()) {
-        results.push(...getFilesRecursive(fullPath));
+        results.push(...getFilesRecursive(fullPath, config));
       } else if (stat.isFile() && CODE_EXTENSIONS.has(extname(fullPath))) {
         results.push(fullPath);
       }

package/cli/validators/schema-sync.mjs

@@ -6,7 +6,7 @@
  *
  * Supported: Prisma, Drizzle, Sequelize, TypeORM, Knex, Django, Rails
  *
- * Zero dependencies — pure Node.js built-ins only.
+ * Zero NPM runtime dependencies — pure Node.js built-ins only.
  */
 
 import { existsSync, readFileSync, readdirSync, statSync } from 'node:fs';

package/cli/validators/security.mjs

@@ -1,9 +1,13 @@
 /**
  * Security Validator — Basic checks for secrets in code
+ *
+ * Respects config.securityIgnore (glob patterns) and config.ignore (global).
+ * Uses shared-ignore.mjs for consistent filtering (Constitution IV, v1.1.0).
  */
 
 import { existsSync, readFileSync, readdirSync, statSync } from 'node:fs';
 import { resolve, join, extname } from 'node:path';
+import { shouldIgnore } from '../shared-ignore.mjs';
 
 const CODE_EXTENSIONS = new Set([
   '.js', '.mjs', '.cjs', '.ts', '.tsx', '.jsx',
@@ -26,6 +30,30 @@ const SECRET_PATTERNS = [
   { pattern: /(?:sk-|sk_live_|sk_test_)[a-zA-Z0-9]{20,}/g, label: 'API secret key (Stripe/OpenAI pattern)' },
 ];
 
+// Known-safe placeholder/example values that should never be flagged
+const SAFE_PATTERNS = [
+  /EXAMPLE/i,                           // AWS docs example keys contain "EXAMPLE"
+  /placeholder\s*=\s*["']/i,           // HTML placeholder attributes
+  /example\s*:/i,                       // OpenAPI example: blocks
+  /['"]password123['"]/,               // Common test fixture value
+  /\/\/\s*example/i,                    // Code comments with "example"
+  /<!--.*-->/,                          // HTML comments
+];
+
+/**
+ * Check if a match line is a known-safe placeholder/example.
+ * @param {string} line - The full source line containing the match
+ * @param {string} matchStr - The matched string
+ * @returns {boolean} - true if this is a safe/placeholder value
+ */
+function isSafePlaceholder(line, matchStr) {
+  // Check if the matched string itself contains "EXAMPLE"
+  if (/EXAMPLE/i.test(matchStr)) return true;
+
+  // Check if the source line matches any safe pattern
+  return SAFE_PATTERNS.some(p => p.test(line));
+}
+
 export function validateSecurity(projectDir, config) {
   const results = { name: 'security', errors: [], warnings: [], passed: 0, total: 0 };
 
@@ -40,13 +68,33 @@ export function validateSecurity(projectDir, config) {
     // Skip .env.example — it should have placeholder values
     if (filePath.endsWith('.env.example')) return;
 
-    const content = readFileSync(filePath, 'utf-8');
     const relPath = filePath.replace(projectDir + '/', '');
 
+    // Apply config ignore patterns (securityIgnore + global ignore)
+    if (shouldIgnore(relPath, config, 'securityIgnore')) return;
+
+    const content = readFileSync(filePath, 'utf-8');
+    const lines = content.split('\n');
+
     for (const { pattern, label } of SECRET_PATTERNS) {
       pattern.lastIndex = 0;
       const match = pattern.exec(content);
       if (match) {
+        // Find the line containing this match for context-aware filtering
+        const matchPos = match.index;
+        let charCount = 0;
+        let matchLine = '';
+        for (const line of lines) {
+          charCount += line.length + 1; // +1 for newline
+          if (charCount > matchPos) {
+            matchLine = line;
+            break;
+          }
+        }
+
+        // Skip known-safe placeholder/example values
+        if (isSafePlaceholder(matchLine, match[0])) continue;
+
         findings.push({ file: relPath, label, match: match[0].substring(0, 30) + '...' });
       }
     }

package/cli/validators/todo-tracking.mjs

@@ -6,14 +6,18 @@
  *
  * Also detects skipped tests without explanation.
  *
+ * Respects config.todoIgnore (glob patterns) and config.ignore (global).
+ * Uses shared-ignore.mjs for consistent filtering (Constitution IV, v1.1.0).
+ *
  * Inspired by spec-kit-cleanup (github.com/dsrednicki/spec-kit-cleanup)
  * which uses tiered issue classification for code hygiene.
  *
- * Zero dependencies — pure Node.js built-ins only.
+ * Zero NPM runtime dependencies — pure Node.js built-ins only.
  */
 
 import { existsSync, readFileSync, readdirSync, statSync } from 'node:fs';
 import { resolve, join, relative, extname } from 'node:path';
+import { shouldIgnore } from '../shared-ignore.mjs';
 
 const IGNORE_DIRS = new Set([
   'node_modules', '.git', '.next', 'dist', 'build', 'coverage',
@@ -78,14 +82,14 @@ export function validateTodoTracking(projectDir, config) {
 /**
  * Scan test files for skip/todo patterns without adjacent explanation comments.
  */
-function checkSkippedTests(projectDir) {
+function checkSkippedTests(projectDir, config) {
   const errors = [];
   const warnings = [];
   let passed = 0;
   let total = 0;
 
   const testFiles = [];
-  findTestFiles(projectDir, projectDir, testFiles);
+  findTestFiles(projectDir, projectDir, testFiles, config);
 
   if (testFiles.length === 0) return { errors, warnings, passed, total };
 
@@ -161,7 +165,7 @@ function checkUntrackedTodos(projectDir, config) {
 
   // Collect all TODO/FIXME items from source
   const todos = [];
-  findTodos(projectDir, projectDir, todos);
+  findTodos(projectDir, projectDir, todos, config);
 
   if (todos.length === 0) {
     // No TODOs found — that's clean code
@@ -177,11 +181,26 @@ function checkUntrackedTodos(projectDir, config) {
   let untrackedCount = 0;
 
   for (const todo of todos) {
-    // Check if the TODO text appears somewhere in tracking docs
-    const isTracked = trackingContent.some(doc =>
-      doc.content.includes(todo.keyword) ||
-      doc.content.toLowerCase().includes(todo.text.toLowerCase().trim().substring(0, 30))
-    );
+    // Check if the TODO is tracked in documentation
+    // Improved matching: check full text AND file location context
+    const isTracked = trackingContent.some(doc => {
+      const content = doc.content;
+      const contentLower = content.toLowerCase();
+      const todoTextLower = todo.text.toLowerCase().trim();
+
+      // Match 1: Full TODO text appears in the doc (at least 20 chars or full text)
+      const searchText = todoTextLower.length > 20
+        ? todoTextLower.substring(0, 40)
+        : todoTextLower;
+      const hasText = contentLower.includes(searchText);
+
+      // Match 2: File location appears nearby in the doc
+      const hasLocation = content.includes(todo.file) ||
+        content.includes(`${todo.file}:${todo.line}`);
+
+      // Either the full text matches, or the file location is referenced with partial text
+      return (hasText && hasLocation) || (hasText && todoTextLower.length > 30);
+    });
 
     if (!isTracked) {
       untrackedCount++;
@@ -231,7 +250,7 @@ function loadTrackingDocs(projectDir, config) {
 
 // ──── File Scanners ────────────────────────────────────────────────────────
 
-function findTestFiles(rootDir, dir, files) {
+function findTestFiles(rootDir, dir, files, config) {
   let entries;
   try { entries = readdirSync(dir); } catch { return; }
 
@@ -244,7 +263,7 @@ function findTestFiles(rootDir, dir, files) {
     try { stat = statSync(full); } catch { continue; }
 
     if (stat.isDirectory()) {
-      findTestFiles(rootDir, full, files);
+      findTestFiles(rootDir, full, files, config);
     } else {
       const ext = extname(entry).toLowerCase();
       if (!TEST_EXTENSIONS.has(ext)) continue;
@@ -252,13 +271,16 @@ function findTestFiles(rootDir, dir, files) {
       // Match test file patterns
       if (/\.(test|spec)\.(mjs|cjs|[jt]sx?)$/.test(entry) ||
           /__(tests|test)__/.test(relative(rootDir, full))) {
-        files.push(relative(rootDir, full));
+        const relPath = relative(rootDir, full);
+        // Apply config ignore patterns (todoIgnore + global ignore)
+        if (config && shouldIgnore(relPath, config, 'todoIgnore')) continue;
+        files.push(relPath);
       }
     }
   }
 }
 
-function findTodos(rootDir, dir, todos) {
+function findTodos(rootDir, dir, todos, config) {
   let entries;
   try { entries = readdirSync(dir); } catch { return; }
 
@@ -271,16 +293,20 @@ function findTodos(rootDir, dir, todos) {
     try { stat = statSync(full); } catch { continue; }
 
     if (stat.isDirectory()) {
-      findTodos(rootDir, full, todos);
+      findTodos(rootDir, full, todos, config);
     } else {
       const ext = extname(entry).toLowerCase();
       if (!SOURCE_EXTENSIONS.has(ext)) continue;
 
+      const relPath = relative(rootDir, full);
+
+      // Apply config ignore patterns (todoIgnore + global ignore)
+      if (config && shouldIgnore(relPath, config, 'todoIgnore')) continue;
+
       let content;
       try { content = readFileSync(full, 'utf-8'); } catch { continue; }
 
       const lines = content.split('\n');
-      const relPath = relative(rootDir, full);
 
       for (let i = 0; i < lines.length; i++) {
         if (TODO_PATTERN.test(lines[i])) {

package/extensions/spec-kit-docguard/extension.yml

@@ -3,8 +3,8 @@ schema_version: "1.0"
 extension:
   id: "docguard"
   name: "DocGuard — CDD Enforcement"
-  version: "0.9.8"
-  description: "Canonical-Driven Development enforcement with enterprise-grade AI skills. 19 automated validators, structured research workflows, quality validation loops, and spec-kit integration hooks. Zero dependencies."
+  version: "0.9.9"
+  description: "Canonical-Driven Development enforcement as a true spec-kit extension. LLM-first design with 19 automated validators, 4 AI behavior skills, spec-kit skill chaining, and workflow hooks. Zero NPM runtime dependencies."
   author: "Ricardo Accioly"
   repository: "https://github.com/raccioly/docguard"
   license: "MIT"
@@ -12,12 +12,16 @@ extension:
 
 requires:
   speckit_version: ">=0.1.0"
+  framework: "spec-kit"  # DocGuard builds on spec-kit conventions (.specify/, skills, constitution)
   tools:
     - name: "node"
       required: true
       version: ">=18.0.0"
     - name: "npx"
       required: true
+    - name: "specify"
+      required: false
+      description: "Spec Kit CLI — enables auto-initialization of SDD workflow during docguard init"
 
 provides:
   commands:

package/extensions/spec-kit-docguard/skills/docguard-fix/SKILL.md

@@ -6,9 +6,10 @@ description: AI-driven documentation repair with structured research workflow, t
 compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
 metadata:
   author: docguard
-  version: 0.9.5
+  version: 0.9.9
   source: extensions/spec-kit-docguard/skills/docguard-fix
 ---
+<!-- docguard:version: 0.9.9 -->
 
 # DocGuard Fix Skill
 

package/extensions/spec-kit-docguard/skills/docguard-guard/SKILL.md

@@ -7,9 +7,10 @@ description: Run DocGuard guard validation against Canonical-Driven Development
 compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
 metadata:
   author: docguard
-  version: 0.9.5
+  version: 0.9.9
   source: extensions/spec-kit-docguard/skills/docguard-guard
 ---
+<!-- docguard:version: 0.9.9 -->
 
 # DocGuard Guard Skill
 
@@ -155,12 +156,16 @@ Present the user with options:
 - **Track progress** — if user runs guard multiple times, compare before/after
 - If user provides `$ARGUMENTS` like "just structure" or "only security", filter report to those validators
 
-## Integration with Spec Kit
+## Integration with Spec Kit (Extension-First)
 
-If this project has `.specify/` directory (spec-kit enabled):
+DocGuard is a spec-kit extension. When this project has a `.specify/` directory:
+- Read `.specify/memory/constitution.md` for project principles that constrain documentation
 - Include Spec-Kit validator results in the triage
 - Cross-reference spec quality issues with `specs/*/spec.md` file paths
-- Suggest `/speckit.analyze` if spec-related findings exceed 3
+- When specification issues found → suggest `/speckit.specify` or `/speckit.clarify`
+- When architecture gaps found → suggest `/speckit.plan`
+- When cross-artifact inconsistencies exceed 3 → suggest `/speckit.analyze`
+- When no constitution exists → suggest `/speckit.constitution` as first step
 
 ## Context
 

package/extensions/spec-kit-docguard/skills/docguard-review/SKILL.md

@@ -6,9 +6,10 @@ description: Cross-document consistency analysis and quality assessment. Perform
 compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
 metadata:
   author: docguard
-  version: 0.9.5
+  version: 0.9.9
   source: extensions/spec-kit-docguard/skills/docguard-review
 ---
+<!-- docguard:version: 0.9.9 -->
 
 # DocGuard Review Skill
 
@@ -163,7 +164,10 @@ Output a structured markdown report (do NOT write to disk):
 
 Based on findings:
 - **If CRITICAL issues**: "Run `/docguard.fix --doc [name]` to resolve blocking issues"
+- **If spec-related gaps**: "Run `/speckit.specify` to update specifications" or "/speckit.clarify to resolve ambiguities"
+- **If architecture drift**: "Run `/speckit.plan` to realign implementation plan with codebase"
 - **If only LOW/MEDIUM**: "Documentation is healthy. Consider `/docguard.fix` for polish"
+- **If constitution missing**: "Run `/speckit.constitution` to establish project principles"
 - **If all clean**: "Documentation is excellent. No action needed."
 
 Ask: "Would you like me to fix the top N issues? (I'll show you what I plan to change before applying)"

package/extensions/spec-kit-docguard/skills/docguard-score/SKILL.md

@@ -6,9 +6,10 @@ description: CDD maturity assessment with category-aware improvement roadmap. Ru
 compatibility: Requires DocGuard CLI installed (npm i -g docguard-cli or npx docguard-cli)
 metadata:
   author: docguard
-  version: 0.9.5
+  version: 0.9.9
   source: extensions/spec-kit-docguard/skills/docguard-score
 ---
+<!-- docguard:version: 0.9.9 -->
 
 # DocGuard Score Skill
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "docguard-cli",
-  "version": "0.9.8",
+  "version": "0.9.10",
   "description": "The enforcement tool for Canonical-Driven Development (CDD). Audit, generate, and guard your project documentation.",
   "type": "module",
   "bin": {