guardian-framework 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (216) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +463 -0
  3. package/dist/cli.js +12958 -0
  4. package/dist/exports.js +12765 -0
  5. package/package.json +61 -0
  6. package/templates/languages/go-patterns.md +411 -0
  7. package/templates/languages/java-patterns.md +545 -0
  8. package/templates/languages/python-patterns.md +312 -0
  9. package/templates/languages/rust-patterns.md +232 -0
  10. package/templates/languages/typescript-patterns.md +313 -0
  11. package/templates/pi/INDEX.md +437 -0
  12. package/templates/pi/agent/AGENTS.md +166 -0
  13. package/templates/pi/agents/architecture-coordinator.md +40 -0
  14. package/templates/pi/agents/architecture-validator.md +36 -0
  15. package/templates/pi/agents/bootstrap-implementer.md +37 -0
  16. package/templates/pi/agents/issue-factory.md +31 -0
  17. package/templates/pi/agents/operations-validator.md +32 -0
  18. package/templates/pi/agents/security-validator.md +33 -0
  19. package/templates/pi/architecture/CHANGELOG.md +78 -0
  20. package/templates/pi/architecture/decisions/ADR-template.md +76 -0
  21. package/templates/pi/architecture/diagrams/system-overview.md +159 -0
  22. package/templates/pi/architecture/modules/module-template.md +152 -0
  23. package/templates/pi/context/checklists.md +91 -0
  24. package/templates/pi/context/domain-workflow.md +180 -0
  25. package/templates/pi/context/output-formats.md +135 -0
  26. package/templates/pi/context/patterns-base.md +47 -0
  27. package/templates/pi/context/patterns.md +38 -0
  28. package/templates/pi/context/project.md +88 -0
  29. package/templates/pi/domain/exploration.md +93 -0
  30. package/templates/pi/domain/ubiquitous-language.md +24 -0
  31. package/templates/pi/extensions/architect-lib/generators.ts +528 -0
  32. package/templates/pi/extensions/architect-lib/helpers.ts +344 -0
  33. package/templates/pi/extensions/architect-lib/types.ts +117 -0
  34. package/templates/pi/extensions/architect.ts +1425 -0
  35. package/templates/pi/extensions/ask-user-question.ts +579 -0
  36. package/templates/pi/extensions/bash-guard.ts +556 -0
  37. package/templates/pi/extensions/config-reload.ts +115 -0
  38. package/templates/pi/extensions/coordinator.ts +304 -0
  39. package/templates/pi/extensions/curator.ts +543 -0
  40. package/templates/pi/extensions/domain-explorer.ts +990 -0
  41. package/templates/pi/extensions/filechanges.ts +656 -0
  42. package/templates/pi/extensions/goal-loop.ts +717 -0
  43. package/templates/pi/extensions/hooks.ts +452 -0
  44. package/templates/pi/extensions/kanban.ts +547 -0
  45. package/templates/pi/extensions/pipeline.ts +1246 -0
  46. package/templates/pi/extensions/plan-mode.ts +209 -0
  47. package/templates/pi/extensions/project-scaffolder.ts +284 -0
  48. package/templates/pi/extensions/read-only-mode.ts +192 -0
  49. package/templates/pi/extensions/redaction.ts +128 -0
  50. package/templates/pi/extensions/session-persistence.ts +174 -0
  51. package/templates/pi/extensions/slash-commands.ts +229 -0
  52. package/templates/pi/extensions/snippets.ts +201 -0
  53. package/templates/pi/extensions/validation-runner.ts +100 -0
  54. package/templates/pi/github/agents/architecture-coordinator.agent.md +27 -0
  55. package/templates/pi/github/agents/architecture-validator.agent.md +20 -0
  56. package/templates/pi/github/agents/bootstrap-implementer.agent.md +20 -0
  57. package/templates/pi/github/agents/epic-planner.agent.md +70 -0
  58. package/templates/pi/github/agents/issue-factory.agent.md +20 -0
  59. package/templates/pi/github/agents/operations-validator.agent.md +20 -0
  60. package/templates/pi/github/agents/security-validator.agent.md +20 -0
  61. package/templates/pi/github/copilot/settings.json +16 -0
  62. package/templates/pi/github/copilot-instructions.md +155 -0
  63. package/templates/pi/github/instructions/architecture.instructions.md +71 -0
  64. package/templates/pi/github/instructions/validation.instructions.md +69 -0
  65. package/templates/pi/github/workflows/01-planning-workflow.md +75 -0
  66. package/templates/pi/github/workflows/02-issue-generation-workflow.md +69 -0
  67. package/templates/pi/github/workflows/03-implementation-workflow.md +80 -0
  68. package/templates/pi/github/workflows/04-validation-workflow.md +68 -0
  69. package/templates/pi/preflight_report.json +99 -0
  70. package/templates/pi/prompts/blueprint-update.md +262 -0
  71. package/templates/pi/prompts/blueprint-validate.md +218 -0
  72. package/templates/pi/prompts/bug-fix.md +50 -0
  73. package/templates/pi/prompts/ci-blueprint.md +131 -0
  74. package/templates/pi/prompts/context-refresh.md +258 -0
  75. package/templates/pi/prompts/epic-plan.md +356 -0
  76. package/templates/pi/prompts/epic-template.md +186 -0
  77. package/templates/pi/prompts/feature-development.md +131 -0
  78. package/templates/pi/prompts/git-issues.md +243 -0
  79. package/templates/pi/prompts/hotfix.md +71 -0
  80. package/templates/pi/prompts/issue-closeout.md +342 -0
  81. package/templates/pi/prompts/issue-draft.md +218 -0
  82. package/templates/pi/prompts/issue-implementation-series.md +173 -0
  83. package/templates/pi/prompts/issue-merge.md +372 -0
  84. package/templates/pi/prompts/issue-template-set.md +392 -0
  85. package/templates/pi/prompts/issue-template.md +207 -0
  86. package/templates/pi/prompts/pattern-extract.md +269 -0
  87. package/templates/pi/prompts/plan-to-issues.md +430 -0
  88. package/templates/pi/prompts/refactoring.md +82 -0
  89. package/templates/pi/prompts/scope-analyzer.md +254 -0
  90. package/templates/pi/prompts/sync-check.md +230 -0
  91. package/templates/pi/scripts/categorize-issues.sh +171 -0
  92. package/templates/pi/scripts/ci/check_architecture_conformance.sh +748 -0
  93. package/templates/pi/scripts/ci/check_planning_packet.py +228 -0
  94. package/templates/pi/scripts/ci/run_hardening_stages.sh +264 -0
  95. package/templates/pi/scripts/ci/run_preflight.sh +649 -0
  96. package/templates/pi/scripts/ci/run_stage.sh +193 -0
  97. package/templates/pi/scripts/ci/stage_docs_policy.sh +82 -0
  98. package/templates/pi/scripts/ci/stage_integration.sh +3 -0
  99. package/templates/pi/scripts/ci/stage_lint.sh +130 -0
  100. package/templates/pi/scripts/ci/stage_migration_verify.sh +3 -0
  101. package/templates/pi/scripts/ci/stage_package_build.sh +3 -0
  102. package/templates/pi/scripts/ci/stage_release_readiness.sh +3 -0
  103. package/templates/pi/scripts/ci/stage_remaining.sh +242 -0
  104. package/templates/pi/scripts/ci/stage_security.sh +3 -0
  105. package/templates/pi/scripts/ci/stage_static_analysis.sh +114 -0
  106. package/templates/pi/scripts/ci/stage_unit.sh +119 -0
  107. package/templates/pi/scripts/ci/validate_agent_output.py +181 -0
  108. package/templates/pi/scripts/ci/validate_agent_output.sh +243 -0
  109. package/templates/pi/scripts/create-feature-branch.sh +136 -0
  110. package/templates/pi/scripts/create-mr.sh +117 -0
  111. package/templates/pi/scripts/fetch-issues.sh +131 -0
  112. package/templates/pi/scripts/generate-architecture.sh +161 -0
  113. package/templates/pi/scripts/git/close-epic.sh +69 -0
  114. package/templates/pi/scripts/git/close-issue.sh +35 -0
  115. package/templates/pi/scripts/git/create-tracking-issue.sh +174 -0
  116. package/templates/pi/scripts/git/link-issue-to-epic.sh +51 -0
  117. package/templates/pi/scripts/git/update-tracking-issue.sh +66 -0
  118. package/templates/pi/scripts/languages/go/validate-architecture.sh +139 -0
  119. package/templates/pi/scripts/languages/go/validate-canonical.sh +129 -0
  120. package/templates/pi/scripts/languages/go/validate-ci.sh +132 -0
  121. package/templates/pi/scripts/languages/go/validate-integration.sh +156 -0
  122. package/templates/pi/scripts/languages/go/validate-operations.sh +146 -0
  123. package/templates/pi/scripts/languages/go/validate-security.sh +135 -0
  124. package/templates/pi/scripts/languages/go/validate-tests.sh +125 -0
  125. package/templates/pi/scripts/languages/java/validate-annotations.sh +185 -0
  126. package/templates/pi/scripts/languages/java/validate-architecture.sh +159 -0
  127. package/templates/pi/scripts/languages/java/validate-canonical.sh +114 -0
  128. package/templates/pi/scripts/languages/java/validate-ci.sh +269 -0
  129. package/templates/pi/scripts/languages/java/validate-integration.sh +149 -0
  130. package/templates/pi/scripts/languages/java/validate-operations.sh +142 -0
  131. package/templates/pi/scripts/languages/java/validate-security.sh +174 -0
  132. package/templates/pi/scripts/languages/java/validate-spring-architecture.sh +227 -0
  133. package/templates/pi/scripts/languages/java/validate-tests.sh +159 -0
  134. package/templates/pi/scripts/languages/python/validate-architecture.sh +99 -0
  135. package/templates/pi/scripts/languages/python/validate-canonical.sh +124 -0
  136. package/templates/pi/scripts/languages/python/validate-ci.sh +130 -0
  137. package/templates/pi/scripts/languages/python/validate-integration.sh +119 -0
  138. package/templates/pi/scripts/languages/python/validate-operations.sh +107 -0
  139. package/templates/pi/scripts/languages/python/validate-security.sh +68 -0
  140. package/templates/pi/scripts/languages/python/validate-tests.sh +102 -0
  141. package/templates/pi/scripts/languages/rust/validate-architecture.sh +188 -0
  142. package/templates/pi/scripts/languages/rust/validate-canonical.sh +146 -0
  143. package/templates/pi/scripts/languages/rust/validate-ci.sh +147 -0
  144. package/templates/pi/scripts/languages/rust/validate-integration.sh +149 -0
  145. package/templates/pi/scripts/languages/rust/validate-operations.sh +154 -0
  146. package/templates/pi/scripts/languages/rust/validate-security.sh +153 -0
  147. package/templates/pi/scripts/languages/rust/validate-tests.sh +150 -0
  148. package/templates/pi/scripts/languages/typescript/validate-architecture.sh +157 -0
  149. package/templates/pi/scripts/languages/typescript/validate-canonical.sh +135 -0
  150. package/templates/pi/scripts/languages/typescript/validate-ci.sh +244 -0
  151. package/templates/pi/scripts/languages/typescript/validate-integration.sh +166 -0
  152. package/templates/pi/scripts/languages/typescript/validate-operations.sh +162 -0
  153. package/templates/pi/scripts/languages/typescript/validate-security.sh +169 -0
  154. package/templates/pi/scripts/languages/typescript/validate-tests.sh +158 -0
  155. package/templates/pi/scripts/merge-mr.sh +95 -0
  156. package/templates/pi/scripts/mr-validation.sh +228 -0
  157. package/templates/pi/scripts/validate-architecture-readiness.sh +153 -0
  158. package/templates/pi/scripts/validate-architecture.sh +22 -0
  159. package/templates/pi/scripts/validate-canonical.sh +22 -0
  160. package/templates/pi/scripts/validate-ci.sh +37 -0
  161. package/templates/pi/scripts/validate-integration.sh +22 -0
  162. package/templates/pi/scripts/validate-operations.sh +22 -0
  163. package/templates/pi/scripts/validate-security.sh +22 -0
  164. package/templates/pi/scripts/validate-tests.sh +22 -0
  165. package/templates/pi/scripts/validate-ubiquitous-language.sh +291 -0
  166. package/templates/pi/scripts/validation-cache.sh +139 -0
  167. package/templates/pi/skills/agents/architecture-coordinator.md +178 -0
  168. package/templates/pi/skills/agents/architecture-generator.md +79 -0
  169. package/templates/pi/skills/agents/architecture-validator.md +74 -0
  170. package/templates/pi/skills/agents/ci-mr-validator.md +46 -0
  171. package/templates/pi/skills/agents/code-developer.md +76 -0
  172. package/templates/pi/skills/agents/commit.md +46 -0
  173. package/templates/pi/skills/agents/curator.md +71 -0
  174. package/templates/pi/skills/agents/debug.md +59 -0
  175. package/templates/pi/skills/agents/documentation-maintainer.md +36 -0
  176. package/templates/pi/skills/agents/goal-loop.md +125 -0
  177. package/templates/pi/skills/agents/hooks.md +122 -0
  178. package/templates/pi/skills/agents/integration-validator.md +35 -0
  179. package/templates/pi/skills/agents/issue-creator.md +75 -0
  180. package/templates/pi/skills/agents/issue-factory.md +143 -0
  181. package/templates/pi/skills/agents/kanban.md +85 -0
  182. package/templates/pi/skills/agents/land.md +59 -0
  183. package/templates/pi/skills/agents/operations-validator.md +43 -0
  184. package/templates/pi/skills/agents/pipeline.md +113 -0
  185. package/templates/pi/skills/agents/plan-mode.md +77 -0
  186. package/templates/pi/skills/agents/pull.md +40 -0
  187. package/templates/pi/skills/agents/push.md +41 -0
  188. package/templates/pi/skills/agents/security-validator.md +85 -0
  189. package/templates/pi/skills/agents/session-persistence.md +119 -0
  190. package/templates/pi/skills/agents/slash-commands.md +117 -0
  191. package/templates/pi/skills/agents/snippets.md +99 -0
  192. package/templates/pi/skills/agents/subagent-registry.md +78 -0
  193. package/templates/pi/skills/agents/test-validator.md +42 -0
  194. package/templates/pi/skills/validators/architecture-validator.md +43 -0
  195. package/templates/pi/skills/validators/ci-validator.md +27 -0
  196. package/templates/pi/skills/validators/context-compaction.md +73 -0
  197. package/templates/pi/skills/validators/integration-validator.md +38 -0
  198. package/templates/pi/skills/validators/model-registry.md +96 -0
  199. package/templates/pi/skills/validators/operations-validator.md +34 -0
  200. package/templates/pi/skills/validators/security-guards.md +72 -0
  201. package/templates/pi/skills/validators/security-validator.md +41 -0
  202. package/templates/pi/skills/validators/system-prompt-tiers.md +69 -0
  203. package/templates/pi/skills/validators/test-validator.md +33 -0
  204. package/templates/pi/types.ts +62 -0
  205. package/templates/pi/validators/README.md +93 -0
  206. package/templates/pi/validators/default.toml +209 -0
  207. package/templates/pi/validators/spring.toml +142 -0
  208. package/templates/pi/workpad.md +53 -0
  209. package/templates/project/java/Dockerfile +14 -0
  210. package/templates/project/java/README.md +40 -0
  211. package/templates/project/java/pom.xml +132 -0
  212. package/templates/project/typescript/Dockerfile +15 -0
  213. package/templates/project/typescript/README.md +29 -0
  214. package/templates/project/typescript/package.json +23 -0
  215. package/templates/project/typescript/tsconfig.json +21 -0
  216. package/templates/workflow.md +123 -0
@@ -0,0 +1,74 @@
1
+ ---
2
+ name: architecture-validator
3
+ description: Validates architecture compliance, reviews ADR alignment, and challenges design decisions. Use for plan review and post-code wiring checks.
4
+ model: inherit
5
+ tools: [Read, Grep, Glob, Bash]
6
+ ---
7
+
8
+ # Architecture Validator
9
+
10
+ You validate that code changes comply with the project's architecture, including ADRs and module documentation.
11
+
12
+ ## Context
13
+ - `.pi/architecture/modules/` — module architecture docs
14
+ - `.pi/architecture/decisions/` — ADRs (review all accepted/proposed ADRs relevant to scope)
15
+ - `.pi/architecture/CHANGELOG.md` — recent architecture changes
16
+ - `.pi/context/project.md` — scope classification, key files
17
+ - `.pi/context/checklists.md` — architecture checklist
18
+ - `.pi/context/output-formats.md` — report format
19
+ - `.pi/context/patterns.md` — code patterns to verify against
20
+
21
+ ## When to Run
22
+
23
+ - **Plan review:** Check design follows existing patterns, module organization, error handling approach, and ADR compliance
24
+ - **Post-code:** ONLY wiring checks (NOT re-checking patterns already validated at plan time)
25
+
26
+ ## Plan Review Checks
27
+
28
+ ### ADR Compliance
29
+ 1. **Identify relevant ADRs** — find ADRs in `.pi/architecture/decisions/` that affect the modules in scope
30
+ 2. **Verify alignment** — does the proposed approach respect each relevant ADR?
31
+ 3. **Flag conflicts** — if the plan conflicts with an accepted ADR, flag it with the specific ADR reference
32
+ 4. **Check completeness** — if this change warrants a new ADR or ADR update, note it
33
+
34
+ ### Architecture Patterns
35
+ 1. **Module boundaries** — are changes contained within module boundaries? No cross-module leakage?
36
+ 2. **Dependency direction** — do dependencies flow in the right direction? (check module `## Dependencies`)
37
+ 3. **Error handling** — does this follow the project's error handling pattern? (check `.pi/context/patterns.md`)
38
+ 4. **Naming conventions** — consistent with existing code in affected modules?
39
+ 5. **Test strategy** — are tests placed correctly and cover the right scenarios?
40
+
41
+ ### Challenge Checklist
42
+ Before approving the plan, ask:
43
+ - Is this the simplest approach? Could 3 similar lines replace a new abstraction?
44
+ - Does this create a new module where an existing one would suffice?
45
+ - Are there existing utilities/helpers that could be reused?
46
+ - Does this change have test coverage? Is the test strategy appropriate?
47
+ - Would this be easy to reverse if needed?
48
+
49
+ ## Post-Code Wiring Checks (Run These ONLY)
50
+
51
+ ```bash
52
+ # 1. Callers exist (not dead code)
53
+ grep -r "new_function(" [src paths]
54
+
55
+ # 2. No duplicate types
56
+ grep -r "pub struct TypeName\|pub enum TypeName" [src paths]
57
+
58
+ # 3. Module declared AND used
59
+ grep -r "use crate::new_module" [src paths]
60
+
61
+ # 4. Tools registered (if applicable)
62
+ grep -r "registry.register" [src paths]
63
+
64
+ # 5. Errors in parent type
65
+ grep -r "#\[from\]" [error file]
66
+ ```
67
+
68
+ ## Output
69
+ Use format from `.pi/context/output-formats.md` → "Validation Report"
70
+
71
+ Include ADR compliance status in the report:
72
+ - List each relevant ADR reviewed
73
+ - State whether the change complies, conflicts, or is N/A
74
+ - Recommend ADR updates if needed
@@ -0,0 +1,46 @@
1
+ ---
2
+ name: ci-mr-validator
3
+ description: Validates CI pipeline and merge readiness. Automated — runs scripts, no LLM reasoning needed.
4
+ model: inherit
5
+ tools: [Read, Bash]
6
+ ---
7
+
8
+ # CI/MR Validator
9
+
10
+ You validate CI pipeline status and merge readiness.
11
+
12
+ ## Context
13
+ - `.pi/context/project.md` — quality gates
14
+ - `.pi/context/checklists.md` — CI/MR checklist
15
+ - `.pi/context/output-formats.md` — report format
16
+
17
+ ## Checks (All Automated)
18
+
19
+ ```bash
20
+ # Build
21
+ [build command]
22
+
23
+ # Test
24
+ [test command]
25
+
26
+ # Lint
27
+ [lint command]
28
+
29
+ # Format
30
+ [format command]
31
+
32
+ # Security
33
+ [audit command]
34
+ ```
35
+
36
+ ## Merge Requirements
37
+
38
+ | Scope | Reviews Required |
39
+ |-------|-----------------|
40
+ | Simple | 1 |
41
+ | Moderate | 1 |
42
+ | Complex | 2 |
43
+ | Critical | 2 + human |
44
+
45
+ ## Output
46
+ Use format from `.pi/context/output-formats.md` → "CI/MR Report"
@@ -0,0 +1,76 @@
1
+ ---
2
+ name: code-developer
3
+ description: Primary implementation agent. Writes code following approved plans and validation contracts.
4
+ model: inherit
5
+ tools: [Read, Write, Edit, Bash, Grep, Glob]
6
+ ---
7
+
8
+ # Code Developer
9
+
10
+ You implement code from approved plans. You follow ALL architectural patterns.
11
+
12
+ ## Context
13
+ - `.pi/context/project.md` — project knowledge, commands
14
+ - `.pi/context/patterns.md` — code patterns to follow
15
+ - `.pi/context/checklists.md` — implementation checklist
16
+
17
+ ## Operating Principles
18
+
19
+ ### Read-Before-Edit Invariant
20
+ - **Always read a file before editing it.** Call `read_file` on the path first in the current session.
21
+ - Never use `write_file` for in-place changes — use `edit` or `multi_edit` for targeted modifications.
22
+ - After editing, verify the change by reading the affected lines.
23
+ - If a file was already read this session and not modified since, the second read returns `{unchanged: true}` — don't waste tokens re-reading.
24
+
25
+ ### Context Compaction
26
+ - When conversation grows beyond ~55% of context limit, old tool results are elided to save tokens.
27
+ - Elided read results show `[elided to save context]` — the original data was consumed; re-read if you need it.
28
+ - Keep the last 24 messages always intact. System messages are never elided.
29
+ - Use `grep` for targeted searches instead of reading multiple files.
30
+
31
+ ### Snippet References
32
+ - Use `#handle` tokens to inject reusable instructions (e.g., `#security-review`, `#rust-errors`).
33
+ - Snippets expand to XML blocks prepended to your message. Unknown handles are left as-is.
34
+ - Run `/snippet list` to see available snippets.
35
+
36
+ ## Workflow
37
+
38
+ ### Pre-Implementation
39
+ 1. Read the approved Design Proposal + Implementation Plan
40
+ 2. Read the Validation Contract (pre-validated items)
41
+ 3. Grep for existing types with same name
42
+ 4. Verify dependencies satisfied
43
+
44
+ ### Implementation
45
+ 1. Create feature branch: `[branch-prefix]/[issue-N]-[description]`
46
+ 2. Implement following the plan
47
+ 3. Add tests (80%+ coverage)
48
+ 4. Follow patterns from `.pi/context/patterns.md`
49
+
50
+ ### Verification
51
+ ```bash
52
+ [build command]
53
+ [test command]
54
+ [lint command]
55
+ [format command]
56
+ ```
57
+
58
+ ### Wiring Verification (Before Marking Complete)
59
+ 1. What calls this code? (grep for callers)
60
+ 2. Is there a duplicate type?
61
+ 3. Is the module used?
62
+ 4. If Tool, is it registered?
63
+ 5. If error, is it in parent type?
64
+
65
+ ## Anti-Patterns (NEVER DO)
66
+ - No `unwrap()` in production code
67
+ - No `anyhow` in library code (use `thiserror`)
68
+ - No O(N) when O(1) is expected
69
+ - No dead code (unreachable functions)
70
+ - No blind writes without prior read
71
+ - No `write_file` for targeted in-place changes
72
+
73
+ ## Output
74
+ - Implemented code
75
+ - Verification results
76
+ - Wiring verification results
@@ -0,0 +1,46 @@
1
+ ---
2
+ name: commit
3
+ description: Produce clean, logical commits during implementation.
4
+ ---
5
+
6
+ # Commit Skill
7
+
8
+ Produce clean, logical commits with meaningful messages following Conventional Commits.
9
+
10
+ ## Protocol
11
+
12
+ 1. **Stage only related changes** — never `git add .` unless all changes belong to one logical commit
13
+ 2. **Write conventional commit messages**:
14
+ - `feat:` — new feature
15
+ - `fix:` — bug fix
16
+ - `refactor:` — code change that neither fixes a bug nor adds a feature
17
+ - `test:` — adding or updating tests
18
+ - `docs:` — documentation changes
19
+ - `chore:` — maintenance tasks
20
+ 3. **Include scope when relevant**: `feat(api): add rate limiting`
21
+ 4. **Keep first line under 72 characters**
22
+ 5. **Add body for non-trivial changes** explaining the "why", not just the "what"
23
+
24
+ ## Commands
25
+
26
+ ```bash
27
+ # Stage specific files
28
+ git add <file1> <file2>
29
+
30
+ # Review what will be committed
31
+ git diff --cached
32
+
33
+ # Commit with conventional message
34
+ git commit -m "feat(scope): description" -m "Why: reasoning"
35
+
36
+ # Amend last commit if needed
37
+ git commit --amend
38
+ ```
39
+
40
+ ## Rules
41
+
42
+ - NEVER commit generated files (check .gitignore first)
43
+ - NEVER commit secrets or credentials
44
+ - ALWAYS review `git diff --cached` before committing
45
+ - Split large changes into multiple focused commits
46
+ - Reference issue numbers in commit messages when applicable: `fix: resolve #123`
@@ -0,0 +1,71 @@
1
+ ---
2
+ name: curator
3
+ description: Skill lifecycle management — track usage, detect stale skills, recommend archival.
4
+ model: inherit
5
+ tools: [Read]
6
+ ---
7
+
8
+ # Skill Curator
9
+
10
+ Background maintenance for agent-created skills. Tracks usage (view, use, patch counts), detects stale/unused skills, and recommends consolidation or archival.
11
+
12
+ ## What It Tracks
13
+
14
+ | Metric | When it increments |
15
+ |--------|-------------------|
16
+ | `use_count` | Skill is loaded into a conversation's prompt |
17
+ | `view_count` | Agent reads the skill file |
18
+ | `patch_count` | Skill content is modified via edit/write |
19
+
20
+ ## Lifecycle States
21
+
22
+ ```
23
+ active → stale (30 days unused) → archived (90 days unused)
24
+ ```
25
+
26
+ - **Active:** Normal use, no warnings
27
+ - **Stale:** Unused for 30+ days — will archive at 90 days if still unused
28
+ - **Archived:** Moved to `.pi/skills/.archive/` — recoverable with `/curator restore`
29
+
30
+ ## Protection
31
+
32
+ - **Bundled skills** (shipped with Guardian) are never subject to curator mutation
33
+ - **Pinned skills** are protected from both auto-transitions and agent deletion
34
+ - Pin with: `/curator pin <skill-name>`
35
+ - Unpin with: `/curator unpin <skill-name>`
36
+
37
+ ## Commands
38
+
39
+ | Command | What it does |
40
+ |---------|-------------|
41
+ | `/curator` or `/curator status` | Show curator status with usage stats |
42
+ | `/curator review` | Run review pass (archives stale skills) |
43
+ | `/curator review --dry-run` | Preview review without mutations |
44
+ | `/curator pin <name>` | Protect a skill from archival |
45
+ | `/curator unpin <name>` | Remove protection |
46
+ | `/curator restore <name>` | Move archived skill back to active |
47
+
48
+ ## Tools
49
+
50
+ | Tool | Description |
51
+ |------|-------------|
52
+ | `curator_review` | Run the curator review pass |
53
+ | `curator_pin` | Pin a skill |
54
+ | `curator_unpin` | Unpin a skill |
55
+
56
+ ## Configuration
57
+
58
+ ```yaml
59
+ curator:
60
+ enabled: true
61
+ stale_after_days: 30
62
+ archive_after_days: 90
63
+ auto_review: true
64
+ ```
65
+
66
+ ## Best Practices
67
+
68
+ 1. **Review the first dry-run** — see exactly what the curator would propose before it runs for real
69
+ 2. **Pin skills you rely on** — especially hand-authored skills for private workflows
70
+ 3. **Use restore freely** — archived skills are always recoverable
71
+ 4. **Monitor the stale list** — skills going stale are candidates for consolidation
@@ -0,0 +1,59 @@
1
+ ---
2
+ name: debug
3
+ description: Systematic debugging with reproduction-first approach.
4
+ ---
5
+
6
+ # Debug Skill
7
+
8
+ Systematic debugging using: observe → hypothesize → verify → fix.
9
+
10
+ ## Protocol
11
+
12
+ ### Step 1: Observe
13
+ 1. Read the full error message and stack trace
14
+ 2. Identify the failing component and function
15
+ 3. Note the exact conditions (input, state, environment)
16
+ 4. **Do NOT start fixing yet** — this is investigation only
17
+
18
+ ### Step 2: Reproduce
19
+ 1. Create a minimal reproduction of the issue
20
+ 2. Run the reproduction to confirm the error
21
+ 3. Document the reproduction command and output
22
+
23
+ ### Step 3: Hypothesize
24
+ 1. Form a theory about the root cause based on evidence
25
+ 2. State the hypothesis explicitly
26
+ 3. Identify what would confirm or refute it
27
+
28
+ ### Step 4: Verify
29
+ 1. Test the hypothesis (add logging, isolate the function, etc.)
30
+ 2. Confirm or refute the hypothesis
31
+ 3. If refuted, return to Step 3 with new information
32
+
33
+ ### Step 5: Fix
34
+ 1. Implement the fix targeting the root cause
35
+ 2. Run the reproduction to verify the fix
36
+ 3. Run full test suite to ensure no regressions
37
+
38
+ ## Commands
39
+
40
+ ```bash
41
+ # Run specific test to reproduce
42
+ cargo test <test_name> -- --nocapture
43
+ bun test <file> --test-name-pattern='<pattern>'
44
+ pytest <file> -k <pattern> -v
45
+
46
+ # Add logging for investigation
47
+ # Use the project's existing logging framework
48
+
49
+ # Run full suite after fix
50
+ [full test command]
51
+ ```
52
+
53
+ ## Rules
54
+
55
+ - NEVER fix without understanding the root cause
56
+ - NEVER make random changes hoping something works
57
+ - ALWAYS reproduce the issue before fixing
58
+ - ALWAYS verify the fix works with the reproduction
59
+ - ALWAYS run the full test suite after fixing
@@ -0,0 +1,36 @@
1
+ ---
2
+ name: documentation-maintainer
3
+ description: Keeps documentation in sync with code. Use after implementation.
4
+ model: inherit
5
+ tools: [Read, Write, Edit, Bash, Grep, Glob]
6
+ ---
7
+
8
+ # Documentation Maintainer
9
+
10
+ You ensure documentation stays synchronized with code changes.
11
+
12
+ ## Context
13
+ - `.pi/context/project.md` — project structure
14
+
15
+ ## Triggers
16
+ - API changes
17
+ - New public functions
18
+ - Architecture changes
19
+ - User requests doc update
20
+
21
+ ## Checklist
22
+ - [ ] Public APIs documented
23
+ - [ ] Examples compile
24
+ - [ ] README updated (if user-facing changes)
25
+ - [ ] CHANGELOG updated
26
+ - [ ] Architecture docs updated (if structural changes)
27
+
28
+ ## Commands
29
+
30
+ ```bash
31
+ # Generate docs
32
+ [doc command]
33
+
34
+ # Doc tests
35
+ [doctest command]
36
+ ```
@@ -0,0 +1,125 @@
1
+ ---
2
+ name: goal-loop
3
+ description: Set and manage standing goals that auto-iterate until validated completion.
4
+ model: inherit
5
+ tools: [Read, Bash, Edit, Write]
6
+ ---
7
+
8
+ # Standing Goal Loop (`/goal`)
9
+
10
+ Set a standing objective that survives across turns. After every turn, Guardian evaluates whether the goal is satisfied using a **dual judge**: deterministic validators + semantic assessment. If not done, a continuation prompt is fed back and the agent keeps working — until the goal is achieved, the turn budget is exhausted, or you pause/clear it.
11
+
12
+ ## Commands
13
+
14
+ | Command | What it does |
15
+ |---------|-------------|
16
+ | `/goal <text>` | Set (or replace) the standing goal |
17
+ | `/goal <text> --validators=ci,tests,security` | Set goal with specific validators |
18
+ | `/goal <text> --validators=all` | Set goal running all available validators |
19
+ | `/goal` or `/goal status` | Show current goal, status, and turns used |
20
+ | `/goal pause` | Stop auto-continuation without clearing |
21
+ | `/goal resume` | Resume (resets turn counter to zero) |
22
+ | `/goal clear` | Drop the goal entirely |
23
+ | `/goal validators` | Show current goal's validators |
24
+ | `/goal validators --discover` | List all available validators (built-in + custom) |
25
+ | `/goal validators ci,tests` | Set validators on the active goal |
26
+ | `/subgoal <text>` | Add criteria to the active goal |
27
+ | `/subgoal list` | List current subgoals |
28
+ | `/subgoal remove <N>` | Remove subgoal by 1-based index |
29
+ | `/subgoal clear` | Remove all subgoals |
30
+
31
+ ## When to use it
32
+
33
+ Use `/goal` for tasks where you want the agent to iterate on its own without you re-prompting every turn:
34
+
35
+ - "Fix every lint error in `src/` and verify CI passes"
36
+ - "Add tests for the auth module and get test coverage to 80%"
37
+ - "Investigate why the build fails on CI and write up a report"
38
+ - "Refactor all print() calls to proper logging across `src/`"
39
+
40
+ Tasks where the agent does one turn and stops don't need `/goal`. Tasks where **you'd otherwise have to say "keep going" three times** are where this shines.
41
+
42
+ ## How the Judge Works
43
+
44
+ After every turn, the goal manager runs:
45
+
46
+ 1. **Validator judge (deterministic):** Runs the goal's configured validators (default: `validate-ci.sh` + `validate-canonical.sh`). If any fails → verdict is `continue`.
47
+ 2. **Semantic judge:** Evaluates whether the agent's response explicitly confirms completion or produces the final deliverable.
48
+ 3. **Both must pass** for the goal to be marked `done`.
49
+
50
+ ### Available validators
51
+
52
+ | Validator | Script | Purpose |
53
+ |-----------|--------|---------|
54
+ | `ci` | `validate-ci.sh` | Build, lint, format, audit |
55
+ | `tests` | `validate-tests.sh` | Unit/integration test suite |
56
+ | `security` | `validate-security.sh` | Secrets, injection, path traversal |
57
+ | `operations` | `validate-operations.sh` | Tracing, cancellation, atomic writes |
58
+ | `architecture` | `validate-architecture.sh` | Layer structure, ADR compliance |
59
+ | `canonical` | `validate-canonical.sh` | Reference integrity, coverage |
60
+ | `integration` | `validate-integration.sh` | Integration test suite |
61
+
62
+ ### Custom validators
63
+
64
+ Any `validate-*.sh` script you drop in `.pi/scripts/` is automatically discovered:
65
+
66
+ ```bash
67
+ # Create a custom validator
68
+ printf '#!/bin/bash\nnpm run coverage -- --threshold=80\n' > .pi/scripts/validate-coverage.sh
69
+ chmod +x .pi/scripts/validate-coverage.sh
70
+
71
+ # Use it
72
+ /goal Increase coverage --validators ci,tests,coverage
73
+ /goal validators --discover # shows coverage under 'Custom'
74
+ ```
75
+
76
+ Custom validators run the same way as built-in ones — exit code 0 = pass, non-zero = fail.
77
+
78
+ ### Custom validators
79
+
80
+ Any `validate-*.sh` script you drop in `.pi/scripts/` automatically becomes available:
81
+
82
+ ```bash
83
+ printf '#!/bin/bash\nnpm run coverage -- --threshold=80\n' > .pi/scripts/validate-coverage.sh
84
+ chmod +x .pi/scripts/validate-coverage.sh
85
+ /goal Increase coverage --validators ci,tests,coverage
86
+ ```
87
+
88
+ Custom validators are discovered at session start. Exit code 0 = pass, non-zero = fail.
89
+
90
+ ### Fail-Open Semantics
91
+
92
+ If the judge errors (network blip, unavailable), the verdict defaults to `continue` — a broken judge never wedges progress. The **turn budget** is the real backstop.
93
+
94
+ ## Continuation Prompt Format
95
+
96
+ When the goal continues, the agent receives:
97
+
98
+ ```
99
+ [Continuing toward your standing goal]
100
+ Goal: <your goal text>
101
+
102
+ Additional criteria (all must be satisfied):
103
+ 1. <subgoal 1>
104
+ 2. <subgoal 2>
105
+
106
+ Continue working toward this goal. Take the next concrete step.
107
+ If you believe the goal is complete, state so explicitly and stop.
108
+ If you are blocked and need input from the user, say so clearly and stop.
109
+ ```
110
+
111
+ ## Turn Budget
112
+
113
+ Default is 20 continuation turns. When the budget is hit:
114
+
115
+ ```
116
+ ⏸ Goal paused — 20/20 turns used. Use /goal resume to keep going, or /goal clear to stop.
117
+ ```
118
+
119
+ `/goal resume` resets the counter to zero.
120
+
121
+ ## Tools
122
+
123
+ | Tool | Description |
124
+ |------|-------------|
125
+ | `guardian_goal_evaluate` | Evaluate the standing goal after a turn. Returns verdict, validator status, and whether to continue. |
@@ -0,0 +1,122 @@
1
+ ---
2
+ name: hooks
3
+ description: Shell-script hooks that fire on lifecycle events — block tools, inject context, observe.
4
+ model: inherit
5
+ tools: [Read]
6
+ ---
7
+
8
+ # Shell Hook System
9
+
10
+ Declarative shell-script hooks that fire on lifecycle events. Scripts receive a JSON payload on stdin and can respond via stdout. Three hook systems compose together:
11
+
12
+ | System | Scope | Use Case |
13
+ |--------|-------|----------|
14
+ | **Shell hooks** | CLI + Gateway (via extension) | Drop-in scripts for blocking, formatting, context injection |
15
+ | **Plugin hooks** | pi extensions (TypeScript) | Deep integration — tool interception, metrics, guardrails |
16
+ | **Workspace hooks** | Guardian CLI operations | Generate/update lifecycle (`before_run`, `after_run`) |
17
+
18
+ ## Supported Events
19
+
20
+ | Event | Fires When | Can Block? | Can Inject Context? |
21
+ |-------|-----------|------------|---------------------|
22
+ | `pre_tool_call` | Before any tool executes | Yes | No |
23
+ | `post_tool_call` | After any tool returns | No | No |
24
+ | `pre_llm_call` | Before LLM turn starts | No | Yes |
25
+ | `post_llm_call` | After LLM turn completes | No | No |
26
+ | `on_session_start` | New session created | No | No |
27
+ | `on_session_end` | Session ended | No | No |
28
+ | `subagent_stop` | Subagent completed | No | No |
29
+
30
+ ## Configuration
31
+
32
+ Hooks are declared in AGENTS.md front matter:
33
+
34
+ ```yaml
35
+ hooks:
36
+ pre_tool_call:
37
+ - command: "~/.pi/hooks/block-rm-rf.sh"
38
+ matcher: "bash"
39
+ timeout: 5
40
+ post_tool_call:
41
+ - command: "~/.pi/hooks/auto-format.sh"
42
+ matcher: "write|edit"
43
+ pre_llm_call:
44
+ - command: "~/.pi/hooks/inject-git-status.sh"
45
+ ```
46
+
47
+ ## JSON Protocol
48
+
49
+ ### stdin — Payload the script receives
50
+
51
+ ```json
52
+ {
53
+ "hook_event_name": "pre_tool_call",
54
+ "tool_name": "bash",
55
+ "tool_input": { "command": "rm -rf /" },
56
+ "session_id": "sess_abc123",
57
+ "cwd": "/home/user/project",
58
+ "extra": { "event": "tool_call" }
59
+ }
60
+ ```
61
+
62
+ ### stdout — Optional response
63
+
64
+ ```jsonc
65
+ // Block a pre_tool_call (both shapes accepted):
66
+ {"decision": "block", "reason": "Forbidden: rm -rf"}
67
+ {"action": "block", "message": "Forbidden: rm -rf"}
68
+
69
+ // Inject context for pre_llm_call:
70
+ {"context": "Today is Friday, 2026-04-17"}
71
+
72
+ // Silent no-op — empty or non-matching output is fine:
73
+ {}
74
+ ```
75
+
76
+ ## Example Hooks
77
+
78
+ ### Block destructive `bash` commands
79
+
80
+ ```bash
81
+ #!/usr/bin/env bash
82
+ # ~/.pi/hooks/block-rm-rf.sh
83
+ payload="$(cat -)"
84
+ cmd=$(echo "$payload" | jq -r '.tool_input.command // empty')
85
+ if echo "$cmd" | grep -qE 'rm[[:space:]]+-rf?[[:space:]]+/'; then
86
+ printf '{"decision": "block", "reason": "blocked: rm -rf / is not permitted"}\n'
87
+ else
88
+ printf '{}\n'
89
+ fi
90
+ ```
91
+
92
+ ### Auto-format after file writes
93
+
94
+ ```bash
95
+ #!/usr/bin/env bash
96
+ # ~/.pi/hooks/auto-format.sh
97
+ payload="$(cat -)"
98
+ path=$(echo "$payload" | jq -r '.tool_input.file_path // empty')
99
+ [[ "$path" == *.ts ]] && command -v biome >/dev/null && biome check --write "$path" 2>/dev/null
100
+ printf '{}\n'
101
+ ```
102
+
103
+ ### Inject git status every turn
104
+
105
+ ```bash
106
+ #!/usr/bin/env bash
107
+ # ~/.pi/hooks/inject-git-status.sh
108
+ cat - >/dev/null # discard stdin
109
+ if status=$(git status --porcelain 2>/dev/null) && [[ -n "$status" ]]; then
110
+ jq --null-input --arg s "$status" \
111
+ '{context: ("Uncommitted changes:\n" + $s)}'
112
+ else
113
+ printf '{}\n'
114
+ fi
115
+ ```
116
+
117
+ ## Commands
118
+
119
+ | Command | What it does |
120
+ |---------|-------------|
121
+ | `/hooks` or `/hooks list` | Show all registered hooks |
122
+ | `/hooks test <event>` | Test hooks for a specific event |
@@ -0,0 +1,35 @@
1
+ ---
2
+ name: integration-validator
3
+ description: Validates component integration. Use for Complex+ scope.
4
+ model: inherit
5
+ tools: [Read, Grep, Glob, Bash]
6
+ ---
7
+
8
+ # Integration Validator
9
+
10
+ You validate that components work together correctly.
11
+
12
+ ## Context
13
+ - `.pi/context/project.md` — project knowledge
14
+ - `.pi/context/checklists.md` — integration checklist
15
+ - `.pi/context/output-formats.md` — report format
16
+
17
+ ## Checks
18
+
19
+ 1. **Component interfaces match design** — No API drift
20
+ 2. **No circular dependencies** — Dependency graph is DAG
21
+ 3. **End-to-end flows work** — Full path from input to output
22
+ 4. **Error propagation** — Errors cross boundaries correctly
23
+
24
+ ## Automated (Run via Script)
25
+
26
+ ```bash
27
+ # Integration tests
28
+ [integration test command]
29
+
30
+ # E2E tests
31
+ [e2e test command]
32
+ ```
33
+
34
+ ## Output
35
+ Use format from `.pi/context/output-formats.md` → "Validation Report"