guardian-framework 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +463 -0
- package/dist/cli.js +12958 -0
- package/dist/exports.js +12765 -0
- package/package.json +61 -0
- package/templates/languages/go-patterns.md +411 -0
- package/templates/languages/java-patterns.md +545 -0
- package/templates/languages/python-patterns.md +312 -0
- package/templates/languages/rust-patterns.md +232 -0
- package/templates/languages/typescript-patterns.md +313 -0
- package/templates/pi/INDEX.md +437 -0
- package/templates/pi/agent/AGENTS.md +166 -0
- package/templates/pi/agents/architecture-coordinator.md +40 -0
- package/templates/pi/agents/architecture-validator.md +36 -0
- package/templates/pi/agents/bootstrap-implementer.md +37 -0
- package/templates/pi/agents/issue-factory.md +31 -0
- package/templates/pi/agents/operations-validator.md +32 -0
- package/templates/pi/agents/security-validator.md +33 -0
- package/templates/pi/architecture/CHANGELOG.md +78 -0
- package/templates/pi/architecture/decisions/ADR-template.md +76 -0
- package/templates/pi/architecture/diagrams/system-overview.md +159 -0
- package/templates/pi/architecture/modules/module-template.md +152 -0
- package/templates/pi/context/checklists.md +91 -0
- package/templates/pi/context/domain-workflow.md +180 -0
- package/templates/pi/context/output-formats.md +135 -0
- package/templates/pi/context/patterns-base.md +47 -0
- package/templates/pi/context/patterns.md +38 -0
- package/templates/pi/context/project.md +88 -0
- package/templates/pi/domain/exploration.md +93 -0
- package/templates/pi/domain/ubiquitous-language.md +24 -0
- package/templates/pi/extensions/architect-lib/generators.ts +528 -0
- package/templates/pi/extensions/architect-lib/helpers.ts +344 -0
- package/templates/pi/extensions/architect-lib/types.ts +117 -0
- package/templates/pi/extensions/architect.ts +1425 -0
- package/templates/pi/extensions/ask-user-question.ts +579 -0
- package/templates/pi/extensions/bash-guard.ts +556 -0
- package/templates/pi/extensions/config-reload.ts +115 -0
- package/templates/pi/extensions/coordinator.ts +304 -0
- package/templates/pi/extensions/curator.ts +543 -0
- package/templates/pi/extensions/domain-explorer.ts +990 -0
- package/templates/pi/extensions/filechanges.ts +656 -0
- package/templates/pi/extensions/goal-loop.ts +717 -0
- package/templates/pi/extensions/hooks.ts +452 -0
- package/templates/pi/extensions/kanban.ts +547 -0
- package/templates/pi/extensions/pipeline.ts +1246 -0
- package/templates/pi/extensions/plan-mode.ts +209 -0
- package/templates/pi/extensions/project-scaffolder.ts +284 -0
- package/templates/pi/extensions/read-only-mode.ts +192 -0
- package/templates/pi/extensions/redaction.ts +128 -0
- package/templates/pi/extensions/session-persistence.ts +174 -0
- package/templates/pi/extensions/slash-commands.ts +229 -0
- package/templates/pi/extensions/snippets.ts +201 -0
- package/templates/pi/extensions/validation-runner.ts +100 -0
- package/templates/pi/github/agents/architecture-coordinator.agent.md +27 -0
- package/templates/pi/github/agents/architecture-validator.agent.md +20 -0
- package/templates/pi/github/agents/bootstrap-implementer.agent.md +20 -0
- package/templates/pi/github/agents/epic-planner.agent.md +70 -0
- package/templates/pi/github/agents/issue-factory.agent.md +20 -0
- package/templates/pi/github/agents/operations-validator.agent.md +20 -0
- package/templates/pi/github/agents/security-validator.agent.md +20 -0
- package/templates/pi/github/copilot/settings.json +16 -0
- package/templates/pi/github/copilot-instructions.md +155 -0
- package/templates/pi/github/instructions/architecture.instructions.md +71 -0
- package/templates/pi/github/instructions/validation.instructions.md +69 -0
- package/templates/pi/github/workflows/01-planning-workflow.md +75 -0
- package/templates/pi/github/workflows/02-issue-generation-workflow.md +69 -0
- package/templates/pi/github/workflows/03-implementation-workflow.md +80 -0
- package/templates/pi/github/workflows/04-validation-workflow.md +68 -0
- package/templates/pi/preflight_report.json +99 -0
- package/templates/pi/prompts/blueprint-update.md +262 -0
- package/templates/pi/prompts/blueprint-validate.md +218 -0
- package/templates/pi/prompts/bug-fix.md +50 -0
- package/templates/pi/prompts/ci-blueprint.md +131 -0
- package/templates/pi/prompts/context-refresh.md +258 -0
- package/templates/pi/prompts/epic-plan.md +356 -0
- package/templates/pi/prompts/epic-template.md +186 -0
- package/templates/pi/prompts/feature-development.md +131 -0
- package/templates/pi/prompts/git-issues.md +243 -0
- package/templates/pi/prompts/hotfix.md +71 -0
- package/templates/pi/prompts/issue-closeout.md +342 -0
- package/templates/pi/prompts/issue-draft.md +218 -0
- package/templates/pi/prompts/issue-implementation-series.md +173 -0
- package/templates/pi/prompts/issue-merge.md +372 -0
- package/templates/pi/prompts/issue-template-set.md +392 -0
- package/templates/pi/prompts/issue-template.md +207 -0
- package/templates/pi/prompts/pattern-extract.md +269 -0
- package/templates/pi/prompts/plan-to-issues.md +430 -0
- package/templates/pi/prompts/refactoring.md +82 -0
- package/templates/pi/prompts/scope-analyzer.md +254 -0
- package/templates/pi/prompts/sync-check.md +230 -0
- package/templates/pi/scripts/categorize-issues.sh +171 -0
- package/templates/pi/scripts/ci/check_architecture_conformance.sh +748 -0
- package/templates/pi/scripts/ci/check_planning_packet.py +228 -0
- package/templates/pi/scripts/ci/run_hardening_stages.sh +264 -0
- package/templates/pi/scripts/ci/run_preflight.sh +649 -0
- package/templates/pi/scripts/ci/run_stage.sh +193 -0
- package/templates/pi/scripts/ci/stage_docs_policy.sh +82 -0
- package/templates/pi/scripts/ci/stage_integration.sh +3 -0
- package/templates/pi/scripts/ci/stage_lint.sh +130 -0
- package/templates/pi/scripts/ci/stage_migration_verify.sh +3 -0
- package/templates/pi/scripts/ci/stage_package_build.sh +3 -0
- package/templates/pi/scripts/ci/stage_release_readiness.sh +3 -0
- package/templates/pi/scripts/ci/stage_remaining.sh +242 -0
- package/templates/pi/scripts/ci/stage_security.sh +3 -0
- package/templates/pi/scripts/ci/stage_static_analysis.sh +114 -0
- package/templates/pi/scripts/ci/stage_unit.sh +119 -0
- package/templates/pi/scripts/ci/validate_agent_output.py +181 -0
- package/templates/pi/scripts/ci/validate_agent_output.sh +243 -0
- package/templates/pi/scripts/create-feature-branch.sh +136 -0
- package/templates/pi/scripts/create-mr.sh +117 -0
- package/templates/pi/scripts/fetch-issues.sh +131 -0
- package/templates/pi/scripts/generate-architecture.sh +161 -0
- package/templates/pi/scripts/git/close-epic.sh +69 -0
- package/templates/pi/scripts/git/close-issue.sh +35 -0
- package/templates/pi/scripts/git/create-tracking-issue.sh +174 -0
- package/templates/pi/scripts/git/link-issue-to-epic.sh +51 -0
- package/templates/pi/scripts/git/update-tracking-issue.sh +66 -0
- package/templates/pi/scripts/languages/go/validate-architecture.sh +139 -0
- package/templates/pi/scripts/languages/go/validate-canonical.sh +129 -0
- package/templates/pi/scripts/languages/go/validate-ci.sh +132 -0
- package/templates/pi/scripts/languages/go/validate-integration.sh +156 -0
- package/templates/pi/scripts/languages/go/validate-operations.sh +146 -0
- package/templates/pi/scripts/languages/go/validate-security.sh +135 -0
- package/templates/pi/scripts/languages/go/validate-tests.sh +125 -0
- package/templates/pi/scripts/languages/java/validate-annotations.sh +185 -0
- package/templates/pi/scripts/languages/java/validate-architecture.sh +159 -0
- package/templates/pi/scripts/languages/java/validate-canonical.sh +114 -0
- package/templates/pi/scripts/languages/java/validate-ci.sh +269 -0
- package/templates/pi/scripts/languages/java/validate-integration.sh +149 -0
- package/templates/pi/scripts/languages/java/validate-operations.sh +142 -0
- package/templates/pi/scripts/languages/java/validate-security.sh +174 -0
- package/templates/pi/scripts/languages/java/validate-spring-architecture.sh +227 -0
- package/templates/pi/scripts/languages/java/validate-tests.sh +159 -0
- package/templates/pi/scripts/languages/python/validate-architecture.sh +99 -0
- package/templates/pi/scripts/languages/python/validate-canonical.sh +124 -0
- package/templates/pi/scripts/languages/python/validate-ci.sh +130 -0
- package/templates/pi/scripts/languages/python/validate-integration.sh +119 -0
- package/templates/pi/scripts/languages/python/validate-operations.sh +107 -0
- package/templates/pi/scripts/languages/python/validate-security.sh +68 -0
- package/templates/pi/scripts/languages/python/validate-tests.sh +102 -0
- package/templates/pi/scripts/languages/rust/validate-architecture.sh +188 -0
- package/templates/pi/scripts/languages/rust/validate-canonical.sh +146 -0
- package/templates/pi/scripts/languages/rust/validate-ci.sh +147 -0
- package/templates/pi/scripts/languages/rust/validate-integration.sh +149 -0
- package/templates/pi/scripts/languages/rust/validate-operations.sh +154 -0
- package/templates/pi/scripts/languages/rust/validate-security.sh +153 -0
- package/templates/pi/scripts/languages/rust/validate-tests.sh +150 -0
- package/templates/pi/scripts/languages/typescript/validate-architecture.sh +157 -0
- package/templates/pi/scripts/languages/typescript/validate-canonical.sh +135 -0
- package/templates/pi/scripts/languages/typescript/validate-ci.sh +244 -0
- package/templates/pi/scripts/languages/typescript/validate-integration.sh +166 -0
- package/templates/pi/scripts/languages/typescript/validate-operations.sh +162 -0
- package/templates/pi/scripts/languages/typescript/validate-security.sh +169 -0
- package/templates/pi/scripts/languages/typescript/validate-tests.sh +158 -0
- package/templates/pi/scripts/merge-mr.sh +95 -0
- package/templates/pi/scripts/mr-validation.sh +228 -0
- package/templates/pi/scripts/validate-architecture-readiness.sh +153 -0
- package/templates/pi/scripts/validate-architecture.sh +22 -0
- package/templates/pi/scripts/validate-canonical.sh +22 -0
- package/templates/pi/scripts/validate-ci.sh +37 -0
- package/templates/pi/scripts/validate-integration.sh +22 -0
- package/templates/pi/scripts/validate-operations.sh +22 -0
- package/templates/pi/scripts/validate-security.sh +22 -0
- package/templates/pi/scripts/validate-tests.sh +22 -0
- package/templates/pi/scripts/validate-ubiquitous-language.sh +291 -0
- package/templates/pi/scripts/validation-cache.sh +139 -0
- package/templates/pi/skills/agents/architecture-coordinator.md +178 -0
- package/templates/pi/skills/agents/architecture-generator.md +79 -0
- package/templates/pi/skills/agents/architecture-validator.md +74 -0
- package/templates/pi/skills/agents/ci-mr-validator.md +46 -0
- package/templates/pi/skills/agents/code-developer.md +76 -0
- package/templates/pi/skills/agents/commit.md +46 -0
- package/templates/pi/skills/agents/curator.md +71 -0
- package/templates/pi/skills/agents/debug.md +59 -0
- package/templates/pi/skills/agents/documentation-maintainer.md +36 -0
- package/templates/pi/skills/agents/goal-loop.md +125 -0
- package/templates/pi/skills/agents/hooks.md +122 -0
- package/templates/pi/skills/agents/integration-validator.md +35 -0
- package/templates/pi/skills/agents/issue-creator.md +75 -0
- package/templates/pi/skills/agents/issue-factory.md +143 -0
- package/templates/pi/skills/agents/kanban.md +85 -0
- package/templates/pi/skills/agents/land.md +59 -0
- package/templates/pi/skills/agents/operations-validator.md +43 -0
- package/templates/pi/skills/agents/pipeline.md +113 -0
- package/templates/pi/skills/agents/plan-mode.md +77 -0
- package/templates/pi/skills/agents/pull.md +40 -0
- package/templates/pi/skills/agents/push.md +41 -0
- package/templates/pi/skills/agents/security-validator.md +85 -0
- package/templates/pi/skills/agents/session-persistence.md +119 -0
- package/templates/pi/skills/agents/slash-commands.md +117 -0
- package/templates/pi/skills/agents/snippets.md +99 -0
- package/templates/pi/skills/agents/subagent-registry.md +78 -0
- package/templates/pi/skills/agents/test-validator.md +42 -0
- package/templates/pi/skills/validators/architecture-validator.md +43 -0
- package/templates/pi/skills/validators/ci-validator.md +27 -0
- package/templates/pi/skills/validators/context-compaction.md +73 -0
- package/templates/pi/skills/validators/integration-validator.md +38 -0
- package/templates/pi/skills/validators/model-registry.md +96 -0
- package/templates/pi/skills/validators/operations-validator.md +34 -0
- package/templates/pi/skills/validators/security-guards.md +72 -0
- package/templates/pi/skills/validators/security-validator.md +41 -0
- package/templates/pi/skills/validators/system-prompt-tiers.md +69 -0
- package/templates/pi/skills/validators/test-validator.md +33 -0
- package/templates/pi/types.ts +62 -0
- package/templates/pi/validators/README.md +93 -0
- package/templates/pi/validators/default.toml +209 -0
- package/templates/pi/validators/spring.toml +142 -0
- package/templates/pi/workpad.md +53 -0
- package/templates/project/java/Dockerfile +14 -0
- package/templates/project/java/README.md +40 -0
- package/templates/project/java/pom.xml +132 -0
- package/templates/project/typescript/Dockerfile +15 -0
- package/templates/project/typescript/README.md +29 -0
- package/templates/project/typescript/package.json +23 -0
- package/templates/project/typescript/tsconfig.json +21 -0
- package/templates/workflow.md +123 -0
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: security-validator
|
|
3
|
+
description: Security review skill. Scans code for injection, auth bypass, secret leakage, unsafe deserialization, weak crypto.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read, Grep, Glob, Bash]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Security Validator
|
|
9
|
+
|
|
10
|
+
Audits code and configuration for security risks.
|
|
11
|
+
|
|
12
|
+
## Scope
|
|
13
|
+
|
|
14
|
+
Scan for the following categories:
|
|
15
|
+
|
|
16
|
+
### 1. Injection Vulnerabilities
|
|
17
|
+
- **SQL injection:** String concatenation in queries, parameterized queries missing
|
|
18
|
+
- **Shell injection:** User input in `exec()`, `system()`, backticks, `${}` without quoting
|
|
19
|
+
- **Path traversal:** `..` in file paths, symlink following, missing path canonicalization
|
|
20
|
+
- **Template injection:** Unescaped user input in HTML/JS templates
|
|
21
|
+
|
|
22
|
+
### 2. Authentication / Authorization
|
|
23
|
+
- Missing auth checks on sensitive endpoints
|
|
24
|
+
- Hardcoded credentials or API keys
|
|
25
|
+
- Weak password requirements
|
|
26
|
+
- Missing CSRF protection
|
|
27
|
+
- Broken access control (IDOR)
|
|
28
|
+
|
|
29
|
+
### 3. Secret Leakage
|
|
30
|
+
- Secrets in source code (`.env` files, config files, comments)
|
|
31
|
+
- API keys in client-side code
|
|
32
|
+
- Private keys, certificates in repo
|
|
33
|
+
- Debug/logging of sensitive data (tokens, passwords, PII)
|
|
34
|
+
|
|
35
|
+
### 4. Unsafe Operations
|
|
36
|
+
- Unsafe deserialization (eval, pickle, yaml.load, JSON.parse with reviver)
|
|
37
|
+
- Weak cryptographic algorithms (MD5, SHA1, DES, ECB mode)
|
|
38
|
+
- Missing certificate validation (TLS skip verify)
|
|
39
|
+
- Insecure random number generation
|
|
40
|
+
|
|
41
|
+
### 5. Data Handling
|
|
42
|
+
- Missing input validation at trust boundaries
|
|
43
|
+
- XSS via unescaped output
|
|
44
|
+
- Missing Content-Security-Policy headers
|
|
45
|
+
- Sensitive data in URLs or logs
|
|
46
|
+
|
|
47
|
+
## Tool Restrictions
|
|
48
|
+
|
|
49
|
+
This validator operates in **read-only** mode. It may:
|
|
50
|
+
- Read files
|
|
51
|
+
- Grep for patterns
|
|
52
|
+
- List directories
|
|
53
|
+
- Run non-mutating commands (e.g., `npm audit`, `cargo audit`)
|
|
54
|
+
|
|
55
|
+
It must NOT:
|
|
56
|
+
- Write or modify files
|
|
57
|
+
- Execute destructive commands
|
|
58
|
+
- Spawn subagents
|
|
59
|
+
|
|
60
|
+
## Output Format
|
|
61
|
+
|
|
62
|
+
For each finding, report:
|
|
63
|
+
|
|
64
|
+
```
|
|
65
|
+
[CRITICAL/HIGH/MEDIUM/LOW] file:line — issue → recommended fix
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
Example:
|
|
69
|
+
```
|
|
70
|
+
[CRITICAL] src/auth.ts:42 — hardcoded JWT secret → move to environment variable or secrets manager
|
|
71
|
+
[HIGH] src/api/users.rs:118 — SQL injection via string concat → use parameterized query
|
|
72
|
+
[MEDIUM] config/deploy.yml:7 — AWS key in plaintext → use IAM roles or vault
|
|
73
|
+
[LOW] src/logger.ts:33 — logging request headers (may contain tokens) → redact Authorization header
|
|
74
|
+
```
|
|
75
|
+
|
|
76
|
+
If no issues are found, report: **"No security issues found."**
|
|
77
|
+
|
|
78
|
+
## Priority Rules
|
|
79
|
+
|
|
80
|
+
- **CRITICAL:** Exploitable now, affects production
|
|
81
|
+
- **HIGH:** Exploitable with effort, likely in production
|
|
82
|
+
- **MEDIUM:** Defense-in-depth weakness, may be exploitable
|
|
83
|
+
- **LOW:** Best practice violation, unlikely to be directly exploitable
|
|
84
|
+
|
|
85
|
+
Do NOT report style/formatting issues. Do NOT propose unrelated cleanups.
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: session-persistence
|
|
3
|
+
description: Structured session lifecycle with lazy-loaded message history, auto-derived titles, and per-session state isolation.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Session Persistence
|
|
9
|
+
|
|
10
|
+
Sessions provide structured conversation lifecycle with lazy loading, auto-titling, and per-session state isolation.
|
|
11
|
+
|
|
12
|
+
## Session Storage Format
|
|
13
|
+
|
|
14
|
+
```json
|
|
15
|
+
{
|
|
16
|
+
"sessions": [
|
|
17
|
+
{
|
|
18
|
+
"id": "s-1a2b3c-x7y8z9",
|
|
19
|
+
"title": "Fix auth token refresh bug",
|
|
20
|
+
"createdAt": 1714000000000,
|
|
21
|
+
"updatedAt": 1714003600000
|
|
22
|
+
}
|
|
23
|
+
],
|
|
24
|
+
"activeId": "s-1a2b3c-x7y8z9"
|
|
25
|
+
}
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
### Per-Session Messages
|
|
29
|
+
|
|
30
|
+
Messages stored under key `messages:{sessionId}`:
|
|
31
|
+
```json
|
|
32
|
+
{
|
|
33
|
+
"messages:s-1a2b3c-x7y8z9": [
|
|
34
|
+
{ "role": "user", "parts": [...] },
|
|
35
|
+
{ "role": "assistant", "parts": [...] }
|
|
36
|
+
]
|
|
37
|
+
}
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
## Session ID Format
|
|
41
|
+
|
|
42
|
+
```
|
|
43
|
+
s-{timestamp-base36}-{random-base36}
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
Example: `s-m5x7k2-a3b9c1`
|
|
47
|
+
|
|
48
|
+
## Auto-Derived Titles
|
|
49
|
+
|
|
50
|
+
Title is derived from the **first user message**, stripped of:
|
|
51
|
+
- Terminal context blocks
|
|
52
|
+
- Selection blocks
|
|
53
|
+
- File content blocks
|
|
54
|
+
- Truncated to 40 characters with ellipsis
|
|
55
|
+
|
|
56
|
+
## Lazy Loading
|
|
57
|
+
|
|
58
|
+
- **Boot:** Load only session list + active ID (single IPC roundtrip)
|
|
59
|
+
- **Open:** Load messages for the opened session on-demand
|
|
60
|
+
- **Memory:** Keep active session messages in a Map; hydrate others on switch
|
|
61
|
+
|
|
62
|
+
## Per-Session State
|
|
63
|
+
|
|
64
|
+
Each session maintains isolated state:
|
|
65
|
+
- **Todos:** Task list with progress tracking (`todos:{sessionId}`)
|
|
66
|
+
- **Shell session:** Persistent shell with cwd survival
|
|
67
|
+
- **Read cache:** File content cache invalidated per mutation
|
|
68
|
+
- **Agent metadata:** Current step, usage stats, model info
|
|
69
|
+
|
|
70
|
+
## Session Switching
|
|
71
|
+
|
|
72
|
+
When switching sessions:
|
|
73
|
+
1. Save current session messages
|
|
74
|
+
2. Load target session messages from store
|
|
75
|
+
3. Clear read cache (files may have changed)
|
|
76
|
+
4. Restore per-session todos
|
|
77
|
+
5. Update active session ID
|
|
78
|
+
|
|
79
|
+
## Auto-Save
|
|
80
|
+
|
|
81
|
+
Messages are saved to disk on every assistant turn completion.
|
|
82
|
+
Auto-save interval: 200ms debounce.
|
|
83
|
+
|
|
84
|
+
## Session Lifecycle
|
|
85
|
+
|
|
86
|
+
```
|
|
87
|
+
Create → Open → Interact (auto-save) → Switch (save + load) → ... → Delete
|
|
88
|
+
```
|
|
89
|
+
|
|
90
|
+
## Storage Keys
|
|
91
|
+
|
|
92
|
+
| Key | Content |
|
|
93
|
+
|-----|---------|
|
|
94
|
+
| `sessions` | Array of SessionMeta |
|
|
95
|
+
| `activeId` | Current session ID |
|
|
96
|
+
| `messages:{id}` | Message array for session |
|
|
97
|
+
| `todos:{id}` | Todo array for session |
|
|
98
|
+
|
|
99
|
+
## Title Derivation Algorithm
|
|
100
|
+
|
|
101
|
+
```typescript
|
|
102
|
+
function deriveTitle(messages): string {
|
|
103
|
+
for (const m of messages) {
|
|
104
|
+
if (m.role !== "user") continue;
|
|
105
|
+
const text = m.parts
|
|
106
|
+
.filter(p => p.type === "text")
|
|
107
|
+
.map(p => p.text)
|
|
108
|
+
.join(" ")
|
|
109
|
+
.replace(/<terminal-context[\s\S]*?<\/terminal-context>/g, "")
|
|
110
|
+
.replace(/<selection[\s\S]*?<\/selection>/g, "")
|
|
111
|
+
.replace(/<file[\s\S]*?<\/file>/g, "")
|
|
112
|
+
.trim();
|
|
113
|
+
if (!text) continue;
|
|
114
|
+
const first = text.split("\n")[0].trim();
|
|
115
|
+
return first.length > 40 ? `${first.slice(0, 40)}…` : first;
|
|
116
|
+
}
|
|
117
|
+
return "New chat";
|
|
118
|
+
}
|
|
119
|
+
```
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: slash-commands
|
|
3
|
+
description: Slash command interception system for plan mode, workspace initialization, and prompt template injection.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Slash Commands
|
|
9
|
+
|
|
10
|
+
Slash commands intercept user input starting with `/` (or `#` for snippet references) and transform them into structured actions before sending to the agent.
|
|
11
|
+
|
|
12
|
+
## Command Outcomes
|
|
13
|
+
|
|
14
|
+
| Outcome | Behavior |
|
|
15
|
+
|---------|----------|
|
|
16
|
+
| `handled` | Command ran; do NOT send a chat message |
|
|
17
|
+
| `send-prompt` | Replace user text with a template prompt, then send |
|
|
18
|
+
| `none` | Not a slash command; send as normal chat message |
|
|
19
|
+
|
|
20
|
+
## Built-in Commands
|
|
21
|
+
|
|
22
|
+
### /init — Initialize Workspace
|
|
23
|
+
|
|
24
|
+
**Outcome:** `send-prompt`
|
|
25
|
+
|
|
26
|
+
Sends a workspace scanning prompt that instructs the agent to:
|
|
27
|
+
1. Explore the codebase structure
|
|
28
|
+
2. Read key files (package.json, Cargo.toml, etc.)
|
|
29
|
+
3. Identify build/test/lint commands
|
|
30
|
+
4. Produce `TERAX.md` / project memory file at workspace root
|
|
31
|
+
|
|
32
|
+
**Prompt Template:**
|
|
33
|
+
```
|
|
34
|
+
Scan this workspace and produce a project memory file with:
|
|
35
|
+
- One-paragraph project description
|
|
36
|
+
- Build / test / dev commands
|
|
37
|
+
- Architecture overview (subsystems, data flow, key dirs)
|
|
38
|
+
- Conventions worth knowing
|
|
39
|
+
- Paths to entry points
|
|
40
|
+
Cap under 200 lines.
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
### /plan — Plan Mode Toggle
|
|
44
|
+
|
|
45
|
+
**Outcome:** `handled`
|
|
46
|
+
|
|
47
|
+
Toggles plan mode on/off:
|
|
48
|
+
- `/plan` or `/plan on` → Enable plan mode
|
|
49
|
+
- `/plan off` or `/plan exit` → Disable plan mode
|
|
50
|
+
|
|
51
|
+
### /validate — Run Validators
|
|
52
|
+
|
|
53
|
+
**Outcome:** `send-prompt`
|
|
54
|
+
|
|
55
|
+
Sends a validation prompt instructing the agent to run all configured validators.
|
|
56
|
+
|
|
57
|
+
### /scope — Classify Task Scope
|
|
58
|
+
|
|
59
|
+
**Outcome:** `send-prompt`
|
|
60
|
+
|
|
61
|
+
Sends a scope classification prompt to determine required validators.
|
|
62
|
+
|
|
63
|
+
## Command Format
|
|
64
|
+
|
|
65
|
+
```
|
|
66
|
+
/<command> [arguments]
|
|
67
|
+
|
|
68
|
+
Examples:
|
|
69
|
+
/plan on
|
|
70
|
+
/plan off
|
|
71
|
+
/init
|
|
72
|
+
/validate all
|
|
73
|
+
/scope implement auth module with OAuth2
|
|
74
|
+
```
|
|
75
|
+
|
|
76
|
+
## Command Marker Protocol
|
|
77
|
+
|
|
78
|
+
Commands are wrapped in XML markers for agent processing:
|
|
79
|
+
|
|
80
|
+
```xml
|
|
81
|
+
<terax-command name="init" />
|
|
82
|
+
|
|
83
|
+
[expanded prompt follows]
|
|
84
|
+
```
|
|
85
|
+
|
|
86
|
+
This allows the agent to recognize the command context in the conversation.
|
|
87
|
+
|
|
88
|
+
## Extending Commands
|
|
89
|
+
|
|
90
|
+
Add new commands by registering in the command registry:
|
|
91
|
+
|
|
92
|
+
```typescript
|
|
93
|
+
interface SlashCommand {
|
|
94
|
+
name: string; // Command name
|
|
95
|
+
invocation: string; // "/command"
|
|
96
|
+
label: string; // Display label
|
|
97
|
+
icon: IconComponent; // UI icon
|
|
98
|
+
handler: (args: string) => SlashOutcome;
|
|
99
|
+
}
|
|
100
|
+
```
|
|
101
|
+
|
|
102
|
+
## Snippet References (#handle)
|
|
103
|
+
|
|
104
|
+
Input starting with `#` that matches a known snippet handle is treated as a snippet expansion:
|
|
105
|
+
|
|
106
|
+
```
|
|
107
|
+
#security-review — check the auth module
|
|
108
|
+
```
|
|
109
|
+
|
|
110
|
+
Expands to:
|
|
111
|
+
```
|
|
112
|
+
<snippet name="security-review">
|
|
113
|
+
[security review instructions]
|
|
114
|
+
</snippet>
|
|
115
|
+
|
|
116
|
+
check the auth module
|
|
117
|
+
```
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: snippets
|
|
3
|
+
description: Reusable prompt fragments injected via #handle tokens. Compressed skill loading for on-demand context injection without full file reads.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Snippets System
|
|
9
|
+
|
|
10
|
+
Snippets are reusable prompt fragments referenced by `#handle` tokens in chat. When the agent (or user) types `#handle`, the snippet body is expanded into an XML block and prepended to the message.
|
|
11
|
+
|
|
12
|
+
## Handle Format
|
|
13
|
+
|
|
14
|
+
- **Syntax:** `#handle` — lowercase alphanumeric with hyphens
|
|
15
|
+
- **Pattern:** `^[a-z0-9][a-z0-9-]*$`
|
|
16
|
+
- **Examples:** `#security-review`, `#rust-error-handling`, `#api-conventions`
|
|
17
|
+
|
|
18
|
+
## Expansion
|
|
19
|
+
|
|
20
|
+
`#handle` tokens are replaced with:
|
|
21
|
+
|
|
22
|
+
```xml
|
|
23
|
+
<snippet name="handle">
|
|
24
|
+
[snippet content]
|
|
25
|
+
</snippet>
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
Multiple handles expand to multiple `<snippet>` blocks, prepended to the user message. Unknown handles are left as-is (no error).
|
|
29
|
+
|
|
30
|
+
## Snippet Structure
|
|
31
|
+
|
|
32
|
+
```typescript
|
|
33
|
+
interface Snippet {
|
|
34
|
+
id: string; // Unique ID: sn-{timestamp}-{random}
|
|
35
|
+
handle: string; // The #handle used to reference it
|
|
36
|
+
name: string; // Human-readable name
|
|
37
|
+
description: string; // One-line description shown in autocomplete
|
|
38
|
+
content: string; // The snippet body (injected as XML)
|
|
39
|
+
}
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
## Use Cases
|
|
43
|
+
|
|
44
|
+
### 1. Skill Quick-Load
|
|
45
|
+
|
|
46
|
+
Instead of loading a full skill file, reference a snippet:
|
|
47
|
+
|
|
48
|
+
```
|
|
49
|
+
#security-review — check the auth module for vulnerabilities
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
### 2. Code Patterns
|
|
53
|
+
|
|
54
|
+
```
|
|
55
|
+
#rust-result-types — use Result<T, E> with thiserror, never unwrap()
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
### 3. Project Conventions
|
|
59
|
+
|
|
60
|
+
```
|
|
61
|
+
#naming-conventions — use snake_case for functions, PascalCase for types
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
### 4. Common Instructions
|
|
65
|
+
|
|
66
|
+
```
|
|
67
|
+
#no-comments — don't add comments unless the WHY is non-obvious
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
## Token Efficiency
|
|
71
|
+
|
|
72
|
+
| Approach | Tokens |
|
|
73
|
+
|----------|--------|
|
|
74
|
+
| Load full skill file | 500–2000 tokens |
|
|
75
|
+
| Reference snippet | 50–300 tokens |
|
|
76
|
+
| **Savings** | **70–90% reduction** |
|
|
77
|
+
|
|
78
|
+
## Snippet Categories
|
|
79
|
+
|
|
80
|
+
| Category | Handles | Purpose |
|
|
81
|
+
|----------|---------|---------|
|
|
82
|
+
| Security | `#security-review`, `#threat-model` | Security-specific instructions |
|
|
83
|
+
| Patterns | `#rust-errors`, `#ts-strict`, `#go-interfaces` | Language-specific patterns |
|
|
84
|
+
| Conventions | `#naming`, `#no-comments`, `#dry` | Project-wide conventions |
|
|
85
|
+
| Workflow | `#test-first`, `#commit-clean`, `#pr-body` | Process instructions |
|
|
86
|
+
| Quality | `#no-unwrap`, `#validate-input`, `#handle-errors` | Quality gates |
|
|
87
|
+
|
|
88
|
+
## Persistence
|
|
89
|
+
|
|
90
|
+
Snippets are persisted in `.pi/snippets.json` (JSON array) in the workspace root. They survive sessions and can be managed via `/snippet` commands.
|
|
91
|
+
|
|
92
|
+
## Slash Commands
|
|
93
|
+
|
|
94
|
+
| Command | Action |
|
|
95
|
+
|---------|--------|
|
|
96
|
+
| `/snippet list` | List all snippets with handles and descriptions |
|
|
97
|
+
| `/snippet add <handle>` | Create a new snippet interactively |
|
|
98
|
+
| `/snippet remove <handle>` | Delete a snippet |
|
|
99
|
+
| `/snippet edit <handle>` | Edit snippet content |
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: subagent-registry
|
|
3
|
+
description: Delegates isolated investigations to scoped subagents with restricted tool access. Supports leaf and orchestrator roles for nested delegation.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read, Grep, Glob, Bash]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Subagent Registry
|
|
9
|
+
|
|
10
|
+
Spawn subagents for self-contained investigations without polluting your context. Each subagent has a **restricted tool whitelist**, a **fresh message history**, and a **role** that controls whether it can delegate further.
|
|
11
|
+
|
|
12
|
+
## Delegation Roles
|
|
13
|
+
|
|
14
|
+
| Role | Can Delegate? | Use Case |
|
|
15
|
+
|------|--------------|----------|
|
|
16
|
+
| `leaf` (default) | No | Single-task investigations, code review, security audit |
|
|
17
|
+
| `orchestrator` | Yes (bounded by `max_spawn_depth`) | Multi-stage workflows: research → synthesis, parallel decomposition |
|
|
18
|
+
|
|
19
|
+
### Role Rules
|
|
20
|
+
- **`leaf`** (default): Cannot spawn subagents. Identical to original flat-delegation behavior.
|
|
21
|
+
- **`orchestrator`**: Can delegate to leaf children. Gated by `delegation.max_spawn_depth` (default 1 = flat, so orchestrator is a no-op at defaults). Raise to 2 to allow orchestrator children to spawn leaf grandchildren.
|
|
22
|
+
- **Cost warning**: With `max_spawn_depth: 3` and `max_concurrent_children: 3`, the tree can reach 27 concurrent leaf agents. Each extra level multiplies spend.
|
|
23
|
+
|
|
24
|
+
## Subagent Types
|
|
25
|
+
|
|
26
|
+
### explore
|
|
27
|
+
- **Tools:** read_file, list_directory, grep, glob (read-only)
|
|
28
|
+
- **Purpose:** Locate files, trace references, summarize architecture
|
|
29
|
+
- **Max steps:** 12
|
|
30
|
+
- **Returns:** Concise summary with file paths, key findings, line numbers
|
|
31
|
+
|
|
32
|
+
### code-review
|
|
33
|
+
- **Tools:** read_file, list_directory, grep, glob (read-only)
|
|
34
|
+
- **Purpose:** Review code for correctness, architecture, performance
|
|
35
|
+
- **Max steps:** 12
|
|
36
|
+
- **Returns:** ACTIONABLE findings formatted as "[MUST/SHOULD/NIT] file:line — issue → fix"
|
|
37
|
+
|
|
38
|
+
### security-review
|
|
39
|
+
- **Tools:** read_file, list_directory, grep, glob (read-only)
|
|
40
|
+
- **Purpose:** Audit for injection, auth bypass, secret leakage, unsafe deserialization
|
|
41
|
+
- **Max steps:** 12
|
|
42
|
+
- **Returns:** Concrete findings with file:line and severity
|
|
43
|
+
|
|
44
|
+
### general-research
|
|
45
|
+
- **Tools:** read_file, list_directory, grep, glob (read-only)
|
|
46
|
+
- **Purpose:** General-purpose multi-step research across many files
|
|
47
|
+
- **Max steps:** 12
|
|
48
|
+
- **Returns:** Tight summary with evidence (paths, line numbers)
|
|
49
|
+
|
|
50
|
+
## Delegation Rules
|
|
51
|
+
|
|
52
|
+
1. **Use subagents for:** Large codebase exploration, multi-file code review, security audits, research spanning ≥3 files
|
|
53
|
+
2. **Do NOT use subagents for:** Single-file edits, trivial lookups, commands you can run yourself
|
|
54
|
+
3. **Include all context:** Subagents have NO memory of your conversation — include file paths, relevant context, and the exact question in the prompt
|
|
55
|
+
4. **Pick the right type:** Match subagent type to the job — don't use general-research when explore suffices
|
|
56
|
+
|
|
57
|
+
## Anti-Recursion
|
|
58
|
+
|
|
59
|
+
By default (`max_spawn_depth: 1`), subagents CANNOT spawn subagents. If a subagent needs to delegate, it returns its findings and the parent agent decides whether to spawn another. When `max_spawn_depth` is raised, only `role: orchestrator` subagents can spawn leaf children.
|
|
60
|
+
|
|
61
|
+
## Tool Scoping
|
|
62
|
+
|
|
63
|
+
Subagents are scoped to **read-only tools only**. They cannot:
|
|
64
|
+
- Write files
|
|
65
|
+
- Run shell commands
|
|
66
|
+
- Create directories
|
|
67
|
+
- Spawn other subagents
|
|
68
|
+
|
|
69
|
+
## When to Delegate
|
|
70
|
+
|
|
71
|
+
| Situation | Action |
|
|
72
|
+
|-----------|--------|
|
|
73
|
+
| "Where is X defined?" in a large codebase | → explore subagent |
|
|
74
|
+
| "Review this PR's changes" | → code-review subagent |
|
|
75
|
+
| "Check for security issues in auth module" | → security-review subagent |
|
|
76
|
+
| "How does data flow from A to B?" | → general-research subagent |
|
|
77
|
+
| "Read this one file" | → Do it yourself |
|
|
78
|
+
| "Run the tests" | → Do it yourself |
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: test-validator
|
|
3
|
+
description: Validates test coverage and quality. Use post-implementation.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read, Grep, Glob, Bash]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Test Validator
|
|
9
|
+
|
|
10
|
+
You validate test coverage and quality.
|
|
11
|
+
|
|
12
|
+
## Context
|
|
13
|
+
- `.pi/context/project.md` — project knowledge
|
|
14
|
+
- `.pi/context/checklists.md` — test checklist
|
|
15
|
+
- `.pi/context/output-formats.md` — report format
|
|
16
|
+
|
|
17
|
+
## Checks
|
|
18
|
+
|
|
19
|
+
1. **All tests pass** — Run full test suite
|
|
20
|
+
2. **Coverage ≥ 80%** — Run coverage tool
|
|
21
|
+
3. **New code tested** — Every new function has tests
|
|
22
|
+
4. **AAA pattern** — Arrange-Act-Assert structure
|
|
23
|
+
5. **No flaky tests** — Deterministic, no timing dependencies
|
|
24
|
+
|
|
25
|
+
## Automated (Run via Script)
|
|
26
|
+
|
|
27
|
+
```bash
|
|
28
|
+
# Run all tests
|
|
29
|
+
[test command]
|
|
30
|
+
|
|
31
|
+
# Coverage
|
|
32
|
+
[coverage command]
|
|
33
|
+
|
|
34
|
+
# Architecture contracts
|
|
35
|
+
[contract test command]
|
|
36
|
+
|
|
37
|
+
# E2E tests
|
|
38
|
+
[e2e test command]
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
## Output
|
|
42
|
+
Use format from `.pi/context/output-formats.md` → "Validation Report"
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# Architecture Validator Skill
|
|
2
|
+
|
|
3
|
+
Validates architecture compliance. Use for plan review and post-code wiring checks.
|
|
4
|
+
|
|
5
|
+
## When to Run
|
|
6
|
+
|
|
7
|
+
| Phase | Scope | Checks |
|
|
8
|
+
|-------|-------|--------|
|
|
9
|
+
| Plan review | Moderate+ | Design follows patterns, module organization |
|
|
10
|
+
| Post-code | All | Wiring checks only (callers, duplicates, imports) |
|
|
11
|
+
|
|
12
|
+
## Context Files
|
|
13
|
+
|
|
14
|
+
- `.pi/context/project.md` — scope classification
|
|
15
|
+
- `.pi/context/checklists.md` — architecture checklist
|
|
16
|
+
- `.pi/context/output-formats.md` — report format
|
|
17
|
+
|
|
18
|
+
## Post-Code Wiring Checks
|
|
19
|
+
|
|
20
|
+
```bash
|
|
21
|
+
# 1. Callers exist (not dead code)
|
|
22
|
+
grep -r "new_function" [src paths]
|
|
23
|
+
|
|
24
|
+
# 2. No duplicate types
|
|
25
|
+
grep -r "struct TypeName|class TypeName" [src paths]
|
|
26
|
+
|
|
27
|
+
# 3. Module used
|
|
28
|
+
grep -r "import.*module" [src paths]
|
|
29
|
+
|
|
30
|
+
# 4. Tools registered (if applicable)
|
|
31
|
+
grep -r "register" [registry file]
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
## Tools
|
|
35
|
+
|
|
36
|
+
- Read: Read files
|
|
37
|
+
- Grep: Search patterns
|
|
38
|
+
- Glob: Find files
|
|
39
|
+
- Bash: Run validation scripts
|
|
40
|
+
|
|
41
|
+
## Output
|
|
42
|
+
|
|
43
|
+
Use `.pi/context/output-formats.md` → "Validation Report"
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# CI Validator Skill
|
|
2
|
+
|
|
3
|
+
Automated CI/merge validator. Runs scripts, minimal LLM reasoning.
|
|
4
|
+
|
|
5
|
+
## Validation
|
|
6
|
+
|
|
7
|
+
Run `.pi/scripts/validate-ci.sh` for:
|
|
8
|
+
- Build success
|
|
9
|
+
- Tests pass
|
|
10
|
+
- Lint passes
|
|
11
|
+
- Format check
|
|
12
|
+
- Security audit
|
|
13
|
+
|
|
14
|
+
## Enforcement
|
|
15
|
+
|
|
16
|
+
- **All checks must pass** before merge
|
|
17
|
+
- **No partial approvals**
|
|
18
|
+
- Report failures with specific errors
|
|
19
|
+
|
|
20
|
+
## Tools
|
|
21
|
+
|
|
22
|
+
- Bash: Run all validation scripts
|
|
23
|
+
- Read: Check CI configuration
|
|
24
|
+
|
|
25
|
+
## Output
|
|
26
|
+
|
|
27
|
+
Script outputs standardized report. No additional LLM processing needed.
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: context-compaction
|
|
3
|
+
description: Strategies for managing context window limits through intelligent elision and compaction.
|
|
4
|
+
model: inherit
|
|
5
|
+
tools: [Read]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Context Compaction Strategy
|
|
9
|
+
|
|
10
|
+
When conversations grow large, apply these compaction strategies to stay within context limits.
|
|
11
|
+
|
|
12
|
+
## Budget-Aware Thresholds
|
|
13
|
+
|
|
14
|
+
| Context Usage | Action |
|
|
15
|
+
|---------------|--------|
|
|
16
|
+
| 0–55% | No compaction needed |
|
|
17
|
+
| 55–70% | Elide superseded read results |
|
|
18
|
+
| 70–90% | Elide all old tool results (keep last 24 messages) |
|
|
19
|
+
| 90%+ | Aggressive compaction — summarize early conversation |
|
|
20
|
+
|
|
21
|
+
## Superseded Read Elision
|
|
22
|
+
|
|
23
|
+
When a file has been **mutated** (edit, write_file, multi_edit) since it was last read, the old read result no longer provides useful context. Replace it with:
|
|
24
|
+
|
|
25
|
+
```
|
|
26
|
+
[elided to save context — see prior tool call in history]
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
**Rule:** Track mutation paths from tool calls. If a `read_file` result's path appears in any subsequent mutation tool call input, elide that read result.
|
|
30
|
+
|
|
31
|
+
## Tail Preservation
|
|
32
|
+
|
|
33
|
+
Never elide the **last 24 messages**. Recent context is always more valuable than distant history. Keep the conversation tail intact at all cost levels.
|
|
34
|
+
|
|
35
|
+
## System Message Protection
|
|
36
|
+
|
|
37
|
+
**Never** elide system messages. They contain operating principles, tool descriptions, and behavioral instructions that govern every turn.
|
|
38
|
+
|
|
39
|
+
## Read Cache Invalidation
|
|
40
|
+
|
|
41
|
+
After any mutation to a file:
|
|
42
|
+
1. Remove the file from your read cache
|
|
43
|
+
2. Next `read_file` on that path will return fresh content
|
|
44
|
+
3. If you read the same file twice without intervening edits, the second call returns `{unchanged: true}` — skip re-reading
|
|
45
|
+
|
|
46
|
+
## Token Budget Rules
|
|
47
|
+
|
|
48
|
+
- `read_file` defaults to first 2000 lines / 25KB — use `offset`/`limit` for large files
|
|
49
|
+
- One focused `grep` beats three `list_directory` calls
|
|
50
|
+
- Don't re-read files you already have in context unless they were modified
|
|
51
|
+
- Before 5+ tool calls in a row, write a one-line plan via `todo_write`
|
|
52
|
+
|
|
53
|
+
## Compact Format
|
|
54
|
+
|
|
55
|
+
When space is tight, prefer compact tool results:
|
|
56
|
+
|
|
57
|
+
```
|
|
58
|
+
# Verbose (200 tokens)
|
|
59
|
+
{
|
|
60
|
+
"path": "/src/auth.ts",
|
|
61
|
+
"content": "import { ... } ... [100 lines of code]"
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
# Compact (8 tokens)
|
|
65
|
+
{
|
|
66
|
+
"path": "/src/auth.ts",
|
|
67
|
+
"size": 2456,
|
|
68
|
+
"lines": 120
|
|
69
|
+
}
|
|
70
|
+
```
|
|
71
|
+
|
|
72
|
+
Use compact format for: file listings, grep summaries, directory trees.
|
|
73
|
+
Use verbose format only when you need the actual content to reason about changes.
|