instrlint 0.1.7 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +19 -0
- package/README.zh-TW.md +19 -0
- package/package.json +1 -1
- package/skills/claude-code/SKILL.md +4 -4
- package/skills/codex/SKILL.md +4 -4
package/README.md
CHANGED
|
@@ -69,6 +69,8 @@ Run from your project root where `CLAUDE.md` or `AGENTS.md` lives.
|
|
|
69
69
|
|
|
70
70
|
**Auto-fix** — `--fix` safely removes dead rules, stale refs, and exact duplicates. Requires a clean git working tree.
|
|
71
71
|
|
|
72
|
+
**LLM Verification** — `/instrlint --verify` (Claude Code / Codex skill) runs a two-pass protocol: instrlint emits low-confidence findings as `candidates.json`, you (the host agent) judge each one and write `verdicts.json`, then instrlint merges results — filtering false positives and attaching `✓ confirmed` / `❓ uncertain` badges. No API key required; the host model is the verifier.
|
|
73
|
+
|
|
72
74
|
**CI Integration** — `instrlint ci` exits 0 or 1 based on findings severity, with SARIF output for GitHub Code Scanning.
|
|
73
75
|
|
|
74
76
|
## Supported tools
|
|
@@ -106,6 +108,11 @@ instrlint init-ci --gitlab # Print GitLab CI snippet to stdout
|
|
|
106
108
|
instrlint install --claude-code # Install as global Claude Code skill
|
|
107
109
|
instrlint install --claude-code --project # Install into project
|
|
108
110
|
instrlint install --codex # Install as Codex skill
|
|
111
|
+
|
|
112
|
+
# Host-orchestrated LLM verification (two-pass, no API key needed)
|
|
113
|
+
instrlint --emit-candidates instrlint-candidates.json # Write low-confidence findings for host LLM to judge
|
|
114
|
+
instrlint --emit-candidates instrlint-candidates.json --skip-report # Same, without printing the report
|
|
115
|
+
instrlint --apply-verdicts instrlint-verdicts.json # Apply host LLM verdicts and re-render report
|
|
109
116
|
```
|
|
110
117
|
|
|
111
118
|
## CI Integration
|
|
@@ -155,10 +162,22 @@ Then **restart Claude Code** to activate the command. Then in your editor:
|
|
|
155
162
|
/instrlint
|
|
156
163
|
/instrlint --fix
|
|
157
164
|
/instrlint ci --fail-on warning
|
|
165
|
+
/instrlint --verify
|
|
158
166
|
```
|
|
159
167
|
|
|
160
168
|
> **Note:** Claude Code only loads custom commands at startup. `/reload-plugins` does not pick up newly installed commands.
|
|
161
169
|
|
|
170
|
+
### LLM verification (`/instrlint --verify`)
|
|
171
|
+
|
|
172
|
+
The `--verify` flag triggers a two-pass protocol where the host agent (Claude Code or Codex) judges low-confidence findings to eliminate false positives:
|
|
173
|
+
|
|
174
|
+
1. **Emit candidates** — instrlint writes `instrlint-candidates.json` with contradiction/duplicate findings that need semantic review
|
|
175
|
+
2. **Judge** — you (or the host agent) read the file and determine `confirmed` / `rejected` / `uncertain` for each
|
|
176
|
+
3. **Write verdicts** — save decisions to `instrlint-verdicts.json`
|
|
177
|
+
4. **Apply** — instrlint merges verdicts, filters rejected findings, and re-renders the report with `✓` / `❓` badges
|
|
178
|
+
|
|
179
|
+
instrlint never calls an LLM API. It delegates judgment to whatever model is already running the session.
|
|
180
|
+
|
|
162
181
|
## Score and grade
|
|
163
182
|
|
|
164
183
|
| Grade | Score | Meaning |
|
package/README.zh-TW.md
CHANGED
|
@@ -75,6 +75,8 @@ npx instrlint --lang zh-TW
|
|
|
75
75
|
|
|
76
76
|
**自動修復** — `--fix` 安全地移除冗餘規則、過時參照和完全重複的規則。需要乾淨的 git 工作目錄。
|
|
77
77
|
|
|
78
|
+
**LLM 驗證** — `/instrlint --verify`(Claude Code / Codex skill)執行兩段式驗證協議:instrlint 將低信心的 findings 輸出為 `candidates.json`,由你(host agent)逐一判斷後寫入 `verdicts.json`,再由 instrlint 合併結果 — 過濾 false positive,並附上 `✓ confirmed` / `❓ uncertain` badge。不需要任何 API key;host model 本身就是驗證者。
|
|
79
|
+
|
|
78
80
|
**CI 整合** — `instrlint ci` 依 findings 嚴重程度回傳 exit code 0 或 1,並支援 SARIF 輸出供 GitHub Code Scanning 使用。
|
|
79
81
|
|
|
80
82
|
## 支援工具
|
|
@@ -112,6 +114,11 @@ instrlint init-ci --gitlab # 輸出 GitLab CI 設定片段
|
|
|
112
114
|
instrlint install --claude-code # 安裝為全域 Claude Code skill
|
|
113
115
|
instrlint install --claude-code --project # 安裝到專案
|
|
114
116
|
instrlint install --codex # 安裝為 Codex skill
|
|
117
|
+
|
|
118
|
+
# 由 host 協調的 LLM 驗證(兩段式,不需要 API key)
|
|
119
|
+
instrlint --emit-candidates instrlint-candidates.json # 將低信心 findings 輸出供 host LLM 判斷
|
|
120
|
+
instrlint --emit-candidates instrlint-candidates.json --skip-report # 同上,不印報告
|
|
121
|
+
instrlint --apply-verdicts instrlint-verdicts.json # 套用 host LLM 的判斷結果並重新呈現報告
|
|
115
122
|
```
|
|
116
123
|
|
|
117
124
|
## CI 整合
|
|
@@ -161,10 +168,22 @@ npx instrlint install --codex
|
|
|
161
168
|
/instrlint
|
|
162
169
|
/instrlint --fix
|
|
163
170
|
/instrlint ci --fail-on warning
|
|
171
|
+
/instrlint --verify
|
|
164
172
|
```
|
|
165
173
|
|
|
166
174
|
> **注意:** Claude Code 只在啟動時載入 custom commands。`/reload-plugins` 無法載入新安裝的指令。
|
|
167
175
|
|
|
176
|
+
### LLM 驗證(`/instrlint --verify`)
|
|
177
|
+
|
|
178
|
+
`--verify` 觸發兩段式協議,由 host agent(Claude Code 或 Codex)判斷低信心的 findings 以消除 false positive:
|
|
179
|
+
|
|
180
|
+
1. **輸出 candidates** — instrlint 將需要語意審查的 contradiction / duplicate findings 寫成 `instrlint-candidates.json`
|
|
181
|
+
2. **判斷** — 你(或 host agent)讀取檔案,對每筆 finding 決定 `confirmed` / `rejected` / `uncertain`
|
|
182
|
+
3. **寫 verdicts** — 將判斷結果儲存為 `instrlint-verdicts.json`
|
|
183
|
+
4. **套用** — instrlint 合併 verdicts,過濾被 rejected 的 findings,並重新輸出附有 `✓` / `❓` badge 的報告
|
|
184
|
+
|
|
185
|
+
instrlint 從不呼叫任何 LLM API,而是將判斷委託給當前 session 中正在運行的 model。
|
|
186
|
+
|
|
168
187
|
## 分數與等級
|
|
169
188
|
|
|
170
189
|
| 等級 | 分數 | 說明 |
|
package/package.json
CHANGED
|
@@ -49,16 +49,16 @@ contradiction / duplicate detector 是純文字啟發式,可能產生 false po
|
|
|
49
49
|
**Step 1** — 產出 candidates:
|
|
50
50
|
|
|
51
51
|
```bash
|
|
52
|
-
npx instrlint@latest --emit-candidates
|
|
52
|
+
npx instrlint@latest --emit-candidates instrlint-candidates.json --skip-report --lang <detected>
|
|
53
53
|
```
|
|
54
54
|
|
|
55
55
|
**Step 2** — 讀取並判斷:
|
|
56
56
|
|
|
57
|
-
用 Read tool 讀
|
|
57
|
+
用 Read tool 讀 `instrlint-candidates.json`。對每個 candidate,根據下方「判斷框架」做出 verdict。
|
|
58
58
|
|
|
59
59
|
**Step 3** — 寫出 verdicts:
|
|
60
60
|
|
|
61
|
-
用 Write tool 寫
|
|
61
|
+
用 Write tool 寫 `instrlint-verdicts.json`:
|
|
62
62
|
|
|
63
63
|
```json
|
|
64
64
|
{
|
|
@@ -74,7 +74,7 @@ npx instrlint@latest --emit-candidates /tmp/instrlint-candidates.json --skip-rep
|
|
|
74
74
|
**Step 4** — 套用 verdicts 並呈現報告:
|
|
75
75
|
|
|
76
76
|
```bash
|
|
77
|
-
npx instrlint@latest --apply-verdicts
|
|
77
|
+
npx instrlint@latest --apply-verdicts instrlint-verdicts.json --format markdown --lang <detected>
|
|
78
78
|
```
|
|
79
79
|
|
|
80
80
|
把輸出的 markdown 報告原樣呈現給使用者,不要摘要或改寫。
|
package/skills/codex/SKILL.md
CHANGED
|
@@ -43,16 +43,16 @@ contradiction / duplicate detector 是純文字啟發式,可能產生 false po
|
|
|
43
43
|
**Step 1** — 產出 candidates:
|
|
44
44
|
|
|
45
45
|
```bash
|
|
46
|
-
npx instrlint@latest --emit-candidates
|
|
46
|
+
npx instrlint@latest --emit-candidates instrlint-candidates.json --skip-report --lang <detected>
|
|
47
47
|
```
|
|
48
48
|
|
|
49
49
|
**Step 2** — 讀取並判斷:
|
|
50
50
|
|
|
51
|
-
讀
|
|
51
|
+
讀 `instrlint-candidates.json`。對每個 candidate,根據下方「判斷框架」做出 verdict。
|
|
52
52
|
|
|
53
53
|
**Step 3** — 寫出 verdicts:
|
|
54
54
|
|
|
55
|
-
寫
|
|
55
|
+
寫 `instrlint-verdicts.json`:
|
|
56
56
|
|
|
57
57
|
```json
|
|
58
58
|
{
|
|
@@ -68,7 +68,7 @@ npx instrlint@latest --emit-candidates /tmp/instrlint-candidates.json --skip-rep
|
|
|
68
68
|
**Step 4** — 套用 verdicts 並呈現報告:
|
|
69
69
|
|
|
70
70
|
```bash
|
|
71
|
-
npx instrlint@latest --apply-verdicts
|
|
71
|
+
npx instrlint@latest --apply-verdicts instrlint-verdicts.json --format markdown --lang <detected>
|
|
72
72
|
```
|
|
73
73
|
|
|
74
74
|
### candidates.json 格式
|