mustflow 1.18.16 → 1.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (303) hide show
  1. package/README.md +16 -6
  2. package/dist/cli/commands/adapters.js +90 -0
  3. package/dist/cli/commands/classify.js +3 -4
  4. package/dist/cli/commands/contract-lint.js +26 -6
  5. package/dist/cli/commands/dashboard.js +103 -4
  6. package/dist/cli/commands/explain-verify.js +213 -0
  7. package/dist/cli/commands/explain.js +48 -4
  8. package/dist/cli/commands/handoff.js +136 -0
  9. package/dist/cli/commands/run.js +97 -136
  10. package/dist/cli/commands/update.js +91 -61
  11. package/dist/cli/commands/verify.js +230 -137
  12. package/dist/cli/i18n/en.js +65 -4
  13. package/dist/cli/i18n/es.js +65 -4
  14. package/dist/cli/i18n/fr.js +65 -4
  15. package/dist/cli/i18n/hi.js +65 -4
  16. package/dist/cli/i18n/ko.js +65 -4
  17. package/dist/cli/i18n/zh.js +65 -4
  18. package/dist/cli/index.js +11 -0
  19. package/dist/cli/lib/command-registry.js +10 -0
  20. package/dist/cli/lib/dashboard-export.js +775 -0
  21. package/dist/cli/lib/local-index.js +22 -6
  22. package/dist/cli/lib/run-plan.js +222 -0
  23. package/dist/cli/lib/templates.js +18 -3
  24. package/dist/cli/lib/update-diff-preview.js +163 -0
  25. package/dist/cli/lib/validation.js +22 -0
  26. package/dist/core/adapter-compatibility.js +235 -0
  27. package/dist/core/change-classification.js +9 -0
  28. package/dist/core/change-verification.js +10 -3
  29. package/dist/core/check-issues.js +4 -0
  30. package/dist/core/command-contract-validation.js +14 -0
  31. package/dist/core/command-cwd.js +18 -6
  32. package/dist/core/command-env.js +91 -0
  33. package/dist/core/contract-lint.js +165 -3
  34. package/dist/core/contract-models.js +172 -0
  35. package/dist/core/dashboard-verification.js +2 -0
  36. package/dist/core/doc-review-triage.js +1 -0
  37. package/dist/core/handoff-record.js +376 -0
  38. package/dist/core/public-json-contracts.js +16 -0
  39. package/dist/core/run-receipt.js +46 -7
  40. package/dist/core/run-write-drift.js +180 -0
  41. package/dist/core/secret-redaction.js +39 -0
  42. package/dist/core/source-anchors.js +3 -5
  43. package/dist/core/verification-decision-graph.js +223 -0
  44. package/package.json +3 -1
  45. package/schemas/README.md +11 -4
  46. package/schemas/adapter-compatibility-report.schema.json +184 -0
  47. package/schemas/change-verification-report.schema.json +133 -1
  48. package/schemas/commands.schema.json +8 -1
  49. package/schemas/contract-lint-report.schema.json +48 -0
  50. package/schemas/explain-report.schema.json +265 -2
  51. package/schemas/handoff-validation-report.schema.json +68 -0
  52. package/schemas/run-receipt.schema.json +74 -1
  53. package/templates/default/common/.mustflow/config/commands.toml +2 -0
  54. package/templates/default/i18n.toml +78 -234
  55. package/templates/default/locales/en/.mustflow/skills/INDEX.md +7 -3
  56. package/templates/default/locales/en/.mustflow/skills/architecture-deepening-review/SKILL.md +154 -0
  57. package/templates/default/locales/en/.mustflow/skills/behavior-preserving-refactor/SKILL.md +8 -3
  58. package/templates/default/locales/en/.mustflow/skills/code-review/SKILL.md +9 -4
  59. package/templates/default/locales/en/.mustflow/skills/date-number-audit/SKILL.md +19 -4
  60. package/templates/default/locales/en/.mustflow/skills/diff-risk-review/SKILL.md +4 -2
  61. package/templates/default/locales/en/.mustflow/skills/external-skill-intake/SKILL.md +141 -0
  62. package/templates/default/locales/en/.mustflow/skills/release-notes-authoring/SKILL.md +143 -0
  63. package/templates/default/locales/en/.mustflow/skills/repro-first-debug/SKILL.md +22 -8
  64. package/templates/default/locales/en/.mustflow/skills/skill-authoring/SKILL.md +3 -3
  65. package/templates/default/locales/en/.mustflow/skills/source-freshness-check/SKILL.md +22 -9
  66. package/templates/default/locales/en/.mustflow/skills/ui-quality-gate/SKILL.md +21 -13
  67. package/templates/default/locales/en/.mustflow/skills/vertical-slice-tdd/SKILL.md +167 -0
  68. package/templates/default/manifest.toml +16 -1
  69. package/templates/default/locales/es/.mustflow/skills/INDEX.md +0 -75
  70. package/templates/default/locales/es/.mustflow/skills/adapter-boundary/SKILL.md +0 -193
  71. package/templates/default/locales/es/.mustflow/skills/artifact-integrity-check/SKILL.md +0 -114
  72. package/templates/default/locales/es/.mustflow/skills/behavior-preserving-refactor/SKILL.md +0 -182
  73. package/templates/default/locales/es/.mustflow/skills/code-review/SKILL.md +0 -115
  74. package/templates/default/locales/es/.mustflow/skills/codebase-orientation/SKILL.md +0 -115
  75. package/templates/default/locales/es/.mustflow/skills/command-pattern/SKILL.md +0 -247
  76. package/templates/default/locales/es/.mustflow/skills/composition-over-inheritance/SKILL.md +0 -176
  77. package/templates/default/locales/es/.mustflow/skills/contract-sync-check/SKILL.md +0 -116
  78. package/templates/default/locales/es/.mustflow/skills/database-change-safety/SKILL.md +0 -155
  79. package/templates/default/locales/es/.mustflow/skills/date-number-audit/SKILL.md +0 -116
  80. package/templates/default/locales/es/.mustflow/skills/dependency-injection/SKILL.md +0 -161
  81. package/templates/default/locales/es/.mustflow/skills/dependency-reality-check/SKILL.md +0 -115
  82. package/templates/default/locales/es/.mustflow/skills/diff-risk-review/SKILL.md +0 -136
  83. package/templates/default/locales/es/.mustflow/skills/docs-prose-review/SKILL.md +0 -119
  84. package/templates/default/locales/es/.mustflow/skills/docs-update/SKILL.md +0 -97
  85. package/templates/default/locales/es/.mustflow/skills/external-prompt-injection-defense/SKILL.md +0 -116
  86. package/templates/default/locales/es/.mustflow/skills/facade-pattern/SKILL.md +0 -210
  87. package/templates/default/locales/es/.mustflow/skills/failure-triage/SKILL.md +0 -97
  88. package/templates/default/locales/es/.mustflow/skills/instruction-conflict-scope-check/SKILL.md +0 -118
  89. package/templates/default/locales/es/.mustflow/skills/line-ending-hygiene/SKILL.md +0 -111
  90. package/templates/default/locales/es/.mustflow/skills/migration-safety-check/SKILL.md +0 -117
  91. package/templates/default/locales/es/.mustflow/skills/multi-agent-work-coordination/SKILL.md +0 -260
  92. package/templates/default/locales/es/.mustflow/skills/null-object-pattern/SKILL.md +0 -196
  93. package/templates/default/locales/es/.mustflow/skills/pattern-scout/SKILL.md +0 -110
  94. package/templates/default/locales/es/.mustflow/skills/performance-budget-check/SKILL.md +0 -121
  95. package/templates/default/locales/es/.mustflow/skills/project-context-authoring/SKILL.md +0 -107
  96. package/templates/default/locales/es/.mustflow/skills/pure-core-imperative-shell/SKILL.md +0 -212
  97. package/templates/default/locales/es/.mustflow/skills/readme-authoring/SKILL.md +0 -115
  98. package/templates/default/locales/es/.mustflow/skills/repo-improvement-loop/SKILL.md +0 -150
  99. package/templates/default/locales/es/.mustflow/skills/repro-first-debug/SKILL.md +0 -112
  100. package/templates/default/locales/es/.mustflow/skills/requirement-regression-guard/SKILL.md +0 -152
  101. package/templates/default/locales/es/.mustflow/skills/result-option/SKILL.md +0 -186
  102. package/templates/default/locales/es/.mustflow/skills/security-privacy-review/SKILL.md +0 -116
  103. package/templates/default/locales/es/.mustflow/skills/security-regression-tests/SKILL.md +0 -131
  104. package/templates/default/locales/es/.mustflow/skills/skill-authoring/SKILL.md +0 -110
  105. package/templates/default/locales/es/.mustflow/skills/source-freshness-check/SKILL.md +0 -111
  106. package/templates/default/locales/es/.mustflow/skills/state-machine-pattern/SKILL.md +0 -214
  107. package/templates/default/locales/es/.mustflow/skills/strategy-pattern/SKILL.md +0 -215
  108. package/templates/default/locales/es/.mustflow/skills/structure-discovery-gate/SKILL.md +0 -159
  109. package/templates/default/locales/es/.mustflow/skills/test-design-guard/SKILL.md +0 -162
  110. package/templates/default/locales/es/.mustflow/skills/test-maintenance/SKILL.md +0 -122
  111. package/templates/default/locales/es/.mustflow/skills/ui-quality-gate/SKILL.md +0 -117
  112. package/templates/default/locales/es/.mustflow/skills/visual-review-artifact/SKILL.md +0 -127
  113. package/templates/default/locales/es/.mustflow/skills/visual-review-artifact/assets/review-template.html +0 -286
  114. package/templates/default/locales/es/.mustflow/skills/visual-review-artifact/resources.toml +0 -7
  115. package/templates/default/locales/es/.mustflow/skills/web-asset-optimization/SKILL.md +0 -108
  116. package/templates/default/locales/fr/.mustflow/skills/INDEX.md +0 -75
  117. package/templates/default/locales/fr/.mustflow/skills/adapter-boundary/SKILL.md +0 -193
  118. package/templates/default/locales/fr/.mustflow/skills/artifact-integrity-check/SKILL.md +0 -114
  119. package/templates/default/locales/fr/.mustflow/skills/behavior-preserving-refactor/SKILL.md +0 -182
  120. package/templates/default/locales/fr/.mustflow/skills/code-review/SKILL.md +0 -115
  121. package/templates/default/locales/fr/.mustflow/skills/codebase-orientation/SKILL.md +0 -115
  122. package/templates/default/locales/fr/.mustflow/skills/command-pattern/SKILL.md +0 -247
  123. package/templates/default/locales/fr/.mustflow/skills/composition-over-inheritance/SKILL.md +0 -176
  124. package/templates/default/locales/fr/.mustflow/skills/contract-sync-check/SKILL.md +0 -116
  125. package/templates/default/locales/fr/.mustflow/skills/database-change-safety/SKILL.md +0 -155
  126. package/templates/default/locales/fr/.mustflow/skills/date-number-audit/SKILL.md +0 -116
  127. package/templates/default/locales/fr/.mustflow/skills/dependency-injection/SKILL.md +0 -161
  128. package/templates/default/locales/fr/.mustflow/skills/dependency-reality-check/SKILL.md +0 -115
  129. package/templates/default/locales/fr/.mustflow/skills/diff-risk-review/SKILL.md +0 -136
  130. package/templates/default/locales/fr/.mustflow/skills/docs-prose-review/SKILL.md +0 -119
  131. package/templates/default/locales/fr/.mustflow/skills/docs-update/SKILL.md +0 -97
  132. package/templates/default/locales/fr/.mustflow/skills/external-prompt-injection-defense/SKILL.md +0 -116
  133. package/templates/default/locales/fr/.mustflow/skills/facade-pattern/SKILL.md +0 -210
  134. package/templates/default/locales/fr/.mustflow/skills/failure-triage/SKILL.md +0 -97
  135. package/templates/default/locales/fr/.mustflow/skills/instruction-conflict-scope-check/SKILL.md +0 -118
  136. package/templates/default/locales/fr/.mustflow/skills/line-ending-hygiene/SKILL.md +0 -111
  137. package/templates/default/locales/fr/.mustflow/skills/migration-safety-check/SKILL.md +0 -117
  138. package/templates/default/locales/fr/.mustflow/skills/multi-agent-work-coordination/SKILL.md +0 -260
  139. package/templates/default/locales/fr/.mustflow/skills/null-object-pattern/SKILL.md +0 -196
  140. package/templates/default/locales/fr/.mustflow/skills/pattern-scout/SKILL.md +0 -110
  141. package/templates/default/locales/fr/.mustflow/skills/performance-budget-check/SKILL.md +0 -121
  142. package/templates/default/locales/fr/.mustflow/skills/project-context-authoring/SKILL.md +0 -107
  143. package/templates/default/locales/fr/.mustflow/skills/pure-core-imperative-shell/SKILL.md +0 -212
  144. package/templates/default/locales/fr/.mustflow/skills/readme-authoring/SKILL.md +0 -115
  145. package/templates/default/locales/fr/.mustflow/skills/repo-improvement-loop/SKILL.md +0 -150
  146. package/templates/default/locales/fr/.mustflow/skills/repro-first-debug/SKILL.md +0 -112
  147. package/templates/default/locales/fr/.mustflow/skills/requirement-regression-guard/SKILL.md +0 -152
  148. package/templates/default/locales/fr/.mustflow/skills/result-option/SKILL.md +0 -186
  149. package/templates/default/locales/fr/.mustflow/skills/security-privacy-review/SKILL.md +0 -116
  150. package/templates/default/locales/fr/.mustflow/skills/security-regression-tests/SKILL.md +0 -131
  151. package/templates/default/locales/fr/.mustflow/skills/skill-authoring/SKILL.md +0 -110
  152. package/templates/default/locales/fr/.mustflow/skills/source-freshness-check/SKILL.md +0 -111
  153. package/templates/default/locales/fr/.mustflow/skills/state-machine-pattern/SKILL.md +0 -214
  154. package/templates/default/locales/fr/.mustflow/skills/strategy-pattern/SKILL.md +0 -215
  155. package/templates/default/locales/fr/.mustflow/skills/structure-discovery-gate/SKILL.md +0 -159
  156. package/templates/default/locales/fr/.mustflow/skills/test-design-guard/SKILL.md +0 -162
  157. package/templates/default/locales/fr/.mustflow/skills/test-maintenance/SKILL.md +0 -122
  158. package/templates/default/locales/fr/.mustflow/skills/ui-quality-gate/SKILL.md +0 -117
  159. package/templates/default/locales/fr/.mustflow/skills/visual-review-artifact/SKILL.md +0 -127
  160. package/templates/default/locales/fr/.mustflow/skills/visual-review-artifact/assets/review-template.html +0 -286
  161. package/templates/default/locales/fr/.mustflow/skills/visual-review-artifact/resources.toml +0 -7
  162. package/templates/default/locales/fr/.mustflow/skills/web-asset-optimization/SKILL.md +0 -108
  163. package/templates/default/locales/hi/.mustflow/skills/INDEX.md +0 -75
  164. package/templates/default/locales/hi/.mustflow/skills/adapter-boundary/SKILL.md +0 -193
  165. package/templates/default/locales/hi/.mustflow/skills/artifact-integrity-check/SKILL.md +0 -114
  166. package/templates/default/locales/hi/.mustflow/skills/behavior-preserving-refactor/SKILL.md +0 -182
  167. package/templates/default/locales/hi/.mustflow/skills/code-review/SKILL.md +0 -115
  168. package/templates/default/locales/hi/.mustflow/skills/codebase-orientation/SKILL.md +0 -115
  169. package/templates/default/locales/hi/.mustflow/skills/command-pattern/SKILL.md +0 -247
  170. package/templates/default/locales/hi/.mustflow/skills/composition-over-inheritance/SKILL.md +0 -176
  171. package/templates/default/locales/hi/.mustflow/skills/contract-sync-check/SKILL.md +0 -116
  172. package/templates/default/locales/hi/.mustflow/skills/database-change-safety/SKILL.md +0 -155
  173. package/templates/default/locales/hi/.mustflow/skills/date-number-audit/SKILL.md +0 -116
  174. package/templates/default/locales/hi/.mustflow/skills/dependency-injection/SKILL.md +0 -161
  175. package/templates/default/locales/hi/.mustflow/skills/dependency-reality-check/SKILL.md +0 -115
  176. package/templates/default/locales/hi/.mustflow/skills/diff-risk-review/SKILL.md +0 -136
  177. package/templates/default/locales/hi/.mustflow/skills/docs-prose-review/SKILL.md +0 -119
  178. package/templates/default/locales/hi/.mustflow/skills/docs-update/SKILL.md +0 -97
  179. package/templates/default/locales/hi/.mustflow/skills/external-prompt-injection-defense/SKILL.md +0 -116
  180. package/templates/default/locales/hi/.mustflow/skills/facade-pattern/SKILL.md +0 -210
  181. package/templates/default/locales/hi/.mustflow/skills/failure-triage/SKILL.md +0 -97
  182. package/templates/default/locales/hi/.mustflow/skills/instruction-conflict-scope-check/SKILL.md +0 -118
  183. package/templates/default/locales/hi/.mustflow/skills/line-ending-hygiene/SKILL.md +0 -111
  184. package/templates/default/locales/hi/.mustflow/skills/migration-safety-check/SKILL.md +0 -117
  185. package/templates/default/locales/hi/.mustflow/skills/multi-agent-work-coordination/SKILL.md +0 -260
  186. package/templates/default/locales/hi/.mustflow/skills/null-object-pattern/SKILL.md +0 -196
  187. package/templates/default/locales/hi/.mustflow/skills/pattern-scout/SKILL.md +0 -110
  188. package/templates/default/locales/hi/.mustflow/skills/performance-budget-check/SKILL.md +0 -121
  189. package/templates/default/locales/hi/.mustflow/skills/project-context-authoring/SKILL.md +0 -107
  190. package/templates/default/locales/hi/.mustflow/skills/pure-core-imperative-shell/SKILL.md +0 -212
  191. package/templates/default/locales/hi/.mustflow/skills/readme-authoring/SKILL.md +0 -115
  192. package/templates/default/locales/hi/.mustflow/skills/repo-improvement-loop/SKILL.md +0 -150
  193. package/templates/default/locales/hi/.mustflow/skills/repro-first-debug/SKILL.md +0 -112
  194. package/templates/default/locales/hi/.mustflow/skills/requirement-regression-guard/SKILL.md +0 -152
  195. package/templates/default/locales/hi/.mustflow/skills/result-option/SKILL.md +0 -186
  196. package/templates/default/locales/hi/.mustflow/skills/security-privacy-review/SKILL.md +0 -116
  197. package/templates/default/locales/hi/.mustflow/skills/security-regression-tests/SKILL.md +0 -131
  198. package/templates/default/locales/hi/.mustflow/skills/skill-authoring/SKILL.md +0 -110
  199. package/templates/default/locales/hi/.mustflow/skills/source-freshness-check/SKILL.md +0 -111
  200. package/templates/default/locales/hi/.mustflow/skills/state-machine-pattern/SKILL.md +0 -214
  201. package/templates/default/locales/hi/.mustflow/skills/strategy-pattern/SKILL.md +0 -215
  202. package/templates/default/locales/hi/.mustflow/skills/structure-discovery-gate/SKILL.md +0 -159
  203. package/templates/default/locales/hi/.mustflow/skills/test-design-guard/SKILL.md +0 -162
  204. package/templates/default/locales/hi/.mustflow/skills/test-maintenance/SKILL.md +0 -122
  205. package/templates/default/locales/hi/.mustflow/skills/ui-quality-gate/SKILL.md +0 -117
  206. package/templates/default/locales/hi/.mustflow/skills/visual-review-artifact/SKILL.md +0 -127
  207. package/templates/default/locales/hi/.mustflow/skills/visual-review-artifact/assets/review-template.html +0 -286
  208. package/templates/default/locales/hi/.mustflow/skills/visual-review-artifact/resources.toml +0 -7
  209. package/templates/default/locales/hi/.mustflow/skills/web-asset-optimization/SKILL.md +0 -108
  210. package/templates/default/locales/ko/.mustflow/skills/INDEX.md +0 -80
  211. package/templates/default/locales/ko/.mustflow/skills/adapter-boundary/SKILL.md +0 -193
  212. package/templates/default/locales/ko/.mustflow/skills/artifact-integrity-check/SKILL.md +0 -114
  213. package/templates/default/locales/ko/.mustflow/skills/behavior-preserving-refactor/SKILL.md +0 -182
  214. package/templates/default/locales/ko/.mustflow/skills/code-review/SKILL.md +0 -118
  215. package/templates/default/locales/ko/.mustflow/skills/codebase-orientation/SKILL.md +0 -115
  216. package/templates/default/locales/ko/.mustflow/skills/command-pattern/SKILL.md +0 -247
  217. package/templates/default/locales/ko/.mustflow/skills/composition-over-inheritance/SKILL.md +0 -176
  218. package/templates/default/locales/ko/.mustflow/skills/contract-sync-check/SKILL.md +0 -116
  219. package/templates/default/locales/ko/.mustflow/skills/database-change-safety/SKILL.md +0 -155
  220. package/templates/default/locales/ko/.mustflow/skills/date-number-audit/SKILL.md +0 -116
  221. package/templates/default/locales/ko/.mustflow/skills/dependency-injection/SKILL.md +0 -161
  222. package/templates/default/locales/ko/.mustflow/skills/dependency-reality-check/SKILL.md +0 -115
  223. package/templates/default/locales/ko/.mustflow/skills/diff-risk-review/SKILL.md +0 -136
  224. package/templates/default/locales/ko/.mustflow/skills/docs-prose-review/SKILL.md +0 -119
  225. package/templates/default/locales/ko/.mustflow/skills/docs-update/SKILL.md +0 -107
  226. package/templates/default/locales/ko/.mustflow/skills/external-prompt-injection-defense/SKILL.md +0 -116
  227. package/templates/default/locales/ko/.mustflow/skills/facade-pattern/SKILL.md +0 -210
  228. package/templates/default/locales/ko/.mustflow/skills/failure-triage/SKILL.md +0 -119
  229. package/templates/default/locales/ko/.mustflow/skills/instruction-conflict-scope-check/SKILL.md +0 -118
  230. package/templates/default/locales/ko/.mustflow/skills/line-ending-hygiene/SKILL.md +0 -111
  231. package/templates/default/locales/ko/.mustflow/skills/migration-safety-check/SKILL.md +0 -117
  232. package/templates/default/locales/ko/.mustflow/skills/multi-agent-work-coordination/SKILL.md +0 -259
  233. package/templates/default/locales/ko/.mustflow/skills/null-object-pattern/SKILL.md +0 -196
  234. package/templates/default/locales/ko/.mustflow/skills/pattern-scout/SKILL.md +0 -110
  235. package/templates/default/locales/ko/.mustflow/skills/performance-budget-check/SKILL.md +0 -121
  236. package/templates/default/locales/ko/.mustflow/skills/project-context-authoring/SKILL.md +0 -107
  237. package/templates/default/locales/ko/.mustflow/skills/pure-core-imperative-shell/SKILL.md +0 -212
  238. package/templates/default/locales/ko/.mustflow/skills/readme-authoring/SKILL.md +0 -115
  239. package/templates/default/locales/ko/.mustflow/skills/repo-improvement-loop/SKILL.md +0 -150
  240. package/templates/default/locales/ko/.mustflow/skills/repro-first-debug/SKILL.md +0 -112
  241. package/templates/default/locales/ko/.mustflow/skills/requirement-regression-guard/SKILL.md +0 -152
  242. package/templates/default/locales/ko/.mustflow/skills/result-option/SKILL.md +0 -186
  243. package/templates/default/locales/ko/.mustflow/skills/security-privacy-review/SKILL.md +0 -116
  244. package/templates/default/locales/ko/.mustflow/skills/security-regression-tests/SKILL.md +0 -131
  245. package/templates/default/locales/ko/.mustflow/skills/skill-authoring/SKILL.md +0 -110
  246. package/templates/default/locales/ko/.mustflow/skills/source-freshness-check/SKILL.md +0 -111
  247. package/templates/default/locales/ko/.mustflow/skills/state-machine-pattern/SKILL.md +0 -214
  248. package/templates/default/locales/ko/.mustflow/skills/strategy-pattern/SKILL.md +0 -215
  249. package/templates/default/locales/ko/.mustflow/skills/structure-discovery-gate/SKILL.md +0 -159
  250. package/templates/default/locales/ko/.mustflow/skills/test-design-guard/SKILL.md +0 -162
  251. package/templates/default/locales/ko/.mustflow/skills/test-maintenance/SKILL.md +0 -130
  252. package/templates/default/locales/ko/.mustflow/skills/ui-quality-gate/SKILL.md +0 -117
  253. package/templates/default/locales/ko/.mustflow/skills/visual-review-artifact/SKILL.md +0 -127
  254. package/templates/default/locales/ko/.mustflow/skills/visual-review-artifact/assets/review-template.html +0 -286
  255. package/templates/default/locales/ko/.mustflow/skills/visual-review-artifact/resources.toml +0 -7
  256. package/templates/default/locales/ko/.mustflow/skills/web-asset-optimization/SKILL.md +0 -108
  257. package/templates/default/locales/zh/.mustflow/skills/INDEX.md +0 -74
  258. package/templates/default/locales/zh/.mustflow/skills/adapter-boundary/SKILL.md +0 -193
  259. package/templates/default/locales/zh/.mustflow/skills/artifact-integrity-check/SKILL.md +0 -114
  260. package/templates/default/locales/zh/.mustflow/skills/behavior-preserving-refactor/SKILL.md +0 -182
  261. package/templates/default/locales/zh/.mustflow/skills/code-review/SKILL.md +0 -115
  262. package/templates/default/locales/zh/.mustflow/skills/codebase-orientation/SKILL.md +0 -115
  263. package/templates/default/locales/zh/.mustflow/skills/command-pattern/SKILL.md +0 -247
  264. package/templates/default/locales/zh/.mustflow/skills/composition-over-inheritance/SKILL.md +0 -176
  265. package/templates/default/locales/zh/.mustflow/skills/contract-sync-check/SKILL.md +0 -116
  266. package/templates/default/locales/zh/.mustflow/skills/database-change-safety/SKILL.md +0 -155
  267. package/templates/default/locales/zh/.mustflow/skills/date-number-audit/SKILL.md +0 -116
  268. package/templates/default/locales/zh/.mustflow/skills/dependency-injection/SKILL.md +0 -161
  269. package/templates/default/locales/zh/.mustflow/skills/dependency-reality-check/SKILL.md +0 -115
  270. package/templates/default/locales/zh/.mustflow/skills/diff-risk-review/SKILL.md +0 -136
  271. package/templates/default/locales/zh/.mustflow/skills/docs-prose-review/SKILL.md +0 -119
  272. package/templates/default/locales/zh/.mustflow/skills/docs-update/SKILL.md +0 -97
  273. package/templates/default/locales/zh/.mustflow/skills/external-prompt-injection-defense/SKILL.md +0 -116
  274. package/templates/default/locales/zh/.mustflow/skills/facade-pattern/SKILL.md +0 -210
  275. package/templates/default/locales/zh/.mustflow/skills/failure-triage/SKILL.md +0 -96
  276. package/templates/default/locales/zh/.mustflow/skills/instruction-conflict-scope-check/SKILL.md +0 -118
  277. package/templates/default/locales/zh/.mustflow/skills/line-ending-hygiene/SKILL.md +0 -111
  278. package/templates/default/locales/zh/.mustflow/skills/migration-safety-check/SKILL.md +0 -117
  279. package/templates/default/locales/zh/.mustflow/skills/multi-agent-work-coordination/SKILL.md +0 -260
  280. package/templates/default/locales/zh/.mustflow/skills/null-object-pattern/SKILL.md +0 -196
  281. package/templates/default/locales/zh/.mustflow/skills/pattern-scout/SKILL.md +0 -110
  282. package/templates/default/locales/zh/.mustflow/skills/performance-budget-check/SKILL.md +0 -121
  283. package/templates/default/locales/zh/.mustflow/skills/project-context-authoring/SKILL.md +0 -107
  284. package/templates/default/locales/zh/.mustflow/skills/pure-core-imperative-shell/SKILL.md +0 -212
  285. package/templates/default/locales/zh/.mustflow/skills/readme-authoring/SKILL.md +0 -115
  286. package/templates/default/locales/zh/.mustflow/skills/repo-improvement-loop/SKILL.md +0 -150
  287. package/templates/default/locales/zh/.mustflow/skills/repro-first-debug/SKILL.md +0 -112
  288. package/templates/default/locales/zh/.mustflow/skills/requirement-regression-guard/SKILL.md +0 -152
  289. package/templates/default/locales/zh/.mustflow/skills/result-option/SKILL.md +0 -186
  290. package/templates/default/locales/zh/.mustflow/skills/security-privacy-review/SKILL.md +0 -116
  291. package/templates/default/locales/zh/.mustflow/skills/security-regression-tests/SKILL.md +0 -131
  292. package/templates/default/locales/zh/.mustflow/skills/skill-authoring/SKILL.md +0 -110
  293. package/templates/default/locales/zh/.mustflow/skills/source-freshness-check/SKILL.md +0 -111
  294. package/templates/default/locales/zh/.mustflow/skills/state-machine-pattern/SKILL.md +0 -214
  295. package/templates/default/locales/zh/.mustflow/skills/strategy-pattern/SKILL.md +0 -215
  296. package/templates/default/locales/zh/.mustflow/skills/structure-discovery-gate/SKILL.md +0 -159
  297. package/templates/default/locales/zh/.mustflow/skills/test-design-guard/SKILL.md +0 -162
  298. package/templates/default/locales/zh/.mustflow/skills/test-maintenance/SKILL.md +0 -122
  299. package/templates/default/locales/zh/.mustflow/skills/ui-quality-gate/SKILL.md +0 -117
  300. package/templates/default/locales/zh/.mustflow/skills/visual-review-artifact/SKILL.md +0 -127
  301. package/templates/default/locales/zh/.mustflow/skills/visual-review-artifact/assets/review-template.html +0 -286
  302. package/templates/default/locales/zh/.mustflow/skills/visual-review-artifact/resources.toml +0 -7
  303. package/templates/default/locales/zh/.mustflow/skills/web-asset-optimization/SKILL.md +0 -108
@@ -1,193 +0,0 @@
1
- ---
2
- mustflow_doc: skill.adapter-boundary
3
- locale: ko
4
- canonical: false
5
- revision: 3
6
- lifecycle: mustflow-owned
7
- authority: procedure
8
- name: adapter-boundary
9
- description: Apply this skill when external systems, protocols, SDKs, databases, webhooks, queues, files, caches, framework requests or responses, AI models, browser storage, or provider data cross into or out of core logic and need ports, adapters, translation, error mapping, timeout, retry, idempotency, security, or observability boundaries.
10
- metadata:
11
- mustflow_schema: "1"
12
- mustflow_kind: procedure
13
- pack_id: mustflow.core
14
- skill_id: mustflow.core.adapter-boundary
15
- command_intents:
16
- - changes_status
17
- - changes_diff_summary
18
- - test_related
19
- - test
20
- - lint
21
- - build
22
- - docs_validate_fast
23
- - test_release
24
- - mustflow_check
25
- ---
26
-
27
- # Adapter Boundary
28
-
29
- <!-- mustflow-section: purpose -->
30
- ## Purpose
31
-
32
- Keep external-world language, protocols, failures, and operational concerns out of core logic. Core logic speaks in internal use-case and domain terms; adapters translate external requests, responses, rows, messages, errors, identities, and provider behavior at the boundary.
33
-
34
- This skill is not just a wrapper pattern. A good adapter boundary absorbs provider details, validates or maps untrusted input, classifies failures, applies timeouts and retry policy, preserves idempotency where needed, and records safe observability evidence without leaking secrets or personal data.
35
-
36
- <!-- mustflow-section: use-when -->
37
- ## Use When
38
-
39
- - Code receives input from HTTP, CLI, webhooks, message queues, scheduled jobs, browser events, uploaded files, external databases, or external APIs.
40
- - Code calls external APIs, payment providers, email or SMS providers, file storage, object storage, databases, caches, search engines, analytics, AI models, queues, or browser storage.
41
- - Provider SDK types, framework request or response objects, database rows, external event objects, raw model responses, or provider error types are visible in domain, application, service, or use-case code.
42
- - A new or changed port, repository, gateway, provider module, controller, worker, webhook handler, mapper, or integration test is needed.
43
- - The boundary needs timeout, retry, rate-limit, idempotency, signature verification, duplicate handling, logging, metrics, redaction, or provider-version decisions.
44
- - An optional external integration may be disabled and needs either a safe neutral adapter or an explicit disabled result without leaking provider absence inward.
45
-
46
- <!-- mustflow-section: do-not-use-when -->
47
- ## Do Not Use When
48
-
49
- - The change is a pure calculation, value object, internal formatter, or data-only refactor with no external boundary.
50
- - The only problem is hidden construction or global lookup of a dependency; use `dependency-injection` first, then return here only if external data, errors, or protocol behavior also need a boundary.
51
- - The operation coordinates several already-translated ports, repositories, queues, caches, or providers behind one caller-facing workflow; use `facade-pattern` for that high-level entry point while keeping this skill for each external boundary.
52
- - The task is a disposable one-off script that is not imported, repeated, tested, used in production, or connected to external systems.
53
- - The repository already has a more specific local integration skill that fully covers the boundary.
54
-
55
- <!-- mustflow-section: required-inputs -->
56
- ## Required Inputs
57
-
58
- - The external system or protocol and whether it is inbound, outbound, or both.
59
- - The internal use case, domain action, or read model that should receive translated data.
60
- - Existing local patterns for ports, adapters, repositories, controllers, workers, mappers, result types, retries, idempotency, logging, and tests.
61
- - Provider-specific risk: write effects, duplicate delivery, unknown statuses, money, time, identifiers, secrets, personal data, files, untrusted URLs, rate limits, or provider version changes.
62
- - Relevant command-intent contract entries for tests, builds, docs, template checks, release checks, and mustflow validation.
63
-
64
- <!-- mustflow-section: preconditions -->
65
- ## Preconditions
66
-
67
- - Higher-priority instructions and `.mustflow/config/commands.toml` have been checked for the current scope.
68
- - The boundary direction and owner are clear enough to avoid putting provider names or external protocol terms into core logic.
69
- - If the local layout is unfamiliar, use `pattern-scout` or `codebase-orientation` before introducing new folders or naming conventions.
70
- - If the change also introduces hidden collaborators or concrete construction, use `dependency-injection` for that part of the work.
71
- - If the integration is optional and disabled by explicit configuration, use `null-object-pattern` only when the neutral behavior is safe and honest; required providers must fail closed.
72
-
73
- <!-- mustflow-section: allowed-edits -->
74
- ## Allowed Edits
75
-
76
- - Define narrow internal ports in the consuming application or domain language.
77
- - Add inbound adapters that parse, verify, validate, translate, and map protocol results.
78
- - Add outbound adapters that call providers and translate requests, responses, errors, identifiers, and operational metadata.
79
- - Add mapper, error-mapper, fixture, fake-port, contract-test, and adapter-test files directly needed by the boundary.
80
- - Add or update assembly-root wiring when a new adapter implementation is introduced.
81
- - Do not copy provider APIs into ports, return provider SDK objects, expose database rows as domain objects, or add a broad catch-all `ExternalAdapter`.
82
-
83
- <!-- mustflow-section: procedure -->
84
- ## Procedure
85
-
86
- 1. Classify the boundary.
87
- - Inbound: HTTP route, controller, webhook, CLI command, queue consumer, scheduler, browser event, uploaded file, or external data import.
88
- - Outbound: provider SDK, HTTP API, database, cache, file storage, search engine, message publisher, email/SMS/push provider, payment provider, AI model, or browser storage.
89
- 2. Name the internal capability in business language. Use names such as `PaymentGateway`, `EmailSender`, `ObjectStorage`, `UserStore`, `OrderReader`, `SummaryGenerator`, or `EventPublisher`. Keep provider names such as Stripe, Prisma, SendGrid, S3, OpenAI, or Redis inside adapter implementation names.
90
- 3. Design the port from the consumer's need, not from the provider's API.
91
- - Keep ports small and split unrelated reasons to change.
92
- - Use internal input and output types only.
93
- - Do not include SDK types, ORM model types, HTTP request objects, provider response objects, or provider error classes.
94
- 4. Build inbound adapters as translators, not business-rule containers.
95
- - Parse and validate external input.
96
- - Verify signatures, authentication evidence, request size, file constraints, and allowed URL or host rules where relevant.
97
- - Extract only the values needed by the use case.
98
- - Map use-case results back to the protocol response.
99
- - Keep pricing, permission decisions, state transitions, inventory policy, subscription policy, and other business rules in the application or domain layer.
100
- 5. Build outbound adapters as provider translators, not pass-through wrappers.
101
- - Create provider requests from internal input.
102
- - Set timeouts and retry policy where appropriate.
103
- - Pass idempotency keys for writes when the provider supports them.
104
- - Distinguish timeout, network error, rate limit, authentication failure, authorization failure, invalid request, business rejection, provider outage, and unknown provider error.
105
- - Return internal `Result` values or local error types instead of throwing provider errors for expected failures.
106
- - For optional disabled integrations, return an honest skipped or disabled outcome, or wire a safe null object at the assembly boundary. Do not return fake provider success.
107
- 6. Convert external data immediately at the boundary.
108
- - Map provider responses, database rows, queue messages, file metadata, model outputs, and browser storage values into internal types.
109
- - Keep external identifiers distinct from internal identifiers.
110
- - Represent money in integer minor units and explicit currency.
111
- - Convert dates and times explicitly according to the repository's time policy.
112
- - Copy only fields that internal code actually uses.
113
- 7. Separate mappers when translation grows.
114
- - Split request mapping, response mapping, error mapping, and fixture builders once they become non-trivial or repeated.
115
- - Keep provider-version differences inside adapter or mapper files.
116
- 8. Treat databases, caches, and queues as external systems.
117
- - Core logic should use stores, readers, writers, or publishers rather than raw clients.
118
- - Database rows are persistence shapes, not domain objects.
119
- - Queue messages and integration events are external envelopes until parsed and translated.
120
- - Cache keys, time-to-live values, invalidation rules, and stale-data policy must be explicit.
121
- 9. Keep database transactions and external side effects separate by default.
122
- - Do not call external APIs inside database transactions unless a local rule explicitly justifies the risk.
123
- - Use explicit states, an outbox, an action ledger, or a reconciliation path when database changes and external effects must be coordinated.
124
- 10. Harden webhooks and duplicate delivery.
125
- - Verify signatures before trusting payloads.
126
- - Preserve the raw body or safe raw reference when needed for verification and replay.
127
- - Use provider event identifiers or action keys to prevent duplicate effects.
128
- - Translate external event types into internal commands or events before calling the use case.
129
- 11. Keep AI model boundaries explicit.
130
- - Keep provider request format, model name, temperature, token limits, safety settings, and raw response parsing inside adapter or configuration code.
131
- - Validate structured output before returning it.
132
- - Return internal purpose-level outputs such as summaries, classifications, recommendations, or extracted fields.
133
- 12. Make observability safe and useful.
134
- - Log adapter name, provider, operation, correlation id, safe idempotency-key hash, provider request id, duration, retry count, outcome, and local error kind when available.
135
- - Do not log API keys, tokens, card data, passwords, identity numbers, raw personal data, full email bodies, full payment requests, full provider responses, or unredacted payloads.
136
- - Add metrics for latency, failures, retries, rate limits, duplicate handling, and ambiguous or unknown provider outcomes when the boundary is operationally important.
137
- 13. Test at the right layer.
138
- - Use fake ports in use-case tests; they should not call real external systems.
139
- - Test adapters with provider fixtures, mock clients, or local test doubles for request mapping, response mapping, error mapping, timeout, retry, idempotency, redaction, and duplicate handling.
140
- - Add contract or sandbox tests for critical providers when local fixtures cannot catch provider drift.
141
- 14. Verify with the narrowest configured command intents that cover changed source, tests, templates, docs, release metadata, and mustflow checks.
142
-
143
- <!-- mustflow-section: postconditions -->
144
- ## Postconditions
145
-
146
- - Core logic has no provider SDK imports, framework request or response objects, ORM clients, database rows, provider response objects, or provider error classes.
147
- - Ports are named in internal business language and expose only internal input, output, and error types.
148
- - Inbound adapters validate and translate before calling use cases.
149
- - Outbound adapters translate internal requests, provider responses, and provider failures before returning.
150
- - Timeouts, retry policy, idempotency, duplicate handling, security checks, and redacted observability are explicit where the risk requires them.
151
- - Tests cover core behavior through fakes and adapter behavior through mapping, error, and boundary tests.
152
-
153
- <!-- mustflow-section: verification -->
154
- ## Verification
155
-
156
- Use configured oneshot command intents when available:
157
-
158
- - `changes_status`
159
- - `changes_diff_summary`
160
- - `test_related`
161
- - `test`
162
- - `lint`
163
- - `build`
164
- - `docs_validate_fast`
165
- - `test_release`
166
- - `mustflow_check`
167
-
168
- Prefer the narrowest configured test or build intent that proves the affected boundary. Use documentation and release checks when skill routes, templates, public docs, package metadata, or installed-file surfaces change.
169
-
170
- <!-- mustflow-section: failure-handling -->
171
- ## Failure Handling
172
-
173
- - If a port starts mirroring a provider API, narrow it to the consuming use case and move provider details back into the adapter.
174
- - If an adapter becomes a pass-through wrapper, add explicit mapping and error translation or remove the false boundary.
175
- - If an adapter begins making business decisions, move the policy into the application or domain layer.
176
- - If timeout, retry, or idempotency behavior cannot be made safe, fail closed and report the remaining manual or reconciliation requirement.
177
- - If sensitive data appears in logs, fixtures, metrics, receipts, or test output, stop and route the sensitive surface through the repository's security and privacy review path.
178
- - If the provider behavior is unknown or drift-prone, keep claims local to verified fixtures or contract evidence and report what still needs live verification.
179
-
180
- <!-- mustflow-section: output-format -->
181
- ## Output Format
182
-
183
- - Boundary classified
184
- - Internal port or use-case input selected
185
- - Provider or protocol details contained
186
- - Inbound validation and translation handled
187
- - Outbound request, response, and error mapping handled
188
- - Timeout, retry, idempotency, and duplicate behavior handled or explicitly deferred
189
- - Security and redaction surfaces checked
190
- - Tests, fixtures, fakes, or contract checks added or reused
191
- - Command intents run
192
- - Skipped checks and reasons
193
- - Remaining boundary leakage or provider risk
@@ -1,114 +0,0 @@
1
- ---
2
- mustflow_doc: skill.artifact-integrity-check
3
- locale: ko
4
- canonical: false
5
- revision: 1
6
- lifecycle: mustflow-owned
7
- authority: procedure
8
- name: artifact-integrity-check
9
- description: 생성 산출물이나 바이너리 자산을 만들거나 교체하거나 패키징하거나 참조하거나 보고할 때 적용합니다.
10
- metadata:
11
- mustflow_schema: "1"
12
- mustflow_kind: procedure
13
- pack_id: mustflow.core
14
- skill_id: mustflow.core.artifact-integrity-check
15
- command_intents:
16
- - changes_status
17
- - changes_diff_summary
18
- - test_release
19
- - build
20
- - mustflow_check
21
- ---
22
-
23
- # 산출물 무결성 확인
24
-
25
- <!-- mustflow-section: purpose -->
26
- ## 목적
27
-
28
- 생성 산출물, 패키지 포함 파일, 미디어 자산, 보고서, 내려받을 수 있는 출력물이 실제로 존재하고 의도한 출처와 맞으며, 근거 없이 검증 완료로 보고되지 않게 합니다.
29
-
30
- <!-- mustflow-section: use-when -->
31
- ## 사용할 때
32
-
33
- - 산출물이나 바이너리 자산을 생성, 교체, 이동, 삭제, 패키징, 참조합니다.
34
- - 최종 보고에서 파일이 생성, 최적화, 내보내기, 패키지 포함, 사용 가능 상태라고 주장합니다.
35
- - 빌드나 패키징 단계가 오래되었거나 누락되었거나 너무 크거나 배포에서 빠질 수 있는 파일을 씁니다.
36
- - 문서, README, 매니페스트, 테스트가 생성 파일이나 자산 경로를 가리킵니다.
37
-
38
- <!-- mustflow-section: do-not-use-when -->
39
- ## 사용하지 않을 때
40
-
41
- - 변경이 소스에만 있고 생성, 패키징, 내보내기, 바이너리 파일을 언급하지 않습니다.
42
- - 더 좁은 스킬이 정확한 산출물 경로, 패키지 표면, 출력 주장을 이미 검증합니다.
43
- - 사용자가 파일 생성이나 검증 없이 개념 계획만 요청했습니다.
44
-
45
- <!-- mustflow-section: required-inputs -->
46
- ## 필요한 입력
47
-
48
- - 산출물 경로 또는 기대 출력 위치.
49
- - 산출물을 만들어야 하는 소스 파일, 생성 단계, 패키지 규칙.
50
- - 크기, 형식, 해시, 매니페스트, 패키지, 문서 기대값.
51
- - 빌드, 패키징, 검증, 자산 최적화에 관한 명령 의도 계약 항목.
52
-
53
- <!-- mustflow-section: preconditions -->
54
- ## 전제 조건
55
-
56
- - 작업이 사용할 때 조건에 맞고 사용하지 않을 때 조건에는 해당하지 않습니다.
57
- - 필요한 입력이 있거나, 부족한 입력을 추측하지 않고 보고할 수 있습니다.
58
- - 현재 범위의 상위 지시와 `.mustflow/config/commands.toml`을 확인했습니다.
59
-
60
- <!-- mustflow-section: allowed-edits -->
61
- ## 허용되는 수정
62
-
63
- - 산출물 주장을 사실로 유지하는 데 필요한 산출물, 소스 참조, 매니페스트, 패키지 메타데이터, 테스트, 문서만 갱신합니다.
64
- - 저장소가 해당 산출물을 버전 관리한다고 명시하지 않았다면 생성 캐시, 일시적 빌드 출력, 로컬 상태를 커밋하지 않습니다.
65
- - 해시, 크기, 파일 용량, 내보내기 결과, 패키지 포함 근거를 지어내지 않습니다.
66
-
67
- <!-- mustflow-section: procedure -->
68
- ## 절차
69
-
70
- 1. 작업이 영향을 주는 각 산출물이나 바이너리 자산과 그에 대한 주장을 나열합니다.
71
- 2. 산출물이 소스 관리 대상인지, 생성물인지, 패키지 포함물인지, 무시되는 로컬 상태인지, 외부 출력인지 확인합니다.
72
- 3. 소스 참조, 매니페스트, 패키지 포함 규칙, 문서 링크, 테스트가 같은 경로와 형식을 가리키는지 확인합니다.
73
- 4. 사용할 수 있는 가장 좁은 구성된 명령 의도로 존재 여부, 형식, 기대 포함 여부를 검증합니다.
74
- 5. 생성 산출물이 오래되었거나 누락되었다면 구성된 명령 의도로만 다시 만들거나, 빠진 명령을 보고합니다.
75
- 6. 산출물이 버전 관리 대상이 아니라면 최종 보고에서 커밋되었거나 배포된 것처럼 말하지 않습니다.
76
- 7. 확인한 경로, 실행한 명령 의도, 남은 미검증 속성을 정확히 보고합니다.
77
-
78
- <!-- mustflow-section: postconditions -->
79
- ## 완료 조건
80
-
81
- - 코드, 문서, 매니페스트, 테스트, 최종 보고의 모든 산출물 주장은 관찰한 근거가 있거나 확인하지 못했다고 명시되어 있습니다.
82
- - 생성물과 무시되는 출력은 저장소가 버전 관리 대상으로 선언하지 않는 한 프로젝트 진실로 취급하지 않습니다.
83
- - 패키지나 배포 주장은 가능한 경우 관련 구성된 의도로 검증했습니다.
84
-
85
- <!-- mustflow-section: verification -->
86
- ## 검증
87
-
88
- 사용 가능한 구성된 일회성 명령 의도를 사용합니다.
89
-
90
- - `changes_status`
91
- - `changes_diff_summary`
92
- - `test_release`
93
- - `build`
94
- - `mustflow_check`
95
-
96
- 산출물을 더 잘 덮는 좁은 자산 또는 문서 검증 의도가 있으면 그 의도를 사용합니다.
97
-
98
- <!-- mustflow-section: failure-handling -->
99
- ## 실패 처리
100
-
101
- - 산출물을 생성하거나 확인할 수 없다면 빠진 도구, 명령 의도, 소스 파일을 보고합니다.
102
- - 패키지 포함과 소스 참조가 다르면 산출물을 배포된 것으로 보고하기 전에 매니페스트나 문서를 고칩니다.
103
- - 산출물이 너무 크거나 오래되었거나 형식이 틀렸다면 문제를 보고하고 프로덕션 준비 완료라고 말하지 않습니다.
104
- - 검증에 외부 서비스나 사용할 수 없는 도구가 필요하면 그 경계에서 멈추고 확인하지 못한 산출물 속성을 밝힙니다.
105
-
106
- <!-- mustflow-section: output-format -->
107
- ## 출력 형식
108
-
109
- - 확인한 산출물 경로
110
- - 산출물 출처 또는 생성 경로
111
- - 포함, 형식, 용량 근거
112
- - 실행한 명령 의도
113
- - 건너뛴 산출물 확인과 이유
114
- - 남은 산출물 무결성 위험
@@ -1,182 +0,0 @@
1
- ---
2
- mustflow_doc: skill.behavior-preserving-refactor
3
- locale: ko
4
- canonical: false
5
- revision: 11
6
- lifecycle: mustflow-owned
7
- authority: procedure
8
- name: behavior-preserving-refactor
9
- description: Apply this skill when refactoring should reduce change cost while preserving existing behavior and keeping behavior changes separate.
10
- metadata:
11
- mustflow_schema: "1"
12
- mustflow_kind: procedure
13
- pack_id: mustflow.core
14
- skill_id: mustflow.core.behavior-preserving-refactor
15
- command_intents:
16
- - changes_status
17
- - changes_diff_summary
18
- - test_related
19
- - test
20
- - docs_validate_fast
21
- - test_release
22
- - mustflow_check
23
- ---
24
-
25
- # Behavior-Preserving Refactor
26
-
27
- <!-- mustflow-section: purpose -->
28
- ## Purpose
29
-
30
- Guide refactoring that lowers future change cost without silently changing runtime behavior.
31
-
32
- Refactoring is not cleanup for aesthetics. It is a controlled way to make code easier to understand, test, and change while keeping bug fixes, feature work, and behavior changes separate.
33
-
34
- <!-- mustflow-section: use-when -->
35
- ## Use When
36
-
37
- - The user asks to refactor, clean up, reorganize, simplify, split, extract, rename, remove duplication, or improve structure.
38
- - A planned change risks mixing renames, moves, extractions, deduplication, bug fixes, and feature behavior in one diff.
39
- - Existing code is hard to change because responsibilities, names, branches, dependencies, or tests are unclear.
40
- - Existing inheritance, base classes, abstract classes, template methods, protected state, or subclass variants make behavior harder to test or change.
41
- - Existing handlers, repositories, adapters, jobs, or services mix business decisions with database access, network calls, logging, current time, generated identifiers, randomness, environment reads, or framework objects.
42
- - Existing controllers, handlers, jobs, or services mix one state-changing intent with authorization, transactions, idempotency, audit logs, outbox events, retries, concurrency checks, and external side effects.
43
- - Existing controllers, handlers, workers, command handlers, or services repeat the same multi-step subsystem sequence and should move behind a stable facade without changing behavior.
44
- - Existing lifecycle state changes are scattered across direct assignments, handlers, repositories, jobs, UI checks, SQL conditions, or provider callbacks.
45
- - Existing code repeats presence checks for optional collaborators such as loggers, analytics clients, caches, optional notifications, or no-op processors.
46
- - The task touches legacy or weakly tested code and needs a safer refactoring order.
47
-
48
- <!-- mustflow-section: do-not-use-when -->
49
- ## Do Not Use When
50
-
51
- - The requested task is primarily a bug fix or failure diagnosis; use `repro-first-debug` first.
52
- - The change introduces new folders, modules, routing, data models, or external service boundaries before refactoring scope is clear; use `structure-discovery-gate`.
53
- - The task is only to review an already completed diff; use `diff-risk-review` or `code-review`.
54
- - The target code is about to be deleted, the requirement is still unclear, or the next step requires a product decision rather than a refactor.
55
-
56
- <!-- mustflow-section: required-inputs -->
57
- ## Required Inputs
58
-
59
- - The refactoring goal, target files or area, and the concrete pain being reduced.
60
- - Current behavior evidence, such as tests, examples, fixtures, command output, or observed input and output cases.
61
- - Existing local patterns for naming, file boundaries, dependencies, and tests.
62
- - Current changed-file list when the worktree is already dirty.
63
- - Relevant command-intent contract entries for verification.
64
-
65
- <!-- mustflow-section: preconditions -->
66
- ## Preconditions
67
-
68
- - Higher-priority instructions and `.mustflow/config/commands.toml` have been checked for the current scope.
69
- - The expected behavior to preserve is known, or the unknown behavior has been reported before edits begin.
70
- - If the area is unfamiliar, `codebase-orientation` or `pattern-scout` has been used to avoid inventing a parallel structure.
71
- - If tests are absent or weak, the first safe step is to add characterization coverage, capture input and output cases, or explicitly report the verification gap.
72
-
73
- <!-- mustflow-section: allowed-edits -->
74
- ## Allowed Edits
75
-
76
- - Rename unclear identifiers when the rename improves call-site meaning without changing behavior.
77
- - Extract small functions, policies, or helpers when they have a clear concept, inputs, outputs, and test value.
78
- - Flatten conditional flow when it preserves the same guard conditions and error behavior.
79
- - Separate responsibilities, dependencies, or side effects in the smallest useful step.
80
- - Move domain decisions toward pure functions or narrow policy objects, and keep I/O, clocks, network calls, process spawning, persistence, and logging in the imperative edge.
81
- - Add or update tests that preserve current behavior or make the refactoring safe.
82
- - Do not mix behavior changes, bug fixes, new features, broad formatting churn, or unrelated cleanup into the refactor.
83
-
84
- <!-- mustflow-section: procedure -->
85
- ## Procedure
86
-
87
- Before broad hotspot scans, compress candidates before reading files.
88
-
89
- - Exclude generated files, bundled files, lock files, dependency directories, large fixtures, snapshots, build outputs, minified files, and source maps before ranking candidates.
90
- - Use `[refactoring.hotspots]` preferences as scan limits: `large_file_candidate_kb` for the first size signal, `history_days` for recent change and bug-fix history, and the candidate limits for how many files to inspect at each depth.
91
- - Prefer overlapping low-cost signals over a single metric: size, recent change frequency, bug-fix history, import/export count, TODO/FIXME/HACK count, type or lint bypasses, missing nearby tests, and architecture-boundary imports.
92
- - Treat strong combinations as higher priority, such as large files with frequent changes and no tests, small security/payment/permission files with repeated bug fixes, large React client components with many effects, and API/controller files that mix validation, authorization, business logic, database access, and response formatting.
93
- - Do not read every candidate. Keep the first pass to the configured primary limit, narrow to the configured structure-review limit, and read full file contents only for the configured full-file limit.
94
- - When opening a candidate, inspect imports, exports, declarations, TODO or type-bypass neighborhoods, and the largest or most branch-heavy function before reading the full file.
95
-
96
- 1. Diagnose whether refactoring is needed.
97
- - Name the real problem: change cost, unclear responsibility, repeated bug risk, test difficulty, dependency coupling, or confusing flow.
98
- - Do not refactor only because code looks long, old, or stylistically uneven.
99
- 2. Identify behavior that must stay fixed.
100
- - Prefer existing tests or examples.
101
- - If coverage is missing, record representative input and output cases or add focused characterization tests before structural edits.
102
- - Treat suspected bugs as separate follow-up fixes unless the user explicitly asks to change behavior.
103
- 3. Choose the safest refactoring ladder.
104
- - Start with names and local clarity.
105
- - Then extract small concepts with clear inputs and outputs.
106
- - Then flatten conditions or isolate policies.
107
- - Then remove duplication only when the duplicated code changes for the same reason.
108
- - Move files, introduce abstractions, or split modules only after local behavior is easier to see.
109
- 4. Check duplication before merging code.
110
- - Keep duplication when code only looks similar or will change for different reasons.
111
- - Prefer common code only when it represents the same rule, simplifies call sites, and does not add parameter or branch complexity.
112
- - Prefer explicit duplication over a misleading abstraction.
113
- 5. Check extracted functions and names.
114
- - Extract only concepts that can be named precisely.
115
- - Avoid vague names such as `process`, `handle`, `do`, or `helper` unless they match established local style.
116
- - Boolean functions should read naturally at call sites and reveal the condition being tested.
117
- 6. Prefer the low-ceremony structural pattern that matches the pain:
118
- - Dependency injection when direct construction, global lookup, or hidden imports of tools, clients, clocks, file systems, processes, loggers, configuration, random generators, identifiers, queues, or external SDKs makes behavior hard to test. Use `dependency-injection` before editing that boundary.
119
- - Adapter or translator boundaries when external formats leak into core logic. Use `adapter-boundary` when provider data, protocols, errors, timeouts, retries, idempotency, security, or observability are part of the boundary.
120
- - Composition over inheritance when behavior can be assembled from small explicit collaborators. Use `composition-over-inheritance` before editing `extends`, base classes, abstract classes, template methods, protected state, mixins, or subclass combinations.
121
- - Command pattern when a state-changing user or system intent needs a traceable execution unit with explicit payload, context, authorization, transaction boundary, idempotency, outbox, audit, retry, or concurrency behavior. Use `command-pattern` before editing that execution unit.
122
- - Pure core with an imperative shell when business decisions, validation, authorization, pricing, eligibility, state transitions, or domain events are mixed with I/O, time, generated identifiers, randomness, environment reads, or framework objects. Use `pure-core-imperative-shell` before editing that split.
123
- - State machine pattern when status, state, phase, step, or stage controls allowed behavior and transitions are scattered or assigned directly. Use `state-machine-pattern` before editing lifecycle transitions.
124
- - Strategy pattern when repeated branches choose among interchangeable algorithms, policies, pricing rules, scoring methods, provider choices, or feature variants that share one purpose. Use `strategy-pattern` before editing that strategy family.
125
- - Result and Option values when expected failures, meaningful absence, null returns, thrown business failures, or ambiguous success flags make behavior hard to follow. Use `result-option` before editing that return-shape contract.
126
- - Null Object pattern when repeated nullable checks around an optional collaborator can be replaced by a same-interface neutral implementation without hiding required failures. Use `null-object-pattern` before editing that optional dependency boundary.
127
- - Injected time context when current time affects preserved behavior.
128
- 7. Handle conditional complexity by finding the policy.
129
- - Use early exits for simple guard conditions when they preserve behavior.
130
- - Separate state, type, permission, and exceptional-rule branches when they are mixed.
131
- - Avoid replacing clear branches with a strategy object, table, or abstraction before the policy boundary is proven.
132
- 8. Keep commits and reports reviewable.
133
- - Separate renames, moves, extractions, deduplication, tests, and behavior changes when possible.
134
- - If behavior changes are discovered, stop and report them as a separate fix path.
135
- 9. Verify with the narrowest configured command intents that cover the changed code and contract surfaces.
136
-
137
- <!-- mustflow-section: postconditions -->
138
- ## Postconditions
139
-
140
- - Existing behavior is preserved or any behavior change is clearly separated and reported.
141
- - The refactor has a named purpose tied to lower change cost, lower defect risk, or better testability.
142
- - The diff is small enough for a reviewer to distinguish mechanical changes from semantic changes.
143
- - Tests or verification evidence cover the behavior most likely to regress.
144
-
145
- <!-- mustflow-section: verification -->
146
- ## Verification
147
-
148
- Use configured oneshot command intents when available:
149
-
150
- - `changes_status`
151
- - `changes_diff_summary`
152
- - `test_related`
153
- - `test`
154
- - `docs_validate_fast`
155
- - `test_release`
156
- - `mustflow_check`
157
-
158
- Choose the narrowest configured test or build intent that proves the refactored behavior. Use documentation and release checks only when the refactor changes public docs, templates, schemas, package metadata, or release-sensitive surfaces.
159
-
160
- <!-- mustflow-section: failure-handling -->
161
- ## Failure Handling
162
-
163
- - If current behavior cannot be observed, stop before broad restructuring and report the missing safety evidence.
164
- - If a refactor uncovers a bug, keep the refactor behavior-preserving and propose the fix as a separate change.
165
- - If deduplication creates more options, branches, or vague names, undo or postpone that abstraction.
166
- - If tests fail after a supposedly behavior-preserving edit, diagnose the behavior difference before continuing.
167
- - If the next useful step is a large module move or public boundary change, use `structure-discovery-gate` and `contract-sync-check` before proceeding.
168
-
169
- <!-- mustflow-section: output-format -->
170
- ## Output Format
171
-
172
- - Refactoring goal
173
- - Behavior preservation evidence
174
- - Structural risk signals found
175
- - Facade extraction used or intentionally avoided
176
- - Refactoring ladder chosen
177
- - Structural pattern used or intentionally avoided
178
- - Changes made or analysis-only recommendation
179
- - Behavior changes intentionally excluded
180
- - Verification intents run
181
- - Skipped checks and reasons
182
- - Remaining risks or follow-up fix path
@@ -1,118 +0,0 @@
1
- ---
2
- mustflow_doc: skill.code-review
3
- locale: ko
4
- canonical: false
5
- revision: 4
6
- authority: procedure
7
- lifecycle: mustflow-owned
8
- name: code-review
9
- description: 코드 변경 사항을 검토하거나, 변경 범위 및 검증 누락 여부를 확인해야 할 때 적용합니다.
10
- metadata:
11
- mustflow_schema: "1"
12
- mustflow_kind: procedure
13
- pack_id: mustflow.core
14
- skill_id: mustflow.core.code-review
15
- command_intents:
16
- - test
17
- - test_related
18
- - test_audit
19
- - lint
20
- ---
21
-
22
- # 코드 검토 (Code Review)
23
-
24
- <!-- mustflow-section: purpose -->
25
- ## 목적
26
-
27
- 변경 사항이 요청 범위에 부합하는지 확인하고, 동작상의 위험이나 검증 누락이 없는지 검토합니다.
28
-
29
- <!-- mustflow-section: use-when -->
30
- ## 적용 시나리오
31
-
32
- - 코드 변경, diff 검토, 풀 리퀘스트(PR) 검토 또는 잠재적 회귀 위험 확인이 필요한 경우 적용합니다.
33
- - 새로운 동작 구현보다 변경에 따른 위험 평가 및 누락 확인이 주된 목적인 경우 적용합니다.
34
-
35
- <!-- mustflow-section: do-not-use-when -->
36
- ## 적용하지 않는 경우
37
-
38
- - 단순한 문구 수정, 번역 또는 서식 변경 작업만 포함된 경우 적용하지 않습니다.
39
- - 검토할 변경 파일이나 diff가 없는 경우 적용하지 않습니다.
40
-
41
- <!-- mustflow-section: required-inputs -->
42
- ## 필요한 입력
43
-
44
- - 수정된 파일 목록 또는 diff
45
- - 사용자가 지정한 검토 기준
46
- - `AGENTS.md`의 작업 규칙
47
- - `.mustflow/docs/agent-workflow.md`의 공통 작업 정책
48
- - `.mustflow/config/commands.toml`의 명령 의도 계약
49
-
50
- <!-- mustflow-section: preconditions -->
51
- ## 사전 조건
52
-
53
- - 작업이 사용 조건에 맞고 사용하지 않는 경우에는 해당하지 않습니다.
54
- - 필요한 입력을 확보했거나, 빠진 입력을 추측하지 않고 보고할 수 있습니다.
55
- - 현재 범위에 대해 더 높은 우선순위의 지침과 `.mustflow/config/commands.toml`을 확인했습니다.
56
-
57
- <!-- mustflow-section: allowed-edits -->
58
- ## 허용 수정 범위
59
-
60
- - 이 스킬, 사용자 요청, `.mustflow/skills/INDEX.md`의 맞는 경로가 설명하는 범위 안에서만 수정합니다.
61
- - 명령 권한을 넓히거나, 프로젝트 사실을 지어내거나, 관련 없는 워크플로 파일을 변경하지 않습니다.
62
-
63
- <!-- mustflow-section: procedure -->
64
- ## 절차
65
-
66
- 1. 수정된 파일 목록을 검토합니다.
67
- 2. 요청 사항과 무관한 불필요한 변경 사항이 포함되었는지 확인합니다.
68
- 3. 공개 동작, 설정, 명령 및 문서에 미치는 영향을 분석합니다.
69
- 4. 테스트의 적절성을 검토합니다.
70
- - 새로운 기능에 대한 테스트가 누락되었는지 확인합니다.
71
- - 제거된 기능에 대한 불필요한 테스트가 남아있는지 확인합니다.
72
- - 새로운 위험을 검증하지 못하는 중복 테스트가 있는지 확인합니다.
73
- - 단언(assertion)이 근거 없이 약화되었는지 확인합니다.
74
- - 스냅샷 갱신에 타당한 근거가 있는지 확인합니다.
75
- - 기존 테스트로 인해 삭제된 동작이 의도치 않게 재도입될 위험이 있는지 확인합니다.
76
- 5. 필요한 테스트 또는 규칙 검사 의도가 `.mustflow/config/commands.toml`에 정의되어 있는지 확인하십시오.
77
- 6. 발견된 사항을 심각도순으로 기록하십시오.
78
-
79
- <!-- mustflow-section: postconditions -->
80
- ## 사후 조건
81
-
82
- - 명확한 근거, 실행한 명령 의도, 건너뛴 확인, 남은 위험을 포함해 예상 출력을 작성할 수 있습니다.
83
- - 빠진 명령 의도, 알 수 없는 입력, 권한 충돌은 숨기지 않고 보고합니다.
84
-
85
- <!-- mustflow-section: verification -->
86
- ## 검증
87
-
88
- 공유 명령 정책은 `.mustflow/docs/agent-workflow.md#명령-실행-정책`을 따릅니다.
89
-
90
- 관련 명령 의도:
91
-
92
- - `test`
93
- - `test_related`
94
- - `test_audit`
95
- - `lint`
96
-
97
- 각 의도는 `.mustflow/config/commands.toml`에서 확인하십시오.
98
- `status = "configured"`가 아니면 실행하지 않고, 상태와 건너뛴 이유를 보고하십시오.
99
- `lifecycle = "oneshot"`과 `run_policy = "agent_allowed"`가 아니면 검증 명령으로 실행하지 않습니다.
100
- 스킬 문서 내에 실제 셸 명령을 직접 작성하지 마십시오.
101
-
102
- <!-- mustflow-section: failure-handling -->
103
- ## 실패 대응
104
-
105
- - 필요한 명령 의도가 `unknown`, `manual_only`, `disabled`이거나 없는 경우, 대체 명령을 임의로 추측하지 마십시오.
106
- - 검증을 수행하지 못한 이유와 잔존 위험을 보고하십시오.
107
- - 민감한 정보나 파괴적인 명령 위험이 식별되면 즉시 중단하고 확인된 내용을 보고하십시오.
108
-
109
- <!-- mustflow-section: output-format -->
110
- ## 출력 형식
111
-
112
- - 작업 요약
113
- - 심각도별 발견 사항
114
- - 검토한 파일 목록
115
- - 실행한 명령 의도
116
- - 건너뛴 명령 의도 및 사유
117
- - 테스트 적절성 검토 결과
118
- - 잔존 위험