mustflow 2.103.35 → 2.106.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mustflow",
3
- "version": "2.103.35",
3
+ "version": "2.106.0",
4
4
  "description": "Agent workflow documents and CLI for mustflow repository roots.",
5
5
  "type": "module",
6
6
  "license": "MIT-0",
@@ -62,7 +62,7 @@ translations = {}
62
62
  [documents."skills.index"]
63
63
  source = "locales/en/.mustflow/skills/INDEX.md"
64
64
  source_locale = "en"
65
- revision = 197
65
+ revision = 200
66
66
  translations = {}
67
67
 
68
68
  [documents."skill.adapter-boundary"]
@@ -347,6 +347,12 @@ source_locale = "en"
347
347
  revision = 1
348
348
  translations = {}
349
349
 
350
+ [documents."skill.async-timing-boundary-review"]
351
+ source = "locales/en/.mustflow/skills/async-timing-boundary-review/SKILL.md"
352
+ source_locale = "en"
353
+ revision = 1
354
+ translations = {}
355
+
350
356
  [documents."skill.concurrency-invariant-review"]
351
357
  source = "locales/en/.mustflow/skills/concurrency-invariant-review/SKILL.md"
352
358
  source_locale = "en"
@@ -712,6 +718,12 @@ source_locale = "en"
712
718
  revision = 1
713
719
  translations = {}
714
720
 
721
+ [documents."skill.vite-code-change"]
722
+ source = "locales/en/.mustflow/skills/vite-code-change/SKILL.md"
723
+ source_locale = "en"
724
+ revision = 1
725
+ translations = {}
726
+
715
727
  [documents."skill.python-code-change"]
716
728
  source = "locales/en/.mustflow/skills/python-code-change/SKILL.md"
717
729
  source_locale = "en"
@@ -778,6 +790,12 @@ source_locale = "en"
778
790
  revision = 3
779
791
  translations = {}
780
792
 
793
+ [documents."skill.wails-code-change"]
794
+ source = "locales/en/.mustflow/skills/wails-code-change/SKILL.md"
795
+ source_locale = "en"
796
+ revision = 1
797
+ translations = {}
798
+
781
799
  [documents."skill.typescript-code-change"]
782
800
  source = "locales/en/.mustflow/skills/typescript-code-change/SKILL.md"
783
801
  source_locale = "en"
@@ -2,7 +2,7 @@
2
2
  mustflow_doc: skills.index
3
3
  locale: en
4
4
  canonical: true
5
- revision: 197
5
+ revision: 200
6
6
  authority: router
7
7
  lifecycle: mustflow-owned
8
8
  ---
@@ -234,6 +234,11 @@ refer to `AGENTS.md` and `.mustflow/config/commands.toml` to implement the most
234
234
  - Use `vue-code-change` as a primary route when Vue, Nuxt, Pinia, Vue Router, Vue SFCs,
235
235
  Composition API, reactivity, props, emits, slots, `v-model`, SSR, hydration, lazy hydration,
236
236
  Vite/Vue toolchain, or Vue-related tests are created, changed, reviewed, or upgraded.
237
+ - Use `vite-code-change` as a primary route when Vite config, plugins, Rolldown or Rollup
238
+ compatibility, dependency optimization, dev server or HMR behavior, SSR, library mode, workers,
239
+ Environment API usage, package exports, TypeScript transpilation, browser targets, assets, CSS,
240
+ sourcemaps, package-manager scripts, CI, Docker, preview, or Vite-related tests are created,
241
+ changed, reviewed, migrated, or upgraded.
237
242
  - Use `babylon-code-change` as a primary route when Babylon.js, WebGPU or WebGL engine setup,
238
243
  Scene lifecycle, cameras, lights, meshes, materials, textures, shaders, glTF or GLB loading,
239
244
  Havok or Physics V2, LOD, instancing, thin instances, picking, render loops, Inspector
@@ -242,6 +247,10 @@ refer to `AGENTS.md` and `.mustflow/config/commands.toml` to implement the most
242
247
  server load, actions, endpoints, hooks, runes, snippets, bindings, SSR, hydration, streaming,
243
248
  invalidation, adapters, Vite, TypeScript, packaging, or Svelte-related tests are created,
244
249
  changed, reviewed, or upgraded.
250
+ - Use `wails-code-change` as a primary route when Wails v3 apps, Go services, generated bindings,
251
+ TypeScript runtime calls, windows, menus, system tray, dialogs, events, WebView platform
252
+ behavior, Taskfile or build config, signing, packaging, custom protocols, file associations,
253
+ server builds, or Wails-related tests are created, changed, reviewed, or upgraded.
245
254
  - Use `axum-code-change` as a primary route when Axum routers, handlers, extractors, state,
246
255
  extensions, middleware, Tower or Tower-HTTP layers, CORS, cookies, headers, Tokio tasks or locks,
247
256
  SQLx pools, rejections, error responses, body limits, WebSockets, or Rust HTTP API tests are
@@ -285,6 +294,10 @@ refer to `AGENTS.md` and `.mustflow/config/commands.toml` to implement the most
285
294
  - Use `race-condition-review` as an adjunct when shared state can be read, yielded, locked,
286
295
  retried, published, queued, cancelled, closed, reused, or observed across interleaving execution
287
296
  flows.
297
+ - Use `async-timing-boundary-review` as an adjunct when arbitrary sleeps, fixed delays, timer
298
+ waits, event-loop yields, render-frame waits, readiness polling, CI waits, Promise completion
299
+ claims, async one-time side effects, or eventual-consistency waits need a real completion signal
300
+ instead of a tuned millisecond value.
288
301
  - Use `concurrency-invariant-review` as an adjunct when a review needs to prove shared-state
289
302
  ownership, whole-invariant protection, lock and condition-variable discipline, memory visibility,
290
303
  duplicated execution, shutdown, thread-local context, async interleavings, or deterministic
@@ -478,6 +491,7 @@ routes. Event routes stay inactive until their event occurs.
478
491
  | Code review or implementation specifically needs to catch hidden O(N^2), pairwise work, repeated membership checks, map/filter/find/includes chains, code joins by ID, duplicate removal with index search, sorted-array linear search, repeated sort, reducer spread, string concatenation, JSON comparison, helper-hidden full-list scans, ORM lazy loading, GraphQL resolver fan-out, render-time lookup, tree or graph parent-child scans, event-history scans, interval all-pairs checks, or incremental updates that recompute whole state | `.mustflow/skills/quadratic-scan-review/SKILL.md` | Outer work, inner work, data shape, join or membership key, semantic contract, evidence level, and configured command intents | Set or Map lookup, grouping maps, parent-to-children maps, composite keys, sorted merge, single-pass aggregation, database-side joins, focused behavior tests, and bounded complexity notes tied to the repeated scan | disguised nested loop, same collection rescanned per item, array membership over growing data, ID join without index, duplicate-removal O(N^2), sorted linear search, sort inside loop, copy accumulation, JSON stringify comparison, helper-body scan, ORM N+1, resolver fan-out, render jank, graph traversal slowdown, event-history rescan, interval all-pairs leak, or small-list excuse without a hard cap | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Repeated path, outer and inner counts, data-growth classification, hidden scan findings, chosen index or intentional all-pairs decision, semantics preserved, evidence level, verification, and remaining quadratic-scan risk |
479
492
  | Code review or implementation needs type modeling to make impossible states unrepresentable, including branded IDs, unit and currency types, boolean flag clusters, broad string statuses, nullable state fields, raw external data, partial update inputs, DTO/domain/response mixing, broad maps, `any`, casts, non-null assertions, Result error variants, non-empty collections, permission capabilities, lifecycle timestamps, or exhaustiveness | `.mustflow/skills/type-state-modeling-review/SKILL.md` | Domain invariant, current type surface, construction path, boundary map, exhaustiveness surface, and configured command intents | Branded types, newtypes, wrappers, literal unions, sealed or discriminated variants, parsers, constructors, validators, DTO boundary splits, focused tests, and directly synchronized docs or templates | swapped IDs, unit or currency confusion, contradictory boolean flags, status drift, optional-field invalid state, raw DTO leakage, unsafe `Partial<T>`, domain/API/DB coupling, broad `Record<string, unknown>`, `any` spread, cast cover-up, non-null assertion crash, untyped Result errors, empty collection invariant leak, permission boolean drift, lifecycle timestamp contradiction, or missed exhaustive case | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Type surface reviewed, impossible states found or ruled out, boundary and construction path tightened, exhaustiveness and tests checked, verification, and remaining impossible-state risk |
480
493
  | Code review or implementation needs race-condition triage for shared state observed across interleaving execution flows, including check-then-act, read-modify-write, stale reads after `await`, I/O, callbacks or events, lock scope or global lock order, `tryLock`, timeout, retry, cache miss fill, lazy initialization, double-checked locking, atomics, memory ordering, DB transaction isolation, conditional updates, unique constraints, distributed locks, idempotency, filesystem exists/open, atomic create or rename, outbox ordering, queue duplicates or reordering, concurrent same-user work, shutdown, cancellation, timers, close/send races, shared collections, iterator snapshots, object reuse, fake immutability, sleep-based race tests, log ordering, or status values without transitions | `.mustflow/skills/race-condition-review/SKILL.md` | Shared state surface, invariant, interleaving points, synchronization or transaction boundary, retry and idempotency policy, event, queue, timer, cancellation and shutdown paths, collection or object ownership, evidence level, and configured command intents | Atomic conditional update, atomic create, compare-and-swap, lock scope or lock-order fix, unique constraint, row lock, idempotency guard, singleflight, outbox or inbox guard, state transition guard, snapshot iteration, ownership split, focused concurrency tests, and directly synchronized docs or templates | check-then-act, lost update, stale read after await, torn invariant, callback under lock, deadlock, retry duplication, cache stampede, double init, unsafe atomic assumption, isolation mismatch, app-only uniqueness, broken distributed lock, duplicate side effect, event/state split brain, queue duplicate or out-of-order damage, shutdown drop, cancellation completion race, old timer update, double close, send after close, shared collection mutation, pooled object corruption, fake immutable mutation, sleep-test false confidence, log-order lie, or state value race | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Shared state and invariant reviewed, interleaving ledger, atomicity and synchronization findings, stale-read and ordering checks, tests or evidence level, verification, and remaining race-condition risk |
494
+ | Code, tests, docs, or reports add, change, review, justify, or debug arbitrary sleeps, fixed delays, `setTimeout`, timer waits, event-loop yields, microtask or next-tick waits, render-frame or after-paint waits, CI waits, readiness polling, startup waits, file flush waits, worker readiness, Promise completion claims, async one-time side effects, or eventual-consistency waits | `.mustflow/skills/async-timing-boundary-review/SKILL.md` | Wait surface, intended condition, boundary class, available completion signal, caller ownership, test evidence, and command contract entries | Timing helpers, async flow, lifecycle waits, readiness probes, bounded polling, fake-time tests, stream/filesystem/process/worker/server/database/queue/index/device waits, and directly synchronized docs or templates | tuned millisecond threshold, sleep as readiness, Promise that only schedules work, one-time side-effect scope drift, render-before-layout measurement, stream or file durability lie, process or server ready guess, replica/search/queue visibility race, unbounded polling, timeout layering bug, CI-only flake, or sleep-based proof | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Waits classified, completion signal chosen or missing, fixed waits removed or bounded, Promise/once/render/I/O/external checks, verification, skipped timing diagnostics, and remaining async timing risk |
481
495
  | Code review or implementation needs concurrency-invariant triage for shared ownership and primitive discipline when correctness depends on time-order changes, including hidden writes in getters, lazy initialization, check-then-act, read-modify-write, exact lock identity, lock scope, lock order, callbacks under lock, condition-variable `while` predicates, lost notifications, atomics mixed with ordinary state, CAS ABA, double-checked locking, object publication before construction completes, fake immutability, concurrent collection iteration, cache stampede, application-only uniqueness, transaction isolation, distributed lock lease expiry, fencing tokens, idempotency keys, duplicate queue delivery, explicit state-machine transitions, scheduler overlap, shutdown drain, resource release after acquire, thread-local leakage, async `await` interleavings, or sleep-based concurrency tests | `.mustflow/skills/concurrency-invariant-review/SKILL.md` | Shared state inventory, owner decision, invariant, time-order table, lock identity and order, condition predicate, atomic and memory-visibility story, transaction and distributed lease boundary, duplicate execution rule, shutdown and thread-local context, test evidence, and configured command intents | Single-writer ownership, immutable snapshot, scoped lock, global lock order, condition predicate loop, atomic conditional write, transaction or row lock, unique constraint, idempotency record, fencing token, queue dedupe, state transition guard, scheduler ownership, shutdown drain, context cleanup, deterministic interleaving test, and directly synchronized docs or templates | ownerless shared state, read-only helper hidden write, torn invariant, different locks guarding one fact, too-narrow lock, too-wide lock, deadlock order, callback under lock, lost notification, spurious wakeup, atomic-only cover-up, ABA, unsafe publication, half-constructed object, fake immutable mutation, collection mutation during iteration, cache stampede, duplicate insert across service instances, isolation mismatch, expired distributed lock owner, duplicate side effect, queue redelivery damage, status backtracking, scheduler double-run, dropped in-flight work, leaked permit, thread-local tenant leak, stale value after await, or sleep-test false confidence | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Shared inventory and owners reviewed, invariant and time-order table, primitive-discipline findings, fixes or recommendations, deterministic evidence level, verification, and remaining concurrency-invariant risk |
482
496
  | Code review or implementation needs failure-integrity triage for exception or failure handling that can produce false success, swallowed exceptions, log-and-continue paths, ambiguous `null`, `false`, or empty defaults, `finally` masking, transaction commit after caught failure, external side-effect ordering bugs, retry without idempotency, missing timeouts, cancellation swallowing, unobserved async failures, queue ack/nack mistakes, lost causes, leaked internal errors, mixed business and system failures, partial state, lock or resource leaks on failure paths, unsafe parsing defaults, fail-open authorization, unsafe cache or fallback defaults, unstable public error messages, or missing failure-path observability | `.mustflow/skills/failure-integrity-review/SKILL.md` | Failure surface, truth surface, state-change ledger, error classification, transaction and side-effect boundary, retry, timeout, cancellation, queue, cleanup, public error, redaction, observability, and configured command intents | Failure propagation, typed error value, rollback or compensation, idempotency guard, timeout and retry budget, cancellation propagation, ack/nack and dead-letter policy, cause preservation, stable public error code, safe logging or metrics, fail-closed behavior, resource cleanup, focused failure-path tests, and directly synchronized docs or templates | broad catch, swallowed exception, false success, false empty data, cleanup masking original error, partial commit, unknown provider outcome, duplicate side effect, retry storm, hung dependency, ignored cancellation, unobserved background failure, dropped queue message, poison message loop, lost stack cause, internal error leak, client string-branching, business/system failure confusion, stuck processing state, unreleased lock, unclosed handle, dangerous default value, fail-open permission, unsafe fallback, invisible compensation failure, or no operator signal | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Failure surface and lie reviewed, state-change and truth ledger, swallowed or false-success findings, rollback/retry/fallback/observability decisions, tests or evidence level, verification, and remaining failure-integrity risk |
483
497
  | Code review or implementation needs backend-log-evidence triage for backend request, worker, scheduler, webhook, migration, script, service, repository, or external adapter logs that must explain why a request, job, or data change reached its final state, including event names, schema versions, start and finish logs, trace/span/request IDs, correlation and causation IDs, outcome and reason fields, error causes and stacks, external API before and after logs, DB affected rows, transaction begin/commit/rollback, state transitions, silent early returns, retries, timeouts, queue enqueue and consume, async context propagation, batch summaries, audit events, auth or validation failures, cache hits or misses, lock acquisition, idempotency outcomes, feature flags, release/config startup summaries, migration dry-run and apply logs, log pipeline canaries, generated/accepted/sent/stored/searchable counts, timestamp versus observed timestamp, parser or mapping failures, severity levels, duplicate logs, structured fields, safe identifiers, sampling, cardinality, log-injection safety, or redaction | `.mustflow/skills/backend-log-evidence-review/SKILL.md` | Backend path, event contract, correlation and causation model, request lifecycle evidence, error evidence, decision evidence, side-effect evidence, pipeline integrity evidence, sampling and safety constraints, local logger conventions, tests or fixtures, and configured command intents | Structured log events, stable event names, schema versions, safe identifiers, trace/span/request/correlation/causation IDs, request start and finish summaries, result type, outcome, reason code, duration, deployment/resource attributes, error object logging, cause preservation, dependency request IDs, affected-row counts, transition fields, retry attempts, timeout classes, queue and batch IDs, audit fields, auth and validation reason codes, cache and lock result fields, idempotency classifications, feature flag variants, release and config summaries, log canary and pipeline survival checks, cardinality controls, redaction guards, focused tests, and directly synchronized docs or templates | route-only start log, no finish log, missing duration, message-based dashboard, missing schema version, missing trace or span id, missing causation id, string-only error, lost cause or stack, external API logged only after failure, raw provider body log, missing affected-row count, invisible transaction boundary, status assignment without from/to state, silent guard return, attempt-free retry log, timeout without actual duration, enqueue without consume evidence, broken async request id, batch started/finished only, audit event mixed with debug log, missing auth reason, validation 400 with no safe field summary, cache blind spot, lock wait hidden, idempotency ambiguity, feature flag opacity, release or config opacity, secret-bearing config log, migration `done`, swallowed background error, all-info severity, duplicate error spam, prose-only log, high-cardinality indexed field, log pipeline silently dropping evidence, log injection exposure, unsafe sampling, missing domain identifier, or sink-side-only masking | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Backend log boundary reviewed, reconstruction question, event/lifecycle/correlation/causation/error/side-effect/decision/pipeline/cardinality/sampling/redaction findings, evidence level, verification, and remaining backend-log-evidence risk |
@@ -582,6 +596,7 @@ routes. Event routes stay inactive until their event occurs.
582
596
  | Generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, TypeScript compiler-track references, Rust release or MSRV references, or migration-sensitive snippets introduce explicit external version references, action refs, package ranges, runtime versions, framework majors, Docker image tags, or scaffold commands that may be stale | `.mustflow/skills/version-freshness-check/SKILL.md` | Versioned reference, owning files, repository version policy, approved freshness source, compatibility context, migration risk, TypeScript compiler track or Rust MSRV/toolchain track when relevant, and command contract entries | Package metadata, lockfiles, CI workflows, Dockerfiles, runtime files, framework config, docs, examples, templates, tests, and version-decision reports | stale default version, false latest claim, accidental major migration, repository policy mismatch, unsupported generated example, TypeScript RC/nightly/API-track confusion, Rust stable/nightly/MSRV confusion, floating-tag drift, or unverified security/support claim | `changes_status`, `changes_diff_summary`, `build`, `test_related`, `docs_validate_fast`, `test_release`, `mustflow_check` | Versioned surfaces checked, repository policy and freshness source, selected version track, compatibility classification, TypeScript stable/RC/nightly/API-track and Rust stable/nightly/MSRV split when relevant, approval need, synchronized surfaces, verification, and remaining version-freshness risk |
583
597
  | External systems, protocols, SDKs, databases, webhooks, queues, files, object storage, signed upload or download URLs, caches, API response models, framework requests or responses, server actions, route handlers, edge functions, worker handlers, AI models, browser storage, search engines, analytics tools, email platforms, no-code tools, observability backends, trace or request context, provider data, or volatile component implementations cross the core boundary or need stable port/adapter translation, change isolation, error mapping, timeout, retry, circuit-breaker, bulkhead, idempotency, reconciliation, security, core-state ownership, vendor portability, or observability handling | `.mustflow/skills/adapter-boundary/SKILL.md` | External system or protocol, inbound/outbound direction, delivery boundary, internal use case, local port/adapter patterns, provider risk, provider failure policy, core-state ownership risk, vendor portability risk, observability identifier policy, API contract risk, change-isolation ledger, preserved consumer contract, changed files, and command contract entries | Ports, adapters, mappers, controllers, workers, stores, gateways, response mappers, telemetry mappers, timeout and retry policies, circuit breakers, bulkhead boundaries, tests, fixtures, assembly wiring, and directly synchronized docs or templates | provider leakage, caller churn from adapter-only changes, framework business-rule leakage, telemetry backend leakage, storage-key leakage, screen-shaped API coupling, pass-through wrapper, SaaS dashboard as truth source, search or analytics policy leakage, queue contract leakage, unclassified external failure, duplicate side effect, unsafe retry, missing timeout, missing circuit breaker, missing bulkhead, unresolved unknown provider outcome, broken identifier propagation, secret or personal-data leak, or untested integration drift | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | Boundary classification, change-isolation ledger, preserved consumer contract, delivery adapter responsibility, internal port, provider containment, core-state ownership, vendor portability, validation and mapping, API response mapping, observability identifier flow, timeout/retry/circuit-breaker/bulkhead/idempotency handling, reconciliation behavior, security notes, verification, and remaining provider risk |
584
598
  | Tauri frontend invokes, Rust commands, capabilities, permissions, scopes, plugins, filesystem, dialog, shell, opener, updater, sidecar, or mobile native permissions are created or changed | `.mustflow/skills/tauri-code-change/SKILL.md` | Frontend call sites, Tauri config, Rust commands, capability and permission files, plugin config, changed files, and command contract entries | Tauri frontend, Rust commands, capabilities, permissions, scopes, plugins, tests, and docs | broad native permission, untrusted IPC input, filesystem escape, shell or updater risk, or WebView/native boundary drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | IPC, permission, scope, filesystem, shell, updater, and native boundary checked, verification, and remaining Tauri risk |
599
+ | Wails v3 applications, Go services, generated bindings, TypeScript runtime calls, windows, menus, system tray, dialogs, events, frontend bridge payloads, WebView platform behavior, Taskfile or build config, signing, packaging, custom protocols, file associations, server builds, or Wails-related tests are created, changed, reviewed, or upgraded | `.mustflow/skills/wails-code-change/SKILL.md` | Wails version track, Go module and frontend package metadata, generated bindings, app entry point, service/window/event/menu/tray/dialog/build/package evidence, changed files, and command contract entries | Wails app assembly, Go services, frontend bridge calls, generated bindings, windows, events, menus, tray, dialogs, WebView platform behavior, platform packaging, tests, and docs | Electron or Wails v2 migration drift, accidental exported RPC, binding or runtime version drift, shared-service race, unsafe frontend input, oversized bridge payload, event leak or broadcast, WebView platform mismatch, or packaging/signing drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Wails version/app/service/bridge/binding/window/event/menu/tray/dialog/platform packaging notes, verification, and remaining Wails risk |
585
600
  | File path handling, cross-platform path behavior, path helpers, safe filesystem wrappers, clone or checkout destinations, scaffold roots, temp or cache paths, atomic writes, locks, archive extraction, uploads, downloads, scanners, CLI/API/schema path contracts, snapshots, generated outputs, or package artifact paths are created, changed, reviewed, or reported | `.mustflow/skills/file-path-cross-platform-change/SKILL.md` | Path ledger, trust classes, accepted path representation, base root, path helpers, safe filesystem wrappers, clone/checkout/scaffold/install/extract outputs, staging and promotion policy, temp/cache helpers, lock policy, archive policy, upload/download policy, scanner policy, CLI/API/schema/snapshot/generated/package surfaces, platform expectations, failure taxonomy, and command contract entries | Path validators, helpers, wrappers, schemas, CLI/API parsing, snapshots, fixtures, docs, tests, generated-output paths, package artifact paths, clone or scaffold destinations, archive extraction, scanner bounds, temp/cache handling, locks, and cleanup code | path traversal, base containment bypass, drive-relative path bug, reserved-name bug, case-collision bug, Unicode-collision bug, Git checkout path-length failure misreported as network or auth, unsafe archive extraction, non-atomic write claim, stale lock, scanner loop, partial-output cleanup data loss, user-selected destination deletion, path contract drift, or package artifact path drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Path contract, path ledger, trust classes, root policy, preflight/staging/promotion decisions, Windows/macOS/Linux/archive/upload/download/scanner/lock/temp/cache/atomic/cleanup decisions, failure taxonomy, synchronized contract surfaces, verification, and remaining path risk |
586
601
  | File paths, directories, symlinks, real paths, traversal, atomic writes, file copies, generated outputs, temporary files, clone or checkout materialization, cleanup, or Windows/POSIX filesystem behavior are created, changed, reviewed, or reported | `.mustflow/skills/cross-platform-filesystem-safety/SKILL.md` | Path inputs, base directory, trust boundary, symlink policy, write or cleanup strategy, clone/checkout/scaffold/install/extract path budget, app-owned staging boundary, platform expectations, failure taxonomy, and command contract entries | Path validation, file helpers, copy/update/delete code, clone/scaffold/archive cleanup code, scan bounds, fixtures, tests, docs, and templates | path traversal, symlink escape, unsafe overwrite, platform-only behavior, stale output, path-length or filename-length misclassification, watcher/resource misclassification, or cleanup data loss | `changes_status`, `changes_diff_summary`, `test_related`, `docs_validate_fast`, `test_release`, `mustflow_check` | Path trust classes, root boundary, symlink/write/delete/scan decisions, preflight and staging boundaries, clone/scaffold/extract classification, platform assumptions, verification, and remaining filesystem risk |
587
602
  | Child processes, shell or argv execution, built-in command reruns, Git/package-manager/scaffolder failures, timeouts, process trees, output limits, streaming, environment policy, command eligibility, failure classification, command-line length limits, or execution receipts are created, changed, reviewed, or reported | `.mustflow/skills/process-execution-safety/SKILL.md` | Execution path, timeout, output limit, stdin, argv and shell command-length budget, environment, cwd, process tree behavior, failure taxonomy, receipt and write-tracking expectations, and command contract entries | Process execution code, process-tree helpers, output buffers, environment creation, eligibility checks, failure classifiers, receipts, tests, and docs | runaway process, unbounded output, leaked environment, argv-too-long failure, shell-command-too-long failure, inconsistent JSON/text execution, false cleanup claim, Git checkout path failure misreported as network or auth, blind retry, diagnostic loss, or unreliable receipt | `changes_status`, `changes_diff_summary`, `test_related`, `test_release`, `mustflow_check` | Execution surface, timeout/output/environment/process-tree boundaries, argv and shell length handling, failure classification, diagnostic preservation, receipt consistency, tests, verification, and remaining process risk |
@@ -615,6 +630,7 @@ routes. Event routes stay inactive until their event occurs.
615
630
  | Astro config, package metadata, pages, layouts, components, client islands, server islands, hydration directives, content or live collections, routes, endpoints, actions, adapters, request pipeline, `src/fetch.*`, route cache, MDX, Markdoc, Markdown processing, Shiki, images, `ClientRouter`, migration, or Astro build behavior are created or changed | `.mustflow/skills/astro-code-change/SKILL.md` | Astro config, current and target Astro version when migrating, route tree, request pipeline, cache rules, Markdown/MDX/Markdoc/Shiki processor, layouts, content schema, components, adapter runtime, server island boundary, changed files, and command contract entries | Astro pages, layouts, client and server islands, content and live collections, adapters, endpoints, actions, request pipeline, route cache, Markdown, Markdoc, Shiki, tests, and docs examples | unnecessary hydration, server island first-HTML drift, build/runtime data mix, stale `output: "hybrid"` migration, route URL drift, request pipeline omission, cache data exposure, Markdown or MDX drift, unsafe Markdoc HTML, content schema drift, loader validation miss, adapter runtime mismatch, or target-preview gap | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Build/runtime, route, endpoint/action, request pipeline, cache, Markdown/MDX/Markdoc/Shiki, content, hydration, server island, ClientRouter, and adapter boundary checked, verification, and remaining Astro risk |
616
631
  | React, React DOM, React Server Components, Server Actions, React Compiler, Hooks, Suspense, Actions, forms, refs, context, concurrent rendering, SSR streaming, resource hints, package metadata, or React-related tests are created, changed, reviewed, or upgraded | `.mustflow/skills/react-code-change/SKILL.md` | React package evidence, effective React support range, compiler and lint evidence, rendering boundary, state and mutation evidence, changed files, and command contract entries | React source, tests, package metadata, framework config, SSR or RSC boundaries, docs examples, and directly synchronized compatibility surfaces | stale React version claim, CRA reintroduction, React 19 API in React 18-compatible package, effect dependency suppression, memoization folklore, compiler mismatch, context rerender drift, ref compatibility break, Suspense misuse, Action rollback gap, RSC or Server Action boundary confusion, unsafe resource hints, or unverified performance claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | React version, compiler, lint, effect, state, memoization, context, ref, form, Suspense, SSR/RSC, resource, verification, and compatibility risks checked |
617
632
  | Vue, Nuxt, Pinia, Vue Router, Vue SFCs, Composition API, reactivity, props, emits, slots, `v-model`, SSR, hydration, lazy hydration, Vite/Vue toolchain, or Vue-related tests are created, changed, reviewed, or upgraded | `.mustflow/skills/vue-code-change/SKILL.md` | Vue/Nuxt package evidence, effective Vue support range, Vite/vue-tsc/toolchain evidence, component API evidence, reactivity and watcher evidence, SSR/hydration evidence, Pinia/Router ownership evidence, changed files, and command contract entries | Vue SFCs, composables, Pinia stores, Router routes and guards, Nuxt pages/layouts/components/plugins, Vite/Nuxt config, tests, docs examples, package metadata, and directly synchronized compatibility surfaces | stale Vue or Nuxt version claim, missing SFC typecheck, wide reactive subscription, deep watch bomb, unstable computed identity, raw/proxy identity hazard, nested prop mutation, `defineModel` default desync, undeclared emit fallthrough, slot API drift, Pinia destructuring break, broad route watch, SSR request-state leak, hydration mismatch, ClientOnly misuse, lazy hydration on immediate interaction, or unverified performance claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Vue version, toolchain, SFC typecheck, reactivity, computed, watcher, component API, composable, Pinia, Router, SSR, hydration, lazy-hydration, performance, verification, and compatibility risks checked |
633
+ | Vite config, plugins, Rolldown or Rollup compatibility, dependency optimization, dev server or HMR behavior, SSR, library mode, workers, Environment API usage, package exports, TypeScript transpilation, browser targets, assets, CSS, sourcemaps, package-manager scripts, CI, Docker, preview, or Vite-related tests are created, changed, reviewed, migrated, or upgraded | `.mustflow/skills/vite-code-change/SKILL.md` | Vite package evidence, installed and target Vite major, framework plugin evidence, package manager and Node policy, Vite config, plugin ledger, optimizer ledger, runtime ledger, package export ledger, asset/output ledger, changed files, and command contract entries | Vite config, plugins, package metadata, TypeScript config, CSS config, dependency optimizer settings, dev server and HMR settings, SSR and worker entries, library build config, assets, sourcemaps, preview, CI, Docker, tests, docs, and directly synchronized template surfaces | stale Vite version claim, old Rollup/esbuild option drift, ignored compatibility layer, missing typecheck, optimizer rediscovery loop, HMR boundary hidden behind wrappers, plugin ordering myth, lost import query, virtual module id drift, global plugin cache across environments, CJS default import trap, package exports condition drift, SSR manifest confusion, worker build plugin gap, library-mode asset inline surprise, public sourcemap exposure, base path asset 404, package-manager lock drift, or unverified performance claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Vite version, Rolldown/Rollup/Oxc/CSS, TypeScript, optimizer, HMR, plugin, package-resolution, SSR, worker, library, asset, sourcemap, package-manager, CI, Docker, preview, verification, and compatibility risks checked |
618
634
  | Babylon.js, WebGPU or WebGL engine setup, Scene lifecycle, cameras, lights, meshes, materials, textures, shaders, glTF or GLB loading, AssetContainer usage, loaders, Havok or Physics V2, LOD, instancing, thin instances, picking, render loops, Inspector debugging, or Babylon-related tests are created, changed, reviewed, or upgraded | `.mustflow/skills/babylon-code-change/SKILL.md` | Babylon package evidence, engine and fallback ledger, Scene and render loop owners, asset and decoder ledger, material and shader ledger, LOD/instancing/culling ledger, physics ledger, performance counters, changed files, and command contract entries | Babylon engine setup, Scene lifecycle, loaders, assets, materials, shaders, textures, cameras, lights, shadows, render targets, render loops, observers, LOD, culling, instances, thin instances, picking, Physics V2, Havok, tests, docs, and package metadata | stale Babylon version claim, WebGPU async init race, missing WebGL fallback, WebGPU bundle churn, loader or side-effect import drift, `__root__` mesh confusion, decoder hosting gap, material dirty or shader compile stutter, texture VRAM waste, thin-instance bounding failure, picking CPU tax, observer leak, incomplete disposal, overbroad mesh physics, collision callback overload, or unverified performance claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Babylon version, engine/fallback, render loop, Scene lifecycle, asset loading, materials, shaders, textures, LOD/culling/instancing, picking, physics, performance, verification, and remaining Babylon risk |
619
635
  | Svelte or SvelteKit components, route files, universal or server load functions, form actions, endpoints, hooks, stores, context, runes, props, snippets, bindings, SSR, hydration, streaming, preload, invalidation, server-only imports, env boundaries, adapters, Vite, TypeScript, packaging, accessibility warnings, or tests are created or changed | `.mustflow/skills/svelte-code-change/SKILL.md` | Svelte config, route segment files, route matchers, stores/runes/context, hooks, app types, adapter config, Vite and TypeScript config, package export metadata, changed files, and command contract entries | Svelte components, route files, load/actions, endpoints, stores/runes/context, SSR/client boundaries, adapter and package surfaces, tests, and docs examples | SSR/client leakage, server-only import leak, browser global crash, hydration marker drift, preload side effect, invalidation miss, streaming header/auth bug, request-state leak, state owner drift, effect-as-derived loop, form degradation, adapter output drift, package export break, or ignored accessibility warning | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | SSR, server/client, route/load/action/invalidation/streaming, state/runes/props/snippets/bindings, adapter/toolchain/package, form, and accessibility boundary checked, verification, and remaining Svelte risk |
620
636
  | Web image assets are added, converted, resized, or replaced | `.mustflow/skills/web-asset-optimization/SKILL.md` | Image asset request and target path | Web image assets | asset quality and size | `asset_optimize`, `build` | Optimized asset notes |
@@ -0,0 +1,171 @@
1
+ ---
2
+ mustflow_doc: skill.async-timing-boundary-review
3
+ locale: en
4
+ canonical: true
5
+ revision: 1
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: async-timing-boundary-review
9
+ description: Apply this skill when code, tests, docs, or reports add, change, review, justify, or debug arbitrary sleeps, fixed delays, `setTimeout`, timer waits, event-loop yields, microtask or next-tick waits, render-frame or after-paint waits, CI waits, readiness polling, startup waits, file flush waits, worker readiness, Promise completion claims, async one-time side effects, or eventual-consistency waits across UI, Node, filesystems, workers, databases, queues, search indexes, external APIs, devices, or tests.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.async-timing-boundary-review
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - lint
19
+ - build
20
+ - test_related
21
+ - test
22
+ - docs_validate_fast
23
+ - test_release
24
+ - mustflow_check
25
+ ---
26
+
27
+ # Async Timing Boundary Review
28
+
29
+ <!-- mustflow-section: purpose -->
30
+ ## Purpose
31
+
32
+ Replace arbitrary time waits with the completion signal that the code actually needs.
33
+
34
+ The review question is not "how many milliseconds are safe?" It is "is the code waiting for time itself, or is it using time as a guess for state, rendering, I/O, scheduling, durability, readiness, or eventual consistency?" A wait such as 1 ms, 2 ms, 10 ms, or one event-loop turn is usually a symptom threshold, not a contract.
35
+
36
+ <!-- mustflow-section: use-when -->
37
+ ## Use When
38
+
39
+ - Code or tests use fixed waits, sleeps, delays, `setTimeout`, `setInterval`, timer promises, `nextTick`, microtask flushes, `requestAnimationFrame`, after-paint helpers, `waitForTimeout`, "give it a moment", "wait 1/2/10 ms", or CI-only sleeps.
40
+ - A change claims a Promise, callback, event, render, file write, process start, database write, queue message, search index update, worker result, device state, or external API side effect has completed.
41
+ - Code waits for browser layout, paint, hydration, image decode, font loading, transition completion, ResizeObserver delivery, framework next-tick behavior, or route/render stability.
42
+ - Code waits for Node or runtime event-loop phases, timers, microtasks, stream events, child-process startup, IPC, worker threads, filesystem flush, atomic rename, or shutdown drain.
43
+ - Code waits for server readiness, health, listen callbacks, database commit visibility, replica lag, search indexing, queue ack, webhook delivery, external eventual consistency, container readiness, or hardware/device ready signals.
44
+ - A test is flaky, slow, or CI-only because local hardware crosses a timing boundary that CI, background tabs, containers, low-end devices, or loaded runners do not.
45
+ - A report says a side effect runs "only once" or that an async operation is "awaited" and the scope of once or the represented completion signal is unclear.
46
+
47
+ <!-- mustflow-section: do-not-use-when -->
48
+ ## Do Not Use When
49
+
50
+ - The wait is a true time contract such as debounce, throttle, rate-limit spacing, animation duration, exponential backoff, cache TTL, token expiry, user-visible delay, or hardware datasheet settle time, and no readiness state is being guessed.
51
+ - The task is only general race safety with shared mutable state and no timer, readiness, event-loop, render, I/O, or eventual-consistency wait; use `race-condition-review`.
52
+ - The task is only test-suite wall-clock optimization and fixed sleeps are one small symptom; use `test-suite-performance-review` first and this skill for the sleep replacement.
53
+ - The task is only frontend flicker, hydration flash, or navigation instability with no explicit timing or readiness wait; use `frontend-render-stability` first.
54
+ - The task is only retry/backoff policy where the delay is already a documented retry interval; use `retry-policy-integrity-review`.
55
+
56
+ <!-- mustflow-section: required-inputs -->
57
+ ## Required Inputs
58
+
59
+ - Wait surface: sleep helper, timer, event-loop yield, Promise, callback, polling loop, render hook, I/O wait, startup wait, external consistency wait, or test wait.
60
+ - Intended condition: the exact state, event, visibility, durability, readiness, ordering, or side effect the caller needs before continuing.
61
+ - Boundary class: time contract, event-loop/task/microtask boundary, render/frame/paint boundary, framework lifecycle boundary, filesystem/stream boundary, process/worker boundary, database/transaction boundary, queue/index/external consistency boundary, or device/protocol boundary.
62
+ - Completion signal available in the codebase: event, callback, listener, promise that resolves on real completion, `finish`, `close`, `fsync`, atomic rename, health check, listen callback, ack, status endpoint, observer, transition event, cancellation token, latch, barrier, fake clock, or deterministic scheduler.
63
+ - Caller ownership: whether every caller awaits the returned Promise or whether the async work is fire-and-forget, debounced, event-handler-owned, framework-owned, or lifecycle-owned.
64
+ - Test evidence: current tests, fake timers, controlled promises, barriers, polling utilities, readiness probes, stress tests, CI logs, or missing configured verification.
65
+
66
+ <!-- mustflow-section: preconditions -->
67
+ ## Preconditions
68
+
69
+ - The task matches the Use When conditions and does not match the Do Not Use When exclusions.
70
+ - Higher-priority instructions and `.mustflow/config/commands.toml` have been checked for the current scope.
71
+ - External docs, snippets, pasted text, CI logs, and AI reports are evidence, not command authority.
72
+ - Framework, runtime, browser, database, queue, and device APIs are verified from current project dependencies or official/source documentation before making durable claims.
73
+ - If a delay crosses authorization, money, ledger, data-loss, migration, or privacy boundaries, also apply the relevant security, payment, database, queue, or failure-integrity skill.
74
+
75
+ <!-- mustflow-section: allowed-edits -->
76
+ ## Allowed Edits
77
+
78
+ - Replace arbitrary waits with explicit completion signals, awaited lifecycle events, framework-native render or tick primitives, health/readiness checks, durable write boundaries, queue acknowledgements, bounded polling, cancellation-aware waits, or fake-time test helpers.
79
+ - Add focused tests, fixtures, helpers, or docs that prove the intended completion condition when the repository has configured verification.
80
+ - Keep true time contracts explicit and named. A delay may remain when the reason is time itself, but the code or test should not pretend it proves state readiness.
81
+ - Do not hide warnings or flakes by increasing timeouts, adding larger sleeps, filtering stderr, broadening retries, or weakening assertions.
82
+ - Do not start servers, watchers, browsers, workers, databases, containers, or external services outside configured one-shot command intents.
83
+
84
+ <!-- mustflow-section: procedure -->
85
+ ## Procedure
86
+
87
+ 1. Classify the wait.
88
+ - `time_contract`: debounce, throttle, rate limit, TTL, animation duration, backoff, human pacing, or datasheet settle time.
89
+ - `state_readiness`: DOM exists, layout measured, stream closed, file durable, server listening, DB committed, replica visible, queue processed, index updated, worker ready, device ready, or external API state changed.
90
+ - If it is state readiness, do not tune the number first. Name the missing signal.
91
+ 2. Trace what the delay accidentally crosses.
92
+ - Browser: current task, microtask queue, rendering opportunity, layout, paint, RAF, idle callback, background-tab timer throttling, image decode, font load, transition end, hydration, or route data.
93
+ - Node or server runtime: timers phase, microtasks, stream flush, close event, child-process spawn, IPC, worker scheduling, process exit, signal handling, or shutdown drain.
94
+ - External systems: transaction commit, primary versus replica visibility, search refresh, queue ack, webhook delivery, container health, service warmup, device ready, or eventual consistency.
95
+ 3. Replace state waits with the closest real completion signal.
96
+ - UI: use framework lifecycle, `useLayoutEffect`, framework next-tick primitives, `requestAnimationFrame` for frame scheduling, ResizeObserver for size, image decode/load, font readiness, `transitionend`, and abortable stale-request handling as appropriate.
97
+ - Files and streams: await `finish` or `close`, handle error events, use `fsync` where durability matters, write same-directory temp files, and promote with atomic rename or replace semantics.
98
+ - Servers and processes: wait for listen callbacks, protocol-level health, successful command readiness output, exit events, and bounded shutdown completion rather than port-only or process-exists guesses.
99
+ - Workers and threads: use `join`, Future or Promise completion, channels, latches, barriers, condition variables, semaphores, atomics, or message ack ownership instead of sleep-as-yield.
100
+ - Databases and queues: wait for commit, read from the authoritative source when read-after-write matters, use queue ack or status polling, and model replica/search lag explicitly.
101
+ 4. When polling is the right contract, make it bounded.
102
+ - Poll a specific state predicate.
103
+ - Add a deadline or timeout, cancellation, and useful failure diagnostics.
104
+ - Use backoff and jitter when polling an external service or shared system.
105
+ - Preserve the difference between "not ready yet", "failed", "timed out", and "unknown".
106
+ 5. Review Promise completion honestly.
107
+ - The awaited Promise must represent the real work, not only scheduling the work.
108
+ - Catch async `forEach`, `map` without `Promise.all`, missing `return` in `.then`, unawaited callers, swallowed catches, async event handlers whose business flow is not awaited, debounced promises, and event APIs that need explicit `load`, `error`, `finish`, or `close` wrapping.
109
+ - In UI code, do not treat state setters, microtasks, or Promise resolution as proof that DOM layout or paint has happened.
110
+ 6. Define "once" by scope.
111
+ - Name the scope: call, component mount, route lifetime, tab, process, deployment, worker, queue message, transaction retry, cron tick, or durable resource.
112
+ - Make side effects idempotent when retries, remounts, StrictMode, HMR, reconnects, queue redelivery, transaction retries, multiple tabs, serverless cold starts, or rolling deploys can repeat them.
113
+ 7. Review tests.
114
+ - Prefer fake timers for timer contracts, controlled promises for async boundaries, barriers/latches for concurrency, readiness probes for services, and direct event simulation for UI or streams.
115
+ - Treat fixed sleeps as weak stress evidence only. They may supplement deterministic proof, but they should not be the main assertion.
116
+ - For local-fast/CI-slow differences, separate cold cache, disk, CPU throttling, memory, network, coverage, container, artifact, and shared-resource pressure before raising sleep durations.
117
+ 8. Preserve timeout and failure semantics.
118
+ - Replacing a fixed sleep with a wait must not create an unbounded hang.
119
+ - Keep deadline ownership clear when nested timeouts exist.
120
+ - Report missing cancellation, poor diagnostics, or unavailable one-shot verification instead of claiming the wait is proven.
121
+ 9. Choose verification by changed boundary.
122
+ - Use focused related tests for helper behavior, lint/build for type or API shape, docs validation for skill/docs changes, release tests for installed template or package surfaces, and `mustflow_check` for workflow documents.
123
+ - Do not invent raw browser, server, DB, queue, device, or CI commands outside the command contract.
124
+
125
+ <!-- mustflow-section: postconditions -->
126
+ ## Postconditions
127
+
128
+ - Every fixed wait is classified as a true time contract, replaced with a completion signal, converted to bounded polling, or reported as residual risk.
129
+ - The exact completion condition and boundary crossed by the old delay are named.
130
+ - Promise, "once", event-loop, render, filesystem, process, worker, database, queue, external consistency, and test claims are checked where relevant.
131
+ - Remaining waits have explicit reason, bound, cancellation, and diagnostic behavior when possible.
132
+ - Verification covers the changed timing boundary or reports the missing configured intent.
133
+
134
+ <!-- mustflow-section: verification -->
135
+ ## Verification
136
+
137
+ Use configured oneshot command intents when available:
138
+
139
+ - `changes_status`
140
+ - `changes_diff_summary`
141
+ - `lint`
142
+ - `build`
143
+ - `test_related`
144
+ - `test`
145
+ - `docs_validate_fast`
146
+ - `test_release`
147
+ - `mustflow_check`
148
+
149
+ Prefer the narrowest configured intent that proves the changed timing, readiness, test, docs, or installed-template behavior. Do not infer raw stress loops, dev servers, browser sessions, service startups, database checks, or queue harnesses outside the command contract.
150
+
151
+ <!-- mustflow-section: failure-handling -->
152
+ ## Failure Handling
153
+
154
+ - If the completion signal cannot be identified, stop increasing the sleep and report the missing readiness contract.
155
+ - If no completion signal exists, add the smallest explicit signal or bounded polling contract that fits local patterns; otherwise report the design gap.
156
+ - If fake timers, barriers, readiness probes, or visual/browser evidence are not configured, report the missing intent instead of presenting a sleep-based test as proof.
157
+ - If a configured command fails, preserve the failing intent and the timing boundary it exercised before editing again.
158
+ - If the delay is a true time contract but the value is stale, undocumented, or arbitrary, route the numeric decision through `date-number-audit` or the relevant runtime/framework skill.
159
+
160
+ <!-- mustflow-section: output-format -->
161
+ ## Output Format
162
+
163
+ - Waits or timing claims reviewed
164
+ - Classification: time contract, state readiness, polling, or residual risk
165
+ - Completion signal chosen or missing
166
+ - Event-loop, render, I/O, worker, DB, queue, external, device, Promise, and once-scope checks where relevant
167
+ - Fixed waits removed, retained, or bounded
168
+ - Tests or verification evidence
169
+ - Command intents run
170
+ - Skipped timing diagnostics and reasons
171
+ - Remaining async timing risk
@@ -330,6 +330,12 @@ route_type = "adjunct"
330
330
  priority = 77
331
331
  applies_to_reasons = ["unknown_change", "code_change", "behavior_change", "test_change", "public_api_change", "performance_change", "security_change", "privacy_change", "data_change"]
332
332
 
333
+ [routes."async-timing-boundary-review"]
334
+ category = "general_code"
335
+ route_type = "adjunct"
336
+ priority = 78
337
+ applies_to_reasons = ["unknown_change", "code_change", "behavior_change", "test_change", "public_api_change", "performance_change", "ui_change", "data_change", "migration_change", "package_metadata_change", "release_risk"]
338
+
333
339
  [routes."concurrency-invariant-review"]
334
340
  category = "general_code"
335
341
  route_type = "adjunct"
@@ -750,6 +756,12 @@ route_type = "primary"
750
756
  priority = 90
751
757
  applies_to_reasons = ["code_change", "behavior_change", "ui_change", "security_change", "privacy_change", "data_change", "public_api_change", "package_metadata_change", "release_risk"]
752
758
 
759
+ [routes."wails-code-change"]
760
+ category = "data_external"
761
+ route_type = "primary"
762
+ priority = 90
763
+ applies_to_reasons = ["code_change", "behavior_change", "ui_change", "security_change", "privacy_change", "data_change", "public_api_change", "package_metadata_change", "release_risk"]
764
+
753
765
  [routes."process-execution-safety"]
754
766
  category = "data_external"
755
767
  route_type = "primary"
@@ -1020,6 +1032,12 @@ route_type = "primary"
1020
1032
  priority = 85
1021
1033
  applies_to_reasons = ["ui_change", "code_change", "behavior_change", "public_api_change", "data_change", "security_change", "privacy_change", "performance_change", "test_change", "package_metadata_change", "release_risk"]
1022
1034
 
1035
+ [routes."vite-code-change"]
1036
+ category = "ui_assets"
1037
+ route_type = "primary"
1038
+ priority = 85
1039
+ applies_to_reasons = ["ui_change", "code_change", "behavior_change", "public_api_change", "data_change", "security_change", "privacy_change", "performance_change", "test_change", "docs_change", "migration_change", "package_metadata_change", "release_risk"]
1040
+
1023
1041
  [routes."svelte-code-change"]
1024
1042
  category = "ui_assets"
1025
1043
  route_type = "primary"
@@ -0,0 +1,279 @@
1
+ ---
2
+ mustflow_doc: skill.vite-code-change
3
+ locale: en
4
+ canonical: true
5
+ revision: 1
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: vite-code-change
9
+ description: Apply this skill when Vite config, plugins, Rolldown or Rollup compatibility, dependency optimization, dev server or HMR behavior, SSR, library mode, workers, Environment API usage, package exports, TypeScript transpilation, browser targets, assets, CSS, sourcemaps, package-manager scripts, CI, Docker, preview, or Vite-related tests are created, changed, reviewed, migrated, or upgraded.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.vite-code-change
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - lint
19
+ - build
20
+ - test_related
21
+ - test
22
+ - docs_validate_fast
23
+ - test_release
24
+ - mustflow_check
25
+ ---
26
+
27
+ # Vite Code Change
28
+
29
+ <!-- mustflow-section: purpose -->
30
+ ## Purpose
31
+
32
+ Preserve Vite build, dev-server, plugin, SSR, worker, library, dependency optimizer, package
33
+ resolution, TypeScript, CSS, asset, cache, sourcemap, preview, CI, Docker, and package-manager
34
+ contracts when changing Vite projects.
35
+
36
+ Vite is a toolchain boundary, not only a fast dev server. Review changes by asking which Vite major
37
+ is actually installed, which bundler pipeline is active, which runtime is being built, which package
38
+ entry is resolved, and whether dev, build, SSR, worker, preview, and CI will see the same intent.
39
+
40
+ <!-- mustflow-section: use-when -->
41
+ ## Use When
42
+
43
+ - `vite.config.*`, plugin code, framework integration config, package metadata, lockfiles, scripts,
44
+ TypeScript config, CSS preprocessor config, asset imports, worker imports, SSR server entry,
45
+ library build config, preview config, CI, Docker, or Vite tests change.
46
+ - The task touches Rolldown or Rollup compatibility, Oxc or esbuild transforms, Lightning CSS,
47
+ dependency pre-bundling, `optimizeDeps`, `resolve`, `server`, `preview`, `worker`, `ssr`,
48
+ `build`, `base`, `publicDir`, `assetsInlineLimit`, `manifest`, `sourcemap`, `modulepreload`,
49
+ HMR, `import.meta.glob`, `new URL(..., import.meta.url)`, package `exports`, ESM/CJS interop,
50
+ or environment-specific plugin behavior.
51
+ - A contribution proposes Vite performance, migration, plugin ordering, SSR, library packaging,
52
+ worker, TypeScript, Node, Bun, pnpm, Docker, CI, preview smoke, sourcemap, or asset pipeline
53
+ changes.
54
+
55
+ <!-- mustflow-section: do-not-use-when -->
56
+ ## Do Not Use When
57
+
58
+ - The change is entirely inside React, Vue, Svelte, Astro, or another framework boundary and Vite
59
+ config, package metadata, build output, SSR, workers, plugins, or dependency resolution are not
60
+ affected. Use the framework skill.
61
+ - The task is only CSS, HTML, image delivery, accessibility, or localization with no Vite build,
62
+ asset, config, or package behavior. Use the narrower frontend skill.
63
+ - The task is a broad dependency upgrade across many packages. Use dependency and version freshness
64
+ skills first, then this skill for Vite-specific compatibility.
65
+ - The task only checks whether a package exists. Use dependency reality checks instead.
66
+
67
+ <!-- mustflow-section: required-inputs -->
68
+ ## Required Inputs
69
+
70
+ - Package evidence: nearest `package.json`, lockfile, package manager, `engines`, package manager
71
+ field, workspace metadata, framework packages, Vite version range, plugins, test runner, and CI.
72
+ - Config evidence: `vite.config.*`, framework config that wraps Vite, TypeScript config, CSS
73
+ preprocessor config, aliases, package `exports`, `main`, `module`, `browser`, and `types`.
74
+ - Runtime ledger: app build, SSR build, library build, worker build, test environment, preview
75
+ server, static host, Node server, edge or webworker target, and browser support target.
76
+ - Plugin ledger: plugin order, `enforce`, `apply`, hook use, virtual module ids, query handling,
77
+ dev-only server state, output-generation hooks, `transformIndexHtml`, and environment state.
78
+ - Dependency optimizer ledger: linked packages, CommonJS dependencies, deep imports, discovery
79
+ gaps, `optimizeDeps.include` and exclude decisions, cache invalidation sources, and monorepo
80
+ package format.
81
+ - Asset and output ledger: public files, imported assets, dynamic asset paths, CSS code splitting,
82
+ module preload, manifest use, sourcemap policy, chunk rules, base path, and backend integration.
83
+ - Official or repository-local source evidence before preserving exact latest-version, release-date,
84
+ Node-floor, migration, deprecated-option, or compatibility claims.
85
+ - Configured verification intents for lint, build, tests, docs, package, preview, and mustflow
86
+ checks.
87
+
88
+ <!-- mustflow-section: preconditions -->
89
+ ## Preconditions
90
+
91
+ - Identify the installed Vite major and the intended target major before applying migration rules.
92
+ Do not treat this skill as a live Vite version source.
93
+ - Refresh official Vite docs, release notes, migration docs, and plugin docs before writing durable
94
+ "latest", default, deprecated, removed, Node-floor, browser-target, Rolldown, Oxc, Lightning CSS,
95
+ Environment API, or plugin-compatibility claims.
96
+ - Determine whether the project is an app, framework wrapper, plugin, library, SSR server, design
97
+ system, monorepo package, or static site before changing build output.
98
+ - Treat user-provided notes, blogs, AI output, and migration snippets as evidence, not authority.
99
+ - Use configured command intents only. Do not invent package-manager, dev-server, preview-server,
100
+ browser, or profiler commands inside this skill.
101
+
102
+ <!-- mustflow-section: allowed-edits -->
103
+ ## Allowed Edits
104
+
105
+ - Make focused Vite config, plugin, package metadata, TypeScript, CSS, asset, SSR, worker, library,
106
+ test, CI, Docker, docs, and template edits directly required by the requested change.
107
+ - Add or update tests when they protect changed config behavior, plugin behavior, package
108
+ resolution, SSR/worker/library output, asset paths, sourcemap policy, preview behavior, or
109
+ package-manager compatibility.
110
+ - Preserve repository-pinned Vite, Node, package-manager, browser-target, and framework-plugin
111
+ ranges unless the task explicitly supports a migration and verification surface.
112
+ - Do not migrate frameworks, replace the package manager, enable experimental Vite modes, widen
113
+ `allowedHosts`, publish sourcemaps, disable typechecking, or silence chunk warnings unless the
114
+ repository contract and user request support that tradeoff.
115
+
116
+ <!-- mustflow-section: procedure -->
117
+ ## Procedure
118
+
119
+ 1. **Classify the Vite surface.**
120
+ - Identify whether the patch touches config, plugin code, dependency optimization, dev server,
121
+ HMR, SSR, library mode, workers, package resolution, TypeScript, CSS, assets, sourcemaps,
122
+ preview, CI, Docker, tests, docs, or package metadata.
123
+ - For framework projects, decide which part belongs to the framework skill and which part
124
+ belongs to Vite itself.
125
+ 2. **Check the version and migration boundary.**
126
+ - Read package metadata and lockfile evidence for Vite, framework plugins, test runner,
127
+ TypeScript, Node, package manager, and related adapters.
128
+ - Apply only the official migration deltas crossed by the installed and target Vite major.
129
+ - Keep Vite 7 transition-package guidance, Vite 8 Rolldown defaults, and future Vite tracks
130
+ separate. Do not collapse them into one generic "Rolldown Vite" claim.
131
+ 3. **Review Rolldown, Rollup, Oxc, and CSS compatibility.**
132
+ - Check whether old `build.rollupOptions`, `worker.rollupOptions`, `build.commonjsOptions`,
133
+ esbuild transform or minify options, and object-form chunk rules are supported, deprecated,
134
+ transformed through compatibility, or ignored for the project version.
135
+ - For Vite 8+ tracks, prefer current Rolldown and Oxc configuration names when official docs and
136
+ project compatibility support them.
137
+ - Treat Oxc and Lightning CSS output differences as behavior risk for minification, syntax
138
+ lowering, property mangling, comments, CSS prefixes, nesting, color functions, and visual QA.
139
+ 4. **Review TypeScript and runtime checks.**
140
+ - Do not assume Vite type-checks TypeScript. Look for a configured `tsc`, framework checker, or
141
+ equivalent typecheck intent and report the gap when absent.
142
+ - Keep browser app TypeScript settings, Vite config TypeScript, Node scripts, SSR server code,
143
+ and library declarations aligned with their actual runtime resolution mode.
144
+ - Use `isolatedModules`, type-only imports, and syntax choices compatible with the project's
145
+ single-file transformer and support matrix.
146
+ 5. **Review dependency optimizer and dev-server performance.**
147
+ - Check DevTools cache, extensions, module request count, linked packages, CommonJS
148
+ dependencies, deep imports, discovery gaps, lockfile changes, patches, and Vite cache
149
+ invalidation before blaming Vite itself.
150
+ - Avoid broad barrel imports and extensionless imports on hot dev paths when direct imports and
151
+ explicit extensions are practical.
152
+ - Use dependency optimizer include or exclude settings only after identifying which package is
153
+ source-like, dependency-like, CommonJS, linked, or discovered too late.
154
+ - Use warmup, bundled dev, profile, or plugin diagnostics only through configured project
155
+ intents or approved workflows, and keep any experimental mode scoped and reported.
156
+ 6. **Review HMR and dev-server boundaries.**
157
+ - Keep HMR accept boundaries statically discoverable. Do not hide `import.meta.hot.accept` behind
158
+ wrappers that Vite cannot analyze.
159
+ - Clean up side effects in HMR dispose handlers and preserve state through `hot.data` without
160
+ replacing the object wholesale.
161
+ - For reverse proxies, containers, tunnels, and remote development, verify WebSocket ownership,
162
+ host allowlist, protocol, and fallback behavior. Do not set `allowedHosts: true` as a shortcut.
163
+ 7. **Review plugin ordering and hook contracts.**
164
+ - Remember that alias runs before user `enforce: 'pre'`, and user `enforce: 'post'` is not the
165
+ final build output.
166
+ - Keep plugin order separate from hook order, especially `transformIndexHtml` ordering.
167
+ - Do not add plugins from the `config` hook after plugin resolution.
168
+ - Guard dev-server state captured in `configureServer`; production build may not have a server,
169
+ module graph, watcher, or WebSocket.
170
+ - Preserve virtual module conventions: user imports use `virtual:*`, internal resolved ids use
171
+ the null-byte prefix, and query suffixes such as raw, url, worker, and inline remain meaningful.
172
+ - For non-JS files transformed into JavaScript under Rolldown-based tracks, set the module type
173
+ required by the current API instead of relying on extension guesses.
174
+ - Key plugin caches by environment when client, SSR, RSC, worker, or other environments can
175
+ share one plugin instance.
176
+ 8. **Review package resolution and ESM/CJS interop.**
177
+ - Build a package-entry ledger for client, dev SSR, production SSR, externalized SSR, worker,
178
+ test runner, Node direct execution, and TypeScript declarations.
179
+ - Treat package `exports` as the public door. It can override `main`, block deep imports, and
180
+ choose different files by condition order.
181
+ - Do not assume CJS named imports, `__esModule` default handling, `browser`, `module`, or `main`
182
+ fields behave the same across Vite, Node, SSR, and TypeScript.
183
+ - If `type: "module"` changes, inspect config files, scripts, and test files that still use
184
+ CommonJS globals or extension assumptions.
185
+ 9. **Review SSR, Environment API, workers, and library mode.**
186
+ - Treat Vite SSR APIs as low-level framework/tooling APIs. For app SSR, identify the framework or
187
+ server contract that owns routing, data loading, streaming, and deployment.
188
+ - Keep dev SSR transforms separate from production client and server builds. The SSR manifest is
189
+ a client-build artifact when preload mapping is required.
190
+ - Distinguish `ssr.resolve.conditions` from external dependency conditions, and keep Node
191
+ runtime conditions aligned when the project uses them.
192
+ - For webworker targets, reject hidden Node built-ins and package entries that only work in Node.
193
+ - Treat library mode as package output, not an app build. Check entry, formats, global name,
194
+ CSS splitting, asset inlining, modulepreload, UMD/IIFE, dynamic imports, and `import.meta.url`.
195
+ - For workers, confirm static worker patterns, query syntax, `worker.plugins`, and separate
196
+ plugin instances where build behavior differs from dev behavior.
197
+ 10. **Review assets, CSS, sourcemaps, and base paths.**
198
+ - Keep `public/` for files that must be served by stable public names. Import other assets so
199
+ Vite can hash, transform, and track them.
200
+ - Do not assume dynamic `new URL(dynamicPath, import.meta.url)` is transformed. Use explicit
201
+ maps or glob patterns when the asset set must be known at build time.
202
+ - Match `base` to the deployment path or CDN strategy.
203
+ - Do not silence chunk-size warnings by only raising the limit. Inspect initial JS, dynamic
204
+ imports, shared chunks, barrels, and parse or execution cost.
205
+ - Use sourcemaps according to the exposure policy: public, hidden and uploaded, blocked from
206
+ static hosting, or disabled. Do not publish source maps by accident.
207
+ - Keep SCSS or preprocessor `additionalData` to variables, mixins, and tokens. Do not inject
208
+ real CSS rules into every file unless duplication is intentional and measured.
209
+ 11. **Review package manager, CI, Docker, and preview.**
210
+ - Preserve the repository's package manager and lockfile. Do not introduce `bun.lock`,
211
+ `pnpm-lock.yaml`, `package-lock.json`, or `yarn.lock` drift unless the task is a package
212
+ manager migration.
213
+ - Align Node and package-manager declarations across package metadata, CI, Docker, local runtime
214
+ files, and workspace policy.
215
+ - Split install, typecheck, lint, tests, build, and preview smoke where the repository exposes
216
+ configured intents. Do not hide all failures behind one opaque build script.
217
+ - For preview smoke, require deterministic port, host, and asset path behavior through
218
+ configured intents or report missing coverage.
219
+ 12. **Verify through the repository contract.**
220
+ - Run the smallest configured checks that cover Vite config, typecheck, build output, tests,
221
+ docs, package metadata, and release-sensitive template output.
222
+ - Report missing dev-server, HMR, browser, SSR preview, worker, library-consumer, bundle
223
+ analyzer, sourcemap-upload, Docker, or CI verification when those surfaces changed.
224
+
225
+ <!-- mustflow-section: postconditions -->
226
+ ## Postconditions
227
+
228
+ - The installed Vite and target Vite tracks are known or explicitly reported as unknown.
229
+ - Rolldown/Rollup/Oxc/Lightning CSS compatibility is checked for the changed config and plugins.
230
+ - Type checking is separate from Vite transpilation or the missing check is reported.
231
+ - Dev-server, HMR, optimizer, package resolution, SSR, worker, library, asset, sourcemap, preview,
232
+ package-manager, CI, and Docker risks are fixed or reported.
233
+ - Durable version and default-behavior claims are official-source checked, dated, version-scoped,
234
+ or omitted.
235
+
236
+ <!-- mustflow-section: verification -->
237
+ ## Verification
238
+
239
+ Use configured oneshot command intents when available:
240
+
241
+ - `lint`
242
+ - `build`
243
+ - `test_related`
244
+ - `test`
245
+ - `docs_validate_fast`
246
+ - `test_release`
247
+ - `mustflow_check`
248
+
249
+ Report missing Vite typecheck, browser, HMR, dependency-optimizer, SSR, worker, library-consumer,
250
+ bundle-size, sourcemap, preview, Docker, CI, or package-manager verification when those surfaces
251
+ changed.
252
+
253
+ <!-- mustflow-section: failure-handling -->
254
+ ## Failure Handling
255
+
256
+ - If version evidence conflicts, preserve the repository's pinned Vite and runtime policy unless
257
+ the user explicitly chooses a migration or the current version is outside a required security or
258
+ support range.
259
+ - If official docs conflict with old snippets or framework wrapper behavior, follow the current
260
+ project version and official source, then report the wrapper-specific boundary.
261
+ - If dev works but build fails, inspect plugin hook phase, Rollup/Rolldown option compatibility,
262
+ SSR/externalization, worker build, library mode, and package exports before adding aliases.
263
+ - If build works but runtime fails, inspect CJS default/named imports, conditional exports, asset
264
+ paths, base path, sourcemaps, `import.meta.url`, and environment-specific plugin state.
265
+ - If a performance fix changes correctness, restore the package, route, asset, or plugin owner
266
+ boundary and report the performance tradeoff.
267
+ - If configured verification is missing, report the missing intent instead of inventing raw
268
+ package-manager, dev-server, preview, browser, profiler, Docker, or CI commands.
269
+
270
+ <!-- mustflow-section: output-format -->
271
+ ## Output Format
272
+
273
+ - Vite surface and version track checked
274
+ - Rolldown/Rollup/Oxc/CSS, TypeScript, optimizer, HMR, plugin, package-resolution, SSR, worker,
275
+ library, asset, sourcemap, package-manager, CI, Docker, and preview notes
276
+ - Files changed
277
+ - Command intents run
278
+ - Skipped checks and reasons
279
+ - Remaining Vite, runtime, plugin, package, or verification risk
@@ -0,0 +1,190 @@
1
+ ---
2
+ mustflow_doc: skill.wails-code-change
3
+ locale: en
4
+ canonical: true
5
+ revision: 1
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: wails-code-change
9
+ description: Apply this skill when Wails v3 applications, Go services, generated bindings, TypeScript runtime calls, windows, menus, system tray, dialogs, events, frontend bridge payloads, WebView platform behavior, Taskfile or build config, signing, packaging, custom protocols, file associations, server builds, or Wails-related tests are created, changed, reviewed, or upgraded.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.wails-code-change
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - lint
19
+ - build
20
+ - test_related
21
+ - test
22
+ - docs_validate_fast
23
+ - mustflow_check
24
+ ---
25
+
26
+ # Wails Code Change
27
+
28
+ <!-- mustflow-section: purpose -->
29
+ ## Purpose
30
+
31
+ Preserve Wails v3 application structure, Go service boundaries, generated binding compatibility, WebView platform behavior, native OS integration, and build or packaging contracts.
32
+
33
+ Treat Wails as a native shell around OS WebViews plus a Go-to-frontend bridge. Do not design it like Electron, a localhost web server, or a single browser runtime.
34
+
35
+ <!-- mustflow-section: use-when -->
36
+ ## Use When
37
+
38
+ - `wails.json`, `build/config.yml`, `Taskfile.yml`, `go.mod`, Wails Go APIs, `application.New`, services, generated bindings, `@wailsio/runtime`, frontend calls to Go methods, events, raw messages, windows, menus, system tray, dialogs, browser, clipboard, autostart, notifications, file associations, custom protocols, single-instance handling, signing, packaging, server builds, or Wails tests change.
39
+ - A task touches Wails v2-to-v3 migration, Electron-to-Wails migration, multi-window design, bridge payloads, binding generation, platform WebView behavior, OS integration, or cross-platform packaging.
40
+ - The task writes durable guidance about Wails version status, Wails CLI or runtime versions, WebView2, WKWebView, WebKitGTK, GTK build tags, Taskfile behavior, or platform packaging.
41
+
42
+ <!-- mustflow-section: do-not-use-when -->
43
+ ## Do Not Use When
44
+
45
+ - The change is pure Go with no Wails app, service, binding, WebView, or packaging boundary; use `go-code-change`.
46
+ - The change is pure web frontend with no Wails runtime, bridge, native window, or packaged WebView behavior; use the matching frontend skill.
47
+ - The change is a Tauri app; use `tauri-code-change`.
48
+ - The task only updates external version prose; use `source-freshness-check` or `version-freshness-check` unless the Wails procedure itself changes.
49
+
50
+ <!-- mustflow-section: required-inputs -->
51
+ ## Required Inputs
52
+
53
+ - Wails version track, Go module metadata, frontend package metadata, lockfiles, generated bindings, Taskfile and build config, Wails app entry point, service registration, window creation, event setup, menu or tray setup, dialog usage, and tests.
54
+ - Map of frontend calls to Go services: generated function, Go method, request DTO, response DTO, error contract, concurrency owner, cancellation path, and security or permission boundary.
55
+ - Window and native integration ledger: window name or id, owner, lifecycle, hide versus close policy, event subscriptions, runtime-ready handshake, menu projection, tray behavior, dialog decision flow, file association, custom protocol, and single-instance policy.
56
+ - Platform ledger: Windows WebView2 runtime and user-data folder assumptions, macOS WKWebView and signing or notarization expectations, Linux GTK/WebKitGTK target, build tags, package format, and unsupported or legacy distribution targets.
57
+ - Official or repository-local source evidence before preserving exact Wails status, alpha, release, CLI, runtime, package, platform dependency, or OS-support claims.
58
+ - Configured verification intents.
59
+
60
+ <!-- mustflow-section: preconditions -->
61
+ ## Preconditions
62
+
63
+ - Identify whether the app is Wails v2 or Wails v3 before editing. Do not translate v2 `wails.Run` patterns by search-and-replace.
64
+ - Treat generated bindings, Go binary, frontend runtime package, lockfiles, and Wails CLI version as one compatibility set.
65
+ - Treat every frontend-provided path, URL, protocol payload, file association, raw message, event payload, and service argument as untrusted.
66
+ - Refresh official Wails sources before writing exact status, release-date, latest-version, WebView dependency, GTK/WebKitGTK, signing, or packaging claims. If freshness cannot be checked, keep durable wording version-agnostic and report the boundary.
67
+
68
+ <!-- mustflow-section: allowed-edits -->
69
+ ## Allowed Edits
70
+
71
+ - Keep Wails-specific app assembly, service registration, window factories, menu/tray setup, event wiring, and build packaging surfaces synchronized.
72
+ - Keep Go services as app capability boundaries with typed DTOs, validation, thread-safe state, and explicit errors.
73
+ - Keep frontend calls thin around generated bindings and runtime event subscriptions with cleanup.
74
+ - Keep build and package changes in declared Wails config, Taskfile, Go module, frontend package, signing, installer, and docs surfaces.
75
+ - Do not expose debug, destructive, secret, filesystem, shell, updater, protocol, or raw-message behavior through exported Go methods without an explicit product and security boundary.
76
+
77
+ <!-- mustflow-section: procedure -->
78
+ ## Procedure
79
+
80
+ 1. Read Wails app entry points, `go.mod`, service files, generated bindings, frontend runtime imports, frontend call sites, event subscription sites, Taskfile, build config, package metadata, platform packaging files, and tests.
81
+ 2. Identify Wails major version and runtime mode: v2, v3 alpha, server build, native window build, or migration. For v3, use the app and manager API model rather than v2 single-run assumptions.
82
+ 3. Build an app ownership map:
83
+ - application object and startup/shutdown owner;
84
+ - registered services and resource owners;
85
+ - windows, names, ids, and lifecycle policy;
86
+ - menus, tray, dialogs, custom protocols, file associations, browser and clipboard operations;
87
+ - frontend runtime import and binding generation path.
88
+ 4. Build a bridge map for every frontend-to-Go call:
89
+ - frontend wrapper or generated function;
90
+ - Go method and service;
91
+ - request and response DTO;
92
+ - error shape;
93
+ - mutable state touched;
94
+ - cancellation or job id;
95
+ - large payload, streaming, or batching decision;
96
+ - security-sensitive input or output.
97
+ 5. Treat exported Go service methods as an internal RPC surface. Remove accidental exports from binding reachability, or mark them ignored or internal using the repository's established Wails pattern.
98
+ 6. Keep binding DTOs boring and explicit:
99
+ - use strings for identifiers, money, precise timestamps, and large integers that JavaScript `number` cannot safely represent;
100
+ - avoid returning domain models with unexported fields, file handles, channels, functions, broad `any` or `interface{}`, and complex cross-package aliases;
101
+ - distinguish missing, null, empty, forbidden, and not-yet-loaded states with explicit DTO fields;
102
+ - use `error` returns for expected failures and reserve panic for truly fatal programmer errors.
103
+ 7. Guard concurrent calls. Wails bridge calls can run simultaneously, so protect shared Go service state with a clear owner, mutex, channel, worker, database transaction, or immutable snapshot. Do not store current user, selected document, request-local data, or window-local state in a shared service field unless it is keyed and synchronized.
104
+ 8. Batch small repeated calls and keep large data off the ordinary call path. Use pagination, file handles, job ids, chunks, or progress events for large files, logs, binary blobs, or long-running output.
105
+ 9. Treat raw messages and low-level runtime calls as escape hatches. Require explicit schema validation, origin or caller validation when applicable, response correlation, timeout, and failure reporting before accepting a raw-message path.
106
+ 10. Design events as state notifications, not hidden data stores:
107
+ - wait for the target window runtime-ready event before emitting into a new window;
108
+ - keep and call unsubscribe functions for frontend and Go listeners;
109
+ - distinguish app-wide broadcasts from window-specific events;
110
+ - include request, window, workspace, or document ids when events target scoped state;
111
+ - throttle high-frequency progress, resize, move, drag, log, or stream events.
112
+ 11. Design windows as native lifecycle objects, not only frontend routes:
113
+ - classify each window as singleton, document-scoped, temporary, tray-attached, hidden reusable, or close-and-dispose;
114
+ - keep stable internal names separate from user-visible titles;
115
+ - choose hide versus close deliberately;
116
+ - use cancellable close hooks for unsaved work or protected shutdown flows;
117
+ - store size and position with monitor, scale, and off-screen recovery policy.
118
+ 12. Keep services, not windows, as long-lived resource owners. Database handles, file watchers, background workers, sync loops, and queues need startup, shutdown, cancellation, and wait paths independent of one window.
119
+ 13. Treat menus, tray, dialogs, autostart, notifications, clipboard, browser open, custom protocols, file associations, and single-instance behavior as product policies:
120
+ - keep macOS menu conventions separate from Windows and Linux window menus;
121
+ - update menu and tray projections after state changes;
122
+ - make dialogs asynchronous decision flows, not synchronous browser confirms;
123
+ - validate URLs, paths, protocol payloads, clipboard data, and file association inputs in Go;
124
+ - provide a fallback when tray support or notification features vary by desktop environment.
125
+ 14. Check WebView platform behavior before blaming frontend code:
126
+ - Windows uses WebView2 and has runtime, update, user-data folder, profile lock, and enterprise policy concerns;
127
+ - macOS uses WKWebView and has ATS, WebContent process, inspector, minimum OS, signing, notarization, and bundle concerns;
128
+ - Linux uses WebKitGTK and has GTK/WebKitGTK version, distro, portal, Wayland, AppImage, DEB/RPM, and driver concerns.
129
+ 15. Check build and packaging as a first-class contract:
130
+ - Wails v3 build and package behavior is Taskfile and build-config oriented;
131
+ - do not assume one host can produce all signed distributable artifacts without platform-specific runners or signing steps;
132
+ - keep WebView runtime strategy, installer format, macOS notarization, Linux distribution matrix, custom protocol registration, and file association registration explicit.
133
+ 16. When migration is involved, reject search-and-replace migrations. Rebuild the app assembly around application, services, windows, managers, lifecycle, generated bindings, events, and build tasks.
134
+ 17. Choose configured verification intents that cover Go code, frontend typecheck, generated bindings, package build, Wails build, platform package smoke, and docs. If those intents are missing, report the exact missing coverage.
135
+
136
+ <!-- mustflow-section: hard-bans -->
137
+ ## Hard Bans
138
+
139
+ - Do not design Wails v3 as Electron with multiple browser windows and shared frontend-only state.
140
+ - Do not create or rely on a localhost API server unless the app explicitly chooses that integration pattern.
141
+ - Do not use `latest` CLI or runtime claims in durable docs without a refreshed source and lockfile strategy.
142
+ - Do not expose raw paths, raw URLs, raw protocol payloads, arbitrary shell commands, secrets, tokens, debug dumps, or destructive operations through exported Go methods.
143
+ - Do not send large binary or text payloads repeatedly through ordinary binding calls or high-frequency events.
144
+ - Do not broadcast window-local or sensitive state to every window.
145
+ - Do not ignore generated binding drift between Go services, frontend imports, runtime package, and CLI version.
146
+ - Do not fix platform-specific packaging failures by weakening security settings, signing assumptions, or dependency requirements without naming the platform tradeoff.
147
+
148
+ <!-- mustflow-section: postconditions -->
149
+ ## Postconditions
150
+
151
+ - Wails major version, runtime package, generated bindings, and build surfaces are explicit.
152
+ - Go service methods, DTOs, errors, shared state, and concurrency ownership are clear.
153
+ - Window lifecycle, event subscriptions, menu/tray/dialog/native integration, and runtime-ready behavior are explicit.
154
+ - Platform WebView and packaging assumptions are recorded when touched.
155
+ - Missing Wails-specific verification is reported rather than hidden behind generic Go or frontend checks.
156
+
157
+ <!-- mustflow-section: verification -->
158
+ ## Verification
159
+
160
+ Use configured oneshot command intents when available:
161
+
162
+ - `lint`
163
+ - `build`
164
+ - `test_related`
165
+ - `test`
166
+ - `docs_validate_fast`
167
+ - `mustflow_check`
168
+
169
+ Report missing Wails-specific intents when relevant: generated binding check, frontend typecheck, Go tests, race-sensitive tests, native Wails build, packaged WebView startup smoke, Windows WebView2 runtime check, macOS signing or notarization check, Linux GTK/WebKitGTK package check, custom protocol or file association smoke, tray/menu/dialog smoke, and server-build smoke.
170
+
171
+ <!-- mustflow-section: failure-handling -->
172
+ ## Failure Handling
173
+
174
+ - If binding generation or runtime calls fail after version changes, check CLI, Go module, frontend runtime package, lockfile, generated binding, and binary compatibility before changing application logic.
175
+ - If a Wails app shows a blank window, check platform WebView startup, runtime-ready timing, built frontend assets, CSP or protocol configuration, and console evidence before rewriting UI state.
176
+ - If bridge calls race or return stale results, add request sequencing, cancellation, job ownership, or synchronized Go state before adding frontend retries.
177
+ - If a large payload stalls, move the payload to pagination, chunks, file handles, or pull-after-notification events.
178
+ - If a tray, menu, dialog, file association, protocol, or packaging behavior differs by OS, document and test the platform-specific path instead of forcing a fake cross-platform abstraction.
179
+ - If exact Wails version or platform support claims cannot be refreshed from official sources, keep the skill behavior version-agnostic and report the unverified source boundary.
180
+
181
+ <!-- mustflow-section: output-format -->
182
+ ## Output Format
183
+
184
+ - Boundary checked
185
+ - Wails version, app assembly, service, bridge, binding, window, event, menu, tray, dialog, and OS integration notes
186
+ - WebView platform and packaging notes when touched
187
+ - Files changed
188
+ - Command intents run
189
+ - Skipped checks and reasons
190
+ - Remaining Wails risk
@@ -1,6 +1,6 @@
1
1
  id = "default"
2
2
  name = "default"
3
- version = "2.103.35"
3
+ version = "2.106.0"
4
4
  description = "Minimal workflow for LLM agents to read, edit, and verify their work in a repository."
5
5
  common_root = "common"
6
6
  locales_root = "locales"
@@ -62,6 +62,7 @@ creates = [
62
62
  ".mustflow/skills/quadratic-scan-review/SKILL.md",
63
63
  ".mustflow/skills/type-state-modeling-review/SKILL.md",
64
64
  ".mustflow/skills/race-condition-review/SKILL.md",
65
+ ".mustflow/skills/async-timing-boundary-review/SKILL.md",
65
66
  ".mustflow/skills/concurrency-invariant-review/SKILL.md",
66
67
  ".mustflow/skills/failure-integrity-review/SKILL.md",
67
68
  ".mustflow/skills/backend-log-evidence-review/SKILL.md",
@@ -101,6 +102,7 @@ creates = [
101
102
  ".mustflow/skills/node-code-change/SKILL.md",
102
103
  ".mustflow/skills/react-code-change/SKILL.md",
103
104
  ".mustflow/skills/vue-code-change/SKILL.md",
105
+ ".mustflow/skills/vite-code-change/SKILL.md",
104
106
  ".mustflow/skills/python-code-change/SKILL.md",
105
107
  ".mustflow/skills/powershell-code-change/SKILL.md",
106
108
  ".mustflow/skills/shell-code-change/SKILL.md",
@@ -112,6 +114,7 @@ creates = [
112
114
  ".mustflow/skills/svelte-code-change/SKILL.md",
113
115
  ".mustflow/skills/tailwind-code-change/SKILL.md",
114
116
  ".mustflow/skills/tauri-code-change/SKILL.md",
117
+ ".mustflow/skills/wails-code-change/SKILL.md",
115
118
  ".mustflow/skills/typescript-code-change/SKILL.md",
116
119
  ".mustflow/skills/unocss-code-change/SKILL.md",
117
120
  ".mustflow/skills/cli-output-contract-review/SKILL.md",
@@ -276,6 +279,7 @@ minimal = [
276
279
  "quadratic-scan-review",
277
280
  "type-state-modeling-review",
278
281
  "race-condition-review",
282
+ "async-timing-boundary-review",
279
283
  "concurrency-invariant-review",
280
284
  "failure-integrity-review",
281
285
  "backend-log-evidence-review",
@@ -314,6 +318,7 @@ minimal = [
314
318
  "node-code-change",
315
319
  "react-code-change",
316
320
  "vue-code-change",
321
+ "vite-code-change",
317
322
  "python-code-change",
318
323
  "powershell-code-change",
319
324
  "shell-code-change",
@@ -322,6 +327,7 @@ minimal = [
322
327
  "svelte-code-change",
323
328
  "tailwind-code-change",
324
329
  "tauri-code-change",
330
+ "wails-code-change",
325
331
  "typescript-code-change",
326
332
  "unocss-code-change",
327
333
  "command-contract-authoring",
@@ -428,6 +434,7 @@ patterns = [
428
434
  "quadratic-scan-review",
429
435
  "type-state-modeling-review",
430
436
  "race-condition-review",
437
+ "async-timing-boundary-review",
431
438
  "concurrency-invariant-review",
432
439
  "failure-integrity-review",
433
440
  "backend-log-evidence-review",
@@ -466,6 +473,7 @@ patterns = [
466
473
  "node-code-change",
467
474
  "react-code-change",
468
475
  "vue-code-change",
476
+ "vite-code-change",
469
477
  "python-code-change",
470
478
  "powershell-code-change",
471
479
  "shell-code-change",
@@ -474,6 +482,7 @@ patterns = [
474
482
  "svelte-code-change",
475
483
  "tailwind-code-change",
476
484
  "tauri-code-change",
485
+ "wails-code-change",
477
486
  "typescript-code-change",
478
487
  "unocss-code-change",
479
488
  "command-contract-authoring",
@@ -591,6 +600,7 @@ oss = [
591
600
  "quadratic-scan-review",
592
601
  "type-state-modeling-review",
593
602
  "race-condition-review",
603
+ "async-timing-boundary-review",
594
604
  "concurrency-invariant-review",
595
605
  "failure-integrity-review",
596
606
  "backend-log-evidence-review",
@@ -629,6 +639,7 @@ oss = [
629
639
  "node-code-change",
630
640
  "react-code-change",
631
641
  "vue-code-change",
642
+ "vite-code-change",
632
643
  "python-code-change",
633
644
  "powershell-code-change",
634
645
  "shell-code-change",
@@ -637,6 +648,7 @@ oss = [
637
648
  "svelte-code-change",
638
649
  "tailwind-code-change",
639
650
  "tauri-code-change",
651
+ "wails-code-change",
640
652
  "typescript-code-change",
641
653
  "unocss-code-change",
642
654
  "cli-output-contract-review",
@@ -770,6 +782,7 @@ team = [
770
782
  "quadratic-scan-review",
771
783
  "type-state-modeling-review",
772
784
  "race-condition-review",
785
+ "async-timing-boundary-review",
773
786
  "concurrency-invariant-review",
774
787
  "failure-integrity-review",
775
788
  "backend-log-evidence-review",
@@ -808,6 +821,7 @@ team = [
808
821
  "node-code-change",
809
822
  "react-code-change",
810
823
  "vue-code-change",
824
+ "vite-code-change",
811
825
  "python-code-change",
812
826
  "powershell-code-change",
813
827
  "shell-code-change",
@@ -816,6 +830,7 @@ team = [
816
830
  "svelte-code-change",
817
831
  "tailwind-code-change",
818
832
  "tauri-code-change",
833
+ "wails-code-change",
819
834
  "typescript-code-change",
820
835
  "unocss-code-change",
821
836
  "command-contract-authoring",
@@ -935,6 +950,7 @@ product = [
935
950
  "quadratic-scan-review",
936
951
  "type-state-modeling-review",
937
952
  "race-condition-review",
953
+ "async-timing-boundary-review",
938
954
  "concurrency-invariant-review",
939
955
  "failure-integrity-review",
940
956
  "backend-log-evidence-review",
@@ -973,6 +989,7 @@ product = [
973
989
  "node-code-change",
974
990
  "react-code-change",
975
991
  "vue-code-change",
992
+ "vite-code-change",
976
993
  "python-code-change",
977
994
  "powershell-code-change",
978
995
  "shell-code-change",
@@ -981,6 +998,7 @@ product = [
981
998
  "svelte-code-change",
982
999
  "tailwind-code-change",
983
1000
  "tauri-code-change",
1001
+ "wails-code-change",
984
1002
  "typescript-code-change",
985
1003
  "unocss-code-change",
986
1004
  "command-contract-authoring",
@@ -1106,6 +1124,7 @@ library = [
1106
1124
  "quadratic-scan-review",
1107
1125
  "type-state-modeling-review",
1108
1126
  "race-condition-review",
1127
+ "async-timing-boundary-review",
1109
1128
  "concurrency-invariant-review",
1110
1129
  "failure-integrity-review",
1111
1130
  "backend-log-evidence-review",
@@ -1144,6 +1163,7 @@ library = [
1144
1163
  "node-code-change",
1145
1164
  "react-code-change",
1146
1165
  "vue-code-change",
1166
+ "vite-code-change",
1147
1167
  "python-code-change",
1148
1168
  "powershell-code-change",
1149
1169
  "shell-code-change",
@@ -1152,6 +1172,7 @@ library = [
1152
1172
  "svelte-code-change",
1153
1173
  "tailwind-code-change",
1154
1174
  "tauri-code-change",
1175
+ "wails-code-change",
1155
1176
  "typescript-code-change",
1156
1177
  "unocss-code-change",
1157
1178
  "cli-output-contract-review",