mustflow 2.108.8 → 2.112.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,328 @@
1
+ ---
2
+ mustflow_doc: skill.technology-stack-selection
3
+ locale: en
4
+ canonical: true
5
+ revision: 1
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: technology-stack-selection
9
+ description: Apply this skill when choosing, adding, replacing, upgrading, rejecting, or standardizing a technology stack, framework, runtime, database, cache, queue, auth provider, payment provider, AI provider, SDK, hosting platform, deployment tool, build tool, ORM, observability tool, or vendor integration, especially when the decision affects migration path, rollback path, ecosystem maturity, maintainer risk, debugging surface, lock-in, CI/CD cost, deployment cost, operating toil, or solo-maintainer survivability.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.technology-stack-selection
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - docs_validate_fast
19
+ - test_related
20
+ - test_release
21
+ - mustflow_check
22
+ ---
23
+
24
+ # Technology Stack Selection
25
+
26
+ <!-- mustflow-section: purpose -->
27
+ ## Purpose
28
+
29
+ Choose technology by whether the project can operate, debug, deploy, upgrade, pay for, and
30
+ replace it for the full expected life of the product.
31
+
32
+ This skill prevents agents from accepting technology because it is fashionable, fast in a
33
+ benchmark, convenient for a demo, popular in another company's architecture, or attractive to the
34
+ developer. For indie, solo, and small-team projects, the core question is whether the stack can
35
+ keep earning value while the maintainer is tired, busy, away from the codebase, or handling an
36
+ incident without a dedicated platform team.
37
+
38
+ Treat survival-path decisions as failure-survivability decisions, not feature-implementation
39
+ decisions.
40
+
41
+ <!-- mustflow-section: use-when -->
42
+ ## Use When
43
+
44
+ - A task chooses, compares, adopts, replaces, upgrades, rejects, or standardizes a technology,
45
+ framework, runtime, database, queue, cache, auth provider, payment provider, AI provider, SDK,
46
+ hosting platform, deployment tool, build tool, ORM, observability tool, package ecosystem, or
47
+ vendor integration.
48
+ - A technology is proposed for authentication, authorization, billing, payment, durable data,
49
+ permissions, deployment, backup, restore, queueing, file storage, customer money, customer data,
50
+ security, or another survival path.
51
+ - The decision depends on migration path, rollback path, local reproducibility, CI/CD cost,
52
+ deployment cost, operating toil, observability cost, backup and restore cost, maintainer capacity,
53
+ hiring availability, lock-in, data export, ecosystem maturity, or debugging surface.
54
+ - A new or experimental technology may belong in a differentiating edge feature, internal tool,
55
+ read-only path, derived-data path, analytics surface, search layer, recommendation layer, AI
56
+ layer, or feature-flagged experiment.
57
+ - A stack choice is being justified for solo, indie, small-team, funded-startup, open-source,
58
+ library, or enterprise contexts where the same technology can be appropriate in one context and
59
+ dangerous in another.
60
+
61
+ <!-- mustflow-section: do-not-use-when -->
62
+ ## Do Not Use When
63
+
64
+ - The task only edits code within an already selected technology and no new dependency, runtime,
65
+ vendor, data contract, deployment path, or operational surface is being chosen. Use the matching
66
+ implementation skill.
67
+ - The task only checks whether a dependency exists, is declared, or is safe to import. Use
68
+ `dependency-reality-check`.
69
+ - The task only chooses a primary language, runtime, compile target, or execution environment. Use
70
+ `runtime-target-selection` first, then this skill only for broader stack and operations tradeoffs.
71
+ - A user or repository owner has already mandated the technology. In that case, use this skill only
72
+ to document constraints, guardrails, migration, rollback, observability, and verification.
73
+ - The task asks for an unconstrained brainstorming list with no adoption decision. Use
74
+ `idea-triage` or `complex-decision-analysis` when those narrower conditions match.
75
+
76
+ <!-- mustflow-section: required-inputs -->
77
+ ## Required Inputs
78
+
79
+ - Decision scope: affected product surface, repository, packages, services, data, deployment,
80
+ users, operators, and time horizon.
81
+ - Candidate technologies: name, intended role, version range when relevant, adoption type, and
82
+ whether the candidate is a new stack, replacement, upgrade, or vendor migration.
83
+ - Baseline and boring default: current choice, no-change option, most conventional low-risk option,
84
+ current pain, current costs, known failure modes, and existing team knowledge.
85
+ - Criticality: `experiment`, `internal_tool`, `customer_facing`, `production_core`, or
86
+ `irreversible_core`.
87
+ - Reversibility class: `code_only`, `config`, `build_pipeline`, `runtime_dependency`,
88
+ `persistent_data`, `public_api`, `customer_workflow`, `vendor_contract`, `security_boundary`, or
89
+ `money_or_permission`.
90
+ - Team and maintainer capacity: solo, indie, small team, funded startup, enterprise, open-source
91
+ maintainer count, on-call owner, runbook owner, training cost, and hiring or support availability.
92
+ - Evidence: repository patterns, official docs, changelogs, migration guides, security advisories,
93
+ issue trackers, production incidents, prototypes, CI results, command receipts, pricing pages, and
94
+ support or SLA evidence when available.
95
+ - Success and failure criteria: what must improve, what must not regress, what would stop the
96
+ adoption, and what evidence would reverse the recommendation.
97
+
98
+ <!-- mustflow-section: preconditions -->
99
+ ## Preconditions
100
+
101
+ - Higher-priority instructions and `.mustflow/config/commands.toml` have been checked for the
102
+ current scope.
103
+ - External AI output, blog posts, vendor marketing, popularity signals, benchmark claims, and
104
+ famous-company usage are evidence candidates only, not authority.
105
+ - Current external facts such as versions, prices, license terms, platform limits, and release
106
+ status are refreshed through an authorized source path or marked as unverified when they affect
107
+ the decision.
108
+ - The status quo and a boring default are included unless the user explicitly fixed the option set.
109
+ - A narrower implementation skill will be selected before editing implementation files.
110
+
111
+ <!-- mustflow-section: allowed-edits -->
112
+ ## Allowed Edits
113
+
114
+ - Create or update technology decision records, architecture notes, migration plans, rollback
115
+ plans, runbook notes, route metadata, skill procedures, template metadata, tests, and docs that
116
+ directly support the stack decision.
117
+ - Add only the smallest reversible implementation scaffold when the user requests implementation
118
+ and the decision has passed this skill's gates.
119
+ - Do not install dependencies, run package managers, start services, run benchmarks, perform
120
+ migrations, deploy, open vendor dashboards, or change cloud resources unless the repository
121
+ command contract and user request explicitly allow that action.
122
+ - Do not let a score total, popularity, benchmark, developer experience, or novelty override a hard
123
+ rejection gate.
124
+
125
+ <!-- mustflow-section: core-definitions -->
126
+ ## Core Definitions
127
+
128
+ `survival_path` means a path where failure can block accounts, money, permissions, durable data,
129
+ deployment, backup, recovery, customer trust, or the maintainer's ability to keep the product alive.
130
+ Typical surfaces include auth, authorization, payment, billing, database, deployment, backup,
131
+ restore, queues, file storage, secrets, customer money, customer data, and operational recovery.
132
+
133
+ `migration_path` means a staged move from the baseline to the candidate while keeping the product or
134
+ workflow usable. It covers code, data, configuration, deployment, tests, cutover, ownership, and the
135
+ middle state. A big-bang rewrite is not a migration path.
136
+
137
+ `rollback_path` means a rehearsable return to the previous stable state or a safe degraded state. It
138
+ covers data compatibility, schema compatibility, feature flags, routing, backups, cutover timing,
139
+ customer impact, and the point after which rollback becomes unsafe. Backup alone is not rollback.
140
+
141
+ `ecosystem_maturity` means the candidate and its surrounding tools can survive ordinary production
142
+ use: docs, changelogs, migration guides, security response, integrations, testing tools, debugging
143
+ tools, production failure knowledge, release cadence, and available operators.
144
+
145
+ `maintainer_risk` means the risk that the candidate becomes abandoned, unsupported, vendor-captured,
146
+ relicensed, incompatibly changed, underfunded, or dependent on too few people.
147
+
148
+ `debugging_surface` means the layers and opaque states a maintainer must inspect during failure:
149
+ generated code, runtime magic, plugins, hidden cache, async queues, network boundaries, vendor
150
+ dashboards, local reproducibility, logs, traces, metrics, error codes, and request correlation.
151
+
152
+ <!-- mustflow-section: hard-rejection-criteria -->
153
+ ## Hard Rejection Criteria
154
+
155
+ Reject a candidate for `production_core` or `irreversible_core` when any condition is true:
156
+
157
+ - No staged migration path exists.
158
+ - The only migration path is a big-bang rewrite.
159
+ - Rollback depends on luck, manual data surgery, unbounded downtime, or customer-visible data loss.
160
+ - The candidate writes persistent data, events, files, auth state, money records, permission
161
+ records, cache keys, or public API contracts that the previous system cannot read or safely ignore.
162
+ - The candidate is beta, experimental, preview-only, unstable, deprecated, or vendor-opaque for a
163
+ customer-facing or core surface.
164
+ - Maintainer risk concentrates on one person, one abandoned project, one unfunded package, or one
165
+ vendor-controlled API without an adapter, fork, export, or replacement plan.
166
+ - The ecosystem lacks current docs, migration guides, security response, basic integrations, or
167
+ searchable operational failure knowledge for the intended use.
168
+ - Debugging crosses opaque generated code, hidden runtime state, async infrastructure, or remote
169
+ vendor behavior without local reproduction, logs, traces, metrics, request IDs, and an error
170
+ taxonomy.
171
+ - The team cannot operate the technology and has no owner, training plan, runbook, or support plan.
172
+ - License, pricing, data retention, region, privacy, compliance, or security constraints conflict
173
+ with the project.
174
+ - The candidate solves taste, novelty, resume value, or aesthetic discomfort rather than a real
175
+ product, operational, security, performance, or maintenance bottleneck.
176
+ - A local reversible problem would become a global architecture commitment.
177
+
178
+ Do not average scores until hard rejection criteria have been applied.
179
+
180
+ <!-- mustflow-section: scoring-rubric -->
181
+ ## Scoring Rubric
182
+
183
+ Score each non-rejected candidate from 0 to 5:
184
+
185
+ - `0`: no evidence, impossible, or actively unsafe.
186
+ - `1`: theoretical, undocumented, or dependent on heroic manual work.
187
+ - `2`: possible with high manual cost, fragile assumptions, or large downtime.
188
+ - `3`: usable with known limits, documented mitigation, and acceptable blast radius.
189
+ - `4`: documented, staged, testable, rehearsable, observable, and owned.
190
+ - `5`: boring, standard, widely proven, easy to operate, easy to replace, and compatible with the
191
+ project.
192
+
193
+ Required dimensions:
194
+
195
+ - Migration path
196
+ - Rollback path
197
+ - Ecosystem maturity
198
+ - Maintainer health
199
+ - Debuggability
200
+ - Operating surface and toil
201
+ - Cost predictability
202
+ - Data ownership and export
203
+ - Security and privacy fit
204
+
205
+ For `experiment` or `internal_tool`, scores of 2 or 3 can be acceptable when the candidate is
206
+ isolated, timeboxed, feature-flagged, and easy to remove.
207
+
208
+ For `customer_facing`, require no hard rejection and at least 3 in migration, rollback, ecosystem,
209
+ maintainer health, and debuggability.
210
+
211
+ For `production_core`, require no hard rejection, at least 4 in migration, rollback, debuggability,
212
+ operating surface, and data ownership, and at least 3 in ecosystem and maintainer health.
213
+
214
+ For `irreversible_core`, require no hard rejection, at least 4 in every dimension, a named owner,
215
+ and a rehearsed recovery path.
216
+
217
+ <!-- mustflow-section: procedure -->
218
+ ## Procedure
219
+
220
+ 1. Define the decision contract: what is being chosen, what is not being chosen, baseline, boring
221
+ default, owner, time horizon, and affected survival paths.
222
+ 2. Classify criticality and reversibility. Raise the evidence bar for persistent data, public APIs,
223
+ auth, payment, permission, deployment, backup, restore, and customer workflows.
224
+ 3. Build the option set. Include the status quo and boring default. Compare no more than three
225
+ additional candidates unless the user asks for a broader survey.
226
+ 4. Build the evidence ledger. Separate facts, inferences, assumptions, and unknowns. Prefer current
227
+ primary evidence over social proof, benchmark marketing, generated advice, or repeated citations.
228
+ 5. Evaluate maintainer life. For solo or indie work, prefer the smallest operating surface: one
229
+ understandable app path, managed boring infrastructure, simple CI/CD, automatic backups,
230
+ observable failures, and cheap rollback. Treat maintainer time as a real cost.
231
+ 6. Place experimentation at the edge. New or experimental technology belongs in replaceable parts,
232
+ read-only paths, derived-data paths, internal tools, feature-flagged features, analytics, search,
233
+ recommendation, or AI differentiators that can fail without corrupting the source of truth.
234
+ 7. Assess migration path for each candidate: source, target, compatibility layer, data conversion,
235
+ dual-run or shadow mode, cutover, validation, owner, blast radius, and stop condition.
236
+ 8. Assess rollback path for each candidate: trigger, steps, data preservation, schema compatibility,
237
+ feature flag or routing control, backup and restore limits, customer impact, irreversible cutoff,
238
+ and rehearsal requirement.
239
+ 9. Assess ecosystem maturity and maintainer risk: docs, changelog, release cadence, security
240
+ response, issue and PR handling, governance, funding, license stability, support, and exit path.
241
+ 10. Assess debugging surface: local reproduction, logs, traces, metrics, request IDs, error codes,
242
+ generated code, runtime magic, caches, queues, network boundaries, vendor dashboards, and blind
243
+ spots.
244
+ 11. Assess cost and operating surface: fixed cost, variable cost, CI/CD cost, observability cost,
245
+ backup and restore cost, failure-spike cost, egress, retry storms, log volume, billing meters,
246
+ and monthly maintainer labor.
247
+ 12. Apply hard rejection criteria before scoring. Do not rescue a hard-failed candidate with
248
+ popularity, performance, developer experience, or future promises.
249
+ 13. Score remaining candidates with one sentence of evidence for each dimension. Avoid invented
250
+ weights unless the user provided a decision model.
251
+ 14. Attack the leading candidate. State the strongest reason not to choose it and the smallest
252
+ evidence that would reverse the recommendation.
253
+ 15. Choose exactly one decision state: `adopt`, `adopt_with_constraints`, `experiment_first`,
254
+ `defer`, `reject`, or `reject_until_evidence_exists`.
255
+ 16. Define the next action. For adoption, specify the smallest safe rollout, guardrails, migration,
256
+ rollback, observability, owner, verification, and stop condition. For experiment, specify the
257
+ question, timebox, success criteria, failure criteria, cleanup path, and decision-reversing
258
+ evidence.
259
+ 17. Hand off to implementation only after selecting the narrower implementation skill and carrying
260
+ forward accepted constraints, migration steps, rollback steps, observability, and verification.
261
+
262
+ <!-- mustflow-section: postconditions -->
263
+ ## Postconditions
264
+
265
+ - The recommendation is based on survivability, reversibility, debugging, operating cost, and team
266
+ capacity, not novelty.
267
+ - Survival-path choices prefer boring proven technology unless the candidate proves a stronger
268
+ recovery and operating story.
269
+ - Experimental technology is isolated from source-of-truth data, money, permissions, and deployment
270
+ unless the project explicitly accepts the risk and can roll back.
271
+ - Hard rejection criteria are applied before any score comparison.
272
+ - Migration, rollback, observability, owner, and stop conditions are explicit.
273
+
274
+ <!-- mustflow-section: verification -->
275
+ ## Verification
276
+
277
+ Use configured oneshot command intents when available:
278
+
279
+ - `changes_status`
280
+ - `changes_diff_summary`
281
+ - `docs_validate_fast`
282
+ - `test_related`
283
+ - `test_release`
284
+ - `mustflow_check`
285
+
286
+ Use `docs_validate_fast` when a decision record, architecture note, skill, template, or mustflow doc
287
+ changes. Use `test_related` or `test_release` when installed template behavior, package output, or
288
+ tests change. Use `mustflow_check` when mustflow-owned skills, routes, indexes, templates, or command
289
+ contracts change.
290
+
291
+ Report missing benchmark, migration, deployment, restore, cloud, vendor, pricing, or observability
292
+ verification instead of inventing raw commands.
293
+
294
+ <!-- mustflow-section: failure-handling -->
295
+ ## Failure Handling
296
+
297
+ - If the user provides only a favorite technology and no baseline, compare it with the status quo
298
+ and a boring default.
299
+ - If evidence is missing for a production-core decision, return `reject_until_evidence_exists` or
300
+ `experiment_first`, not `adopt`.
301
+ - If rollback is weak, constrain the candidate to experiment, edge usage, or non-core usage.
302
+ - If a mature candidate creates a large debugging surface, require observability and local
303
+ reproduction before adoption.
304
+ - If maintainer risk is concentrated, require an adapter, fork plan, vendor alternative, or deferral.
305
+ - If cost cannot be estimated across normal, success, and failure-spike scenarios, mark cost
306
+ predictability as unresolved.
307
+ - If every option fails hard constraints, return `defer`, `reject`, or
308
+ `reject_until_evidence_exists` and name what would need to change.
309
+
310
+ <!-- mustflow-section: output-format -->
311
+ ## Output Format
312
+
313
+ - Skill selection and overlap decision
314
+ - Decision state: `adopt`, `adopt_with_constraints`, `experiment_first`, `defer`, `reject`, or
315
+ `reject_until_evidence_exists`
316
+ - Decision scope, baseline, boring default, criticality, reversibility class, owner, and time horizon
317
+ - Candidate matrix with hard-gate result, scores, evidence, mitigations, and verdict
318
+ - Survival-path impact and experimental-edge placement
319
+ - Migration path
320
+ - Rollback path
321
+ - Debugging surface
322
+ - Cost and operating-surface notes
323
+ - Hard rejections and exact criteria
324
+ - Guardrails, owner, runbook, observability, security, privacy, and data-export requirements
325
+ - Experiment plan when the decision is `experiment_first`
326
+ - Command intents run
327
+ - Skipped verification and reasons
328
+ - Remaining risk and decision-reversing evidence
@@ -2,11 +2,11 @@
2
2
  mustflow_doc: skill.version-freshness-check
3
3
  locale: en
4
4
  canonical: true
5
- revision: 9
5
+ revision: 10
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: version-freshness-check
9
- description: Apply this skill when generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, Python standard-library/API references, TypeScript compiler-track references, Go release, toolchain, standard-library, runtime, experiment, framework, or dependency references such as Gin, Rust release, toolchain, standard-library, Cargo, edition, MSRV, lint, or target references, HTTP standard or browser-support references, or migration-sensitive snippets introduce explicit external version references that may be stale.
9
+ description: Apply this skill when generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, Python standard-library/API references, TypeScript compiler-track references, Go release, toolchain, standard-library, runtime, experiment, framework, or dependency references such as Gin, Java or JDK release, GA, LTS, support, JEP, JVM flag, GC, virtual-thread, preview, incubator, or build-tool references, Rust release, toolchain, standard-library, Cargo, edition, MSRV, lint, or target references, HTTP standard or browser-support references, or migration-sensitive snippets introduce explicit external version references that may be stale.
10
10
  metadata:
11
11
  mustflow_schema: "1"
12
12
  mustflow_kind: procedure
@@ -37,6 +37,7 @@ Prevent agents from writing stale external version references from memory, while
37
37
  - Python wording mentions current/stable/support status, Python 3.14+ or 3.15+ syntax, standard-library APIs, runtime flags, changed default behavior, security defaults, or examples that depend on `requires-python`.
38
38
  - TypeScript wording mentions current/stable/RC/nightly status for TypeScript 6, TypeScript 7, `@typescript/typescript6`, `tsc6`, `typescript@rc`, `@typescript/native-preview`, `tsgo`, compiler API compatibility, or migration readiness.
39
39
  - Go wording mentions current/stable/support status, Go release numbers, `go.mod` language version behavior, `toolchain` behavior, standard-library APIs, `GOEXPERIMENT`, runtime defaults, container behavior, JSON experiments, third-party Go framework releases such as Gin, framework minimum-Go requirements, or examples that depend on a specific Go or framework version.
40
+ - Java wording mentions current/stable/GA/LTS/support status, Java or JDK release numbers, Oracle/OpenJDK/vendor support tracks, JEP status, preview or incubator APIs, JVM flags, GC behavior, virtual-thread behavior, `ScopedValue`, structured concurrency, final-field reflection restrictions, applet removal, HTTP/3, AOT cache, Compact Object Headers, JFR, JMH, container memory or CPU behavior, Maven or Gradle toolchains, bytecode target, or examples that depend on a specific Java version.
40
41
  - Rust wording mentions current/stable/support status, Rust release numbers, `rust-version`, edition behavior, `rust-toolchain`, Cargo resolver or workspace behavior, standard-library APIs, compiler lints, target behavior, release profiles, or examples that depend on a specific Rust version.
41
42
  - HTTP delivery wording mentions current support, baseline status, default behavior, standard status, or compatibility for zstd content coding, compression dictionary transport, SSE/EventSource, WebTransport, WebSocket fallback, HTTP/2, HTTP/3, QUIC, CDN behavior, proxy buffering, or browser transport APIs.
42
43
  - An agent proposes a versioned dependency, tool, framework, action, image, or runtime based on memory, copied snippets, older project examples, or user-provided text that may be stale.
@@ -93,7 +94,7 @@ Prevent agents from writing stale external version references from memory, while
93
94
  9. For existing projects, do not cross a major, migration-required, engine, framework, CI-image, or generated-output boundary without user approval or explicit repository policy.
94
95
  10. For patch, security-minimum, and low-risk minor differences, update only when the declaration, examples, lockfile policy, and verification surface can stay aligned. Otherwise report the proposed change and leave the pinned value unchanged.
95
96
  11. For GitHub Actions and CI tools, review the action source, major tag policy, runtime support, cache behavior, permissions, and organization pinning rule. Do not assume a newer major is safe only because it exists.
96
- 12. For framework and runtime majors such as Astro, Tauri, Electron, Next, SvelteKit, Node, Bun, Deno, Python, Rust, or Java, check migration notes, config schema, plugin and adapter compatibility, generated files, security model, deployment target, and rollback path before recommending a major change.
97
+ 12. For framework and runtime majors such as Astro, Tauri, Electron, Next, SvelteKit, Node, Bun, Deno, Python, Go, Java, Rust, or JavaScript runtimes, check migration notes, config schema, plugin and adapter compatibility, generated files, security model, deployment target, and rollback path before recommending a major change.
97
98
  13. For Python standard-library or runtime-behavior claims, refresh official Python documentation before writing durable wording. Check `requires-python`, CI/runtime matrices, and container images before using or recommending Python 3.14+ standard-library APIs or version-gated features such as template string literals, `annotationlib`, Python 3.14+ `map(strict=True)`, `functools.Placeholder`, `heapq` max-heap helpers, import-timing flag behavior, `finally` flow-control warnings, or changed security defaults.
98
99
  14. For Python examples that use newer standard-library APIs, either keep the example behind an explicit runtime floor or provide a supported fallback. Do not call a Python 3.14-only API a general Python best practice when the repository declares lower support.
99
100
  15. For Python 3.15+ claims, keep beta, release-candidate, and stable tracks separate. Refresh official docs before using explicit lazy imports, built-in `frozendict`, built-in `sentinel`, unpacking comprehensions, typed `TypedDict` extra items, startup configuration files, or changed encoding behavior in durable examples.
@@ -102,13 +103,16 @@ Prevent agents from writing stale external version references from memory, while
102
103
  18. For Go release, toolchain, standard-library, runtime, or experiment claims, refresh official Go release notes or package documentation before writing durable wording. Check the repository's `go` directive, `toolchain` directive, CI/runtime matrix, and container target before using or recommending version-gated features such as expression operands to `new`, range-over-function iterators, generic type aliases, reflect iterator methods, `errors.AsType`, `sync.WaitGroup.Go`, `testing/synctest`, `testing.B.Loop`, `T.ArtifactDir`, `B.ArtifactDir`, `F.ArtifactDir`, `testing/cryptotest.SetGlobalRandom`, `os.Root`, `os.OpenInRoot`, `omitzero`, `go.mod` `tool`, `ReverseProxy.Rewrite`, container-aware `GOMAXPROCS`, goroutine leak profiles, `encoding/json/v2`, or `GOEXPERIMENT` APIs.
103
104
  19. For Go framework and dependency release claims, refresh the source that owns the artifact before writing durable wording. For Gin, prefer official Gin release notes, pkg.go.dev module metadata, and the upstream repository release or source files for claims about latest stable version, minimum Go version, HTTP/3 support, BSON support, binding behavior, router options, logger options, trusted proxy behavior, or `Context` APIs. Keep framework upgrade advice separate from repository adoption, because a framework minor can still require a Go toolchain, CI image, Docker base, middleware, route, or binding migration.
104
105
  20. For Go examples that use newer standard-library APIs, framework APIs, or runtime defaults, either keep the example behind an explicit Go or framework version floor or provide a supported fallback. Do not call an experimental `GOEXPERIMENT` feature, a newer `go` directive behavior, or a newly added framework method a general Go best practice when the repository declares lower support.
105
- 21. For Rust release, toolchain, standard-library, Cargo, edition, lint, target, or MSRV claims, refresh official Rust release notes, standard-library docs, the Cargo Book, Rust Reference, or rustc book before writing durable wording. Check `rust-version`, edition, `rust-toolchain.toml`, CI toolchain matrix, target triples, docs.rs metadata, and crate publish policy before using or recommending version-gated features such as let chains, match `if let` guards, `cfg_select!`, `assert_matches!`, `core::range`, `Vec::push_mut`, `HashMap::get_disjoint_mut`, `Option::take_if`, `LazyLock`, `OnceLock`, `workspace.lints`, `resolver = "2"`, Rust 2024 `unsafe extern`, unsafe attributes, Rust 2024 `unsafe_op_in_unsafe_fn`, temporary drop-scope changes, macro fragment behavior, or release-profile defaults.
106
- 22. For Rust examples that use newer language or standard-library APIs, either keep the example behind an explicit Rust version floor or provide a supported fallback. Use an API-by-API MSRV ledger for features such as `cfg_select!`, match `if let` guards, `core::range` items, `Vec::push_mut`, `assert_matches!`, and `debug_assert_matches!`; do not collapse them into a single "latest Rust" bucket, and do not treat nightly-only behavior or target-specific linker behavior as stable without explicit evidence.
107
- 23. For HTTP standards, browser APIs, proxy defaults, CDN defaults, and transport support claims, prefer official RFCs, standards bodies, MDN or browser vendor docs, and vendor-owned proxy/CDN documentation. Keep WebTransport, compression dictionary transport, zstd content coding, SSE/EventSource, HTTP/2, HTTP/3, QUIC, and proxy-buffering claims track-specific and dated when support is changing.
108
- 24. For HTTP delivery examples that depend on newer or unevenly supported behavior, require feature detection, fallback behavior, or explicit deployment constraints. Do not present WebTransport, dictionary compression, or zstd negotiation as a universal default when the project still needs browsers, proxies, CDNs, or networks that may not support it.
109
- 25. For Docker images, decide whether the project prefers semver tags, distro tags, LTS tags, date tags, or digests. Do not replace a digest or pinned base image with a floating tag unless the repository policy says so.
110
- 26. Synchronize every accepted version decision across package metadata, lockfiles when intentionally updated, CI, Docker, runtime files, docs, examples, templates, tests, and release notes.
111
- 27. Run the narrowest configured verification that covers the changed versioned surface. Use broader verification for major, migration-required, runtime, framework, generated-output, package-publish, Docker, CI, TypeScript compiler-track, Go toolchain or runtime support, Go framework runtime support, Rust toolchain or MSRV support, HTTP delivery compatibility, or security-sensitive changes.
106
+ 21. For Java or JDK release, support, JEP, standard-library, JVM flag, GC, virtual-thread, preview, incubator, or build-tool claims, refresh official Java, OpenJDK, vendor, Maven, or Gradle sources before writing durable wording. Check the repository's source and target release, Maven or Gradle toolchain, wrapper, CI runtime matrix, container image, JDK vendor policy, and bytecode compatibility before using or recommending version-gated features such as module import declarations, compact source files, instance main methods, flexible constructor bodies, `ScopedValue`, structured concurrency, primitive pattern matching, final-field reflection restrictions, applet API removal, `java.net.http.HttpClient` HTTP/3, AOT cache or method profiling, Compact Object Headers, Generational Shenandoah, JFR method timing, KDF APIs, PEM APIs, Lazy Constants, or Vector API.
107
+ 22. For Java examples that use newer language, standard-library, JVM, or build-tool behavior, either keep the example behind an explicit Java and toolchain version floor or provide a supported fallback. Do not collapse latest GA, latest LTS, repository runtime, vendor support, delivered JEP, preview JEP, incubator API, product feature, and default-enabled behavior into one "latest Java" bucket. Treat JVM AOT cache as startup or warmup optimization, not Native Image, and treat Java HTTP/3 as client-side opt-in unless current official docs say otherwise.
108
+ 23. For Java performance and JVM tuning claims, refresh official JVM, GC, JFR, JMH, and vendor documentation before writing durable wording. Keep G1 pause targets as goals rather than SLAs, ZGC and Shenandoah as CPU and headroom tradeoffs rather than free latency switches, Compact Object Headers and Generational Shenandoah as enablement-specific when applicable, and container memory claims separate across heap, direct buffers, metaspace, code cache, thread stacks, native memory, `MaxRAMPercentage`, `MaxDirectMemorySize`, and `ActiveProcessorCount`.
109
+ 24. For Rust release, toolchain, standard-library, Cargo, edition, lint, target, or MSRV claims, refresh official Rust release notes, standard-library docs, the Cargo Book, Rust Reference, or rustc book before writing durable wording. Check `rust-version`, edition, `rust-toolchain.toml`, CI toolchain matrix, target triples, docs.rs metadata, and crate publish policy before using or recommending version-gated features such as let chains, match `if let` guards, `cfg_select!`, `assert_matches!`, `core::range`, `Vec::push_mut`, `HashMap::get_disjoint_mut`, `Option::take_if`, `LazyLock`, `OnceLock`, `workspace.lints`, `resolver = "2"`, Rust 2024 `unsafe extern`, unsafe attributes, Rust 2024 `unsafe_op_in_unsafe_fn`, temporary drop-scope changes, macro fragment behavior, or release-profile defaults.
110
+ 25. For Rust examples that use newer language or standard-library APIs, either keep the example behind an explicit Rust version floor or provide a supported fallback. Use an API-by-API MSRV ledger for features such as `cfg_select!`, match `if let` guards, `core::range` items, `Vec::push_mut`, `assert_matches!`, and `debug_assert_matches!`; do not collapse them into a single "latest Rust" bucket, and do not treat nightly-only behavior or target-specific linker behavior as stable without explicit evidence.
111
+ 26. For HTTP standards, browser APIs, proxy defaults, CDN defaults, and transport support claims, prefer official RFCs, standards bodies, MDN or browser vendor docs, and vendor-owned proxy/CDN documentation. Keep WebTransport, compression dictionary transport, zstd content coding, SSE/EventSource, HTTP/2, HTTP/3, QUIC, and proxy-buffering claims track-specific and dated when support is changing.
112
+ 27. For HTTP delivery examples that depend on newer or unevenly supported behavior, require feature detection, fallback behavior, or explicit deployment constraints. Do not present WebTransport, dictionary compression, or zstd negotiation as a universal default when the project still needs browsers, proxies, CDNs, or networks that may not support it.
113
+ 28. For Docker images, decide whether the project prefers semver tags, distro tags, LTS tags, date tags, or digests. Do not replace a digest or pinned base image with a floating tag unless the repository policy says so.
114
+ 29. Synchronize every accepted version decision across package metadata, lockfiles when intentionally updated, CI, Docker, runtime files, docs, examples, templates, tests, and release notes.
115
+ 30. Run the narrowest configured verification that covers the changed versioned surface. Use broader verification for major, migration-required, runtime, framework, generated-output, package-publish, Docker, CI, TypeScript compiler-track, Go toolchain or runtime support, Go framework runtime support, Java JDK/toolchain/bytecode/runtime support, JVM tuning, Rust toolchain or MSRV support, HTTP delivery compatibility, or security-sensitive changes.
112
116
 
113
117
  <!-- mustflow-section: postconditions -->
114
118
  ## Postconditions
@@ -121,6 +125,7 @@ Prevent agents from writing stale external version references from memory, while
121
125
  - Python template strings, annotation inspection, explicit lazy imports, immutable mappings, sentinels, and advanced `TypedDict` shape claims are either official-source checked or omitted.
122
126
  - TypeScript 6 stable API, TypeScript 7 RC compiler, TypeScript 7 nightly, and future stable TypeScript tracks are not collapsed into one generic "latest TypeScript" claim.
123
127
  - Go release, `go.mod` language version, standard-library API, framework dependency API such as Gin, runtime-default, and `GOEXPERIMENT` claims match the declared Go support matrix or name the required runtime or framework floor.
128
+ - Java release, JDK vendor, source or target release, bytecode target, JEP status, standard-library API, virtual-thread behavior, preview or incubator API, build-tool support, JVM flag, GC behavior, and container-runtime claims match the declared Java support matrix or name the required runtime, toolchain, and feature floor.
124
129
  - Rust release, `rust-version`, edition, standard-library API, Cargo resolver, lint-default, target, and nightly/stable claims match the declared Rust support matrix or name the required API-specific runtime floor.
125
130
  - HTTP standard, browser-support, proxy-default, CDN-default, and transport-support claims are not written from stale memory and keep feature detection or fallback boundaries explicit where support varies.
126
131
  - Docs and examples do not make unverifiable current-version claims.
@@ -149,6 +154,7 @@ Choose the narrowest configured intent that proves the changed versioned surface
149
154
  - If a proposed major or migration-required version is better for greenfield work but risky for the existing project, present both choices and ask before changing the project.
150
155
  - If TypeScript 7 RC, nightly, or stable freshness changes during the task, update wording to a dated or track-specific claim and keep repository adoption separate from comparison-only checks.
151
156
  - If Go release, framework release, or experiment freshness changes during the task, update wording to a dated or track-specific claim and keep official release status, `go` directive adoption, framework adoption, CI support, and `GOEXPERIMENT` adoption separate.
157
+ - If Java release, JEP, JVM flag, GC, or toolchain freshness changes during the task, update wording to a dated or track-specific claim and keep latest GA, latest LTS, repository runtime, vendor support, preview or incubator status, product feature status, default-enabled behavior, build-tool support, and CI or container adoption separate.
152
158
  - If Rust release or toolchain freshness changes during the task, update wording to a dated or track-specific claim and keep official release status, MSRV adoption, edition adoption, CI support, target support, and nightly or unstable features separate.
153
159
  - If HTTP delivery support changes during the task, update wording to a dated or track-specific claim and keep standards, browser support, CDN behavior, proxy defaults, and repository adoption separate.
154
160
  - If verification fails after a freshness update, do not weaken tests, lower type checks, delete lockfiles, or widen ranges to make the update pass. Revert or narrow the version decision unless the behavior change is intentional.
@@ -0,0 +1,193 @@
1
+ ---
2
+ mustflow_doc: skill.writing-elegance
3
+ locale: en
4
+ canonical: true
5
+ revision: 1
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: writing-elegance
9
+ description: Apply this skill when a user provides Korean or English prose and asks to extract reusable elegant wording candidates, collect selected phrase fragments into a phrase bank, or polish writing with previously selected modular expressions. Also apply it as a style-polish adjunct for report-style answers, final reports, GitHub issue bodies, pull request descriptions, review replies, maintainer-facing comments, release or update notes, documentation prose, summaries, and explanatory writing when facts are already established and the goal is clearer, more graceful wording.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.writing-elegance
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - docs_validate_fast
19
+ - test_release
20
+ - mustflow_check
21
+ ---
22
+
23
+ # Writing Elegance
24
+
25
+ <!-- mustflow-section: purpose -->
26
+ ## Purpose
27
+
28
+ Build and use a small phrase bank of reusable wording patterns that make prose, documentation,
29
+ answers, summaries, issue or pull-request text, reports, and narrative explanations more graceful
30
+ without locking the agent into over-specific sentences.
31
+
32
+ This skill is not a generic rewrite machine. It collects modular fragments that can survive across
33
+ contexts, languages, subjects, and genres.
34
+
35
+ <!-- mustflow-section: use-when -->
36
+ ## Use When
37
+
38
+ - The user provides Korean or English prose and asks for elegant words, expressions, phrasing, or
39
+ sentence patterns that could be reused later.
40
+ - The user asks for seven numbered candidate expressions from a supplied text and intends to choose
41
+ which candidates should be stored.
42
+ - The user selects candidate numbers to keep, reject, or revise for future skill guidance.
43
+ - The task is to polish a document, answer, report, comment, or explanation using a curated phrase
44
+ bank rather than inventing style from scratch.
45
+ - The task is to improve the wording of a final report, implementation summary, GitHub issue body,
46
+ pull request description, review reply, maintainer-facing comment, release note, update note, or
47
+ Markdown report after the factual evidence and owning workflow skill have already set the content.
48
+ - The work needs Korean source fragments translated into English guidance for a reusable skill.
49
+
50
+ <!-- mustflow-section: do-not-use-when -->
51
+ ## Do Not Use When
52
+
53
+ - The task is a documentation review queue entry or AI-slop cleanup for a mustflow document. Use
54
+ `docs-prose-review` first.
55
+ - The task changes technical facts, commands, API contracts, code snippets, schema text, legal text,
56
+ safety instructions, or release/change history where correctness, evidence, or repository policy
57
+ still needs the owning skill before any style polish.
58
+ - The user asks for one-off translation, summarization, grammar correction, or copy editing with no
59
+ reusable phrase-bank goal.
60
+ - The candidate expression depends on a proper noun, character name, unique setting, private event,
61
+ or one-time plot situation that would not transfer to other writing.
62
+ - The phrase only sounds ornate but does not improve precision, tone control, rhythm, or emotional
63
+ framing.
64
+
65
+ <!-- mustflow-section: required-inputs -->
66
+ ## Required Inputs
67
+
68
+ - Source text in Korean or English.
69
+ - The intended mode: candidate extraction, selected-candidate storage, phrase-bank application, or
70
+ phrase-bank cleanup.
71
+ - The target register when known: literary, technical, explanatory, product, support, review,
72
+ maintainer-facing, casual, formal, or emotionally restrained.
73
+ - The target surface when relevant: chat answer, final report, Markdown report, GitHub issue, pull
74
+ request description, review reply, release note, update note, documentation page, or comment.
75
+ - Any user feedback about what to keep, reject, generalize, split, shorten, or rewrite.
76
+ - The current phrase bank when storing or applying selected expressions.
77
+
78
+ <!-- mustflow-section: preconditions -->
79
+ ## Preconditions
80
+
81
+ - The task matches the Use When conditions and does not match the Do Not Use When exclusions.
82
+ - Candidate extraction can preserve the original meaning without copying long source passages.
83
+ - Phrase-bank entries can be generalized without retaining private names, narrow plot facts, or
84
+ one-off circumstances.
85
+ - If repository files will be edited, higher-priority instructions and command contracts have been
86
+ checked first.
87
+
88
+ <!-- mustflow-section: allowed-edits -->
89
+ ## Allowed Edits
90
+
91
+ - For ordinary chat rounds, make no file edits. Return only a numbered candidate table.
92
+ - When the user asks to preserve selected candidates, update the phrase bank and only directly
93
+ synchronized skill/template metadata needed for that stored expression.
94
+ - Keep `SKILL.md` procedural and short. Store accumulated expressions in `references/phrase-bank.md`
95
+ or a split reference file when the bank grows.
96
+ - Do not store raw source excerpts beyond the short fragment needed to identify the pattern.
97
+ - Do not store private names, unique character names, narrow plot facts, or whole paragraphs in the
98
+ phrase bank.
99
+
100
+ <!-- mustflow-section: procedure -->
101
+ ## Procedure
102
+
103
+ 1. Classify the round:
104
+ - `candidate_extraction`: the user supplied prose and needs seven numbered candidates;
105
+ - `selection_storage`: the user selected candidate numbers to keep or discard;
106
+ - `application`: the user wants existing phrase-bank patterns applied to a text;
107
+ - `cleanup`: the phrase bank needs deduplication, splitting, or reorganization.
108
+ 2. For candidate extraction, read the supplied text and choose exactly seven candidates unless the
109
+ user asks for a different count.
110
+ 3. Prefer reusable fragments over finished sentences:
111
+ - keep fragments that can attach to many nouns, scenes, arguments, or explanations;
112
+ - split before a proper noun, unique event, one-time setting, or over-specific object;
113
+ - keep the smallest phrase that carries the style value.
114
+ 4. For Korean source text, include the Korean source fragment and translate the reusable guidance
115
+ into English.
116
+ 5. For English source text, preserve the short source fragment, include a concise Korean
117
+ translation column in candidate tables, and derive a generalized English pattern.
118
+ 6. Reject candidates that are:
119
+ - tied to a named person, place, product, fictional setting, or unique incident;
120
+ - too complete to recombine;
121
+ - too vague to guide future writing;
122
+ - decorative without improving meaning;
123
+ - likely to overwrite the writer's actual register.
124
+ 7. Return a numbered table with these columns:
125
+ - `No.`
126
+ - `Source Fragment`
127
+ - `Korean Translation` when the source text is English
128
+ - `Reusable English Pattern`
129
+ - `Reusable Range`
130
+ - `Skill Note`
131
+ 8. When the user selects entries, store only those entries. Preserve rejected numbers as absent, not
132
+ as negative examples, unless the user explicitly asks to record a rejection rule.
133
+ 9. Store entries as compact rows with:
134
+ - source language;
135
+ - source fragment;
136
+ - reusable English pattern;
137
+ - use guidance;
138
+ - avoid guidance when a common misuse is known.
139
+ 10. When applying the phrase bank, use entries as taste constraints, not mandatory substitutions.
140
+ Preserve technical facts, evidence, legal meaning, safety warnings, user intent, and the original
141
+ level of certainty.
142
+ 11. When polishing GitHub, release, verification, or final-report content, apply the owning skill
143
+ first for evidence, repository rules, version facts, and verification scope. Use this skill only
144
+ to make the already-correct wording clearer, smoother, or more elegant.
145
+ 12. When the phrase bank grows too large, split it by usage type such as emotional framing,
146
+ restrained technical polish, transitions, softening, emphasis, scene atmosphere, or answer tone.
147
+
148
+ <!-- mustflow-section: postconditions -->
149
+ ## Postconditions
150
+
151
+ - Candidate tables contain reusable fragments rather than narrow finished sentences.
152
+ - Stored entries are in English guidance even when the source text was Korean.
153
+ - Proper nouns, private details, unique plot facts, and one-off situations are excluded or
154
+ generalized.
155
+ - The phrase bank remains compact enough to load only when needed.
156
+
157
+ <!-- mustflow-section: verification -->
158
+ ## Verification
159
+
160
+ Use configured oneshot command intents when repository files are changed:
161
+
162
+ - `changes_status`
163
+ - `changes_diff_summary`
164
+ - `docs_validate_fast`
165
+ - `test_release`
166
+ - `mustflow_check`
167
+
168
+ Do not infer raw validation commands.
169
+
170
+ <!-- mustflow-section: failure-handling -->
171
+ ## Failure Handling
172
+
173
+ - If the source text is too long, extract candidates from the most style-dense sections and report
174
+ that the pass was selective.
175
+ - If all appealing phrases are too situation-specific, return fewer strong candidates or ask for a
176
+ different sample instead of padding the table.
177
+ - If the user rejects a candidate for being too narrow, split it into a smaller reusable fragment
178
+ and avoid storing the rejected broad form.
179
+ - If a phrase-bank entry starts to duplicate another entry, merge the guidance instead of adding a
180
+ near-copy.
181
+ - If applying a phrase would make a technical or factual answer less clear, preserve clarity and
182
+ report that the phrase was skipped.
183
+
184
+ <!-- mustflow-section: output-format -->
185
+ ## Output Format
186
+
187
+ - Mode: candidate extraction, selection storage, application, or cleanup
188
+ - Candidate table or stored entries
189
+ - Entries kept and rejected when relevant
190
+ - Phrase-bank file changed when relevant
191
+ - Command intents run when repository files changed
192
+ - Skipped checks and reasons
193
+ - Remaining style, specificity, or privacy risk