mustflow 2.23.0 → 2.25.0

package/schemas/workspace-command-catalog.schema.json

@@ -0,0 +1,172 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mustflow.github.io/schemas/workspace-command-catalog.schema.json",
+  "title": "mustflow workspace command catalog report",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "schema_version",
+    "command",
+    "mustflow_root",
+    "workspace",
+    "policy",
+    "repository_count",
+    "total_intent_count",
+    "runnable_intent_count",
+    "repositories",
+    "issues"
+  ],
+  "properties": {
+    "schema_version": { "const": "1" },
+    "command": { "const": "workspace command-catalog" },
+    "mustflow_root": { "type": "string" },
+    "workspace": { "$ref": "#/$defs/workspace" },
+    "policy": { "$ref": "#/$defs/policy" },
+    "repository_count": { "type": "integer", "minimum": 0 },
+    "total_intent_count": { "type": "integer", "minimum": 0 },
+    "runnable_intent_count": { "type": "integer", "minimum": 0 },
+    "repositories": {
+      "type": "array",
+      "items": { "$ref": "#/$defs/repository" }
+    },
+    "issues": { "$ref": "#/$defs/stringArray" }
+  },
+  "$defs": {
+    "stringArray": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "nullableString": {
+      "type": ["string", "null"]
+    },
+    "workspace": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "enabled",
+        "roots",
+        "max_depth",
+        "max_repositories",
+        "follow_symlinks",
+        "stop_at_repository_root"
+      ],
+      "properties": {
+        "enabled": { "type": "boolean" },
+        "roots": { "$ref": "#/$defs/stringArray" },
+        "max_depth": { "type": "integer", "minimum": 1 },
+        "max_repositories": { "type": "integer", "minimum": 1 },
+        "follow_symlinks": { "type": "boolean" },
+        "stop_at_repository_root": { "type": "boolean" }
+      }
+    },
+    "policy": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "mode",
+        "grants_command_authority",
+        "parent_root_grants_child_authority",
+        "command_authority_per_root",
+        "run_entrypoint_per_root",
+        "executes_commands",
+        "raw_commands_included"
+      ],
+      "properties": {
+        "mode": { "const": "read_only" },
+        "grants_command_authority": { "const": false },
+        "parent_root_grants_child_authority": { "const": false },
+        "command_authority_per_root": { "const": ".mustflow/config/commands.toml" },
+        "run_entrypoint_per_root": { "const": "mf run <intent>" },
+        "executes_commands": { "const": false },
+        "raw_commands_included": { "const": false }
+      }
+    },
+    "commandSurface": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "path",
+        "exists",
+        "parse_error",
+        "total_intents",
+        "runnable_count",
+        "runnable_intents",
+        "blocked_count"
+      ],
+      "properties": {
+        "path": { "$ref": "#/$defs/nullableString" },
+        "exists": { "type": "boolean" },
+        "parse_error": { "$ref": "#/$defs/nullableString" },
+        "total_intents": { "type": ["integer", "null"], "minimum": 0 },
+        "runnable_count": { "type": ["integer", "null"], "minimum": 0 },
+        "runnable_intents": { "$ref": "#/$defs/stringArray" },
+        "blocked_count": { "type": ["integer", "null"], "minimum": 0 }
+      }
+    },
+    "repository": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "relative_path",
+        "status",
+        "command_contract",
+        "intent_count",
+        "runnable_count",
+        "blocked_count",
+        "intents",
+        "issues"
+      ],
+      "properties": {
+        "relative_path": { "type": "string" },
+        "status": { "enum": ["available", "contract_missing", "contract_invalid"] },
+        "command_contract": { "$ref": "#/$defs/commandSurface" },
+        "intent_count": { "type": "integer", "minimum": 0 },
+        "runnable_count": { "type": "integer", "minimum": 0 },
+        "blocked_count": { "type": "integer", "minimum": 0 },
+        "intents": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/intent" }
+        },
+        "issues": { "$ref": "#/$defs/stringArray" }
+      }
+    },
+    "intent": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "name",
+        "description",
+        "status",
+        "lifecycle",
+        "run_policy",
+        "runnable",
+        "reason_code",
+        "detail",
+        "run_command",
+        "run_from_repository",
+        "timeout_seconds",
+        "required_after",
+        "writes",
+        "network",
+        "destructive"
+      ],
+      "properties": {
+        "name": { "type": "string" },
+        "description": { "$ref": "#/$defs/nullableString" },
+        "status": { "$ref": "#/$defs/nullableString" },
+        "lifecycle": { "$ref": "#/$defs/nullableString" },
+        "run_policy": { "$ref": "#/$defs/nullableString" },
+        "runnable": { "type": "boolean" },
+        "reason_code": { "$ref": "#/$defs/nullableString" },
+        "detail": { "$ref": "#/$defs/nullableString" },
+        "run_command": { "$ref": "#/$defs/nullableString" },
+        "run_from_repository": { "type": "string" },
+        "timeout_seconds": { "type": ["integer", "null"], "minimum": 1 },
+        "required_after": { "$ref": "#/$defs/stringArray" },
+        "writes": { "$ref": "#/$defs/stringArray" },
+        "network": { "type": ["boolean", "null"] },
+        "destructive": { "type": ["boolean", "null"] }
+      }
+    }
+  }
+}

package/schemas/workspace-status.schema.json

@@ -0,0 +1,141 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mustflow.github.io/schemas/workspace-status.schema.json",
+  "title": "mustflow workspace status report",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "schema_version",
+    "command",
+    "mustflow_root",
+    "workspace",
+    "policy",
+    "repository_count",
+    "repositories",
+    "issues"
+  ],
+  "properties": {
+    "schema_version": { "const": "1" },
+    "command": { "const": "workspace status" },
+    "mustflow_root": { "type": "string" },
+    "workspace": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "enabled",
+        "roots",
+        "max_depth",
+        "max_repositories",
+        "follow_symlinks",
+        "stop_at_repository_root"
+      ],
+      "properties": {
+        "enabled": { "type": "boolean" },
+        "roots": { "$ref": "#/$defs/stringArray" },
+        "max_depth": { "type": "integer", "minimum": 1 },
+        "max_repositories": { "type": "integer", "minimum": 1 },
+        "follow_symlinks": { "type": "boolean" },
+        "stop_at_repository_root": { "type": "boolean" }
+      }
+    },
+    "policy": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "mode",
+        "grants_command_authority",
+        "parent_root_grants_child_authority",
+        "command_authority_per_root",
+        "run_entrypoint_per_root",
+        "executes_commands",
+        "raw_commands_included"
+      ],
+      "properties": {
+        "mode": { "const": "read_only" },
+        "grants_command_authority": { "const": false },
+        "parent_root_grants_child_authority": { "const": false },
+        "command_authority_per_root": { "const": ".mustflow/config/commands.toml" },
+        "run_entrypoint_per_root": { "const": "mf run <intent>" },
+        "executes_commands": { "const": false },
+        "raw_commands_included": { "const": false }
+      }
+    },
+    "repository_count": { "type": "integer", "minimum": 0 },
+    "repositories": {
+      "type": "array",
+      "items": { "$ref": "#/$defs/repository" }
+    },
+    "issues": { "$ref": "#/$defs/stringArray" }
+  },
+  "$defs": {
+    "stringArray": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "nullableString": {
+      "type": ["string", "null"]
+    },
+    "commandSurface": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "path",
+        "exists",
+        "parse_error",
+        "total_intents",
+        "runnable_count",
+        "runnable_intents",
+        "blocked_count"
+      ],
+      "properties": {
+        "path": { "$ref": "#/$defs/nullableString" },
+        "exists": { "type": "boolean" },
+        "parse_error": { "$ref": "#/$defs/nullableString" },
+        "total_intents": { "type": ["integer", "null"], "minimum": 0 },
+        "runnable_count": { "type": ["integer", "null"], "minimum": 0 },
+        "runnable_intents": { "$ref": "#/$defs/stringArray" },
+        "blocked_count": { "type": ["integer", "null"], "minimum": 0 }
+      }
+    },
+    "repository": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "relative_path",
+        "status",
+        "git_repository",
+        "mustflow",
+        "agent_rules",
+        "repo_map",
+        "mustflow_config",
+        "command_contract",
+        "context_index",
+        "skill_index",
+        "root_document_count",
+        "machine_contract_count",
+        "manifest_count",
+        "command_adapter_count",
+        "editing_policy_count",
+        "issues"
+      ],
+      "properties": {
+        "relative_path": { "type": "string" },
+        "status": { "enum": ["mustflow_ready", "contract_missing", "contract_invalid"] },
+        "git_repository": { "const": true },
+        "mustflow": { "type": "boolean" },
+        "agent_rules": { "$ref": "#/$defs/nullableString" },
+        "repo_map": { "$ref": "#/$defs/nullableString" },
+        "mustflow_config": { "$ref": "#/$defs/nullableString" },
+        "command_contract": { "$ref": "#/$defs/commandSurface" },
+        "context_index": { "$ref": "#/$defs/nullableString" },
+        "skill_index": { "$ref": "#/$defs/nullableString" },
+        "root_document_count": { "type": "integer", "minimum": 0 },
+        "machine_contract_count": { "type": "integer", "minimum": 0 },
+        "manifest_count": { "type": "integer", "minimum": 0 },
+        "command_adapter_count": { "type": "integer", "minimum": 0 },
+        "editing_policy_count": { "type": "integer", "minimum": 0 },
+        "issues": { "$ref": "#/$defs/stringArray" }
+      }
+    }
+  }
+}

package/schemas/workspace-verification-plan.schema.json

@@ -0,0 +1,195 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://mustflow.github.io/schemas/workspace-verification-plan.schema.json",
+  "title": "mustflow workspace verification plan report",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "schema_version",
+    "command",
+    "mustflow_root",
+    "workspace",
+    "policy",
+    "repository_count",
+    "total_changed_file_count",
+    "total_requirement_count",
+    "total_selected_intent_count",
+    "total_gap_count",
+    "repositories",
+    "issues"
+  ],
+  "properties": {
+    "schema_version": { "const": "1" },
+    "command": { "const": "workspace verify" },
+    "mustflow_root": { "type": "string" },
+    "workspace": { "$ref": "#/$defs/workspace" },
+    "policy": { "$ref": "#/$defs/policy" },
+    "repository_count": { "type": "integer", "minimum": 0 },
+    "total_changed_file_count": { "type": "integer", "minimum": 0 },
+    "total_requirement_count": { "type": "integer", "minimum": 0 },
+    "total_selected_intent_count": { "type": "integer", "minimum": 0 },
+    "total_gap_count": { "type": "integer", "minimum": 0 },
+    "repositories": {
+      "type": "array",
+      "items": { "$ref": "#/$defs/repository" }
+    },
+    "issues": { "$ref": "#/$defs/stringArray" }
+  },
+  "$defs": {
+    "stringArray": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "nullableString": {
+      "type": ["string", "null"]
+    },
+    "workspace": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "enabled",
+        "roots",
+        "max_depth",
+        "max_repositories",
+        "follow_symlinks",
+        "stop_at_repository_root"
+      ],
+      "properties": {
+        "enabled": { "type": "boolean" },
+        "roots": { "$ref": "#/$defs/stringArray" },
+        "max_depth": { "type": "integer", "minimum": 1 },
+        "max_repositories": { "type": "integer", "minimum": 1 },
+        "follow_symlinks": { "type": "boolean" },
+        "stop_at_repository_root": { "type": "boolean" }
+      }
+    },
+    "policy": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "mode",
+        "grants_command_authority",
+        "parent_root_grants_child_authority",
+        "command_authority_per_root",
+        "run_entrypoint_per_root",
+        "executes_commands",
+        "raw_commands_included",
+        "plan_command_per_root",
+        "selected_intents_run_via"
+      ],
+      "properties": {
+        "mode": { "const": "read_only" },
+        "grants_command_authority": { "const": false },
+        "parent_root_grants_child_authority": { "const": false },
+        "command_authority_per_root": { "const": ".mustflow/config/commands.toml" },
+        "run_entrypoint_per_root": { "const": "mf run <intent>" },
+        "executes_commands": { "const": false },
+        "raw_commands_included": { "const": false },
+        "plan_command_per_root": { "const": "mf verify --changed --plan-only --json" },
+        "selected_intents_run_via": { "const": "mf run <intent>" }
+      }
+    },
+    "commandSurface": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "path",
+        "exists",
+        "parse_error",
+        "total_intents",
+        "runnable_count",
+        "runnable_intents",
+        "blocked_count"
+      ],
+      "properties": {
+        "path": { "$ref": "#/$defs/nullableString" },
+        "exists": { "type": "boolean" },
+        "parse_error": { "$ref": "#/$defs/nullableString" },
+        "total_intents": { "type": ["integer", "null"], "minimum": 0 },
+        "runnable_count": { "type": ["integer", "null"], "minimum": 0 },
+        "runnable_intents": { "$ref": "#/$defs/stringArray" },
+        "blocked_count": { "type": ["integer", "null"], "minimum": 0 }
+      }
+    },
+    "repository": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "relative_path",
+        "status",
+        "command_contract",
+        "changed_file_count",
+        "changed_files",
+        "verification_plan_id",
+        "requirement_count",
+        "candidate_count",
+        "selected_intent_count",
+        "gap_count",
+        "selected_intents",
+        "gaps",
+        "issues"
+      ],
+      "properties": {
+        "relative_path": { "type": "string" },
+        "status": {
+          "enum": [
+            "available",
+            "contract_missing",
+            "contract_invalid",
+            "git_unavailable",
+            "plan_unavailable"
+          ]
+        },
+        "command_contract": { "$ref": "#/$defs/commandSurface" },
+        "changed_file_count": { "type": ["integer", "null"], "minimum": 0 },
+        "changed_files": { "$ref": "#/$defs/stringArray" },
+        "verification_plan_id": {
+          "type": ["string", "null"],
+          "pattern": "^sha256:[0-9a-f]{64}$"
+        },
+        "requirement_count": { "type": "integer", "minimum": 0 },
+        "candidate_count": { "type": "integer", "minimum": 0 },
+        "selected_intent_count": { "type": "integer", "minimum": 0 },
+        "gap_count": { "type": "integer", "minimum": 0 },
+        "selected_intents": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/selectedIntent" }
+        },
+        "gaps": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/gap" }
+        },
+        "issues": { "$ref": "#/$defs/stringArray" }
+      }
+    },
+    "selectedIntent": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "intent",
+        "run_command",
+        "run_from_repository",
+        "locks",
+        "conflict_count"
+      ],
+      "properties": {
+        "intent": { "type": "string" },
+        "run_command": { "$ref": "#/$defs/nullableString" },
+        "run_from_repository": { "type": "string" },
+        "locks": { "$ref": "#/$defs/stringArray" },
+        "conflict_count": { "type": "integer", "minimum": 0 }
+      }
+    },
+    "gap": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["reason", "files", "surfaces", "detail"],
+      "properties": {
+        "reason": { "type": "string" },
+        "files": { "$ref": "#/$defs/stringArray" },
+        "surfaces": { "$ref": "#/$defs/stringArray" },
+        "detail": { "type": "string" }
+      }
+    }
+  }
+}

package/templates/default/i18n.toml

@@ -409,7 +409,7 @@ translations = {}
 [documents."skill.structure-discovery-gate"]
 source = "locales/en/.mustflow/skills/structure-discovery-gate/SKILL.md"
 source_locale = "en"
-revision = 27
+revision = 28
 translations = {}
 
 [documents."skill.state-machine-pattern"]

package/templates/default/locales/en/.mustflow/skills/INDEX.md

@@ -98,6 +98,7 @@ routes. Event routes stay inactive until their event occurs.
 | --- | --- | --- | --- | --- | --- | --- |
 | Code changes need review before report | `.mustflow/skills/code-review/SKILL.md` | Diff and task goal | Changed files | behavior and regression | `test`, `test_related`, `test_audit`, `lint` | Findings or no-issue note |
 | An unfamiliar codebase area needs an evidence-based map before planning, implementation, or reporting | `.mustflow/skills/codebase-orientation/SKILL.md` | User request, target area, relevant instructions, and current source, test, schema, template, configuration, or documentation files | Read-only orientation notes and any smallest follow-up edit chosen from inspected evidence | stale documentation, wrong ownership boundary, or invented architecture claim | `changes_status`, `changes_diff_summary`, `mustflow_check` | Scope inspected, entrypoints, flow map, ownership boundaries, verification options, risks, unknowns, and smallest safe next step |
+| A coding task has missing intent, scope, domain, data, security, UX, dependency, architecture, or verification decisions that cannot be safely inferred from repository evidence | `.mustflow/skills/clarifying-question-gate/SKILL.md` | User request, inspected repository evidence, unresolved decisions, reversibility classification, recommended option, and tradeoffs | Blocking questions, safe assumptions, and the smallest safe implementation boundary | over-questioning, lazy questions, expensive wrong assumptions, user-owned decision drift, data loss, auth bypass, public-contract drift, dependency bloat, or unverifiable completion | `changes_status`, `changes_diff_summary`, `mustflow_check` | Repository evidence inspected, blocking questions with recommendations, safe assumptions, selected scope, verification, and remaining ambiguity |
 | HTTP, REST, GraphQL, tRPC, Hono RPC, Elysia Eden, gRPC, protobuf, OpenAPI, request/response schema, status code, header, error envelope, pagination, filtering, sorting, search, generated client, SDK, mock, fixture, or API docs contract is created or changed | `.mustflow/skills/api-contract-change/SKILL.md` | API style, contract source of truth, changed operations, request and response schemas, status and headers, error envelope, auth and permission behavior, pagination/filter/sort/search semantics, generated clients, SDKs, mocks, fixtures, callers, docs, and command contract entries | Routes, handlers, resolvers, validators, schemas, generated clients, SDKs, mocks, fixtures, docs, tests, and directly synchronized examples | route-only change, schema drift, generated-client breakage, hidden breaking change, status or error drift, pagination/search semantic drift, auth/permission drift, or stale docs examples | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | API contract source, changed operations, compatibility classification, synchronized client/schema/docs/tests surfaces, verification, and remaining API contract risk |
 | TypeScript source, declarations, tsconfig, package exports, module resolution, public API, or TypeScript tests are created or changed | `.mustflow/skills/typescript-code-change/SKILL.md` | TypeScript config, package entry metadata, target runtime, changed files, and command contract entries | TypeScript source, declarations, compiler config, exports, tests, and directly synchronized docs | weakened type safety, module drift, public API drift, or unverified declaration output | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, module, type, and public API boundary checked, changes made, verification, and remaining TypeScript risk |
 | JavaScript source, module format, package entry, browser or Node runtime, dependency usage, Promise handling, bundler config, or JavaScript tests are created or changed | `.mustflow/skills/javascript-code-change/SKILL.md` | Package metadata, module system, runtime target, entrypoints, changed files, and command contract entries | JavaScript source, package exports, bundler config, dependencies, tests, and docs examples | runtime API leakage, ESM/CJS drift, discarded Promise, dependency bloat, or broken package entry | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime and module boundary checked, async and dependency notes, verification, and remaining JavaScript risk |
@@ -110,7 +111,7 @@ routes. Event routes stay inactive until their event occurs.
 | Source anchors are added, revised, reviewed, or used to mark a module boundary | `.mustflow/skills/source-anchor-authoring/SKILL.md` | Target files, anchor reason, nearby anchors, source-anchor policy, and validation surface | Source anchors and directly related workflow docs or comments | comment bloat, authority drift, false verification claims, or hidden module pressure | `mustflow_check`, `docs_validate_fast` | Anchor placement decision, field choices, module-boundary handoff, and verification |
 | Changed files need risk classification and verification selection | `.mustflow/skills/diff-risk-review/SKILL.md` | Changed-file list, diff summary, and task goal | Changed surfaces and verification report | under- or over-verification | `changes_status`, `changes_diff_summary`, `test`, `test_related`, `test_audit`, `lint`, `build`, `docs_validate`, `mustflow_check` | Risk level, verification choice, rollback notes |
 | CLI execution duration, build time, bundle size, test scheduling logic, process spawning, or CLI performance claims are planned, edited, or reported | `.mustflow/skills/performance-budget-check/SKILL.md` | Performance surface, budget source, measurement method, and baseline metrics | Budget checks, CLI duration, bundle weight, scheduling optimization notes, measurements, and tests | invented budgets, stale measurements, child-process bottlenecks, or unverified speed claims | `changes_status`, `changes_diff_summary`, `build`, `test_related`, `docs_validate_fast`, `test_release`, `mustflow_check` | Performance surface, budget source, measurements, execution duration, bundle size, and remaining risks |
-| New feature, module, folder layout, architecture, scaffold, refactor, routing, data model, frontend/backend/database/infrastructure choice, database engine choice, managed database extension choice, auth identity ownership, public URL contract, data residency policy, runtime patchability, runtime portability, global-ready locale/country/currency/timezone/money model, server-side authorization boundary, file upload or storage strategy, API response contract, content-heavy product, semantic content blocks, filter URL policy, admin operation model, cache strategy, content lifecycle, asset strategy, claim or fact registry, content graph, source collection flow, user-state layer, core/application/delivery/infra boundary, framework-magic boundary, core versus auxiliary path boundary, operational versus analytics boundary, HTTP-to-worker boundary, job or outbox model, backup/restore assumption, vendor or platform exit path, external-service truth ownership, search/queue/log/analytics portability, operational reproducibility, observability identifier flow, deployment-state portability, CI/CD dashboard dependency, ecosystem or maintainer-risk placement, multi-server state boundary, vertical-to-horizontal scaling boundary, AI usage cost boundary, AI gateway hard-limit boundary, pricing-growth boundary, failure-isolation boundary, or external service integration may require hidden structure decisions before coding | `.mustflow/skills/structure-discovery-gate/SKILL.md` | User request, intended capability, hidden assumptions, named technologies or services, future content/API/rendering/data assumptions, database operating-shape assumptions, managed database feature assumptions, identity and provider-id assumptions, public URL assumptions, data location assumptions, runtime patch and portability assumptions, delivery/application/core/infra assumptions, global data assumptions, authorization assumptions, file-storage assumptions, source/provenance assumptions, lifecycle/asset/claim assumptions, user-state assumptions, admin/cache assumptions, core path and auxiliary path assumptions, async work assumptions, restore assumptions, vendor exit and replacement assumptions, external-service source-of-truth assumptions, search/queue/log/analytics reconstruction assumptions, operating-state reproduction assumptions, observability identifier assumptions, CI/CD reproducibility assumptions, dependency ecosystem and maintainer assumptions, pricing value/cost unit assumptions, failure-policy assumptions, AI gateway or cost assumptions, and relevant local patterns | Questions, assumptions, proposed file boundaries, and the smallest resulting implementation | brittle structure, vendor-name leakage, migration debt, lock-in debt, provider-id leakage, raw storage URL leakage, weak data location proof, unpatchable runtime, runtime-specific core logic, framework business-rule coupling, SaaS-only core state, weak search or queue reconstruction, weak global data model, weak server authorization, process-memory state leak, untracked AI cost, provider-budget-only AI protection, value/cost pricing mismatch, hidden dashboard deployment state, fragile single-maintainer core dependency, hidden operating state, broken traceability, file/storage drift, screen-shaped API coupling, core-path coupling, retry or worker coupling, unbounded failure radius, over-questioning, or speculative abstraction | `changes_status`, `changes_diff_summary`, `docs_validate_fast`, `test_release`, `mustflow_check` | Blocking questions, assumptions, proposed files and responsibilities, upfront versus deferred structure decisions, borrowed service versus owned contract boundary, dependency direction, database, identity, public URL, data residency, runtime patchability and portability, global data, authorization, file-storage, API, vendor exit, external-service truth ownership, search/queue/log/analytics portability, operational reproducibility, CI/CD reproducibility, dependency risk, observability identity flow, pricing value/cost boundary, AI gateway boundary, core/application/delivery/infra boundaries, core and auxiliary boundaries, async work boundary, local pattern, verification, and remaining structure risk |
+| New feature, ambiguous or complex design request, pre-implementation design gate, module, folder layout, architecture, scaffold, refactor, routing, data model, frontend/backend/database/infrastructure choice, database engine choice, managed database extension choice, auth identity ownership, public URL contract, data residency policy, runtime patchability, runtime portability, global-ready locale/country/currency/timezone/money model, server-side authorization boundary, file upload or storage strategy, API response contract, content-heavy product, semantic content blocks, filter URL policy, admin operation model, cache strategy, content lifecycle, asset strategy, claim or fact registry, content graph, source collection flow, user-state layer, core/application/delivery/infra boundary, framework-magic boundary, core versus auxiliary path boundary, operational versus analytics boundary, HTTP-to-worker boundary, job or outbox model, backup/restore assumption, vendor or platform exit path, external-service truth ownership, search/queue/log/analytics portability, operational reproducibility, observability identifier flow, deployment-state portability, CI/CD dashboard dependency, ecosystem or maintainer-risk placement, multi-server state boundary, vertical-to-horizontal scaling boundary, AI usage cost boundary, AI gateway hard-limit boundary, pricing-growth boundary, failure-isolation boundary, or external service integration may require hidden structure decisions before coding | `.mustflow/skills/structure-discovery-gate/SKILL.md` | User request, intended capability, design gate classification, restated requirement, success criteria, non-goals, compatibility boundaries, hidden assumptions, named technologies or services, future content/API/rendering/data assumptions, database operating-shape assumptions, managed database feature assumptions, identity and provider-id assumptions, public URL assumptions, data location assumptions, runtime patch and portability assumptions, delivery/application/core/infra assumptions, global data assumptions, authorization assumptions, file-storage assumptions, source/provenance assumptions, lifecycle/asset/claim assumptions, user-state assumptions, admin/cache assumptions, core path and auxiliary path assumptions, async work assumptions, restore assumptions, vendor exit and replacement assumptions, external-service source-of-truth assumptions, search/queue/log/analytics reconstruction assumptions, operating-state reproduction assumptions, observability identifier assumptions, CI/CD reproducibility assumptions, dependency ecosystem and maintainer assumptions, pricing value/cost unit assumptions, failure-policy assumptions, AI gateway or cost assumptions, and relevant local patterns | Questions, assumptions, proposed file boundaries, and the smallest resulting implementation | brittle structure, vendor-name leakage, migration debt, lock-in debt, provider-id leakage, raw storage URL leakage, weak data location proof, unpatchable runtime, runtime-specific core logic, framework business-rule coupling, SaaS-only core state, weak search or queue reconstruction, weak global data model, weak server authorization, process-memory state leak, untracked AI cost, provider-budget-only AI protection, value/cost pricing mismatch, hidden dashboard deployment state, fragile single-maintainer core dependency, hidden operating state, broken traceability, file/storage drift, screen-shaped API coupling, core-path coupling, retry or worker coupling, unbounded failure radius, over-questioning, or speculative abstraction | `changes_status`, `changes_diff_summary`, `docs_validate_fast`, `test_release`, `mustflow_check` | Design gate classification, restated requirement, success criteria, blocking questions, recommended defaults, assumptions, proposed files and responsibilities, upfront versus deferred structure decisions, borrowed service versus owned contract boundary, dependency direction, database, identity, public URL, data residency, runtime patchability and portability, global data, authorization, file-storage, API, vendor exit, external-service truth ownership, search/queue/log/analytics portability, operational reproducibility, CI/CD reproducibility, dependency risk, observability identity flow, pricing value/cost boundary, AI gateway boundary, core/application/delivery/infra boundaries, core and auxiliary boundaries, async work boundary, local pattern, verification, and remaining structure risk |
 
 ### Tests and Regression