mustflow 2.85.4 → 2.99.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/commands/script-pack.js +10 -0
- package/dist/cli/i18n/en.js +183 -0
- package/dist/cli/i18n/es.js +183 -0
- package/dist/cli/i18n/fr.js +183 -0
- package/dist/cli/i18n/hi.js +183 -0
- package/dist/cli/i18n/ko.js +183 -0
- package/dist/cli/i18n/zh.js +183 -0
- package/dist/cli/lib/script-pack-registry.js +284 -1
- package/dist/cli/script-packs/code-change-impact.js +6 -0
- package/dist/cli/script-packs/code-import-cycle.js +193 -0
- package/dist/cli/script-packs/docs-link-integrity.js +145 -0
- package/dist/cli/script-packs/repo-approval-gate.js +100 -0
- package/dist/cli/script-packs/repo-git-ignore-audit.js +119 -0
- package/dist/cli/script-packs/repo-manifest-lock-drift.js +122 -0
- package/dist/cli/script-packs/repo-merge-conflict-scan.js +123 -0
- package/dist/cli/script-packs/repo-skill-route-audit.js +86 -0
- package/dist/cli/script-packs/repo-version-source.js +92 -0
- package/dist/cli/script-packs/test-performance-report.js +247 -0
- package/dist/cli/script-packs/test-regression-selector.js +167 -0
- package/dist/core/change-impact.js +23 -51
- package/dist/core/change-surface-classification.js +198 -0
- package/dist/core/docs-link-integrity.js +443 -0
- package/dist/core/import-cycle.js +152 -0
- package/dist/core/public-json-contracts.js +116 -0
- package/dist/core/repo-approval-gate.js +116 -0
- package/dist/core/repo-git-ignore-audit.js +302 -0
- package/dist/core/repo-manifest-lock-drift.js +321 -0
- package/dist/core/repo-merge-conflict-scan.js +335 -0
- package/dist/core/repo-version-source.js +82 -0
- package/dist/core/script-pack-suggestions.js +77 -1
- package/dist/core/skill-route-audit.js +354 -0
- package/dist/core/test-performance-report.js +697 -0
- package/dist/core/test-regression-selector.js +335 -0
- package/package.json +1 -1
- package/schemas/README.md +40 -2
- package/schemas/change-impact-report.schema.json +35 -1
- package/schemas/import-cycle-report.schema.json +157 -0
- package/schemas/link-integrity-report.schema.json +176 -0
- package/schemas/repo-approval-gate-report.schema.json +115 -0
- package/schemas/repo-git-ignore-audit-report.schema.json +201 -0
- package/schemas/repo-manifest-lock-drift-report.schema.json +202 -0
- package/schemas/repo-merge-conflict-scan-report.schema.json +169 -0
- package/schemas/repo-version-source-report.schema.json +127 -0
- package/schemas/skill-route-audit-report.schema.json +144 -0
- package/schemas/test-performance-report.schema.json +319 -0
- package/schemas/test-regression-selector-report.schema.json +187 -0
- package/templates/default/i18n.toml +66 -18
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +45 -8
- package/templates/default/locales/en/.mustflow/skills/api-access-control-review/SKILL.md +48 -27
- package/templates/default/locales/en/.mustflow/skills/api-failure-triage/SKILL.md +270 -0
- package/templates/default/locales/en/.mustflow/skills/auth-flow-triage/SKILL.md +192 -0
- package/templates/default/locales/en/.mustflow/skills/auth-permission-change/SKILL.md +59 -13
- package/templates/default/locales/en/.mustflow/skills/backend-log-evidence-review/SKILL.md +14 -5
- package/templates/default/locales/en/.mustflow/skills/cache-integrity-review/SKILL.md +30 -15
- package/templates/default/locales/en/.mustflow/skills/change-blast-radius-review/SKILL.md +45 -32
- package/templates/default/locales/en/.mustflow/skills/ci-pipeline-triage/SKILL.md +200 -0
- package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +87 -13
- package/templates/default/locales/en/.mustflow/skills/docker-runtime-triage/SKILL.md +191 -0
- package/templates/default/locales/en/.mustflow/skills/go-code-change/SKILL.md +18 -13
- package/templates/default/locales/en/.mustflow/skills/line-ending-hygiene/SKILL.md +18 -10
- package/templates/default/locales/en/.mustflow/skills/llm-hallucination-control-review/SKILL.md +4 -1
- package/templates/default/locales/en/.mustflow/skills/motion-system-contract-review/SKILL.md +155 -0
- package/templates/default/locales/en/.mustflow/skills/next-action-menu/SKILL.md +177 -0
- package/templates/default/locales/en/.mustflow/skills/observability-debuggability-review/SKILL.md +15 -7
- package/templates/default/locales/en/.mustflow/skills/payment-integrity-review/SKILL.md +59 -35
- package/templates/default/locales/en/.mustflow/skills/powershell-code-change/SKILL.md +16 -6
- package/templates/default/locales/en/.mustflow/skills/prompt-contract-quality-review/SKILL.md +4 -1
- package/templates/default/locales/en/.mustflow/skills/python-code-change/SKILL.md +19 -10
- package/templates/default/locales/en/.mustflow/skills/rag-pipeline-triage/SKILL.md +206 -0
- package/templates/default/locales/en/.mustflow/skills/routes.toml +54 -0
- package/templates/default/locales/en/.mustflow/skills/rust-code-change/SKILL.md +10 -4
- package/templates/default/locales/en/.mustflow/skills/search-index-integrity-review/SKILL.md +181 -0
- package/templates/default/locales/en/.mustflow/skills/service-boundary-architecture/SKILL.md +37 -23
- package/templates/default/locales/en/.mustflow/skills/test-suite-performance-review/SKILL.md +9 -0
- package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +14 -9
- package/templates/default/locales/en/.mustflow/skills/vector-search-integrity-review/SKILL.md +209 -0
- package/templates/default/locales/en/.mustflow/skills/version-freshness-check/SKILL.md +16 -14
- package/templates/default/manifest.toml +64 -1
|
@@ -0,0 +1,209 @@
|
|
|
1
|
+
---
|
|
2
|
+
mustflow_doc: skill.vector-search-integrity-review
|
|
3
|
+
locale: en
|
|
4
|
+
canonical: true
|
|
5
|
+
revision: 2
|
|
6
|
+
lifecycle: mustflow-owned
|
|
7
|
+
authority: procedure
|
|
8
|
+
name: vector-search-integrity-review
|
|
9
|
+
description: Apply this skill when vector search, semantic search, RAG retrieval mechanics, embeddings, vector databases, ANN indexes, exact versus approximate search, filters, metadata payloads, namespaces, tenants, named vectors, hybrid search, reranking, recall, latency, quantization, HNSW, IVF, pgvector, Qdrant, Milvus, Weaviate, OpenSearch kNN, or retrieval golden-set behavior is created, changed, reviewed, or failing. Use rag-pipeline-triage first when a RAG failure is not yet localized to retrieval versus parsing, context assembly, prompt, generation, citation, or answerability.
|
|
10
|
+
metadata:
|
|
11
|
+
mustflow_schema: "1"
|
|
12
|
+
mustflow_kind: procedure
|
|
13
|
+
pack_id: mustflow.core
|
|
14
|
+
skill_id: mustflow.core.vector-search-integrity-review
|
|
15
|
+
command_intents:
|
|
16
|
+
- changes_status
|
|
17
|
+
- changes_diff_summary
|
|
18
|
+
- lint
|
|
19
|
+
- build
|
|
20
|
+
- test_related
|
|
21
|
+
- test
|
|
22
|
+
- docs_validate_fast
|
|
23
|
+
- test_release
|
|
24
|
+
- mustflow_check
|
|
25
|
+
---
|
|
26
|
+
|
|
27
|
+
# Vector Search Integrity Review
|
|
28
|
+
|
|
29
|
+
<!-- mustflow-section: purpose -->
|
|
30
|
+
## Purpose
|
|
31
|
+
|
|
32
|
+
Review vector and semantic search as a retrieval contract, not as "the vector database is good or
|
|
33
|
+
bad."
|
|
34
|
+
|
|
35
|
+
The core question is whether ingestion, embedding, storage, exact search, approximate search,
|
|
36
|
+
filters, reranking, and latency evidence all agree for the same query contract.
|
|
37
|
+
|
|
38
|
+
<!-- mustflow-section: use-when -->
|
|
39
|
+
## Use When
|
|
40
|
+
|
|
41
|
+
- Code creates or changes embedding generation, preprocessing, chunking, vector schema, collection
|
|
42
|
+
names, namespaces, tenants, named vectors, metadata payloads, filters, search parameters, ANN
|
|
43
|
+
indexes, hybrid search, reranking, retrieval metrics, RAG context selection, or vector DB clients.
|
|
44
|
+
- Search is missing documents, returning wrong results, returning empty filtered results, duplicating
|
|
45
|
+
chunks, leaking tenants, becoming slow, changing quality after model or index changes, or behaving
|
|
46
|
+
differently across replicas.
|
|
47
|
+
- A review needs recall, MRR, golden-set, exact-versus-ANN, filter, metadata index, quantization,
|
|
48
|
+
compaction, shard, consistency, reranker, or embedding-model-version evidence.
|
|
49
|
+
|
|
50
|
+
<!-- mustflow-section: do-not-use-when -->
|
|
51
|
+
## Do Not Use When
|
|
52
|
+
|
|
53
|
+
- The task is only generic database schema or query performance with no vector, embedding, semantic
|
|
54
|
+
retrieval, or RAG boundary; use the database or performance skill.
|
|
55
|
+
- The task is only LLM answer grounding after retrieval is already proven; use
|
|
56
|
+
`llm-hallucination-control-review`.
|
|
57
|
+
- The task is an end-to-end RAG failure and it is not yet clear whether ingestion, retrieval,
|
|
58
|
+
context assembly, prompt construction, generation, citation validation, or answerability failed;
|
|
59
|
+
use `rag-pipeline-triage` first.
|
|
60
|
+
- The task is only API transport or SDK failure before search boundaries are known; use
|
|
61
|
+
`api-failure-triage`.
|
|
62
|
+
- The task asks for live production vector dumps containing sensitive text, embeddings, customer
|
|
63
|
+
documents, or private prompts. Use redacted hashes, ids, dimensions, norms, and aggregate metrics.
|
|
64
|
+
|
|
65
|
+
<!-- mustflow-section: required-inputs -->
|
|
66
|
+
## Required Inputs
|
|
67
|
+
|
|
68
|
+
- Retrieval symptom classification: ingestion missing, write not visible, wrong results, empty
|
|
69
|
+
results, low recall, tenant leak, duplicate chunks, stale deletes, slow search, reranker drift, or
|
|
70
|
+
generated answer drift.
|
|
71
|
+
- Query contract ledger: query text or safe fixture id, embedding model and revision, preprocessing
|
|
72
|
+
version, vector dimension, vector norm, metric, collection, namespace, tenant, named vector,
|
|
73
|
+
filters, `top_k`, candidate count, consistency level, ANN parameters, hybrid weights, and reranker
|
|
74
|
+
settings.
|
|
75
|
+
- Ingestion ledger: source id, chunk id, deterministic vector id, embedding version, payload shape,
|
|
76
|
+
write count, unique id count, direct lookup count, indexed count, deleted or tombstoned count, and
|
|
77
|
+
visibility lag.
|
|
78
|
+
- Quality ledger: golden queries, expected ids, acceptable alternatives, exact-search result,
|
|
79
|
+
ANN result, recall at k, MRR, empty rate, duplicate rate, filtered result count, and before/after
|
|
80
|
+
comparison.
|
|
81
|
+
- Performance ledger: cold versus warm latency, p50, p95, p99, queue wait, DB search time, reranker
|
|
82
|
+
time, payload size, filter selectivity, shard distribution, compaction or indexing work, memory,
|
|
83
|
+
disk, and retry behavior.
|
|
84
|
+
- Privacy ledger: raw text, vectors, prompts, document ids, tenant ids, provider payloads, and
|
|
85
|
+
whether evidence can be safely stored as ids, hashes, summaries, or aggregate metrics.
|
|
86
|
+
|
|
87
|
+
<!-- mustflow-section: preconditions -->
|
|
88
|
+
## Preconditions
|
|
89
|
+
|
|
90
|
+
- The task matches the Use When conditions and does not match the Do Not Use When exclusions.
|
|
91
|
+
- Higher-priority instructions and `.mustflow/config/commands.toml` have been checked.
|
|
92
|
+
- Raw embeddings, raw document text, prompts, and tenant-identifying payloads are not copied into
|
|
93
|
+
docs, tests, commits, or reports unless they are safe synthetic fixtures.
|
|
94
|
+
|
|
95
|
+
<!-- mustflow-section: allowed-edits -->
|
|
96
|
+
## Allowed Edits
|
|
97
|
+
|
|
98
|
+
- Add or tighten embedding versioning, preprocessing versioning, vector validation, deterministic
|
|
99
|
+
IDs, namespace or tenant selection, metadata indexes, filter construction, exact-search checks,
|
|
100
|
+
ANN parameters, reranker candidate counts, golden-set tests, metrics, docs, fixtures, and
|
|
101
|
+
retrieval contract tests.
|
|
102
|
+
- Add focused synthetic fixtures that encode expected retrieval behavior, filtered retrieval,
|
|
103
|
+
tenant separation, duplicate handling, and exact-versus-ANN comparison.
|
|
104
|
+
- Do not change embedding models, rebuild large indexes, tune ANN parameters, disable filters, widen
|
|
105
|
+
tenants, bypass authorization, or dump production vectors without explicit scope and evidence.
|
|
106
|
+
|
|
107
|
+
<!-- mustflow-section: procedure -->
|
|
108
|
+
## Procedure
|
|
109
|
+
|
|
110
|
+
1. Classify the symptom first: ingestion missing, write-not-visible, wrong result, empty result,
|
|
111
|
+
stale delete, duplicate chunks, tenant leak, slow search, reranker drift, or answer generation.
|
|
112
|
+
2. Build the query contract ledger before tuning. Include model revision, preprocessing, dimension,
|
|
113
|
+
norm, metric, collection, namespace, named vector, filters, `top_k`, ANN parameters, hybrid
|
|
114
|
+
weights, reranker settings, and consistency level.
|
|
115
|
+
3. Validate vector shape at ingestion and query time. Reject wrong dimension, NaN, infinities,
|
|
116
|
+
all-zero vectors, extreme norms, and model or preprocessing version mismatches.
|
|
117
|
+
4. Keep embedding model identity exact. Model name alone is not enough; include revision, tokenizer,
|
|
118
|
+
pooling, prefix policy, max length, HTML cleanup, chunking, and normalization.
|
|
119
|
+
5. Compare exact search with approximate search on the same query and filter. If exact search is
|
|
120
|
+
wrong, stop tuning ANN and inspect embeddings, preprocessing, metric, payload, and expectations.
|
|
121
|
+
6. Compare filter-free search, filter-only count, filtered exact search, and filtered ANN search.
|
|
122
|
+
Empty filtered results often mean filter construction, metadata typing, payload indexing, or
|
|
123
|
+
post-filter candidate loss rather than bad embeddings.
|
|
124
|
+
7. Confirm collection, namespace, tenant, alias, and named vector. Directly inspect the problem id
|
|
125
|
+
or safe synthetic id in the same search surface the app uses.
|
|
126
|
+
8. Check deterministic upsert ids. Source id, chunk index, tenant, and embedding version should not
|
|
127
|
+
accidentally duplicate chunks or overwrite all chunks with one id.
|
|
128
|
+
9. Separate write success from search visibility. Check direct lookup, exact search, ANN search,
|
|
129
|
+
indexed count, consistency, segment state, and visibility lag.
|
|
130
|
+
10. Check deletes and updates. Deletion marks, tombstones, compaction, vacuum, stale segments, and
|
|
131
|
+
old chunks can keep appearing after API success.
|
|
132
|
+
11. Review metric and normalization. Cosine, dot product, and L2 are different contracts unless
|
|
133
|
+
the vectors are intentionally normalized and the index operator matches.
|
|
134
|
+
12. Tune ANN only after the exact and filter contracts are correct. Evaluate recall and p95 latency
|
|
135
|
+
across parameter sweeps instead of changing one value blindly.
|
|
136
|
+
13. Treat build-time index parameters as recall ceilings. If search-time parameters cannot recover
|
|
137
|
+
recall, the index may need rebuild policy, not a larger query knob.
|
|
138
|
+
14. Review quantization and rescoring. Compare full-precision exact results with compressed-index
|
|
139
|
+
candidates and confirm enough candidates reach full-precision reranking.
|
|
140
|
+
15. For hybrid search, store dense score, sparse or keyword score, normalized score, fusion method,
|
|
141
|
+
and final score. Do not add incompatible raw scores directly without a deliberate combiner.
|
|
142
|
+
16. For reranking, record pre-rerank and post-rerank ids and ranks. If the right document never
|
|
143
|
+
enters the candidate set, the reranker cannot recover it.
|
|
144
|
+
17. Avoid deep ANN pagination as a product contract. Use cursor, filters, grouping, or ordinary
|
|
145
|
+
sorted indexes for deep browsing instead of pretending vector search has cheap random offsets.
|
|
146
|
+
18. Split cold and warm latency, server search time and client wait, vector DB time and reranker
|
|
147
|
+
time, and single-query latency from concurrent load.
|
|
148
|
+
19. Inspect shard, replica, segment, compaction, flush, indexing, memory, disk, and cache state when
|
|
149
|
+
p99 or intermittent quality varies across nodes.
|
|
150
|
+
20. Add a golden-set gate when the project has a test surface. Include easy, hard, filtered,
|
|
151
|
+
tenant-scoped, rare-name, synonym, short-query, long-query, and sparse-data cases.
|
|
152
|
+
|
|
153
|
+
<!-- mustflow-section: postconditions -->
|
|
154
|
+
## Postconditions
|
|
155
|
+
|
|
156
|
+
- The retrieval symptom, query contract, ingestion contract, quality ledger, performance ledger, and
|
|
157
|
+
privacy boundary are explicit.
|
|
158
|
+
- Exact search, ANN, filters, metadata, namespaces, tenants, named vectors, IDs, deletes, metric,
|
|
159
|
+
normalization, quantization, hybrid search, reranking, shards, consistency, and latency are fixed
|
|
160
|
+
or reported where relevant.
|
|
161
|
+
- Search quality claims are backed by golden-set, exact-versus-ANN, configured-test, static review,
|
|
162
|
+
or manual-only evidence.
|
|
163
|
+
|
|
164
|
+
<!-- mustflow-section: verification -->
|
|
165
|
+
## Verification
|
|
166
|
+
|
|
167
|
+
Use configured oneshot command intents when available:
|
|
168
|
+
|
|
169
|
+
- `changes_status`
|
|
170
|
+
- `changes_diff_summary`
|
|
171
|
+
- `lint`
|
|
172
|
+
- `build`
|
|
173
|
+
- `test_related`
|
|
174
|
+
- `test`
|
|
175
|
+
- `docs_validate_fast`
|
|
176
|
+
- `test_release`
|
|
177
|
+
- `mustflow_check`
|
|
178
|
+
|
|
179
|
+
Prefer the narrowest configured tests that cover retrieval contract, tenant isolation, filters,
|
|
180
|
+
golden-set metrics, deterministic ids, and docs or template surfaces. Report missing vector DB,
|
|
181
|
+
embedding provider, exact-search, ANN recall, reranker, load, or production-index evidence instead
|
|
182
|
+
of inventing live diagnostics.
|
|
183
|
+
|
|
184
|
+
<!-- mustflow-section: failure-handling -->
|
|
185
|
+
## Failure Handling
|
|
186
|
+
|
|
187
|
+
- If the query contract cannot be reconstructed, report the missing fields before changing model,
|
|
188
|
+
filter, or ANN settings.
|
|
189
|
+
- If evidence contains raw text, embeddings, prompts, personal data, or tenant-identifying data,
|
|
190
|
+
redact to ids, hashes, dimensions, norms, and aggregate metrics.
|
|
191
|
+
- If the fix requires model replacement, re-embedding, index rebuild, production data dump, or live
|
|
192
|
+
vector DB access outside the command contract, report the manual boundary.
|
|
193
|
+
- If configured verification fails, preserve the failing intent and output tail, then fix only the
|
|
194
|
+
localized retrieval contract or test expectation.
|
|
195
|
+
|
|
196
|
+
<!-- mustflow-section: output-format -->
|
|
197
|
+
## Output Format
|
|
198
|
+
|
|
199
|
+
- Vector search integrity reviewed
|
|
200
|
+
- Retrieval symptom, query contract, ingestion ledger, quality ledger, performance ledger, and
|
|
201
|
+
privacy boundary
|
|
202
|
+
- Exact versus ANN, filter, metadata, namespace, tenant, id, delete, metric, normalization,
|
|
203
|
+
quantization, hybrid, reranker, shard, consistency, and latency findings
|
|
204
|
+
- Fix applied or recommended
|
|
205
|
+
- Evidence level: golden-set evidence, configured-test evidence, static review risk, manual-only,
|
|
206
|
+
missing, or not applicable
|
|
207
|
+
- Command intents run
|
|
208
|
+
- Skipped vector diagnostics and reasons
|
|
209
|
+
- Remaining vector search risk
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
mustflow_doc: skill.version-freshness-check
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 8
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: version-freshness-check
|
|
@@ -34,7 +34,7 @@ Prevent agents from writing stale external version references from memory, while
|
|
|
34
34
|
|
|
35
35
|
- Generated or edited files introduce explicit external version references, action refs, package ranges, runtime versions, framework majors, Docker image tags, toolchain versions, setup actions, scaffold commands, install commands, or migration examples.
|
|
36
36
|
- CI workflows, release workflows, Dockerfiles, package metadata, lockfiles, runtime files, framework configuration, README examples, docs, tests, fixtures, or templates mention external versions such as GitHub Actions refs, Node, Bun, Deno, Python, Rust, Tauri, Astro, Next, SvelteKit, Electron, Docker images, package managers, SDKs, plugins, or generators.
|
|
37
|
-
- Python wording mentions current/stable/support status, Python 3.14+ standard-library APIs, runtime flags, changed default behavior, security defaults, or examples that depend on `requires-python`.
|
|
37
|
+
- Python wording mentions current/stable/support status, Python 3.14+ or 3.15+ syntax, standard-library APIs, runtime flags, changed default behavior, security defaults, or examples that depend on `requires-python`.
|
|
38
38
|
- TypeScript wording mentions current/stable/RC/nightly status for TypeScript 6, TypeScript 7, `@typescript/typescript6`, `tsc6`, `typescript@rc`, `@typescript/native-preview`, `tsgo`, compiler API compatibility, or migration readiness.
|
|
39
39
|
- Go wording mentions current/stable/support status, Go release numbers, `go.mod` language version behavior, `toolchain` behavior, standard-library APIs, `GOEXPERIMENT`, runtime defaults, container behavior, JSON experiments, or examples that depend on a specific Go version.
|
|
40
40
|
- Rust wording mentions current/stable/support status, Rust release numbers, `rust-version`, edition behavior, `rust-toolchain`, Cargo resolver or workspace behavior, standard-library APIs, compiler lints, target behavior, release profiles, or examples that depend on a specific Rust version.
|
|
@@ -94,19 +94,20 @@ Prevent agents from writing stale external version references from memory, while
|
|
|
94
94
|
10. For patch, security-minimum, and low-risk minor differences, update only when the declaration, examples, lockfile policy, and verification surface can stay aligned. Otherwise report the proposed change and leave the pinned value unchanged.
|
|
95
95
|
11. For GitHub Actions and CI tools, review the action source, major tag policy, runtime support, cache behavior, permissions, and organization pinning rule. Do not assume a newer major is safe only because it exists.
|
|
96
96
|
12. For framework and runtime majors such as Astro, Tauri, Electron, Next, SvelteKit, Node, Bun, Deno, Python, Rust, or Java, check migration notes, config schema, plugin and adapter compatibility, generated files, security model, deployment target, and rollback path before recommending a major change.
|
|
97
|
-
13. For Python standard-library or runtime-behavior claims, refresh official Python documentation before writing durable wording. Check `requires-python`, CI/runtime matrices, and container images before using or recommending version-gated features such as Python 3.14+ `map(strict=True)`, `functools.Placeholder`, `heapq` max-heap helpers, import-timing flag behavior, or changed security defaults.
|
|
97
|
+
13. For Python standard-library or runtime-behavior claims, refresh official Python documentation before writing durable wording. Check `requires-python`, CI/runtime matrices, and container images before using or recommending Python 3.14+ standard-library APIs or version-gated features such as template string literals, `annotationlib`, Python 3.14+ `map(strict=True)`, `functools.Placeholder`, `heapq` max-heap helpers, import-timing flag behavior, `finally` flow-control warnings, or changed security defaults.
|
|
98
98
|
14. For Python examples that use newer standard-library APIs, either keep the example behind an explicit runtime floor or provide a supported fallback. Do not call a Python 3.14-only API a general Python best practice when the repository declares lower support.
|
|
99
|
-
15. For
|
|
100
|
-
16. For TypeScript
|
|
101
|
-
17. For
|
|
102
|
-
18. For Go
|
|
103
|
-
19. For
|
|
104
|
-
20. For Rust
|
|
105
|
-
21. For
|
|
106
|
-
22. For HTTP
|
|
107
|
-
23. For
|
|
108
|
-
24.
|
|
109
|
-
25.
|
|
99
|
+
15. For Python 3.15+ claims, keep beta, release-candidate, and stable tracks separate. Refresh official docs before using explicit lazy imports, built-in `frozendict`, built-in `sentinel`, unpacking comprehensions, typed `TypedDict` extra items, startup configuration files, or changed encoding behavior in durable examples.
|
|
100
|
+
16. For TypeScript 6 and 7 claims, refresh official TypeScript sources before writing durable wording. Treat TS6 stable API track (`@typescript/typescript6`, `tsc6`), TS7 RC compiler track (`typescript@rc`, `tsc`), TS7 nightly track (`@typescript/native-preview`, `tsgo`), and future TS7 stable `typescript` behavior as distinct tracks. Do not call RC or nightly output "latest stable TypeScript" just because it is newer.
|
|
101
|
+
17. For TypeScript examples, make the selected track explicit: TS6 API compatibility, TS7 RC compiler verification, TS7 nightly comparison, editor preview, or repository adoption. If the project has compiler API consumers, transformers, framework wrappers, or declaration snapshots, classify the reference as migration-sensitive and keep API consumers on the TS6 API track until support is explicit. Check exact support before relying on `rootDir` defaults, ambient `types` defaults, import attributes, subpath imports, `import defer`, `using`, or `await using`.
|
|
102
|
+
18. For Go release, toolchain, standard-library, runtime, or experiment claims, refresh official Go release notes or package documentation before writing durable wording. Check the repository's `go` directive, `toolchain` directive, CI/runtime matrix, and container target before using or recommending version-gated features such as expression operands to `new`, range-over-function iterators, generic type aliases, reflect iterator methods, `errors.AsType`, `sync.WaitGroup.Go`, `testing/synctest`, `testing.B.Loop`, `T.ArtifactDir`, `B.ArtifactDir`, `F.ArtifactDir`, `testing/cryptotest.SetGlobalRandom`, `os.Root`, `os.OpenInRoot`, `omitzero`, `go.mod` `tool`, `ReverseProxy.Rewrite`, container-aware `GOMAXPROCS`, goroutine leak profiles, `encoding/json/v2`, or `GOEXPERIMENT` APIs.
|
|
103
|
+
19. For Go examples that use newer standard-library APIs or runtime defaults, either keep the example behind an explicit Go version floor or provide a supported fallback. Do not call an experimental `GOEXPERIMENT` feature or a newer `go` directive behavior a general Go best practice when the repository declares lower support.
|
|
104
|
+
20. For Rust release, toolchain, standard-library, Cargo, edition, lint, target, or MSRV claims, refresh official Rust release notes, standard-library docs, the Cargo Book, Rust Reference, or rustc book before writing durable wording. Check `rust-version`, edition, `rust-toolchain.toml`, CI toolchain matrix, target triples, docs.rs metadata, and crate publish policy before using or recommending version-gated features such as let chains, match `if let` guards, `cfg_select!`, `assert_matches!`, `core::range`, `Vec::push_mut`, `HashMap::get_disjoint_mut`, `Option::take_if`, `LazyLock`, `OnceLock`, `workspace.lints`, `resolver = "2"`, Rust 2024 `unsafe extern`, unsafe attributes, Rust 2024 `unsafe_op_in_unsafe_fn`, temporary drop-scope changes, macro fragment behavior, or release-profile defaults.
|
|
105
|
+
21. For Rust examples that use newer language or standard-library APIs, either keep the example behind an explicit Rust version floor or provide a supported fallback. Use an API-by-API MSRV ledger for features such as `cfg_select!`, match `if let` guards, `core::range` items, `Vec::push_mut`, `assert_matches!`, and `debug_assert_matches!`; do not collapse them into a single "latest Rust" bucket, and do not treat nightly-only behavior or target-specific linker behavior as stable without explicit evidence.
|
|
106
|
+
22. For HTTP standards, browser APIs, proxy defaults, CDN defaults, and transport support claims, prefer official RFCs, standards bodies, MDN or browser vendor docs, and vendor-owned proxy/CDN documentation. Keep WebTransport, compression dictionary transport, zstd content coding, SSE/EventSource, HTTP/2, HTTP/3, QUIC, and proxy-buffering claims track-specific and dated when support is changing.
|
|
107
|
+
23. For HTTP delivery examples that depend on newer or unevenly supported behavior, require feature detection, fallback behavior, or explicit deployment constraints. Do not present WebTransport, dictionary compression, or zstd negotiation as a universal default when the project still needs browsers, proxies, CDNs, or networks that may not support it.
|
|
108
|
+
24. For Docker images, decide whether the project prefers semver tags, distro tags, LTS tags, date tags, or digests. Do not replace a digest or pinned base image with a floating tag unless the repository policy says so.
|
|
109
|
+
25. Synchronize every accepted version decision across package metadata, lockfiles when intentionally updated, CI, Docker, runtime files, docs, examples, templates, tests, and release notes.
|
|
110
|
+
26. Run the narrowest configured verification that covers the changed versioned surface. Use broader verification for major, migration-required, runtime, framework, generated-output, package-publish, Docker, CI, TypeScript compiler-track, Go toolchain or runtime support, Rust toolchain or MSRV support, HTTP delivery compatibility, or security-sensitive changes.
|
|
110
111
|
|
|
111
112
|
<!-- mustflow-section: postconditions -->
|
|
112
113
|
## Postconditions
|
|
@@ -116,6 +117,7 @@ Prevent agents from writing stale external version references from memory, while
|
|
|
116
117
|
- Repository-pinned versions are preserved unless the task, policy, and compatibility classification support changing them.
|
|
117
118
|
- Major or migration-required changes are either explicitly approved, deferred with a recommendation, or left unchanged with the risk reported.
|
|
118
119
|
- Python standard-library examples and runtime-default claims match the declared Python support matrix or name the required runtime floor.
|
|
120
|
+
- Python template strings, annotation inspection, explicit lazy imports, immutable mappings, sentinels, and advanced `TypedDict` shape claims are either official-source checked or omitted.
|
|
119
121
|
- TypeScript 6 stable API, TypeScript 7 RC compiler, TypeScript 7 nightly, and future stable TypeScript tracks are not collapsed into one generic "latest TypeScript" claim.
|
|
120
122
|
- Go release, `go.mod` language version, standard-library API, runtime-default, and `GOEXPERIMENT` claims match the declared Go support matrix or name the required runtime floor.
|
|
121
123
|
- Rust release, `rust-version`, edition, standard-library API, Cargo resolver, lint-default, target, and nightly/stable claims match the declared Rust support matrix or name the required API-specific runtime floor.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
id = "default"
|
|
2
2
|
name = "default"
|
|
3
|
-
version = "2.
|
|
3
|
+
version = "2.99.0"
|
|
4
4
|
description = "Minimal workflow for LLM agents to read, edit, and verify their work in a repository."
|
|
5
5
|
common_root = "common"
|
|
6
6
|
locales_root = "locales"
|
|
@@ -38,11 +38,16 @@ creates = [
|
|
|
38
38
|
".mustflow/skills/desktop-memory-footprint-review/SKILL.md",
|
|
39
39
|
".mustflow/skills/hot-path-performance-review/SKILL.md",
|
|
40
40
|
".mustflow/skills/api-request-performance-review/SKILL.md",
|
|
41
|
+
".mustflow/skills/api-failure-triage/SKILL.md",
|
|
42
|
+
".mustflow/skills/ci-pipeline-triage/SKILL.md",
|
|
43
|
+
".mustflow/skills/auth-flow-triage/SKILL.md",
|
|
44
|
+
".mustflow/skills/docker-runtime-triage/SKILL.md",
|
|
41
45
|
".mustflow/skills/web-render-performance-review/SKILL.md",
|
|
42
46
|
".mustflow/skills/core-web-vitals-field-review/SKILL.md",
|
|
43
47
|
".mustflow/skills/image-delivery-performance-review/SKILL.md",
|
|
44
48
|
".mustflow/skills/client-bundle-pruning-review/SKILL.md",
|
|
45
49
|
".mustflow/skills/frame-render-performance-review/SKILL.md",
|
|
50
|
+
".mustflow/skills/motion-system-contract-review/SKILL.md",
|
|
46
51
|
".mustflow/skills/app-startup-performance-review/SKILL.md",
|
|
47
52
|
".mustflow/skills/desktop-background-process-stability-review/SKILL.md",
|
|
48
53
|
".mustflow/skills/desktop-auto-update-safety-review/SKILL.md",
|
|
@@ -73,6 +78,7 @@ creates = [
|
|
|
73
78
|
".mustflow/skills/heuristic-candidate-selection/SKILL.md",
|
|
74
79
|
".mustflow/skills/clarifying-question-gate/SKILL.md",
|
|
75
80
|
".mustflow/skills/completion-evidence-gate/SKILL.md",
|
|
81
|
+
".mustflow/skills/next-action-menu/SKILL.md",
|
|
76
82
|
".mustflow/skills/evidence-stall-breaker/SKILL.md",
|
|
77
83
|
".mustflow/skills/command-intent-mapping-gate/SKILL.md",
|
|
78
84
|
".mustflow/skills/astro-code-change/SKILL.md",
|
|
@@ -116,6 +122,9 @@ creates = [
|
|
|
116
122
|
".mustflow/skills/database-lock-contention-review/SKILL.md",
|
|
117
123
|
".mustflow/skills/sqlite-code-change/SKILL.md",
|
|
118
124
|
".mustflow/skills/postgresql-code-change/SKILL.md",
|
|
125
|
+
".mustflow/skills/search-index-integrity-review/SKILL.md",
|
|
126
|
+
".mustflow/skills/vector-search-integrity-review/SKILL.md",
|
|
127
|
+
".mustflow/skills/rag-pipeline-triage/SKILL.md",
|
|
119
128
|
".mustflow/skills/dependency-injection/SKILL.md",
|
|
120
129
|
".mustflow/skills/dependency-reality-check/SKILL.md",
|
|
121
130
|
".mustflow/skills/dependency-upgrade-review/SKILL.md",
|
|
@@ -233,11 +242,16 @@ minimal = [
|
|
|
233
242
|
"desktop-memory-footprint-review",
|
|
234
243
|
"hot-path-performance-review",
|
|
235
244
|
"api-request-performance-review",
|
|
245
|
+
"api-failure-triage",
|
|
246
|
+
"ci-pipeline-triage",
|
|
247
|
+
"auth-flow-triage",
|
|
248
|
+
"docker-runtime-triage",
|
|
236
249
|
"web-render-performance-review",
|
|
237
250
|
"core-web-vitals-field-review",
|
|
238
251
|
"image-delivery-performance-review",
|
|
239
252
|
"client-bundle-pruning-review",
|
|
240
253
|
"frame-render-performance-review",
|
|
254
|
+
"motion-system-contract-review",
|
|
241
255
|
"app-startup-performance-review",
|
|
242
256
|
"desktop-background-process-stability-review",
|
|
243
257
|
"desktop-auto-update-safety-review",
|
|
@@ -268,6 +282,7 @@ minimal = [
|
|
|
268
282
|
"heuristic-candidate-selection",
|
|
269
283
|
"clarifying-question-gate",
|
|
270
284
|
"completion-evidence-gate",
|
|
285
|
+
"next-action-menu",
|
|
271
286
|
"evidence-stall-breaker",
|
|
272
287
|
"astro-code-change",
|
|
273
288
|
"bun-code-change",
|
|
@@ -305,6 +320,9 @@ minimal = [
|
|
|
305
320
|
"database-lock-contention-review",
|
|
306
321
|
"sqlite-code-change",
|
|
307
322
|
"postgresql-code-change",
|
|
323
|
+
"search-index-integrity-review",
|
|
324
|
+
"vector-search-integrity-review",
|
|
325
|
+
"rag-pipeline-triage",
|
|
308
326
|
"dependency-reality-check",
|
|
309
327
|
"dependency-upgrade-review",
|
|
310
328
|
"version-freshness-check",
|
|
@@ -367,11 +385,16 @@ patterns = [
|
|
|
367
385
|
"desktop-memory-footprint-review",
|
|
368
386
|
"hot-path-performance-review",
|
|
369
387
|
"api-request-performance-review",
|
|
388
|
+
"api-failure-triage",
|
|
389
|
+
"ci-pipeline-triage",
|
|
390
|
+
"auth-flow-triage",
|
|
391
|
+
"docker-runtime-triage",
|
|
370
392
|
"web-render-performance-review",
|
|
371
393
|
"core-web-vitals-field-review",
|
|
372
394
|
"image-delivery-performance-review",
|
|
373
395
|
"client-bundle-pruning-review",
|
|
374
396
|
"frame-render-performance-review",
|
|
397
|
+
"motion-system-contract-review",
|
|
375
398
|
"app-startup-performance-review",
|
|
376
399
|
"desktop-background-process-stability-review",
|
|
377
400
|
"desktop-auto-update-safety-review",
|
|
@@ -402,6 +425,7 @@ patterns = [
|
|
|
402
425
|
"heuristic-candidate-selection",
|
|
403
426
|
"clarifying-question-gate",
|
|
404
427
|
"completion-evidence-gate",
|
|
428
|
+
"next-action-menu",
|
|
405
429
|
"evidence-stall-breaker",
|
|
406
430
|
"astro-code-change",
|
|
407
431
|
"bun-code-change",
|
|
@@ -441,6 +465,9 @@ patterns = [
|
|
|
441
465
|
"database-lock-contention-review",
|
|
442
466
|
"sqlite-code-change",
|
|
443
467
|
"postgresql-code-change",
|
|
468
|
+
"search-index-integrity-review",
|
|
469
|
+
"vector-search-integrity-review",
|
|
470
|
+
"rag-pipeline-triage",
|
|
444
471
|
"dependency-injection",
|
|
445
472
|
"dependency-reality-check",
|
|
446
473
|
"dependency-upgrade-review",
|
|
@@ -512,11 +539,16 @@ oss = [
|
|
|
512
539
|
"desktop-memory-footprint-review",
|
|
513
540
|
"hot-path-performance-review",
|
|
514
541
|
"api-request-performance-review",
|
|
542
|
+
"api-failure-triage",
|
|
543
|
+
"ci-pipeline-triage",
|
|
544
|
+
"auth-flow-triage",
|
|
545
|
+
"docker-runtime-triage",
|
|
515
546
|
"web-render-performance-review",
|
|
516
547
|
"core-web-vitals-field-review",
|
|
517
548
|
"image-delivery-performance-review",
|
|
518
549
|
"client-bundle-pruning-review",
|
|
519
550
|
"frame-render-performance-review",
|
|
551
|
+
"motion-system-contract-review",
|
|
520
552
|
"app-startup-performance-review",
|
|
521
553
|
"desktop-background-process-stability-review",
|
|
522
554
|
"desktop-auto-update-safety-review",
|
|
@@ -547,6 +579,7 @@ oss = [
|
|
|
547
579
|
"heuristic-candidate-selection",
|
|
548
580
|
"clarifying-question-gate",
|
|
549
581
|
"completion-evidence-gate",
|
|
582
|
+
"next-action-menu",
|
|
550
583
|
"evidence-stall-breaker",
|
|
551
584
|
"astro-code-change",
|
|
552
585
|
"bun-code-change",
|
|
@@ -588,6 +621,9 @@ oss = [
|
|
|
588
621
|
"database-lock-contention-review",
|
|
589
622
|
"sqlite-code-change",
|
|
590
623
|
"postgresql-code-change",
|
|
624
|
+
"search-index-integrity-review",
|
|
625
|
+
"vector-search-integrity-review",
|
|
626
|
+
"rag-pipeline-triage",
|
|
591
627
|
"dependency-injection",
|
|
592
628
|
"dependency-reality-check",
|
|
593
629
|
"dependency-upgrade-review",
|
|
@@ -673,11 +709,16 @@ team = [
|
|
|
673
709
|
"desktop-memory-footprint-review",
|
|
674
710
|
"hot-path-performance-review",
|
|
675
711
|
"api-request-performance-review",
|
|
712
|
+
"api-failure-triage",
|
|
713
|
+
"ci-pipeline-triage",
|
|
714
|
+
"auth-flow-triage",
|
|
715
|
+
"docker-runtime-triage",
|
|
676
716
|
"web-render-performance-review",
|
|
677
717
|
"core-web-vitals-field-review",
|
|
678
718
|
"image-delivery-performance-review",
|
|
679
719
|
"client-bundle-pruning-review",
|
|
680
720
|
"frame-render-performance-review",
|
|
721
|
+
"motion-system-contract-review",
|
|
681
722
|
"app-startup-performance-review",
|
|
682
723
|
"desktop-background-process-stability-review",
|
|
683
724
|
"desktop-auto-update-safety-review",
|
|
@@ -708,6 +749,7 @@ team = [
|
|
|
708
749
|
"heuristic-candidate-selection",
|
|
709
750
|
"clarifying-question-gate",
|
|
710
751
|
"completion-evidence-gate",
|
|
752
|
+
"next-action-menu",
|
|
711
753
|
"evidence-stall-breaker",
|
|
712
754
|
"astro-code-change",
|
|
713
755
|
"bun-code-change",
|
|
@@ -748,6 +790,9 @@ team = [
|
|
|
748
790
|
"database-lock-contention-review",
|
|
749
791
|
"sqlite-code-change",
|
|
750
792
|
"postgresql-code-change",
|
|
793
|
+
"search-index-integrity-review",
|
|
794
|
+
"vector-search-integrity-review",
|
|
795
|
+
"rag-pipeline-triage",
|
|
751
796
|
"dependency-injection",
|
|
752
797
|
"dependency-reality-check",
|
|
753
798
|
"dependency-upgrade-review",
|
|
@@ -819,11 +864,16 @@ product = [
|
|
|
819
864
|
"desktop-memory-footprint-review",
|
|
820
865
|
"hot-path-performance-review",
|
|
821
866
|
"api-request-performance-review",
|
|
867
|
+
"api-failure-triage",
|
|
868
|
+
"ci-pipeline-triage",
|
|
869
|
+
"auth-flow-triage",
|
|
870
|
+
"docker-runtime-triage",
|
|
822
871
|
"web-render-performance-review",
|
|
823
872
|
"core-web-vitals-field-review",
|
|
824
873
|
"image-delivery-performance-review",
|
|
825
874
|
"client-bundle-pruning-review",
|
|
826
875
|
"frame-render-performance-review",
|
|
876
|
+
"motion-system-contract-review",
|
|
827
877
|
"app-startup-performance-review",
|
|
828
878
|
"desktop-background-process-stability-review",
|
|
829
879
|
"desktop-auto-update-safety-review",
|
|
@@ -854,6 +904,7 @@ product = [
|
|
|
854
904
|
"heuristic-candidate-selection",
|
|
855
905
|
"clarifying-question-gate",
|
|
856
906
|
"completion-evidence-gate",
|
|
907
|
+
"next-action-menu",
|
|
857
908
|
"evidence-stall-breaker",
|
|
858
909
|
"astro-code-change",
|
|
859
910
|
"bun-code-change",
|
|
@@ -893,6 +944,9 @@ product = [
|
|
|
893
944
|
"database-lock-contention-review",
|
|
894
945
|
"sqlite-code-change",
|
|
895
946
|
"postgresql-code-change",
|
|
947
|
+
"search-index-integrity-review",
|
|
948
|
+
"vector-search-integrity-review",
|
|
949
|
+
"rag-pipeline-triage",
|
|
896
950
|
"dependency-injection",
|
|
897
951
|
"dependency-reality-check",
|
|
898
952
|
"dependency-upgrade-review",
|
|
@@ -971,11 +1025,16 @@ library = [
|
|
|
971
1025
|
"desktop-memory-footprint-review",
|
|
972
1026
|
"hot-path-performance-review",
|
|
973
1027
|
"api-request-performance-review",
|
|
1028
|
+
"api-failure-triage",
|
|
1029
|
+
"ci-pipeline-triage",
|
|
1030
|
+
"auth-flow-triage",
|
|
1031
|
+
"docker-runtime-triage",
|
|
974
1032
|
"web-render-performance-review",
|
|
975
1033
|
"core-web-vitals-field-review",
|
|
976
1034
|
"image-delivery-performance-review",
|
|
977
1035
|
"client-bundle-pruning-review",
|
|
978
1036
|
"frame-render-performance-review",
|
|
1037
|
+
"motion-system-contract-review",
|
|
979
1038
|
"app-startup-performance-review",
|
|
980
1039
|
"desktop-background-process-stability-review",
|
|
981
1040
|
"desktop-auto-update-safety-review",
|
|
@@ -1006,6 +1065,7 @@ library = [
|
|
|
1006
1065
|
"heuristic-candidate-selection",
|
|
1007
1066
|
"clarifying-question-gate",
|
|
1008
1067
|
"completion-evidence-gate",
|
|
1068
|
+
"next-action-menu",
|
|
1009
1069
|
"evidence-stall-breaker",
|
|
1010
1070
|
"astro-code-change",
|
|
1011
1071
|
"bun-code-change",
|
|
@@ -1047,6 +1107,9 @@ library = [
|
|
|
1047
1107
|
"database-lock-contention-review",
|
|
1048
1108
|
"sqlite-code-change",
|
|
1049
1109
|
"postgresql-code-change",
|
|
1110
|
+
"search-index-integrity-review",
|
|
1111
|
+
"vector-search-integrity-review",
|
|
1112
|
+
"rag-pipeline-triage",
|
|
1050
1113
|
"dependency-injection",
|
|
1051
1114
|
"dependency-reality-check",
|
|
1052
1115
|
"dependency-upgrade-review",
|