opencode-onboard 0.4.3 → 0.4.5

package/content/.agents/skills/ob-global/SKILL.md

@@ -1,84 +1,92 @@
-Generic skill, common project-level guidance loaded by all agents. Provides baseline rules; specialized skills add specific concerns.
-
-## When loaded
-
-Load this skill first in any session. All other skills add to it, never replace it.
-
-## Context
-
-- Load DESIGN.md first for design principles and guidelines.
-- Load ARCHITECTURE.md for system architecture and component interactions.
-
-## Source Roots
-
-<!-- OB-SOURCE-ROOTS-START -->
-Source roots are generated during onboarding from the user's source-scope selection.
-Read and analyze code ONLY from those generated roots.
-
-If multiple roots are generated, each root is an independent git repository. Branch, commit, push, and PR operations must be handled per repository.
-<!-- OB-SOURCE-ROOTS-END -->
-
-## Git Guardrails
-
-- NEVER commit or push to main
-- NEVER force push
-- NEVER merge PRs (human-only)
-- Feature branches only: `feature/*` or `bugfix/*`
-
-## Secrets Guardrails
-
-- NEVER read or output .env files
-- NEVER log credentials, API keys, tokens
-- NEVER commit secrets to git
-
-## Code Quality
-
-- Run tests before marking done
-- Run lint/build before pushing
-- Keep changes small and focused
-- Ask for clarification if unclear
-
-## Ensemble Task Board Rules
-
-When working as a spawned agent in an ensemble team, these rules are mandatory:
-
-**Claim-first execution:**
-- Your FIRST tool call after loading skills MUST be `team_claim task_id:<id>`. The dashboard must show your active task immediately.
-- Do NOT spend more than 2 tool calls reading/planning before writing code. Claim first, then explore only what's needed for that specific task.
-
-**One task at a time:**
-- Claim → implement → build/verify → commit → `team_tasks_complete` → claim next.
-- NEVER hold multiple claimed tasks simultaneously.
-- NEVER batch completions. Mark done immediately after each commit.
-
-**Dependency check before claiming:**
-- Before calling `team_claim task_id:<id>`, call `team_tasks_list` and verify every dependency of that task has status `done`.
-- If any dependency is not `done`, do NOT claim that task. Scan the board for another assigned task whose dependencies ARE all done and claim that one instead.
-- If no assigned task is unblocked, report blocked to lead and STOP. Do NOT poll, sleep, or loop waiting for a dependency.
-
-**Commit cadence:**
-- After each task passes build: `git add -A && git commit -m "feat: <short description>"`
-- ONE task = ONE commit. No multi-task commits.
-
-**Communication discipline:**
-- NEVER message lead with "I'm reading" or "I'm planning". Only message when BATCH DONE or BLOCKED.
-- When BATCH DONE: report number of tasks completed + commit count. Lead may assign more tasks, stay active until lead confirms no more.
-- When BLOCKED: report which task, what's blocking, what you tried.
-- NEVER ask lead for permission to proceed, skip, or reorder tasks. Task sequencing and dependency resolution are YOUR responsibility. Only message lead when BATCH DONE or genuinely BLOCKED (no unblocked tasks remain).
-- When lead sends new task IDs via team_message, treat them as new assignments and continue working.
-
-**Stall prevention:**
-- If a build fails, fix it immediately (max 3 attempts). Then report blocker.
-- If you don't understand a task, message lead asking for clarification. Do NOT guess.
-- If a file you need doesn't exist yet (dependency on another agent), report as blocked, don't create stubs.
-- NEVER use sleep loops or polling to wait for a dependency. Waiting is always a blocker: report it and stop.
-
-## Token Optimization Rules
-
-<!-- OB-RTK-START -->
-RTK rules are generated here when RTK is selected during onboarding.
-<!-- OB-RTK-END -->
-
-<!-- OB-CAVEMAN-START -->
-Caveman rules are generated here when Caveman is selected during onboarding.
-<!-- OB-CAVEMAN-END -->
+---
+name: ob-global
+description: Generic skill, common project-level guidance loaded by all agents. Provides baseline rules; specialized skills add specific concerns. Load this skill first in any session.
+license: MIT
+---
+
+## When loaded
+
+Load this skill first in any session. All other skills add to it, never replace it.
+
+## Context
+
+- Load DESIGN.md first for design principles and guidelines.
+- Load ARCHITECTURE.md for system architecture and component interactions.
+
+## Source Roots
+
+<!-- OB-SOURCE-ROOTS-START -->
+Source roots are generated during onboarding from the user's source-scope selection.
+Read and analyze code ONLY from those generated roots.
+
+If multiple roots are generated, each root is an independent git repository. Branch, commit, push, and PR operations must be handled per repository.
+<!-- OB-SOURCE-ROOTS-END -->
+
+## Git Guardrails
+
+- NEVER commit or push to main
+- NEVER force push
+- NEVER merge PRs (human-only)
+- Feature branches only: `feature/*` or `bugfix/*`
+
+## Secrets Guardrails
+
+- NEVER read or output .env files
+- NEVER log credentials, API keys, tokens
+- NEVER commit secrets to git
+
+## Code Quality
+
+- Run tests before marking done
+- Run lint/build before pushing
+- Keep changes small and focused
+- Ask for clarification if unclear
+
+## Ensemble Task Board Rules
+
+When working as a spawned agent in an ensemble team, these rules are mandatory:
+
+**Claim-first execution:**
+- Your FIRST tool call after loading skills MUST be `team_claim task_id:<id>`. The dashboard must show your active task immediately.
+- Do NOT spend more than 2 tool calls reading/planning before writing code. Claim first, then explore only what's needed for that specific task.
+
+**One task at a time:**
+- Claim → implement → build/verify → commit → `team_tasks_complete` → claim next.
+- NEVER hold multiple claimed tasks simultaneously.
+- NEVER batch completions. Mark done immediately after each commit.
+
+**Dependency check before claiming:**
+- Before calling `team_claim task_id:<id>`, call `team_tasks_list` and verify every dependency of that task has status `done`.
+- If any dependency is not `done`, do NOT claim that task. Scan the board for another assigned task whose dependencies ARE all done and claim that one instead.
+- If no assigned task is unblocked, report blocked to lead and STOP. Do NOT poll, sleep, or loop waiting for a dependency.
+
+**Commit cadence:**
+- After each task passes build: `git add -A && git commit -m "feat: <short description>"`
+- ONE task = ONE commit. No multi-task commits.
+
+**Communication discipline:**
+- NEVER message lead with "I'm reading" or "I'm planning". Only message when BATCH DONE or BLOCKED.
+- When BATCH DONE: report number of tasks completed + commit count. Lead may assign more tasks, stay active until lead confirms no more.
+- When BLOCKED: report which task, what's blocking, what you tried.
+- NEVER ask lead for permission to proceed, skip, or reorder tasks. Task sequencing and dependency resolution are YOUR responsibility. Only message lead when BATCH DONE or genuinely BLOCKED (no unblocked tasks remain).
+- When lead sends new task IDs via team_message, treat them as new assignments and continue working.
+
+**Stall prevention:**
+- If a build fails, fix it immediately (max 3 attempts). Then report blocker.
+- If you don't understand a task, message lead asking for clarification. Do NOT guess.
+- If a file you need doesn't exist yet (dependency on another agent), report as blocked, don't create stubs.
+- NEVER use sleep loops or polling to wait for a dependency. Waiting is always a blocker: report it and stop.
+
+## Token Optimization Rules
+
+<!-- OB-RTK-START -->
+RTK rules are generated here when RTK is selected during onboarding.
+<!-- OB-RTK-END -->
+
+<!-- OB-CAVEMAN-START -->
+Caveman rules are generated here when Caveman is selected during onboarding.
+<!-- OB-CAVEMAN-END -->
+
+<!-- OB-CODEGRAPH-START -->
+Codegraph rules are generated here when codegraph is selected during onboarding.
+<!-- OB-CODEGRAPH-END -->

package/content/.agents/skills/ob-pullrequest-az/SKILL.md

@@ -1,160 +1,168 @@
----
-name: ob-pullrequest-az
-description: Create Azure DevOps PRs with screenshots, or read and triage PR review feedback. Use when shipping a feature branch or when user says "I've added comments to the PR".
-license: MIT
-compatibility: Requires az CLI, az devops extension, openspec CLI, and opencode-browser for screenshots.
-metadata:
-  author: copilots
-  version: "1.0"
----
-
-**Browser MCP tools are FORBIDDEN for all Azure DevOps operations.**
-Browser tools are ONLY permitted for screenshots of the LOCAL running app on `localhost` URLs.
-
----
-
-## Mode A: Create PR (ship mode)
-
-Triggered when devops-manager is in ship mode after implementation is complete.
-
-### Step 1: Verify feature branch
-
-```bash
-git branch --show-current
-```
-
-Branch must be `feature/{id}-{slug}`. NEVER push to `main`.
-
-### Step 2: Capture screenshots (if UI changes exist)
-
-```bash
-browser_navigate url="http://localhost:{port}/{route}"
-browser_wait ms=2000
-browser_screenshot
-```
-
-Save to: `openspec/changes/{change-name}/images/{feature}.png`
-
-### Step 3: Commit and push
-
-```bash
-git add .
-git commit -m "feat(#{id}): {description}"
-git push origin feature/{id}-{slug}
-```
-
-### Step 4: Create PR
-
-```bash
-az repos pr create \
-  --repository {repo} \
-  --source-branch feature/{id}-{slug} \
-  --target-branch main \
-  --title "feat(#{id}): {title}" \
-  --description "{description}"
-```
-
-### Step 5: Link work item (MANDATORY, run sequentially, not in parallel)
-
-```bash
-az repos pr work-item add --id {pr-id} --work-items {workitem-id}
-```
-
-### Step 6: Post screenshot comment
-
-Build raw URL for each image:
-```
-https://dev.azure.com/{org}/{project}/_apis/git/repositories/{repo}/items?path=openspec/changes/{change}/images/{file}.png&versionType=branch&version={branch}&api-version=7.1
-```
-
-Post via:
-```bash
-az devops invoke \
-  --area git --resource pullRequestThreads \
-  --route-parameters project={project} repositoryId={repo} pullRequestId={pr-id} \
-  --http-method POST --api-version 7.1 --in-file body.json
-```
-
-`body.json`:
-```json
-{
-  "comments": [{
-    "parentCommentId": 0,
-    "content": "## Screenshots\n\n![{feature}]({raw-url})",
-    "commentType": 1
-  }],
-  "status": "active"
-}
-```
-
----
-
-## Mode B: Read PR Feedback (feedback mode)
-
-Triggered when user says "I've added comments to the PR" or "check PR feedback".
-
-### Step 1: Find PRs
-
-If PR link provided, extract ID from URL. Otherwise:
-```bash
-az repos pr list --repository {repo} --status active --top 1
-```
-
-### Step 2: Read comment threads
-
-```bash
-az devops invoke \
-  --area git --resource pullRequestThreads \
-  --route-parameters project={project} repositoryId={repo} pullRequestId={id} \
-  --http-method GET --api-version 7.1
-```
-
-### Step 3: Categorize feedback
-
-| Category | Description | Action |
-|----------|-------------|--------|
-| `code-change` | Reviewer requests code modification | Return to lead to spawn specialists |
-| `spec-update` | Affects proposal, design, or tasks | Update openspec artifacts |
-| `question` | Reviewer asks a question | Reply with answer |
-| `resolved` | Thread already resolved | Skip |
-
-### Step 4: Update openspec (if spec-update)
-
-```bash
-git branch --show-current
-# feature/193208-roles-crud → change: us-193208-roles-crud
-```
-
-Update: `openspec/changes/{change}/proposal.md`, `design.md`, or `tasks.md` as appropriate.
-
-### Step 5: Reply to each thread
-
-```bash
-az devops invoke \
-  --area git --resource pullRequestThreadComments \
-  --route-parameters project={project} repositoryId={repo} pullRequestId={id} threadId={tid} \
-  --http-method POST --api-version 7.1 --in-file reply.json
-```
-
-`reply.json`:
-```json
-{
-  "comments": [{
-    "parentCommentId": 1,
-    "content": "Acknowledged, applying this change now.",
-    "commentType": 1
-  }]
-}
-```
-
----
-
-## Guardrails
-
-- ✅ Commit and push to feature branches only
-- ✅ Create and comment on PRs via az CLI
-- ✅ Screenshots of localhost only via browser_screenshot
-- ❌ Commit or push to `main`, FORBIDDEN
-- ❌ Force push, FORBIDDEN
-- ❌ Merge or approve PRs, human-only
-- ❌ Navigate browser to dev.azure.com, FORBIDDEN
+---
+name: ob-pullrequest-az
+description: Create Azure DevOps PRs with screenshots, or read and triage PR review feedback. Use when shipping a feature branch or when user says "I've added comments to the PR".
+license: MIT
+compatibility: Requires az CLI, az devops extension, openspec CLI, and opencode-browser for screenshots.
+metadata:
+  author: copilots
+  version: "1.0"
+---
+
+**Browser MCP tools are FORBIDDEN for all Azure DevOps operations.**
+Browser tools are ONLY permitted for screenshots of the LOCAL running app on `localhost` URLs.
+
+---
+
+## Mode A: Create PR (ship mode)
+
+Triggered when devops-manager is in ship mode after implementation is complete.
+
+### Step 1: Verify feature branch
+
+```bash
+git branch --show-current
+```
+
+Branch must be `feature/{id}-{slug}`. NEVER push to `main`.
+
+### Step 2: Capture screenshots (if UI changes exist)
+
+```bash
+browser_navigate url="http://localhost:{port}/{route}"
+browser_wait ms=2000
+browser_screenshot
+```
+
+Save to: `openspec/changes/{change-name}/images/{feature}.png`
+
+### Step 3: Commit and push
+
+```bash
+git add .
+git commit -m "feat(#{id}): {description}"
+git push origin feature/{id}-{slug}
+```
+
+### Step 4: Create PR
+
+```bash
+az repos pr create \
+  --repository {repo} \
+  --source-branch feature/{id}-{slug} \
+  --target-branch main \
+  --title "feat(#{id}): {title}" \
+  --description "{description}"
+```
+
+### Step 5: Link work item (MANDATORY, run sequentially, not in parallel)
+
+```bash
+az repos pr work-item add --id {pr-id} --work-items {workitem-id}
+```
+
+### Step 6: Post screenshot comment
+
+Build raw URL for each image:
+
+```
+https://dev.azure.com/{org}/{project}/_apis/git/repositories/{repo}/items?path=openspec/changes/{change}/images/{file}.png&versionType=branch&version={branch}&api-version=7.1
+```
+
+Post via:
+
+```bash
+az devops invoke \
+  --area git --resource pullRequestThreads \
+  --route-parameters project={project} repositoryId={repo} pullRequestId={pr-id} \
+  --http-method POST --api-version 7.1 --in-file body.json
+```
+
+`body.json`:
+
+```json
+{
+  "comments": [
+    {
+      "parentCommentId": 0,
+      "content": "## Screenshots\n\n![{feature}]({raw-url})",
+      "commentType": 1
+    }
+  ],
+  "status": "active"
+}
+```
+
+---
+
+## Mode B: Read PR Feedback (feedback mode)
+
+Triggered when user says "I've added comments to the PR" or "check PR feedback".
+
+### Step 1: Find PRs
+
+If PR link provided, extract ID from URL. Otherwise:
+
+```bash
+az repos pr list --repository {repo} --status active --top 1
+```
+
+### Step 2: Read comment threads
+
+```bash
+az devops invoke \
+  --area git --resource pullRequestThreads \
+  --route-parameters project={project} repositoryId={repo} pullRequestId={id} \
+  --http-method GET --api-version 7.1
+```
+
+### Step 3: Categorize feedback
+
+| Category      | Description                         | Action                              |
+| ------------- | ----------------------------------- | ----------------------------------- |
+| `code-change` | Reviewer requests code modification | Return to lead to spawn specialists |
+| `spec-update` | Affects proposal, design, or tasks  | Update openspec artifacts           |
+| `question`    | Reviewer asks a question            | Reply with answer                   |
+| `resolved`    | Thread already resolved             | Skip                                |
+
+### Step 4: Update openspec (if spec-update)
+
+```bash
+git branch --show-current
+# feature/193208-roles-crud → change: us-193208-roles-crud
+```
+
+Update: `openspec/changes/{change}/proposal.md`, `design.md`, or `tasks.md` as appropriate.
+
+### Step 5: Reply to each thread
+
+```bash
+az devops invoke \
+  --area git --resource pullRequestThreadComments \
+  --route-parameters project={project} repositoryId={repo} pullRequestId={id} threadId={tid} \
+  --http-method POST --api-version 7.1 --in-file reply.json
+```
+
+`reply.json`:
+
+```json
+{
+  "comments": [
+    {
+      "parentCommentId": 1,
+      "content": "Acknowledged, applying this change now.",
+      "commentType": 1
+    }
+  ]
+}
+```
+---
+
+## Guardrails
+
+- ✅ Commit and push to feature branches only
+- ✅ Create and comment on PRs via az CLI
+- ✅ Screenshots of localhost only via browser_screenshot
+- ❌ Commit or push to `main`, FORBIDDEN
+- ❌ Force push, FORBIDDEN
+- ❌ Merge or approve PRs, human-only
+- ❌ Navigate browser to dev.azure.com, FORBIDDEN