prizmkit 1.1.79 → 1.1.81
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bundled/VERSION.json +3 -3
- package/bundled/dev-pipeline/scripts/init-pipeline.py +2 -0
- package/bundled/dev-pipeline-windows/scripts/init-pipeline.py +2 -0
- package/bundled/skills/_metadata.json +1 -1
- package/bundled/skills/app-planner/SKILL.md +12 -356
- package/bundled/skills/app-planner/references/infrastructure-convention-discovery.md +108 -0
- package/bundled/skills/app-planner/references/project-conventions-discovery.md +59 -0
- package/bundled/skills/app-planner/references/project-state-detection.md +88 -0
- package/bundled/skills/app-planner/references/rules/backend/derivation-rules.md +10 -0
- package/bundled/skills/app-planner/references/rules/database/derivation-rules.md +9 -0
- package/bundled/skills/app-planner/references/rules/frontend/derivation-rules.md +10 -0
- package/bundled/skills/app-planner/references/rules/frontend/question-bank.md +17 -0
- package/bundled/skills/app-planner/references/rules/frontend/template.md +19 -0
- package/bundled/skills/app-planner/references/rules/mobile/derivation-rules.md +10 -0
- package/bundled/skills/app-planner/references/rules-configuration.md +46 -0
- package/bundled/skills/bug-fix-workflow/SKILL.md +18 -54
- package/bundled/skills/bug-fix-workflow/references/bug-diagnosis.md +41 -0
- package/bundled/skills/bug-planner/SKILL.md +20 -12
- package/bundled/skills/bugfix-pipeline-launcher/SKILL.md +9 -108
- package/bundled/skills/bugfix-pipeline-launcher/references/configuration.md +98 -0
- package/bundled/skills/feature-pipeline-launcher/SKILL.md +20 -103
- package/bundled/skills/feature-pipeline-launcher/references/configuration.md +81 -0
- package/bundled/skills/feature-planner/SKILL.md +5 -9
- package/bundled/skills/feature-workflow/SKILL.md +27 -184
- package/bundled/skills/feature-workflow/references/brainstorm-guide.md +137 -0
- package/bundled/skills/prizm-kit/SKILL.md +14 -2
- package/bundled/skills/prizmkit-code-review/SKILL.md +67 -136
- package/bundled/skills/prizmkit-code-review/references/dev-agent-prompt.md +30 -0
- package/bundled/skills/prizmkit-code-review/references/review-report-template.md +31 -0
- package/bundled/skills/prizmkit-code-review/references/reviewer-agent-prompt.md +62 -0
- package/bundled/skills/prizmkit-code-review/scripts/check_loop.py +186 -0
- package/bundled/skills/prizmkit-committer/SKILL.md +8 -0
- package/bundled/skills/prizmkit-deploy/SKILL.md +49 -73
- package/bundled/skills/prizmkit-deploy/references/data-safety-examples.md +120 -0
- package/bundled/skills/prizmkit-deploy/references/ssh-bootstrap-flow.md +49 -0
- package/bundled/skills/prizmkit-deploy/references/ssh-execution-flow.md +41 -0
- package/bundled/skills/prizmkit-deploy/references/ssh-takeover.md +20 -0
- package/bundled/skills/prizmkit-implement/SKILL.md +7 -1
- package/bundled/skills/prizmkit-plan/SKILL.md +1 -83
- package/bundled/skills/prizmkit-plan/references/examples.md +85 -0
- package/bundled/skills/prizmkit-prizm-docs/SKILL.md +14 -0
- package/bundled/skills/prizmkit-retrospective/SKILL.md +1 -1
- package/bundled/skills/prizmkit-test/SKILL.md +3 -151
- package/bundled/skills/prizmkit-test/references/examples.md +70 -0
- package/bundled/skills/prizmkit-test/references/test-generation-steps.md +49 -0
- package/bundled/skills/prizmkit-test/references/test-report-template.md +42 -0
- package/bundled/skills/recovery-workflow/SKILL.md +24 -103
- package/bundled/skills/recovery-workflow/references/detection.md +58 -0
- package/bundled/skills/refactor-pipeline-launcher/SKILL.md +9 -96
- package/bundled/skills/refactor-pipeline-launcher/references/configuration.md +88 -0
- package/bundled/skills/refactor-planner/SKILL.md +15 -157
- package/bundled/skills/refactor-planner/references/fast-path.md +59 -0
- package/bundled/skills/refactor-planner/references/planning-phases.md +135 -0
- package/bundled/skills/refactor-workflow/SKILL.md +18 -178
- package/bundled/skills/refactor-workflow/references/brainstorm-guide.md +116 -0
- package/bundled/skills-windows/app-planner/SKILL.md +12 -358
- package/bundled/skills-windows/app-planner/references/infrastructure-convention-discovery.md +108 -0
- package/bundled/skills-windows/app-planner/references/project-conventions-discovery.md +59 -0
- package/bundled/skills-windows/app-planner/references/project-state-detection.md +90 -0
- package/bundled/skills-windows/app-planner/references/rules/backend/derivation-rules.md +10 -0
- package/bundled/skills-windows/app-planner/references/rules/database/derivation-rules.md +9 -0
- package/bundled/skills-windows/app-planner/references/rules/frontend/derivation-rules.md +10 -0
- package/bundled/skills-windows/app-planner/references/rules/frontend/question-bank.md +17 -0
- package/bundled/skills-windows/app-planner/references/rules/frontend/template.md +19 -0
- package/bundled/skills-windows/app-planner/references/rules/mobile/derivation-rules.md +10 -0
- package/bundled/skills-windows/app-planner/references/rules-configuration.md +46 -0
- package/bundled/skills-windows/bug-fix-workflow/SKILL.md +18 -54
- package/bundled/skills-windows/bug-fix-workflow/references/bug-diagnosis.md +41 -0
- package/bundled/skills-windows/bug-planner/SKILL.md +20 -12
- package/bundled/skills-windows/bugfix-pipeline-launcher/SKILL.md +6 -91
- package/bundled/skills-windows/bugfix-pipeline-launcher/references/configuration.md +94 -0
- package/bundled/skills-windows/feature-pipeline-launcher/SKILL.md +19 -88
- package/bundled/skills-windows/feature-pipeline-launcher/references/configuration.md +77 -0
- package/bundled/skills-windows/feature-planner/SKILL.md +5 -9
- package/bundled/skills-windows/feature-workflow/SKILL.md +27 -184
- package/bundled/skills-windows/feature-workflow/references/brainstorm-guide.md +137 -0
- package/bundled/skills-windows/prizm-kit/SKILL.md +14 -2
- package/bundled/skills-windows/prizmkit-code-review/SKILL.md +67 -136
- package/bundled/skills-windows/prizmkit-code-review/references/dev-agent-prompt.md +30 -0
- package/bundled/skills-windows/prizmkit-code-review/references/review-report-template.md +31 -0
- package/bundled/skills-windows/prizmkit-code-review/references/reviewer-agent-prompt.md +62 -0
- package/bundled/skills-windows/prizmkit-code-review/scripts/check_loop.py +186 -0
- package/bundled/skills-windows/prizmkit-committer/SKILL.md +8 -0
- package/bundled/skills-windows/prizmkit-deploy/SKILL.md +50 -74
- package/bundled/skills-windows/prizmkit-deploy/references/data-safety-examples.md +120 -0
- package/bundled/skills-windows/prizmkit-deploy/references/direct-upload.md +3 -3
- package/bundled/skills-windows/prizmkit-deploy/references/ssh-bootstrap-flow.md +49 -0
- package/bundled/skills-windows/prizmkit-deploy/references/ssh-execution-flow.md +41 -0
- package/bundled/skills-windows/prizmkit-deploy/references/ssh-takeover.md +20 -0
- package/bundled/skills-windows/prizmkit-deploy/references/ssl-setup.md +2 -2
- package/bundled/skills-windows/prizmkit-implement/SKILL.md +7 -1
- package/bundled/skills-windows/prizmkit-plan/SKILL.md +1 -83
- package/bundled/skills-windows/prizmkit-plan/references/examples.md +85 -0
- package/bundled/skills-windows/prizmkit-prizm-docs/SKILL.md +14 -0
- package/bundled/skills-windows/prizmkit-retrospective/SKILL.md +1 -1
- package/bundled/skills-windows/prizmkit-retrospective/references/structural-sync-steps.md +1 -1
- package/bundled/skills-windows/prizmkit-test/SKILL.md +3 -151
- package/bundled/skills-windows/prizmkit-test/references/examples.md +70 -0
- package/bundled/skills-windows/prizmkit-test/references/test-generation-steps.md +49 -0
- package/bundled/skills-windows/prizmkit-test/references/test-report-template.md +42 -0
- package/bundled/skills-windows/recovery-workflow/SKILL.md +24 -125
- package/bundled/skills-windows/recovery-workflow/references/detection.md +58 -0
- package/bundled/skills-windows/refactor-pipeline-launcher/SKILL.md +8 -77
- package/bundled/skills-windows/refactor-pipeline-launcher/references/configuration.md +82 -0
- package/bundled/skills-windows/refactor-planner/SKILL.md +15 -157
- package/bundled/skills-windows/refactor-planner/references/fast-path.md +59 -0
- package/bundled/skills-windows/refactor-planner/references/planning-phases.md +135 -0
- package/bundled/skills-windows/refactor-workflow/SKILL.md +18 -178
- package/bundled/skills-windows/refactor-workflow/references/brainstorm-guide.md +116 -0
- package/package.json +1 -1
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: "prizmkit-deploy"
|
|
3
|
-
description: "Universal deployment gateway for any PrizmKit project. Discovers project type and target (SSH server, Vercel, Docker, etc.), then routes: full automation for SSH Linux with PM2 + Nginx + blue/green switching, guided setup for cloud platforms, or safe documentation fallback for unsupported targets. Also operates existing deployments: status, logs, restart, rollback, health checks, history, validate. Use this skill whenever the user asks about deployment, hosting, going live, or server operations. Triggers on: 'deploy', 'ship it', 'take this live', 'deploy to Vercel', 'deploy to my server', 'check deploy status', 'view logs', 'restart app', 'rollback', 'how do I deploy this', any deployment or hosting question."
|
|
3
|
+
description: "Universal deployment gateway for any PrizmKit project. Discovers project type and target (SSH server, Vercel, Docker, etc.), then routes: full automation for SSH Linux with PM2 + Nginx + blue/green switching, guided setup for cloud platforms, or safe documentation fallback for unsupported targets. Also operates existing deployments: status, logs, restart, rollback, health checks, history, validate. Use this skill whenever the user asks about deployment, hosting, going live, or server operations. Triggers on: 'deploy', 'ship it', 'take this live', 'deploy to Vercel', 'deploy to my server', 'check deploy status', 'view logs', 'restart app', 'rollback', 'how do I deploy this', any deployment or hosting question. (project)"
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
# PrizmKit Deploy — Universal Deployment Gateway
|
|
@@ -14,6 +14,51 @@ Three possible outcomes depending on what's supported:
|
|
|
14
14
|
|
|
15
15
|
When invited, behave as a deployment engineer. Ask until you understand what is being deployed, where it runs, how it is built, how it starts, what secrets it needs, how traffic reaches it, and how health is checked.
|
|
16
16
|
|
|
17
|
+
### When to Use
|
|
18
|
+
- User says "deploy", "ship it", "take this live", "deploy to Vercel", "deploy to my server"
|
|
19
|
+
- User wants to check deploy status, view logs, restart app, rollback
|
|
20
|
+
- First-time deployment configuration or repair
|
|
21
|
+
- Any deployment, hosting, or server operation question
|
|
22
|
+
|
|
23
|
+
### When NOT to Use
|
|
24
|
+
- Project has no code to deploy (empty/scaffold project)
|
|
25
|
+
- Local dev environment startup — use the project's dev scripts instead
|
|
26
|
+
- Purely CI/CD pipeline debugging unrelated to deployment
|
|
27
|
+
- User wants to edit application code — use /prizmkit-plan and /prizmkit-implement
|
|
28
|
+
|
|
29
|
+
## Data Safety Gate
|
|
30
|
+
|
|
31
|
+
Before executing any command that could **irreversibly destroy, overwrite, or modify data**, pause and get explicit user confirmation. This is a hard gate — the cost of a false negative (losing real data) is catastrophic, while asking one extra question costs nothing.
|
|
32
|
+
|
|
33
|
+
### Detection
|
|
34
|
+
|
|
35
|
+
Before running any shell command, scan it for these patterns:
|
|
36
|
+
|
|
37
|
+
| Category | Dangerous patterns | What's at risk |
|
|
38
|
+
|----------|-------------------|----------------|
|
|
39
|
+
| Database schema | `prisma db push --force-reset`, `prisma db push --accept-data-loss`, `prisma migrate reset`, `prisma migrate dev --create-only` | All existing data dropped, schema reset |
|
|
40
|
+
| Database data | `DROP TABLE`, `DROP DATABASE`, `TRUNCATE`, `DELETE FROM` without `WHERE`, `UPDATE` without `WHERE` | Data deletion or corruption |
|
|
41
|
+
| File system | `rm -rf`, `> /etc/`, overwriting existing configs without backup | Config loss, system breakage |
|
|
42
|
+
| Cloud resources | `terraform destroy`, `kubectl delete`, cloud resource deletion, S3 bucket removal | Infrastructure/service loss |
|
|
43
|
+
|
|
44
|
+
### Confirmation Flow
|
|
45
|
+
|
|
46
|
+
When a dangerous pattern is detected:
|
|
47
|
+
|
|
48
|
+
1. **Stop.** Do not execute. Do not ask "should I proceed?" while already running the command.
|
|
49
|
+
2. **Explain** what the command will do and what data will be lost, in plain language.
|
|
50
|
+
3. **Ask** an explicit yes/no question. Accept only a clear "yes" or equivalent — ambiguous responses ("sure, I guess", "ok go ahead") count as "no" when the consequence is data loss.
|
|
51
|
+
4. **Only proceed** on unambiguous consent. If the user says anything other than a clear affirmative, abort.
|
|
52
|
+
5. **Record** the confirmation decision and the command that was run in deploy history.
|
|
53
|
+
|
|
54
|
+
### Headless Mode
|
|
55
|
+
|
|
56
|
+
If a destructive data operation is detected in headless mode, **refuse and exit** with `DATA_SAFETY_DENIED`. Data destruction must never happen without human oversight — an unattended pipeline that runs `--force-reset` could wipe a production database with no one watching.
|
|
57
|
+
|
|
58
|
+
### Examples
|
|
59
|
+
|
|
60
|
+
Read `${SKILL_DIR}/references/data-safety-examples.md` for concrete few-shot examples of dangerous commands caught by this gate, including the correct and incorrect ways to handle them.
|
|
61
|
+
|
|
17
62
|
## Deployment Discovery
|
|
18
63
|
|
|
19
64
|
Before doing anything else, discover what you're deploying and where. This phase routes the request to the right adapter or fallback. It runs regardless of mode (interactive or headless), but interactive mode may ask questions; headless mode reads from existing config and exits with `NEEDS_INPUT` if critical details are missing.
|
|
@@ -245,39 +290,7 @@ Write `deploy.config.json` with all collected values and `validated: {}` stubs f
|
|
|
245
290
|
|
|
246
291
|
Before first deployment, bootstrap the server. Present a plan showing every privileged action before executing anything.
|
|
247
292
|
|
|
248
|
-
|
|
249
|
-
```
|
|
250
|
-
locale-gen en_US.UTF-8 # fix locale warnings on bare Ubuntu
|
|
251
|
-
apt-get update -qq # refresh package list
|
|
252
|
-
```
|
|
253
|
-
|
|
254
|
-
**Check-and-install (idempotent):** Node.js, npm, PM2, Nginx, Git. Use v22 LTS if v25 not available.
|
|
255
|
-
|
|
256
|
-
**Detect port conflicts:** `ss -tlnp | grep :80 || true`. If port 80/443 is occupied, report and ask how to resolve.
|
|
257
|
-
|
|
258
|
-
**User and directory setup:**
|
|
259
|
-
```
|
|
260
|
-
useradd -m -s /bin/bash <runtimeUser> # if not exists
|
|
261
|
-
mkdir -p /var/www/<project>/{releases,shared,deploy-logs}
|
|
262
|
-
chown -R <runtimeUser>:<runtimeUser> /var/www/<project>
|
|
263
|
-
```
|
|
264
|
-
|
|
265
|
-
**PM2 startup:**
|
|
266
|
-
```
|
|
267
|
-
env PATH=$PATH:/usr/bin pm2 startup systemd -u <runtimeUser> --hp /home/<runtimeUser>
|
|
268
|
-
```
|
|
269
|
-
|
|
270
|
-
**Deploy key (Pull mode only):**
|
|
271
|
-
```
|
|
272
|
-
sudo -u <runtimeUser> ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -N ""
|
|
273
|
-
sudo -u <runtimeUser> ssh-keyscan -H github.com >> ~/.ssh/known_hosts
|
|
274
|
-
```
|
|
275
|
-
|
|
276
|
-
**Security baseline (firewall):** After core tools are installed, ask whether to configure ufw. If user agrees, read `references/firewall-setup.md` for the full interactive flow and rule templates.
|
|
277
|
-
|
|
278
|
-
**Database setup:** If Discovery detected database drivers, ask whether to install the database on the server. If user agrees, read `references/database-setup.md` for platform-specific setup commands and security notes.
|
|
279
|
-
|
|
280
|
-
After each bootstrap step, record the result. Bootstrap operations must be idempotent. Back up any existing config files before modifying them.
|
|
293
|
+
Read `${SKILL_DIR}/references/ssh-bootstrap-flow.md` for the full bootstrap procedure (preflight, check-and-install, user/dir setup, PM2 startup, deploy key). When the bootstrap reaches firewall or database steps, it routes to `references/firewall-setup.md` and `references/database-setup.md`. Key rules: bootstrap operations must be idempotent, existing config files must be backed up before modification, and each step's result must be recorded.
|
|
281
294
|
|
|
282
295
|
### SSH: Direct Upload Deployment
|
|
283
296
|
|
|
@@ -310,37 +323,7 @@ Full procedure in `references/ssl-setup.md`.
|
|
|
310
323
|
|
|
311
324
|
### SSH: Deployment Execution Flow
|
|
312
325
|
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
**Pre-flight — Change Summary:** Show what will be deployed using `git log --oneline <last-deployed-commit>..HEAD`. If first deployment, show last 5 commits. If no new commits, warn "没有新的代码变更。确定要重新部署吗?"
|
|
316
|
-
|
|
317
|
-
**Group 1 — Pre-flight & Prepare:**
|
|
318
|
-
- Verify SSH, runtime user, tools, deploy key, port availability.
|
|
319
|
-
- Generate `releaseId`: `YYYYMMDD-<short-commit-sha>`. Create `releases/<releaseId>`.
|
|
320
|
-
- Determine target color: read `activeColor` from `shared/deploy-metadata.json` and use the opposite. If first deploy (no metadata, no `current` symlink), default to blue (port 3101).
|
|
321
|
-
|
|
322
|
-
**Group 2 — Fetch & Build:**
|
|
323
|
-
|
|
324
|
-
- **CI/CD Pull mode** (server-side build): git clone → install → copy `.env.production` before build (NEXT_PUBLIC_* vars are baked at build time) → build. If build fails: STOP.
|
|
325
|
-
- **CI/CD Push mode** (runner-side build): extract tarball, skip install/build.
|
|
326
|
-
- **Direct-upload mode**: build was already done locally and SCP'd. Skip this group.
|
|
327
|
-
|
|
328
|
-
**Group 3 — Stage & Health Check:**
|
|
329
|
-
- Start new version on inactive port via PM2: `pm2 start npm --name <project>-<app>-<color> -- run start -- -p <inactivePort>`.
|
|
330
|
-
- PM2 process naming: `<project>-<app>-<color>` (e.g., `prizm-ideas-web-green`).
|
|
331
|
-
- Wait 3-5 seconds, run health checks against new port. If any fails: STOP, do NOT switch traffic.
|
|
332
|
-
|
|
333
|
-
**Group 4 — Switch & Verify:**
|
|
334
|
-
- Update Nginx upstream to new port. Run `nginx -t` — abort on failure.
|
|
335
|
-
- `systemctl reload nginx`. Update `current` symlink to new release.
|
|
336
|
-
- Write `shared/deploy-metadata.json` with new `activeColor`, `activePort`, `lastReleaseId`.
|
|
337
|
-
- Run health checks against public endpoint. If any fails: rollback immediately.
|
|
338
|
-
|
|
339
|
-
**Group 5 — Cleanup & Record:**
|
|
340
|
-
- Stop old PM2 process. Remove oldest releases beyond `releaseRetention` count. `pm2 save`.
|
|
341
|
-
- Write deploy-history JSON. Update `deploy.config.json` validation status.
|
|
342
|
-
|
|
343
|
-
**Post-deploy — Completion Summary:** Output a summary (project, URL, version, duration, health status) and append to deploy.md. If `deployStrategy` is `"direct-upload"`, offer CI/CD upgrade (see §SSH: Post-Deploy CI/CD Upgrade).
|
|
326
|
+
Read `${SKILL_DIR}/references/ssh-execution-flow.md` for the full 5-group pipeline: pre-flight, fetch & build, stage & health check, switch & verify, cleanup & record. Key invariant: if any step before traffic switch fails, STOP — do not touch the live version.
|
|
344
327
|
|
|
345
328
|
### SSH: Blue/Green PM2 + Nginx Strategy
|
|
346
329
|
|
|
@@ -405,14 +388,7 @@ Deploy history records secret presence metadata only (e.g., `{"SUPABASE_SERVICE_
|
|
|
405
388
|
|
|
406
389
|
### SSH: Existing Deployment Takeover
|
|
407
390
|
|
|
408
|
-
When deploying to a server that already has deployment assets
|
|
409
|
-
|
|
410
|
-
1. Detect: existing `/var/www/<project>` directory, existing PM2 processes with similar names, Nginx config referencing the same domain/IP, port conflicts.
|
|
411
|
-
2. Report findings and ask for takeover decision:
|
|
412
|
-
- **Take over and backup**: Back up existing config, then proceed.
|
|
413
|
-
- **Coexist**: Use different directory/ports/process names.
|
|
414
|
-
- **Manual resolve**: Stop and let the user handle it.
|
|
415
|
-
3. Record takeover decision and validation results in config and history.
|
|
391
|
+
When deploying to a server that already has deployment assets, read `${SKILL_DIR}/references/ssh-takeover.md` for the detection procedure and takeover decision flow. Record takeover decision and validation results in config and history.
|
|
416
392
|
|
|
417
393
|
### SSH: Nginx Management
|
|
418
394
|
|
|
@@ -0,0 +1,120 @@
|
|
|
1
|
+
# Data Safety Examples
|
|
2
|
+
|
|
3
|
+
Few-shot examples for the Data Safety Gate in `/prizmkit-deploy`. Read this file when a dangerous command pattern is detected — it shows the correct confirmation flow and illustrates what happens when the gate is skipped.
|
|
4
|
+
|
|
5
|
+
## Example 1: Prisma Force Reset (the incident)
|
|
6
|
+
|
|
7
|
+
**Context:** User runs `/prizmkit-deploy` to deploy a Next.js + Prisma project. During database setup, the model needs to sync the Prisma schema with the database.
|
|
8
|
+
|
|
9
|
+
**Wrong — skipping the gate:**
|
|
10
|
+
```
|
|
11
|
+
Model: I'll sync your database schema now.
|
|
12
|
+
$ prisma db push --force-reset --accept-schema
|
|
13
|
+
→ All tables dropped. All production data lost. No backup. No confirmation.
|
|
14
|
+
```
|
|
15
|
+
This happened in production. `--force-reset` drops and recreates every table. `--accept-schema` bypasses Prisma's own confirmation prompt. The model ran both flags without asking the user whether existing data should be preserved.
|
|
16
|
+
|
|
17
|
+
**Correct — with the safety gate:**
|
|
18
|
+
```
|
|
19
|
+
Model: I detected that your database needs a schema sync. However, before I do anything:
|
|
20
|
+
|
|
21
|
+
WARNING: The Prisma schema has changes that could affect existing data.
|
|
22
|
+
- New tables to create: 0
|
|
23
|
+
- Tables that may be modified: 2 (users, orders)
|
|
24
|
+
- If I run `prisma db push --force-reset`, ALL existing data will be DESTROYED.
|
|
25
|
+
|
|
26
|
+
Options:
|
|
27
|
+
1. prisma db push (safe — only adds missing tables/columns, no data loss)
|
|
28
|
+
2. prisma db push --force-reset (DANGEROUS — drops and recreates all tables, all data lost)
|
|
29
|
+
3. prisma migrate dev (creates a migration file you can review first)
|
|
30
|
+
|
|
31
|
+
Which approach do you want? (1/2/3)
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
The `--accept-schema` flag should never be used — it suppresses Prisma's own built-in safety prompts that protect the user.
|
|
35
|
+
|
|
36
|
+
## Example 2: Prisma Migrate Reset
|
|
37
|
+
|
|
38
|
+
**Context:** User wants to reset their dev database to a clean state for testing.
|
|
39
|
+
|
|
40
|
+
**Correct detection and confirmation:**
|
|
41
|
+
```
|
|
42
|
+
Model: `prisma migrate reset` will:
|
|
43
|
+
- Drop the entire database
|
|
44
|
+
- Recreate it from scratch
|
|
45
|
+
- Run all migrations
|
|
46
|
+
|
|
47
|
+
This is a DESTRUCTIVE operation. All data in the database will be permanently lost.
|
|
48
|
+
|
|
49
|
+
Are you sure this is a dev/test database with no important data? (yes/no)
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
In production or any environment with real data: refuse immediately. This command should only run in dev with explicit user confirmation.
|
|
53
|
+
|
|
54
|
+
## Example 3: Raw SQL Data Modification
|
|
55
|
+
|
|
56
|
+
**Context:** During deployment, the model considers running a SQL command to fix a data issue.
|
|
57
|
+
|
|
58
|
+
**Correct detection and confirmation:**
|
|
59
|
+
```
|
|
60
|
+
Model: To fix the duplicate user records, I would run:
|
|
61
|
+
```sql
|
|
62
|
+
DELETE FROM users WHERE email IS NULL AND created_at < '2025-01-01';
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
This would delete approximately 340 user records. BEFORE I run this:
|
|
66
|
+
|
|
67
|
+
1. Would you like me to run a SELECT first to show you exactly which rows would be deleted?
|
|
68
|
+
2. Do you want to back up the users table before deletion?
|
|
69
|
+
3. Confirm: Delete these 340 records? (yes/no)
|
|
70
|
+
|
|
71
|
+
I will not proceed without your explicit confirmation.
|
|
72
|
+
```
|
|
73
|
+
|
|
74
|
+
## Example 4: Overwriting Production Configuration
|
|
75
|
+
|
|
76
|
+
**Context:** During bootstrap, the model needs to write an Nginx config, but one already exists at the target path.
|
|
77
|
+
|
|
78
|
+
**Correct detection and confirmation:**
|
|
79
|
+
```
|
|
80
|
+
Model: Found existing Nginx config at /etc/nginx/sites-enabled/myapp.
|
|
81
|
+
|
|
82
|
+
This file is NOT managed by PrizmKit (no `# PrizmKit Managed:` marker).
|
|
83
|
+
Overwriting it could break existing site configuration.
|
|
84
|
+
|
|
85
|
+
Options:
|
|
86
|
+
1. Back up the existing config to /etc/nginx/sites-enabled/myapp.bak, then write new config
|
|
87
|
+
2. Create new config alongside existing one with a different name
|
|
88
|
+
3. Skip — keep the existing config as-is
|
|
89
|
+
|
|
90
|
+
Which approach? (1/2/3)
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
## Example 5: Confirmation Dialogue Template
|
|
94
|
+
|
|
95
|
+
When the gate triggers, use this dialogue structure:
|
|
96
|
+
|
|
97
|
+
```
|
|
98
|
+
============================================================
|
|
99
|
+
DATA SAFETY GATE — DESTRUCTIVE OPERATION DETECTED
|
|
100
|
+
============================================================
|
|
101
|
+
|
|
102
|
+
Command: <the dangerous command>
|
|
103
|
+
Risk level: HIGH / CRITICAL
|
|
104
|
+
What will be lost: <plain-language description of affected data>
|
|
105
|
+
|
|
106
|
+
Current state:
|
|
107
|
+
- Database: <name>, <size>, <table count>
|
|
108
|
+
- Affected tables: <list>
|
|
109
|
+
- Last backup: <date if known, or "unknown — backup recommended">
|
|
110
|
+
|
|
111
|
+
Recommended safe approach:
|
|
112
|
+
<alternative if one exists>
|
|
113
|
+
|
|
114
|
+
Do you want to proceed with this destructive operation?
|
|
115
|
+
Type "yes, I understand the data will be lost" to confirm.
|
|
116
|
+
Any other response will abort.
|
|
117
|
+
============================================================
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
This format forces the user to read and acknowledge the risk before proceeding.
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# SSH Bootstrap Flow
|
|
2
|
+
|
|
3
|
+
Bootstraps the server before first deployment. Present a plan showing every privileged action before executing anything.
|
|
4
|
+
|
|
5
|
+
## Always-Run Preflight
|
|
6
|
+
|
|
7
|
+
```
|
|
8
|
+
locale-gen en_US.UTF-8 # fix locale warnings on bare Ubuntu
|
|
9
|
+
apt-get update -qq # refresh package list
|
|
10
|
+
```
|
|
11
|
+
|
|
12
|
+
## Check-and-Install (idempotent)
|
|
13
|
+
|
|
14
|
+
Node.js, npm, PM2, Nginx, Git. Use v22 LTS if v25 not available.
|
|
15
|
+
|
|
16
|
+
## Detect Port Conflicts
|
|
17
|
+
|
|
18
|
+
`ss -tlnp | grep :80 || true`. If port 80/443 is occupied, report and ask how to resolve.
|
|
19
|
+
|
|
20
|
+
## User and Directory Setup
|
|
21
|
+
|
|
22
|
+
```
|
|
23
|
+
useradd -m -s /bin/bash <runtimeUser> # if not exists
|
|
24
|
+
mkdir -p /var/www/<project>/{releases,shared,deploy-logs}
|
|
25
|
+
chown -R <runtimeUser>:<runtimeUser> /var/www/<project>
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
## PM2 Startup
|
|
29
|
+
|
|
30
|
+
```
|
|
31
|
+
env PATH=$PATH:/usr/bin pm2 startup systemd -u <runtimeUser> --hp /home/<runtimeUser>
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
## Deploy Key (Pull mode only)
|
|
35
|
+
|
|
36
|
+
```
|
|
37
|
+
sudo -u <runtimeUser> ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -N ""
|
|
38
|
+
sudo -u <runtimeUser> ssh-keyscan -H github.com >> ~/.ssh/known_hosts
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
## Security Baseline (Firewall)
|
|
42
|
+
|
|
43
|
+
After core tools are installed, ask whether to configure ufw. If user agrees, read `references/firewall-setup.md` for the full interactive flow and rule templates.
|
|
44
|
+
|
|
45
|
+
## Database Setup
|
|
46
|
+
|
|
47
|
+
If Discovery detected database drivers, ask whether to install the database on the server. If user agrees, read `references/database-setup.md` for platform-specific setup commands and security notes.
|
|
48
|
+
|
|
49
|
+
After each bootstrap step, record the result. Bootstrap operations must be idempotent. Back up any existing config files before modifying them.
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
# SSH: Deployment Execution Flow
|
|
2
|
+
|
|
3
|
+
Pipeline runs in strict order. Each group must complete before the next begins. If any step before traffic switch fails, STOP — do not touch the live version.
|
|
4
|
+
|
|
5
|
+
## Pre-flight — Change Summary
|
|
6
|
+
|
|
7
|
+
Show what will be deployed using `git log --oneline <last-deployed-commit>..HEAD`. If first deployment, show last 5 commits. If no new commits, warn "没有新的代码变更。确定要重新部署吗?"
|
|
8
|
+
|
|
9
|
+
## Group 1 — Pre-flight & Prepare
|
|
10
|
+
|
|
11
|
+
- Verify SSH, runtime user, tools, deploy key, port availability.
|
|
12
|
+
- Generate `releaseId`: `YYYYMMDD-<short-commit-sha>`. Create `releases/<releaseId>`.
|
|
13
|
+
- Determine target color: read `activeColor` from `shared/deploy-metadata.json` and use the opposite. If first deploy (no metadata, no `current` symlink), default to blue (port 3101).
|
|
14
|
+
|
|
15
|
+
## Group 2 — Fetch & Build
|
|
16
|
+
|
|
17
|
+
- **CI/CD Pull mode** (server-side build): git clone → install → copy `.env.production` before build (NEXT_PUBLIC_* vars are baked at build time) → build. If build fails: STOP.
|
|
18
|
+
- **CI/CD Push mode** (runner-side build): extract tarball, skip install/build.
|
|
19
|
+
- **Direct-upload mode**: build was already done locally and SCP'd. Skip this group.
|
|
20
|
+
|
|
21
|
+
## Group 3 — Stage & Health Check
|
|
22
|
+
|
|
23
|
+
- Start new version on inactive port via PM2: `pm2 start npm --name <project>-<app>-<color> -- run start -- -p <inactivePort>`.
|
|
24
|
+
- PM2 process naming: `<project>-<app>-<color>` (e.g., `prizm-ideas-web-green`).
|
|
25
|
+
- Wait 3-5 seconds, run health checks against new port. If any fails: STOP, do NOT switch traffic.
|
|
26
|
+
|
|
27
|
+
## Group 4 — Switch & Verify
|
|
28
|
+
|
|
29
|
+
- Update Nginx upstream to new port. Run `nginx -t` — abort on failure.
|
|
30
|
+
- `systemctl reload nginx`. Update `current` symlink to new release.
|
|
31
|
+
- Write `shared/deploy-metadata.json` with new `activeColor`, `activePort`, `lastReleaseId`.
|
|
32
|
+
- Run health checks against public endpoint. If any fails: rollback immediately.
|
|
33
|
+
|
|
34
|
+
## Group 5 — Cleanup & Record
|
|
35
|
+
|
|
36
|
+
- Stop old PM2 process. Remove oldest releases beyond `releaseRetention` count. `pm2 save`.
|
|
37
|
+
- Write deploy-history JSON. Update `deploy.config.json` validation status.
|
|
38
|
+
|
|
39
|
+
## Post-deploy — Completion Summary
|
|
40
|
+
|
|
41
|
+
Output a summary (project, URL, version, duration, health status) and append to deploy.md. If `deployStrategy` is `"direct-upload"`, offer CI/CD upgrade (see §SSH: Post-Deploy CI/CD Upgrade).
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# SSH: Existing Deployment Takeover
|
|
2
|
+
|
|
3
|
+
When deploying to a server that already has deployment assets.
|
|
4
|
+
|
|
5
|
+
## Detection
|
|
6
|
+
|
|
7
|
+
1. Check for existing `/var/www/<project>` directory
|
|
8
|
+
2. Check for existing PM2 processes with similar names
|
|
9
|
+
3. Check Nginx config referencing the same domain/IP
|
|
10
|
+
4. Check for port conflicts
|
|
11
|
+
|
|
12
|
+
## Decision Flow
|
|
13
|
+
|
|
14
|
+
Report findings and ask for takeover decision:
|
|
15
|
+
|
|
16
|
+
- **Take over and backup**: Back up existing config, then proceed.
|
|
17
|
+
- **Coexist**: Use different directory/ports/process names.
|
|
18
|
+
- **Manual resolve**: Stop and let the user handle it.
|
|
19
|
+
|
|
20
|
+
Record takeover decision and validation results in config and history.
|
|
@@ -10,6 +10,12 @@ description: "Execute plan.md tasks with TDD approach. Respects task ordering an
|
|
|
10
10
|
- User says "implement", "build", "code it", "start coding", "develop"
|
|
11
11
|
- For fast-path: user describes a simple change directly (fast-path skips specify, but still requires a simplified plan.md with Tasks section)
|
|
12
12
|
|
|
13
|
+
### When NOT to Use
|
|
14
|
+
- No plan.md exists — run /prizmkit-plan first
|
|
15
|
+
- All tasks in plan.md are already checked off — nothing to implement
|
|
16
|
+
- Trivial one-line changes (typo, config tweak) — edit directly without the full workflow
|
|
17
|
+
- Design/planning phase — use /prizmkit-plan to produce spec and plan first
|
|
18
|
+
|
|
13
19
|
**PRECONDITION:**
|
|
14
20
|
|
|
15
21
|
| Required Artifact | Check | If Missing |
|
|
@@ -17,7 +23,7 @@ description: "Execute plan.md tasks with TDD approach. Respects task ordering an
|
|
|
17
23
|
| `plan.md` with Tasks section | File exists + unchecked tasks | Run `/prizmkit-plan` |
|
|
18
24
|
| `spec.md` | File exists in same directory as plan.md | Run `/prizmkit-plan` |
|
|
19
25
|
|
|
20
|
-
**Artifact directory**: Accept `artifact_dir` from caller. If not provided, scan `.prizmkit/` subdirectories for the most recently modified `plan.md` with unchecked tasks.
|
|
26
|
+
**Artifact directory**: Accept `artifact_dir` from caller. If not provided, scan `.prizmkit/` subdirectories for the most recently modified `plan.md` with unchecked tasks. When invoked as a handoff step in a skill chain, reuse the `artifact_dir` from the previous skill rather than re-detecting — re-detection can resolve to a different feature's directory in a multi-task workspace.
|
|
21
27
|
|
|
22
28
|
## Input
|
|
23
29
|
|
|
@@ -86,89 +86,7 @@ A universal spec + plan generator. Takes a natural-language description of ANY d
|
|
|
86
86
|
|
|
87
87
|
## Examples
|
|
88
88
|
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
**Input:** "I want users to upload avatars"
|
|
92
|
-
|
|
93
|
-
**Phase 0 output:** `.prizmkit/specs/003-user-avatar/spec.md`
|
|
94
|
-
```markdown
|
|
95
|
-
# User Avatar Upload
|
|
96
|
-
## Overview
|
|
97
|
-
Allow registered users to upload and manage profile pictures.
|
|
98
|
-
## Goals
|
|
99
|
-
### G-1: Upload Avatar
|
|
100
|
-
As a registered user, I want to upload a profile picture,
|
|
101
|
-
so that other users can visually identify me.
|
|
102
|
-
**Acceptance Criteria:**
|
|
103
|
-
- Given I am on my profile page
|
|
104
|
-
- When I select an image file and click upload
|
|
105
|
-
- Then my avatar is updated and visible across the platform
|
|
106
|
-
## Scope
|
|
107
|
-
- **In scope:** Upload, display, remove avatar; image format validation
|
|
108
|
-
- **Out of scope:** Image cropping/editing, avatar history
|
|
109
|
-
```
|
|
110
|
-
|
|
111
|
-
**Phase 1-2 output:** `plan.md` excerpt:
|
|
112
|
-
```markdown
|
|
113
|
-
## Tasks
|
|
114
|
-
### Phase: Foundation (T-010~T-019)
|
|
115
|
-
- [ ] [T-010] [G-1] Add avatar_url field to User model — file: src/models/user.ts
|
|
116
|
-
- [ ] [T-011] [G-1] Create S3 upload utility — file: src/lib/s3.ts
|
|
117
|
-
### Phase: Core [P] (T-100~T-109)
|
|
118
|
-
- [ ] [T-100] [P] [G-1] POST /api/avatar upload endpoint — file: src/routes/avatar.ts
|
|
119
|
-
```
|
|
120
|
-
|
|
121
|
-
### Example 2: Refactoring
|
|
122
|
-
|
|
123
|
-
**Input:** "Extract shared auth middleware from the API routes"
|
|
124
|
-
|
|
125
|
-
**Phase 0 output:** `.prizmkit/specs/004-extract-auth-middleware/spec.md`
|
|
126
|
-
```markdown
|
|
127
|
-
# Extract Auth Middleware
|
|
128
|
-
## Overview
|
|
129
|
-
Consolidate duplicated authentication logic scattered across route files into a single shared middleware.
|
|
130
|
-
## Goals
|
|
131
|
-
### G-1: Extract Shared Authentication Logic
|
|
132
|
-
Consolidate duplicated auth checks from 5 route files into a single middleware module.
|
|
133
|
-
**Acceptance Criteria:**
|
|
134
|
-
- All existing auth-related tests pass without modification
|
|
135
|
-
- Auth logic exists in exactly one file (src/middleware/auth.ts)
|
|
136
|
-
- No route file contains inline token verification
|
|
137
|
-
## Scope
|
|
138
|
-
- **In scope:** src/routes/users.ts, orders.ts, admin.ts, payments.ts, profile.ts
|
|
139
|
-
- **Out of scope:** Authorization (role-based access), rate limiting
|
|
140
|
-
## Behavior Preservation
|
|
141
|
-
- All 23 existing API tests must pass unchanged
|
|
142
|
-
- Response formats and HTTP status codes must not change
|
|
143
|
-
- Error message strings must remain identical
|
|
144
|
-
```
|
|
145
|
-
|
|
146
|
-
### Example 3: Bug Fix
|
|
147
|
-
|
|
148
|
-
**Input:** "Login page crashes when API returns 401"
|
|
149
|
-
|
|
150
|
-
**Phase 0 output:** `.prizmkit/specs/005-login-401-crash/spec.md`
|
|
151
|
-
```markdown
|
|
152
|
-
# Fix: Login Crash on 401 Response
|
|
153
|
-
## Overview
|
|
154
|
-
Login page throws unhandled exception when auth API returns 401, causing a white screen.
|
|
155
|
-
## Goals
|
|
156
|
-
### G-1: Handle 401 Response Gracefully
|
|
157
|
-
When the auth API returns 401, display an error message instead of crashing.
|
|
158
|
-
**Acceptance Criteria:**
|
|
159
|
-
- Given user submits invalid credentials, When API returns 401, Then error message "Invalid credentials" is displayed
|
|
160
|
-
- Given user submits invalid credentials, When API returns 401, Then no unhandled exception is thrown
|
|
161
|
-
## Root Cause
|
|
162
|
-
- Error classification: Runtime
|
|
163
|
-
- Root cause: `AuthService.handleLogin()` at src/services/auth.ts:42 does not handle null token
|
|
164
|
-
- Affected files: src/services/auth.ts (L42), src/pages/login.tsx (L28)
|
|
165
|
-
## Scope
|
|
166
|
-
- **In scope:** Null handling in auth service, error display in login page
|
|
167
|
-
- **Out of scope:** Other HTTP error codes (403, 500), auth flow redesign
|
|
168
|
-
## Behavior Preservation
|
|
169
|
-
- All existing login success tests must pass unchanged
|
|
170
|
-
- Auth token flow for valid credentials must not change
|
|
171
|
-
```
|
|
89
|
+
Read `${SKILL_DIR}/references/examples.md` for worked examples of feature, refactoring, and bug fix planning.
|
|
172
90
|
|
|
173
91
|
## References
|
|
174
92
|
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
# Plan Examples
|
|
2
|
+
|
|
3
|
+
## Example 1: New Feature
|
|
4
|
+
|
|
5
|
+
**Input:** "I want users to upload avatars"
|
|
6
|
+
|
|
7
|
+
**Phase 0 output:** `.prizmkit/specs/003-user-avatar/spec.md`
|
|
8
|
+
```markdown
|
|
9
|
+
# User Avatar Upload
|
|
10
|
+
## Overview
|
|
11
|
+
Allow registered users to upload and manage profile pictures.
|
|
12
|
+
## Goals
|
|
13
|
+
### G-1: Upload Avatar
|
|
14
|
+
As a registered user, I want to upload a profile picture,
|
|
15
|
+
so that other users can visually identify me.
|
|
16
|
+
**Acceptance Criteria:**
|
|
17
|
+
- Given I am on my profile page
|
|
18
|
+
- When I select an image file and click upload
|
|
19
|
+
- Then my avatar is updated and visible across the platform
|
|
20
|
+
## Scope
|
|
21
|
+
- **In scope:** Upload, display, remove avatar; image format validation
|
|
22
|
+
- **Out of scope:** Image cropping/editing, avatar history
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
**Phase 1-2 output:** `plan.md` excerpt:
|
|
26
|
+
```markdown
|
|
27
|
+
## Tasks
|
|
28
|
+
### Phase: Foundation (T-010~T-019)
|
|
29
|
+
- [ ] [T-010] [G-1] Add avatar_url field to User model — file: src/models/user.ts
|
|
30
|
+
- [ ] [T-011] [G-1] Create S3 upload utility — file: src/lib/s3.ts
|
|
31
|
+
### Phase: Core [P] (T-100~T-109)
|
|
32
|
+
- [ ] [T-100] [P] [G-1] POST /api/avatar upload endpoint — file: src/routes/avatar.ts
|
|
33
|
+
```
|
|
34
|
+
|
|
35
|
+
## Example 2: Refactoring
|
|
36
|
+
|
|
37
|
+
**Input:** "Extract shared auth middleware from the API routes"
|
|
38
|
+
|
|
39
|
+
**Phase 0 output:** `.prizmkit/specs/004-extract-auth-middleware/spec.md`
|
|
40
|
+
```markdown
|
|
41
|
+
# Extract Auth Middleware
|
|
42
|
+
## Overview
|
|
43
|
+
Consolidate duplicated authentication logic scattered across route files into a single shared middleware.
|
|
44
|
+
## Goals
|
|
45
|
+
### G-1: Extract Shared Authentication Logic
|
|
46
|
+
Consolidate duplicated auth checks from 5 route files into a single middleware module.
|
|
47
|
+
**Acceptance Criteria:**
|
|
48
|
+
- All existing auth-related tests pass without modification
|
|
49
|
+
- Auth logic exists in exactly one file (src/middleware/auth.ts)
|
|
50
|
+
- No route file contains inline token verification
|
|
51
|
+
## Scope
|
|
52
|
+
- **In scope:** src/routes/users.ts, orders.ts, admin.ts, payments.ts, profile.ts
|
|
53
|
+
- **Out of scope:** Authorization (role-based access), rate limiting
|
|
54
|
+
## Behavior Preservation
|
|
55
|
+
- All 23 existing API tests must pass unchanged
|
|
56
|
+
- Response formats and HTTP status codes must not change
|
|
57
|
+
- Error message strings must remain identical
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
## Example 3: Bug Fix
|
|
61
|
+
|
|
62
|
+
**Input:** "Login page crashes when API returns 401"
|
|
63
|
+
|
|
64
|
+
**Phase 0 output:** `.prizmkit/specs/005-login-401-crash/spec.md`
|
|
65
|
+
```markdown
|
|
66
|
+
# Fix: Login Crash on 401 Response
|
|
67
|
+
## Overview
|
|
68
|
+
Login page throws unhandled exception when auth API returns 401, causing a white screen.
|
|
69
|
+
## Goals
|
|
70
|
+
### G-1: Handle 401 Response Gracefully
|
|
71
|
+
When the auth API returns 401, display an error message instead of crashing.
|
|
72
|
+
**Acceptance Criteria:**
|
|
73
|
+
- Given user submits invalid credentials, When API returns 401, Then error message "Invalid credentials" is displayed
|
|
74
|
+
- Given user submits invalid credentials, When API returns 401, Then no unhandled exception is thrown
|
|
75
|
+
## Root Cause
|
|
76
|
+
- Error classification: Runtime
|
|
77
|
+
- Root cause: `AuthService.handleLogin()` at src/services/auth.ts:42 does not handle null token
|
|
78
|
+
- Affected files: src/services/auth.ts (L42), src/pages/login.tsx (L28)
|
|
79
|
+
## Scope
|
|
80
|
+
- **In scope:** Null handling in auth service, error display in login page
|
|
81
|
+
- **Out of scope:** Other HTTP error codes (403, 500), auth flow redesign
|
|
82
|
+
## Behavior Preservation
|
|
83
|
+
- All existing login success tests must pass unchanged
|
|
84
|
+
- Auth token flow for valid credentials must not change
|
|
85
|
+
```
|
|
@@ -36,6 +36,19 @@ This skill handles 6 operations. When invoked, determine the user's intent and e
|
|
|
36
36
|
|
|
37
37
|
**Key principle**: `/prizmkit-prizm-docs` defines WHAT the docs should look like and bootstraps them. `/prizmkit-retrospective` is the SOLE WRITER that keeps docs in sync with code during ongoing development.
|
|
38
38
|
|
|
39
|
+
### When to Use
|
|
40
|
+
- First-time project documentation setup (init)
|
|
41
|
+
- Checking if docs are up to date (status)
|
|
42
|
+
- Rebuilding stale module docs after major changes (rebuild)
|
|
43
|
+
- Validating doc format compliance (validate)
|
|
44
|
+
- Migrating existing docs to Prizm format (migrate)
|
|
45
|
+
- User says "initialize docs", "check doc status", "rebuild docs", "validate docs"
|
|
46
|
+
|
|
47
|
+
### When NOT to Use
|
|
48
|
+
- Incremental doc updates after code changes → use /prizmkit-retrospective (the sole writer during development)
|
|
49
|
+
- Project has no .prizmkit/prizm-docs/ and user doesn't want to initialize
|
|
50
|
+
- User wants to edit code → use /prizmkit-plan and /prizmkit-implement
|
|
51
|
+
|
|
39
52
|
## Operation: Init
|
|
40
53
|
|
|
41
54
|
Bootstrap .prizmkit/prizm-docs/ for the current project.
|
|
@@ -46,6 +59,7 @@ PRECONDITION: No .prizmkit/prizm-docs/ directory exists, or user confirms overwr
|
|
|
46
59
|
|
|
47
60
|
Update .prizmkit/prizm-docs/ to reflect recent code changes.
|
|
48
61
|
PRECONDITION: .prizmkit/prizm-docs/ exists with root.prizm.
|
|
62
|
+
**Scope guard**: Use Update only for out-of-band resync — when docs drifted from code after manual edits, merges, branch switches, or other changes made outside the dev loop. During the normal feature/bugfix/refactor loop, do NOT use Update: `/prizmkit-retrospective` is the sole writer and keeps docs in sync per task. Running both is redundant and risks conflicting edits.
|
|
49
63
|
→ Read `${SKILL_DIR}/references/op-update.md` for detailed steps.
|
|
50
64
|
|
|
51
65
|
## Operation: Status
|
|
@@ -27,7 +27,7 @@ For initial doc setup, validation, or migration, use `/prizmkit-prizm-docs` inst
|
|
|
27
27
|
|
|
28
28
|
| Parameter | Required | Description |
|
|
29
29
|
|-----------|----------|-------------|
|
|
30
|
-
| `artifact_dir` | No | Directory containing spec.md, plan.md, review-report.md. If omitted, scan `.prizmkit/` subdirectories for the most recently modified directory with a `plan.md`. If no artifact directory found, run in standalone mode (structural sync only from `git diff`). |
|
|
30
|
+
| `artifact_dir` | No | Directory containing spec.md, plan.md, review-report.md. If omitted, scan `.prizmkit/` subdirectories for the most recently modified directory with a `plan.md`. When invoked as a handoff step, reuse the caller's `artifact_dir` rather than re-detecting. If no artifact directory found, run in standalone mode (structural sync only from `git diff`). |
|
|
31
31
|
|
|
32
32
|
## When NOT to Use
|
|
33
33
|
|