renma 0.15.2 → 0.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (126) hide show
  1. package/CHANGELOG.md +54 -1
  2. package/README.md +216 -655
  3. package/architecture.md +523 -0
  4. package/design.md +458 -0
  5. package/dist/agent-skills.d.ts +77 -0
  6. package/dist/agent-skills.d.ts.map +1 -0
  7. package/dist/agent-skills.js +468 -0
  8. package/dist/agent-skills.js.map +1 -0
  9. package/dist/catalog.d.ts.map +1 -1
  10. package/dist/catalog.js +38 -5
  11. package/dist/catalog.js.map +1 -1
  12. package/dist/cli-help.d.ts +13 -11
  13. package/dist/cli-help.d.ts.map +1 -1
  14. package/dist/cli-help.js +36 -11
  15. package/dist/cli-help.js.map +1 -1
  16. package/dist/cli.d.ts.map +1 -1
  17. package/dist/cli.js +139 -40
  18. package/dist/cli.js.map +1 -1
  19. package/dist/commands/catalog.d.ts.map +1 -1
  20. package/dist/commands/catalog.js +4 -3
  21. package/dist/commands/catalog.js.map +1 -1
  22. package/dist/commands/graph.d.ts.map +1 -1
  23. package/dist/commands/graph.js +7 -12
  24. package/dist/commands/graph.js.map +1 -1
  25. package/dist/commands/readiness.d.ts.map +1 -1
  26. package/dist/commands/readiness.js +7 -6
  27. package/dist/commands/readiness.js.map +1 -1
  28. package/dist/commands/scaffold.d.ts.map +1 -1
  29. package/dist/commands/scaffold.js +59 -16
  30. package/dist/commands/scaffold.js.map +1 -1
  31. package/dist/commands/suggest-metadata.d.ts +3 -1
  32. package/dist/commands/suggest-metadata.d.ts.map +1 -1
  33. package/dist/commands/suggest-metadata.js +226 -7
  34. package/dist/commands/suggest-metadata.js.map +1 -1
  35. package/dist/commands/suggest-semantic-split.js +3 -3
  36. package/dist/commands/suggest-semantic-split.js.map +1 -1
  37. package/dist/dependency-resolution.d.ts +6 -0
  38. package/dist/dependency-resolution.d.ts.map +1 -0
  39. package/dist/dependency-resolution.js +11 -0
  40. package/dist/dependency-resolution.js.map +1 -0
  41. package/dist/diagnostic-ids.d.ts +29 -0
  42. package/dist/diagnostic-ids.d.ts.map +1 -1
  43. package/dist/diagnostic-ids.js +28 -0
  44. package/dist/diagnostic-ids.js.map +1 -1
  45. package/dist/discovery.d.ts +50 -0
  46. package/dist/discovery.d.ts.map +1 -1
  47. package/dist/discovery.js +183 -25
  48. package/dist/discovery.js.map +1 -1
  49. package/dist/metadata.d.ts +3 -1
  50. package/dist/metadata.d.ts.map +1 -1
  51. package/dist/metadata.js +166 -29
  52. package/dist/metadata.js.map +1 -1
  53. package/dist/model.d.ts +1 -0
  54. package/dist/model.d.ts.map +1 -1
  55. package/dist/report.d.ts.map +1 -1
  56. package/dist/report.js +16 -1
  57. package/dist/report.js.map +1 -1
  58. package/dist/repository-paths.d.ts +13 -0
  59. package/dist/repository-paths.d.ts.map +1 -1
  60. package/dist/repository-paths.js +60 -2
  61. package/dist/repository-paths.js.map +1 -1
  62. package/dist/rules.d.ts.map +1 -1
  63. package/dist/rules.js +97 -107
  64. package/dist/rules.js.map +1 -1
  65. package/dist/scanner.d.ts.map +1 -1
  66. package/dist/scanner.js +3 -1
  67. package/dist/scanner.js.map +1 -1
  68. package/dist/security-diagnostics.d.ts.map +1 -1
  69. package/dist/security-diagnostics.js +98 -35
  70. package/dist/security-diagnostics.js.map +1 -1
  71. package/dist/security-policy-inventory.js +11 -4
  72. package/dist/security-policy-inventory.js.map +1 -1
  73. package/dist/security-policy.d.ts +27 -1
  74. package/dist/security-policy.d.ts.map +1 -1
  75. package/dist/security-policy.js +247 -34
  76. package/dist/security-policy.js.map +1 -1
  77. package/dist/skill-migration.d.ts +30 -0
  78. package/dist/skill-migration.d.ts.map +1 -0
  79. package/dist/skill-migration.js +566 -0
  80. package/dist/skill-migration.js.map +1 -0
  81. package/dist/trust-graph.d.ts.map +1 -1
  82. package/dist/trust-graph.js +7 -11
  83. package/dist/trust-graph.js.map +1 -1
  84. package/dist/types.d.ts +3 -1
  85. package/dist/types.d.ts.map +1 -1
  86. package/dist/yaml-frontmatter.d.ts +26 -0
  87. package/dist/yaml-frontmatter.d.ts.map +1 -0
  88. package/dist/yaml-frontmatter.js +114 -0
  89. package/dist/yaml-frontmatter.js.map +1 -0
  90. package/docs/README.md +55 -0
  91. package/docs/advanced-skill-authoring.md +140 -0
  92. package/docs/agent-skills-compatibility.md +500 -0
  93. package/docs/authoring-guide.md +324 -0
  94. package/docs/context-conflict-diagnostics.md +32 -0
  95. package/docs/context-language-diagnostics.md +99 -0
  96. package/docs/context-lens.md +253 -0
  97. package/docs/context-lifecycle-diagnostics.md +55 -0
  98. package/docs/diagnostics.md +373 -0
  99. package/docs/metadata-budget.md +14 -0
  100. package/docs/repository-context-bom.md +113 -0
  101. package/docs/security-policy.md +338 -0
  102. package/docs/user-manual.md +813 -0
  103. package/examples/context-lens/README.md +101 -0
  104. package/examples/context-lens/contexts/testing/boundary-value-analysis.md +23 -0
  105. package/examples/context-lens/lenses/testing/spec-review-boundary-values.md +29 -0
  106. package/examples/context-lens/lenses/testing/test-design-boundary-values.md +29 -0
  107. package/examples/context-lens/skills/testing/spec-review/SKILL.md +49 -0
  108. package/examples/context-repo/README.md +149 -0
  109. package/examples/context-repo/contexts/domain/payment/idempotency.md +20 -0
  110. package/examples/context-repo/contexts/testing/boundary-value-analysis.md +19 -0
  111. package/examples/context-repo/contexts/testing/negative-testing.md +19 -0
  112. package/examples/context-repo/lenses/testing/spec-review-boundary-values.md +35 -0
  113. package/examples/context-repo/renma.config.json +12 -0
  114. package/examples/context-repo/skills/testing/spec-review/SKILL.md +66 -0
  115. package/examples/context-repo/tools/appium/README.md +14 -0
  116. package/examples/github-actions/renma-ci-report.yml +36 -0
  117. package/examples/interactive-placeholder/README.md +104 -0
  118. package/examples/interactive-placeholder/assets/template.txt +1 -0
  119. package/examples/interactive-placeholder/renma.config.json +6 -0
  120. package/examples/interactive-placeholder/skills/replace-placeholder/SKILL.md +54 -0
  121. package/examples/interactive-placeholder/tools/README.md +48 -0
  122. package/examples/interactive-placeholder/tools/placeholder-demo.mjs +99 -0
  123. package/package.json +11 -1
  124. package/plan-discovery.md +740 -0
  125. package/plan.md +150 -0
  126. package/scripts/verify-package.mjs +97 -0
@@ -0,0 +1,101 @@
1
+ # Context Lens Example
2
+
3
+ This current example demonstrates how Context Lenses give different workflows
4
+ purpose-specific interpretations of the same governed Context Asset.
5
+
6
+ It includes:
7
+
8
+ - one reusable Context Asset:
9
+ [`contexts/testing/boundary-value-analysis.md`](contexts/testing/boundary-value-analysis.md);
10
+ - two valid Lenses over that Context:
11
+ [`spec-review-boundary-values.md`](lenses/testing/spec-review-boundary-values.md)
12
+ and
13
+ [`test-design-boundary-values.md`](lenses/testing/test-design-boundary-values.md);
14
+ - one canonical nested Agent Skills-compatible
15
+ [`SKILL.md`](skills/testing/spec-review/SKILL.md) with static required and
16
+ optional Lens relationships.
17
+
18
+ The Skill is a thin routing and workflow layer. The Context Asset owns reusable
19
+ boundary-value knowledge. Each Lens explains how to apply that knowledge for a
20
+ particular purpose without copying it into the Skill.
21
+
22
+ ```text
23
+ Skill -> Context Lens -> Context Asset
24
+ ```
25
+
26
+ These are static repository relationships. Renma validates their definitions,
27
+ metadata, resolution, and repository health. The consuming agent reads and
28
+ applies the declared Context and Lens; Renma does not choose a runtime Lens,
29
+ assemble prompts, inject Context, execute the workflow, or judge Lens quality
30
+ with an LLM. A human reviews the result.
31
+
32
+ ```text
33
+ LLM proposes. Renma verifies. Human approves.
34
+ ```
35
+
36
+ ## Inspect The Example
37
+
38
+ From the Renma repository root after building the CLI:
39
+
40
+ ```bash
41
+ node dist/index.js scan examples/context-lens --fail-on high
42
+ node dist/index.js catalog examples/context-lens --format markdown
43
+ node dist/index.js readiness examples/context-lens --format markdown
44
+ node dist/index.js inspect examples/context-lens/lenses/testing/spec-review-boundary-values.md --format text
45
+ node dist/index.js graph examples/context-lens --view layered --format mermaid
46
+ ```
47
+
48
+ The expected result is one valid nested Skill, two valid Context Lenses, one
49
+ governed Context Asset, resolved Skill-to-Lens-to-Context relationships, zero
50
+ scan findings, and readiness level `ready` with score 100. Readiness includes a
51
+ `Context Lens` summary; JSON output exposes the same evidence under
52
+ `summary.contextLens`.
53
+
54
+ ## Minimal Valid Lens
55
+
56
+ ```yaml
57
+ ---
58
+ id: lens.testing.spec-review.boundary-values
59
+ type: context_lens
60
+ owner: qa-platform
61
+ status: experimental
62
+ version: 1
63
+ scope: context
64
+ purpose: spec_review
65
+ applies_to:
66
+ - context.testing.boundary-value-analysis
67
+ ---
68
+ # Spec Review Lens for Boundary Values
69
+
70
+ Review the boundary-value Context for ambiguity and missing limits.
71
+ ```
72
+
73
+ The supported Lens schema version is `1`; the supported scope is `context`.
74
+
75
+ ## Diagnostic Illustration
76
+
77
+ The following illustration is intentionally not stored as a scanned fixture:
78
+
79
+ ```yaml
80
+ ---
81
+ id: lens.testing.invalid
82
+ owner: qa-platform
83
+ applies_to:
84
+ - ./contexts/testing/missing.md
85
+ ---
86
+ # Invalid Lens
87
+ ```
88
+
89
+ It would produce:
90
+
91
+ - `CONTEXT-LENS-MISSING-REQUIRED-FIELD` for the missing `purpose`;
92
+ - `CONTEXT-LENS-PATH-NORMALIZATION-MISMATCH` for the `./` path prefix; and
93
+ - `CONTEXT-LENS-TARGET-NOT-FOUND` because the target does not resolve.
94
+
95
+ Use readiness as the blocking CI view for Context Lens governance:
96
+
97
+ ```bash
98
+ renma readiness examples/context-lens --json
99
+ ```
100
+
101
+ Blocking Context Lens diagnostics make that command exit `1`.
@@ -0,0 +1,23 @@
1
+ ---
2
+ id: context.testing.boundary-value-analysis
3
+ owner: qa-platform
4
+ status: stable
5
+ tags:
6
+ - testing
7
+ - qa
8
+ when_to_use:
9
+ - Designing or reviewing behavior around numeric, date, quantity, retry, or limit boundaries
10
+ when_not_to_use:
11
+ - Reviewing copy, styling, or exploratory observations that do not depend on explicit boundaries
12
+ allowed_data:
13
+ - repo-local-files
14
+ network_allowed: false
15
+ external_upload_allowed: false
16
+ secrets_allowed: false
17
+ requires_human_approval: false
18
+ ---
19
+ # Boundary Value Analysis
20
+
21
+ Boundary value analysis is reusable testing knowledge. It should stay as a base context asset because it can support spec review, test design, regression planning, onboarding, and other skills.
22
+
23
+ Keep task-specific interpretation in context lens assets instead of copying this content into each skill.
@@ -0,0 +1,29 @@
1
+ ---
2
+ id: lens.testing.spec-review.boundary-values
3
+ type: context_lens
4
+ owner: qa-platform
5
+ status: experimental
6
+ version: 1
7
+ scope: context
8
+ tags:
9
+ - testing
10
+ - spec-review
11
+ purpose: spec_review
12
+ applies_to:
13
+ - context.testing.boundary-value-analysis
14
+ focus: ambiguity, missing boundary, source of truth, confirmation questions
15
+ expected_outputs: unresolved questions, risk notes, spec clarification suggestions
16
+ allowed_data:
17
+ - repo-local-files
18
+ network_allowed: false
19
+ external_upload_allowed: false
20
+ secrets_allowed: false
21
+ requires_human_approval: false
22
+ ---
23
+ # Spec Review Lens for Boundary Values
24
+
25
+ Use this lens when reading boundary value analysis context during spec review.
26
+
27
+ Emphasize whether the spec defines exact lower and upper bounds, inclusive or exclusive behavior, empty or zero cases, overflow handling, retry limits, and ownership of the source of truth.
28
+
29
+ The lens should help produce review questions and risk notes. It should not duplicate the base boundary value analysis context or become a prompt template.
@@ -0,0 +1,29 @@
1
+ ---
2
+ id: lens.testing.test-design.boundary-values
3
+ type: context_lens
4
+ owner: qa-platform
5
+ status: experimental
6
+ version: 1
7
+ scope: context
8
+ tags:
9
+ - testing
10
+ - test-design
11
+ purpose: test_design
12
+ applies_to:
13
+ - context.testing.boundary-value-analysis
14
+ focus: inclusive limits, empty and zero values, overflow behavior, retry limits
15
+ expected_outputs: test cases, edge-case checklist, coverage notes
16
+ allowed_data:
17
+ - repo-local-files
18
+ network_allowed: false
19
+ external_upload_allowed: false
20
+ secrets_allowed: false
21
+ requires_human_approval: false
22
+ ---
23
+ # Test Design Lens for Boundary Values
24
+
25
+ Use this lens when turning boundary value analysis context into concrete test coverage.
26
+
27
+ Emphasize lower and upper bounds, inclusive and exclusive behavior, empty input, zero values, overflow, maximum retries, and expected failure modes.
28
+
29
+ The lens should help produce test cases and coverage notes. It should not select runtime context, assemble a prompt, or duplicate the base boundary value analysis context.
@@ -0,0 +1,49 @@
1
+ ---
2
+ name: spec-review
3
+ description: Review a specification through declared Context Assets and Context Lenses. Use when implementation or test-design boundaries need focused analysis; do not use for implementation, final approval, or unrelated editorial review.
4
+ metadata:
5
+ renma.id: skill.testing.spec-review
6
+ renma.owner: qa-platform
7
+ renma.status: experimental
8
+ renma.tags: '["testing","spec-review"]'
9
+ renma.requires-context: '["context.testing.boundary-value-analysis"]'
10
+ renma.requires-lens: '["lens.testing.spec-review.boundary-values"]'
11
+ renma.optional-lens: '["lens.testing.test-design.boundary-values"]'
12
+ renma.allowed-data: '["repo-local-files"]'
13
+ renma.network-allowed: "false"
14
+ renma.external-upload-allowed: "false"
15
+ renma.secrets-allowed: "false"
16
+ renma.requires-human-approval: "false"
17
+ ---
18
+ # Spec Review
19
+
20
+ Use this skill to review a specification before implementation or test design.
21
+
22
+ The skill stays thin. It declares the reusable base context and the purpose-oriented lens, while the detailed knowledge remains in context assets and lens assets.
23
+
24
+ ## Required Inputs
25
+
26
+ - The specification or product change to review.
27
+ - Any linked source-of-truth documents or implementation references.
28
+
29
+ ## Instructions
30
+
31
+ 1. Read the declared context assets.
32
+ 2. Apply the declared context lens to focus the review.
33
+ 3. Produce unresolved questions, risk notes, and clarification suggestions.
34
+
35
+ ## When Not To Use
36
+
37
+ Use an implementation workflow for code changes, a decision owner for final
38
+ approval, or an editorial workflow for copy-only review.
39
+
40
+ ## Validation
41
+
42
+ - The output distinguishes known facts from open questions.
43
+ - The output cites the source-of-truth gaps it found.
44
+ - The skill does not copy reusable testing guidance into this file.
45
+
46
+ ## Completion Criteria
47
+
48
+ Complete when the output separates facts from unresolved questions, cites each
49
+ source-of-truth gap, records the applied Lens, and is ready for human review.
@@ -0,0 +1,149 @@
1
+ ---
2
+ id: example.context-repo.overview
3
+ title: Example Context Repository
4
+ version: 0.1.0
5
+ owner: qa-platform
6
+ status: stable
7
+ tags:
8
+ - example
9
+ - testing
10
+ ---
11
+
12
+ # Example Context Repository
13
+
14
+ This fixture is a focused workflow-authoring and repository-governance example.
15
+ It is statically navigable for a consuming agent that has this repository
16
+ checkout and can follow the relative Markdown links in the Skill. The agent can
17
+ inspect an incomplete request, ask focused clarification questions, apply
18
+ reusable Context, record evidence and assumptions, and produce findings for
19
+ human review. Renma discovers and validates the repository assets; it does not
20
+ open the links or execute the interaction.
21
+
22
+ ## Repository Assets
23
+
24
+ - [`skills/testing/spec-review/SKILL.md`](skills/testing/spec-review/SKILL.md)
25
+ is the Agent Skills-compatible entrypoint and interactive usage guide.
26
+ - [`lenses/testing/spec-review-boundary-values.md`](lenses/testing/spec-review-boundary-values.md)
27
+ interprets reusable boundary knowledge for specification review.
28
+ - [`contexts/testing/boundary-value-analysis.md`](contexts/testing/boundary-value-analysis.md)
29
+ is the independently owned source of truth used through the Lens.
30
+ - [`contexts/testing/negative-testing.md`](contexts/testing/negative-testing.md)
31
+ is used directly by the Skill; a Context Lens is not required for every
32
+ Context Asset.
33
+ - [`contexts/domain/payment/idempotency.md`](contexts/domain/payment/idempotency.md)
34
+ is optional and applies only when a review covers retryable payment writes.
35
+
36
+ The `metadata.renma.*` dependency values are governance relationships. Generic
37
+ Agent Skills clients are not required to resolve them, so the Skill and Lens
38
+ bodies provide a repository-relative path to every required asset. The Skill
39
+ links the Lens and direct Context Asset, the Lens links Boundary Value Analysis,
40
+ and the Skill links this asset index for its optional payment branch. Agent
41
+ Skills-compatible syntax alone does not make those external assets portable,
42
+ and copying the Skill without the rest of this fixture produces an incomplete
43
+ workflow.
44
+
45
+ The declared relationships demonstrate both supported shapes:
46
+
47
+ ```text
48
+ Skill -> Context Lens -> Context Asset
49
+ Skill -> Context Asset
50
+ ```
51
+
52
+ These are static repository relationships. They do not make Renma select or
53
+ load Context for a live request.
54
+
55
+ ## Responsibility Boundary
56
+
57
+ Renma:
58
+
59
+ - discovers and normalizes the example assets;
60
+ - validates metadata and declared relationships;
61
+ - reports deterministic diagnostics; and
62
+ - exposes Catalog, graph, Trust Graph, Readiness, and Repository Context BOM
63
+ views.
64
+
65
+ The consuming agent:
66
+
67
+ - interprets the user's request and follows the Skill guidance;
68
+ - asks focused clarification questions without inventing missing requirements;
69
+ - opens the explicit repository-relative links in the Skill and Lens;
70
+ - applies the Lens and direct Context relationships where relevant; and
71
+ - records evidence, assumptions, unresolved questions, rationale, and findings.
72
+
73
+ The human:
74
+
75
+ - supplies missing domain knowledge and decision ownership;
76
+ - reviews clarifications, assumptions, findings, and any resulting patch; and
77
+ - accepts, rejects, or corrects the final result.
78
+
79
+ Human review occurs before the findings become accepted requirements or before
80
+ any implementation change is merged.
81
+
82
+ ## Inspect With Renma
83
+
84
+ Run these commands from the renma repository root after building the CLI:
85
+
86
+ ```bash
87
+ npm run build
88
+ node dist/index.js scan examples/context-repo
89
+ node dist/index.js catalog examples/context-repo --format markdown
90
+ node dist/index.js ownership examples/context-repo --format markdown
91
+ node dist/index.js graph examples/context-repo --view layered --format mermaid
92
+ node dist/index.js trust-graph examples/context-repo --format markdown
93
+ node dist/index.js readiness examples/context-repo --format markdown
94
+ node dist/index.js bom examples/context-repo --format json --omit-generated-at
95
+ node dist/index.js bom examples/context-repo --format markdown
96
+ node dist/index.js inspect examples/context-repo/skills/testing/spec-review/SKILL.md
97
+ ```
98
+
99
+ With an installed CLI, replace `node dist/index.js` with `renma`:
100
+
101
+ ```bash
102
+ renma scan examples/context-repo
103
+ renma catalog examples/context-repo --format markdown
104
+ renma ownership examples/context-repo --format markdown
105
+ renma graph examples/context-repo --view layered --format mermaid
106
+ renma trust-graph examples/context-repo --format markdown
107
+ renma readiness examples/context-repo --format markdown
108
+ renma bom examples/context-repo --format json --omit-generated-at
109
+ renma bom examples/context-repo --format markdown
110
+ renma inspect examples/context-repo/skills/testing/spec-review/SKILL.md
111
+ ```
112
+
113
+ `scan` checks the assets for findings. Catalog and ownership show inventory and
114
+ responsibility. The layered graph makes Skill-to-Lens-to-Context and direct
115
+ Skill-to-Context relationships visible. Trust Graph connects review evidence.
116
+ Readiness summarizes repository health. BOM combines declared repository
117
+ evidence into authoritative JSON or a Markdown review projection. `inspect`
118
+ shows the structure of the workflow entrypoint.
119
+
120
+ The example is structurally ready: its Skill and Lens validate, every declared
121
+ relationship resolves, and every cataloged asset has an owner. `scan` also
122
+ keeps advisory missing-security-policy findings visible for the fixture's
123
+ Skill and Context Assets. The example does not invent security policy merely to
124
+ produce an empty finding list; fixture owners would need to review and declare
125
+ that policy.
126
+
127
+ ## Intentionally Not Demonstrated
128
+
129
+ This fixture does not add or imply a Renma runtime state machine, automatic
130
+ question generation, live Skill or Context selection, prompt assembly, agent
131
+ execution, automatic file rewriting, telemetry collection, or automatic human
132
+ approval. The interactive behavior belongs to the consuming agent and the
133
+ final judgment belongs to the human. Renma metadata does not make the workflow
134
+ self-contained or cause a generic Agent Skills client to load external assets.
135
+
136
+ The declared relationship shape is:
137
+
138
+ ```mermaid
139
+ flowchart TD
140
+ node_0["skill: skill.testing.spec-review"]
141
+ node_1["lens: lens.testing.spec-review.boundary-values"]
142
+ node_2["context: context.domain.payment.idempotency"]
143
+ node_3["context: context.testing.negative-testing"]
144
+ node_4["context: context.testing.boundary-value-analysis"]
145
+ node_0 -->|requires_lens| node_1
146
+ node_0 -->|optional| node_2
147
+ node_0 -->|requires| node_3
148
+ node_1 -->|applies_to| node_4
149
+ ```
@@ -0,0 +1,20 @@
1
+ ---
2
+ id: context.domain.payment.idempotency
3
+ title: Payment Idempotency
4
+ version: 0.1.0
5
+ owner: payments-platform
6
+ status: stable
7
+ tags:
8
+ - payment
9
+ - reliability
10
+ when_to_use:
11
+ - Reviewing payment write retry behavior or duplicate request handling
12
+ when_not_to_use:
13
+ - Reviewing non-payment retries or read-only request behavior
14
+ ---
15
+
16
+ # Payment Idempotency
17
+
18
+ Payment writes should be safe to retry. A request with the same idempotency key should produce one durable outcome, even if the client times out and sends the request again.
19
+
20
+ Review payment specs for key scope, duplicate handling, timeout behavior, and whether the response explains the original result.
@@ -0,0 +1,19 @@
1
+ ---
2
+ id: context.testing.boundary-value-analysis
3
+ title: Boundary Value Analysis
4
+ version: 0.1.0
5
+ owner: qa-platform
6
+ status: stable
7
+ tags:
8
+ - testing
9
+ when_to_use:
10
+ - Designing test cases around numeric, date, count, length, or pagination limits
11
+ when_not_to_use:
12
+ - Testing invalid inputs that are not tied to explicit boundary values
13
+ ---
14
+
15
+ # Boundary Value Analysis
16
+
17
+ Boundary value analysis checks the values just below, at, and just above important limits. Use it for limits such as quantity, length, date range, retry count, price, and pagination size.
18
+
19
+ Prefer examples that name the limit and the expected behavior. A good case says what happens at the minimum, the maximum, and the first invalid value outside each edge.
@@ -0,0 +1,19 @@
1
+ ---
2
+ id: context.testing.negative-testing
3
+ title: Negative Testing
4
+ version: 0.1.0
5
+ owner: qa-platform
6
+ status: stable
7
+ tags:
8
+ - testing
9
+ when_to_use:
10
+ - Designing validation, unsupported-state, or error-handling test cases
11
+ when_not_to_use:
12
+ - Designing accepted boundary-value cases for valid limits
13
+ ---
14
+
15
+ # Negative Testing
16
+
17
+ Negative testing verifies that invalid inputs and unsupported states fail clearly. It should confirm the user sees a useful error, the system avoids partial work, and any retry or recovery path is explicit.
18
+
19
+ Useful negative cases include missing required fields, malformed values, expired sessions, duplicate submissions, permission failures, and upstream service errors.
@@ -0,0 +1,35 @@
1
+ ---
2
+ id: lens.testing.spec-review.boundary-values
3
+ type: context_lens
4
+ title: Spec Review Boundary Values Lens
5
+ version: 1
6
+ owner: qa-platform
7
+ status: stable
8
+ tags:
9
+ - testing
10
+ - spec-review
11
+ purpose: spec_review
12
+ applies_to:
13
+ - context.testing.boundary-value-analysis
14
+ focus:
15
+ - missing limits
16
+ - inclusive and exclusive boundaries
17
+ - empty and zero values
18
+ - overflow and retry limits
19
+ expected_outputs:
20
+ - focused clarification questions
21
+ - boundary-related review findings
22
+ - unresolved source-of-truth gaps
23
+ ---
24
+
25
+ # Spec Review Boundary Values Lens
26
+
27
+ Interpret [Boundary Value Analysis](../../contexts/testing/boundary-value-analysis.md)
28
+ for specification review. Identify missing limits, whether endpoints are
29
+ inclusive or exclusive, behavior for empty and zero values, overflow behavior,
30
+ and retry limits.
31
+
32
+ Ask focused questions when the specification does not define those decisions.
33
+ Record unresolved source-of-truth gaps instead of inventing a boundary. This
34
+ Lens guides the consuming agent's interpretation; Renma validates its metadata
35
+ and relationship to the Context Asset but does not apply the Lens at runtime.
@@ -0,0 +1,12 @@
1
+ {
2
+ "fail_on": "high",
3
+ "format": "text",
4
+ "globs": [
5
+ "skills/**/SKILL.md",
6
+ "contexts/**/*.md",
7
+ "lenses/**/*.md",
8
+ "tools/**/*",
9
+ "README.md"
10
+ ],
11
+ "exclude": ["node_modules", "dist", ".git"]
12
+ }
@@ -0,0 +1,66 @@
1
+ ---
2
+ name: spec-review
3
+ description: Review an incomplete product or test specification through focused clarification. Use when requirements need evidence-backed review notes; do not use for implementation or final approval.
4
+ metadata:
5
+ renma.id: skill.testing.spec-review
6
+ renma.title: Spec Review
7
+ renma.version: "0.1.0"
8
+ renma.owner: qa-platform
9
+ renma.status: experimental
10
+ renma.tags: '["testing","spec-review"]'
11
+ renma.requires-context: '["contexts/testing/negative-testing.md"]'
12
+ renma.optional-context: '["context.domain.payment.idempotency"]'
13
+ renma.requires-lens: '["lens.testing.spec-review.boundary-values"]'
14
+ ---
15
+
16
+ # Spec Review
17
+
18
+ ## Routing
19
+
20
+ Use for incomplete specification clarification and evidence-backed review. The
21
+ agent follows this Skill; Renma validates it and its declared relationships.
22
+
23
+ ## Required Inputs
24
+
25
+ - The incomplete request, available criteria, examples, and references.
26
+ - Known constraints, integrations, user states, and owners.
27
+
28
+ ## Repository Context
29
+
30
+ This Skill is statically navigable inside this repository checkout. The
31
+ consuming agent must open these relative links; Renma validates the matching
32
+ asset IDs and relationships but does not load or inject their contents:
33
+
34
+ - [Spec Review Boundary Values Lens](../../../lenses/testing/spec-review-boundary-values.md)
35
+ - [Negative Testing](../../../contexts/testing/negative-testing.md)
36
+ - [Example asset index](../../../README.md#repository-assets), which locates the
37
+ optional Payment Idempotency Context Asset for retryable payment writes
38
+
39
+ Copying this `SKILL.md` without its linked assets is not a complete workflow.
40
+
41
+ ## Hard Constraints
42
+
43
+ - Do not invent requirements, sources, or ownership. Ask a focused question;
44
+ when an answer is unavailable, record the gap and decision owner for human
45
+ review.
46
+
47
+ ## Clarification Workflow
48
+
49
+ 1. Inspect the request and available references.
50
+ 2. Separate facts from missing information, ambiguity, and conflicts.
51
+ 3. Ask about the most consequential gap. Record each answer and its source.
52
+ 4. Repeat until intended behavior, acceptance criteria, boundaries, error or
53
+ retry behavior, and remaining decision owners are clear enough for review.
54
+ Keep unavailable answers as unresolved questions.
55
+ 5. Open the linked Lens and Context Assets. Apply the Lens to boundary-value
56
+ analysis, use Negative Testing directly, and use Payment Idempotency only
57
+ for retryable payment writes.
58
+ 6. Record facts and sources, clarifications, assumptions, open questions,
59
+ applied Context and rationale, and findings with evidence and impact.
60
+ 7. Present the record to a human, who accepts, rejects, or corrects it.
61
+
62
+ ## Validation
63
+
64
+ The review is ready for human judgment when each acceptance criterion has a
65
+ positive path, a negative or unsupported-state path where relevant, and each
66
+ material boundary or retry case. Unresolved issues remain explicit.
@@ -0,0 +1,14 @@
1
+ ---
2
+ id: tool.appium.mobile-testing
3
+ title: Appium Mobile Testing
4
+ version: 0.1.0
5
+ owner: qa-platform
6
+ status: stable
7
+ tags:
8
+ - testing
9
+ - mobile
10
+ ---
11
+
12
+ # Appium Mobile Testing
13
+
14
+ Use Appium for end-to-end mobile checks when the behavior depends on native platform UI, device permissions, or app lifecycle events. Keep scenarios narrow and pair them with faster lower-level tests when possible.
@@ -0,0 +1,36 @@
1
+ name: Renma CI Report
2
+
3
+ on:
4
+ pull_request:
5
+
6
+ jobs:
7
+ renma-ci-report:
8
+ runs-on: ubuntu-latest
9
+ permissions:
10
+ contents: read
11
+
12
+ steps:
13
+ - uses: actions/checkout@v4
14
+ with:
15
+ fetch-depth: 0
16
+
17
+ - uses: actions/setup-node@v4
18
+ with:
19
+ node-version: 22
20
+
21
+ - run: npm ci
22
+
23
+ - run: npm run build
24
+
25
+ - name: Generate Renma CI report
26
+ run: |
27
+ node dist/index.js ci-report . \
28
+ --from origin/${{ github.base_ref }} \
29
+ --to HEAD \
30
+ --format markdown > renma-ci-report.md
31
+
32
+ - uses: actions/upload-artifact@v4
33
+ if: always()
34
+ with:
35
+ name: renma-ci-report
36
+ path: renma-ci-report.md