specpipe 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. package/README.md +111 -311
  2. package/package.json +2 -1
  3. package/src/cli.js +16 -6
  4. package/src/commands/diff.js +1 -1
  5. package/src/commands/init-agents.js +48 -20
  6. package/src/commands/init-global.js +104 -33
  7. package/src/commands/init-interactive.js +71 -0
  8. package/src/commands/init.js +68 -20
  9. package/src/commands/remove.js +159 -49
  10. package/src/commands/upgrade.js +21 -56
  11. package/src/lib/agent-guards.js +34 -78
  12. package/src/lib/agent-install.js +38 -25
  13. package/src/lib/agents.js +53 -11
  14. package/src/lib/claude-global.js +55 -77
  15. package/src/lib/hooks.js +203 -0
  16. package/src/lib/installer.js +104 -62
  17. package/src/lib/reconcile.js +13 -8
  18. package/templates/{.claude/hooks → hooks}/file-guard.js +26 -21
  19. package/templates/hooks/specpipe-read-guard.sh +94 -21
  20. package/templates/hooks/specpipe-shell-guard.sh +121 -29
  21. package/templates/rules/specpipe-rules.md +77 -0
  22. package/templates/skills/sp-build/SKILL.md +101 -1
  23. package/templates/skills/sp-build-behavior-matrix/SKILL.md +876 -0
  24. package/templates/skills/sp-challenge/SKILL.md +34 -0
  25. package/templates/skills/sp-challenge-behavior-matrix/SKILL.md +289 -0
  26. package/templates/skills/sp-explore/SKILL.md +132 -0
  27. package/templates/skills/sp-explore-behavior-matrix/SKILL.md +862 -0
  28. package/templates/skills/sp-fix/SKILL.md +73 -1
  29. package/templates/skills/sp-fix-behavior-matrix/SKILL.md +338 -0
  30. package/templates/skills/sp-investigate/SKILL.md +70 -0
  31. package/templates/skills/sp-investigate-behavior-matrix/SKILL.md +718 -0
  32. package/templates/skills/sp-plan/SKILL.md +90 -0
  33. package/templates/skills/sp-plan-behavior-matrix/SKILL.md +1037 -0
  34. package/templates/skills/sp-review/SKILL.md +29 -3
  35. package/templates/skills/sp-review-behavior-matrix/SKILL.md +294 -0
  36. package/templates/.claude/CLAUDE.md +0 -79
  37. package/templates/.claude/hooks/path-guard.sh +0 -118
  38. package/templates/.claude/hooks/self-review.sh +0 -27
  39. package/templates/.claude/hooks/sensitive-guard.sh +0 -227
  40. package/templates/.claude/settings.json +0 -68
  41. package/templates/docs/WORKFLOW.md +0 -325
  42. package/templates/docs/specs/.gitkeep +0 -0
  43. package/templates/rules/specpipe-guards.md +0 -40
  44. package/templates/scripts/test-hooks.sh +0 -66
  45. /package/templates/{.claude/hooks → hooks}/comment-guard.js +0 -0
  46. /package/templates/{.claude/hooks → hooks}/glob-guard.js +0 -0
package/README.md CHANGED
@@ -1,376 +1,152 @@
1
1
  <p align="center">
2
- <img src="docs/cover.svg" alt="Specpipe — spec-first multi-agent dev toolkit" width="100%">
2
+ <img src="docs/cover.svg" alt="Specpipe — spec-first toolkit for AI coding agents" width="100%">
3
3
  </p>
4
4
 
5
5
  <h1 align="center">Specpipe</h1>
6
6
 
7
7
  <p align="center">
8
- A lightweight, spec-first development toolkit for agentic AI coding agents.
8
+ <b>One spec-first workflow, installed into every AI coding agent you use.</b>
9
9
  </p>
10
10
 
11
11
  <p align="center">
12
12
  <a href="https://specpipe.vercel.app"><b>Live demo&nbsp;→</b></a>
13
13
  </p>
14
14
 
15
- It enforces the cycle **spec (with acceptance scenarios) → code + tests → build pass** through skills, always-on guardrails, and a universal test runner.
15
+ Specpipe installs a disciplined loop — **spec → code + tests → build pass** as native skills, guard hooks, and project rules. You author it once; it lands in whichever agent you run (Claude Code, Codex, Cursor, Antigravity, OpenClaw, Hermes). Switch agents, keep the same `/sp-*` commands.
16
16
 
17
- **Agents:** [Claude Code](https://claude.ai/code) (full hook enforcement) plus Codex, Cursor, Antigravity, OpenClaw, and Hermes (skills + advisory guard rules). Install for one or all: `specpipe init --agents <list>|all`. See [docs/multi-agent.md](docs/multi-agent.md).
18
- **Works with:** Swift, TypeScript/JavaScript, Python, Rust, Go, Java/Kotlin, C#, Ruby.
19
- **Dependencies:** None (requires only a supported agent CLI, Node.js, Git, and Bash).
20
- **Optional:** [GraphAtlas](https://github.com/microvn/graphatlas) MCP server for graph-based code intelligence — six skills use it automatically when present and fall back to `grep` when it isn't.
21
-
22
- ---
23
-
24
- ## Table of Contents
25
-
26
- 1. [Philosophy](#1-philosophy)
27
- 2. [Quick Start](#2-quick-start)
28
- 3. [Setup](#3-setup)
29
- 4. [Daily Workflows](#4-daily-workflows)
30
- 5. [Commands](#5-commands)
31
- 6. [Docs & Reference](#6-docs--reference)
32
-
33
- ---
34
-
35
- ## 1. Philosophy
36
-
37
- ### The Core Cycle
38
-
39
- ```
40
- SPEC (with acceptance scenarios) → CODE + TESTS → BUILD PASS
17
+ ```bash
18
+ npx specpipe init # interactive picker choose agents, skills, guards
41
19
  ```
42
20
 
43
- Every code change — feature, fix, or removal — follows this cycle. The spec is the source of truth. Acceptance scenarios (Given/When/Then) are embedded directly in the spec — no separate test plan file. If code contradicts the spec, the code is wrong.
21
+ ---
44
22
 
45
- ### Why Spec-First?
23
+ ## Why
46
24
 
47
- - **Prevents drift.** Acceptance scenarios live inside the spec no separate test plan to fall out of sync.
48
- - **Tests have purpose.** Scenarios derived from specs test behavior, not implementation details. This means tests survive refactoring.
49
- - **AI writes better code.** When an agent has a spec with concrete Given/When/Then scenarios, it generates more accurate implementations and more meaningful tests.
50
- - **Reviews are grounded.** Reviewers can check code against the spec rather than guessing at intent.
25
+ AI agents write code fast and drift fast they invent requirements, test the wrong things, and quietly break what worked. Specpipe fixes the loop, not the model:
51
26
 
52
- ### Principles
27
+ - **The spec is the source of truth.** Acceptance scenarios (Given/When/Then) live inside the spec; if code contradicts it, the code is wrong. No separate test plan to fall out of sync.
28
+ - **Tests check behavior, not guesses.** They come from the spec, so they survive refactors.
29
+ - **Guardrails are enforced, not suggested.** Hooks stop an agent from reading secrets or crawling `node_modules` *before* it happens.
30
+ - **Learn it once.** The same commands and discipline work in every agent.
53
31
 
54
- 1. **Specs are source of truth** Code changes require spec updates first.
55
- 2. **Incremental, not big-bang** — Test after each code chunk, not after everything is done.
56
- 3. **Tests travel with code** — Every PR includes production code + tests + spec updates.
57
- 4. **Build pass is the gate** — Nothing merges with failing tests.
58
- 5. **Everything in the repo** — Specs, plans, tests, and code are version-controlled and reviewable.
32
+ You don't have to be a developer to feel it: describe a feature in plain language, the agent turns it into a spec you can read, builds against it, and proves it with tests — every step reviewable.
59
33
 
60
34
  ---
61
35
 
62
- ## 2. Quick Start
63
-
64
- **Time needed: 5 minutes.** Below is a realistic transcript — user input, what each skill actually asks, what it actually outputs. Nothing embellished.
36
+ ## Quick start
65
37
 
66
38
  ```bash
67
- npx specpipe init . # install for Claude Code (default)
68
- # or target other agents:
69
- npx specpipe init . --agents cursor,codex
70
- npx specpipe init . --agents all
71
-
72
- claude # open your agent (claude, codex, cursor, …)
39
+ npx specpipe init # interactive: scope (project/global), agents, skills, guards
40
+ npx specpipe init -y # non-interactive defaults: this project, Claude, all skills + guards
73
41
  ```
74
42
 
75
- > The transcript below is on Claude Code. The same skills install for Codex, Cursor,
76
- > Antigravity, OpenClaw, and Hermes — see [Supported agents](#supported-agents).
43
+ Then open your agent (`claude`, `codex`, `cursor`, …) and run the loop. The transcript below is on Claude Code with a Swift project; the same commands and output work in every agent.
77
44
 
78
- ### Step 1 — Spec the feature (`/sp-plan`)
45
+ **1 — Spec it (`/sp-plan`)**
79
46
 
80
47
  ```text
81
48
  You: /sp-plan "add tag filter to the todo list screen"
82
49
 
83
50
  Agent → running /sp-plan
84
51
  Phase 0: Codebase scan — found docs/specs/todo-list/todo-list.md (exists)
85
- Phase 1: Scope Challenge — TodoList already supports text search; tag
86
- filter can reuse the same query pipeline. Flagging: reuse vs rebuild.
87
-
88
- Multiple-choice: "Extend existing search, or add a separate tag filter UI?"
89
- A) Extend search — one input, parsed (text + "tag:work") [lowest cost]
90
- B) Separate tag chips — chips below the search box [clearer UX]
91
- C) Both — chips drive the same query [most work]
52
+ Phase 1: Scope Challenge — TodoList already has text search; the tag filter
53
+ can reuse the same query pipeline. Flagging: reuse vs rebuild.
92
54
 
55
+ "Extend existing search, or add a separate tag filter UI?"
56
+ A) Extend search — one input, parsed (text + "tag:work") [lowest cost]
57
+ B) Separate tag chips — chips below the search box [clearer UX]
58
+ C) Both — chips drive the same query [most work]
93
59
  You: B
94
60
 
95
- Agent: Drafting spec…
96
- docs/specs/todo-list/todo-list.md (Mode C update, snapshot created)
97
-
98
- ## Stories (added)
61
+ Agent: Drafting spec… docs/specs/todo-list/todo-list.md (Mode C update, snapshot created)
99
62
  ### S-007: Filter todos by tag (P0)
100
63
  AS-014: Given todos tagged [work, home], when user taps "work" chip,
101
64
  then only work-tagged todos show.
102
- AS-015: Given no todos match the selected tags, when filter applied,
103
- then empty state shows "No todos match these tags".
104
-
105
- What Already Exists: TodoRepository.query() handles predicates — reuse.
65
+ AS-015: Given no todos match, when filter applied, then empty state shows.
106
66
  Not in Scope: saving favorite tag combinations (deferred).
107
67
  ```
108
68
 
109
- > **Complex spec?** Run `/sp-challenge docs/specs/<feature>/<feature>.md` before coding.
110
- > It spawns parallel hostile reviewers (Security Adversary, Failure Mode Analyst,
111
- > Assumption Destroyer, Scope & YAGNI Critic) that quote the spec and propose surgical
112
- > edits — e.g. "AS-014 doesn't define tag case-sensitivity → add constraint or AS".
113
- > Skip for simple CRUD like this tag filter.
114
-
115
- ### Step 2 — Implement + build (`/sp-build`)
69
+ **2 Build it (`/sp-build`)** TDD loop: coverage map → write the missing test → build green.
116
70
 
117
71
  ```text
118
- You: (edit TodoListView.swift, TagFilterChip.swift) — now /sp-build
119
-
120
- Agent → running /sp-build
121
72
  Phase 1.5: Coverage Map
122
- [+] TodoListView.swift
123
- └── applyTagFilter(selected:)
124
- ├── [★★ TESTED] empty selection → returns all (new test)
125
- ├── [★★ TESTED] single tag match (new test)
126
- ├── [GAP] no-match empty state ( AS-015)
127
- └── [★★ TESTED] multi-tag AND semantics (new test)
128
-
129
- Writing test for [GAP]… building… running.
130
- ✓ 14 tests passed (3 new, 0 regressions)
73
+ applyTagFilter(selected:)
74
+ ├── [★ TESTED] empty selection → returns all
75
+ ├── [GAP] no-match empty state ( AS-015)
76
+ └── [TESTED] multi-tag AND semantics
77
+ Writing test for [GAP] building… ✓ 14 tests passed (3 new, 0 regressions)
131
78
  ```
132
79
 
133
- ### Step 3 — Bug found? (`/sp-fix`)
80
+ **3 — Fix a bug (`/sp-fix`)** — failing test first, then the one-line fix, then green.
134
81
 
135
82
  ```text
136
83
  You: /sp-fix "selecting two tags shows OR results, should be AND"
137
-
138
- Agentrunning /sp-fix
139
- Phase 0: Bug Path Diagram
140
- applyTagFilter(selected: ["work","urgent"])
141
- └── [BUG] predicate uses .contains(anyOf:) — should be .contains(allOf:)
142
-
143
- Phase 1: writing failing test (AS-014 variant: 2 tags, AND)… FAILS ✓
144
- Phase 2: changing .anyOf → .allOf in TodoRepository.swift:88 (1 line)
145
- Phase 3: test now PASSES, full suite green.
146
-
147
- DEBUG REPORT
148
- Root cause: wrong set operator, regression from S-005 search refactor
149
- Prevention: add AS for multi-tag AND to spec (auto-signaled)
84
+ [BUG] predicate uses .contains(anyOf:) — should be .contains(allOf:)
85
+ failing test change .anyOf → .allOf (TodoRepository.swift:88) → suite green
150
86
  ```
151
87
 
152
- ### Step 4 — Review + commit (`/sp-review` → `/sp-commit`)
88
+ **4 — Review + commit (`/sp-review` → `/sp-commit`)** — failure-mode grid, then a secret-scanned conventional commit.
153
89
 
154
90
  ```text
155
- You: /sp-review
156
-
157
- Agent → Smart Focus: UI state + query predicate
158
- Failure Mode Grid: all paths have tests ✓ error states covered ✓
159
- Finding (confidence 8/10): selected-tags state not persisted across
160
- navigation. Not in current spec — logged under "Not in Scope".
161
91
  Verdict: APPROVE
162
-
163
- You: /sp-commit
164
-
165
- Agent → secret scan: clean. debug-code scan: clean.
166
- Staging 4 files. Conventional message:
167
- feat(todo): filter list by selected tags with AND semantics
92
+ feat(todo): filter list by selected tags with AND semantics
168
93
  ✓ commit a1b2c3d (not pushed — run `git push` when ready)
169
94
  ```
170
95
 
171
- > **Complex bug?** Insert `/sp-investigate "<bug>"` before `/sp-fix`. It's read-only,
172
- > writes `docs/investigate/<slug>-<date>.md` with hypotheses + blast radius, then
173
- > `/sp-fix` auto-picks it up. Skip for trivial bugs.
174
-
175
- That's the 5 minutes. The CLI auto-detected your project (Swift + XCTest here) — no config touched.
96
+ The CLI auto-detected the stack (Swift + XCTest) — no config touched. For a risky spec, run `/sp-challenge` between steps 1 and 2; it spawns hostile reviewers that quote the spec and propose surgical edits.
176
97
 
177
98
  ---
178
99
 
179
- ## 3. Setup
100
+ ## Supported agents
180
101
 
181
- ### Prerequisites
102
+ A skill is authored once and **emitted into each agent's native format** — the markdown body is identical; only the location, frontmatter, and hook config change.
182
103
 
183
- | Tool | Required | Why |
184
- |------|----------|-----|
185
- | **A supported agent CLI** | Yes | Runs the skillsClaude Code, Codex, Cursor, Antigravity, OpenClaw, or Hermes |
186
- | **Git** | Yes | Change detection, commit workflow |
187
- | **Node.js** (18+) | Yes | File guard hook, JSON parsing |
188
- | **Bash** (4+) | Yes | Path guard hook, shell-based hooks |
189
- | **Language toolchain** | Yes | Whatever your project uses (Swift, npm, pytest, etc.) |
190
- | **[GraphAtlas](https://github.com/microvn/graphatlas)** | Optional | Graph-based code intelligence — skills prefer it over `grep` when connected |
104
+ | Agent | Skills | Rules | Enforced guards |
105
+ |-------|--------|-------|-----------------|
106
+ | **Claude Code** | `.claude/skills/` | `.claude/CLAUDE.md` | `.claude/settings.json`all five |
107
+ | **Codex CLI** | `.agents/skills/` | `AGENTS.md` | `.codex/hooks.json` shell |
108
+ | **Cursor** | `.cursor/skills/` | `.cursor/rules/*.mdc` | `.cursor/hooks.json` shell + read + file |
109
+ | **Antigravity** | `.agents/skills/` | `.agents/rules/` | `.agents/hooks.json` shell |
110
+ | **OpenClaw** | `skills/` | `SPECPIPE-RULES.md` | advisory rules |
111
+ | **Hermes** | `~/.hermes/skills/` (global only) | `SPECPIPE-RULES.md` | advisory rules |
191
112
 
192
- ### Installation
113
+ Guards run as **blocking hooks** wherever the agent exposes a pre-tool-call hook — they deny a tool call before it runs. Each agent enforces only the guards its hook system supports; most hook Claude-specific tool events:
193
114
 
194
- ```bash
195
- npx specpipe init . # A — one-command install (recommended)
196
- npm install -g specpipe && specpipe init . # B global CLI, then init per project
197
- specpipe init --global # C install skills for every project (~/.claude/skills/)
198
- npx specpipe init --force . # D force re-install (overwrites existing files)
199
- npx specpipe init --only hooks,skills . # Eselective install (specific components)
200
- npx specpipe init --agents cursor,codex . # F — multi-agent (a list, or `all`)
201
- ```
202
-
203
- Globally installed skills (`~/.claude/skills/`) are available in every project; per-project `.claude/skills/` always takes precedence, so a project can override individual skills.
204
-
205
- ### Supported agents
115
+ | Guard | Stops | Claude | Cursor | Codex | Antigravity |
116
+ |---|---|:--:|:--:|:--:|:--:|
117
+ | **shell** | crawling `node_modules`/build dirs, reading `.env`/keys in a command | | | ✓ | ✓ |
118
+ | **read** | the agent reading a secret file | ✓ | ✓ | — | — |
119
+ | **file** | *(advisory)* warns when a source file grows too large | ✓ | ✓ | — | — |
120
+ | **comment / glob** | placeholder-comment edits, repo-wide broad globs | ✓ | | | — |
206
121
 
207
- The skills are authored once and emitted into each agent's native format on install.
208
- The markdown body is identical across agents; only the file location, name, and
209
- frontmatter change. Guardrails are **enforced via blocking hooks** for Claude, Codex,
210
- and Cursor (they can deny a tool call); Antigravity, OpenClaw, and Hermes get the same
211
- guard intent as **always-on advisory rules**.
122
+ A guard an agent can't hook still reaches it as an **advisory rule** in that agent's rules file, so the intent travels everywhere; OpenClaw and Hermes (no blocking hooks) get all guards that way. Skills that lean on Claude-only tools degrade gracefully with a short "running outside Claude Code" note. Details: [docs/multi-agent.md](docs/multi-agent.md).
212
123
 
213
- | Agent | Install location | Guardrails |
214
- |-------|------------------|-----------|
215
- | **Claude Code** | `.claude/skills/sp-*/SKILL.md` + `.claude/hooks/` | Hook-enforced |
216
- | **Codex CLI** | `.agents/skills/sp-*/SKILL.md` | **enforced** `.codex/hooks.json` + `AGENTS.md` |
217
- | **Cursor** | `.cursor/skills/sp-*/SKILL.md` | **enforced** `.cursor/hooks.json` + `.cursor/rules/` |
218
- | **Antigravity** | `.agents/skills/sp-*/SKILL.md` | `.agent/rules/` (advisory) |
219
- | **OpenClaw** | `skills/sp-*/SKILL.md` | `SPECPIPE-GUARDS.md` (advisory) |
220
- | **Hermes** | `optional-skills/specpipe/sp-*/SKILL.md` | `SPECPIPE-GUARDS.md` (advisory) |
221
-
222
- Skills that use Claude-only tools (`AskUserQuestion`, subagents) get a "Running outside
223
- Claude Code" note appended for the other agents, so they degrade gracefully. The specs
224
- and workflow themselves are tool-agnostic. Full details: [docs/multi-agent.md](docs/multi-agent.md).
124
+ ---
225
125
 
226
- ### What gets installed
126
+ ## What gets installed
227
127
 
228
- The default (`--agents claude`) layout. Other agents install the same skills into their own locations (see the table above).
128
+ Each agent gets its own paths; the Claude layout, as an example:
229
129
 
230
130
  ```
231
131
  your-project/
232
- ├── .specpipe/manifest.json install manifest (tracks files per agent; used by upgrade/remove)
132
+ ├── .specpipe/manifest.json tracks every installed file per agent (drives upgrade/remove)
233
133
  ├── .claude/
234
- │ ├── CLAUDE.md project rules hub (auto-filled with detected stack)
235
- │ ├── settings.json ← hook wiring
236
- │ ├── hooks/ file/path/glob/comment/sensitive guards + self-review
237
- │ └── skills/sp-*/ ← the 13 skills (/sp-plan, /sp-build, /sp-fix, …)
238
- └── docs/
239
- ├── specs/<feature>/ ← your specs (folder-per-feature) + snapshots/
240
- └── WORKFLOW.md ← process reference
134
+ │ ├── CLAUDE.md ← rules hub: spec-first cycle + guardrails + auto-detected stack
135
+ │ ├── settings.json ← hook wiring
136
+ │ ├── hooks/ shell, read, comment, glob, file guards
137
+ │ └── skills/sp-*/ ← the 13 skills
138
+ └── docs/specs/<feature>/ ← your specs + snapshots (created by the skills)
241
139
  ```
242
140
 
243
- `specpipe remove` cleans up hooks, skills, and settings while preserving `CLAUDE.md` and `docs/`. See [docs/hooks.md](docs/hooks.md) for what each guard does.
244
-
245
- ### Optional: GraphAtlas code intelligence
246
-
247
- The skills work out of the box with `grep`. When [GraphAtlas](https://github.com/microvn/graphatlas) (GA) is connected as an MCP server, six skills — `/sp-explore`, `/sp-plan`, `/sp-build`, `/sp-fix`, `/sp-review`, `/sp-investigate` — prefer it for code discovery, call-graph tracing, and blast-radius analysis. `grep` can't tell a call site from a string literal or follow re-exports; GA indexes the repo into a local graph with typed `CALL`/`IMPORT`/`OVERRIDE` edges and answers structural questions deterministically — 100% local, no LLM, no telemetry.
248
-
249
- Install and register it per the [GraphAtlas README](https://github.com/microvn/graphatlas); the skills detect it automatically and fall back to `grep` when it's absent or the index is stale. Nothing breaks — you only lose precision.
250
-
251
- ### Upgrade & uninstall
252
-
253
- ```bash
254
- npx specpipe check # is an update available?
255
- npx specpipe diff # what changed?
256
- npx specpipe list # installed files + status
257
- npx specpipe upgrade # smart upgrade — preserves files you customized (--force overwrites all)
258
- npx specpipe remove # remove hooks/skills/settings; keeps CLAUDE.md + docs/
259
- ```
141
+ Other agents add their own dirs (`.agents/`, `.cursor/`, `.codex/`) and a shared `AGENTS.md`. `remove` cleans it all up; `remove --agents <list>` drops one agent and keeps shared files the others need. Your `CLAUDE.md` content and `docs/` are always preserved.
260
142
 
261
- After install, verify the **Project Info** in `.claude/CLAUDE.md` (language, test framework, directories) and edit if the auto-detection missed anything.
143
+ > **GraphAtlas (optional):** with [GraphAtlas](https://github.com/microvn/graphatlas) connected as an MCP server, six skills prefer it over `grep` for call-graph and blast-radius analysis — 100% local, no LLM. Skills fall back to `grep` when it's absent; nothing breaks.
262
144
 
263
145
  ---
264
146
 
265
- ## 4. Daily Workflows
266
-
267
- ### New Project (Greenfield)
268
-
269
- > When: Brand-new project — no codebase yet (empty repo, no package manager / `src/`).
270
-
271
- ```
272
- 1. /sp-explore "what you're building"
273
- → Detects greenfield, also decides app-type + stack (researched, current),
274
- emits a Bootstrap Brief in docs/explore/<feature>.md.
275
-
276
- 2. /sp-scaffold
277
- → Generator-first runnable skeleton (core/ + one pattern-demonstrating module +
278
- tests), smoke-gated (install→build→start GREEN), + ARCHITECTURE.md / ADRs.
279
- Hands off only when it RUNS.
280
-
281
- 3. /sp-plan → /sp-build → normal New Feature flow, now on a runnable base.
282
- ```
283
-
284
- ### Explore Before Planning
285
-
286
- > When: Requirements are unclear, you're debating between approaches, or it's a brownfield feature with existing code to understand first.
287
-
288
- ```
289
- 1. /sp-explore "feature description"
290
- → Asks questions as a Client Technical Lead — one topic at a time.
291
- → Clarifies: why, behavior, boundaries, business rules, edge cases, permissions, UI.
292
- → Output: docs/explore/<feature>.md
293
-
294
- 2. /sp-plan "feature description"
295
- → Auto-detects docs/explore/<feature>.md, skips redundant discovery.
296
- → Continue with the normal New Feature flow.
297
- ```
298
-
299
- ### New Feature
147
+ ## Commands
300
148
 
301
- > When: Building something new no existing code or spec.
302
-
303
- ```
304
- 1. /sp-plan "description of the feature"
305
- → Generates spec with acceptance scenarios at docs/specs/<feature>/<feature>.md.
306
-
307
- 2. Implement code in chunks.
308
- After each chunk: /sp-build
309
- Repeat until green.
310
-
311
- 3. /sp-review (before merge)
312
-
313
- 4. /sp-commit
314
- ```
315
-
316
- **Example:**
317
- ```
318
- /sp-plan "User authentication with email/password login, password reset via email, and session management with 24h expiry"
319
- ```
320
-
321
- ### Update Existing Feature
322
-
323
- > When: Changing behavior of something that already exists.
324
-
325
- ```
326
- 1. /sp-plan docs/specs/<feature>/<feature>.md "description of changes"
327
- → Mode C handles everything: snapshot → classification → change report → apply.
328
- Do NOT manually edit the spec before running /sp-plan.
329
-
330
- 2. Implement the code change.
331
- /sp-build
332
- Fix until green.
333
-
334
- 3. /sp-review → /sp-commit
335
- ```
336
-
337
- ### Bug Fix
338
-
339
- > When: Something is broken.
340
-
341
- ```
342
- 0. (OPTIONAL) /sp-investigate "description of the bug"
343
- → Use for complex bugs, outages, data corruption, or when the cause is unclear.
344
- → Read-only: hypothesis + blast radius + evidence, no code changes.
345
- → Writes docs/investigate/<slug>-<date>.md for /sp-fix to consume.
346
- → Skip for trivial/obvious bugs — go straight to /sp-fix.
347
-
348
- 1. /sp-fix "description of the bug" (or /sp-fix docs/investigate/<slug>-<date>.md)
349
- → Writes failing test → fixes code → runs full suite.
350
-
351
- 2. /sp-commit
352
- ```
353
-
354
- ### Remove Feature
355
-
356
- > When: Deleting code, removing deprecated functionality.
357
-
358
- ```
359
- 1. /sp-plan docs/specs/<feature>/<feature>.md "remove stories S-XXX"
360
- → Mode C creates a snapshot (removing stories = Major), then marks as removed.
361
-
362
- 2. Delete production code + related tests.
363
-
364
- 3. Run the full test suite (your project's native test command). Fix cascading breaks.
365
-
366
- 4. /sp-commit
367
- ```
368
-
369
- ---
370
-
371
- ## 5. Commands
372
-
373
- Thirteen slash commands. The one-liner and token cost are below; full per-skill behaviour (phases, rules, outputs) lives in **[docs/commands.md](docs/commands.md)**.
149
+ Thirteen slash commands. Full per-skill behaviour (phases, rules, outputs) lives in **[docs/commands.md](docs/commands.md)**.
374
150
 
375
151
  | Command | What it does | Tokens |
376
152
  |---------|--------------|--------|
@@ -384,32 +160,56 @@ Thirteen slash commands. The one-liner and token cost are below; full per-skill
384
160
  | [`/sp-review`](docs/commands.md#sp-review--pre-merge-quality-gate) | Pre-merge quality gate with smart focus + failure-mode grid | 10–20k |
385
161
  | [`/sp-voices`](docs/commands.md#sp-voices--multi-llm-review-optional) | Multi-LLM review panel (optional second opinion) | 10–30k + API |
386
162
  | [`/sp-commit`](docs/commands.md#sp-commit--smart-git-commit) | Smart conventional commit with secret + debug-code scan | 2–4k |
387
- | [`/sp-spec-render`](docs/commands.md#sp-spec-render--render-spec-as-html-view) | Render a spec as a standalone, scannable HTML view | 3–8k |
388
- | [`/sp-md-render`](docs/commands.md#sp-md-render--render-any-markdown-as-html-view) | Render any long-form markdown as a standalone HTML view | 3–8k |
163
+ | [`/sp-spec-render`](docs/commands.md#sp-spec-render--render-spec-as-html-view) | Render a spec as a standalone HTML view | 3–8k |
164
+ | [`/sp-md-render`](docs/commands.md#sp-md-render--render-any-markdown-as-html-view) | Render any long-form markdown as an HTML view | 3–8k |
389
165
  | [`/sp-humanize`](docs/commands.md#sp-humanize--rephrase-to-human-voice) | Rephrase a plan/draft into natural, send-ready text | 2–6k |
390
166
 
391
167
  ---
392
168
 
393
- ## 6. Docs & Reference
169
+ ## Workflows
394
170
 
395
- | Doc | What's in it |
396
- |-----|--------------|
397
- | [docs/commands.md](docs/commands.md) | Full per-skill reference phases, rules, outputs, token cost guide |
398
- | [docs/hooks.md](docs/hooks.md) | Automatic guards triggers, what each blocks, config, manual testing |
399
- | [docs/spec-format.md](docs/spec-format.md) | Spec template, AS depth by priority, snapshots, naming conventions |
400
- | [docs/customization.md](docs/customization.md) | Environment variables, extending `CLAUDE.md`, adding custom skills |
401
- | [docs/troubleshooting.md](docs/troubleshooting.md) | Hooks not firing, tests not detected, wrong base branch, … |
402
- | [docs/faq.md](docs/faq.md) | Common questions — specs for tiny changes, mocks, multi-language, … |
403
- | [docs/multi-agent.md](docs/multi-agent.md) | How one skill emits into every agent's native format |
404
- | [docs/architecture.md](docs/architecture.md) | CLI internals — registry, reconcile lifecycle, manifest |
405
- | [docs/adding-an-agent.md](docs/adding-an-agent.md) | Add support for a new agent |
171
+ The four-step loop above is the **new feature** flow. Variants:
172
+
173
+ - **Greenfield** (empty repo): `/sp-explore` (decides app-type + stack) `/sp-scaffold` (runnable, smoke-gated skeleton) the feature loop.
174
+ - **Update a feature:** `/sp-plan docs/specs/<feature>/<feature>.md "what's changing"`never hand-edit the spec; Mode C snapshots → diffs → applies. Then `/sp-build` → `/sp-review` → `/sp-commit`.
175
+ - **Bug fix:** `/sp-fix "the bug"` (failing test → minimal fix → green). For a murky bug, run `/sp-investigate` first read-only hypothesis + blast radius.
176
+ - **Fuzzy requirements:** `/sp-explore "feature"` runs a one-topic-at-a-time Q&A and `/sp-plan` picks up its notes automatically.
406
177
 
407
178
  ---
408
179
 
409
- ## Contributing
180
+ ## CLI reference
410
181
 
411
- Issues and PRs welcome. See [CONTRIBUTING.md](CONTRIBUTING.md) for the dev setup, test suite, and the spec-first workflow this repo holds itself to. Security reports: [SECURITY.md](SECURITY.md).
182
+ ```bash
183
+ npx specpipe init . --agents cursor,codex # install for specific agents (a list, or `all`)
184
+ npx specpipe init . --skills core # skip optional render/humanize skills (or a comma list)
185
+ npx specpipe init . --hooks none # skills only, no guardrails (or --hooks shell,read)
186
+ npx specpipe init --global --agents claude,codex # install skills globally for chosen agents
412
187
 
413
- ## License
188
+ npx specpipe check | diff | list # update available? · what changed? · installed status
189
+ npx specpipe upgrade # smart upgrade, preserves files you customized (--force overwrites)
190
+ npx specpipe remove [--agents <list>] [--dry-run] # uninstall (keeps your CLAUDE.md content + docs/)
191
+ ```
192
+
193
+ **Requirements:** a supported agent CLI, Git, Node.js 18+, Bash 4+, and your project's own toolchain. No dependencies are added to your project.
194
+
195
+ **Global install** puts each agent's skills in its user-level dir (`~/.claude/skills/`, `~/.codex/skills/`, `~/.cursor/skills/`, `~/.gemini/antigravity-cli/skills/`, `~/.openclaw/skills/`, `~/.hermes/skills/`), so every project is covered. Per-project skills take precedence; Hermes is global-only; global hooks are Claude-only. The lifecycle remembers your skill selection — `upgrade` won't resurrect ones you deselected.
196
+
197
+ After install, check the **Project Info** in `.claude/CLAUDE.md` and fix anything auto-detection missed. Per-skill behavior is tunable via env vars — see [docs/customization.md](docs/customization.md).
198
+
199
+ ---
200
+
201
+ ## Docs
202
+
203
+ | Doc | What's in it |
204
+ |-----|--------------|
205
+ | [multi-agent.md](docs/multi-agent.md) | How one skill emits into every agent's native format (verified path/format matrix) |
206
+ | [commands.md](docs/commands.md) | Full per-skill reference — phases, rules, outputs, token cost |
207
+ | [hooks.md](docs/hooks.md) | The guards — triggers, what each blocks, config, manual testing |
208
+ | [spec-format.md](docs/spec-format.md) | Spec template, AS depth by priority, snapshots, naming |
209
+ | [customization.md](docs/customization.md) | Environment variables, extending rules, custom skills |
210
+ | [troubleshooting.md](docs/troubleshooting.md) · [faq.md](docs/faq.md) | Hooks not firing, tests not detected, specs for tiny changes, … |
211
+ | [architecture.md](docs/architecture.md) · [adding-an-agent.md](docs/adding-an-agent.md) | CLI internals; how to add a new agent |
212
+
213
+ ---
414
214
 
415
- [MIT](LICENSE) © Microvn
215
+ Issues and PRs welcome — see [CONTRIBUTING.md](CONTRIBUTING.md). Security: [SECURITY.md](SECURITY.md). License: [MIT](LICENSE) © Microvn
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "specpipe",
3
- "version": "1.0.1",
3
+ "version": "1.0.3",
4
4
  "description": "Spec-first development toolkit for agentic AI coding agents — installs skills + guardrails for Claude Code, Codex, Cursor, Antigravity, and more.",
5
5
  "bin": {
6
6
  "specpipe": "./bin/devkit.js",
@@ -15,6 +15,7 @@
15
15
  "node": ">=18"
16
16
  },
17
17
  "dependencies": {
18
+ "@clack/prompts": "^1.6.0",
18
19
  "chalk": "^5.4.1",
19
20
  "commander": "^13.1.0"
20
21
  },
package/src/cli.js CHANGED
@@ -18,21 +18,29 @@ export function cli(argv) {
18
18
  .command('init [path]')
19
19
  .description('Initialize a project with the dev-kit')
20
20
  .option('-f, --force', 'Overwrite existing files')
21
- .option('-g, --global', 'Install skills globally to ~/.claude/skills/ (available in all projects)')
21
+ .option('-g, --global', 'Install skills globally (per-agent user-level dirs, all projects); honors --agents, defaults to claude')
22
22
  .option('--agents <list>', 'Target agent(s): claude,codex,cursor,antigravity,openclaw,hermes or "all" (default: claude)')
23
- .option('--only <components>', 'Install only specific components (comma-separated: hooks,skills,scripts,docs,config)')
23
+ .option('--skills <list>', 'Skills to install: all | core | comma list e.g. sp-build,sp-fix (default: all)')
24
+ .option('--hooks <list>', 'Guard hooks to install: all | none | comma list e.g. shell,read (default: all)')
25
+ .option('-y, --yes', 'Skip interactive prompts and use defaults (per-project, claude, all skills)')
26
+ .option('--only <components>', 'Install only specific components (comma-separated: hooks,skills,docs,config)')
24
27
  .option('--adopt', 'Adopt existing kit files without overwriting (migration from setup.sh)')
25
28
  .option('--dry-run', 'Show what would be done without making changes')
26
29
  .action(async (path, opts) => {
27
- const { initCommand } = await import('./commands/init.js');
28
- await initCommand(path || '.', opts);
30
+ try {
31
+ const { initCommand } = await import('./commands/init.js');
32
+ await initCommand(path || '.', opts);
33
+ } catch (err) {
34
+ console.error(`Error: ${err.message}`);
35
+ process.exit(1);
36
+ }
29
37
  });
30
38
 
31
39
  program
32
40
  .command('upgrade [path]')
33
41
  .description('Smart upgrade — preserves customized files')
34
42
  .option('-f, --force', 'Overwrite even customized files')
35
- .option('-g, --global', 'Upgrade skills globally in ~/.claude/skills/')
43
+ .option('-g, --global', 'Upgrade the global install (every agent installed globally)')
36
44
  .option('--dry-run', 'Show what would be done without making changes')
37
45
  .action(async (path, opts) => {
38
46
  const { upgradeCommand } = await import('./commands/upgrade.js');
@@ -66,7 +74,9 @@ export function cli(argv) {
66
74
  program
67
75
  .command('remove [path]')
68
76
  .description('Uninstall dev-kit (preserves CLAUDE.md and docs/)')
69
- .option('-g, --global', 'Remove global install (~/.claude/skills/, ~/.claude/hooks/, hook entries from ~/.claude/settings.json)')
77
+ .option('-g, --global', 'Remove global install (per-agent global sp-* skill dirs + Claude hooks/settings)')
78
+ .option('--agents <list>', 'Remove only these agent(s), keeping the rest (e.g. codex,cursor); shared files are kept while any remaining agent needs them')
79
+ .option('--dry-run', 'Show what would be removed without deleting anything')
70
80
  .action(async (path, opts) => {
71
81
  const { removeCommand } = await import('./commands/remove.js');
72
82
  await removeCommand(path || '.', opts);
@@ -16,7 +16,7 @@ export async function diffCommand(path) {
16
16
  process.exit(1);
17
17
  }
18
18
 
19
- const desired = await computeDesired(getAgents(manifest));
19
+ const desired = await computeDesired(getAgents(manifest), manifest.skills ? new Set(manifest.skills) : null);
20
20
  let hasDiffs = false;
21
21
 
22
22
  for (const [file, d] of desired) {