swe-workflow-skills 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (177) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +144 -0
  3. package/VERSION +1 -0
  4. package/bin/cli.mjs +44 -0
  5. package/catalog.json +225 -0
  6. package/commands/role.md +34 -0
  7. package/hooks/session-start.mjs +118 -0
  8. package/install.mjs +318 -0
  9. package/package.json +47 -0
  10. package/roles.json +194 -0
  11. package/scripts/resolve.mjs +296 -0
  12. package/skills/accessibility-design/SKILL.md +128 -0
  13. package/skills/accessibility-design/evals/evals.json +51 -0
  14. package/skills/accessibility-design/references/accessibility-patterns.md +321 -0
  15. package/skills/api-design/SKILL.md +144 -0
  16. package/skills/api-design/evals/evals.json +48 -0
  17. package/skills/api-design/references/rest-conventions.md +147 -0
  18. package/skills/api-design/templates/api-spec.md +156 -0
  19. package/skills/architecture-design/SKILL.md +86 -0
  20. package/skills/architecture-design/evals/evals.json +44 -0
  21. package/skills/architecture-design/references/clean-architecture.md +147 -0
  22. package/skills/architecture-design/references/component-principles.md +129 -0
  23. package/skills/architecture-design/references/principles.md +81 -0
  24. package/skills/architecture-design/references/solid-principles.md +106 -0
  25. package/skills/architecture-design/templates/adr.md +63 -0
  26. package/skills/architecture-documentation/SKILL.md +126 -0
  27. package/skills/architecture-documentation/evals/evals.json +44 -0
  28. package/skills/architecture-documentation/references/abstraction-levels.md +91 -0
  29. package/skills/architecture-documentation/references/diagram-tooling.md +141 -0
  30. package/skills/architecture-documentation/templates/architecture-doc.md +171 -0
  31. package/skills/bug-investigating/SKILL.md +133 -0
  32. package/skills/bug-investigating/evals/evals.json +56 -0
  33. package/skills/bug-investigating/references/common-bugs.md +62 -0
  34. package/skills/bug-investigating/references/debugging-patterns.md +94 -0
  35. package/skills/cicd-pipeline/SKILL.md +87 -0
  36. package/skills/cicd-pipeline/evals/evals.json +34 -0
  37. package/skills/cicd-pipeline/references/pipeline-patterns.md +206 -0
  38. package/skills/cicd-pipeline/templates/github-actions.md +206 -0
  39. package/skills/code-reviewing/SKILL.md +92 -0
  40. package/skills/code-reviewing/evals/evals.json +62 -0
  41. package/skills/code-reviewing/references/error-handling.md +108 -0
  42. package/skills/code-reviewing/references/review-checklist.md +144 -0
  43. package/skills/configuration-strategy/SKILL.md +109 -0
  44. package/skills/configuration-strategy/evals/evals.json +41 -0
  45. package/skills/configuration-strategy/references/config-patterns.md +161 -0
  46. package/skills/containerization/SKILL.md +90 -0
  47. package/skills/containerization/evals/evals.json +36 -0
  48. package/skills/containerization/references/dockerfile-patterns.md +168 -0
  49. package/skills/containerization/templates/dockerfile.md +154 -0
  50. package/skills/data-modeling/SKILL.md +83 -0
  51. package/skills/data-modeling/evals/evals.json +43 -0
  52. package/skills/data-modeling/references/conventions.md +57 -0
  53. package/skills/data-modeling/templates/schema.md +120 -0
  54. package/skills/dependency-impact-analysis/SKILL.md +113 -0
  55. package/skills/dependency-impact-analysis/evals/evals.json +41 -0
  56. package/skills/dependency-impact-analysis/references/impact-patterns.md +150 -0
  57. package/skills/dependency-management/SKILL.md +161 -0
  58. package/skills/dependency-management/evals/evals.json +48 -0
  59. package/skills/dependency-management/references/evaluation-checklist.md +127 -0
  60. package/skills/deployment-checklist/SKILL.md +132 -0
  61. package/skills/deployment-checklist/evals/evals.json +58 -0
  62. package/skills/deployment-checklist/references/pre-deploy-gates.md +91 -0
  63. package/skills/deployment-repo/SKILL.md +190 -0
  64. package/skills/deployment-repo/evals/evals.json +44 -0
  65. package/skills/deployment-repo/references/deployment-repo-patterns.md +258 -0
  66. package/skills/deployment-repo/references/version-compatibility.md +227 -0
  67. package/skills/deployment-repo/templates/deployment-repo-structure.md +226 -0
  68. package/skills/effort-estimation/SKILL.md +95 -0
  69. package/skills/effort-estimation/evals/evals.json +32 -0
  70. package/skills/effort-estimation/references/estimation-methods.md +154 -0
  71. package/skills/feature-planning/SKILL.md +84 -0
  72. package/skills/feature-planning/evals/evals.json +44 -0
  73. package/skills/feature-planning/templates/plan.md +55 -0
  74. package/skills/feature-planning/templates/task.md +26 -0
  75. package/skills/frontend-architecture/SKILL.md +154 -0
  76. package/skills/frontend-architecture/evals/evals.json +34 -0
  77. package/skills/frontend-architecture/references/component-patterns.md +264 -0
  78. package/skills/frontend-architecture/templates/folder-structure.md +203 -0
  79. package/skills/git-workflow/SKILL.md +127 -0
  80. package/skills/git-workflow/evals/evals.json +44 -0
  81. package/skills/git-workflow/references/conventions.md +142 -0
  82. package/skills/git-workflow/templates/pull-request.md +57 -0
  83. package/skills/gitops-delivery/SKILL.md +319 -0
  84. package/skills/gitops-delivery/evals/evals.json +44 -0
  85. package/skills/gitops-delivery/references/gitops-patterns.md +478 -0
  86. package/skills/gitops-delivery/templates/gitops-config.md +196 -0
  87. package/skills/incident-response/SKILL.md +130 -0
  88. package/skills/incident-response/evals/evals.json +55 -0
  89. package/skills/incident-response/references/communication-templates.md +134 -0
  90. package/skills/incident-response/references/severity-levels.md +77 -0
  91. package/skills/incident-response/templates/incident-timeline.md +57 -0
  92. package/skills/infrastructure-as-code/SKILL.md +86 -0
  93. package/skills/infrastructure-as-code/evals/evals.json +33 -0
  94. package/skills/infrastructure-as-code/references/iac-patterns.md +179 -0
  95. package/skills/infrastructure-as-code/templates/terraform-module.md +158 -0
  96. package/skills/metrics-and-okrs/SKILL.md +113 -0
  97. package/skills/metrics-and-okrs/evals/evals.json +33 -0
  98. package/skills/metrics-and-okrs/references/metric-catalog.md +90 -0
  99. package/skills/metrics-and-okrs/templates/okr-document.md +61 -0
  100. package/skills/ml-experiment-tracking/SKILL.md +96 -0
  101. package/skills/ml-experiment-tracking/evals/evals.json +32 -0
  102. package/skills/ml-experiment-tracking/references/tracking-tools.md +127 -0
  103. package/skills/ml-model-deployment/SKILL.md +106 -0
  104. package/skills/ml-model-deployment/evals/evals.json +34 -0
  105. package/skills/ml-model-deployment/references/serving-patterns.md +162 -0
  106. package/skills/ml-pipeline-design/SKILL.md +162 -0
  107. package/skills/ml-pipeline-design/evals/evals.json +34 -0
  108. package/skills/ml-pipeline-design/references/pipeline-components.md +174 -0
  109. package/skills/observability-design/SKILL.md +162 -0
  110. package/skills/observability-design/evals/evals.json +52 -0
  111. package/skills/observability-design/references/logging-patterns.md +229 -0
  112. package/skills/observability-design/references/slo-framework.md +151 -0
  113. package/skills/observability-design/templates/slo-document.md +80 -0
  114. package/skills/performance-optimization/SKILL.md +83 -0
  115. package/skills/performance-optimization/evals/evals.json +47 -0
  116. package/skills/performance-optimization/references/bottleneck-patterns.md +256 -0
  117. package/skills/performance-optimization/references/concurrency.md +101 -0
  118. package/skills/prd-writing/SKILL.md +109 -0
  119. package/skills/prd-writing/evals/evals.json +33 -0
  120. package/skills/prd-writing/references/prd-examples.md +132 -0
  121. package/skills/prd-writing/templates/prd.md +71 -0
  122. package/skills/prd-writing/templates/rfc.md +79 -0
  123. package/skills/project-documentation/SKILL.md +104 -0
  124. package/skills/project-documentation/evals/evals.json +48 -0
  125. package/skills/project-documentation/references/contributing-guide.md +100 -0
  126. package/skills/project-documentation/templates/changelog.md +59 -0
  127. package/skills/project-documentation/templates/readme.md +121 -0
  128. package/skills/project-proposal/SKILL.md +90 -0
  129. package/skills/project-proposal/evals/evals.json +31 -0
  130. package/skills/project-proposal/references/proposal-examples.md +140 -0
  131. package/skills/project-proposal/templates/proposal.md +76 -0
  132. package/skills/project-review/SKILL.md +111 -0
  133. package/skills/project-review/evals/evals.json +42 -0
  134. package/skills/refactoring/SKILL.md +90 -0
  135. package/skills/refactoring/evals/evals.json +44 -0
  136. package/skills/refactoring/references/transformations.md +132 -0
  137. package/skills/retrospective/SKILL.md +157 -0
  138. package/skills/retrospective/evals/evals.json +34 -0
  139. package/skills/retrospective/references/facilitation-guide.md +130 -0
  140. package/skills/retrospective/templates/post-mortem.md +121 -0
  141. package/skills/rollback-strategy/SKILL.md +116 -0
  142. package/skills/rollback-strategy/evals/evals.json +55 -0
  143. package/skills/rollback-strategy/references/rollback-patterns.md +125 -0
  144. package/skills/rollback-strategy/templates/rollback-plan.md +69 -0
  145. package/skills/security-audit/SKILL.md +146 -0
  146. package/skills/security-audit/evals/evals.json +66 -0
  147. package/skills/security-audit/references/owasp-top-10.md +167 -0
  148. package/skills/security-audit/templates/security-report.md +79 -0
  149. package/skills/skill-router/SKILL.md +171 -0
  150. package/skills/skill-router/evals/evals.json +39 -0
  151. package/skills/strategic-review/SKILL.md +106 -0
  152. package/skills/strategic-review/evals/evals.json +42 -0
  153. package/skills/strategic-review/templates/full-review-prompt.md +84 -0
  154. package/skills/tdd-workflow/SKILL.md +147 -0
  155. package/skills/tdd-workflow/evals/evals.json +58 -0
  156. package/skills/tdd-workflow/references/test-quality.md +71 -0
  157. package/skills/technical-debt-review/SKILL.md +113 -0
  158. package/skills/technical-debt-review/evals/evals.json +41 -0
  159. package/skills/technical-debt-review/references/debt-taxonomy.md +124 -0
  160. package/skills/technical-debt-review/templates/debt-audit.md +85 -0
  161. package/skills/test-data-strategy/SKILL.md +129 -0
  162. package/skills/test-data-strategy/evals/evals.json +49 -0
  163. package/skills/test-data-strategy/references/data-generation-patterns.md +341 -0
  164. package/skills/test-suite-design/SKILL.md +137 -0
  165. package/skills/test-suite-design/evals/evals.json +69 -0
  166. package/skills/test-suite-design/references/test-infrastructure.md +175 -0
  167. package/skills/test-suite-design/references/testing-pyramid.md +140 -0
  168. package/skills/ui-ux-design/SKILL.md +117 -0
  169. package/skills/ui-ux-design/evals/evals.json +35 -0
  170. package/skills/ui-ux-design/references/interaction-patterns.md +145 -0
  171. package/skills/ui-ux-design/templates/screen-spec.md +97 -0
  172. package/skills/verification-before-completion/SKILL.md +85 -0
  173. package/skills/verification-before-completion/evals/evals.json +53 -0
  174. package/skills/writing-skills/SKILL.md +87 -0
  175. package/skills/writing-skills/evals/evals.json +41 -0
  176. package/skills/writing-skills/references/pressure-testing.md +69 -0
  177. package/uninstall.mjs +182 -0
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 SWEStash
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md ADDED
@@ -0,0 +1,144 @@
1
+ # SWE Workflow Skills for Claude Code
2
+
3
+ [![roles-check](https://github.com/SWEStash/swe-workflow-skills/actions/workflows/roles-check.yml/badge.svg)](https://github.com/SWEStash/swe-workflow-skills/actions/workflows/roles-check.yml)
4
+ ![skills](https://img.shields.io/badge/skills-44-blue)
5
+ [![license](https://img.shields.io/github/license/SWEStash/swe-workflow-skills)](LICENSE)
6
+
7
+ A curated library of **44 Claude Code Agent Skills** that walk Claude through the
8
+ software lifecycle the way a disciplined senior engineer would — planning, design,
9
+ TDD, review, security, deployment, incidents, and the project-management work around
10
+ them.
11
+
12
+ Each skill encodes a *method* (DRY, YAGNI, KISS, clean architecture, evidence-before-done),
13
+ not just a task. They compose into end-to-end workflows and are kept honest by an
14
+ LLM-as-judge eval harness.
15
+
16
+ ![skill-router routing a live session](docs/demo/routing.gif)
17
+
18
+ ## Why this library
19
+
20
+ - **An orchestrator, not a pile of skills.** A `skill-router` skill maps your intent to
21
+ the right skill(s) and chains them across phases. Activation is *routed and
22
+ deterministic*, not left to fuzzy auto-triggering.
23
+ - **Scales past Claude's skill-listing budget.** Claude Code only injects skill
24
+ descriptions up to ~1% of context, so large libraries silently stop triggering past
25
+ ~20–40 skills. This library keeps only the router + safety skills "loud" and lists the
26
+ rest **name-only** — so the router can invoke all 44 by name, with no cropping and
27
+ without making you pre-pick a subset ([how it works](docs/ROLES.md)).
28
+ - **Role-scoped.** `/role backend` (or `frontend`, `devops`, `ml`, `security`,
29
+ `architect`, `em`, `pm`, `qa`, `designer`) promotes a working set to auto-trigger; the
30
+ rest stay one route away.
31
+ - **Cross-platform install.** The installer and SessionStart hook are **pure Node** — the
32
+ one runtime Claude Code already requires — so they run identically on Linux, macOS, and
33
+ Windows (no bash, Python, or `sed`).
34
+ - **Tested.** Every skill ships 3 evals; safety/discipline skills add pressure tests.
35
+
36
+ ## Quick Start
37
+
38
+ **Most people — install the per-role plugin for your hat** (works on CLI, Claude Code
39
+ web, claude.ai chat, and Cowork):
40
+
41
+ ```text
42
+ /plugin marketplace add SWEStash/swe-workflow-skills
43
+ /plugin install swe-workflow-pm@swe-workflow
44
+ ```
45
+
46
+ **Want the whole library with the orchestrator** (CLI) — no clone needed:
47
+
48
+ ```bash
49
+ npx swe-workflow-skills install --global # all 44 skills + router + /role + the SessionStart hook
50
+ ```
51
+
52
+ Or from a clone: `node install.mjs --global`.
53
+
54
+ > **Prerequisite:** Node.js ≥ 18 (already present wherever Claude Code runs).
55
+
56
+ ## Installation
57
+
58
+ Two supported paths, chosen by what your environment can run:
59
+
60
+ | Path | What you get | Works on |
61
+ |------|--------------|----------|
62
+ | **Per-role plugin** (above) | your role's crop-safe subset, auto-triggering | CLI · Code web · claude.ai chat · Cowork |
63
+ | **`npx swe-workflow-skills`** | the full library + orchestrator + `/role` + hook | CLI · Cowork |
64
+
65
+ ```bash
66
+ npx swe-workflow-skills install # all skills -> ./.claude/ (project-local)
67
+ npx swe-workflow-skills install --global # -> user config dir ($CLAUDE_CONFIG_DIR or ~/.claude)
68
+ npx swe-workflow-skills install --role pm # a lean hard subset (just the PM skills)
69
+ npx swe-workflow-skills install --no-hook # skip the SessionStart hook (baseline still applied)
70
+ npx swe-workflow-skills uninstall --dry-run # preview removal; --global/--dir mirror install
71
+ ```
72
+
73
+ From a clone, the same commands are `node install.mjs …` / `node uninstall.mjs …`.
74
+
75
+ The installer never edits `settings.json` — it prints the SessionStart hook snippet for
76
+ you to merge. Re-running is idempotent. See **[INSTALL-MATRIX.md](docs/INSTALL-MATRIX.md)**
77
+ for every method × surface, and **[ROLES.md](docs/ROLES.md)** for the activation model.
78
+
79
+ ## Usage
80
+
81
+ On any non-trivial task, Claude consults **`skill-router`** first; it reads the full
82
+ catalog and invokes the matching skill(s) by name, re-routing as the work changes phase.
83
+ The default SessionStart hook nudges Claude to do this automatically; you can also route
84
+ explicitly ("use the security-audit skill") or switch the promoted set with `/role`.
85
+
86
+ **A routed chain, by phase** — e.g. *"add OAuth login"*:
87
+
88
+ ```
89
+ feature-planning → scope tasks, acceptance criteria, risks
90
+ architecture-design → ADR: session vs token, where auth lives
91
+ data-modeling → user/session schema + migration
92
+ tdd-workflow → red-green-refactor the implementation
93
+ security-audit → authn/authz, token handling, OWASP pass
94
+ code-reviewing → DRY/KISS/SRP + conventions
95
+ deployment-checklist → pre-deploy safety + rollback readiness
96
+ ```
97
+
98
+ The router invokes each skill as you reach its phase rather than all at once. A single
99
+ request often fans out to several skills — *"review this for accessibility and UX"* pulls
100
+ in both `accessibility-design` and `ui-ux-design`. See a full session play out in
101
+ **[what routing looks like](docs/ROLES.md#what-routing-looks-like-in-a-session)**; the
102
+ pre-built chains (new feature · bug/incident · continuous improvement · pre-public
103
+ review) live in the `skill-router` skill and **[ROLES.md](docs/ROLES.md)**.
104
+
105
+ ## What's included
106
+
107
+ 44 skills — **[full catalog → SKILLS.md](docs/SKILLS.md)**:
108
+
109
+ | Area | Count | Examples |
110
+ |------|-------|----------|
111
+ | Software Engineering | 23 | feature-planning, architecture-design, tdd-workflow, code-reviewing, security-audit, refactoring, incident-response |
112
+ | Project Management | 6 | prd-writing, effort-estimation, metrics-and-okrs, retrospective, strategic-review |
113
+ | DevOps | 5 | containerization, cicd-pipeline, infrastructure-as-code, gitops-delivery |
114
+ | Design | 3 | ui-ux-design, frontend-architecture, accessibility-design |
115
+ | MLOps | 3 | ml-pipeline-design, ml-experiment-tracking, ml-model-deployment |
116
+ | Evaluation & Monitoring | 2 | observability-design, test-data-strategy |
117
+ | Meta | 2 | skill-router, writing-skills |
118
+
119
+ ## Documentation
120
+
121
+ - **[ROLES.md](docs/ROLES.md)** — the activation model (name-only baseline, roles, the orchestrator) and the CLI vs web/plugin paths.
122
+ - **[INSTALL-MATRIX.md](docs/INSTALL-MATRIX.md)** — every install method × surface, side by side.
123
+ - **[SKILLS.md](docs/SKILLS.md)** — the full skill catalog by area.
124
+ - **[EVALS.md](docs/EVALS.md)** — how the skills are tested (RED/GREEN, pressure tests, CI gate).
125
+ - **[AUTHORING.md](docs/AUTHORING.md)** — write or modify a skill (descriptions, budget, progressive disclosure, evals).
126
+ - **[RELEASING.md](docs/RELEASING.md)** — versioning policy and how to cut a release. Changes are tracked in **[CHANGELOG.md](CHANGELOG.md)**.
127
+
128
+ ## Evaluation
129
+
130
+ Each skill carries an `evals/` directory; safety/discipline skills add a `pressure_tests`
131
+ block. Two runners replay scenarios through Claude (skill loaded = GREEN, absent = RED)
132
+ and judge each assertion with a skeptical LLM-as-judge: `evals/workflow-runner.mjs`
133
+ (in-session, no API key) and `evals/run.py` (CI regression gate, wired into
134
+ `.github/workflows/skill-evals.yml`). Full guide in **[EVALS.md](docs/EVALS.md)**.
135
+
136
+ ## Contributing
137
+
138
+ New or improved skills are welcome — start with **[AUTHORING.md](docs/AUTHORING.md)** (or
139
+ install the `writing-skills` skill). The short version: descriptions are everything, keep
140
+ SKILL.md concise with detail in `references/`, and ship exactly 3 evals.
141
+
142
+ ## License
143
+
144
+ MIT — see [LICENSE](LICENSE).
package/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.0
package/bin/cli.mjs ADDED
@@ -0,0 +1,44 @@
1
+ #!/usr/bin/env node
2
+ // swe-workflow-skills — npm CLI entry point. Dispatches subcommands to the
3
+ // installer/uninstaller so `npx swe-workflow-skills install` reads naturally.
4
+ // Runs on Linux, macOS, and Windows (the one runtime Claude Code already requires).
5
+ //
6
+ // npx swe-workflow-skills install [--global|--dir DIR|--role R|--no-hook|...]
7
+ // npx swe-workflow-skills uninstall [--global|--dir DIR|--dry-run|--yes]
8
+
9
+ import { spawnSync } from "node:child_process";
10
+ import { dirname, join } from "node:path";
11
+ import { fileURLToPath } from "node:url";
12
+ import { readFileSync } from "node:fs";
13
+
14
+ const ROOT = join(dirname(fileURLToPath(import.meta.url)), "..");
15
+ const [sub, ...rest] = process.argv.slice(2);
16
+
17
+ const HELP = `swe-workflow-skills <command> [options]
18
+
19
+ Commands:
20
+ install Install skills into a Claude config dir (passes flags to install.mjs)
21
+ uninstall Remove the library (passes flags to uninstall.mjs)
22
+
23
+ Examples:
24
+ npx swe-workflow-skills install --global
25
+ npx swe-workflow-skills install --role pm
26
+ npx swe-workflow-skills uninstall --global --dry-run
27
+
28
+ Run a command with --help to see its full option list.`;
29
+
30
+ if (sub === "install" || sub === "uninstall") {
31
+ const script = join(ROOT, sub === "install" ? "install.mjs" : "uninstall.mjs");
32
+ // stdio inherited so install output and uninstall's confirm prompt pass through.
33
+ const res = spawnSync(process.execPath, [script, ...rest], { stdio: "inherit" });
34
+ process.exit(res.status ?? 1);
35
+ } else if (sub === "-v" || sub === "--version" || sub === "version") {
36
+ process.stdout.write(readFileSync(join(ROOT, "VERSION"), "utf-8"));
37
+ process.exit(0);
38
+ } else if (!sub || sub === "-h" || sub === "--help" || sub === "help") {
39
+ process.stdout.write(HELP + "\n");
40
+ process.exit(sub ? 0 : 1); // bare invocation is a usage error; explicit help is success
41
+ } else {
42
+ process.stderr.write(`Unknown command: ${sub}\n\n${HELP}\n`);
43
+ process.exit(1);
44
+ }
package/catalog.json ADDED
@@ -0,0 +1,225 @@
1
+ {
2
+ "version": 1,
3
+ "skills": [
4
+ {
5
+ "name": "accessibility-design",
6
+ "description": "Design and implement accessible web/mobile apps to WCAG 2.1/2.2 — semantic HTML, ARIA patterns, keyboard navigation, focus management, color contrast, screen readers, accessible forms. Triggers: accessibility, a11y, WCAG, screen reader, keyboard navigation, ARIA, focus management, color contrast, alt text, semantic HTML, tab order, focus trap, skip link, announce. Build it in, don't bolt it on.",
7
+ "path": "accessibility-design/SKILL.md"
8
+ },
9
+ {
10
+ "name": "api-design",
11
+ "description": "Design RESTful and GraphQL APIs — endpoint naming, request/response contracts, error handling, pagination, versioning, auth patterns, OpenAPI specs. Triggers: design the API, API contract, REST API, GraphQL schema, error response format, pagination, API versioning, OpenAPI, swagger, endpoints. Use architecture-design for REST-vs-GraphQL or monolith-vs-microservices decisions.",
12
+ "path": "api-design/SKILL.md"
13
+ },
14
+ {
15
+ "name": "architecture-design",
16
+ "description": "Guide architectural and structural decisions using Architecture Decision Records (ADRs) — new services, pattern choices, database selection, component boundaries, state management, costly-to-reverse decisions. Triggers: how should I architect, which pattern, design decision, should I use X or Y, system design, ADR, component design, architectural trade-off.",
17
+ "path": "architecture-design/SKILL.md"
18
+ },
19
+ {
20
+ "name": "architecture-documentation",
21
+ "description": "Design and maintain architecture documentation with multi-level diagrams (C4) and docs-as-code. Triggers: architecture diagram, document the architecture, C4 diagram, system context, container diagram, component diagram, architecture docs, docs-as-code, PlantUML, Structurizr, D2, Mermaid architecture, infrastructure diagram, runtime flow. Use architecture-design for ADRs.",
22
+ "path": "architecture-documentation/SKILL.md"
23
+ },
24
+ {
25
+ "name": "bug-investigating",
26
+ "description": "Systematic debugging and root cause analysis using structured methodology — reproduce, isolate, hypothesize, verify. Triggers: this doesn't work, I'm getting an error, something is broken, bug, debug this, why is this happening, unexpected behavior, regression, root cause, stack trace, error message.",
27
+ "path": "bug-investigating/SKILL.md"
28
+ },
29
+ {
30
+ "name": "cicd-pipeline",
31
+ "description": "Design CI/CD pipelines for automated build, test, deploy — GitHub Actions, GitLab CI, quality gates. Triggers: CI/CD, pipeline, GitHub Actions, GitLab CI, workflow, automated deployment, build pipeline, continuous integration, continuous deployment, automate tests on PR, deploy automatically, quality gate.",
32
+ "path": "cicd-pipeline/SKILL.md"
33
+ },
34
+ {
35
+ "name": "code-reviewing",
36
+ "description": "Structured code reviews enforcing DRY, KISS, YAGNI, SRP, best practices, and project conventions. Triggers: review this code, code review, check my code, what do you think of this implementation, review this PR, is this code good, feedback on my code, review staged changes before commit.",
37
+ "path": "code-reviewing/SKILL.md"
38
+ },
39
+ {
40
+ "name": "configuration-strategy",
41
+ "description": "Design environment configuration, secrets management, and feature-flag hierarchy for a service or feature. Triggers: config strategy, environment variables, .env, secrets management, feature flag, config hierarchy, config precedence, twelve-factor config, environment-specific settings.",
42
+ "path": "configuration-strategy/SKILL.md"
43
+ },
44
+ {
45
+ "name": "containerization",
46
+ "description": "Write production-grade Dockerfiles, docker-compose, and Kubernetes manifests following security and reliability best practices. Triggers: Dockerfile, docker-compose, containerize, Docker image, Kubernetes, k8s manifest, container, pod, deployment yaml, multi-stage build, docker build, image size, container security.",
47
+ "path": "containerization/SKILL.md"
48
+ },
49
+ {
50
+ "name": "data-modeling",
51
+ "description": "Design database schemas, relationships, indexes, and migration strategies — relational and document stores. Triggers: data model, schema design, ER diagram, database schema, table design, foreign key, index strategy, normalization, denormalization, migration plan, document model, partition key.",
52
+ "path": "data-modeling/SKILL.md"
53
+ },
54
+ {
55
+ "name": "dependency-impact-analysis",
56
+ "description": "Map the blast radius of a change before implementing — find dependents, classify breaking vs additive, identify coordination needs, produce a propagation plan. Triggers: what will break if I change this, blast radius, impact analysis, breaking change, who depends on this, downstream impact, safe to rename, shared schema change, dependency graph.",
57
+ "path": "dependency-impact-analysis/SKILL.md"
58
+ },
59
+ {
60
+ "name": "dependency-management",
61
+ "description": "Evaluate, audit, and upgrade project dependencies — assess libraries before adoption, audit CVEs, plan major upgrades, resolve conflicts. Triggers: should I use this library, npm audit, upgrade dependencies, dependency vulnerability, outdated packages, evaluate this package, is this library maintained, dependency conflict, lock file, breaking changes in upgrade.",
62
+ "path": "dependency-management/SKILL.md"
63
+ },
64
+ {
65
+ "name": "deployment-checklist",
66
+ "description": "Pre-deploy verification and release safety checks — config, migrations, monitoring, rollback readiness, comms. Triggers: deployment checklist, ready to deploy, pre-deploy, release checklist, go-live, ship checklist, deploy safety, is this safe to ship, release readiness.",
67
+ "path": "deployment-checklist/SKILL.md"
68
+ },
69
+ {
70
+ "name": "deployment-repo",
71
+ "description": "Design a deployment (GitOps) repo that orchestrates multiple services in a polyrepo — version pinning, environment promotion, compatibility matrices, system config. Triggers: deployment repo, GitOps repo, polyrepo, multi-repo, version pinning, compatibility matrix, environment promotion, multi-service deployment, orchestration repo, which versions work together.",
72
+ "path": "deployment-repo/SKILL.md"
73
+ },
74
+ {
75
+ "name": "effort-estimation",
76
+ "description": "Estimate engineering effort with agile techniques — story points, t-shirt sizing, three-point estimation, capacity planning. Triggers: estimate this, how long will this take, story points, t-shirt sizing, effort estimation, capacity planning, sprint planning, budget estimate, forecast, velocity, when will this be done.",
77
+ "path": "effort-estimation/SKILL.md"
78
+ },
79
+ {
80
+ "name": "feature-planning",
81
+ "description": "Break features into well-scoped tasks with acceptance criteria, risk assessment, and dependency mapping. Triggers: plan this, break this down, scope this feature, create tasks for, sprint planning, how should I implement this feature, user stories, acceptance criteria, dependency mapping, feature breakdown.",
82
+ "path": "feature-planning/SKILL.md"
83
+ },
84
+ {
85
+ "name": "frontend-architecture",
86
+ "description": "Design frontend architecture — React component hierarchy, state management, design tokens, data fetching, routing, error boundaries, code organization. Triggers: component architecture, state management, design system, design tokens, component library, React structure, folder structure, Zustand vs Redux, React Query, code splitting, error boundary, compound component.",
87
+ "path": "frontend-architecture/SKILL.md"
88
+ },
89
+ {
90
+ "name": "git-workflow",
91
+ "description": "Write commit messages, PR descriptions, and manage branching strategy following conventional commits. Triggers: write a commit message, commit this, PR description, pull request, branching strategy, git workflow, squash commits, rebase, conventional commits, how should I commit this, review staged changes.",
92
+ "path": "git-workflow/SKILL.md"
93
+ },
94
+ {
95
+ "name": "gitops-delivery",
96
+ "description": "Design GitOps continuous delivery with ArgoCD or Flux — declarative reconciliation, cross-repo CI/CD triggers, drift detection, progressive delivery. Triggers: ArgoCD, Flux, FluxCD, GitOps, git-based deployment, declarative delivery, auto-sync, drift detection, cross-repo trigger, reconciliation loop, pull-based deployment, canary GitOps.",
97
+ "path": "gitops-delivery/SKILL.md"
98
+ },
99
+ {
100
+ "name": "incident-response",
101
+ "description": "Structured production incident workflow — triage, mitigation, investigation, recovery, comms. Triggers: production is down, site is down, incident, outage, users seeing errors, on-call, alert fired, p0, p1, sev1, sev2, broken in prod, rollback, emergency deploy. For active incidents under time pressure.",
102
+ "path": "incident-response/SKILL.md"
103
+ },
104
+ {
105
+ "name": "infrastructure-as-code",
106
+ "description": "Write and review IaC with Terraform, CloudFormation, Pulumi, or CDK — modularity, security, state management. Triggers: Terraform, CloudFormation, Pulumi, infrastructure as code, IaC, provision, cloud resources, terraform module, state management, terraform plan, CDK, drift, remote state.",
107
+ "path": "infrastructure-as-code/SKILL.md"
108
+ },
109
+ {
110
+ "name": "metrics-and-okrs",
111
+ "description": "Define OKRs, KPIs, success metrics, and engineering health metrics (DORA). Triggers: OKR, KPI, metrics, success metrics, key results, objectives, measure success, DORA metrics, engineering metrics, velocity, cycle time, deployment frequency, how do we measure, what should we track.",
112
+ "path": "metrics-and-okrs/SKILL.md"
113
+ },
114
+ {
115
+ "name": "ml-experiment-tracking",
116
+ "description": "Design reproducible ML experiments — tracking, versioning, run comparison with MLflow, W&B, or DVC. Triggers: experiment tracking, MLflow, wandb, weights and biases, DVC, track experiments, compare models, hyperparameter, reproducibility, model registry, which model is better, experiment results, log metrics.",
117
+ "path": "ml-experiment-tracking/SKILL.md"
118
+ },
119
+ {
120
+ "name": "ml-model-deployment",
121
+ "description": "Deploy ML models to production — serving infrastructure, monitoring, drift detection, safe rollouts. Triggers: deploy model, serve model, model API, model monitoring, data drift, concept drift, model degradation, A/B test model, canary model, inference endpoint, prediction API, retrain trigger.",
122
+ "path": "ml-model-deployment/SKILL.md"
123
+ },
124
+ {
125
+ "name": "ml-pipeline-design",
126
+ "description": "Design reproducible ML training and data pipelines — ingestion, validation, feature engineering, training, evaluation, continuous training orchestration. Triggers: training pipeline, data pipeline, feature engineering, ETL for ML, continuous training, data validation, feature store, preprocessing, notebook to pipeline, orchestrate training, Airflow, Kubeflow, pipeline DAG.",
127
+ "path": "ml-pipeline-design/SKILL.md"
128
+ },
129
+ {
130
+ "name": "observability-design",
131
+ "description": "Design production observability — SLIs, SLOs, SLAs, error budgets, OpenTelemetry traces/metrics/logs, structured logging, alerting, dashboards. Triggers: SLO, SLI, SLA, error budget, observability, monitoring, OpenTelemetry, OTel, tracing, distributed tracing, structured logging, alerting, dashboard, metrics, correlation ID, alert fatigue.",
132
+ "path": "observability-design/SKILL.md"
133
+ },
134
+ {
135
+ "name": "performance-optimization",
136
+ "description": "Identify and resolve performance bottlenecks via static analysis — N+1 queries, algorithmic complexity, query optimization, caching, memory leaks, bundle size, connection management. Triggers: this is slow, optimize, performance, N+1, query optimization, caching, bundle size, memory leak, latency, response time, scale, bottleneck.",
137
+ "path": "performance-optimization/SKILL.md"
138
+ },
139
+ {
140
+ "name": "prd-writing",
141
+ "description": "Write lightweight agile PRDs and technical RFCs that align stakeholders before implementation. Triggers: PRD, product requirements, RFC, request for comments, technical design doc, design document, tech spec, write requirements, what are we building, spec this out. Produces the WHAT and WHY — feature-planning handles HOW.",
142
+ "path": "prd-writing/SKILL.md"
143
+ },
144
+ {
145
+ "name": "project-documentation",
146
+ "description": "Write and maintain project docs — README, contributing guides, API docs, changelogs, inline docs. Triggers: write a README, document this project, create documentation, contributing guide, changelog, API docs, how do I document, this needs docs, onboarding docs, JSDoc, docstrings.",
147
+ "path": "project-documentation/SKILL.md"
148
+ },
149
+ {
150
+ "name": "project-proposal",
151
+ "description": "Write lightweight project proposals for budget approval and go/no-go decisions — problem, business case, scope, rough estimates, risks, success criteria. Triggers: project proposal, project brief, business case, budget estimate, should we build this, go/no-go, risk assessment, cost-benefit, ROI, justify this project, stakeholder approval.",
152
+ "path": "project-proposal/SKILL.md"
153
+ },
154
+ {
155
+ "name": "project-review",
156
+ "description": "Review a built project's execution health before a milestone — scope alignment, roadmap / execution-plan adherence, implementation maturity (what's production-ready vs stub/deferred), and the evidence it actually works (tests, coverage, validation results, changelog). Triggers: project review, execution review, are we on track, implementation vs roadmap, scope drift, readiness review, what's actually built, validation results review, pre-launch review. Use strategic-review for vision/positioning/market; technical-debt-review for a pure code-health audit.",
157
+ "path": "project-review/SKILL.md"
158
+ },
159
+ {
160
+ "name": "refactoring",
161
+ "description": "Systematic code improvement via design principles, smell detection, and safe transformation patterns. Triggers: refactor this, clean this up, simplify this code, reduce complexity, extract this, this code is messy, tech debt, improve this code, code smell, rename, extract function, dead code.",
162
+ "path": "refactoring/SKILL.md"
163
+ },
164
+ {
165
+ "name": "retrospective",
166
+ "description": "Facilitate sprint retros, project post-mortems, and incident post-mortems with actionable, owned improvements. Triggers: retrospective, retro, post-mortem, postmortem, lessons learned, what went wrong, what went well, incident review, blameless, action items, sprint review, after action review.",
167
+ "path": "retrospective/SKILL.md"
168
+ },
169
+ {
170
+ "name": "rollback-strategy",
171
+ "description": "Design safe rollback plans before deploying — identify irreversible changes, classify rollback complexity, create tested undo procedures. Triggers: rollback plan, rollback strategy, how do I undo this, can we revert, what if the deploy fails, safe to deploy, feature flag rollout, blue-green, database migration rollback, irreversible change.",
172
+ "path": "rollback-strategy/SKILL.md"
173
+ },
174
+ {
175
+ "name": "security-audit",
176
+ "description": "Comprehensive security analysis — OWASP Top 10, auth/authz flows, injection vulnerabilities, data exposure, secrets detection, dependency CVEs, hardening recommendations. Triggers: security audit, vulnerability, is this secure, security review, pentest prep, OWASP, harden this, check for vulnerabilities, injection, XSS, CSRF, auth security.",
177
+ "path": "security-audit/SKILL.md"
178
+ },
179
+ {
180
+ "name": "skill-router",
181
+ "description": "Orchestrator and entry point for the swe-workflow skills library — consult FIRST when starting any non-trivial software task; most skills load name-only and only activate when invoked here. Triggers: starting a feature, planning, an architecture or design decision, implementing, debugging, reviewing, refactoring, testing, security, deployment, an incident, shipping, or unsure which skill fits. Routes intent to the right skill(s) and invokes them by name; shows the Golden Path chains.",
182
+ "path": "skill-router/SKILL.md"
183
+ },
184
+ {
185
+ "name": "strategic-review",
186
+ "description": "Review a project's strategic position before going public, launching, or raising — vision, mission, value proposition, scope positioning, the defensible wedge, and a live competitive / market comparative analysis. Triggers: strategic review, positioning, go public, go-to-market, market analysis, competitive landscape, value proposition, is there a moat, who are our competitors, platform absorption risk, market positioning, comparable products. Use project-review for execution/roadmap/implementation health; delegates deep market scans to deep-research.",
187
+ "path": "strategic-review/SKILL.md"
188
+ },
189
+ {
190
+ "name": "tdd-workflow",
191
+ "description": "Guide test-driven development with red-green-refactor. Triggers: use tdd, test first, write the tests, red green refactor, test-driven, what should I test, write tests before code, failing test, implement using TDD. For NEW code via test-first — use test-suite-design for adding tests to existing code.",
192
+ "path": "tdd-workflow/SKILL.md"
193
+ },
194
+ {
195
+ "name": "technical-debt-review",
196
+ "description": "Strategic codebase health assessment — identify hotspots, categorize debt, produce remediation roadmap. Triggers: technical debt, tech debt, debt review, codebase health, hotspots, debt assessment, remediation plan, what should we fix first, debt roadmap, code rot, legacy code audit.",
197
+ "path": "technical-debt-review/SKILL.md"
198
+ },
199
+ {
200
+ "name": "test-data-strategy",
201
+ "description": "Design and generate test data — factories, synthetic data, property-based testing, boundary analysis, contract testing, load scenarios, GDPR-safe data. Triggers: test data, synthetic data, fake data, factory, seed data, fixtures, property-based testing, fuzz testing, boundary values, contract testing, Pact, load test data, anonymize, GDPR test data.",
202
+ "path": "test-data-strategy/SKILL.md"
203
+ },
204
+ {
205
+ "name": "test-suite-design",
206
+ "description": "Design comprehensive test suites for existing code — strategy across unit/integration/e2e, fixtures, factories, helpers. Triggers: add tests, write tests for, increase coverage, test this module, testing strategy, test plan, what tests do I need, test infrastructure, test helpers, this has no tests. Not for TDD — use tdd-workflow.",
207
+ "path": "test-suite-design/SKILL.md"
208
+ },
209
+ {
210
+ "name": "ui-ux-design",
211
+ "description": "Design user experiences from an engineer's perspective — user flows, wireframes, interaction patterns, responsive strategy, navigation, loading/error/empty states. Triggers: design the UI, user flow, wireframe, how should this screen look, loading state, error state, empty state, responsive design, navigation, page layout, form design, mockup.",
212
+ "path": "ui-ux-design/SKILL.md"
213
+ },
214
+ {
215
+ "name": "verification-before-completion",
216
+ "description": "Evidence gate before claiming work is done, passing, fixed, or deployed. Use before saying 'done', 'it works', or 'tests pass', or before committing, pushing, or opening a PR. Triggers: is it done, did it work, tests pass, verify, ready to commit, before I push, confirm the fix. Run the proving command fresh and read its output first.",
217
+ "path": "verification-before-completion/SKILL.md"
218
+ },
219
+ {
220
+ "name": "writing-skills",
221
+ "description": "Use when authoring, editing, or reviewing a skill in this library — a new SKILL.md, one that under-triggers, or hardening an existing one. Covers description and listing-budget rules, frontmatter, progressive disclosure, the 3-eval rule, and pressure-testing against rationalizations. Triggers: write a skill, new skill, edit a skill, skill isn't triggering.",
222
+ "path": "writing-skills/SKILL.md"
223
+ }
224
+ ]
225
+ }
@@ -0,0 +1,34 @@
1
+ ---
2
+ name: role
3
+ description: "Switch the active swe-workflow role: promote that role's skills to auto-trigger (on) and send the rest to name-only. Usage: /role <name> to set, /role to show current + list, /role all (or none) to reset to baseline."
4
+ argument-hint: [role]
5
+ allowed-tools: Bash
6
+ disable-model-invocation: true
7
+ ---
8
+
9
+ The user is managing the active swe-workflow skill role. The requested role argument is: `$ARGUMENTS`
10
+
11
+ Run this script exactly once via Bash, then report the result to the user concisely (the new active role, and that the change hot-reloads so it applies to the next prompt):
12
+
13
+ ```bash
14
+ ROLE="$ARGUMENTS"
15
+ RESOLVE="@@RESOLVE@@"; SKILLS="@@SKILLS@@"; SETTINGS="@@SETTINGS@@"
16
+ ROLES="@@ROLES@@"; ACTIVE="@@ACTIVE_ROLE@@"
17
+ export ROLES_JSON="$ROLES"
18
+ if [ -z "$ROLE" ]; then
19
+ echo "Active role: $(cat "$ACTIVE" 2>/dev/null || echo 'baseline (none)')"
20
+ echo "Available roles:"; node "$RESOLVE" roles
21
+ elif [ "$ROLE" = "all" ] || [ "$ROLE" = "none" ]; then
22
+ node "$RESOLVE" apply "$SETTINGS" "$SKILLS" none && rm -f "$ACTIVE"
23
+ echo "Reset to baseline — only the pinned skills auto-trigger now."
24
+ elif node "$RESOLVE" label "$ROLE" >/dev/null 2>&1; then
25
+ node "$RESOLVE" apply "$SETTINGS" "$SKILLS" "$ROLE" && printf '%s\n' "$ROLE" > "$ACTIVE"
26
+ echo "Active role set to '$ROLE' — its skills now auto-trigger."
27
+ else
28
+ echo "Unknown role '$ROLE'. Available roles:"; node "$RESOLVE" roles
29
+ fi
30
+ ```
31
+
32
+ Notes:
33
+ - `skillOverrides` and the skill listing hot-reload when `settings.local.json` changes, so the new auto-trigger set takes effect on the next prompt without a restart.
34
+ - This command is for the full (all-skills) CLI install. Hard-subset (`--role`) installs and the per-role marketplace plugins don't need it.
@@ -0,0 +1,118 @@
1
+ #!/usr/bin/env node
2
+ // swe-workflow-skills — SessionStart hook (the activation baseline writer).
3
+ //
4
+ // The library uses a "name-only baseline": all skills are installed, but only a
5
+ // pinned critical set (the skill-router orchestrator + safety skills) keeps its
6
+ // description in context and auto-triggers. Everything else is listed name-only
7
+ // (invocable, but not auto-triggered) so the listing never overflows the budget.
8
+ //
9
+ // On every session boundary (startup|resume|clear|compact) this hook:
10
+ // 1. writes that baseline into <claude>/settings.local.json via resolve.mjs
11
+ // (promoting the active role's skills to "on" if a role is set), and
12
+ // 2. emits reloadSkills:true so it applies to THIS session, plus a short nudge.
13
+ //
14
+ // settings.local.json `skillOverrides` and reloadSkills both hot-reload, so the
15
+ // crop takes effect immediately. The listing is NOT re-injected after /compact,
16
+ // which is why this must run on every boundary.
17
+ //
18
+ // Pure Node (the one runtime Claude Code guarantees on every OS). Register it as
19
+ // { "type": "command", "command": "node \"<path>/session-start.mjs\"" }
20
+ // so it runs identically on Linux, macOS, and Windows.
21
+
22
+ import { existsSync, readFileSync, statSync } from "node:fs";
23
+ import { dirname, join } from "node:path";
24
+ import { fileURLToPath, pathToFileURL } from "node:url";
25
+
26
+ const SCRIPT_DIR = dirname(fileURLToPath(import.meta.url));
27
+ const SKILLS_DIR = join(SCRIPT_DIR, "..", "skills");
28
+ const SETTINGS = join(SCRIPT_DIR, "..", "settings.local.json");
29
+ const ROLES_FILE = join(SKILLS_DIR, ".roles.json");
30
+
31
+ const BASE = `This project has the swe-workflow skills library installed with a name-only
32
+ baseline: only a few critical skills (the \`skill-router\` orchestrator plus the
33
+ safety skills) keep their descriptions in context and auto-trigger. Every other
34
+ skill is listed by name only — invocable, but it will NOT auto-trigger on its
35
+ own. Routing through \`skill-router\` is the ONLY way those skills activate.
36
+
37
+ Consult \`skill-router\` FIRST — as your very first action, before you explore or
38
+ analyze the codebase, spawn subagents, plan, design, or make any Edit/Write — on
39
+ any substantial software work: analysis, planning, a structural or data decision,
40
+ implementing, debugging, reviewing, refactoring, or shipping. It reads the full
41
+ catalog and invokes the right skill by name. Exploring or planning first and
42
+ routing "once you understand the problem" is already too late — route, THEN
43
+ explore under the chosen skill.
44
+
45
+ Re-route on each new PHASE of work, not just at session start: when you pivot
46
+ from analysis to implementing, to writing tests, to reviewing, or to shipping,
47
+ consult \`skill-router\` again for that phase before you act. The skill for the new
48
+ phase almost certainly isn't loaded yet — routing once at the start does not
49
+ cover work you start an hour later.
50
+
51
+ Route even when you already believe you know how to proceed — do NOT wait until
52
+ you feel unsure, and do NOT talk yourself out of it because the task "looks like a
53
+ one-liner," touches only one file, or seems obvious. Small structural changes
54
+ (renames, config edits, dependency bumps) and anything that matches a specific
55
+ skill's domain (accessibility, API design, security, data modeling, migrations,
56
+ performance…) are exactly what the skills are for. When in doubt, route.
57
+
58
+ Skip ONLY for genuinely trivial, conversational, or information-lookup replies,
59
+ or when the user tells you not to use a skill or to "just do X" — the user's
60
+ explicit instructions always take precedence.`;
61
+
62
+ // Active role, if one was set (by install --role or the /role command).
63
+ let role = "";
64
+ const activeRoleFile = join(SKILLS_DIR, ".active-role");
65
+ if (existsSync(activeRoleFile)) {
66
+ try {
67
+ role = readFileSync(activeRoleFile, "utf-8").replace(/\s+/g, "");
68
+ } catch {
69
+ role = "";
70
+ }
71
+ }
72
+
73
+ // Write the name-only baseline (promote pinned ∪ active-role to "on"). Best-effort:
74
+ // if resolve.mjs / roles.json / skills aren't present, skip silently. resolve.mjs
75
+ // is a sibling once installed; fall back to the repo location for in-tree runs.
76
+ async function loadResolve() {
77
+ for (const p of [join(SCRIPT_DIR, "resolve.mjs"), join(SCRIPT_DIR, "..", "scripts", "resolve.mjs")]) {
78
+ if (existsSync(p)) return import(pathToFileURL(p).href);
79
+ }
80
+ return null;
81
+ }
82
+
83
+ function isDir(p) {
84
+ return existsSync(p) && statSync(p).isDirectory();
85
+ }
86
+
87
+ try {
88
+ if (existsSync(ROLES_FILE) && isDir(SKILLS_DIR)) {
89
+ const resolveMod = await loadResolve();
90
+ if (resolveMod) {
91
+ const data = resolveMod.loadRoles(ROLES_FILE);
92
+ // A stale/removed role in .active-role must NOT abort the hook: applyBaseline
93
+ // calls process.exit on an unknown role (uncatchable), which would suppress the
94
+ // nudge below. Fall back to the baseline if the marker no longer names a role.
95
+ if (role && !(data.roles && role in data.roles)) role = "";
96
+ resolveMod.applyBaseline(data, SETTINGS, SKILLS_DIR, role || null);
97
+ }
98
+ }
99
+ } catch {
100
+ // best-effort: never block the session if the baseline can't be written
101
+ }
102
+
103
+ let ctx = BASE;
104
+ if (role) {
105
+ ctx +=
106
+ `\n\nActive role: ${role} — its skills are promoted to auto-trigger. ` +
107
+ "Switch with `/role <name>` (`/role all` resets to baseline).";
108
+ }
109
+
110
+ process.stdout.write(
111
+ JSON.stringify({
112
+ hookSpecificOutput: {
113
+ hookEventName: "SessionStart",
114
+ reloadSkills: true,
115
+ additionalContext: ctx,
116
+ },
117
+ }) + "\n",
118
+ );