vanara 0.1.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (195) hide show
  1. package/README.md +14 -0
  2. package/bin/vanara.js +66 -2
  3. package/catalog/agents/api-designer/AGENT.md +156 -0
  4. package/catalog/agents/api-designer/examples/openapi-snippet.yaml +130 -0
  5. package/catalog/agents/api-designer/examples/review-notes.md +61 -0
  6. package/catalog/agents/api-designer/references/contract-and-openapi.md +82 -0
  7. package/catalog/agents/api-designer/references/design-checklist.md +68 -0
  8. package/catalog/agents/api-designer/references/versioning-and-evolution.md +63 -0
  9. package/catalog/agents/api-designer/scripts/lint-openapi.mjs +180 -0
  10. package/catalog/agents/code-reviewer/AGENT.md +184 -0
  11. package/catalog/agents/code-reviewer/examples/pr-comment-template.md +48 -0
  12. package/catalog/agents/code-reviewer/examples/sample-review-output.md +38 -0
  13. package/catalog/agents/code-reviewer/references/review-checklist.md +46 -0
  14. package/catalog/agents/code-reviewer/references/security-review.md +62 -0
  15. package/catalog/agents/code-reviewer/references/severity-rubric.md +63 -0
  16. package/catalog/agents/code-reviewer/scripts/review-guard.mjs +102 -0
  17. package/catalog/agents/debugger/AGENT.md +128 -0
  18. package/catalog/agents/debugger/examples/postmortem-template.md +59 -0
  19. package/catalog/agents/debugger/examples/repro-template.md +50 -0
  20. package/catalog/agents/debugger/references/bisection.md +63 -0
  21. package/catalog/agents/debugger/references/debugging-method.md +57 -0
  22. package/catalog/agents/debugger/references/observability.md +61 -0
  23. package/catalog/agents/debugger/scripts/parse-stacktrace.mjs +109 -0
  24. package/catalog/agents/pr-summarizer/AGENT.md +172 -0
  25. package/catalog/agents/pr-summarizer/examples/sample-pr-summary.md +46 -0
  26. package/catalog/agents/pr-summarizer/examples/weak-vs-strong-summary.md +68 -0
  27. package/catalog/agents/pr-summarizer/references/identifying-risk.md +68 -0
  28. package/catalog/agents/pr-summarizer/references/reading-the-diff.md +68 -0
  29. package/catalog/agents/pr-summarizer/references/test-plan-and-missing-tests.md +64 -0
  30. package/catalog/agents/pr-summarizer/references/writing-the-summary.md +63 -0
  31. package/catalog/agents/pr-summarizer/scripts/diff-risk.mjs +111 -0
  32. package/catalog/agents/refactoring-specialist/AGENT.md +201 -0
  33. package/catalog/agents/refactoring-specialist/examples/before-after.md +91 -0
  34. package/catalog/agents/refactoring-specialist/examples/refactor-plan.md +97 -0
  35. package/catalog/agents/refactoring-specialist/references/large-scale-refactor.md +50 -0
  36. package/catalog/agents/refactoring-specialist/references/safe-workflow.md +75 -0
  37. package/catalog/agents/refactoring-specialist/references/smell-catalog.md +76 -0
  38. package/catalog/agents/refactoring-specialist/scripts/detect-smells.mjs +150 -0
  39. package/catalog/agents/security-auditor/AGENT.md +184 -0
  40. package/catalog/agents/security-auditor/examples/audit-report.md +68 -0
  41. package/catalog/agents/security-auditor/examples/finding-template.md +31 -0
  42. package/catalog/agents/security-auditor/references/audit-workflow.md +116 -0
  43. package/catalog/agents/security-auditor/references/severity-and-reporting.md +56 -0
  44. package/catalog/agents/security-auditor/references/vuln-classes.md +129 -0
  45. package/catalog/agents/security-auditor/scripts/scan-secrets.mjs +86 -0
  46. package/catalog/agents/technical-writer/AGENT.md +179 -0
  47. package/catalog/agents/technical-writer/examples/how-to-example.md +76 -0
  48. package/catalog/agents/technical-writer/examples/reference-example.md +75 -0
  49. package/catalog/agents/technical-writer/references/clarity-and-style.md +52 -0
  50. package/catalog/agents/technical-writer/references/diataxis-and-doc-types.md +61 -0
  51. package/catalog/agents/technical-writer/references/structure-and-maintenance.md +59 -0
  52. package/catalog/agents/technical-writer/scripts/readability.mjs +103 -0
  53. package/catalog/agents/test-author/AGENT.md +193 -0
  54. package/catalog/agents/test-author/examples/test-plan.md +54 -0
  55. package/catalog/agents/test-author/examples/unit-test-example.ts +55 -0
  56. package/catalog/agents/test-author/references/aaa-and-naming.md +75 -0
  57. package/catalog/agents/test-author/references/mocking-and-fixtures.md +94 -0
  58. package/catalog/agents/test-author/references/test-types-and-pyramid.md +60 -0
  59. package/catalog/agents/test-author/scripts/check-coverage.mjs +145 -0
  60. package/catalog/agents/threat-modeler/AGENT.md +179 -0
  61. package/catalog/agents/threat-modeler/examples/dfd-example.md +55 -0
  62. package/catalog/agents/threat-modeler/examples/threat-model.md +81 -0
  63. package/catalog/agents/threat-modeler/references/dfd-and-trust-boundaries.md +76 -0
  64. package/catalog/agents/threat-modeler/references/mitigation-catalog.md +77 -0
  65. package/catalog/agents/threat-modeler/references/stride-method.md +68 -0
  66. package/catalog/agents/threat-modeler/scripts/stride-checklist.mjs +183 -0
  67. package/catalog/agents/vuln-scanner/AGENT.md +162 -0
  68. package/catalog/agents/vuln-scanner/examples/finding-template.md +57 -0
  69. package/catalog/agents/vuln-scanner/examples/scan-report.md +49 -0
  70. package/catalog/agents/vuln-scanner/references/remediation-and-severity.md +68 -0
  71. package/catalog/agents/vuln-scanner/references/scan-types-and-tools.md +83 -0
  72. package/catalog/agents/vuln-scanner/references/triage-and-false-positives.md +73 -0
  73. package/catalog/agents/vuln-scanner/scripts/parse-scan-results.mjs +133 -0
  74. package/catalog/packs/code-review-pack/PACK.md +100 -0
  75. package/catalog/packs/code-review-pack/examples/pr-flow-example.md +50 -0
  76. package/catalog/packs/code-review-pack/references/rollout-guide.md +40 -0
  77. package/catalog/packs/security-pack/PACK.md +128 -0
  78. package/catalog/packs/security-pack/examples/owasp-vuln-triage-and-fix.md +66 -0
  79. package/catalog/packs/security-pack/examples/threat-model-then-audit.md +77 -0
  80. package/catalog/packs/security-pack/references/choosing-the-right-tool.md +37 -0
  81. package/catalog/packs/security-pack/references/threat-model-to-remediation.md +69 -0
  82. package/catalog/packs/security-pack/references/workflow.md +56 -0
  83. package/catalog/skills/api-pagination/SKILL.md +83 -0
  84. package/catalog/skills/api-pagination/examples/keyset-queries.sql +38 -0
  85. package/catalog/skills/api-pagination/examples/response-shapes.md +51 -0
  86. package/catalog/skills/api-pagination/references/consuming-pages.md +39 -0
  87. package/catalog/skills/api-pagination/references/counting-and-totals.md +41 -0
  88. package/catalog/skills/api-pagination/references/cursor-encoding.md +34 -0
  89. package/catalog/skills/api-pagination/scripts/check-cursor.mjs +51 -0
  90. package/catalog/skills/caching-strategies/SKILL.md +180 -0
  91. package/catalog/skills/caching-strategies/examples/http-cache-headers.md +82 -0
  92. package/catalog/skills/caching-strategies/examples/redis-cache-aside.js +110 -0
  93. package/catalog/skills/caching-strategies/references/cache-patterns.md +93 -0
  94. package/catalog/skills/caching-strategies/references/eviction-and-ttl.md +67 -0
  95. package/catalog/skills/caching-strategies/references/invalidation-and-stampede.md +99 -0
  96. package/catalog/skills/caching-strategies/scripts/ttl-jitter.mjs +99 -0
  97. package/catalog/skills/conventional-commits/SKILL.md +135 -0
  98. package/catalog/skills/conventional-commits/examples/commit-examples.md +60 -0
  99. package/catalog/skills/conventional-commits/examples/commitlint.config.js +31 -0
  100. package/catalog/skills/conventional-commits/references/breaking-changes-semver.md +50 -0
  101. package/catalog/skills/conventional-commits/references/scoping-commits.md +42 -0
  102. package/catalog/skills/conventional-commits/references/spec.md +78 -0
  103. package/catalog/skills/conventional-commits/scripts/lint-commit.mjs +97 -0
  104. package/catalog/skills/database-migrations/SKILL.md +137 -0
  105. package/catalog/skills/database-migrations/examples/add-column-safe.sql +34 -0
  106. package/catalog/skills/database-migrations/examples/migration-config.example.json +27 -0
  107. package/catalog/skills/database-migrations/references/expand-contract.md +74 -0
  108. package/catalog/skills/database-migrations/references/rollback-and-safety.md +71 -0
  109. package/catalog/skills/database-migrations/references/zero-downtime-changes.md +84 -0
  110. package/catalog/skills/database-migrations/scripts/check-migration-reversible.mjs +139 -0
  111. package/catalog/skills/error-handling-patterns/SKILL.md +136 -0
  112. package/catalog/skills/error-handling-patterns/examples/express-error-middleware.js +93 -0
  113. package/catalog/skills/error-handling-patterns/examples/result-pattern.ts +81 -0
  114. package/catalog/skills/error-handling-patterns/references/error-taxonomy.md +91 -0
  115. package/catalog/skills/error-handling-patterns/references/language-patterns.md +102 -0
  116. package/catalog/skills/error-handling-patterns/references/retry-and-backoff.md +76 -0
  117. package/catalog/skills/error-handling-patterns/scripts/lint-empty-catch.mjs +113 -0
  118. package/catalog/skills/git-collaboration-workflows/SKILL.md +104 -0
  119. package/catalog/skills/git-collaboration-workflows/examples/branch-protection.md +48 -0
  120. package/catalog/skills/git-collaboration-workflows/examples/pr-review-playbook.md +48 -0
  121. package/catalog/skills/git-collaboration-workflows/references/branching-models.md +52 -0
  122. package/catalog/skills/git-collaboration-workflows/references/history-hygiene.md +44 -0
  123. package/catalog/skills/git-collaboration-workflows/scripts/check-branch-hygiene.mjs +62 -0
  124. package/catalog/skills/owasp-top10/SKILL.md +112 -0
  125. package/catalog/skills/owasp-top10/examples/sql-injection-fix.md +33 -0
  126. package/catalog/skills/owasp-top10/examples/xss-fix.md +27 -0
  127. package/catalog/skills/owasp-top10/references/access-control.md +36 -0
  128. package/catalog/skills/owasp-top10/references/crypto-failures.md +29 -0
  129. package/catalog/skills/owasp-top10/references/injection.md +39 -0
  130. package/catalog/skills/owasp-top10/references/ssrf-and-design.md +35 -0
  131. package/catalog/skills/owasp-top10/scripts/scan-injection.mjs +73 -0
  132. package/catalog/skills/prompt-engineering/SKILL.md +100 -0
  133. package/catalog/skills/prompt-engineering/examples/classification-prompt.md +29 -0
  134. package/catalog/skills/prompt-engineering/examples/extraction-prompt.md +25 -0
  135. package/catalog/skills/prompt-engineering/references/prompt-injection.md +34 -0
  136. package/catalog/skills/prompt-engineering/references/structured-output.md +34 -0
  137. package/catalog/skills/prompt-engineering/references/techniques.md +33 -0
  138. package/catalog/skills/prompt-engineering/scripts/validate-output.mjs +71 -0
  139. package/catalog/skills/readme-writing/SKILL.md +176 -0
  140. package/catalog/skills/readme-writing/examples/README.template.md +73 -0
  141. package/catalog/skills/readme-writing/examples/good-readme-example.md +95 -0
  142. package/catalog/skills/readme-writing/references/anatomy.md +107 -0
  143. package/catalog/skills/readme-writing/references/maintenance.md +68 -0
  144. package/catalog/skills/readme-writing/references/writing-style.md +79 -0
  145. package/catalog/skills/readme-writing/scripts/lint-readme.mjs +117 -0
  146. package/catalog/skills/refactoring-patterns/SKILL.md +178 -0
  147. package/catalog/skills/refactoring-patterns/examples/extract-function.before-after.js +57 -0
  148. package/catalog/skills/refactoring-patterns/examples/replace-conditional-with-polymorphism.before-after.ts +63 -0
  149. package/catalog/skills/refactoring-patterns/references/code-smells.md +92 -0
  150. package/catalog/skills/refactoring-patterns/references/refactoring-catalog.md +78 -0
  151. package/catalog/skills/refactoring-patterns/references/safe-workflow.md +74 -0
  152. package/catalog/skills/refactoring-patterns/scripts/detect-smells.mjs +137 -0
  153. package/catalog/skills/rest-api-design/SKILL.md +147 -0
  154. package/catalog/skills/rest-api-design/examples/error-envelope.json +26 -0
  155. package/catalog/skills/rest-api-design/examples/orders-api.openapi.yaml +106 -0
  156. package/catalog/skills/rest-api-design/references/error-handling.md +43 -0
  157. package/catalog/skills/rest-api-design/references/pagination.md +41 -0
  158. package/catalog/skills/rest-api-design/references/status-codes.md +32 -0
  159. package/catalog/skills/rest-api-design/references/versioning.md +31 -0
  160. package/catalog/skills/rest-api-design/scripts/check-envelope.mjs +62 -0
  161. package/catalog/skills/secrets-management/SKILL.md +134 -0
  162. package/catalog/skills/secrets-management/examples/env-example.md +41 -0
  163. package/catalog/skills/secrets-management/examples/rotation-runbook.md +50 -0
  164. package/catalog/skills/secrets-management/references/leak-response.md +47 -0
  165. package/catalog/skills/secrets-management/references/rotation.md +46 -0
  166. package/catalog/skills/secrets-management/references/secret-managers.md +52 -0
  167. package/catalog/skills/secrets-management/scripts/detect-hardcoded.mjs +96 -0
  168. package/catalog/skills/secure-auth/SKILL.md +135 -0
  169. package/catalog/skills/secure-auth/examples/auth-flow.md +60 -0
  170. package/catalog/skills/secure-auth/examples/jwt-verify.ts +89 -0
  171. package/catalog/skills/secure-auth/references/auth-attacks.md +76 -0
  172. package/catalog/skills/secure-auth/references/oauth2-oidc.md +65 -0
  173. package/catalog/skills/secure-auth/references/password-hashing.md +70 -0
  174. package/catalog/skills/secure-auth/references/sessions-vs-jwt.md +69 -0
  175. package/catalog/skills/secure-auth/scripts/check-password-policy.mjs +114 -0
  176. package/catalog/skills/sql-index-tuning/SKILL.md +171 -0
  177. package/catalog/skills/sql-index-tuning/examples/explain-walkthrough.sql +91 -0
  178. package/catalog/skills/sql-index-tuning/examples/index-ddl.sql +67 -0
  179. package/catalog/skills/sql-index-tuning/references/btree-internals.md +58 -0
  180. package/catalog/skills/sql-index-tuning/references/composite-and-covering.md +60 -0
  181. package/catalog/skills/sql-index-tuning/references/reading-explain.md +54 -0
  182. package/catalog/skills/sql-index-tuning/references/selectivity-and-cardinality.md +62 -0
  183. package/catalog/skills/sql-index-tuning/scripts/suggest-index.mjs +213 -0
  184. package/catalog/skills/test-plan-design/SKILL.md +154 -0
  185. package/catalog/skills/test-plan-design/examples/test-case-template.md +45 -0
  186. package/catalog/skills/test-plan-design/examples/test-plan.md +57 -0
  187. package/catalog/skills/test-plan-design/references/case-design.md +79 -0
  188. package/catalog/skills/test-plan-design/references/risk-prioritization.md +58 -0
  189. package/catalog/skills/test-plan-design/references/test-pyramid.md +58 -0
  190. package/catalog/skills/test-plan-design/scripts/coverage-gaps.mjs +109 -0
  191. package/free-tier.json +15 -0
  192. package/package.json +15 -4
  193. package/premium-index.json +1 -0
  194. package/src/config.js +31 -1
  195. package/src/license.js +143 -0
@@ -0,0 +1,176 @@
1
+ ---
2
+ name: readme-writing
3
+ description: How to write a README that gets a project understood and running fast — lead with what/why, a 60-second quickstart, then usage, config, contributing, and license. Covers required sections, show-don't-tell examples, scannability, badges, and failure modes. Use when writing or auditing a project README.
4
+ type: skill
5
+ version: 2.0.0
6
+ updated: 2026-06-29
7
+ ---
8
+ # README Writing
9
+
10
+ The README is the **front door** of a project. Most readers arrive with one of three jobs: *decide if
11
+ this is worth their time*, *get it running*, or *find one specific answer*. A good README serves all
12
+ three in the order they appear — orientation first, action second, depth on demand. This skill is the
13
+ deep reference for writing one: the required sections, the writing moves that make it scannable, the
14
+ runnable-example discipline, and the failure modes that quietly drive readers away. Heavy detail lives
15
+ in `references/`; copy-paste material in `examples/`; a runnable linter in `scripts/`.
16
+
17
+ ## Mental model
18
+
19
+ A README is read in **three passes**, and you write top-to-bottom to match them:
20
+
21
+ | Pass | Reader's question | What answers it |
22
+ |---|---|---|
23
+ | Skim (10s) | "What is this and is it for me?" | Title + one-line description + badges |
24
+ | Try (60s) | "Can I get it running?" | Install + minimal quickstart |
25
+ | Use (later) | "How do I do X specifically?" | Usage, configuration, links to deeper docs |
26
+
27
+ Optimize ruthlessly for the first 60 seconds. A reader who can't tell what the project does, or who
28
+ hits a broken install command, leaves and does not come back. Everything else is recoverable; the first
29
+ screen is not.
30
+
31
+ ## The required sections (in order)
32
+
33
+ A complete README has these, roughly in this sequence. Not every project needs every one, but you must
34
+ make a deliberate choice to omit, never an accidental one.
35
+
36
+ 1. **Title + one-line description** — what it is and who it's for, no preamble, no "Welcome to".
37
+ 2. **Badges** — build status, version, license, coverage. Signal of health, scanned in a glance.
38
+ 3. **Why / value** — the problem it solves, optionally a screenshot, GIF, or short result example.
39
+ 4. **Install** — the minimal commands to get the dependency in place, copy-pasteable and verified.
40
+ 5. **Quickstart / Usage** — the smallest end-to-end example that produces a visible result.
41
+ 6. **Configuration** — options, env vars, defaults — as a table, not prose.
42
+ 7. **Contributing** — how to set up a dev environment and the contribution flow (link to `CONTRIBUTING.md`).
43
+ 8. **License** — the SPDX name and a link to the `LICENSE` file.
44
+
45
+ The full anatomy, with what to include and skip per project type (library vs CLI vs service vs
46
+ framework), is in `references/anatomy.md`.
47
+
48
+ ## Lead with what and why
49
+
50
+ The opening is the most-read and most-botched part. State the **what** in one line, then the **why**.
51
+ Do not bury it under a logo, a table of contents, or a wall of badges.
52
+
53
+ ```markdown
54
+ # Forge
55
+
56
+ Forge builds and maintains AI agents and skills through a self-improving maker/checker loop —
57
+ so your automation gets better on every run instead of rotting.
58
+
59
+ [![build](https://img.shields.io/badge/build-passing-brightgreen)]()
60
+ [![npm](https://img.shields.io/npm/v/forge)]()
61
+ [![license](https://img.shields.io/badge/license-MIT-blue)]()
62
+ ```
63
+
64
+ Within two sentences the reader knows the category (agent tooling), the mechanism (maker/checker loop),
65
+ and the payoff (self-improving, no rot). Compare the anti-pattern: *"Welcome to Forge! Forge is a
66
+ powerful, flexible, modern, enterprise-grade platform for..."* — three adjectives and zero information.
67
+ See `references/writing-style.md` for the full list of filler phrases to cut.
68
+
69
+ ## The 60-second quickstart
70
+
71
+ The quickstart is a promise: *paste these commands and see it work.* It must be **copy-pasteable**,
72
+ **self-contained**, and **actually run** — test it in a clean checkout before shipping.
73
+
74
+ ```markdown
75
+ ## Quick start
76
+
77
+ \`\`\`bash
78
+ git clone https://github.com/acme/forge && cd forge
79
+ npm install
80
+ npx forge audit ./my-project # prints a scorecard
81
+ \`\`\`
82
+
83
+ You should see a table of findings within a few seconds. Next, try `forge fix` to apply them.
84
+ ```
85
+
86
+ Rules that make or break it:
87
+
88
+ - **Show the expected output**, or at least describe it ("you should see a table"). A command with no
89
+ visible result leaves the reader unsure it worked.
90
+ - **One happy path only.** Do not branch into "if you use yarn / pnpm / bun" in the quickstart — pick
91
+ one, link the rest. Optionality kills momentum.
92
+ - **No undeclared prerequisites.** If it needs Node 20+, a running Postgres, or an API key, say so
93
+ *before* the commands, not in a stack trace the reader hits later.
94
+
95
+ ## Show, don't tell
96
+
97
+ Prose describing behavior ages badly and is hard to trust. A **runnable example** is self-verifying —
98
+ either it works or the reader sees it break. Prefer concrete examples over adjectives at every turn.
99
+
100
+ ```markdown
101
+ ## Usage
102
+
103
+ \`\`\`js
104
+ import { Forge } from 'forge';
105
+
106
+ const forge = new Forge({ target: './my-project' });
107
+ const report = await forge.audit();
108
+
109
+ console.log(report.score); // 87
110
+ console.log(report.findings[0]); // { rule: 'no-secrets', severity: 'high', file: '.env' }
111
+ \`\`\`
112
+ ```
113
+
114
+ The inline comments showing return values turn a snippet into documentation. This is why `examples/`
115
+ ships a `good-readme-example.md` and a `README.template.md` you can adapt — see *Files in this package*.
116
+
117
+ ## Make it scannable
118
+
119
+ Readers skim, they do not read. Structure for the eye:
120
+
121
+ - **Headings every few paragraphs** so the table of contents (and the reader's scroll) has anchors.
122
+ - **Tables for anything with structure** — config options, CLI flags, comparison matrices. A 5-row
123
+ table beats two paragraphs of "the `--depth` flag controls...".
124
+ - **Code blocks for anything runnable**, always fenced with a language for syntax highlighting.
125
+ - **Short paragraphs.** One idea each. Walls of text are scrolled past, not read.
126
+ - **Link out for depth.** The README is a launchpad, not the manual. Link to `docs/`, the wiki, or a
127
+ hosted site rather than inlining a 200-line configuration reference.
128
+
129
+ Audience calibration matters too: a library README assumes a developer who will read code; a CLI
130
+ README assumes someone who wants commands; an end-user app README assumes neither. Details in
131
+ `references/anatomy.md`.
132
+
133
+ ## Common pitfalls (failure modes)
134
+
135
+ - **The broken quickstart.** Commands that don't run in a clean checkout — stale flags, missing
136
+ `install` step, undeclared env var. The single most damaging README bug. Test it cold.
137
+ - **Burying the lede.** A logo, badge wall, or 30-line table of contents before the one-line
138
+ description. The reader scrolls looking for "what is this" and gives up.
139
+ - **Adjective soup.** "Powerful, flexible, blazing-fast, enterprise-grade" — these are unfalsifiable
140
+ and information-free. Replace with a concrete capability or benchmark.
141
+ - **Telling instead of showing.** Paragraphs describing the API instead of a code block using it.
142
+ - **The novel.** Inlining the entire configuration reference, changelog, and architecture doc. The
143
+ README becomes unmaintainable and unscannable. Link out.
144
+ - **Drift.** Examples that no longer match the current API because nobody re-ran them. Treat README
145
+ snippets as testable artifacts (see `scripts/lint-readme.mjs` and `references/maintenance.md`).
146
+ - **No license.** A repo with no `LICENSE` is, legally, all-rights-reserved — nobody can safely use it.
147
+ Always state the license.
148
+
149
+ ## When NOT to write a heavy README / trade-offs
150
+
151
+ A README is not the right home for everything, and more is not better:
152
+
153
+ - **Deep, multi-page docs** belong in a `docs/` site (Docusaurus, mdBook, ReadTheDocs), not the README.
154
+ A README that scrolls for ten screens has failed at being a front door. Link instead.
155
+ - **API reference** that's mechanically derivable (TypeDoc, rustdoc, Sphinx) should be generated, not
156
+ hand-written into the README where it will drift.
157
+ - **Internal-only / throwaway repos** may need only a title and a one-line run command — don't gold-plate
158
+ a README nobody outside the team will read.
159
+ - **Monorepos** often want a thin root README that routes to per-package READMEs, rather than one giant
160
+ document trying to cover every package.
161
+
162
+ The trade-off is always **completeness vs. scannability**. When they conflict, scannability wins in the
163
+ README and completeness moves to linked docs.
164
+
165
+ ## Files in this package
166
+
167
+ - `references/anatomy.md` — full section-by-section anatomy + what to include per project type
168
+ - `references/writing-style.md` — voice, filler phrases to cut, scannability techniques, badges
169
+ - `references/maintenance.md` — keeping a README honest: testing snippets, drift, automation in CI
170
+ - `examples/README.template.md` — a fill-in-the-blanks starter README with every required section
171
+ - `examples/good-readme-example.md` — a complete, worked example README for a sample CLI tool
172
+ - `scripts/lint-readme.mjs` — runnable Node check that a README has the required sections + a quickstart code block
173
+
174
+ Pairs with the `documentation-structure` skill (for organizing the wider `docs/` tree the README links
175
+ into) and the `technical-writer` agent (for tightening prose and voice). Also see the `changelog-writing`
176
+ skill for the companion `CHANGELOG.md`.
@@ -0,0 +1,73 @@
1
+ <!--
2
+ README TEMPLATE — fill in the blanks, delete the guidance comments and any
3
+ sections you don't need. Order is deliberate: what -> why -> run -> use -> details.
4
+ Run scripts/lint-readme.mjs against your filled-in copy to check required sections.
5
+ -->
6
+
7
+ # <Project Name>
8
+
9
+ <!-- One sentence: what it is + who it's for + the payoff. No "Welcome to". -->
10
+ <One-line description: the category and the value, in a single sentence.>
11
+
12
+ <!-- One row of high-signal badges. Build, version, license, maybe coverage. -->
13
+ [![build](https://img.shields.io/badge/build-passing-brightgreen)]()
14
+ [![version](https://img.shields.io/badge/version-0.0.0-blue)]()
15
+ [![license](https://img.shields.io/badge/license-MIT-blue)]()
16
+
17
+ ## Why
18
+
19
+ <!-- The problem it solves and the result. Add a screenshot/GIF for visual tools,
20
+ or a tiny before/after snippet for libraries. -->
21
+ <What problem does this solve, and what does using it get you?>
22
+
23
+ ## Install
24
+
25
+ <!-- State prerequisites first, then the single primary install command. -->
26
+ Requires <runtime + version>.
27
+
28
+ ```bash
29
+ <install command>
30
+ ```
31
+
32
+ ## Quick start
33
+
34
+ <!-- The smallest end-to-end example that produces a visible result.
35
+ Copy-pasteable. Show or describe the expected output. One happy path only. -->
36
+ ```bash
37
+ <command 1>
38
+ <command 2>
39
+ ```
40
+
41
+ You should see <expected result> within <time>.
42
+
43
+ ## Usage
44
+
45
+ <!-- Common tasks as runnable snippets. Show return values in comments.
46
+ Link out to generated reference docs instead of dumping the whole API. -->
47
+ ```js
48
+ <minimal usage example with expected output in comments>
49
+ ```
50
+
51
+ See [the full docs](<link>) for more.
52
+
53
+ ## Configuration
54
+
55
+ <!-- A table beats prose for options. -->
56
+ | Option | Env var | Default | Description |
57
+ |---|---|---|---|
58
+ | `<option>` | `<ENV_VAR>` | `<default>` | <what it does> |
59
+
60
+ ## Contributing
61
+
62
+ <!-- Dev setup + link to the full flow. -->
63
+ Contributions welcome. To set up locally:
64
+
65
+ ```bash
66
+ <clone + install + test commands>
67
+ ```
68
+
69
+ See [CONTRIBUTING.md](./CONTRIBUTING.md) for the full process.
70
+
71
+ ## License
72
+
73
+ [<SPDX-ID>](./LICENSE) © <year> <holder>
@@ -0,0 +1,95 @@
1
+ <!--
2
+ WORKED EXAMPLE — a complete, realistic README for a small CLI tool ("tiderss",
3
+ a terminal RSS reader). Use it as a reference for tone, length, and structure.
4
+ Notice: what/why in the first three lines, a 60-second quickstart with expected
5
+ output, a config table, links out for depth, and a license. It passes lint-readme.mjs.
6
+ -->
7
+
8
+ # tiderss
9
+
10
+ A fast terminal RSS reader that lives in your shell — subscribe, sync, and read feeds without leaving
11
+ the keyboard.
12
+
13
+ [![build](https://img.shields.io/badge/build-passing-brightgreen)]()
14
+ [![npm](https://img.shields.io/badge/npm-v1.4.0-blue)]()
15
+ [![license](https://img.shields.io/badge/license-MIT-blue)]()
16
+
17
+ ## Why
18
+
19
+ Web feed readers are slow, ad-laden, and pull you into a browser tab you'll never close. `tiderss` keeps
20
+ reading where the work already is: the terminal. It syncs in the background, caches offline, and renders
21
+ articles as clean, readable text.
22
+
23
+ ![tiderss reading view](./docs/screenshot.png)
24
+
25
+ ## Install
26
+
27
+ Requires Node 20+.
28
+
29
+ ```bash
30
+ npm install -g tiderss
31
+ ```
32
+
33
+ ## Quick start
34
+
35
+ ```bash
36
+ tiderss add https://blog.acme.dev/feed.xml # subscribe to a feed
37
+ tiderss sync # fetch latest items
38
+ tiderss read # open the reader
39
+ ```
40
+
41
+ After `sync` you'll see a count of new items (`12 new across 1 feed`), and `read` opens an interactive
42
+ list. Use `j`/`k` to move, `Enter` to open, `q` to quit.
43
+
44
+ ## Usage
45
+
46
+ List your subscriptions and unread counts:
47
+
48
+ ```bash
49
+ tiderss list
50
+ # acme-blog 12 unread
51
+ # rust-weekly 3 unread
52
+ ```
53
+
54
+ Mark everything read and export your subscriptions as OPML:
55
+
56
+ ```bash
57
+ tiderss mark-all-read
58
+ tiderss export > feeds.opml
59
+ ```
60
+
61
+ For scripting, every command accepts `--json`:
62
+
63
+ ```bash
64
+ tiderss list --json
65
+ # [{ "feed": "acme-blog", "unread": 12 }, { "feed": "rust-weekly", "unread": 3 }]
66
+ ```
67
+
68
+ See [the command reference](./docs/commands.md) for the full list.
69
+
70
+ ## Configuration
71
+
72
+ Config lives at `~/.config/tiderss/config.toml`. All values are overridable by env var.
73
+
74
+ | Option | Env var | Default | Description |
75
+ |---|---|---|---|
76
+ | `sync_interval` | `TIDERSS_SYNC_INTERVAL` | `30m` | Background sync cadence |
77
+ | `cache_dir` | `TIDERSS_CACHE_DIR` | `~/.cache/tiderss` | Where article bodies are cached |
78
+ | `theme` | `TIDERSS_THEME` | `auto` | `light`, `dark`, or `auto` |
79
+ | `concurrency` | `TIDERSS_CONCURRENCY` | `8` | Parallel feed fetches |
80
+
81
+ ## Contributing
82
+
83
+ Contributions are welcome. To set up a dev environment:
84
+
85
+ ```bash
86
+ git clone https://github.com/acme/tiderss && cd tiderss
87
+ npm install
88
+ npm test
89
+ ```
90
+
91
+ Please read [CONTRIBUTING.md](./CONTRIBUTING.md) and open an issue before large changes.
92
+
93
+ ## License
94
+
95
+ [MIT](./LICENSE) © 2026 Acme
@@ -0,0 +1,107 @@
1
+ # README Anatomy — Section by Section
2
+
3
+ A complete README is built from a known set of sections. Below is each one: its job, what to put in it,
4
+ and what to leave out. Order matters — readers consume top to bottom and bail early, so the highest-value
5
+ content goes first.
6
+
7
+ ## 1. Title and one-line description
8
+
9
+ - **Job:** answer "what is this and is it for me?" in under ten seconds.
10
+ - **Do:** the project name as an `# H1`, then a single sentence naming the category and the payoff.
11
+ - **Don't:** "Welcome to", a logo before the name, or a tagline so abstract it could describe anything.
12
+
13
+ ```markdown
14
+ # Forge
15
+
16
+ A self-improving maker/checker loop for building and maintaining AI agents and skills.
17
+ ```
18
+
19
+ ## 2. Badges
20
+
21
+ - **Job:** a health signal scanned in a glance — is it maintained, does it build, what license.
22
+ - **Do:** build/CI status, package version, license, test coverage. Keep to one row.
23
+ - **Don't:** twenty badges. A badge wall is noise and pushes the description below the fold.
24
+
25
+ ## 3. Why / value (and a visual)
26
+
27
+ - **Job:** convince the skimmer this solves their problem.
28
+ - **Do:** name the problem, then the result. For visual or interactive tools, a screenshot or GIF here
29
+ is worth a thousand words. For libraries, a tiny before/after code example.
30
+ - **Don't:** a history of the project, your motivation, or a manifesto. Save it for `docs/`.
31
+
32
+ ## 4. Install
33
+
34
+ - **Job:** get the dependency in place with zero ambiguity.
35
+ - **Do:** the exact command(s) for the primary install path. State prerequisites (runtime version,
36
+ system deps) immediately above it.
37
+ - **Don't:** five package managers and three OSes inline. Pick the primary, link the matrix.
38
+
39
+ ```markdown
40
+ ## Install
41
+
42
+ Requires Node 20+.
43
+
44
+ \`\`\`bash
45
+ npm install forge
46
+ \`\`\`
47
+ ```
48
+
49
+ ## 5. Quickstart / Usage
50
+
51
+ - **Job:** prove it works and teach the happy path.
52
+ - **Do:** the smallest end-to-end example that produces a visible result, with expected output shown.
53
+ Then a few common-task examples.
54
+ - **Don't:** an exhaustive API dump. Link to generated reference docs for that.
55
+
56
+ ## 6. Configuration
57
+
58
+ - **Job:** make options discoverable without reading source.
59
+ - **Do:** a table of options, env vars, and defaults. Tables scan far better than prose here.
60
+
61
+ ```markdown
62
+ | Option | Env var | Default | Description |
63
+ |---|---|---|---|
64
+ | `target` | `FORGE_TARGET` | `.` | Directory to audit |
65
+ | `depth` | `FORGE_DEPTH` | `3` | Max recursion depth |
66
+ ```
67
+
68
+ ## 7. Contributing
69
+
70
+ - **Job:** lower the barrier for the next contributor.
71
+ - **Do:** dev setup commands, how to run tests, and a link to `CONTRIBUTING.md` for the full flow.
72
+ - **Don't:** paste the entire code-of-conduct and PR checklist inline. Link them.
73
+
74
+ ## 8. License
75
+
76
+ - **Job:** tell people whether they can legally use it. A repo with no license is all-rights-reserved.
77
+ - **Do:** the SPDX identifier (e.g. `MIT`, `Apache-2.0`) and a link to the `LICENSE` file.
78
+
79
+ ```markdown
80
+ ## License
81
+
82
+ [MIT](./LICENSE) © 2026 Acme
83
+ ```
84
+
85
+ ## Optional sections (use when relevant)
86
+
87
+ | Section | Add when |
88
+ |---|---|
89
+ | Table of contents | The README is long enough to need in-page navigation (keep it collapsed) |
90
+ | Features | The value isn't obvious from one line and benefits from a bulleted list |
91
+ | Architecture | Contributors need a mental map; otherwise link to `docs/architecture.md` |
92
+ | FAQ / Troubleshooting | There are recurring support questions worth pre-empting |
93
+ | Roadmap | The project is early and you want to set expectations |
94
+ | Acknowledgements / Credits | You're standing on others' work and want to credit it |
95
+
96
+ ## Tailoring by project type
97
+
98
+ | Type | Lead with | Emphasize | De-emphasize |
99
+ |---|---|---|---|
100
+ | **Library** | a code snippet using it | install + import + usage | CLI, screenshots |
101
+ | **CLI tool** | the primary command | flags table, examples | import-as-module API |
102
+ | **Service / API** | what it serves + a curl example | run/deploy, config, endpoints | language-level API |
103
+ | **Framework** | a "hello world" | concepts, links to a docs site | exhaustive reference inline |
104
+ | **App / end-user** | a screenshot or GIF | how to install and run | code internals |
105
+
106
+ The rule across all of them: **lead with the thing the reader most wants to do**, and move everything
107
+ else to its right place — usually a linked doc.
@@ -0,0 +1,68 @@
1
+ # Keeping a README Honest — Maintenance and Drift
2
+
3
+ The most dangerous README is one that *used* to be correct. A broken quickstart or a snippet that no
4
+ longer matches the API erodes trust faster than having no example at all. This reference is about keeping
5
+ the README true over time.
6
+
7
+ ## Why READMEs drift
8
+
9
+ - **Code changes, docs don't.** A flag is renamed, an import path moves, a default changes — the README
10
+ still shows the old form because nobody re-ran it.
11
+ - **Copy-paste rot.** Examples copied from an old version or another project that never quite applied.
12
+ - **Untested commands.** The quickstart was written from memory, not from a clean checkout, and a step
13
+ (usually `install`) is missing.
14
+
15
+ ## Treat snippets as testable artifacts
16
+
17
+ The fix is to make examples *executable* rather than *aspirational*:
18
+
19
+ - **Run the quickstart in CI** against a clean checkout. If `git clone && npm install && npx forge audit`
20
+ is the promise, run exactly that in a fresh container and fail the build if it errors.
21
+ - **Extract and execute code blocks.** Tools like `mdsnippets`, `doctest`-style harnesses, or a small
22
+ script that pulls fenced blocks and runs them keep snippets in sync. Even a smoke test that the
23
+ documented command exits 0 catches the worst breakage.
24
+ - **Lint structure in CI.** Use `scripts/lint-readme.mjs` (in this package) to assert the required
25
+ sections and a quickstart code block are present, so a refactor can't silently gut the README.
26
+
27
+ ## A pre-release checklist
28
+
29
+ Before tagging a release, verify:
30
+
31
+ - [ ] Quickstart runs end-to-end in a clean checkout (no missing prerequisite or step).
32
+ - [ ] Every command's flags match the current CLI (`--help` agrees with the README).
33
+ - [ ] Code snippets compile/run against the current version.
34
+ - [ ] Version badge and any version-pinned install command point at the release.
35
+ - [ ] Links resolve (no 404s to moved docs); relative links work on the repo host.
36
+ - [ ] License section matches the actual `LICENSE` file.
37
+ - [ ] Screenshots/GIFs still reflect the current UI.
38
+
39
+ ## Automating the check
40
+
41
+ A minimal CI step that catches the structural failures:
42
+
43
+ ```yaml
44
+ # .github/workflows/readme.yml
45
+ name: readme
46
+ on: [push, pull_request]
47
+ jobs:
48
+ lint:
49
+ runs-on: ubuntu-latest
50
+ steps:
51
+ - uses: actions/checkout@v4
52
+ - uses: actions/setup-node@v4
53
+ with: { node-version: 20 }
54
+ - run: node catalog/skills/readme-writing/scripts/lint-readme.mjs README.md
55
+ ```
56
+
57
+ The linter exits non-zero when a required section or the quickstart block is missing, so a PR that
58
+ deletes the install section fails review automatically.
59
+
60
+ ## Single-source where you can
61
+
62
+ Drift is hardest to avoid when the same fact lives in two places. Reduce duplication:
63
+
64
+ - **Generate** API reference from source (TypeDoc/rustdoc/Sphinx) rather than hand-copying signatures.
65
+ - **Link** to `CHANGELOG.md` instead of summarizing release notes in the README.
66
+ - **Pull** the version from the package manifest in CI rather than hardcoding it in prose.
67
+
68
+ The less the README restates, the less there is to fall out of date.
@@ -0,0 +1,79 @@
1
+ # README Writing Style — Voice, Scannability, Badges
2
+
3
+ A README is a document people *skim under time pressure*. The writing has to survive that. This is the
4
+ style reference: how to phrase things, what to cut, and how to format for the eye.
5
+
6
+ ## Voice
7
+
8
+ - **Second person, present tense, active voice.** "Run `forge audit`" not "The audit can be run by the
9
+ user." Direct instructions are faster to act on.
10
+ - **Concrete over abstract.** "Audits a project in under two seconds" beats "blazingly fast". If you
11
+ have a number, use it; if you don't, describe the capability, not its adjective.
12
+ - **Confident but not salesy.** State what it does. You're documenting, not pitching.
13
+
14
+ ## Filler phrases to cut
15
+
16
+ These add length and subtract information. Delete on sight:
17
+
18
+ | Cut this | Why |
19
+ |---|---|
20
+ | "Welcome to..." | Wastes the most-read line on a greeting |
21
+ | "powerful, flexible, robust, modern" | Unfalsifiable adjective soup — say *what* it does |
22
+ | "simply", "just", "easy" | Condescending and often untrue for the reader |
23
+ | "blazing-fast", "lightning-fast" | A benchmark number is credible; an adjective isn't |
24
+ | "enterprise-grade", "production-ready" | Meaningless without evidence (tests, SLAs, users) |
25
+ | "as you can see", "obviously", "of course" | If it's obvious, don't say it; if it's not, it's rude |
26
+ | "in order to" | "to" is shorter and identical in meaning |
27
+
28
+ ## Scannability techniques
29
+
30
+ - **Headings as signposts.** A reader scrolls and reads only headings until one matches their goal.
31
+ Make headings describe content (`## Configuration`), not be cute (`## The knobs`).
32
+ - **Tables for structured data.** Anything that's "X has property Y with default Z" is a table, not a
33
+ paragraph. Options, flags, comparisons, env vars.
34
+ - **Fenced code blocks with a language.** Always tag the fence (` ```bash `, ` ```js `) so syntax
35
+ highlighting kicks in and the reader can tell commands from output.
36
+ - **Short paragraphs, one idea each.** Three sentences max. White space is a feature.
37
+ - **Bold the load-bearing word** in a bullet so the eye catches it while scanning.
38
+ - **Lists over comma-runs.** Three or more parallel items become a bulleted list.
39
+
40
+ ## Code block discipline
41
+
42
+ - Show **expected output** alongside commands, as comments or a following block. A command with no
43
+ visible result is an unverifiable claim.
44
+ - Keep examples **minimal and runnable** — no `...` placeholders in a block you're telling people to
45
+ paste. If you must elide, make it obvious and non-pasteable.
46
+ - Use **realistic values**, not `foo`/`bar`, where a realistic value teaches something.
47
+
48
+ ## Badges, done right
49
+
50
+ Badges are a glanceable health dashboard. The high-signal set:
51
+
52
+ - **Build / CI status** — is the main branch green?
53
+ - **Version** — npm/PyPI/crates.io published version.
54
+ - **License** — at a glance, can I use it?
55
+ - **Coverage** — optional, only if it's genuinely good and maintained.
56
+
57
+ Keep them on one line, near the title. A wall of fifteen badges (downloads-this-week, Discord, Twitter,
58
+ sponsors, code style, dependencies, ...) is noise that pushes your description below the fold. Shields.io
59
+ generates consistent ones.
60
+
61
+ ## Links, not inlining
62
+
63
+ The README is a launchpad. When a topic needs more than a screen, write a short summary and **link out**:
64
+
65
+ - Deep configuration → `docs/configuration.md` or a hosted docs site
66
+ - Full API → generated reference (TypeDoc, rustdoc, Sphinx)
67
+ - Contribution details → `CONTRIBUTING.md`
68
+ - Version history → `CHANGELOG.md`
69
+
70
+ This keeps the README scannable and the deep content in a place where it can be versioned and generated
71
+ without bloating the front door.
72
+
73
+ ## Accessibility and rendering
74
+
75
+ - Give images **alt text** (`![alt](url)`) — screen readers and broken-image fallbacks rely on it.
76
+ - Don't encode meaning in **color alone** (e.g. a red/green badge); the text label must carry it too.
77
+ - Prefer **relative links** to in-repo files (`./LICENSE`) so they work on forks and mirrors.
78
+ - Test the rendered Markdown on the host (GitHub/GitLab) — not every renderer supports the same
79
+ extensions (collapsible `<details>`, task lists, footnotes).