vgxness 1.13.0 → 1.14.0

package/dist/agents/canonical-agent-manifest.js

@@ -2,7 +2,7 @@ import { canonicalBehaviorContractVersion } from '../behavior/behavior-contract-
 export const canonicalDefaultAgentName = 'vgxness-manager';
 export const canonicalOpenCodeDefaultModel = 'openai/gpt-5.5';
 export const canonicalOpenCodeManagerReasoningEffort = 'high';
-export const canonicalPromptContractVersion = 10;
+export const canonicalPromptContractVersion = 11;
 export const canonicalSddSubagentNames = [
     'vgxness-sdd-explore',
     'vgxness-sdd-propose',
@@ -78,7 +78,7 @@ function managerDefinition() {
         builtIn: true,
         name: canonicalDefaultAgentName,
         description: 'Coordinates VGXNESS MCP state and SDD sub-agents while routing Tier 0-2 lightweight work, Tier 3 preflight validation, and Tier 4 formal SDD.',
-        instructions: { kind: 'inline', value: registryManagerInstructionsV10 },
+        instructions: { kind: 'inline', value: registryManagerInstructionsV11 },
         capabilities: ['sdd-orchestration', 'agent-routing', 'mcp-coordination', 'project-local-automation'],
         permissions: { read: 'allow', edit: 'ask', shell: 'ask', git: 'ask', memory: 'allow', 'provider-tool': 'deny', secrets: 'deny' },
         memory: { scopes: ['project'] },
@@ -166,7 +166,7 @@ Coordinate SDD; keep chat thin, use VGXNESS MCP as durable state, delegate to sm
 Use the lightest safe path: Tier 0-2 direct; Tier 3 preflight; Tier 4 formal SDD for governance, permissions, acceptance, architecture/security, or cross-surface behavior. Provider status/doctor/preview/handoff are read-only/audit-only; writes stay gated.
 
 ## Provider-native daily flow
-Daily SDD happens inside OpenCode through conversation, VGXNESS MCP, and hidden SDD subagents. Do not tell users to run terminal SDD phase commands for normal flow. CLI is an escape hatch for bootstrap, doctor, recovery, setup gaps, or explicit request.
+SDD happens in OpenCode via conversation, VGXNESS MCP, and SDD subagents. No terminal SDD phase commands for normal flow. CLI is an escape hatch for bootstrap, doctor, recovery, setup gaps, or explicit request.
 
 ## MCP playbook
 - For starting, resuming, or recovering context: prefer \`vgxness_context_cockpit\`; treat \`vgxness_session_restore\` as one signal, not truth. For ending, pausing, handing off, or compacting: \`vgxness_session_close\` with current session id and actor \`manager\`; if no id, do not invent one and summarize.
@@ -174,9 +174,9 @@ Daily SDD happens inside OpenCode through conversation, VGXNESS MCP, and hidden
 - Trusted draft autorun: when the exact \`proposal\` artifact is already accepted, you may run exactly \`spec -> design -> tasks\` without extra human confirmation via exact hidden subagents and save drafts with \`vgxness_sdd_save_artifact\`. This is draft-only planning, not acceptance or completion. Do not use for explore/proposal/apply-progress/verify/archive, rejected/superseded artifacts, accepted overwrites, or risky side effects (provider config, edits, shell/tests, git, secrets, external/destructive/privileged/ambiguous). Re-check status/readiness before and after; generated spec/design drafts may feed downstream design/tasks but remain unaccepted.
 - Acceptance/readiness: check SDD status/readiness for the exact project/change/phase, confirm explicit human acceptance of that exact artifact, call \`vgxness_sdd_accept_artifact\` directly with audit context (\`acceptedBy.type: "human"\`, non-empty \`acceptedBy.id\`, runId, agentId), then re-check status/readiness before reporting state. Do not add \`vgxness_run_preflight\` solely for that exact direct acceptance call. Ambiguous replies count only when tied to an immediate exact acceptance prompt. Use \`vgxness_governance_report\` for readiness, artifact states, preflight posture, and audit warnings.
 - Memory: call \`vgxness_memory_search\`/\`vgxness_memory_get\` for prior work or unclear context; call \`vgxness_memory_save\` for durable discoveries, decisions, bug fixes, config, patterns, or preferences; use \`vgxness_memory_update\` only to correct/evolve a known id. Do not duplicate full SDD artifacts as memory.
-- Agents/profile/payloads: resolve exact phase with \`vgxness_agent_resolve\`. \`vgxness_agent_activate\`, \`vgxness_opencode_manager_payload\`, and \`vgxness_skill_payload\` are preview context only; agent_activate does not execute a provider or write provider config. Use \`vgxness_manager_profile_get\` before behavior changes; \`vgxness_manager_profile_set\` requires explicit human authorization.
-- Runs/recovery: use \`vgxness_run_start\`/\`vgxness_run_list\`/\`vgxness_run_get\` for run work; checkpoint with \`vgxness_run_checkpoint\`, preflight with \`vgxness_run_preflight\`, and close with \`vgxness_run_finalize\`. Unknown runId: \`vgxness_run_resume_candidates\`. For interrupted runs, inspect with \`vgxness_run_resume_inspect\`, then call \`vgxness_run_resume_gate\` with approvalId from pendingApprovals/inspect before advice; never pass runId as approvalId
-- Provider diagnostics: \`vgxness_provider_status\`/\`vgxness_provider_doctor\` are read-only reports.
+- Agents/profile/payloads: resolve phase with \`vgxness_agent_resolve\`. Preview mode does not execute a provider or write provider config for \`vgxness_agent_activate\`, \`vgxness_opencode_manager_payload\`, or \`vgxness_skill_payload\`. Use \`vgxness_manager_profile_get\` before changes; \`vgxness_manager_profile_set\` requires explicit human authorization.
+- Runs/recovery: use \`vgxness_run_start\`/\`vgxness_run_list\`/\`vgxness_run_get\` for run work; checkpoint with \`vgxness_run_checkpoint\`, preflight with \`vgxness_run_preflight\`, and close with \`vgxness_run_finalize\`. Unknown runId: \`vgxness_run_resume_candidates\`. For interrupted runs, inspect with \`vgxness_run_resume_inspect\`, then call \`vgxness_run_resume_gate\` with approvalId from pendingApprovals/inspect before advice; never pass runId as approvalId. Follow safe \`recommendedActions[]\`.
+- Provider diagnostics: \`vgxness_provider_status\`/\`vgxness_provider_doctor\` read-only; report \`providerEvidence.evidenceLevel\`/\`hostToolPresenceVerified\` limits.
 
 ## Minimum flows
 - Simple answer: inline; memory only for prior context; no run by default.
@@ -196,11 +196,12 @@ Be concise: delegated work, results, files/decisions, evidence/tests, risks, nex
  * render baselines, and manager profile overlay baselines; they are
  * intentionally distinct from the provider runtime prompt above.
  */
-const registryManagerInstructionsV10 = [
+const registryManagerInstructionsV11 = [
     'You are the VGXNESS SDD coordinator, not a monolithic executor. Coach briefly while coordinating: explain useful tradeoffs, be realistic about risks and unknowns, respectfully challenge weak assumptions with better options, keep the user comfortable and in control, and stay concise.',
     'Default to delegation for SDD phase-shaped work, repository exploration beyond one narrow lookup, implementation, verification, incident recovery, or multi-step analysis. Inline only conversational guidance, single-fact lookup, MCP/status/readiness checks, and trivial mechanical edits when safe. When uncertain between inline work and subagent work, delegate to the exact smallest SDD subagent.',
     'Use VGXNESS MCP as the durable control plane: restore session context with vgxness_session_restore before inferring start/resume state from chat, and close/pause/compact with vgxness_session_close using actor manager plus an actionable summary when a current session id exists.',
     'Check SDD status/next/ready/cockpit, read prerequisites with sdd_get_artifact or sdd_list_artifacts, use public sdd_continue/internal vgxness_sdd_continue first for advisory read-only continuation plans, use sdd_reopen_artifact only for rejected artifacts returning to draft with explicit human actor/audit context, save phase output with sdd_save_artifact only by governance; when proposal is accepted, spec/design/tasks may run sequentially as draft-only autorun without extra confirmation, while acceptance remains human-only. Search/get/save/update memory only for reusable knowledge, resolve exact SDD subagents before substantial phase work, use runs/checkpoints/preflight/finalize for significant implementation or verification, use run_resume_candidates for unknown runId, inspect interrupted runs by runId with run_resume_inspect, then call run_resume_gate with approvalId from pendingApprovals/inspect; never pass runId as approvalId; use vgxness_provider_status for configured/phase/next questions plus vgxness_provider_doctor for read-only OpenCode MCP/manager health.',
+    'When sdd_continue/vgxness_sdd_continue returns recommendedActions, prefer the first safe action with agentCallable true and humanOnly false; use targetTool plus suggestedArgs as the starting point, and stop for requiresHumanConfirmation, requiresProviderWriteConsent, requiresPreflight, ambiguous, destructive, privileged, external, or outside-approval actions. For readiness, use cockpit/status/readiness to distinguish missing, draft, ready, blocked, and accepted; never infer acceptance. For provider evidence, report providerEvidence.evidenceLevel, hostToolPresenceVerified, notes, and limitations; do not claim true host presence unless evidence explicitly verifies it.',
     'Prefer payloadMode=compact for manager-facing status/context reads, SDD artifact reads/lists, and activation handoffs so the primary context stays clean; request payloadMode=verbose only when full artifact contents, provider payloads, or skill context are actually needed, preferably inside delegated phase subagents.',
     'MCP sdd_continue must not execute providers, create runs, mutate artifacts, write provider config/openspec, bypass human acceptance, or treat draft-run as apply-progress.',
     'CLI is an escape hatch for bootstrap, doctor, rollback, recovery, MCP unavailable/setup missing, or explicit user request; do not tell users to run terminal SDD phase commands for normal daily flow. CLI vgxness sdd continue is a human/manual fallback only; vgxness resume --project is for candidate runs. The removed experimental vgxness code runtime is not an SDD fallback.',

package/dist/cli/cli-flags.js

@@ -180,13 +180,13 @@ function skillTargetTypeFlag(flags, name) {
         return value;
     return isSkillTargetType(value.value)
         ? { ok: true, value: value.value }
-        : validationFailure(`--${name} must be agent, subagent, workflow-phase, or provider-adapter`);
+        : validationFailure(`--${name} must be agent, subagent, workflow-phase, provider-adapter, or intent-signal`);
 }
 function optionalSkillTargetTypeFlag(flags, name) {
     const value = optionalStringFlag(flags, name);
     if (value === undefined)
         return { ok: true, value: undefined };
-    return isSkillTargetType(value) ? { ok: true, value } : validationFailure(`--${name} must be agent, subagent, workflow-phase, or provider-adapter`);
+    return isSkillTargetType(value) ? { ok: true, value } : validationFailure(`--${name} must be agent, subagent, workflow-phase, provider-adapter, or intent-signal`);
 }
 function skillUsageOutcomeFlag(flags, name) {
     const value = requiredFlag(flags, name);
@@ -228,7 +228,7 @@ function isSkillEvaluationResultStatus(value) {
     return value === 'passed' || value === 'failed' || value === 'needs-review' || value === 'not-applicable';
 }
 function isSkillTargetType(value) {
-    return value === 'agent' || value === 'subagent' || value === 'workflow-phase' || value === 'provider-adapter';
+    return value === 'agent' || value === 'subagent' || value === 'workflow-phase' || value === 'provider-adapter' || value === 'intent-signal';
 }
 function instructionKindFlag(flags) {
     const value = optionalStringFlag(flags, 'instructions-kind') ?? 'inline';

package/dist/cli/cli-help.js

@@ -77,12 +77,12 @@ Areas:
   skills list [--project <name>] [--scope project|personal]
   skills get --id <id> | --project <name> --name <name> [--scope project|personal]
   skills add-version (--id <id> | --project <name> --name <name>) --version <version> --source-kind path|url|inline [--source-path <path>] [--source-url <url>] [--inline-metadata <json>] [--activate]
-  skills attach (--id <id> | --project <name> --name <name>) --target-type agent|subagent|workflow-phase|provider-adapter --target-key <key>
-  skills detach (--id <id> | --project <name> --name <name>) --target-type agent|subagent|workflow-phase|provider-adapter --target-key <key>
+  skills attach (--id <id> | --project <name> --name <name>) --target-type agent|subagent|workflow-phase|provider-adapter|intent-signal --target-key <key>
+  skills detach (--id <id> | --project <name> --name <name>) --target-type agent|subagent|workflow-phase|provider-adapter|intent-signal --target-key <key>
   skills record-usage (--id <id> | --project <name> --name <name>) --outcome selected|injected|helped|failed|neutral [--run-id <id>]
-  skills resolve [--agent <name> | --agent-id <id>] [--project <name>] [--workflow <name>] [--phase <name>] [--provider <name>] [--run <id>] [--record-usage selected|injected]
+  skills resolve [--agent <name> | --agent-id <id>] [--project <name>] [--workflow <name>] [--phase <name>] [--intent-signals a,b] [--provider <name>] [--run <id>] [--record-usage selected|injected]
   skills status --project <name> [--scope project|personal] [--provider opencode] [--mode agent|subagent] [--agent <name-or-id>]
-  skills payload [--agent <name> | --agent-id <id>] [--project <name>] [--workflow <name>] [--phase <name>] [--provider <name>]
+  skills payload [--agent <name> | --agent-id <id>] [--project <name>] [--workflow <name>] [--phase <name>] [--intent-signals a,b] [--provider <name>]
   skills propose (--id <id> | --project <name> --name <name>) --proposed-version <version> --source-kind path|url|inline --rationale <text>
   skills proposals [--skill-id <id>] [--status draft|pending-approval|approved|rejected|cancelled|applied]
   skills create-scenario (--id <id> --name <scenario> | --project <name> --name <skill> --scenario-name <scenario>) --criteria <json> --created-by <actor> [--proposal <id>] [--version-id <id>]

package/dist/cli/commands/agent-skill-dispatcher.js

@@ -4,6 +4,7 @@ import { ManagerProfileOverlayService } from '../../agents/manager-profile-overl
 import { getProviderRenderer } from '../../agents/renderers/index.js';
 import { ManagerProfileOverlayRepository } from '../../agents/repositories/manager-profile-overlays.js';
 import { createAgentRegistryToolHandlers } from '../../harness/tools/agents.js';
+import { runBootSkillSeed } from '../../skills/boot-seed.js';
 import { SkillRegistryService } from '../../skills/skill-registry-service.js';
 import { SkillStatusService } from '../../skills/skill-status-service.js';
 import { csvFlag, instructionKindFlag, jsonFlag, optionalJsonFlag, optionalModeFlag, optionalScopeFlag, optionalSkillEvaluationResultStatusFlag, optionalSkillImprovementProposalStatusFlag, optionalSkillResolutionUsageFlag, optionalSkillTargetTypeFlag, optionalSkillVersionStatusFlag, optionalStringFlag, requiredFlag, scopeFlag, skillEvaluationResultStatusFlag, skillSourceFromFlags, skillTargetTypeFlag, skillUsageOutcomeFlag, } from '../cli-flags.js';
@@ -37,6 +38,7 @@ function resolveSkillsInput(flags) {
     const agentName = optionalStringFlag(flags, 'agent');
     const workflow = optionalStringFlag(flags, 'workflow');
     const phase = optionalStringFlag(flags, 'phase');
+    const intentSignals = csvFlag(flags, 'intent-signals');
     const providerAdapter = optionalStringFlag(flags, 'provider');
     const runId = optionalStringFlag(flags, 'run');
     if (project !== undefined)
@@ -51,6 +53,8 @@ function resolveSkillsInput(flags) {
         input.workflow = workflow;
     if (phase !== undefined)
         input.phase = phase;
+    if (intentSignals.length > 0)
+        input.intentSignals = intentSignals;
     if (providerAdapter !== undefined)
         input.providerAdapter = providerAdapter;
     if (runId !== undefined)
@@ -658,7 +662,12 @@ export function runSkillCommand(command, parsed, database, environment) {
     }
     if (command === 'payload') {
         const input = skillPayloadInput(parsed.flags);
-        return input.ok ? jsonResult(registry.buildSkillPayload(input.value, { workspaceRoot: environment.cwd })) : resultFailure(input);
+        if (!input.ok)
+            return resultFailure(input);
+        const seeded = runBootSkillSeed(database, environment.env);
+        if (!seeded.ok)
+            return resultFailure(seeded);
+        return jsonResult(registry.buildSkillPayload(input.value, { workspaceRoot: environment.cwd }));
     }
     return usageFailure(`Unknown skills command: ${command}`);
 }

package/dist/mcp/control-plane.js

@@ -11,6 +11,7 @@ import { RunService } from '../runs/run-service.js';
 import { sddContinuationPlanFrom } from '../sdd/sdd-continuation-plan.js';
 import { buildSddCockpitSurfaceResponse } from '../sdd/cockpit-read-model.js';
 import { SddWorkflowService } from '../sdd/sdd-workflow-service.js';
+import { runBootSkillSeed } from '../skills/boot-seed.js';
 import { SkillRegistryService } from '../skills/skill-registry-service.js';
 import { VerificationPlanService } from '../verification/index.js';
 import { ProviderChangePlanService } from './provider-change-plan.js';
@@ -312,6 +313,7 @@ function createServices(database) {
         agents,
         managerProfiles,
         skills,
+        seedBuiltInSkills: () => runBootSkillSeed(database),
         opencodeManagerPayload,
         opencodeHandoffPreview: new OpenCodeHandoffPreviewService({ managerPayload: opencodeManagerPayload, sdd, providerStatus }),
         activation: new AgentActivationService({ agents, managerProfiles, runs, opencodeManagerPayload }),
@@ -358,6 +360,9 @@ function memoryContext(sessionId) {
     return context;
 }
 function buildSkillPayloadEnvelope(input, services) {
+    const seeded = services.seedBuiltInSkills?.();
+    if (seeded !== undefined && !seeded.ok)
+        return errorEnvelope(seeded.error.code, seeded.error.message, 'vgxness_skill_payload');
     const { workspaceRoot, maxSourceBytes, mode, ...resolverInput } = input;
     const options = { workspaceRoot, ...(maxSourceBytes === undefined ? {} : { maxSourceBytes }), ...(mode === undefined ? {} : { mode }) };
     return toEnvelope('vgxness_skill_payload', services.skills.buildSkillPayload(resolverInput, options));

package/dist/mcp/schema.js

@@ -469,6 +469,7 @@ export const VGX_MCP_TOOL_INPUT_SCHEMAS = {
         agentName: z.string().min(1).optional(),
         workflow: z.string().min(1).optional(),
         phase: z.string().min(1).optional(),
+        intentSignals: z.array(z.string().min(1)).optional(),
         providerAdapter: z.string().min(1).optional(),
         runId: z.string().min(1).optional(),
         mode: z.enum(payloadModes).optional(),

package/dist/mcp/validation.js

@@ -736,6 +736,7 @@ function validateSkillPayloadInput(input, tool) {
         'agentName',
         'workflow',
         'phase',
+        'intentSignals',
         'providerAdapter',
         'runId',
         'mode',
@@ -749,6 +750,11 @@ function validateSkillPayloadInput(input, tool) {
     const copied = copyOptionalStrings(result, record.value, tool, ['project', 'agentId', 'agentName', 'workflow', 'phase', 'providerAdapter', 'runId']);
     if (!copied.ok)
         return copied;
+    const intentSignals = readOptionalStringArray(record.value, 'intentSignals', tool);
+    if (!intentSignals.ok)
+        return intentSignals;
+    if (intentSignals.value !== undefined)
+        result.intentSignals = intentSignals.value;
     const scope = readOptionalOneOf(record.value, 'scope', scopes, tool);
     if (!scope.ok)
         return scope;

package/dist/memory/sqlite/migrations/017_intent_signal_skill_targets.sql

@@ -0,0 +1,42 @@
+CREATE TABLE IF NOT EXISTS skill_attachments_next (
+  id TEXT PRIMARY KEY,
+  skill_id TEXT NOT NULL REFERENCES skills(id) ON DELETE CASCADE,
+  version_id TEXT REFERENCES skill_versions(id) ON DELETE SET NULL,
+  target_type TEXT NOT NULL CHECK (target_type IN ('agent', 'subagent', 'workflow-phase', 'provider-adapter', 'intent-signal')),
+  target_key TEXT NOT NULL,
+  metadata_json TEXT NOT NULL,
+  created_at TEXT NOT NULL,
+  UNIQUE(skill_id, target_type, target_key)
+);
+
+INSERT INTO skill_attachments_next(id, skill_id, version_id, target_type, target_key, metadata_json, created_at)
+SELECT id, skill_id, version_id, target_type, target_key, metadata_json, created_at
+FROM skill_attachments;
+
+DROP TABLE skill_attachments;
+ALTER TABLE skill_attachments_next RENAME TO skill_attachments;
+
+CREATE INDEX IF NOT EXISTS skill_attachments_target_idx
+  ON skill_attachments(target_type, target_key);
+
+CREATE TABLE IF NOT EXISTS skill_usage_records_next (
+  id TEXT PRIMARY KEY,
+  skill_id TEXT NOT NULL REFERENCES skills(id) ON DELETE CASCADE,
+  version_id TEXT REFERENCES skill_versions(id) ON DELETE SET NULL,
+  run_id TEXT,
+  target_type TEXT CHECK (target_type IN ('agent', 'subagent', 'workflow-phase', 'provider-adapter', 'intent-signal')),
+  target_key TEXT,
+  outcome TEXT NOT NULL CHECK (outcome IN ('selected', 'injected', 'helped', 'failed', 'neutral')),
+  notes TEXT,
+  created_at TEXT NOT NULL
+);
+
+INSERT INTO skill_usage_records_next(id, skill_id, version_id, run_id, target_type, target_key, outcome, notes, created_at)
+SELECT id, skill_id, version_id, run_id, target_type, target_key, outcome, notes, created_at
+FROM skill_usage_records;
+
+DROP TABLE skill_usage_records;
+ALTER TABLE skill_usage_records_next RENAME TO skill_usage_records;
+
+CREATE INDEX IF NOT EXISTS skill_usage_records_run_idx
+  ON skill_usage_records(run_id, created_at DESC);

package/dist/orchestrator/natural-language-planner.js

@@ -27,7 +27,7 @@ const signalRules = [
     { signal: 'workflow-change', terms: [/\bworkflow\b/, /\borchestrat(e|ion|or)\b/, /\bsdd\b/, /\bphase\b/] },
     { signal: 'persistence-change', terms: [/\bpersist(ent|ence)?\b/, /\bstorage\b/, /\bsqlite\b/, /\bdatabase\b/, /\bmemory\b/, /\bmigration\b/] },
     { signal: 'security-sensitive', terms: [/\bsecurity\b/, /\bauth\b/, /\btoken\b/, /\bsecret\b/, /\bpermission\b/, /\bpermiso\b/, /\baprobaci[oó]n\b/] },
-    { signal: 'broad-change', terms: [/\bmulti[- ]file\b/, /\bacross\b/, /\bend[- ]to[- ]end\b/, /\bsystem\b/] },
+    { signal: 'broad-change', terms: [/\bmulti[- ]file\b/, /\bacross\b/, /\bend[- ]to[- ]end\b/, /\bsystem\b/, /\blarge[- ]diff\b/, /\bbig[- ]diff\b/, /\bcross[- ]cutting\b/] },
     { signal: 'execution-request', terms: [/\brun\b/, /\bexecute\b/, /\bapply\b/, /\bstart\b/, /\binstall\b/, /\bpush\b/] },
     { signal: 'provider-execution', terms: [/\bprovider\b/, /\bopencode\b/, /\bclaude\b/, /\bmodel\b/, /\bllm\b/] },
     { signal: 'file-edit-request', terms: [/\bedit\b/, /\bwrite\b/, /\bmodify\b/, /\bpatch\b/, /\barreglar\b/] },
@@ -43,6 +43,7 @@ export function createNaturalLanguagePlan(input) {
     const ambiguous = isAmbiguous(normalizedIntent);
     if (ambiguous)
         addSignal(signals, 'ambiguous');
+    const intentSignals = buildSkillIntentSignals(normalizedIntent, signals);
     const risk = classifyIntentRisk({ project: input.project, intent: input.intent });
     const flow = chooseFlow(signals, risk);
     const workflow = workflowFor(flow);
@@ -55,7 +56,7 @@ export function createNaturalLanguagePlan(input) {
         ...(suggestedChangeId !== undefined ? { change: suggestedChangeId } : {}),
         ...(input.sdd !== undefined ? { sdd: input.sdd } : {}),
     };
-    const previewActions = buildPreviewActions(actionInput, flow, needsClarification);
+    const previewActions = buildPreviewActions(actionInput, flow, workflow, intentSignals, needsClarification);
     return {
         version: 1,
         project: input.project,
@@ -65,6 +66,7 @@ export function createNaturalLanguagePlan(input) {
         confidence: confidenceFor(flow, signals, needsClarification),
         reason: reasonFor(flow, signals, needsClarification),
         signals,
+        intentSignals,
         needsClarification,
         ...(needsClarification ? { clarifyingQuestion: 'What target should this change inspect or modify, and what outcome do you want?' } : {}),
         ...(suggestedChangeId !== undefined ? { suggestedChangeId } : {}),
@@ -231,20 +233,42 @@ function buildSafety(signals) {
         notes.push('Privileged impact was detected; this preview does not request elevated access.');
     return { executed: false, callsProvider: false, editsFiles: false, writesProviderConfig: false, recordsRuns: false, notes };
 }
-function buildPreviewActions(input, flow, needsClarification) {
+function buildSkillIntentSignals(intent, signals) {
+    const skillSignals = ['workflow-selection'];
+    if (signals.includes('broad-change'))
+        addSkillSignal(skillSignals, 'broad-change');
+    if (/\b(git|commit|branch|merge|rebase|push|stage|staging|diff|checkout)\b/.test(intent))
+        addSkillSignal(skillSignals, 'git');
+    if (/\b(pr|prs|pull[- ]request|pull request|reviewer|reviewers)\b/.test(intent))
+        addSkillSignal(skillSignals, 'pull-request');
+    if (/\b(stacked[- ]pr|stacked[- ]prs|stacked pull requests?|stacked|apilad[oa]s?)\b/.test(intent))
+        addSkillSignal(skillSignals, 'stacked-prs');
+    if (/\b(tdd|test[- ]driven|red[- ]green|strict[- ]tdd)\b/.test(intent))
+        addSkillSignal(skillSignals, intent.includes('strict') ? 'strict-tdd' : 'tdd');
+    if (/\b(review[- ]size|reviewable|split|slice|slices|large[- ]diff|big[- ]diff)\b/.test(intent))
+        addSkillSignal(skillSignals, 'review-size');
+    return skillSignals;
+}
+function addSkillSignal(signals, signal) {
+    if (!signals.includes(signal))
+        signals.push(signal);
+}
+function buildPreviewActions(input, flow, workflow, intentSignals, needsClarification) {
     if (needsClarification)
         return [{ kind: 'clarification', description: 'Ask for the missing target and desired outcome before previewing write actions.' }];
+    const skillAction = skillPayloadPreviewAction(input, workflow, intentSignals);
     if (flow === 'debug' || flow === 'diagnose')
-        return [{ kind: 'diagnostic-preview', description: 'Preview read-only diagnostic commands such as status, doctor, logs, or SDD next checks.' }];
+        return [skillAction, { kind: 'diagnostic-preview', description: 'Preview read-only diagnostic commands such as status, doctor, logs, or SDD next checks.' }];
     if (flow === 'plan')
-        return [{ kind: 'manual-plan', description: 'Draft a manual implementation plan without executing providers or editing files.' }];
+        return [skillAction, { kind: 'manual-plan', description: 'Draft a manual implementation plan without executing providers or editing files.' }];
     if (flow === 'explore' || flow === 'direct')
-        return [{ kind: 'answer', description: 'Explore or answer directly without entering SDD.' }];
+        return [skillAction, { kind: 'answer', description: 'Explore or answer directly without entering SDD.' }];
     if (flow === 'quickfix')
-        return [{ kind: 'workflow-preview', description: 'Preview a small localized quickfix; no execution occurs in this planner response.' }];
+        return [skillAction, { kind: 'workflow-preview', description: 'Preview a small localized quickfix; no execution occurs in this planner response.' }];
     if (flow === 'build')
-        return [{ kind: 'workflow-preview', description: 'Preview a scoped build workflow; no execution occurs in this planner response.' }];
+        return [skillAction, { kind: 'workflow-preview', description: 'Preview a scoped build workflow; no execution occurs in this planner response.' }];
     return [
+        skillAction,
         {
             kind: 'sdd-preview',
             description: input.sdd?.next?.recommendedAction ??
@@ -252,3 +276,24 @@ function buildPreviewActions(input, flow, needsClarification) {
         },
     ];
 }
+function skillPayloadPreviewAction(input, workflow, intentSignals) {
+    const phase = input.sdd?.next?.nextPhase;
+    const command = [
+        'vgxness skills payload',
+        '--project',
+        shellQuote(input.project),
+        '--workflow',
+        shellQuote(workflow),
+        ...(phase === undefined ? [] : ['--phase', shellQuote(phase)]),
+        '--intent-signals',
+        shellQuote(intentSignals.join(',')),
+    ].join(' ');
+    return {
+        kind: 'skill-payload-preview',
+        description: 'Preview the registry/context skills that match this intent; this is read-only and does not install provider-native skills.',
+        command,
+    };
+}
+function shellQuote(value) {
+    return `'${value.replace(/'/g, `'"'"'`)}'`;
+}

package/dist/skills/boot-seed.js

@@ -0,0 +1,42 @@
+import { SkillSeedService } from './skill-seed-service.js';
+const skipEnvVar = 'VGXNESS_SKIP_SKILL_SEED_AUTO_UPGRADE';
+export function runBootSkillSeed(database, env = process.env) {
+    if (isOptOut(env))
+        return okFromSeedResult({ skipped: true });
+    const seeded = new SkillSeedService(database).seedFromDefaultManifest();
+    if (!seeded.ok)
+        return seeded;
+    return okFromSeedResult({ skipped: false, seed: seeded.value });
+}
+function isOptOut(env) {
+    const value = env[skipEnvVar];
+    return value === '1' || value === 'true';
+}
+function okFromSeedResult(input) {
+    if (input.skipped) {
+        return {
+            ok: true,
+            value: {
+                skipped: true,
+                skillsCreated: 0,
+                skillsUpdated: 0,
+                versionsCreated: 0,
+                versionsSkipped: 0,
+                attachmentsCreated: 0,
+                attachmentsSkipped: 0,
+            },
+        };
+    }
+    return {
+        ok: true,
+        value: {
+            skipped: false,
+            skillsCreated: input.seed.skillsCreated,
+            skillsUpdated: input.seed.skillsUpdated,
+            versionsCreated: input.seed.versionsCreated,
+            versionsSkipped: input.seed.versionsSkipped,
+            attachmentsCreated: input.seed.attachmentsCreated,
+            attachmentsSkipped: input.seed.attachmentsSkipped,
+        },
+    };
+}

package/dist/skills/skill-resolver.js

@@ -89,6 +89,7 @@ export class SkillResolver {
                 ...(agent.value?.name !== undefined ? { agentName: agent.value.name } : {}),
                 ...(input.workflow !== undefined ? { workflow: input.workflow } : {}),
                 ...(input.phase !== undefined ? { phase: input.phase } : {}),
+                ...(input.intentSignals !== undefined && input.intentSignals.length > 0 ? { intentSignals: normalizedIntentSignals(input.intentSignals) } : {}),
                 ...(input.providerAdapter !== undefined ? { providerAdapter: input.providerAdapter } : {}),
                 ...(input.runId !== undefined ? { runId: input.runId } : {}),
             },
@@ -121,6 +122,8 @@ export class SkillResolver {
         }
         for (const phase of phases)
             targets.push({ targetType: 'workflow-phase', targetKey: phase });
+        for (const signal of normalizedIntentSignals(input.intentSignals))
+            targets.push({ targetType: 'intent-signal', targetKey: signal });
         if (input.providerAdapter !== undefined)
             targets.push({ targetType: 'provider-adapter', targetKey: input.providerAdapter });
         return dedupeTargets(targets);
@@ -229,6 +232,9 @@ function phaseTargetKeys(workflow, phase) {
 function isSddWorkflow(workflow) {
     return workflow?.trim().toLowerCase() === 'sdd';
 }
+function normalizedIntentSignals(signals) {
+    return [...new Set((signals ?? []).map((signal) => signal.trim().toLowerCase()).filter(Boolean))];
+}
 function stringMetadata(value) {
     return typeof value === 'string' && value.trim() ? value : undefined;
 }

package/dist/skills/skill-seed-service.js

@@ -33,9 +33,8 @@ export class SkillSeedService {
                 if (!details.ok)
                     return details;
                 existingVersions.set(seed.name, details.value.versions.some((version) => version.version === seed.version));
-                for (const attachment of details.value.attachments) {
+                for (const attachment of details.value.attachments)
                     existingAttachments.set(`${seed.name}:${attachment.targetType}:${attachment.targetKey}`, true);
-                }
             }
         }
         const transaction = this.database.transaction(() => {
@@ -74,11 +73,12 @@ export class SkillSeedService {
                 const skill = this.registry.getSkillByName(manifest.project, manifest.scope, attachment.skill);
                 if (!skill.ok)
                     throw new SeedLoadError(skill.error);
-                const targetKey = `${attachment.workflow}:${attachment.phase}`;
-                const key = `${attachment.skill}:workflow-phase:${targetKey}`;
+                const targetType = attachmentTargetType(attachment);
+                const targetKey = attachmentTargetKey(attachment);
+                const key = `${attachment.skill}:${targetType}:${targetKey}`;
                 const attachInput = {
                     skillId: skill.value.id,
-                    targetType: 'workflow-phase',
+                    targetType,
                     targetKey,
                     metadata: attachmentMetadata(attachment),
                 };
@@ -138,7 +138,7 @@ function validateManifest(manifest) {
         const validation = validateAttachmentSeed(attachment, names);
         if (!validation.ok)
             return validation;
-        const key = `${attachment.workflow}:${attachment.phase}:${attachment.skill}`;
+        const key = `${attachmentTargetType(attachment)}:${attachmentTargetKey(attachment)}:${attachment.skill}`;
         if (attachments.has(key))
             return validationFailure(`Duplicate skill seed attachment: ${key}`);
         attachments.add(key);
@@ -159,10 +159,18 @@ function validateSkillSeed(skill) {
     return rejectUnsupportedNativeInputs(skill.name, skill.metadata);
 }
 function validateAttachmentSeed(attachment, names) {
-    if (!attachment.workflow?.trim())
-        return validationFailure('Skill seed attachment workflow is required');
-    if (!attachment.phase?.trim())
-        return validationFailure('Skill seed attachment phase is required');
+    if (attachment.targetType !== undefined && !isSkillAttachmentTargetType(attachment.targetType))
+        return validationFailure(`Skill seed attachment targetType is invalid: ${String(attachment.targetType)}`);
+    const targetType = attachmentTargetType(attachment);
+    if (targetType === 'workflow-phase') {
+        if (!attachment.workflow?.trim())
+            return validationFailure('Skill seed attachment workflow is required');
+        if (!attachment.phase?.trim())
+            return validationFailure('Skill seed attachment phase is required');
+    }
+    else if (!attachment.targetKey?.trim()) {
+        return validationFailure(`Skill seed attachment targetKey is required for ${targetType}`);
+    }
     if (!attachment.skill?.trim())
         return validationFailure('Skill seed attachment skill is required');
     if (!names.has(attachment.skill))
@@ -186,20 +194,35 @@ function rejectUnsupportedNativeInputs(name, metadata) {
 function compatibilityFor(seed, attachments) {
     const matching = attachments.filter((attachment) => attachment.skill === seed.name);
     return {
-        targets: ['workflow-phase'],
+        targets: [...new Set(matching.map(attachmentTargetType))],
         adapters: ['opencode'],
-        workflows: [...new Set(matching.map((attachment) => attachment.workflow))],
-        phases: [...new Set(matching.map((attachment) => attachment.phase))],
+        workflows: [...new Set(matching.map((attachment) => attachment.workflow).filter((workflow) => workflow !== undefined))],
+        phases: [...new Set(matching.map((attachment) => attachment.phase).filter((phase) => phase !== undefined))],
     };
 }
 function attachmentMetadata(attachment) {
-    return {
+    const metadata = {
         ...(attachment.metadata ?? {}),
         ...(attachment.order !== undefined ? { order: attachment.order } : {}),
         seededBy: 'vgxness',
-        workflow: attachment.workflow,
-        phase: attachment.phase,
+        targetType: attachmentTargetType(attachment),
+        targetKey: attachmentTargetKey(attachment),
     };
+    if (attachment.workflow !== undefined)
+        metadata.workflow = attachment.workflow;
+    if (attachment.phase !== undefined)
+        metadata.phase = attachment.phase;
+    return metadata;
+}
+function attachmentTargetType(attachment) {
+    return attachment.targetType ?? 'workflow-phase';
+}
+function attachmentTargetKey(attachment) {
+    const targetType = attachmentTargetType(attachment);
+    return targetType === 'workflow-phase' ? `${attachment.workflow}:${attachment.phase}` : attachment.targetKey ?? '';
+}
+function isSkillAttachmentTargetType(value) {
+    return value === 'agent' || value === 'subagent' || value === 'workflow-phase' || value === 'provider-adapter' || value === 'intent-signal';
 }
 function validationFailure(message) {
     return { ok: false, error: { code: 'validation_failed', message } };