refactor(skill): rename validate → web-validate

Clearer scoped name for the W3C + WCAG skill. Updated: folder (git mv),
frontmatter name, H1 title, command refs, CLAUDE.md routing, 6 profiles
(functional — activate the skill by folder name), cross-refs in
harden/seo/depth-matrix/client-handover, agent dispatch refs, README +
USAGE tables.

Confidentiality: the client-deliverable leak-guard regex
(client-handover-writer.md) now matches BOTH /web-validate and legacy
/validate, so older client docs stay covered.

Left intentionally: validator-analyzer agent name (lockstep with
subagent_type + registry), .validate-cache/ + VALIDATE.md (audit-file
family {SEO,GEO,HARDEN,CSO,VALIDATE}.md), .claude/ history (append-only),
CHANGELOG old entry (added a new "renamed" entry instead). NL trigger
keywords kept so "validate" still routes here. Third-party html-validate
untouched.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01W9sqAwZxBMZSynZoVrEJhd
This commit is contained in:
Bastien Chanot 2026-06-25 01:29:36 +02:00
parent 26658c4962
commit e5e673ac1f
18 changed files with 52 additions and 51 deletions

View File

@ -23,6 +23,7 @@ Format follows [Keep a Changelog](https://keepachangelog.com/).
- `.claude/{tasks,memory,audits}/` governance layout + 5 memory registries (decisions, learnings, blockers, journal, evals)
### Changed
- `/validate` renamed to `/web-validate` — clearer scoped name (W3C + WCAG); routing, skill profiles, cross-references, and the client-deliverable leak-guard updated (the guard still matches legacy `/validate` so older client docs stay covered)
- `/seo` split into parallel `seo` + `geo` agents with shared resources
- `/onboard` rewritten: archetype-aware pipeline (orchestrator + config-only agent), security audit archetype-aware
- `doc-syncer`: stack-aware audit + deploy-doc gating; later scoped to public docs only, `.claude/` read-only; sync-only ROADMAP handling — planned→shipped reconciliation from code/git, never from `.claude/`; numeric incoherence → HUMAN question

View File

@ -235,7 +235,7 @@ only the non-obvious cases: gstack fallbacks, disambiguation, cryptic names.
- Architecture review → plan-eng-review
- Before /clear or /compact → capitalize; end-of-session ritual → close
- SEO+GEO → seo (GEO only → geo)
- W3C + WCAG a11y (HTML/CSS validity, axe, pa11y) → validate
- W3C + WCAG a11y (HTML/CSS validity, axe, pa11y) → web-validate
- Security audit (secrets, CVE, OWASP) → cso
- New project → init-project; onboard existing repo → onboard

View File

@ -112,7 +112,7 @@ Versions are pinned in `plugins.lock.json`. To update: edit the file, then re-ru
| `/pdf-translate` | Translate a PDF to another language, output as HTML (via Vision) |
| `/close` | End-of-session ritual — alias for `/capitalize --ritual` (dedup + TODO reconcile + 3-question reflection) |
| `/harden` | Web hardening audit — HTTPS/TLS, HSTS, CSP, security headers |
| `/validate` | W3C HTML/CSS validity + WCAG 2.1 accessibility audit |
| `/web-validate` | W3C HTML/CSS validity + WCAG 2.1 accessibility audit |
| `/geo` | GEO-only audit — AI-search visibility (ChatGPT, Perplexity, Claude, Gemini…) |
| `/client-handover` | Final project delivery — audits + branded deliverable (Markdown / HTML / PDF) |
| `/profile` | Activate a skill profile (design / dev / qa / audit / minimal) |

View File

@ -111,7 +111,7 @@ Tu veux...
| Curer la mémoire | `/prune-memory` |
| Fin de session (= /capitalize --ritual) | `/close` |
| Audit web (TLS, CSP, headers) | `/harden` |
| Validité HTML/CSS + a11y | `/validate` |
| Validité HTML/CSS + a11y | `/web-validate` |
| Visibilité IA (GEO seul) | `/geo` |
| Livraison client finale | `/client-handover` |
| Changer profil skills | `/profile` |
@ -147,7 +147,7 @@ Tu veux...
| `/prune-memory` | Registres trop longs / bruyants | Curation : merge, superseded, compression |
| `/close` | Fin de session | Alias de /capitalize --ritual — dedup + TODO + réflexion 3 questions |
| `/harden` | Audit sécurité web (SSL, CSP, HSTS) | Projet web avec config HTTP |
| `/validate` | Audit W3C + WCAG a11y | Avant livraison projet web |
| `/web-validate` | Audit W3C + WCAG a11y | Avant livraison projet web |
| `/client-handover` | Livraison client | Audits finaux + livrable brandé |
| `/profile` | Changer le profil de skills | design / dev / qa / audit / minimal |

View File

@ -211,7 +211,7 @@ test -f Procfile && DEPLOY_HINTS+=("Heroku: Procfile")
test -f wrangler.toml && DEPLOY_HINTS+=("Cloudflare Workers: wrangler.toml")
```
Also detect deployed URL (used to point /validate at the live site, STEP 7):
Also detect deployed URL (used to point /web-validate at the live site, STEP 7):
```bash
DEPLOYED_URL=""
@ -255,7 +255,7 @@ is_fresh() {
For non-web projects (`PROJECT_TYPE` ∈ {cli, library, mobile, other}), the
pipeline is reduced: only run /cso (single audit, single fix loop), skip
STEP 6 deploy pause and STEP 7 /validate. Treat /cso as the only score for
STEP 6 deploy pause and STEP 7 /web-validate. Treat /cso as the only score for
the gate.
For web projects, dispatch in **a single message with two parallel Agent calls**:
@ -560,24 +560,24 @@ Tailor to project deploy method (use DEPLOY_HINTS):
```
AskUserQuestion:
"Pipeline paused for deploy. Above is what's changed and how to deploy.
Confirm when the live site reflects the new changes (or skip /validate)."
Confirm when the live site reflects the new changes (or skip /web-validate)."
Header: "Deploy status"
Options:
- A) Deployed — proceed with /validate
- A) Deployed — proceed with /web-validate
- B) Not yet — I'll come back (this stops the pipeline; re-run /client-handover later)
- C) Skip /validate — proceed to handover doc with VALIDATE marked SKIPPED
- C) Skip /web-validate — proceed to handover doc with VALIDATE marked SKIPPED
```
If A → proceed to STEP 7. If B → exit cleanly with state report. If C →
mark `VALIDATE_SKIPPED=true` and jump to STEP 8.
If `DEPLOYED_URL` is still `[À CONFIRMER]` after option A: AskUserQuestion
"Quelle est l'URL du site déployé pour /validate ?" — capture URL.
"Quelle est l'URL du site déployé pour /web-validate ?" — capture URL.
---
## STEP 7 — RUN /validate (live site)
## STEP 7 — RUN /web-validate (live site)
Skip if `VALIDATE_SKIPPED=true` or `PROJECT_TYPE != web` (in either case
ensure `VALIDATE_SKIPPED=true` is set so the gate logic in STEP 8 treats
@ -585,7 +585,7 @@ VALIDATE as not-applicable rather than failed).
Dispatch `general-purpose` subagent:
> Read `~/.claude/skills/validate/SKILL.md` and execute against the
> Read `~/.claude/skills/web-validate/SKILL.md` and execute against the
> deployed URL: `<DEPLOYED_URL>`. Audit W3C HTML validity (validator.nu),
> W3C CSS validity (jigsaw.w3.org), WCAG 2.1 a11y (axe-core, pa11y).
> Apply autonomous fixes ONLY in source code (the client controls deploy);
@ -601,8 +601,8 @@ SCORE_VALIDATE_AFTER=$(extract_score .claude/audits/VALIDATE.md)
Note: VALIDATE has no `_BEFORE` (first run is post-deploy). The before/after
table for VALIDATE shows `—` for before, `<score>` for after.
If /validate produced new fixes in source code, run STEP 5 again (mini-commit
+ push) BEFORE moving to STEP 8 — but DO NOT loop /validate. The remaining
If /web-validate produced new fixes in source code, run STEP 5 again (mini-commit
+ push) BEFORE moving to STEP 8 — but DO NOT loop /web-validate. The remaining
deploy of those fixes is mentioned to the user in the final doc.
---
@ -931,7 +931,7 @@ concrete, no jargon. One short paragraph per idea.
1. **Never name internal tools or skill identifiers in chapters 13.**
Forbidden tokens (do not appear, in any case, in the lay portion):
`/seo`, `/harden`, `/validate`, `/cso`, `/feat`, `/bugfix`,
`/seo`, `/harden`, `/web-validate`, `/cso`, `/feat`, `/bugfix`,
`/ship-feature`, `/ship`, `/code-clean`, `/refactor`, `seo-analyzer`,
`geo-analyzer`, `validator-analyzer`, `harden`-as-product-name,
`SEO.md`, `HARDEN.md`, `VALIDATE.md`, `CSO.md`, `MAX_ITERATIONS`,
@ -1003,7 +1003,7 @@ external validators when relevant (Mozilla Observatory, SSL Labs,
SecurityHeaders.com — these are recognized seals).
DO NOT mention internal tool/skill names here (no /seo, /harden,
/validate, seo-analyzer, etc.). The lecture rapide IS where
/web-validate, seo-analyzer, etc.). The lecture rapide IS where
client-facing axis names live.]
## 3. Ce qui a été fait
@ -1459,7 +1459,7 @@ Chapter 6 (Détails techniques) may use them in the optional glossary.
```bash
awk '/^## 1\./{flag=1} /^## 6\./{flag=0} flag' "$OUTPUT" \
| grep -niE '/(seo|harden|validate|cso|feat|bugfix|ship-feature|ship|code-clean|refactor)\b|seo-analyzer|geo-analyzer|validator-analyzer|SEO\.md|HARDEN\.md|VALIDATE\.md|CSO\.md|MAX_ITERATIONS|ALL_PASS|SCORE_[A-Z_]+'
| grep -niE '/(seo|harden|web-validate|validate|cso|feat|bugfix|ship-feature|ship|code-clean|refactor)\b|seo-analyzer|geo-analyzer|validator-analyzer|SEO\.md|HARDEN\.md|VALIDATE\.md|CSO\.md|MAX_ITERATIONS|ALL_PASS|SCORE_[A-Z_]+'
# expected: no matches. Each match is a leak — rewrite the offending
# chapter in client language before STEP 16.
```

View File

@ -1,6 +1,6 @@
---
name: validator-analyzer
description: Web standards audit agent — W3C HTML validity (validator.nu), W3C CSS validity (jigsaw.w3.org), WCAG 2.1 accessibility (axe-core, pa11y, WAVE). Dispatched from /validate. Produces scored .claude/audits/VALIDATE.md report with concrete diffs for auto-fixable issues and user actions for judgment-required fixes. Complementary to /harden (security), /seo (indexability), /geo (AI extraction).
description: Web standards audit agent — W3C HTML validity (validator.nu), W3C CSS validity (jigsaw.w3.org), WCAG 2.1 accessibility (axe-core, pa11y, WAVE). Dispatched from /web-validate. Produces scored .claude/audits/VALIDATE.md report with concrete diffs for auto-fixable issues and user actions for judgment-required fixes. Complementary to /harden (security), /seo (indexability), /geo (AI extraction).
tools: Read, Edit, Write, Bash, Grep, Glob, WebFetch
---
@ -24,7 +24,7 @@ $ARGUMENTS
## STEP 0 — Parse context
If dispatched from `/validate`, context is in `$ARGUMENTS`. Extract:
If dispatched from `/web-validate`, context is in `$ARGUMENTS`. Extract:
- `TARGET_URL` — production URL (FULL) or "none" (LOCAL)
- `DEPTH` — LOCAL | FULL
@ -45,7 +45,7 @@ Standalone invocation (no dispatcher): ask ONCE as a bundled block:
```bash
mkdir -p .validate-cache
grep -q '^\.validate-cache/' .gitignore 2>/dev/null || \
printf '\n# /validate cache\n.validate-cache/\n' >> .gitignore
printf '\n# /web-validate cache\n.validate-cache/\n' >> .gitignore
```
### Framework detection for SPA built-output targeting
@ -450,10 +450,10 @@ Each entry : file:line + WCAG SC reference + suggested approach.
- What the tool chain could not verify (e.g. dynamic content loaded
via JS in LOCAL mode, color contrast on images, screen reader flow)
- Reason + suggested follow-up (manual test with NVDA/VoiceOver,
run /validate --full post-deploy, etc.)
run /web-validate --full post-deploy, etc.)
## 8. Changes applied (appended by dispatcher after fix confirmation)
<Empty until /validate --fix completes STEP 3>
<Empty until /web-validate --fix completes STEP 3>
```
Max 600 lines. Cite file:line or tool output for every finding.
@ -495,7 +495,7 @@ At end of §5, emit verbatim :
READY TO APPLY — awaiting dispatcher confirmation
```
**Do NOT apply any Edit/Write.** Dispatcher handles STEP 3 of `/validate`.
**Do NOT apply any Edit/Write.** Dispatcher handles STEP 3 of `/web-validate`.
---

View File

@ -10,7 +10,7 @@ analyze personal
# SEO / GEO / web standards
seo personal
geo personal
validate personal
web-validate personal
# Code + perf health
health

View File

@ -46,7 +46,7 @@ codex
# === SEO / GEO / standards / security ================================
seo personal
geo personal
validate personal
web-validate personal
harden personal
analyze personal
cso

View File

@ -6,6 +6,6 @@ qa-only
browse
benchmark
canary
validate personal
web-validate personal
open-gstack-browser
setup-browser-cookies

View File

@ -8,7 +8,7 @@ seo personal
geo personal
# W3C HTML/CSS validity + WCAG a11y
validate personal
web-validate personal
# Web hardening (HSTS, CSP, redirects — affects ranking signals)
harden personal

View File

@ -34,7 +34,7 @@ refactor personal
# === SEO / GEO / standards ===========================================
seo personal
geo personal
validate personal
web-validate personal
harden personal
analyze personal

View File

@ -30,7 +30,7 @@ commit-change personal
refactor personal
# Validation companion (basic W3C/a11y check during build)
validate personal
web-validate personal
# External: design skills
emil-design-eng external

View File

@ -5,7 +5,7 @@ description: |
final audits, deploy validation against live site, and a branded
deliverable (Markdown + HTML + PDF). Multi-agent orchestrator: dispatches
client-handover-writer which spawns parallel /seo + /harden subagents,
then /validate, then writes the deliverable.
then /web-validate, then writes the deliverable.
Triggers: "client handover", "compte rendu client", "livraison client",
"rapport client", "deliverable", "summary for client", "handover doc",
"livrable", "ship and handover", "finaliser et livrer".
@ -39,11 +39,11 @@ The agent runs a **ship-and-handover pipeline** with explicit gates:
- If still < 17/20 after cap escalate to user with concrete remaining issues; user decides continue / stop / manual intervention.
4. **COMMIT + PUSH** — If files changed during fix loops, run /commit-change (atomic logical commits) then `git push`.
5. **DEPLOY PAUSE** — List exact deploy artifacts: changed files since baseline, deploy hints from project (vercel.json, netlify.toml, Dockerfile, .github/workflows/deploy.yml, etc.), and the deploy process in plain words. Use AskUserQuestion: "Deploy done? (Yes / Not yet / Skip validate)". Block until Yes or Skip.
6. **/validate (live site)** — Run validator-analyzer against the deployed URL. Capture `SCORE_VALIDATE`.
6. **/web-validate (live site)** — Run validator-analyzer against the deployed URL. Capture `SCORE_VALIDATE`.
7. **GATE — per-axis threshold ≥17/20** — Compute final `SCORE_*_AFTER` for SEO classique, GEO (IA), HARDEN, VALIDATE. If ANY < 17/20: STOP. Generate `.claude/audits/HANDOVER-ROADMAP.md` with prioritized analysis of what's blocking each below-threshold axis. Do NOT write the client deliverable. Report to user.
8. **DOC GENERATION (only if all scores ≥17/20)** — Read `.claude/memory/` registries + full git history. Ask whether to include build/deploy chapter. Synthesize the client deliverable using the 4-chapter structure:
- **§1 Ce qu'il fallait faire (et pourquoi)** — brief + motivation, 100180 words.
- **§2 Ce qui a été fait** — lay summary, **≤300 words, zero technical jargon**, **no internal tool/skill names** (no `/seo`, `/harden`, `/validate`, `seo-analyzer`, etc. — replace with concept names: référencement / sécurité / conformité technique). Forbidden-token grep gate runs before write.
- **§2 Ce qui a été fait** — lay summary, **≤300 words, zero technical jargon**, **no internal tool/skill names** (no `/seo`, `/harden`, `/web-validate`, `seo-analyzer`, etc. — replace with concept names: référencement / sécurité / conformité technique). Forbidden-token grep gate runs before write.
- **§3 Ce qui vous reste à faire** — action-only checklist grouped by cadence (one-time / monthly / quarterly / yearly / when something changes).
- **§4 Détails techniques (pour les curieux)** — score table (SEO classique + GEO + sécurité + conformité, before/after, gated independently at ≥17/20), vulgarized BDR decisions, phases with technical detail, optional glossary.
- **§5 Annexe — plateformes externes** (web/local-business only).

View File

@ -352,8 +352,8 @@ Agent(
- Legal pages (mentions légales, CGV, privacy) — unless the issue is
a security-header gap on those pages, not their content
- Content quality, keyword density, readability
- a11y / WCAG (owned by /validate — W3C + WCAG audit)
- W3C HTML / CSS syntactic validity (owned by /validate)
- a11y / WCAG (owned by /web-validate — W3C + WCAG audit)
- W3C HTML / CSS syntactic validity (owned by /web-validate)
If you detect an out-of-scope issue, DROP IT silently. Do NOT mention
it even as a "note". Stay focused.

View File

@ -10,7 +10,7 @@ description: |
"structured data", "JSON-LD", "sitemap", "robots.txt", "Google ranking",
"local SEO", "AI search", "GEO", "llms.txt", "ChatGPT visibility",
"Perplexity", "Google AI Overview".
For GEO only → /geo. For W3C/a11y → /validate. For bugs → /bugfix.
For GEO only → /geo. For W3C/a11y → /web-validate. For bugs → /bugfix.
argument-hint: optional keywords/scope, e.g. "local SEO plombier 91 94 77" or "SaaS B2B content strategy"
allowed-tools:
- Read
@ -33,7 +33,7 @@ entry point for any SEO/GEO work on a web project.
## Resources
- `resources/depth-matrix.md` — depth-decision rules (LOCAL vs FULL),
score-weight table per axis, dedup rules with sibling skills (/validate,
score-weight table per axis, dedup rules with sibling skills (/web-validate,
/harden), and the envelope schema for `.claude/audits/SEO.md`.
Read `resources/depth-matrix.md` at the start of STEP 0 — it pre-answers

View File

@ -30,8 +30,8 @@ LOCAL caps at 20. FULL caps at 20. Never report above 20.
| Finding type | Owner skill | If reported by /seo, what to do |
|---|---|---|
| HTML validity errors (W3C nu validator) | /validate | Drop from /seo report; note `"see /validate report for HTML validity"`. |
| WCAG accessibility | /validate | Drop. |
| HTML validity errors (W3C nu validator) | /web-validate | Drop from /seo report; note `"see /web-validate report for HTML validity"`. |
| WCAG accessibility | /web-validate | Drop. |
| Missing CSP / HSTS / 404 page / HTTP→HTTPS | /harden | Drop unless it directly affects indexability (then mention with cross-link). |
| Wikidata / sameAs / Knowledge Panel | /seo (GEO) | Owned here. |
| llms.txt | /seo (GEO) | Owned here. |

View File

@ -1,5 +1,5 @@
---
name: validate
name: web-validate
description: |
Use when a web project needs W3C HTML/CSS validity check or WCAG 2.1
accessibility audit. Dispatches the validator-analyzer agent with a
@ -21,7 +21,7 @@ allowed-tools:
- WebFetch
---
# /validate — web standards audit (W3C + WCAG)
# /web-validate — web standards audit (W3C + WCAG)
This skill orchestrates a narrow-scope standards audit :
@ -46,20 +46,20 @@ Scope boundary :
errors.
If a finding appears in an out-of-scope area (e.g. missing meta
description), the agent drops it silently — `/validate` stays focused.
description), the agent drops it silently — `/web-validate` stays focused.
### Relation to other skills
- `/onboard` runs an initial a11y audit at project setup (axe or
static checklist → `.onboard-audit/a11y.md`). `/validate` is the
static checklist → `.onboard-audit/a11y.md`). `/web-validate` is the
**on-demand** equivalent, re-runnable anytime against the current
codebase, and also covers HTML/CSS validity (which `/onboard` does
not).
- `/harden` audits security posture (headers, TLS, redirects).
`/validate` audits conformance. They share no findings.
`/web-validate` audits conformance. They share no findings.
- `/seo` and `/geo` audit indexability. They may flag the same HTML
features (alt attrs, heading structure) but from a ranking
perspective. `/validate` flags from a **standards** perspective
perspective. `/web-validate` flags from a **standards** perspective
(WCAG SC number, W3C rule id). Findings may overlap — both reports
are still valid.
@ -95,7 +95,7 @@ CSS_COUNT=$(find . -name "*.css" \
If both counts are 0 and no URL provided → abort with :
```
⚠️ No HTML or CSS files found and no URL provided. /validate needs
⚠️ No HTML or CSS files found and no URL provided. /web-validate needs
either local files or a live URL. Re-run with --full <url>.
```
@ -126,7 +126,7 @@ If framework is JS-based and `BUILD_DIR` is empty, warn :
⚠️ Framework detected : <name>. No build output found.
HTML validity on JSX/TSX source is not meaningful.
Options :
1. Run `npm run build` then re-run /validate
1. Run `npm run build` then re-run /web-validate
2. Use --full <url> to audit production
3. Continue with partial LOCAL audit (CSS + static WCAG only)
```
@ -177,7 +177,7 @@ Agent(
subagent_type="validator-analyzer",
description="validate — W3C HTML + CSS + WCAG audit",
prompt="""
Dispatched from /validate. STRICT SCOPE — W3C HTML validity + W3C
Dispatched from /web-validate. STRICT SCOPE — W3C HTML validity + W3C
CSS validity + WCAG 2.1 accessibility ONLY.
CONTEXT:
@ -299,7 +299,7 @@ Fixes applied : <N>
- [Moyenne][CSS] Removed invalid property `bakground``background` at line 23
Verification :
- Re-run /validate → expected score bump <before><after>
- Re-run /web-validate → expected score bump <before><after>
- Tests to run : a11y regression (pa11y-ci), visual snapshot
```
@ -329,9 +329,9 @@ TOP 3 ACTIONS (by severity × user impact) :
3. [Haute] <title>
NEXT STEPS :
• /validate <url> --fix → apply recommended fixes
• /validate <url> --full → re-run with live URL + remote APIs
• /validate --no-external → skip third-party APIs (faster, LOCAL-like)
• /web-validate <url> --fix → apply recommended fixes
• /web-validate <url> --full → re-run with live URL + remote APIs
• /web-validate --no-external → skip third-party APIs (faster, LOCAL-like)
• /harden / /seo / /geo → complementary audits (other scopes)
Install for better LOCAL coverage :