Commit Graph

77 Commits

Author SHA1 Message Date
Bastien Chanot
9dc2b83f0e feat(capitalize): merge /close into /capitalize + TODO reconcile
Two-mode capitalize: default pre-wipe flush, --ritual adds the 3-question
end-of-session reflection (now deduped, unlike legacy /close). New STEP 2B
reconciles .claude/tasks/TODO.md — PASS A done-detection (only on an
unambiguous task<->commit map), PASS B explicit-only capture with an
anti-noise filter (never track commit/deploy/push/release/tag) and BDR
routing for orientation directives. STEP 3 gate gains a separate TODO block;
journal/handoff report TODO ops. /close becomes a thin alias for
/capitalize --ritual (zero duplicated logic).

Built via superpowers:writing-skills TDD: RED baseline (no skill) folded a
push/tag parasite into the TODO, invented a subtask, and wrote with no gate;
GREEN re-run on the same fixture stops at the gate, drops both dups (footer
shows existing IDs), logs one learning, checks only the cleanly-done task,
ignores the parasite, and routes the GraphQL directive to BDR.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01X3e8LaH2vymmxyh36h3jFU
2026-06-19 18:00:51 +02:00
Bastien Chanot
225c4377da fix(onboard): allow Agent and Skill tools in frontmatter
Workflow STEPs 5-7 dispatch subagents and invoke skills; allowed-tools
omitted both, contradicting the orchestrator's core mechanism.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-11 19:09:44 +02:00
Bastien Chanot
2dc8431a69 fix(init-project): repoint missing readme-updater.md to doc-syncer
readme-updater.md does not exist on disk; STEPs 5b and 12 were broken
references. doc-syncer.md AUTO MODE covers both cases (README bootstrap
when missing, drift sync after changes).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-11 19:09:44 +02:00
Bastien Chanot
9fc93fabd2 optimize audit-delta: close 3 judge-flagged consistency gaps
Round 2 of darwin optimization (judge-identified residuals):
- 3c marker rule now cross-references the STEP 0 dangling/corrupted
  exceptions instead of contradicting them
- corrupted-but-present state JSON branch defined (trust no axis,
  ask repair/reset; headless -> full codebase report-only, file as-is)
- unreachable user at 3e max-cycles STOP -> fail closed: revert axis
  fixes, findings back to open, marker untouched

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-11 17:54:35 +02:00
Bastien Chanot
0d2ece757e optimize audit-delta: define unreachable-user branches (dangling marker, axis default)
Round 1 of darwin optimization, dim3 (failure-mode encoding). Live test
showed two agents diverging on undefined branches:
- dangling marker + unreachable user -> now full-codebase report-only,
  marker untouched (corrupted state needs user-approved repair)
- no axes named + unreachable user -> now defaults to all four axes
Also adds the matching Common-mistakes row. Includes test-prompts.json.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-11 17:48:41 +02:00
Bastien Chanot
e12f8243e5 baseline: add audit-delta skill (pre-darwin-optimization snapshot)
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-11 15:41:49 +02:00
Bastien Chanot
61a98573d7 chore(skills): remove disable-model-invocation repo-wide
Strip the disable-model-invocation frontmatter key from all 19 editable skills. Absent = default = model invocation enabled. 8 were 'true' and blocked the model AND orchestrators from self-routing (status, plugin-check, analyze, onboard, refactor, init-project, pdf-translate, ship-feature) — contradicting the CLAUDE.md skill-routing rules. The other 11 were 'false', a no-op noise line.

The setting is binary (no per-caller granularity), so enabling orchestrator chaining also enables model auto-fire — accepted. Genuinely destructive operations remain guarded by the careful/guard hooks, independent of this flag.

Capitalized: BDR-019 (decision), LRN-026 (learning), journal 2026-06-09.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 16:18:10 +02:00
Bastien Chanot
d188cae302 feat(skills): add /capitalize — pre-wipe memory flush skill
Salvages registry-worthy insights from the conversation before /clear or /compact wipes context. Scans the conversation, dedups each candidate against the existing .claude/memory/ registries (its signature move vs /close), routes across all 5 registries behind a compact approval gate, always writes a journal line.

Baseline-tested per superpowers:writing-skills (RED/GREEN/REFACTOR): the no-skill baseline double-logged one incident across LRN+BLK; the skill passes clean and now counters that via a 'one incident -> one primary registry' rule. Ships v1 with the approval gate as the human safety net (same posture as /prune-memory).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-09 16:17:55 +02:00
Bastien Chanot
da4e6b9590 feat(profile): add gstack on|off verb to lib/profile.sh
Centralize gstack toggling in the `profile` command without losing the
active-profile label.

  - `gstack on`  re-enables ALL parked gstack skills (moves
    skills-disabled/gstack__* back) but does NOT touch .active-profile,
    so the user layers full gstack on top of their current profile and
    the statusline label is preserved. Unlike `reset`, which clears the
    label to "none".
  - `gstack off` disables gstack skills not listed in the active profile;
    errors cleanly when no profile is active (needs one to know what to
    keep).

Refactor (behavior-preserving): extract three shared helpers
`enable_all_gstack`, `disable_gstack_not_in`, `parked_gstack_count` and
rewire `cmd_reset` + `cmd_set` to reuse them instead of duplicating the
symlink-toggle loops. Wire `gstack` into main() dispatch, usage(), and the
header usage block.

Docs: SKILL.md argument-hint, examples, and output-policy updated. The
generic `make profile cmd="gstack on"` target already covers Make usage.

Verified: shellcheck CLEAN, `bash -n` OK, 6-case test (help, bad-action,
off-with-no-profile, on, off-trim, on-cycle) with final assertion that the
live symlink state was restored exactly to its pre-test value.

Memory: capitalize BDR-018 (decision), LRN-024 (DRY helper-extraction
pattern), BLK-007 (6 gstack source skills ios-*/spec unlinked post
submodule bump — open follow-up), EVAL-002 (self-eval, false "full.profile
bug" flag corrected pre-edit). Backfill index drift: BDR-017, BLK-005/006.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-02 18:31:48 +02:00
Bastien Chanot
c44852e665 feat(skills): add pdf-translate — PDF to translated HTML via Vision
OCR/image-based PDF pipeline: convert pages to PNGs, read with Claude
Vision (bypasses unreliable OCR text layer), translate with cross-page
glossary consistency, reconstruct faithful HTML via /design-html.

5 steps: deps check → page images + assets → style analysis →
page-by-page read+translate → HTML reconstruction → visual QA.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-26 03:38:16 +02:00
Bastien Chanot
b59cce1d1f feat(graphify): upgrade to 0.8.13 — gemini backend, encoding, monorepo, CLI export
Major SKILL.md rewrite:
- Fast path: skip extraction when graph exists and user asks a question
- Gemini backend replaces Kimi as default external LLM
- All file I/O uses ensure_ascii=False + encoding="utf-8"
- Monorepo support via per-subfolder extraction + merge
- Obsidian/HTML export via CLI instead of inline Python
- Node ID format includes parent dir to prevent ghost duplicates
- file_type gains "concept" as valid value
- Subagent chunk paths must be absolute
- --help flag prints usage and stops
- Large corpus gate raised from 200 to 500 files

Bumps gstack submodule to 026751e.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-21 05:55:23 +02:00
Bastien Chanot
5da97d10f6 feat(profile): add full profile for end-to-end MVP via /init-project
Superset of web-full + dev + audit + plan tools — covers brainstorm →
design → architecture review → scaffold → implement → ship → audit
pipeline needed by /init-project to produce a real MVP in one session.

Also renames cmd_current "no-profile" sentinel from "full" to "none"
to avoid collision with the new profile name.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-18 20:50:13 +02:00
bastien
db9048877a optimize skills-perso + commit-change: round 1 — D3 edge cases
skills-perso: add 'Known limits of detection heuristic' section
(false positives in code blocks, false negatives for non-standard
agent paths, override via owner: user marker, malformed frontmatter).

commit-change: add fallback when commit-changer.md unreachable,
plus pre-flight check stub (detached HEAD, missing git identity).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 17:59:22 +02:00
bastien
727e9fc73a optimize plugin-check: round 1 — D3 fallback + D1 triggers + advisory clarification
D3: fallback when plugin-advisor.md unreachable.
D1: triggers added.
D4: explicit 'never writes' clarification (skill is advisory-only).
Size: 425B → 628B (+48%, under 150% cap).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 17:57:48 +02:00
bastien
9a992a0186 optimize refactor: round 1 — D3 fallback + D1 triggers
Add explicit fallback when refactorer.md unreachable (D3 edge case).
Add triggers to frontmatter for routing (D1).
Size: 379B → 493B (+30%, under 150% cap).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 17:55:39 +02:00
bastien
58e99b2f36 optimize status: round 1 — D3 fallback + triggers
Add explicit fallback when status-reporter.md unreachable (D3 edge case).
Add triggers to frontmatter description for routing clarity (D1).
Size: 776B → 834B (+7.5%, under 150% cap).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 17:53:28 +02:00
bastien
11b0c6bb8e darwin: add test prompts for 5 skills (baseline pass)
Skills covered: close, graphify, harden, profile, prune-memory.
Used by /darwin-skill dim 8 effect testing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 17:50:06 +02:00
bastien
0fe6153ead fix(prune-memory): STEP 4 verify — prefix mapping bug (TDD RED→GREEN)
First end-to-end run of /prune-memory on real .claude/memory/ surfaced
a broken verify script:

Old: `prefix=$(basename "$f" .md | tr a-z A-Z | cut -c1-3)` derived
the prefix from the filename's first 3 letters → produced DEC / LEA /
BLO. Actual prefixes are BDR / LRN / BLK. The grep then matched zero
entries, no MISSING/ORPHAN was ever reported, and the script printed
its "OK if blank" footer regardless of real state. False clean signal.

Fixed: hard-mapped filename → prefix via `declare -A PREFIX_MAP`.
Verified against current registries — 14 BDR + 16 LRN + 2 BLK + 1 EVAL
entries all index-consistent, no false negatives.

Added EVAL prefix to the map (evals.md was missing from the loop in
v1). Footer line clarified to `(blank above = OK)`. `wc -l` excludes
`.original.md` backups from the output.

Note: caveat in skill body said "v1 ships without baseline TDD test —
STEP 2 approval gate is the safety net". First real test caught a
verify bug that bypassed STEP 2 entirely. Lesson: STEP 4 is its own
safety net and needs its own test.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-11 16:27:31 +02:00
bastien
fd619f5f9a feat(skills): add /prune-memory — curate .claude/memory/ registries
New personal skill to maintain memory registry hygiene. Gap identified
between existing tools:
- /caveman:compress — text-compresses one file, no curation
- /close — appends new entries end-of-session, doesn't prune
- /prune-memory (new) — audits, classifies, applies user-approved cleanup

Operations:
- Mark obsolete entries `status: superseded by <ID>` or `status: deprecated`
  (no hard delete — append-only per CLAUDE.md memory rule).
- Merge similar entries (new ID, sources marked superseded).
- Caveman-compress bloated prose-heavy entries inline.
- Repair Index drift (missing rows, orphaned rows).

Workflow: STEP 0 precheck (refuses dirty working tree, git = backup)
→ STEP 1 audit (A obsolete / B similar / C bloated / D drift)
→ STEP 2 plan + mandatory user approval
→ STEP 3 apply safe→destructive
→ STEP 4 verify Index sanity + line-count report.

Follows superpowers:writing-skills CSO conventions: "Use when..." trigger
description (under 1024-char spec), Quick Reference table, Common
Mistakes table, Failure Paths table. v1 ships without baseline TDD test
(noted in skill body); STEP 2 approval gate is the safety net.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-11 16:24:16 +02:00
bastien
0fb634deca refactor(skills): compress 8 SKILL.md descriptions per writing-skills spec
Two issues fixed across personal skills:

1. Five skills had frontmatter > 1024 chars (spec limit per agentskills.io):
   - client-handover: 1920 → 924
   - doc: 1390 → 734
   - seo: 1378 → 885
   - geo: 1189 → 734
   - validate: 1050 → 742
   All now compliant.

2. Three orchestrators had workflow-summary descriptions that create
   "shortcut" risk per writing-skills CSO (Claude may follow the
   description instead of reading the full skill body, skipping steps):
   - ship-feature: "design → plan → implement (TDD) → review → finish"
     → "Use when shipping a feature end-to-end — needs… (9-step pipeline)"
   - init-project: "interview → design → scaffold → implement (TDD)"
     → "Use when initializing a brand-new project from scratch — needs…"
   - onboard: "detect archetype, install claude-config, run full audit…"
     → "Use when bringing an existing repo into the framework — needs…"

Descriptions now follow "Use when [triggers]…" pattern. Workflow detail
preserved in skill body where it belongs. Triggers consolidated and
trimmed of duplicates.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-11 16:09:21 +02:00
bastien
7db8f01074 fix(client-handover): CSS — kill checkbox overlap with adjacent inline elements
Old rule `li input[type="checkbox"] + *` absolutely-positioned the first
element sibling after the checkbox (typically <a>, <code>, <strong>),
yanking links and code spans out of flow and overlapping adjacent
content in the rendered PDF.

Replace with a targeted rule that styles the native disabled checkbox
inline (small green box) and leaves siblings untouched. Pandoc GFM emits
`<li><input disabled type="checkbox"> text…</li>` with no wrapper class,
so we target `li > input[type="checkbox"]` directly.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-11 16:09:12 +02:00
bastien
bfea74285b fix(client-handover): NAP table — add description + swap BrightLocal→Moz Local
NAP table now includes a "Description courte" / "Short description" field
(1-2 sentences, lifted from hero/meta description, pasted identically
across Google Business, Bing Places, Apple Maps, directories). Same field
client was already typing 10 different ways across platforms — now it's
the single source of truth.

BrightLocal Free Tools page was retired in 2026 (service now paid-only).
Replaced with Moz Local Citation Checker (free 60s audit across 50+
directories, no credit card). Both FR and EN versions updated.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-11 16:09:07 +02:00
bastien
e2425ca79d feat(client-handover): 6-chapter doc — promote scores + NAP chapters
Restructure deliverable from 4 to 6 chapters:
- §2 (new): score table promoted from technical annex to top of doc for
  immediate visual proof of impact (tested with local-business clients —
  converts "what did I pay for?" doubt within 30 seconds).
- §4 (new): NAP table promoted from §7 annex so client reads identity
  values (name, address, phone, hours, categories, short description)
  BEFORE attacking §5 todo list. Prevents 10-different-description drift
  across external platforms that degrades Google's NAP-consistency signal.
- §5 (todo) and §6 (tech details) renumbered; §7/§8 annexes still optional.

Pandoc bumped to gfm+gfm_auto_identifiers so internal anchor links like
[§4](nap) resolve in the rendered HTML/PDF.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-11 16:09:01 +02:00
bastien
864612ff7b fix(client-handover): kill PDF text superposition (URL dupe + list page-break)
Two distinct render bugs producing overlapping text on multi-page PDFs:

1. Bare-URL duplication. The print stylesheet injects `(href)` after every
   external link via `a[href^="http"]::after`. When pandoc/marked
   auto-links a bare URL or renders `[X](X)`, the visible text already
   equals the href, so the pseudo-element produces "URL (URL)" and the
   trailing duplicate wraps onto the next line, colliding with the
   following block (e.g. "https://pagespeed.web.dev/ (https://...)" then
   "• Ouvrir, taper l'URL...").
   Fix: post-process the body HTML in handover-to-pdf.sh; tag every
   `<a href="X">X</a>` (text == href, ignoring trailing slash + case)
   with `class="bare-url"`, and exclude `a.bare-url::after` from the
   URL-injection rule. Named links still get `(URL)` for print legibility.
   Belt-and-braces: add `white-space: nowrap` and `break-inside: avoid`
   on the remaining `::after` so future long URLs cannot wrap across
   page boundaries either.

2. List item splitting across page boundary. `li` had only
   `orphans/widows: 3` and no `break-inside`, so a long item could put
   its bullet on page N and its text on page N+1, overlapping unrelated
   content. Heading-to-first-block adjacency was also unprotected, so
   "heading at bottom of page A / intro paragraph or first bullet at top
   of page B" could produce visual overlap during reflow.
   Fix: add `li { page-break-inside: avoid; break-inside: avoid; }` and
   `h{1..4} + p|ul|ol { break-before: avoid; }` so list items stay
   intact and intros stay glued to their heading.

Verified end-to-end: rendered sample md with bare URL + named link +
heading-followed-by-list straddling a page break; pdftotext shows each
URL once, no orphaned bullets, no `::after` warning from weasyprint.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-08 20:23:14 +02:00
bastien
b447a892b1 fix(client-handover): PDF render bugs — marked CLI, white cover, PNG logo
Three bugs surfaced on the LIVRAISON.pdf test render:

1. **MD→HTML conversion** — host had no pandoc, no python-markdown, fell
   back to `npx marked < "$src"`. marked CLI 16.x ignores stdin and
   dumps its own cli.js source. Resulting PDF body = marked's binary
   source (`#!/usr/bin/env node`, `Marked CLI`, copyright). Fix:
   `npx --yes marked --gfm -i "$src"` (file path via -i, not stdin).

2. **Cover background** — original cream `#F5F0EB` + 8mm green stripe
   was washed out. Iterated to white-pure bg with subtle radial
   sage/forest tints, black-deep title, green-forest accents
   (eyebrow, meta labels, footer, border). Solid green-dark tried
   first then rejected (too heavy for long client-facing doc).

3. **Default logo** — SVG `logo-horizontal.svg` rendered cream-toned,
   blended into bg. Switched LOGO_URL default to
   `https://zenquality.fr/assets/logo-horizontal-1024.png`.

Also added test-artifact gitignore rules for LIVRAISON.* / HANDOVER.*
project-local renders.

Verified: regenerated LIVRAISON.pdf → 164 KB, 19 pages, full content
rendered, white cover with black title + green-forest accents +
visible PNG logo.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-08 19:57:08 +02:00
bastien
a963faa764 feat(client-handover): 4-chapter doc structure + branded HTML/PDF rendering 2026-05-07 19:08:59 +02:00
bastien
c99308f0a7 feat(client-handover): split SEO + GEO scores, gate GEO at ≥17/20 2026-05-07 18:34:59 +02:00
bastien
69348d0463 Revert "optimize(doc): add resources/templates/README.md.tpl + DEPLOY.md.tpl + reference (d6 target)"
This reverts commit b26a94d779.
2026-05-06 18:32:54 +02:00
bastien
ae49ca99a8 optimize(onboard): tighten frontmatter description — verb-forward, EN consistency (d1 target) 2026-05-06 18:32:45 +02:00
bastien
b26a94d779 optimize(doc): add resources/templates/README.md.tpl + DEPLOY.md.tpl + reference (d6 target) 2026-05-06 18:32:16 +02:00
bastien
f36be7e4ba optimize(seo): add resources/depth-matrix.md (depth/weights/dedup/envelope) + reference from SKILL.md (d6 target) 2026-05-06 18:30:25 +02:00
bastien
e2faf322f2 optimize(ship-feature): add FAILURE PATHS table for orchestrator-level error handling (d6 target) 2026-05-06 18:26:51 +02:00
bastien
9ad12d9680 optimize(init-project): add PROGRESS PROTOCOL header per step + plain-language recap before status table (d8 target) 2026-05-06 18:26:01 +02:00
bastien
88cc7b1c90 optimize(skills-perso): tri-signal detection (marker/agent-ref/allowlist) + empty fallback (d8 target) 2026-05-06 18:16:57 +02:00
bastien
735ece3a0b test(darwin-skill): add baseline test-prompts.json for 18 personal skills 2026-05-06 17:53:51 +02:00
bastien
e52b1b7d1c feat(client-handover): add ship-and-handover orchestrator skill
End-to-end pipeline that hardens the project, commits, pauses for
deploy, validates the live site, then generates a non-technical client
deliverable (LIVRAISON.md / HANDOVER.md):

1. /seo (SEO+GEO) and /harden run in parallel with auto-fix loops
   until each scores >=17/20.
2. /commit-change + push if changes were made.
3. Pause to tell the user what to deploy and wait for confirmation.
4. /validate against the live site.
5. Per-audit gate >=17/20 — stop and analyze if any below.
6. Write client doc with before/after score table + owner-maintenance
   checklist.

Reads git history + .claude/memory/ registries for context. For
local-business projects, appends a manual NAP-consistency platform
checklist (Google Business, Pages Jaunes, Yelp, Facebook, Instagram,
TikTok, Apple Maps, Bing Places, TripAdvisor). Optional build/deploy
chapter on prompt.

Adds skills/client-handover/SKILL.md (slash-command entrypoint),
skills/client-handover/checklists/seo-geo-manual.md (NAP checklist),
agents/client-handover-writer.md (orchestrator agent).

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-06 17:09:40 +02:00
bastien
b2a5b5a602 feat(doc-syncer): stack-aware audit with deploy-doc gating
Auto-discover what the project actually has instead of a fixed doc list:
root files (incl. DEPLOY.md, SECURITY.md, ARCHITECTURE.md, ROADMAP.md),
docs/**, and .claude/{tasks,audits,memory}/.

Detect stack (Node/Python/Rust/Go/Ruby/PHP/Dart/.NET) and deploy
complexity (NONE/TRIVIAL/NON_TRIVIAL) to drive doc-needs:
- Propose DEPLOY.md only when non-trivial (Docker, fly.toml, k8s,
  multi-stage CI).
- Propose inlining/removing DEPLOY.md when deploy is trivial.
- Enforce README presence with typical GitHub layout.

Add CREATE/REMOVE proposal categories to the validation gate. Update
auto-mode to map deploy artifacts to DEPLOY.md and decisions.md
architectural changes back to CLAUDE.md/README.

Sync skills/doc/SKILL.md description + triggers to match.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-06 17:09:12 +02:00
bastien
d50763e04c chore(graphify): bump skill to 0.7.0
- GitHub URL clone support (single + multi-repo merge)
- uv tool detection ahead of pipx shebang
- Optional Kimi K2.6 backend via MOONSHOT_API_KEY
- Discrete confidence rubric (0.55/0.65/0.75/0.85/0.95) replaces continuous range
- Aggregated community view for graphs >5000 nodes
- Manifest persistence after --update so next run diffs against current state
- Video file support, rationale-as-attribute (not separate node)

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-06 17:08:47 +02:00
bastien
239d91db67 feat(profile): partition skills/plugins/MCPs/CLIs by usage profile
Ship lib/profile.sh + 9 profiles in lib/profiles/. A profile is a
plain-text file listing items + types (gstack | personal | external |
plugin@<marketplace> | mcp | cli). `profile set <name>` enables the
listed items and disables the rest:

  - gstack/personal/external skills: symlink toggle skills/ ↔
    skills-disabled/ (gstack__<name> prefix to avoid collisions; no
    prefix for personal/external).
  - plugins typed `plugin@<marketplace>`: actually toggled via
    `claude plugin enable|disable <name>@<marketplace>`. Allowlist:
    MANAGED_PLUGINS = ui-ux-pro-max, plugin-dev, pr-review-toolkit.
    Denylist: PROTECTED_PLUGINS = caveman, security-guidance,
    superpowers (always-on, never disabled even if absent from a
    profile).
  - mcp magic: delegated to lib/toggle-external.sh which already
    handles the MAGIC_API_KEY env lookup. Other MCPs stay advisory.
  - cli (rtk, gsd, ctx7, graphify): status-only, never auto-installed.

Profiles shipped:
  web        public website work — frontend + content + light dev
  seo        SEO + GEO + W3C audit (search/AI indexability + a11y)
  web-full   production website end-to-end (web ∪ seo ∪ qa-only/canary)
  backend    backend / API / system dev — no design, no SEO
  design     visual QA, design systems, mockups, polish
  dev        daily code work — features, fixes, refactor, ship
  qa         site testing, perf, canary, validation
  audit      comprehensive audit — security + SEO + perf + health
  minimal    strip all gstack skills (quiet session)

Commands:
  profile list / show <name> / current / apply <name> / set <name> /
  reset / diff <a> <b>

`current` heuristic returns "full" when nothing is disabled, otherwise
picks the profile with the highest available-ratio (counts both
"enabled" and "installed" — the latter for CLIs). Tiebreaker: larger
profile total wins, so web-full beats web at a 100% tie.

`reset` re-enables every gstack skill but does NOT touch plugins —
the user re-enables a managed plugin manually or via `apply <profile>`.
This is documented in the trailing info line.

Integration:
  - skills/profile/SKILL.md — `/profile` slash command, lists profiles,
    documents the per-type mechanism, points at lib/profile.sh.
  - agents/plugin-advisor.md — DETECT phase calls `profile current`,
    OUTPUT adds a PROFILE line, and TOGGLING EXTERNAL TOOLS gains a
    "Skill profiles" section with a signal → profile recommendation
    table.
  - lib/toggle-external.sh — header pointer to profile.sh for fine-
    grained activation (toggle-external still owns whole-gstack and
    magic-MCP toggles).
  - Makefile — `make profile cmd="set <name>"`, profile-list,
    profile-current, profile-reset.

Tested end-to-end: `set web` enables ui-ux-pro-max + magic; `set seo`
disables ui-ux-pro-max; `set minimal` disables ui-ux-pro-max but
spares always-on plugins; `reset` restores all 64 skills; shellcheck
clean.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-05 02:09:28 +02:00
bastien
f80f83ee77 feat(animation): auto-install motion lib + detection across init/onboard/advisor
Add lib/animation-lib-check.sh with detect_anim_eligibility,
is_anim_lib_installed and recommend_anim_install_cmd helpers.
Wire it into the framework:
- init-project STEP 5e: silent auto-install after scaffold validated
- onboard STEP 2.5: propose + wait for user confirmation (opt-in on
  existing projects)
- plugin-advisor PHASE 1/2/3: read-only detection only, never installs
- scaffolder PHASE 4: clarifies boundary (orchestrator owns motion install)
- design-gate filesystem signals: motion / motion-v / framer-motion /
  gsap / lottie-react / react-spring / popmotion / auto-animate

Recommends `motion` (rebranded from framer-motion in Nov 2024) for
React-family and Svelte stacks, `motion-v` for Vue 3 / Nuxt. Excludes
React Native (use react-native-reanimated), backend, embedded, Flutter.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 15:32:46 +02:00
bastien
617865cb07 feat(capitalize): enforce English in all memory registry entries
Registries are re-read at every session start; consistency pays back
each time. Adding a single rule in CLAUDE.md § Memory registries
(authoritative) + a short reminder at the end of each CAPITALIZE
block (ship-feature, bugfix, hotfix, feat, commit-change, close).

Rationale: (1) model re-reads the registries more efficiently in a
single language, (2) lower token cost for English (model's primary
training language), (3) easier cross-project reuse. Interactive gates
may still mirror the user's language — only the written entry is
constrained.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 16:24:04 +02:00
bastien
7b57b2e091 refactor(audits): route all report writes to .claude/audits/
Before: SEO.md, GEO.md, HARDEN.md, VALIDATE.md, BUGS-FOUND.md landed
at project root. After: all five go to .claude/audits/. Covers both
dispatcher write paths and the dispatcher bash commands that parse
each report (test -s, grep score, wc) — otherwise the dispatcher
would look for the file at the old location.

- skills/seo,geo,harden,validate,code-clean — write paths + console
  summaries ("Report: .claude/audits/X.md")
- skills/harden,validate — bash parsing commands (test/grep/wc) aligned
- agents/seo-analyzer,validator-analyzer,code-cleaner — agent-side refs
- agents/validator-analyzer frontmatter description updated

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 16:06:54 +02:00
bastien
a6ff0e62ed feat(close): add /close skill for session-end memory ritual
Manual fallback for the 3-question ritual (what was decided / learned
/ blocked) when none of the completion skills ran. Pre-fills BDR/LRN/
BLK candidates from git log + conversation context, presents for
validation, appends approved entries to .claude/memory/ registries
plus a timeline line in journal.md. Always writes the journal line
even if all 3 questions are skipped.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 16:06:31 +02:00
bastien
6e322db968 feat(capitalize): add CAPITALIZE step across completion skills
Registries only get filled if something actively writes to them.
Without integration, the 3-question ritual is aspirational text.
Adds a CAPITALIZE step at the end of every completion skill so work
milestones automatically propose BDR/LRN/BLK entries from context.

- ship-feature STEP 9 — decision/learning/blocker candidates per feature
- bugfix STEP 7 — always propose BLK with root cause; LRN if pattern reusable
- hotfix STEP 5 — default skip; only prompt when non-obvious lesson surfaces
- feat STEP 6 — propose BDR for design choice, LRN for pattern
- commit-change Phase 4 — analyze the commit batch, propose grouped entries

Every variant also appends a one-liner to .claude/memory/journal.md under
today's date heading.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 16:06:24 +02:00
bastien
c1efd87aad refactor(onboard,init-project): migrate file paths to .claude/
Adapt the two skills that scaffold project config + the underlying
onboarder agent + the dotfiles-meta archetype folder tree to the new
governance layout. AUDIT_* files go to .claude/audits/, TODO goes to
.claude/tasks/, and .claude/memory/ is seeded from ~/.claude/templates/memory/
with all 5 registries (decisions/learnings/blockers/journal/evals).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 16:06:14 +02:00
bastien
feed3dbae9 feat(validate): add W3C HTML/CSS validity + WCAG a11y audit skill
New /validate skill runs a narrow-scope web standards audit covering
W3C HTML validity (validator.nu API in FULL, html-validate / vnu.jar
in LOCAL), W3C CSS validity (jigsaw.w3.org/css-validator in FULL,
stylelint / css-tree in LOCAL), and WCAG 2.1 accessibility (pa11y,
@axe-core/cli, WAVE API, or static checklist fallback).

Dedicated validator-analyzer agent with a strict IN/OUT scope filter
so the report stays focused on conformance — no meta/OG/JSON-LD/
sitemap/CSP/cookie/CWV noise. Those remain owned by /seo, /geo, and
/harden respectively.

LOCAL mode degrades gracefully: tries local npm tools first, falls
back to static analysis if none present (same 12-point a11y checklist
as /onboard a11y dispatch). Never fails hard.

Framework awareness: validates built output (dist/, _site/, build/,
out/) for SPA/JS frameworks, not JSX/TSX source. Warns if no build
dir found.

Fix mode (--fix) produces a conservative auto-fix bundle: missing
lang attr, alt="" on decorative images, unclosed void tags, duplicate
IDs, unambiguous heading level skips. Content decisions (form labels,
color contrast, landmark restructure, alt text on content images)
always go to User actions, never auto-applied.

Flags: --local, --full, --fix, --no-external.

Routing updated in CLAUDE.md. /harden and /seo cross-refs narrowed
to redirect W3C / WCAG concerns to /validate (was previously routed
to /onboard a11y dispatch, which only runs at setup).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 22:39:30 +02:00
bastien
97415e9aea feat(harden): add web hardening audit skill
New /harden skill runs a narrow-scope security audit covering
HTTPS/TLS transport, HSTS, security headers (CSP, X-Frame-Options,
X-Content-Type-Options, Referrer-Policy, Permissions-Policy),
cookie flags, canonical URLs, custom 404, and server config
hardening (.htaccess, nginx, netlify, vercel, cloudflare, next
config, astro middleware).

Reuses the seo-analyzer agent with a strict IN/OUT scope filter so
the report stays focused on hardening — no meta/OG/JSON-LD/sitemap/
CWV noise. Those remain owned by /seo and /geo.

FULL mode queries three independent third-party validators and
embeds their verdict in HARDEN.md:
  - Mozilla Observatory (API v2 JSON, ~10s)
  - SecurityHeaders.com (HTML scrape, ~5s)
  - SSL Labs (API v3 async, poll up to 180s, cached via maxAge=24)

Divergence between code audit and external validators is surfaced
as a finding (config drift, CDN header overrides, conditional
middleware).

Flags: --local, --full, --fix, --no-external.

Routing rule added to CLAUDE.md; cso description narrowed to its
actual scope (secrets, deps CVE, OWASP code-level) to disambiguate
from /harden.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 20:32:48 +02:00
bastien
051779e5ff feat(onboard): make cso security audit archetype-aware
STEP 4.5 extracts the archetype's "Implications" (Surface sécurité) and
"Typical pain points" sections into .onboard-audit/archetype-context.md.
STEP 6 cso dispatch reads it and filters checks per category: web vulns
(XSS/SQLi/CORS/CSP/CSRF/HTTPS) only on framework/api/ecommerce/cms,
embedded-specific checks (buffer overflow, secure boot, JTAG, OTA sig)
only on embedded; library/cli/infra/data-science/desktop each get their
own focused section. Previously the fallback prompt searched for web
vulnerabilities even on firmware projects.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 13:52:09 +02:00
bastien
3f85bcf3ad refactor(onboard): split into orchestrator skill + config-only agent
Move discovery, interview, archetype detection, audit pipeline, and
validation gates from the onboarder agent into the /onboard skill as
a 9-STEP orchestrator (STEP 0 plugin-check → STEP 9 sequenced backlog).

The onboarder agent becomes a pure config generator: takes a prepared
brief, writes CLAUDE.md / settings.json / .claudeignore / tasks/ scaffold.
No more interview or filesystem scanning in the agent.

Agent shrinks 263 → 86 lines; skill grows 15 → 847 lines.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-21 22:37:16 +02:00
bastien
f922fbbc59 chore(graphify): bump skill to v0.4.23
Auto-upgraded during /graphify invocation. Notable SKILL.md changes:
safer AST cache_root (pin to cwd), clearer node ID format docs with
concrete example, new Step 6b Wiki export (opt-in via --wiki),
--update now persists merged extraction back to .graphify_extract.json
so Step 4 sees the full graph.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-21 17:54:45 +02:00