rulesets/debug, branch main

feat: insights follow-ups — empirical-first debugging, staging guard, invariants

2026-06-11T06:36:35+00:00

From the 2026-06-11 usage report. The debug skill gains a hypothesis-discipline contract (rank candidate causes by cheapest empirical test, run probes in parallel, report only confirmed findings) targeting the serial theory-cycling the report flagged. commits.md's pre-commit checklist gains a staged-files guard covering the untracked-set and canonical-vs-mirror conventions. A small tracked CLAUDE.md carries the rulesets mirror invariant at turn zero. Two [#C] pilots filed: a read-only morning ops orchestrator and a monthly session-harvest workflow. The report's 500-token-cap finding was a mislabel: the underlying transcripts show 529 Overloaded and stream-idle-timeout errors with no token cap configured anywhere, so nothing to change there.

docs(skills): tighten debug, root-cause-trace, and five-whys

2026-05-22T19:26:43+00:00

Three audit-pass fixes across the debugging skills. debug now captures environment and recent-change context (versions, flags, dataset, seed/clock, concurrency, recent commits) as a Phase-1 step. Many intermittent bugs live in state or environment, not a local code path, and "what changed recently" is often the fastest route to the cause. root-cause-trace's defense-in-depth said to add a check at every layer that could have caught the bad value, which breeds validation spam. It now adds checks only at boundary-owning layers (ingress, persistence, the invariant owner, final render), and says a pass-through function that owns neither a boundary nor an invariant shouldn't get a duplicate null check. five-whys now makes each link carry an evidence field and a counterfactual: if you remove this cause, does the symptom above still happen? That's the guard against a tidy chain that reads well but wouldn't have prevented the failure.

refactor(debug): make debug a triage router, align specialist cross-refs

2026-05-06T10:23:01+00:00

I sharpened the debug skill so it stops duplicating root-cause-trace and five-whys. Phase 1 captures evidence and stops there. Phase 2 routes to the right specialist instead of asking why three times inline. Phases 3 and 4 keep the verify-and-fix discipline. I also updated the companion lines in root-cause-trace and five-whys so all three descriptions stay in sync.

chore: remove fix-issue skill, superseded by start-work

2026-04-22T13:08:59+00:00

The fix-issue skill has been replaced by start-work, which covers the same ground (picking up a ticket with a known fix and carrying it through to handoff) with a seven-phase structure and three user-approval gates. Deleted fix-issue/SKILL.md and swept the references. Updated: - Makefile SKILLS list: remove fix-issue, add start-work so make install creates the right symlink. - brainstorm/SKILL.md: implementation-path list points at start-work. - debug/SKILL.md description: both "do NOT use for ticket-driven work" and "Companion to" references updated. - review-code/SKILL.md description: "drafting implementation" redirect updated. No change in meaning. Every old fix-issue context now names start-work.

feat(hooks+skills): destructive-bash confirm + architecture suite + problem-solving routing

2026-04-19T22:39:33+00:00

Three improvements bundled together: 1. New hook — `destructive-bash-confirm.py` (PreToolUse/Bash): Gates `git push --force`, `git reset --hard`, `git clean -f`, `git branch -D`, and `rm -rf` behind a confirmation modal with the command, local context (branch, uncommitted counts, targeted paths), and a severity banner. Elevates severity when force-pushing protected branches (main/master/develop/release/prod) or when rm -rf targets root, home, or wildcard paths. Reuses _common.py. 2. Architecture suite rename — the "Part of the arch-* suite" footer in arch-design, arch-decide, arch-document, arch-evaluate descriptions now reads "Part of the architecture suite (arch-design / arch-decide / arch-document / arch-evaluate + c4-analyze / c4-diagram for notation-specific diagramming)." Matching footers added to c4-analyze and c4-diagram. c4-* keep their framework-specific prefix (C4 is a notation, arch-* is framework-agnostic workflow) but are now discoverable as suite members. 3. Problem-solving cluster routing — added YAML frontmatter with descriptions (including "Do NOT use for X (use Y)" clauses) to debug/SKILL.md and fix-issue/SKILL.md. Previously both had no frontmatter at all, which broke skill-router discovery. The four cluster members (debug, fix-issue, root-cause-trace, five-whys) now route unambiguously by description alone.

feat(rules): add subagents.md — when, how, and when not to delegate

2026-04-19T22:23:37+00:00

Cross-cutting rule covering subagent hygiene: - Decision table: parallel-safe (read-only investigation, independent test failures, multi-domain research) vs sequential-with-review (plan execution, coupled edits) vs never-parallel (concurrent writes) vs don't-subagent-at-all (target known, work fits in ~10 tool calls). - Prompt contract: scope / pasted context / explicit 'do NOT' list / required output format. Missing any field yields shallow work. - Context-pollution rule: subagents absorb noise the main thread shouldn't carry. When one fails, dispatch a fix-agent with the failure report — do not retry in the orchestrator. - Review-gate cadence: after each sequential task, or every ~3 in parallel batches. - Anti-patterns including parallel implementation on overlapping files, broad 'fix all the tests' prompts, timeout-tuning to mask flakes, and letting the agent decide scope. Added one-line cross-references to subagents.md from debug/, review-code/, and finish-branch/ SKILL.md — the skills that most rely on delegation. Clean-room synthesis from NeoLabHQ/context-engineering-kit's subagent-driven-development pattern (MIT).

Add general-purpose skills and rules from DeepSat coding-rulesets

2026-03-29T21:25:05+00:00

Skills (adapted from DeepSat, stripped of project-specific references): - /review-pr: PR review against engineering standards - /fix-issue: issue-to-merge TDD workflow - /security-check: secrets, OWASP, and dependency audit - /debug: systematic 4-phase debugging - /add-tests: test coverage analysis and generation - /respond-to-review: evaluate and implement code review feedback Rules (general-purpose, copied as-is): - testing.md: universal TDD standards and anti-patterns - verification.md: proof over assumption Makefile updated to install both skills and rules via symlinks. Co-Authored-By: Claude Opus 4.6 (1M context)