feat: agentic workflow foundation kit — deterministic engine, GitHub wrappers, and downstream skills#1
Open
akane-cat[bot] wants to merge 52 commits into
Open
feat: agentic workflow foundation kit — deterministic engine, GitHub wrappers, and downstream skills#1akane-cat[bot] wants to merge 52 commits into
akane-cat[bot] wants to merge 52 commits into
Conversation
- Revised project attributes in `manifest.yaml` to placeholder values for review, including name, slug, one-liner, workflow pattern, and tracking artifact. - Ensured clarity for future updates and confirmations on project specifications.
- Revised `manifest.yaml` to eliminate direct PO input, transitioning to an AI-assisted dialogue approach for project attributes. - Enhanced `SKILL.md` to clarify the new confirmation process for `project.*` fields, detailing the use of `AskQuestion` and free input methods. - Updated `design-conformance.md` and `source-mapping.md` to reflect the responsibilities of the PO in confirming project details during Phase 1.5. - Ensured that all project attributes are now confirmed through structured interactions, improving clarity and compliance.
…eration - Added the `manifest-generator` skill to handle the deterministic generation and auditing of output files from `manifest.yaml` and templates. - Implemented `generate.py` and `audit.py` scripts to facilitate output creation and ensure compliance with required specifications. - Established a shared library `genlib.py` for common functionalities, including YAML loading and template rendering. - Updated documentation in `SKILL.md` to clarify the role and usage of the new skill within the agentic workflow framework.
- Introduced the `agentic-session-management` skill to generate and maintain session management capabilities, including `session-planning`, `session-handover`, and `decisions-record`. - Created `manifest.yaml` to serve as the source of truth for session management configurations, ensuring deterministic output generation through the `deterministic-generator`. - Developed templates for session management skills and verification gates, enhancing the overall workflow structure. - Updated documentation to clarify the role and usage of the new skill within the agentic workflow framework, including design conformance and source mapping references.
…nd its components - Added a comprehensive overview of the 5-layer model, clarifying the roles of each layer in the context of AI agent development. - Included a section on terminology to explain the semantic 2-layer model and its mapping to the 5-layer model. - Enhanced descriptions of the context, constraints, capabilities, automation, and delegation layers, providing examples of their outputs and usage. - Improved overall documentation structure to facilitate better understanding of the agentic workflow framework.
…ADME - Updated the terminology section to enhance clarity on the semantic 2-layer model and its relationship with the 5-layer model. - Streamlined the description of the 5-layer model, focusing on its analogy to the software development process. - Improved the explanation of Layer 5 (Delegation) to emphasize the use of built-in Subagents and the approach for manual additions.
…tion - Revised `manifest.yaml` to clarify session-specific attributes, ensuring `large_task_threshold` is fixed to recommended values and `verification.gate_command` is confirmed during Phase 1.5. - Enhanced `SKILL.md` to detail the confirmation process for session attributes, emphasizing the use of structured interactions and the elimination of direct PO input. - Updated project configuration in `agentic-workflow-foundation` to reflect automatic derivation of project attributes and fixed values, improving clarity and compliance in the workflow.
…configurations - Deleted the `agentic-session-management` skill, including its `manifest.yaml`, `SKILL.md`, and associated templates, to streamline the workflow structure. - Updated `agentic-workflow-foundation` to integrate session management capabilities directly within its manifest, ensuring a self-contained source of truth. - Revised documentation to reflect the removal of the session management skill and clarify the new structure for session-related functionalities.
- Introduced a comprehensive design document outlining the unified technology stack for web applications using Cloudflare, Hono, Next.js, and OpenAPI First. - Document includes detailed sections on architecture, development flow, versioning policies, and trade-off evaluations between spec-first and code-first approaches. - Establishes the document as the source of truth for the project's technology stack, ensuring clarity and consistency in implementation and design principles.
…ration - Added the `agentic-workflow-engine` skill to facilitate deterministic generation and auditing of output files from `manifest.yaml` and templates. - Implemented `generate.py` and `audit.py` scripts to ensure compliance with required specifications and maintain idempotency. - Established a shared library `genlib.py` for common functionalities, including YAML loading and template rendering. - Updated documentation in `SKILL.md` and related files to clarify the role and usage of the new engine within the agentic workflow framework. - Revised references in the `agentic-workflow-foundation` to point to the new engine, ensuring consistency across the project.
…mcp.json - Added new documentation files `AI_AGENT_UNIFIED_DESIGN.md` and `AI_BUSINESS_AGENT_SUITE.md` to .gitignore to prevent tracking. - Revised README to clarify the role of the `agentic-workflow-engine` and the handling of technology stack integration, emphasizing the transition to a more structured approach. - Removed obsolete `mcp.json` file to streamline project configuration.
… project generation - Revised README and SKILL.md to clarify the transition from a self-contained manifest to a seed manifest approach, emphasizing the generation of a root manifest during skill execution. - Updated `manifest.yaml` to reflect its role as a seed manifest, with changes to the handling of technology stack integration and project-specific parameters. - Enhanced scripts for tech stack ingestion and conformance checking to operate on the newly generated root manifest, ensuring compliance with project specifications. - Adjusted documentation to outline the new workflow and responsibilities for project attribute confirmation, reinforcing the importance of maintaining idempotency and source of truth.
…egration - Revised `manifest.yaml` to reflect the new quality gate contract structure, incorporating deterministic generation of `G-BUILD`, `G-LINT`, and `G-TEST` scripts based on the technology stack. - Updated `SKILL.md` and related documentation to clarify the role of the quality gate contract and its relationship with the project’s technology stack. - Enhanced the `AGENTS.md.template` and `QUALITY_GATE.md.template` to include details on the package script contract, ensuring compliance with future `package.json` requirements. - Adjusted the `check_tech_stack_conformance.py` script to handle the absence of `package.json` during initial checks, improving the fail-open behavior. - Documented the new Phase 1.65 process for automatic determination of quality gate parameters, reinforcing the workflow's deterministic nature.
…rlays - Added `run_resolved_engine.py` to serve as a wrapper for executing the engine with a resolved manifest, incorporating per-project values from the root manifest. - Updated documentation in `SKILL.md`, `design-conformance.md`, and `source-mapping.md` to clarify the role of the resolved manifest and the new workflow for generating and auditing outputs. - Enhanced the handling of temporary skill directories and ensured that the engine does not directly read the root manifest, maintaining a clear separation of concerns. - Revised the workflow phases to reflect the integration of the resolved manifest in project generation and auditing processes.
- Updated `manifest.yaml` to clarify the adopted and not adopted implementations for each ACCD axis, ensuring a clear distinction between lightweight and heavyweight mechanisms. - Revised `SKILL.md` to reflect changes in the project settings confirmation process, incorporating ACCD axes into the decision-making framework. - Enhanced `source-mapping.md` to document the integration of ACCD axes in the project manifest, emphasizing their role in the overall workflow. - Improved `run_resolved_engine.py` to support merging of ACCD axes from the root manifest, ensuring accurate overlays during project generation. - Updated `AGENT_RUNBOOK.md.template` to include detailed descriptions of adopted and non-adopted implementations for each ACCD axis, reinforcing the lightweight implementation approach.
- Updated `manifest.yaml` to remove placeholder text in the adopted implementations for each ACCD axis, clarifying the lightweight implementation approach. - Revised `SKILL.md` to enhance the project settings confirmation process, specifying that `framework.accd_axes` will be automatically derived for lightweight implementations. - Improved `source-mapping.md` to reflect the automatic adoption of lightweight implementations for ACCD axes, ensuring consistency in documentation. - Enhanced `run_resolved_engine.py` to normalize ACCD axes, emphasizing the automatic adoption of lightweight implementations and the exclusion of heavyweight mechanisms. - Updated `AGENT_RUNBOOK.md.template` to include guidance on the automatic adoption of lightweight implementations for different workflow patterns, reinforcing the design intent.
- Added `G-GEN` to the quality gate contract in `manifest.yaml`, enabling independent handling of OpenAPI generation and verification processes. - Updated `SKILL.md` and related documentation to clarify the role of `G-GEN` in the project workflow, distinguishing it from build and deployment commands. - Enhanced `AGENTS.md.template` and `QUALITY_GATE.md.template` to include `G-GEN` in the output and execution guidelines, ensuring comprehensive coverage of the quality gate parameters. - Revised `resolve_quality_gate.py` to incorporate `G-GEN` into the command structure, reflecting the new generation workflow. - Adjusted tests in `test_resolve_quality_gate.py` to validate the inclusion of `G-GEN` in the quality gate checks, ensuring compliance with the updated contract.
… design integration - Updated `manifest.yaml` to incorporate immutable upstream design documents, ensuring that the seed manifest and templates are utilized for generating a stateless resolved skill directory. - Revised `SKILL.md` to clarify the role of immutable upstream SoT in the generation process and the stateless nature of the skill. - Enhanced `run_resolved_engine.py` to reflect the integration of upstream design inputs, ensuring that the resolved manifest is generated without retaining previous execution states. - Improved documentation in `session-handoff-guide.md.template` to outline the purpose and structure of the handoff process, emphasizing the importance of context management during long sessions. - Updated `design-conformance.md` to reflect the new requirements for auditing based on immutable upstream inputs, ensuring compliance with the updated workflow.
…ture - Revised `SKILL.md` to enhance clarity on the generation process of the stateless resolved skill directory, emphasizing the role of the seed manifest and templates. - Updated descriptions to remove references to immutable upstream SoT, streamlining the focus on the skill's internal components. - Improved documentation on the workflow phases and the handling of project-specific parameters, ensuring a clear understanding of the stateless nature of the skill. - Adjusted the architecture section to reflect the updated framework for generating the resolved skill directory without retaining previous execution states.
…nd structure" This reverts commit 5615834.
…tional design frameworks - Revised README to clarify the internalization of the organizational design framework into seed manifests and templates, emphasizing the non-public nature of certain documents. - Updated `design-conformance.md` and `session-handoff-guide.md.template` to reflect changes in the generation rationale and the handling of design inputs. - Enhanced `AGENT_RUNBOOK.md.template` and `02-agent-conduct.mdc.template` to incorporate references to the internal design framework, ensuring consistency across documentation.
…goals and future notes - Updated `manifest.yaml` to include sections for non-goals and future design considerations, clarifying the intentional exclusions in the design process. - Revised `design-conformance.md` and `session-handoff-guide.md.template` to incorporate references to non-goals and future expansion notes, ensuring comprehensive documentation of design decisions. - Enhanced `source-mapping.md` to reflect the updated structure of the handoff framework, including links to relevant design documents and guidelines.
…nt insights - Updated `manifest.yaml` to include detailed explanations on degradation symptoms and proxy metrics, improving clarity on context management during long sessions. - Revised `session-handoff-guide.md.template` to incorporate new sections on the implications of context degradation and the importance of understanding proxy indicators, ensuring users are better informed about potential pitfalls in the handoff process. - Added specific examples and citations to support the rationale behind the handoff strategies, enhancing the overall documentation quality and usability.
- Updated `manifest.yaml` to include the new `session-start-gate.sh` script for cross-session integrity checks, ensuring proper handling of handoff and tracking documents. - Revised `SKILL.md` to clarify the session management process, detailing the conditions for session start and the implications of tracking document states. - Enhanced `design-conformance.md` to reflect the new session start gate requirements and the associated inspection IDs, ensuring comprehensive documentation of the validation process. - Improved `guard-git-write.sh` to implement a two-tier fail strategy for command validation, enhancing security against unauthorized operations during session management.
- Added `plan_required_sections` to `manifest.yaml` to define mandatory sections for tracking documents, ensuring consistency in session planning. - Introduced `plan-gate.sh` script to automate validation of required sections during the transition phases of planning to implementation and review to completion. - Updated `QUALITY_GATE.md.template` to include detailed descriptions of the new plan lifecycle gate, outlining its purpose and execution requirements. - Revised `SKILL.md.template` to specify the necessary sections for tracking documents and the implications of the plan lifecycle gate on session management.
…skill paths - Added `.cursor/docs/AI_BUSINESS_AGENT_SUITE.md` back to the ignore list. - Included a new entry for the evaluation-only skill directory in `.cursor/skills/`, ensuring proper management of evaluation resources.
- Added a dedicated section for the Context Budget Protocol in AGENTS.md to address the drift caused by multiple references to this concept across various documents. - Clarified the operational naming and requirements for the Context Budget Protocol, ensuring alignment with upstream design documents and preventing misunderstandings regarding terminology. - Specified minimum requirements for the section, including purpose, rationale, triggering conditions, and AI behavior during sessions, to improve context management in long-duration interactions. - Documented the decision to maintain a concise entry in AGENTS.md without creating a separate meta document, streamlining the documentation process.
…ic workflow - Revised `manifest.yaml` to emphasize that the generation of canonical contracts is independent of the presence of `package.json`, ensuring clarity in the contract determination process. - Updated `SKILL.md` to reflect the responsibilities of the quality gate in determining script contracts without relying on actual script detection. - Enhanced `design-conformance.md` to specify that the restoration of G-* details should not depend on the existence of `package.json`, reinforcing the contract's integrity. - Added a new section for the Context Budget Protocol in `AGENTS.md`, detailing its operational requirements and implications for session management.
- Implemented a new `bootstrap` command in `run_resolved_engine.py` to synchronize the `framework:` block of the root manifest with the seed manifest, ensuring consistency and preventing manual drift. - Updated `SKILL.md` to document the new synchronization process and its implications for maintaining the integrity of the root manifest. - Enhanced templates for session management skills to clarify their operational boundaries and conditions for triggering actions, improving overall documentation quality.
…ecifications - Expanded `SKILL.md` to include detailed output specifications for `01-critical-constraints.mdc`, `.cursor/hooks/README.md`, and `session-planning/SKILL.md`, clarifying minimum requirements and evaluation criteria. - Updated templates in `AGENTS.md`, `CLAUDE.md`, and `hooks/README.md` to prevent duplication and improve clarity on operational boundaries and actions during session management. - Introduced a checklist for adding new hooks and clarified the integration confirmation process in the hooks documentation, ensuring comprehensive guidance for users. - Added decision-making examples in `decisions-record/SKILL.md` to assist in determining when to create ADRs, enhancing the decision-making framework. - Revised `session-planning/SKILL.md` to outline a structured approach for pattern selection and new campaign initiation, improving the workflow process.
- Added a note in the tech stack template to reference the breakdown of quality gates (G-GEN / G-BUILD / G-LINT / G-TEST) and their corresponding documentation, enhancing clarity for users regarding quality assurance processes.
…ion and templates - Added the `agent-code-review` skill to the agentic workflow, enabling automated review processes for GitHub PR comments. - Updated `manifest.yaml` to include configuration options for the code review feature, allowing users to enable or disable the skill and specify report output settings. - Created detailed templates for the skill, including `SKILL.md`, `approval-loop.md`, and various reference documents, to guide users through the review process and ensure clarity in execution. - Implemented a filtering mechanism in `run_resolved_engine.py` to exclude outputs based on feature flags, enhancing the skill's flexibility and usability. - Revised existing documentation to incorporate the new skill, ensuring consistency and comprehensive guidance for users.
- Simplified the `code_review` skill setup by consolidating questions into a single prompt for enabling the skill and its report output settings. - Updated documentation to reflect the new recommended installation confirmation process, enhancing clarity and user experience in configuring the agentic workflow.
- Introduced the `resolve_coderabbit.py` script to automatically determine CodeRabbit settings based on the tech stack, including enabling/disabling tools, path instructions, and path filters. - Updated `manifest.yaml` to include a new `coderabbit` section, allowing for dynamic configuration based on project requirements. - Enhanced `SKILL.md` to document the new Phase 1.66 for CodeRabbit settings automation, clarifying the integration process and expected outcomes. - Created a template for `.coderabbit.yaml` to standardize the output configuration for CodeRabbit reviews, ensuring consistency across projects. - Revised documentation in `source-mapping.md` to reflect the relationship between tech stack items and CodeRabbit settings, improving clarity for users.
- Updated `SKILL.md` to clarify the two-step process for generating path instructions, detailing the AI and script steps involved. - Modified `resolve_coderabbit.py` to compute a hash of the tech stack and determine when AI regeneration of path instructions is necessary, ensuring consistency and efficiency. - Adjusted the output structure to maintain existing values while providing warnings for necessary updates, improving user experience. - Revised the `coderabbit.yaml.template` to standardize configuration options, enhancing clarity and usability across projects.
- Revised the introduction to better describe the toolkit's purpose and components, emphasizing the unified design document, seed manifest, templates, and project manifest. - Clarified the repository's role as a generator of foundational files rather than the foundation itself, enhancing user understanding. - Updated the capabilities section to reflect the generated outputs more accurately, including documentation and session management skills. - Streamlined the explanation of the five-layer model, ensuring clear distinctions between context, constraints, capabilities, automation, and delegation. - Improved overall readability and organization of the document to facilitate easier navigation and comprehension for users.
- Introduced a new `.coderabbit.yaml` file to define settings for the CodeRabbit integration, including language, tone instructions, and review configurations. - Specified path filters and instructions for various file types to guide the review process, enhancing clarity and consistency in project setups. - Enabled auto-review features and integrated tools for improved code quality checks, ensuring a robust configuration for future development.
- Introduced a new `Makefile` to streamline the installation and verification of required dependencies for the agentic workflow foundation kit on macOS. - Added `install` and `check` targets to automate the installation of essential tools like Python, Git, JQ, and GitHub CLI, enhancing user experience. - Updated `README.md` to reference the new setup guide in `SETUP.md`, providing clearer instructions for external service configurations. - Created `setup.md` to detail the setup process for external services and tools, ensuring comprehensive guidance for users. - Enhanced security measures in the workflow by implementing rules for handling sensitive information in GitHub operations, documented in the new `03-github-security.mdc` file. - Updated various templates and documentation to reflect the integration of new security protocols and wrapper commands for GitHub interactions.
- Introduced the `agent-github-pr` skill to automate the creation of GitHub pull requests by analyzing local commit history and generating titles and bodies for PRs. - Updated `manifest.yaml` to include configuration options for the new skill, allowing users to enable or disable it. - Created templates for `SKILL.md` and `pr-commands.md` to provide comprehensive guidance on using the skill and its associated wrapper commands. - Enhanced `source-mapping.md` to reference the new `agent-github-pr` skill and its documentation, improving clarity on available features. - Updated security documentation to reflect the integration of the new skill and its reliance on secure wrapper commands for GitHub interactions.
- Revised terminology from "GitHub App" to "GitHub Apps" for consistency throughout the document. - Enhanced the section on creating GitHub Apps, providing clearer instructions and formatting for settings and permissions. - Added a detailed table for wrapper command usage, specifying the relationship between skills and commands. - Clarified the installation process and configuration for the `config.env` file, ensuring users understand the necessary environment variables. - Improved overall structure and readability of the setup documentation to facilitate better user comprehension.
- Introduced a set of wrapper scripts (`github-pr-create-safe`, `github-pr-comment-safe`, `github-pr-reply-safe`, `github-pr-reviews-safe`) to facilitate secure interactions with GitHub's API for pull request operations. - Updated `manifest.yaml` to include new output paths for these scripts, ensuring they are generated when the corresponding features are enabled. - Enhanced documentation in `SKILL.md` and related templates to reflect the new commands and their usage, improving user guidance on GitHub integration. - Implemented a mechanism in `run_resolved_engine.py` to generate these scripts based on feature flags, ensuring flexibility in project configurations. - Updated `.cursorignore` to prevent AI access to generated scripts, enhancing security around sensitive operations.
…llation process - Changed section title from "wrapper コマンドのインストール" to "wrapper コマンドの生成" to better reflect the automated nature of command creation. - Clarified that wrapper commands are generated during the execution of the `agentic-workflow-foundation` skill, eliminating the need for manual installation. - Updated command verification instructions to check for generated commands in the `bin/` directory. - Enhanced the security note regarding the wrapper's interaction with the GitHub API, ensuring users understand the necessary configurations for successful execution.
- Changed all instances of `github-pr-*` commands to `bin/github-pr-*` in various templates and documentation files to reflect the correct command paths. - Ensured consistency across the `SKILL.md`, `checklist.md`, `gh-commands.md`, and other related files for improved clarity on command usage. - Enhanced user guidance by clarifying the execution context for wrapper commands in the agentic workflow.
- Updated `SKILL.md` and various templates to clarify the generation and usage of wrapper commands, emphasizing that `bin/github-pr-create-safe` and `bin/_github-app-auth.sh` are essential outputs. - Improved guidance on the GitHub API interaction, specifying that all `gh` CLI commands are denied due to PAT not being set, and users must utilize the corresponding wrapper commands. - Enhanced the security documentation to reflect the new authentication model, ensuring users understand the implications of direct `gh` CLI usage and the necessity of wrapper commands for secure operations. - Revised the `guard-git-write.sh` script to enforce user approval for certain Git operations and deny all `gh` commands, reinforcing security protocols in the workflow.
- Updated the `guard-git-write.sh.template` to include an additional condition for denying all `gh` commands, improving security by ensuring that any command starting with `gh` is subject to user approval. - Enhanced the error message for better clarity regarding the input parsing failure, emphasizing the need for user confirmation on irreversible operations.
- Revised the entry and exit conditions for steps in the GitHub PR workflow to clarify the requirements for remote push and committed changes. - Enhanced instructions for checking uncommitted files and remote branch push status, emphasizing user notification without enforcing commits. - Adjusted step numbering for improved clarity in the workflow process, ensuring users understand the sequence of actions required for PR creation.
- Changed references from `audit.py` to `run_resolved_engine.py audit` in the AGENT_RUNBOOK and QUALITY_GATE templates to reflect the updated script usage. - Updated README template to ensure consistency in testing instructions, aligning with the new script references for audit verification.
- Updated the token extraction logic to utilize jq for better reliability and clarity. - Enhanced error handling to account for null values in the token response, ensuring robust error messaging for users.
Owner
|
@coderabbitai review |
✅ Action performedReview finished.
|
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
No actionable comments were generated in the recent review. 🎉 Recent review infoRun configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: Files selected for processing (4)
✅ Files skipped from review due to trivial changes (1)
🚧 Files skipped from review as they are similar to previous changes (3)
WalkthroughWalkthrough決定論的ファイル生成基盤を完成させた。genlib(PyYAML非依存YAMLローダ・Handlebarsテンプレート)、generate・audit(render/marker/seed各モード対応)のエンジン三層、resolved manifest生成・tech stack・quality gate・CodeRabbit自動解決のresolver群、GitHub App認証wrapper群、agent-code-review・session-handover・decisions-recordスキルテンプレート、Cloudflare+Next.js・Hono・OpenAPI統一設計書を統合し、seed manifestから冪等的にプロジェクトファイルを生成する仕組みを実装した。 ChangesAgentic Workflow Foundation Kit 完全実装
Estimated code review effort🎯 4 (Complex) | ⏱️ ~90 minutes Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
Tip: You can configure your own custom pre-merge checks in the settings. Finishing TouchesGenerate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 16
Note
Due to the large number of review comments, Critical, Major severity comments were prioritized as inline comments.
Minor comments (11)
.cursor/skills/agentic-workflow-engine/SKILL.md-35-36 (1)
35-36:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winブロック引用内の空行を削除してください。
Line 36 の空行により
MD028 (no-blanks-blockquote)に抵触しています。blockquote を連続させる形にしてください。修正例
> 依存: **Python 3 標準ライブラリのみ(PyYAML 不要)**。`manifest.yaml` は次の最小 YAML サブセットで記述する: block style のみ(flow `{}` / `[]` 不可)/ インデント半角スペース2 / スカラは 裸・`"…"`・`'…'`・整数・真偽値 / マッピング・シーケンス(`- item` / `- key: value`)/ 行頭・行中 `#` コメント。**複数行ブロックスカラ(`|` / `>`)は非対応**(現行 manifest は不使用)。 - > 実装メモ: `scripts/genlib.py` / `generate.py` / `audit.py` は本スキルのデリバリ(ツール本体=正本)。生成物ではないため改修時は直接編集してよい(設定スキルの生成出力ではない)。`agentic-workflow-foundation/scripts/`(`ingest_tech_stack.py` / `check_tech_stack_conformance.py`)はスキル境界を越えて `genlib` を import するため、本スクリプト群は同梱前提とする。As per coding guidelines,
.cursor/skills/**/SKILL.mdでは「SKILL.md のフォーマット準拠」を確認する必要があります。Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-engine/SKILL.md around lines 35 - 36, There is a blank line within the blockquote section (marked by `>`) at lines 35-36, which violates the MD028 markdown linting rule for no-blanks-blockquote. Remove the empty line between the blockquote lines to ensure the blockquote remains continuous without any internal blank lines. The blockquote content should flow as a single continuous block with all lines starting with the `>` marker.Sources: Coding guidelines, Linters/SAST tools
.cursor/skills/agentic-workflow-foundation/templates/bin/_github-app-auth.sh.template-52-79 (1)
52-79:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win
_get_installation_token内でjqの存在チェックが欠落しているLine 72 で
jq -r '.token'を使用しているが、jqの存在確認がこの関数内で行われていない。スクリプト冒頭(Line 45-49)のjqチェックは入力 JSON のパース用であり、_get_installation_tokenは別コンテキストで呼ばれる可能性がある。
jqがインストールされていない環境では、エラーメッセージが「token を抽出できませんでした」となり、根本原因(jq不在)が分かりにくい。修正案: jq 不在時に明示的なエラーを出す
_get_installation_token() { + if ! command -v jq >/dev/null 2>&1; then + echo "ERROR: jq がインストールされていません。installation token の抽出に必要です。" >&2 + exit 2 + fi + local jwt response token jwt=$(_generate_jwt)Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/bin/_github-app-auth.sh.template around lines 52 - 79, The _get_installation_token function uses jq to extract the token from the response body on line 72, but does not include an explicit check for jq availability within the function. Add a command availability check for jq at the beginning of _get_installation_token that outputs a clear error message indicating jq is not installed if the check fails, before attempting to execute jq -r '.token' on the response body..cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/gh-commands.md.template-62-65 (1)
62-65:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winコードブロック終端の記法崩れを修正してください。
Line 64 はコードフェンス直後に読点が連結されており、Markdown レンダリングと手順の可読性を落としています。コードブロックを閉じた後に通常文として分離してください。
Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/gh-commands.md.template around lines 62 - 65, The markdown code block closing is malformed because a comma and Japanese text are directly attached to the closing triple backticks on line 64. This breaks the code fence syntax and degrades readability. Separate the code block properly by ensuring the closing triple backticks stand alone on their own line, then add the explanatory text about the automatic review tool bot login name (coderabbitai) as a separate paragraph or on a new line with proper formatting, rather than concatenating it directly after the code fence..cursor/skills/agentic-workflow-foundation/templates/skills/session-planning/SKILL.md.template-85-86 (1)
85-86:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win例外承認記録の扱いが gate 実装と不整合です。
ここでは「記録がなければ進めない」とありますが、
plan-gate.shのG-PLAN-EXCEPTION-001は WARN 扱いです。運用を一意にするため、文言かゲート判定を揃えてください。文言を実装に合わせる修正案
-- **例外承認記録**: ゲートをスキップ・例外通過する場合は、承認内容を本節に残す(`docs/QUALITY_GATE.md §2` / `G-PLAN-EXCEPTION-001`)。記録がなければ進めない。 +- **例外承認記録**: ゲートをスキップ・例外通過する場合は、承認内容を本節に残す(`docs/QUALITY_GATE.md §2` / `G-PLAN-EXCEPTION-001`)。未記録時は WARN として検出されるため、継続前に記録を補完する。As per coding guidelines,
.cursor/skills/**/SKILL.mdでは「手順の明確さ」を確認する必要があり、この箇所は実装との整合が取れていません。Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/skills/session-planning/SKILL.md.template around lines 85 - 86, The documentation states that exception approval records (例外承認記録) cannot proceed without a record (記録がなければ進めない), but the implementation in plan-gate.sh treats G-PLAN-EXCEPTION-001 as a WARN-level gate rather than a blocking error. Update the wording in the SKILL.md.template file for the exception approval records section to align with the actual implementation behavior, changing the language from a mandatory requirement to reflect that the absence of a record triggers a warning rather than preventing progress. Ensure consistency between what the documentation promises and how the G-PLAN-EXCEPTION-001 gate behaves operationally.Source: Coding guidelines
.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/SKILL.md.template-25-29 (1)
25-29:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win前提チェックが「中断」になっていません。
この記述だと wrapper 不在時にメッセージ表示のみで処理が継続し、手順説明(不足時は中断)と実動作が不一致です。
修正案
-```bash -test -x bin/github-pr-create-safe || echo "GitHub wrapper not found" -``` +```bash +if ! test -x bin/github-pr-create-safe; then + echo "GitHub wrapper not found" >&2 + exit 1 +fi +```As per coding guidelines,
.cursor/skills/**/SKILL.mdでは「SKILL.md のフォーマット準拠、手順の明確さ」を確認する必要があり、この箇所は手順の明確さを満たしていません。Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/SKILL.md.template around lines 25 - 29, The prerequisite check for bin/github-pr-create-safe does not actually halt execution when the wrapper is missing; it only echoes a message and allows the process to continue, creating a mismatch between the documented behavior and actual execution. Replace the single-line test command with a complete if statement that explicitly checks if the bin/github-pr-create-safe file is not executable, outputs an error message to stderr using >&2, and calls exit 1 to stop further execution, ensuring the skill halts as documented.Source: Coding guidelines
.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/references/pr-commands.md.template-111-116 (1)
111-116:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win未コミット変更時の対応が SKILL 本体と矛盾しています。
この表では「中断し、コミットを案内」とありますが、
agent-github-pr/SKILL.md.templateではコミット案内をしない方針です。どちらかに統一してください。修正案(本ファイルを SKILL 方針に合わせる場合)
-| `git status --porcelain` に出力あり | 未コミットの変更あり。スキルを中断し、コミットを案内 | +| `git status --porcelain` に出力あり | 未コミットの変更あり。状態を通知して中断する(コミット操作の案内はしない) |Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/references/pr-commands.md.template around lines 111 - 116, The table row describing how to handle uncommitted changes (when `git status --porcelain` has output) contradicts the policy documented in `agent-github-pr/SKILL.md.template`. Currently, the pr-commands.md.template row advises to abort the skill and guide the user to commit, but SKILL.md.template does not include this guidance. Update the response text for the `git status --porcelain` row to match the actual policy defined in SKILL.md.template so both documents have consistent behavior regarding uncommitted changes..cursor/skills/agentic-workflow-foundation/templates/hooks/README.md.template-49-53 (1)
49-53:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winしきい値表の
shell (MiB)が固定値でドリフトします。Line 51-52 は
shell_bytesをテンプレート化している一方で MiB 表示を固定値(1/5)にしています。閾値変更時に表の値が不整合になるため、MiB列を削除するか、manifest 値から導出する表示にしてください。Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/hooks/README.md.template around lines 49 - 53, The threshold table has a hardcoded shell (MiB) column with fixed values (1 MiB and 5 MiB) while the shell_bytes values use template variables ({{framework.budget_thresholds.yellow.shell_bytes}} and {{framework.budget_thresholds.red.shell_bytes}}). This causes the table to become inconsistent when manifest values change. Either remove the shell (MiB) column entirely since the byte values are already templated and sufficient, or if the MiB column must remain, replace the hardcoded values with template expressions that dynamically calculate the MiB conversion from the shell_bytes template variables..cursor/skills/agentic-workflow-foundation/SKILL.md-209-211 (1)
209-211:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win
project.nameの確定手順が manifest 側と不一致です。ここでは
nameを AskQuestion 対象にしていますが、.cursor/skills/agentic-workflow-foundation/manifest.yamlでは「自動導出で PO に問わない」と定義されています。どちらかに統一しないと Phase 1.5 の運用が分岐します。
As per coding guidelines,.cursor/skills/**/SKILL.mdでは「手順の明確さ」を確認する必要があります。Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/SKILL.md around lines 209 - 211, The `project.name` determination procedure defined in SKILL.md (lines 209-211) uses `AskQuestion` to prompt the PO with options, but the manifest.yaml file defines `project.name` as auto-derived without asking the PO. These two procedures are contradictory and will cause operational branching. Align these two definitions by either updating SKILL.md to remove the `AskQuestion` approach and adopt the auto-derivation logic from manifest.yaml, or update manifest.yaml to include the `AskQuestion` procedure as defined in SKILL.md. Ensure both files reflect the same `project.name` determination process to maintain consistent Phase 1.5 operations.Source: Coding guidelines
Makefile-37-40 (1)
37-40:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win
_ensure_brewを phony にしてください。同名ファイルがあると前提チェックがスキップされるので、
.PHONYに入れて常に実行されるようにした方が安全です。修正案
-.PHONY: install check +.PHONY: install check _ensure_brewPrompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@Makefile` around lines 37 - 40, The `_ensure_brew` target is not declared as a phony target in the Makefile. If a file with the same name exists, Make will skip executing the target, causing the prerequisite check to be bypassed. Add `_ensure_brew` to the `.PHONY` declaration (typically near the top of the Makefile with other phony targets) to ensure this target always executes when referenced.Source: Linters/SAST tools
README.md-197-203 (1)
197-203:⚠️ Potential issue | 🟡 Minor | ⚡ Quick win
SETUP.mdのリンクが壊れています。実ファイルは
setup.mdなので、ここは小文字に揃えないと Linux 環境で参照できません。修正案
-外部サービス・Cursor 設定を含む詳細なセットアップ手順は **[SETUP.md](SETUP.md)** を参照。 +外部サービス・Cursor 設定を含む詳細なセットアップ手順は **[setup.md](setup.md)** を参照。Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@README.md` around lines 197 - 203, The markdown link to the setup documentation in README.md references the filename as SETUP.md (uppercase), but the actual file is named setup.md (lowercase). On Linux systems with case-sensitive filesystems, this link will not resolve. Change the link reference from SETUP.md to setup.md to match the actual filename exactly. Update the markdown link text from [SETUP.md](SETUP.md) to [setup.md](setup.md) to ensure the documentation link works across all operating systems.setup.md-157-161 (1)
157-161:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winコードブロックに言語指定を付けてください。
この fenced block は MD040 に引っかかるので、
bashを付けると lint と表示が揃います。修正案
-``` +```bash mkdir -p ~/.config/github-apps mv ~/Downloads/*.private-key.pem ~/.config/github-apps/private-key.pem chmod 600 ~/.config/github-apps/private-key.pemPrompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@setup.md` around lines 157 - 161, The markdown code block containing the mkdir, mv, and chmod commands is missing a language specifier after the opening triple backticks, which causes a MD040 linting violation. Add bash as the language identifier after the opening triple backticks (```bash) to specify that this is a bash code block, which will align the code with markdown linting rules and improve syntax highlighting display.Source: Linters/SAST tools
Nitpick comments (3)
.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-create-safe.template (1)
43-47: 💤 Low value未使用変数
BODY_CONTENTの削除Line 44 で
BODY_CONTENT=$(cat "$BODY_FILE")を代入しているが、Line 47 でBODY_FILEを直接python3の stdin に渡しており、BODY_CONTENTは参照されていない。TITLE=$(cat "$TITLE_FILE") -BODY_CONTENT=$(cat "$BODY_FILE") TITLE_JSON=$(printf '%s' "$TITLE" | python3 -c 'import sys,json; print(json.dumps(sys.stdin.read()))') BODY_JSON=$(python3 -c 'import sys,json; print(json.dumps(sys.stdin.read()))' < "$BODY_FILE")Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-create-safe.template around lines 43 - 47, The variable BODY_CONTENT is assigned on line 44 by reading from BODY_FILE but is never used anywhere in the code. The BODY_JSON variable on line 47 reads directly from BODY_FILE instead of using BODY_CONTENT, making this intermediate variable unnecessary. Remove the unused BODY_CONTENT variable assignment to clean up the code and eliminate redundant file reading operations..cursor/skills/agentic-workflow-foundation/scripts/test_resolve_quality_gate.py (1)
107-117: ⚡ Quick win
--check実行後の冪等性をアサートしてください。現状は return code しか見ておらず、
書き換えなし退行を検知できません。second.stdoutの内容も検証したほうが安全です。修正例
if second.returncode != 0: print(second.stdout) print(second.stderr, file=sys.stderr) return second.returncode + if "書き換えなし" not in second.stdout: + print("idempotency check failed: expected 書き換えなし in --check output", file=sys.stderr) + return 1Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/skills/agentic-workflow-foundation/scripts/test_resolve_quality_gate.py around lines 107 - 117, After running the subprocess with the --check flag in the second subprocess.run call, you need to validate idempotency by checking not only the return code but also the stdout content. Currently only the return code is checked, which fails to detect regressions where files would need to be rewritten. Add validation logic to verify that the second.stdout indicates no changes are needed, ensuring the resolver produces idempotent output and catches any unintended modifications between runs..cursor/docs/TECHNOLOGY_STACK_UNIFIED_DESIGN.md (1)
284-305: ⚡ Quick winバージョン表は「方針」と「検証済み値」に分けてください。
ここにある Wrangler / Next.js / OpenNext などの値は時点依存なので、
package.jsonやwrangler設定と一致しているか確認が必要です。正本化するなら、検証日か出典を併記してください。修正案
-| Wrangler | v4 系 | OpenNext 利用時は 3.99.0 以上必須、実質 v4 推奨 | +| Wrangler | 方針: v4 系 | 検証済み最小値は別途明記 |Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.cursor/docs/TECHNOLOGY_STACK_UNIFIED_DESIGN.md around lines 284 - 305, The version policy table in the TECHNOLOGY_STACK_UNIFIED_DESIGN.md file mixes time-dependent verified values (like Wrangler v4, Next.js 15/16, etc.) with general policy recommendations, making it unclear which values are guaranteed to match actual package.json and wrangler.jsonc configurations. Reorganize the table by splitting it into two separate sections: one for version policies (recommendations) and another for verified/tested values that have been confirmed to work in the project, and include verification dates or sources for the verified values section to maintain accuracy over time.
Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.cursor/skills/agentic-workflow-engine/scripts/audit.py:
- Around line 51-56: The loop that processes outputs in audit.py (where rel and
template values are used to construct target_path and template_path) lacks path
boundary validation, which could allow access to files outside the repo or
templates directory. Add the same path validation checks that exist in
generate.py to ensure target_path stays within root and template_path stays
within templates_dir before calling _read. When validation fails (paths escape
intended boundaries), exit with code 2 instead of proceeding, as this indicates
a fatal configuration error per the design guidelines.
In @.cursor/skills/agentic-workflow-engine/scripts/generate.py:
- Around line 98-106: The code in the outputs loop does not validate the path
values from the manifest before joining them. The variables out["path"] and
out["template"] can contain absolute paths or parent directory references like
.. which enables directory traversal outside the intended repository. Add
validation to check that both out["path"] and out["template"] do not start with
/ and do not contain .. sequences. If validation fails, print a fatal error
message indicating the invalid path in the manifest and return exit code 2,
treating it as a fatal input error consistent with the missing template
handling.
In @.cursor/skills/agentic-workflow-foundation/manifest.yaml:
- Around line 642-648: The bin/_github-app-auth.sh entry (lines 642-648) and the
corresponding entry at lines 664-668 have feature conditions (code_review and
github_pr) that make them conditionally generated, but according to SKILL.md
these should be essential foundational outputs that are always generated
regardless of feature flags. Remove the feature condition block from both
entries so that these files are generated unconditionally, ensuring consistency
between the manifest.yaml file structure and the declared behavior in SKILL.md.
In @.cursor/skills/agentic-workflow-foundation/references/design-conformance.md:
- Around line 37-40: The description of `guard-git-write.sh` in the second
bullet point is inconsistent with the `gh` CLI security policy documented in the
hooks README. The current text suggests that `gh api` write operations and `gh
pr comment/review` are handled with `ask` permission, but the hooks README
specifies that all `gh` CLI operations should be `deny`. Align the text in this
bullet point with the authoritative `gh` CLI deny policy from the hooks README
to ensure consistent security boundary definitions across both documents.
In @.cursor/skills/agentic-workflow-foundation/references/source-mapping.md:
- Around line 32-41: The manifest key `project.tracking_artifact` currently has
conflicting mappings across two separate table rows in the source-mapping.md
file, with one row (line 32) mapping to workflow-related documents and another
row (line 41) mapping to session-start-gate and quality gate documents.
Consolidate these by either merging both destination sets into a single table
row with `project.tracking_artifact`, using "/" separators to list all relevant
source files, or alternatively create a new distinct manifest key (such as
`project.tracking_artifact_gate` or `session.tracking_artifact_context`) to
separate the gate-specific documentation references. Ensure the final result
maintains a strict one-to-one mapping between manifest keys and their document
destinations to preserve source-mapping uniqueness and auditability.
In @.cursor/skills/agentic-workflow-foundation/scripts/resolve_coderabbit.py:
- Around line 81-85: The tool names in this dictionary use camelCase format
(such as osvScanner and fortitudeLint) but they are inconsistent with the seed
manifest which uses kebab-case format (osv-scanner and fortitude-lint). Update
all tool name keys in the dictionary to use kebab-case format to match the seed
manifest convention. This fix should be applied to all occurrences of tool names
throughout the file, including the main dictionary definition and any other
references mentioned in the comment (around lines 87-99 and 240-242).
- Around line 148-152: The category detection logic in the nested loop iterating
through TECH_CATEGORIES uses substring matching with `kw in combined`, which
causes false positives where keywords like "java" incorrectly match within
"javascript". Replace the substring matching condition with word boundary or
token-based matching to ensure keywords only match complete words, preventing
Java tools from being incorrectly enabled when JavaScript is detected.
In
@.cursor/skills/agentic-workflow-foundation/templates/docs/session-handoff-guide.md.template:
- Around line 136-142: The bash example in the session-handoff-guide.md.template
uses /tmp as a temporary location to save the handoff-active.md manifest, which
creates a security risk since /tmp is typically readable by all users on the
system. Replace both instances of /tmp/handoff-{ticket}.md with a path under
.cursor/.session directory (for example
.cursor/.session/.backups/handoff-{ticket}.md or similar) so that the manifest
file is stored in a location where access control is easier to enforce and
manage securely.
In
@.cursor/skills/agentic-workflow-foundation/templates/hooks/README.md.template:
- Around line 45-46: The regeneration commands in the README template are
inconsistent with the design boundary. Line 45 calls python3 directly on
agentic-workflow-engine's generate.py script, and Line 110 hardcodes pnpm run
gen, but both should use the unified resolved manifest pattern through
run_resolved_engine.py. Replace the direct generate.py call at line 45 and the
hardcoded pnpm run gen command at lines 110-111 with run_resolved_engine.py
generate (or the template variable {{project.quality_gate.gen_cmd}}) to maintain
the design boundary where resolved manifest is only assembled by
run_resolved_engine.py and the engine reads only immutable upstream docs.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/gh-commands.md.template:
- Around line 21-26: The startup check for the GitHub wrapper binaries
(bin/github-pr-reviews-safe, bin/github-pr-comment-safe,
bin/github-pr-reply-safe) currently only echoes a warning message when the
binaries are not found instead of explicitly stopping execution. This allows the
process to continue despite missing critical dependencies. Modify the test
command to explicitly exit or fail when the wrapper binaries are not detected,
rather than just printing a warning message. This ensures the process halts
immediately if the required safe wrappers are not available, preventing
downstream code from executing under broken prerequisites.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/references/pr-commands.md.template:
- Around line 42-48: The documentation in step 4 incorrectly describes the
wrapper using `gh pr create` command, but the actual implementation calls the
GitHub API directly using `curl` with `POST /repos/{owner}/{repo}/pulls`.
Replace step 4 in the documentation to accurately reflect the actual
implementation by updating it to describe the curl command that posts to the
GitHub API endpoint instead of the gh pr create command, ensuring the documented
workflow matches what the wrapper actually executes.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/SKILL.md.template:
- Around line 163-179: The current implementation uses fixed temporary file
names (/tmp/pr-title.txt and /tmp/pr-body.md) which creates security risks
including file collision, information disclosure, and leftover files. Replace
the fixed file path assignments with mktemp commands to generate unique
temporary file names for both the title and body files, and add a trap command
that runs on script exit to clean up these temporary files by removing them.
Then update the bin/github-pr-create-safe invocation to reference the
dynamically generated temporary file variables instead of the fixed paths.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/session-handover/scripts/plan-gate.sh.template:
- Around line 36-45: The find command using -name "$TRACKING" only matches
basenames and fails when TRACKING contains a path like "docs/plan.md". Modify
the find command to handle both cases: when TRACKING is just a filename and when
it includes a path. Check if TRACKING contains a forward slash, then use an
appropriate find predicate (such as -path for full path matching or construct
logic to match relative paths from PROJECT_DIR) instead of just -name, ensuring
the tracking document is properly detected regardless of whether it contains a
directory component.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/session-handover/scripts/session-start-gate.sh.template:
- Around line 25-30: The session-start-gate.sh script currently treats an
unconsumed handoff manifest (when the HANDOFF_FILE exists) as a WARN condition,
but per the session start boundary contract, this should be a FAIL condition
that exits with an error. Replace the echo statement for the warning case in the
conditional block (when HANDOFF_FILE is present) with an exit command that
terminates the script with a non-zero status code, ensuring that sessions cannot
proceed without the handoff manifest being properly consumed first.
- Around line 33-37: The find command in the tracked array population loop uses
the -name predicate with the TRACKING variable, which only matches the basename
of files. When TRACKING contains a path component (like docs/plan.md), the -name
predicate fails to match files in subdirectories. Replace the -name "$TRACKING"
predicate with -path "*/$TRACKING" or an appropriate path pattern matching to
ensure the full relative path is considered, allowing the script to properly
locate tracking documents with path specifications and avoid missing in-progress
documents.
In @.gitignore:
- Around line 50-54: The .gitignore file is missing the entry for
`.cursor/.session/**` which is needed to prevent sensitive session data from
being committed to git. According to the setup.md procedure, hooks generate
session JSON files in this directory that contain prompts and work history which
should not be exposed. Add the line `.cursor/.session/**` to the .gitignore file
to properly ignore all session files and subdirectories.
---
Minor comments:
In @.cursor/skills/agentic-workflow-engine/SKILL.md:
- Around line 35-36: There is a blank line within the blockquote section (marked
by `>`) at lines 35-36, which violates the MD028 markdown linting rule for
no-blanks-blockquote. Remove the empty line between the blockquote lines to
ensure the blockquote remains continuous without any internal blank lines. The
blockquote content should flow as a single continuous block with all lines
starting with the `>` marker.
In @.cursor/skills/agentic-workflow-foundation/SKILL.md:
- Around line 209-211: The `project.name` determination procedure defined in
SKILL.md (lines 209-211) uses `AskQuestion` to prompt the PO with options, but
the manifest.yaml file defines `project.name` as auto-derived without asking the
PO. These two procedures are contradictory and will cause operational branching.
Align these two definitions by either updating SKILL.md to remove the
`AskQuestion` approach and adopt the auto-derivation logic from manifest.yaml,
or update manifest.yaml to include the `AskQuestion` procedure as defined in
SKILL.md. Ensure both files reflect the same `project.name` determination
process to maintain consistent Phase 1.5 operations.
In
@.cursor/skills/agentic-workflow-foundation/templates/bin/_github-app-auth.sh.template:
- Around line 52-79: The _get_installation_token function uses jq to extract the
token from the response body on line 72, but does not include an explicit check
for jq availability within the function. Add a command availability check for jq
at the beginning of _get_installation_token that outputs a clear error message
indicating jq is not installed if the check fails, before attempting to execute
jq -r '.token' on the response body.
In
@.cursor/skills/agentic-workflow-foundation/templates/hooks/README.md.template:
- Around line 49-53: The threshold table has a hardcoded shell (MiB) column with
fixed values (1 MiB and 5 MiB) while the shell_bytes values use template
variables ({{framework.budget_thresholds.yellow.shell_bytes}} and
{{framework.budget_thresholds.red.shell_bytes}}). This causes the table to
become inconsistent when manifest values change. Either remove the shell (MiB)
column entirely since the byte values are already templated and sufficient, or
if the MiB column must remain, replace the hardcoded values with template
expressions that dynamically calculate the MiB conversion from the shell_bytes
template variables.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/gh-commands.md.template:
- Around line 62-65: The markdown code block closing is malformed because a
comma and Japanese text are directly attached to the closing triple backticks on
line 64. This breaks the code fence syntax and degrades readability. Separate
the code block properly by ensuring the closing triple backticks stand alone on
their own line, then add the explanatory text about the automatic review tool
bot login name (coderabbitai) as a separate paragraph or on a new line with
proper formatting, rather than concatenating it directly after the code fence.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/references/pr-commands.md.template:
- Around line 111-116: The table row describing how to handle uncommitted
changes (when `git status --porcelain` has output) contradicts the policy
documented in `agent-github-pr/SKILL.md.template`. Currently, the
pr-commands.md.template row advises to abort the skill and guide the user to
commit, but SKILL.md.template does not include this guidance. Update the
response text for the `git status --porcelain` row to match the actual policy
defined in SKILL.md.template so both documents have consistent behavior
regarding uncommitted changes.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/SKILL.md.template:
- Around line 25-29: The prerequisite check for bin/github-pr-create-safe does
not actually halt execution when the wrapper is missing; it only echoes a
message and allows the process to continue, creating a mismatch between the
documented behavior and actual execution. Replace the single-line test command
with a complete if statement that explicitly checks if the
bin/github-pr-create-safe file is not executable, outputs an error message to
stderr using >&2, and calls exit 1 to stop further execution, ensuring the skill
halts as documented.
In
@.cursor/skills/agentic-workflow-foundation/templates/skills/session-planning/SKILL.md.template:
- Around line 85-86: The documentation states that exception approval records
(例外承認記録) cannot proceed without a record (記録がなければ進めない), but the implementation
in plan-gate.sh treats G-PLAN-EXCEPTION-001 as a WARN-level gate rather than a
blocking error. Update the wording in the SKILL.md.template file for the
exception approval records section to align with the actual implementation
behavior, changing the language from a mandatory requirement to reflect that the
absence of a record triggers a warning rather than preventing progress. Ensure
consistency between what the documentation promises and how the
G-PLAN-EXCEPTION-001 gate behaves operationally.
In `@Makefile`:
- Around line 37-40: The `_ensure_brew` target is not declared as a phony target
in the Makefile. If a file with the same name exists, Make will skip executing
the target, causing the prerequisite check to be bypassed. Add `_ensure_brew` to
the `.PHONY` declaration (typically near the top of the Makefile with other
phony targets) to ensure this target always executes when referenced.
In `@README.md`:
- Around line 197-203: The markdown link to the setup documentation in README.md
references the filename as SETUP.md (uppercase), but the actual file is named
setup.md (lowercase). On Linux systems with case-sensitive filesystems, this
link will not resolve. Change the link reference from SETUP.md to setup.md to
match the actual filename exactly. Update the markdown link text from
[SETUP.md](SETUP.md) to [setup.md](setup.md) to ensure the documentation link
works across all operating systems.
In `@setup.md`:
- Around line 157-161: The markdown code block containing the mkdir, mv, and
chmod commands is missing a language specifier after the opening triple
backticks, which causes a MD040 linting violation. Add bash as the language
identifier after the opening triple backticks (```bash) to specify that this is
a bash code block, which will align the code with markdown linting rules and
improve syntax highlighting display.
---
Nitpick comments:
In @.cursor/docs/TECHNOLOGY_STACK_UNIFIED_DESIGN.md:
- Around line 284-305: The version policy table in the
TECHNOLOGY_STACK_UNIFIED_DESIGN.md file mixes time-dependent verified values
(like Wrangler v4, Next.js 15/16, etc.) with general policy recommendations,
making it unclear which values are guaranteed to match actual package.json and
wrangler.jsonc configurations. Reorganize the table by splitting it into two
separate sections: one for version policies (recommendations) and another for
verified/tested values that have been confirmed to work in the project, and
include verification dates or sources for the verified values section to
maintain accuracy over time.
In
@.cursor/skills/agentic-workflow-foundation/scripts/test_resolve_quality_gate.py:
- Around line 107-117: After running the subprocess with the --check flag in the
second subprocess.run call, you need to validate idempotency by checking not
only the return code but also the stdout content. Currently only the return code
is checked, which fails to detect regressions where files would need to be
rewritten. Add validation logic to verify that the second.stdout indicates no
changes are needed, ensuring the resolver produces idempotent output and catches
any unintended modifications between runs.
In
@.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-create-safe.template:
- Around line 43-47: The variable BODY_CONTENT is assigned on line 44 by reading
from BODY_FILE but is never used anywhere in the code. The BODY_JSON variable on
line 47 reads directly from BODY_FILE instead of using BODY_CONTENT, making this
intermediate variable unnecessary. Remove the unused BODY_CONTENT variable
assignment to clean up the code and eliminate redundant file reading operations.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
Review info
Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: e13908c0-abe5-49af-9530-311af6ef2d7d
Files selected for processing (62)
.coderabbit.yaml.cursor/docs/TECHNOLOGY_STACK_UNIFIED_DESIGN.md.cursor/mcp.json.cursor/skills/agentic-workflow-engine/SKILL.md.cursor/skills/agentic-workflow-engine/scripts/audit.py.cursor/skills/agentic-workflow-engine/scripts/generate.py.cursor/skills/agentic-workflow-engine/scripts/genlib.py.cursor/skills/agentic-workflow-foundation/SKILL.md.cursor/skills/agentic-workflow-foundation/manifest.yaml.cursor/skills/agentic-workflow-foundation/references/design-conformance.md.cursor/skills/agentic-workflow-foundation/references/source-mapping.md.cursor/skills/agentic-workflow-foundation/scripts/check_design_drift.py.cursor/skills/agentic-workflow-foundation/scripts/check_tech_stack_conformance.py.cursor/skills/agentic-workflow-foundation/scripts/ingest_tech_stack.py.cursor/skills/agentic-workflow-foundation/scripts/resolve_coderabbit.py.cursor/skills/agentic-workflow-foundation/scripts/resolve_quality_gate.py.cursor/skills/agentic-workflow-foundation/scripts/run_resolved_engine.py.cursor/skills/agentic-workflow-foundation/scripts/test_resolve_quality_gate.py.cursor/skills/agentic-workflow-foundation/templates/AGENTS.md.template.cursor/skills/agentic-workflow-foundation/templates/CLAUDE.md.template.cursor/skills/agentic-workflow-foundation/templates/bin/_github-app-auth.sh.template.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-comment-safe.template.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-create-safe.template.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-reply-safe.template.cursor/skills/agentic-workflow-foundation/templates/bin/github-pr-reviews-safe.template.cursor/skills/agentic-workflow-foundation/templates/coderabbit.yaml.template.cursor/skills/agentic-workflow-foundation/templates/cursorignore.block.template.cursor/skills/agentic-workflow-foundation/templates/docs/AGENT_RUNBOOK.md.template.cursor/skills/agentic-workflow-foundation/templates/docs/QUALITY_GATE.md.template.cursor/skills/agentic-workflow-foundation/templates/docs/session-handoff-guide.md.template.cursor/skills/agentic-workflow-foundation/templates/docs/tech-stack.md.template.cursor/skills/agentic-workflow-foundation/templates/hooks/README.md.template.cursor/skills/agentic-workflow-foundation/templates/hooks/guard-git-write.sh.template.cursor/skills/agentic-workflow-foundation/templates/rules/01-critical-constraints.mdc.template.cursor/skills/agentic-workflow-foundation/templates/rules/02-agent-conduct.mdc.template.cursor/skills/agentic-workflow-foundation/templates/rules/03-github-security.mdc.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/SKILL.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/approval-loop.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/checklist.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/gh-commands.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/group-presentation-templates.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/reply-templates.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/review-completion.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/review-report-format.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-code-review/references/self-rebuttal.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/SKILL.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/agent-github-pr/references/pr-commands.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/decisions-record/SKILL.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/session-handover/SKILL.md.template.cursor/skills/agentic-workflow-foundation/templates/skills/session-handover/scripts/plan-gate.sh.template.cursor/skills/agentic-workflow-foundation/templates/skills/session-handover/scripts/session-start-gate.sh.template.cursor/skills/agentic-workflow-foundation/templates/skills/session-handover/scripts/verification-gate.sh.template.cursor/skills/agentic-workflow-foundation/templates/skills/session-planning/SKILL.md.template.cursor/skills/sync-ai-agent-unified-design/SKILL.md.cursor/skills/sync-ai-agent-unified-design/references/source.yaml.cursor/skills/sync-ai-agent-unified-design/scripts/check-mcp-env.sh.cursor/skills/sync-ai-agent-unified-design/scripts/github-mcp-wrapper.sh.cursorignore.gitignoreMakefileREADME.mdsetup.md
💤 Files with no reviewable changes (7)
- .cursorignore
- .cursor/mcp.json
- .cursor/skills/sync-ai-agent-unified-design/SKILL.md
- .cursor/skills/sync-ai-agent-unified-design/references/source.yaml
- .cursor/skills/sync-ai-agent-unified-design/scripts/check-mcp-env.sh
- .cursor/skills/agentic-workflow-foundation/scripts/check_design_drift.py
- .cursor/skills/sync-ai-agent-unified-design/scripts/github-mcp-wrapper.sh
…b PR workflow - Revised the README and various templates to reflect changes in script usage, specifically updating references to `run_resolved_engine.py` for generating and auditing workflows. - Enhanced the `plan-gate.sh` and `session-start-gate.sh` scripts to include a new function for finding tracking documents, improving clarity and functionality. - Updated the GitHub PR command creation process to utilize the GitHub REST API directly, ensuring a more robust and secure interaction. - Corrected tool names in the tech map for consistency and accuracy.
…erate scripts - Introduced a new `_safe_join` function to ensure relative paths are securely joined within specified directories, improving path validation. - Updated `audit.py` and `generate.py` to utilize `_safe_join`, enhancing error handling for output path definitions and providing clearer error messages for users. - Revised the `manifest.yaml` to clarify the generation of essential output scripts, ensuring consistent documentation regarding the wrapper and helper scripts.
…tion - Revised the usage of `bin/github-pr-reply-safe` to include `<pr-number>` as a required argument in various templates, enhancing clarity on command structure. - Updated documentation in `setup.md`, `SKILL.md`, `checklist.md`, and `gh-commands.md` to reflect the new command format, ensuring consistency across all references. - Improved user guidance on the correct usage of the reply command, emphasizing the need for both PR number and comment ID in the execution context.
… functionality - Updated the session handoff guide to include backup procedures for active manifests, ensuring users can manage multiple tasks without data loss. - Improved error handling in GitHub wrapper command checks, providing clearer feedback when required commands are missing. - Revised the PR creation process in the GitHub PR skill template to utilize temporary files for title and body, enhancing script reliability and user experience.
mapserver2007
approved these changes
Jun 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Agentic Workflow Foundation Kit の基盤を大幅に拡張し、manifest + templates から決定論的に出力を生成する
agentic-workflow-engine、tech stack 取り込み・Quality Gate・CodeRabbit 自動設定、GitHub App ベースの安全な PR wrapper、セッション管理スキル群を追加しました。Changes
agentic-workflow-engineスキル追加(generate.py / audit.py / genlib.py)agentic-workflow-foundationを seed manifest 方式にリファクタ(run_resolved_engine.py, tech stack ingestion, quality gate / CodeRabbit 自動解決)Test plan
make checkで依存ツール確認run_resolved_engine.py auditで drift がないことbin/github-pr-create-safeが GitHub App 認証で動作すること(本 PR 作成で確認)Summary by CodeRabbit
リリースノート