diff --git a/docs/live/current-focus.md b/docs/live/current-focus.md index 53fc5b8..2286ebf 100644 --- a/docs/live/current-focus.md +++ b/docs/live/current-focus.md @@ -4,25 +4,23 @@ Read after `AGENTS.md` when starting or resuming work. Keep this file limited to ## Objective -Keep the first-party skill suite under `templates/base/.agents/skills/` organized around an owned routing model: a suite router (`using-agent-practices`), a reasoning-family router (`using-reasoning`), the existing leaf skills, and a shared category map that explains how the pieces fit together. +Replace the legacy `create-skill` guidance with a production-ready, universal `skills-creator` package that matches the provided structure, scripts, and references for scaffolding, authoring, validating, and evaluating SKILL.md packages. ## Scope -- Keep the new router skills under `templates/base/.agents/skills/using-agent-practices/` and `templates/base/.agents/skills/using-reasoning/`. -- Keep the suite taxonomy reference under `templates/base/.agents/skills/using-agent-practices/references/category-map.md`. -- Keep the starter skill-creator eval fixtures under each new router's `evals/evals.json`. -- Keep the existing 11 live leaf skills in place without renaming them. +- Work inside `templates/base/.agents/skills/skills-creator/` plus the live docs that track progress. +- Include SKILL.md, `scripts/scaffold.py`, `scripts/validate.py`, `assets/skill_template.md`, `assets/eval_template.md`, and references for patterns, platforms, security, and antipatterns. +- Retire the old `create-skill` folder; do not alter other skills or routers. ## Constraints -- Use owned suite terminology; do not depend on third-party `superpowers` naming inside the first-party router skills. -- Keep the skill directory flat for now; express categories through routers and references rather than nested discovery assumptions. -- Preserve the existing leaf skill names and descriptions unless a future task explicitly asks to retune them. -- Do not commit from this task. +- Keep the skill universal across surfaces (no platform-bound instructions). +- Follow the naming and validation rules from the specification (gerund form preferred, forbidden words, ≤64 chars, ≤500 body lines, ≤1-level references). +- Preserve unrelated skills and existing router work. ## Success Criteria -- `using-agent-practices/SKILL.md` routes across the current owned suite categories and points reasoning requests to `using-reasoning`. -- `using-reasoning/SKILL.md` routes cleanly among `thinking-ground`, `problem-definition`, `dynamic-problem-solving`, `domain-expert-consultation`, and `strategic-foresight`. -- Both router skills include starter `evals/evals.json` fixtures for future `skill-creator` iteration. -- `using-agent-practices/references/category-map.md` records the suite categories and routing rule of thumb. \ No newline at end of file +- `skills-creator/SKILL.md` reflects the seven-phase lifecycle and progressive disclosure rules, with clear references to supporting files. +- Scripts scaffold and validate skill packages per the naming/frontmatter/line-count rules. +- Assets and references match the required templates and checklists. +- Live docs reflect the updated objective and completed work. diff --git a/docs/live/progress.md b/docs/live/progress.md index 9baaaa5..6e99885 100644 --- a/docs/live/progress.md +++ b/docs/live/progress.md @@ -4,11 +4,14 @@ Read after `docs/live/current-focus.md` to recover the latest state, continuity, ## Current State -The first-party skill suite now has an owned routing layer. `using-agent-practices` routes across the whole suite, `using-reasoning` routes the overlapping reasoning skills, and `using-agent-practices/references/category-map.md` records the current category abstraction for the 11 live leaf skills. +The legacy `create-skill` guidance has been replaced by a universal `skills-creator` package with SKILL.md, scripts, references, and templates for scaffolding, validating, and evaluating new skills. ## Latest Completed Work -Created `templates/base/.agents/skills/using-agent-practices/SKILL.md`, `templates/base/.agents/skills/using-reasoning/SKILL.md`, a shared category map reference under `using-agent-practices/references/`, and starter `evals/evals.json` fixtures for both routers. The suite is now abstracted into Orchestration and Continuity, Reasoning and Strategy, Prompt Artifact Creation, Commercial Reality Testing, and Design Systems and Visual Prototyping, with only the reasoning cluster routed through a family router. +- Added `templates/base/.agents/skills/skills-creator/SKILL.md` with the seven-phase lifecycle, progressive disclosure rules, and links to supporting resources. +- Added assets (`skill_template.md`, `eval_template.md`) and references (`PATTERNS.md`, `PLATFORMS.md`, `SECURITY.md`, `ANTIPATTERNS.md`). +- Implemented `scripts/scaffold.py` (name checks + scaffold + eval template copy) and `scripts/validate.py` (frontmatter/name/description/line-count/reference-depth checks, optional eval count gate). +- Retired the old `create-skill` folder and refreshed live docs (current-focus, todo, progress). ## In Progress @@ -20,24 +23,28 @@ None. ## Next Recommended Action -If these routers will become stable entry points, run a true `skill-creator` eval loop against the new router skills next so the category ordering and descriptions can be pressure-tested on ambiguous prompts instead of only structurally validated. +Author real evaluation scenarios for `skills-creator` (or downstream skills) and run the validator with `--full` once scenarios exist; optionally tune the gerund warning if keeping the `skills-creator` name as-is. ## Touched Files -- `templates/base/.agents/skills/using-agent-practices/SKILL.md` -- `templates/base/.agents/skills/using-agent-practices/references/category-map.md` -- `templates/base/.agents/skills/using-agent-practices/evals/evals.json` -- `templates/base/.agents/skills/using-reasoning/SKILL.md` -- `templates/base/.agents/skills/using-reasoning/evals/evals.json` +- `templates/base/.agents/skills/skills-creator/SKILL.md` +- `templates/base/.agents/skills/skills-creator/assets/skill_template.md` +- `templates/base/.agents/skills/skills-creator/assets/eval_template.md` +- `templates/base/.agents/skills/skills-creator/references/PATTERNS.md` +- `templates/base/.agents/skills/skills-creator/references/PLATFORMS.md` +- `templates/base/.agents/skills/skills-creator/references/SECURITY.md` +- `templates/base/.agents/skills/skills-creator/references/ANTIPATTERNS.md` +- `templates/base/.agents/skills/skills-creator/scripts/scaffold.py` +- `templates/base/.agents/skills/skills-creator/scripts/validate.py` - `docs/live/current-focus.md` - `docs/live/progress.md` - `docs/live/todo.md` ## Verification Status -Read back both new SKILL files plus the new category map and eval fixtures. Ran and observed success for: -- `python3` frontmatter/JSON validation covering `templates/base/.agents/skills/using-agent-practices/SKILL.md`, `templates/base/.agents/skills/using-reasoning/SKILL.md`, both router `evals/evals.json` files, and the required sections in `using-agent-practices/references/category-map.md`. +- `python3 -m compileall templates/base/.agents/skills/skills-creator/scripts` +- `python3 templates/base/.agents/skills/skills-creator/scripts/validate.py templates/base/.agents/skills/skills-creator` (passes with a gerund-name warning because the spec keeps `skills-creator`) ## Hand-off Note -The suite abstraction is now documented without renaming the existing leaf skills. The next leverage point is evaluation quality, not more taxonomy: the owned routers exist, but their category order and trigger wording still need real ambiguous-prompt testing if you want them to become default entry points. \ No newline at end of file +`skills-creator` now packages the full lifecycle guidance plus scaffold/validate helpers and supporting references/templates. Add evaluation scenarios and re-run validation with `--full` when ready; adjust or silence the gerund warning if you prefer to keep the non-gerund name. diff --git a/docs/live/todo.md b/docs/live/todo.md index b42c80f..50fe045 100644 --- a/docs/live/todo.md +++ b/docs/live/todo.md @@ -9,4 +9,5 @@ Use one row per work item. Prefer `High`, `Medium`, or `Low` for priority and `P | Task | Priority | Status | | --- | --- | --- | | Task 19: add owned suite routers and category map for the first-party skills | High | Completed | -| Task 20: run `skill-creator` evaluations for `using-agent-practices` and `using-reasoning` on ambiguous prompts | Medium | Pending | \ No newline at end of file +| Task 20: run `skill-creator` evaluations for `using-agent-practices` and `using-reasoning` on ambiguous prompts | Medium | Pending | +| Task 21: replace `create-skill` with the universal `skills-creator` package (SKILL, scripts, assets, references) | High | Active | diff --git a/templates/base/.agents/skills/create-skill/SKILL.md b/templates/base/.agents/skills/create-skill/SKILL.md deleted file mode 100644 index af6495a..0000000 --- a/templates/base/.agents/skills/create-skill/SKILL.md +++ /dev/null @@ -1,74 +0,0 @@ ---- -name: create-skill -description: Use when creating a new reusable skill, packaging instructions into a skill directory, or rewriting skill guidance into canonical SKILL.md format. ---- - -# Create Skill - -## Overview -Create a reusable skill as a plain-markdown `SKILL.md` with minimal frontmatter and fast-scanning guidance. The goal is a document another agent can discover quickly and apply without reading a transcript. - -## When to Use -Use this skill when the user asks to: -- create a new skill or capability -- package a repeatable workflow into a skill directory -- set up or rewrite a `SKILL.md` -- prepare a skill for reuse or sharing - -Do not use it for project-specific one-off instructions that belong in repo docs or task notes. - -## Quick Reference - -| Item | Requirement | -| --- | --- | -| Directory | `skill-name/` | -| Required file | `SKILL.md` | -| Frontmatter fields | `name`, `description` only | -| `name` | Must match directory name exactly | -| `description` | Starts with `Use when...`; third person; trigger conditions only | -| Body structure | `# Title`, `## Overview`, `## When to Use`, then practical reference sections | - -## Workflow -1. Define the skill boundary. - - Capture the reusable capability, not the story of one past task. - - Confirm the skill is broad enough to matter again. -2. Choose the name. - - Keep it aligned to the directory name. - - Prefer descriptive, hyphenated names. -3. Write the description for discovery. - - Describe when the skill should be loaded. - - Include trigger situations, symptoms, or request phrases. - - Do not summarize the workflow in the description. -4. Draft the body for scanning. - - Start with a short overview. - - Add a `When to Use` section with clear bullets. - - Add only the sections that help execution: checklist, workflow, quick reference, examples, common mistakes. -5. Keep reference material honest. - - Inline short guidance. - - Break out only genuinely heavy reference material. -6. Re-read the final markdown. - - Verify frontmatter is exactly two fields. - - Verify the document reads like a skill, not a raw note dump. - -## Writing Guidelines -- Optimize for discovery first, execution second. -- Prefer bullets, tables, and short numbered steps over prose blocks. -- Preserve the original capability while removing stale platform-specific advice. -- Use one concept per section. -- Explain non-obvious tradeoffs or failure modes, not obvious mechanics. - -## Common Mistakes -- Adding extra frontmatter fields beyond `name` and `description` -- Writing a description that explains the process instead of the trigger -- Copying a long transcript into `SKILL.md` without restructuring it -- Keeping obsolete validation or packaging instructions that are not central to the skill -- Creating a skill for a one-off project convention instead of a reusable pattern - -## Final Checklist -- [ ] `SKILL.md` is plain markdown -- [ ] Frontmatter contains only `name` and `description` -- [ ] `name` matches the directory name exactly -- [ ] `description` begins with `Use when...` -- [ ] Body has `Overview` and `When to Use` -- [ ] Remaining sections are concise and useful for execution -- [ ] Content reflects the current canonical skill format diff --git a/templates/base/.agents/skills/create-skill/reference/src.md b/templates/base/.agents/skills/create-skill/reference/src.md deleted file mode 100644 index fcd8980..0000000 --- a/templates/base/.agents/skills/create-skill/reference/src.md +++ /dev/null @@ -1,218 +0,0 @@ -**Create Skill** - -This skill helps you create new Agent Skills that follow the agentskills.io specification. - -**When to Use This Skill** - -Use this skill when the user asks you to: - -* Create a new skill or capability - -* Package instructions into a reusable format - -* Set up a skill directory - - -**Agent Skills Format** - -An Agent Skill is a directory containing a SKILL.md file with YAML frontmatter: - -text - -my-skill/ - -└── SKILL.md - -**SKILL.md Structure** - -CRITICAL: When you write SKILL.md, the very first characters in the file must be --- (the YAML frontmatter opening delimiter). Do not write any title, description, or other content before the ---. - -text - -\--- - -name: my-skill - -description: A clear description of what this skill does and when to use it. - -license: (optional) - -compatibility: Any environment requirements (optional) - -metadata: (optional) - -  author: your-name - -  version: '1.0' - -\--- - -\# Skill Title - -\## When to Use This Skill - -Describe the scenarios where this skill should be applied. - -\## Instructions - -Step-by-step instructions for the agent to follow. - -\## Examples - -Include examples of inputs and expected outputs. - -Common mistake: The first line of SKILL.md must be --- (the frontmatter opening delimiter). Do NOT put any title, comment, or blank lines before it. - -**Frontmatter Requirements** - -Required fields: - -* name: 1-64 characters, lowercase alphanumeric and hyphens only - - * Must match the directory name exactly - - * Cannot start or end with hyphens - - * No consecutive hyphens allowed - - * Valid examples: pdf-processing, code-review, data-analysis - - * Invalid examples: -my-skill, my--skill, My\_Skill - -* description: 1-1024 characters describing: - - * What the skill does - - * When it should be used (important for agent discovery) - - * Should include specific keywords and trigger phrases - - * Example: "Use when the user mentions PDFs, forms, or document extraction" is better than "Helps with PDFs" - - -Optional fields: - -* license: Licensing terms (e.g., MIT, Apache-2.0) - -* compatibility: Environment requirements, max 500 characters - -* metadata: Key-value pairs for additional information - -* allowed-tools: Space-delimited list of pre-approved tools (experimental) - - -**Instructions for Creating a New Skill** - -1. Understand the requirement: Ask the user what the skill should accomplish and when it should be used. - -2. Choose a name: Pick a descriptive, lowercase name with hyphens for word separation. - -3. Write a clear description: This is crucial for skill discovery. Include: - - * What the skill does - - * Keywords and trigger phrases that help identify when to use it - - * Be specific and detailed (up to 1024 characters allowed) - -4. Create comprehensive instructions: Write clear, step-by-step guidance that another agent can follow. - -5. Create the skill directory and file: - - * Create directory: {skills\_dir}/{skill-name}/ - - * Create file: {skills\_dir}/{skill-name}/SKILL.md (must be named exactly SKILL.md) - -6. CRITICAL: When you write SKILL.md, the very first characters must be ---. No title, description, or other content before the frontmatter. - -7. Validate the skill: After creating all relevant files, validate using the skills-ref library. Do NOT validate until you have finished preparing all files:bashpip install -q skills-ref && agentskills validate {skills\_dir}/{skill-name} - -8. If validation fails, read the error message and fix before proceeding. - -9. Prepare for sharing: - - * Single-file skill (only SKILL.md): Share the SKILL.md file directly - - * Multi-file skill (SKILL.md + reference files like templates, datasets, or documentation): Create a .zip archive containing the skill directory - - * Use .zip format, not .tar or .tar.gz - -10. Inform the user: Let the user know the skill has been created and validated successfully, and they can download it for use or manage it via their settings at [https://www.perplexity.ai/computer/skills](https://www.perplexity.ai/computer/skills). - - -**Example: Creating a Code Review Skill** - -If asked to create a code review skill: - -text - -\--- - -name: code-review - -description: Review code for bugs, security issues, and best practices. Use when asked to review, audit, or check code quality. - -license: MIT - -\--- - -\# Code Review Skill - -\## When to Use This Skill - -Use this skill when the user asks you to: - -\- Review code for issues - -\- Check code quality - -\- Audit for security vulnerabilities - -\- Suggest improvements to existing code - -\## Instructions - -1\. Read the code file(s) to be reviewed - -2\. Analyze for: - -   - Logic errors and bugs - -   - Security vulnerabilities (injection, XSS, etc.) - -   - Performance issues - -   - Code style and readability - -   - Missing error handling - -3\. Provide feedback organized by severity (critical, warning, suggestion) - -4\. Include specific line references and suggested fixes - -**Common Errors** - -Error: "SKILL.md must start with YAML frontmatter (---)" - -This means the file doesn't start with --- on line 1. The very first character must be the opening frontmatter delimiter. - -* ❌ Wrong: Starting with title # My Skill before --- - -* ❌ Wrong: Blank lines before --- - -* ✅ Correct: File starts immediately with --- - - -Error: Invalid name format - -The name field has strict validation: - -* Must be 1-64 characters - -* Lowercase letters, numbers, and hyphens only - -* Cannot start or end with hyphen - -* No consecutive hyphens (--) - -* Must match the directory name exactly \ No newline at end of file diff --git a/templates/base/.agents/skills/skills-creator/SKILL.md b/templates/base/.agents/skills/skills-creator/SKILL.md new file mode 100644 index 0000000..636a0ff --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/SKILL.md @@ -0,0 +1,136 @@ +--- +name: skills-creator +description: > + Scaffolds, authors, validates, and iterates on SKILL.md packages following + Anthropic's Agent Skills spec and authoring guidelines. Use when asked to + create, refine, review, or evaluate a skill package. +license: MIT +compatibility: > + Claude Code (full support); Claude API (no network, no runtime installs); + Claude.ai (varying network). Python 3.9+ required for scripts. +allowed-tools: Bash(python3:*) Read Write +meta: + author: your-org + version: "2.0" + spec: anthropic-agent-skills-2025-10-02 +--- + +# Skills Creator + +Guides the complete lifecycle of a SKILL.md package: discover → scaffold → +author → write scripts → evaluate → ship. Never skip Phase 5 (Evaluate). + +## Preconditions +- Confirm the user's intent, target outcome, and where the skill will run. Keep instructions universal across surfaces. +- Identify tools, data, and external services up front; avoid hidden dependencies. +- Decide the output format (SKILL-only vs. SKILL + references/scripts). + +## Phase 1 — Discover +Answer all five questions before writing anything: +1. **Single responsibility** — What is the one thing this skill does? +2. **Failure case** — What specific task fails without this skill? +3. **Dependencies** — Which tools or services are required? +4. **I/O contract** — What does the user provide? What is produced? +5. **Fragility** — How sensitive is execution to variation (drives instruction style)? + +If any answer is unclear, stop and ask for clarification. Vague skills produce vague behavior. + +## Phase 2 — Scaffold +- Generate the folder and boilerplate: `python3 scripts/scaffold.py ` +- Naming rules (enforced by the scaffold/validator): + - Gerund form preferred: `processing-pdfs`, `analyzing-logs` + - Lowercase letters, numbers, hyphens only; max 64 chars; no leading/trailing/double hyphens + - Forbidden words: `anthropic`, `claude`, `helper`, `utils`, `tools` +- Minimum valid output: `/SKILL.md` (add `scripts/` when execution steps exist) +- Use `assets/skill_template.md` for the SKILL and `assets/eval_template.md` for starter evals. + +## Phase 3 — Author SKILL.md +### Frontmatter +Only add optional fields when they provide real value. +```yaml +--- +name: +description: > + [Third-person verb phrase. What it does. When to use it.] +license: MIT # if distributing +compatibility: Requires pdfplumber # if environment-specific +allowed-tools: Bash(python3:*) Read # if pre-approving tools +meta: + author: your-org + version: "1.0" +--- +``` + +### Description formula +> "[Verb phrase]. Use when [trigger condition(s)]." +- Third-person only; include clear triggers; max 1,024 characters; no XML tags. + +### Body structure +Calibrate instruction style to fragility: +- **Low**: natural-language heuristics +- **Medium**: parameterized pseudocode +- **High**: exact verbatim commands + +Standard order: +1. Preconditions — what must be true before starting +2. Steps — numbered, imperative, one action per step +3. Tools — which tools to call and when (use fully-qualified MCP names) +4. Output — artifact type, format, destination +5. Edge Cases — inline if short; otherwise link to `references/` + +### Progressive disclosure rules +- Level 1: frontmatter (always loaded) +- Level 2: SKILL body (<5k tokens, ≤500 lines) +- Level 3: `references/`, `scripts/`, `assets/` (loaded only when opened) +- References may go one level deep only. Move heavy content to `references/`. +- No time-sensitive content inline; put legacy items under `references/`. + +### Progress checklist (example) +``` +Task Progress: +- [ ] Step 1: Draft SKILL.md from template +- [ ] Step 2: Add references/scripts only if needed +- [ ] Step 3: Validate output +- [ ] Step 4: Fix errors and re-validate +- [ ] Step 5: Only proceed when validation passes +``` + +## Phase 4 — Write Scripts +- Keep scripts self-contained; handle `FileNotFoundError`, `PermissionError`, and invalid input explicitly. +- Use forward slashes only; add intent in SKILL: "Run scripts/.py..." or "See scripts/.py..." +- If packages are required, note them inline (e.g., `# pip install pdfplumber`) and confirm platform support first. + +## Phase 5 — Evaluate (Never Skip) +- Write at least 3 scenarios using `assets/eval_template.md`. +- Claude A/Claude B loop (recommended): + 1. Author the skill (Claude A). + 2. Fresh session loads the skill and runs real tasks (Claude B). + 3. Record failures and close gaps in SKILL or scripts. + 4. Repeat until all scenarios pass. +- Run validation: `python3 scripts/validate.py ` + +## Phase 6 — Platform Check +Confirm the target surface before shipping; keep guidance universal. See `references/PLATFORMS.md` for constraints across Claude Code, Claude API, and Claude.ai. + +## Phase 7 — Security Audit +Treat distributing a skill like releasing software. Review `references/SECURITY.md` before sharing externally. + +## Pre-Ship Gate +Run the full checklist: `python3 scripts/validate.py --full` + +Manual confirmations: +- [ ] `name` is gerund-form, ≤64 chars, no forbidden words, matches folder +- [ ] `description` is third-person, has trigger condition, ≤1,024 chars, no XML tags +- [ ] Body ≤500 lines, <5,000 tokens; heavy content lives in `references/` +- [ ] All file references are max one level deep +- [ ] Scripts declare intent, handle errors, and use forward slashes +- [ ] Platform constraints checked; no platform-bound instructions +- [ ] Minimum 3 evaluation scenarios written and passing +- [ ] Security audit completed if distributing + +## References and Assets +- Patterns and disclosure guidance: `references/PATTERNS.md` +- Platform constraints: `references/PLATFORMS.md` +- Security audit checklist: `references/SECURITY.md` +- Common authoring mistakes: `references/ANTIPATTERNS.md` +- Templates: `assets/skill_template.md`, `assets/eval_template.md` diff --git a/templates/base/.agents/skills/skills-creator/assets/eval_template.md b/templates/base/.agents/skills/skills-creator/assets/eval_template.md new file mode 100644 index 0000000..4dcdaf6 --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/assets/eval_template.md @@ -0,0 +1,24 @@ +# Scenario +- Title: [concise scenario name] +- Goal: [user outcome] +- Risk: [what can go wrong if mishandled] + +# Input +- User prompt: "[exact user prompt or sample task]" +- Files/data: [paths or descriptions] +- Constraints: [time, tokens, forbidden actions] + +# Expected Output +- Format: [stdout / file path / JSON shape] +- Success criteria: [bullet list of observable checks] + +# Run Notes +1. [Step 1 executed by evaluator] +2. [Step 2] +3. [Step 3] + +# Validation +- [ ] Output matches expected format +- [ ] Requirements met +- [ ] Edge cases covered +- [ ] Follow-ups recorded for gaps diff --git a/templates/base/.agents/skills/skills-creator/assets/skill_template.md b/templates/base/.agents/skills/skills-creator/assets/skill_template.md new file mode 100644 index 0000000..7e96fa3 --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/assets/skill_template.md @@ -0,0 +1,27 @@ +--- +name: replace-with-gerund-form +description: > + [Third-person verb phrase.] Use when [trigger condition]. +--- + +# [Skill Display Name] + +## Preconditions +- [What must be true before Claude begins] + +## Steps +1. [First action — imperative verb] +2. [Second action] +3. Validate output before proceeding +4. Fix errors and re-validate +5. Only proceed when validation passes + +## Tools +- [Tool name]: [When and how to use it] + +## Output +- Format: [plain text / JSON / file type] +- Location: [stdout / path] + +## Edge Cases +- [Brief case] — for complex edge cases, see references/ diff --git a/templates/base/.agents/skills/skills-creator/references/ANTIPATTERNS.md b/templates/base/.agents/skills/skills-creator/references/ANTIPATTERNS.md new file mode 100644 index 0000000..995bfbf --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/references/ANTIPATTERNS.md @@ -0,0 +1,10 @@ +# Common Authoring Antipatterns + +- Description in first person or without clear trigger conditions. +- Frontmatter bloated with unused fields; `name` does not match folder. +- Names with uppercase letters, underscores, or forbidden words; double/leading/trailing hyphens. +- Chained references (`SKILL.md → ref A → ref B`) that hide critical guidance. +- Time-sensitive or platform-bound instructions embedded in SKILL.md. +- Scripts without declared intent in the SKILL, or without error handling for missing files/permissions. +- Skipping evaluation scenarios or shipping without re-running validation after edits. +- Deep file paths inside `references/` that exceed one-level depth. diff --git a/templates/base/.agents/skills/skills-creator/references/PATTERNS.md b/templates/base/.agents/skills/skills-creator/references/PATTERNS.md new file mode 100644 index 0000000..1923191 --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/references/PATTERNS.md @@ -0,0 +1,21 @@ +# Progressive Disclosure Patterns + +## Levels +- **Level 1 — Metadata**: YAML frontmatter only. Always loaded; keep minimal. +- **Level 2 — Instructions**: SKILL.md body. Stay under 5,000 tokens/500 lines. Put only what is needed to execute. +- **Level 3 — Resources**: `references/`, `scripts/`, `assets/`. Load on demand only. Never chain beyond one hop (`SKILL.md → ref.md` only). + +## Fragility → Instruction Style +- **Low fragility**: heuristics and short bullets. +- **Medium fragility**: parameterized pseudocode and explicit flags. +- **High fragility**: exact commands to run; forbid edits. + +## Routing Content +- Inline edge cases that fit in ≤3 lines; move the rest to `references/`. +- Keep a single term per concept across the SKILL and references. +- Avoid time-sensitive content in SKILL.md; move legacy notes under a `Legacy Patterns` section in references if needed. + +## Evaluation Pattern (Claude A / Claude B) +1. Author the skill (Claude A). +2. Fresh session loads the skill and runs real tasks (Claude B). +3. Record failures, patch the SKILL/scripts, and re-run until scenarios pass. diff --git a/templates/base/.agents/skills/skills-creator/references/PLATFORMS.md b/templates/base/.agents/skills/skills-creator/references/PLATFORMS.md new file mode 100644 index 0000000..68f46bf --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/references/PLATFORMS.md @@ -0,0 +1,23 @@ +# Platform Runtime Constraints + +## Claude API +- No network access from skills +- No runtime package installation — pre-installed packages only +- Check code execution tool docs for available packages +- Skills shared workspace-wide via `/v1/skills` endpoints +- Required beta headers: `code-execution-2025-08-25`, `skills-2025-10-02`, `files-api-2025-04-14` + +## Claude Code +- Full network access (same as local machine) +- Do NOT install packages globally — local installs only +- Skills live in `~/.claude/skills/` (personal) or `.claude/skills/` (project) +- Filesystem-based, no API upload needed + +## Claude.ai +- Network access varies by user/admin settings +- Package behavior varies +- Custom skills: individual user only, uploaded as `.zip` via Settings > Features +- Available on Pro, Max, Team, Enterprise with code execution enabled + +## Key Rule +Skills do NOT sync across surfaces. Manage separately per platform. diff --git a/templates/base/.agents/skills/skills-creator/references/SECURITY.md b/templates/base/.agents/skills/skills-creator/references/SECURITY.md new file mode 100644 index 0000000..d325a7b --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/references/SECURITY.md @@ -0,0 +1,11 @@ +# Security Audit Checklist + +Run this before distributing a skill. Treat the skill like shipped software. + +- No unexpected network calls in scripts; document every outbound request. +- Do not access files outside the skill directory unless explicitly required and declared. +- No external URL fetches embedded in SKILL.md (fetched content can be injected). +- Scope bash commands narrowly and make side effects explicit. +- Note any optional dependencies and their trust boundaries. +- Ensure scripts handle invalid inputs, missing files, and permission errors safely. +- Keep platform-specific steps isolated; avoid assuming install rights on any surface. diff --git a/templates/base/.agents/skills/skills-creator/scripts/scaffold.py b/templates/base/.agents/skills/skills-creator/scripts/scaffold.py new file mode 100644 index 0000000..ee935bc --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/scripts/scaffold.py @@ -0,0 +1,91 @@ +#!/usr/bin/env python3 +""" +Scaffold a new SKILL.md package using the skills-creator templates. +""" +from __future__ import annotations + +import argparse +import re +import shutil +import sys +from pathlib import Path + +FORBIDDEN_WORDS = {"anthropic", "claude", "helper", "utils", "tools"} +NAME_PATTERN = re.compile(r"^[a-z0-9]+(?:-[a-z0-9]+)*$") + + +def _fail(message: str) -> None: + print(f"ERROR: {message}", file=sys.stderr) + sys.exit(1) + + +def validate_name(raw: str) -> str: + name = raw.strip() + if not name: + _fail("Skill name is required.") + if len(name) > 64: + _fail("Skill name must be 64 characters or fewer.") + if not NAME_PATTERN.match(name): + _fail("Use lowercase letters, numbers, and single hyphens only (no leading/trailing/double hyphens).") + lowered = name.lower() + for word in FORBIDDEN_WORDS: + if word in lowered: + _fail(f"Skill name cannot include '{word}'.") + if not lowered.endswith("ing"): + print("NOTE: Gerund form is preferred (e.g., processing-pdfs).", file=sys.stderr) + return lowered + + +def load_template(template_path: Path, skill_name: str) -> str: + content = template_path.read_text(encoding="utf-8") + return content.replace("replace-with-gerund-form", skill_name) + + +def scaffold(skill_name: str, output_dir: Path) -> Path: + target_dir = output_dir / skill_name + if target_dir.exists(): + _fail(f"Destination already exists: {target_dir}") + + template_root = Path(__file__).resolve().parent.parent / "assets" + skill_template = template_root / "skill_template.md" + eval_template = template_root / "eval_template.md" + + target_dir.mkdir(parents=True, exist_ok=False) + evals_dir = target_dir / "evals" + evals_dir.mkdir(parents=True, exist_ok=True) + + rendered_skill = load_template(skill_template, skill_name) + (target_dir / "SKILL.md").write_text(rendered_skill, encoding="utf-8") + shutil.copy(eval_template, evals_dir / "eval_template.md") + + print(f"Created skill at {target_dir}") + print("- Edit SKILL.md to finalize description, steps, and references.") + print("- Add scripts/ and references/ if the workflow needs them.") + print("- Draft at least 3 evaluation scenarios using eval_template.md.") + print(f"- Validate with: python3 scripts/validate.py {skill_name}") + return target_dir + + +def main() -> None: + parser = argparse.ArgumentParser(description="Generate a SKILL.md package scaffold.") + parser.add_argument("skill_name", help="Gerund-form skill folder name (lowercase, hyphenated).") + parser.add_argument( + "--output-dir", + default=".", + help="Destination directory for the new skill (default: current directory).", + ) + args = parser.parse_args() + + skill_name = validate_name(args.skill_name) + out_dir = Path(args.output_dir).expanduser().resolve() + + try: + scaffold(skill_name, out_dir) + except FileNotFoundError as exc: + _fail(f"Missing template file: {exc}") + except PermissionError: + _fail("Permission denied while writing files. Choose a writable destination.") + + +if __name__ == "__main__": + main() diff --git a/templates/base/.agents/skills/skills-creator/scripts/validate.py b/templates/base/.agents/skills/skills-creator/scripts/validate.py new file mode 100644 index 0000000..37a6349 --- /dev/null +++ b/templates/base/.agents/skills/skills-creator/scripts/validate.py @@ -0,0 +1,183 @@ +#!/usr/bin/env python3 +""" +Validate a SKILL.md package for naming, frontmatter, and structure. +""" +from __future__ import annotations + +import argparse +import re +import sys +from pathlib import Path +from typing import Dict, List, Tuple + +try: + import yaml # type: ignore +except ImportError: # pragma: no cover - optional dependency + yaml = None + +FORBIDDEN_WORDS = {"anthropic", "claude", "helper", "utils", "tools"} +NAME_PATTERN = re.compile(r"^[a-z0-9]+(?:-[a-z0-9]+)*$") +DESCRIPTION_MAX = 1024 +BODY_LINE_MAX = 500 +DEEP_REFERENCE = re.compile(r"references/[^\s/]+/[^\s/]+") +XML_TAG = re.compile(r"<[^>]+>") + + +def _fail(message: str) -> None: + print(f"ERROR: {message}", file=sys.stderr) + sys.exit(1) + + +def parse_frontmatter(skill_path: Path) -> Tuple[Dict[str, str], List[str]]: + content = skill_path.read_text(encoding="utf-8").splitlines() + if not content or content[0].strip() not in ("---", "***"): + _fail("SKILL.md must start with YAML frontmatter delimiter '---'.") + + end_index = None + for idx, line in enumerate(content[1:], start=1): + if line.strip() in ("---", "***"): + end_index = idx + break + if end_index is None: + _fail("Frontmatter is not closed with a delimiter line ('---').") + + frontmatter_lines = "\n".join(content[1:end_index]) + body_lines = content[end_index + 1 :] + + if yaml: + try: + data = yaml.safe_load(frontmatter_lines) or {} + except Exception as exc: # pragma: no cover + _fail(f"Invalid YAML frontmatter: {exc}") + else: + data = parse_frontmatter_fallback(frontmatter_lines) + return data, body_lines + + +def parse_frontmatter_fallback(frontmatter: str) -> Dict[str, str]: + data: Dict[str, str] = {} + current_key: str | None = None + buffer: List[str] = [] + + def flush_buffer() -> None: + nonlocal buffer, current_key + if current_key and buffer: + data[current_key] = "\n".join(buffer).strip() + buffer = [] + + for raw_line in frontmatter.splitlines(): + line = raw_line.rstrip("\n") + if not line.strip(): + continue + if line.startswith((" ", "\t")): + if current_key: + buffer.append(line.strip()) + continue + flush_buffer() + key, sep, value = line.partition(":") + key = key.strip() + value = value.strip() + if not sep: + continue + if value in {"", ">", "|"}: + current_key = key + buffer = [] + else: + data[key] = value + current_key = None + flush_buffer() + return data + + +def check_name(name: str, folder_name: str, errors: List[str], warnings: List[str]) -> None: + if len(name) > 64 or not name: + errors.append("Frontmatter 'name' must be 1-64 characters.") + if name != folder_name: + errors.append(f"Frontmatter 'name' must match folder '{folder_name}'.") + if not NAME_PATTERN.match(name): + errors.append("Name must use lowercase letters, numbers, and single hyphens (no leading/trailing/double hyphens).") + for word in FORBIDDEN_WORDS: + if word in name.lower(): + errors.append(f"Name cannot include '{word}'.") + if not name.endswith("ing"): + warnings.append("Gerund form is preferred (e.g., processing-pdfs).") + + +def check_description(description: str, errors: List[str], warnings: List[str]) -> None: + if not description: + errors.append("Frontmatter 'description' is required.") + return + if len(description) > DESCRIPTION_MAX: + errors.append(f"Description exceeds {DESCRIPTION_MAX} characters.") + if "use when" not in description.lower(): + warnings.append("Description should include an explicit trigger (e.g., 'Use when ...').") + if XML_TAG.search(description): + errors.append("Description must not contain XML/HTML tags.") + + +def check_body(body_lines: List[str], errors: List[str], warnings: List[str]) -> None: + if len(body_lines) > BODY_LINE_MAX: + errors.append(f"SKILL.md body exceeds {BODY_LINE_MAX} lines.") + body_text = "\n".join(body_lines) + if DEEP_REFERENCE.search(body_text): + warnings.append("File references should be only one level deep under references/.") + + +def check_evals(skill_dir: Path, full: bool, errors: List[str], warnings: List[str]) -> None: + eval_dir = skill_dir / "evals" + if not full or not eval_dir.exists(): + return + scenario_files = [p for p in eval_dir.iterdir() if p.is_file() and p.suffix.lower() in {".md", ".json", ".yaml", ".yml"}] + if len(scenario_files) < 3: + errors.append("At least 3 evaluation scenarios are required for --full validation.") + + +def validate(skill_dir: Path, full: bool) -> Tuple[List[str], List[str]]: + skill_path = skill_dir / "SKILL.md" + if not skill_path.exists(): + _fail(f"SKILL.md not found in {skill_dir}") + + frontmatter, body = parse_frontmatter(skill_path) + errors: List[str] = [] + warnings: List[str] = [] + + name = str(frontmatter.get("name", "")).strip() + check_name(name, skill_dir.name, errors, warnings) + + description = str(frontmatter.get("description", "")).strip() + check_description(description, errors, warnings) + + check_body(body, errors, warnings) + check_evals(skill_dir, full, errors, warnings) + + return errors, warnings + + +def main() -> None: + parser = argparse.ArgumentParser(description="Validate a SKILL.md package.") + parser.add_argument("skill_path", help="Path to the skill directory or SKILL.md file.") + parser.add_argument("--full", action="store_true", help="Run the stricter pre-ship gate checks.") + args = parser.parse_args() + + target = Path(args.skill_path).expanduser().resolve() + skill_dir = target.parent if target.is_file() else target + + errors, warnings = validate(skill_dir, args.full) + + if warnings: + print("Warnings:") + for warning in warnings: + print(f"- {warning}") + print() + + if errors: + print("Validation failed:") + for error in errors: + print(f"- {error}") + sys.exit(1) + + print("Validation passed.") + + +if __name__ == "__main__": + main()