diff --git a/README.md b/README.md index 8906513..6e47403 100644 --- a/README.md +++ b/README.md @@ -56,31 +56,74 @@ Session 50: Correction rate near zero. Wiki has 200 cited claims. ## Install +Pro Workflow is published in two places: the Claude Code plugin marketplace (native), and SkillKit (cross-agent translator). Other agents do not have first-class plugins yet — SkillKit translates the skill bundle into each agent's native skill format. + +### Claude Code (native) + ```bash /plugin marketplace add rohitg00/pro-workflow /plugin install pro-workflow@pro-workflow ``` -
-Other install methods +### Cursor, Codex, Copilot CLI, Droid, Gemini CLI, OpenCode, and 26 more (via SkillKit) + +SkillKit translates the 34 skills + 22 commands into each agent's native skill format and drops them in the right config directory. ```bash -# Cursor -/add-plugin pro-workflow +npx skillkit install rohitg00/pro-workflow --agent --force +``` -# Any agent via SkillKit -npx skillkit install pro-workflow +Notes: + +- Use `rohitg00/pro-workflow` (the GitHub form), not the bare name — `skillkit install` resolves providers from `owner/repo`, not marketplace slugs. +- `--force` is currently required: SkillKit's security scanner has open false positives on standard Node patterns (`child_process` imports, `Bearer ${env}` template literals) that block legit skills like `survey-generator` and `safe-mode`. Tracked at [`skillkit#129`](https://github.com/rohitg00/skillkit/issues/129). -# Manual +Supported `` values: `cursor`, `codex`, `gemini-cli`, `opencode`, `github-copilot`, `droid` (factory), `antigravity`, `amp`, `clawdbot`, `cline`, `codebuddy`, `commandcode`, `continue`, `crush`, `goose`, `kilo`, `kiro-cli`, `mcpjam`, `mux`, `neovate`, `openhands`, `pi`, `qoder`, `qwen`, `roo`, `trae`, `universal`, `vercel`, `windsurf`, `zencoder`. Pass `--agent universal` for a portable bundle. + +After install, run `skillkit sync` to register the skills with the target agent's config. + +
+Manual install (any agent, any OS) + +If neither path works for your setup, clone and copy the bundle directly. Adjust the destination to your agent's skill directory (e.g. `~/.cursor/rules/`, `~/.gemini/extensions/`, etc.). + +```bash git clone https://github.com/rohitg00/pro-workflow.git /tmp/pw -cp -r /tmp/pw/templates/split-claude-md/* ./.claude/ +cd /tmp/pw && npm install && npm run build -# Build SQLite-backed components -cd ~/.claude/plugins/*/pro-workflow && npm install && npm run build +cp -r /tmp/pw/templates/split-claude-md/* ./.claude/ +cp -r /tmp/pw/skills ~/.claude/skills/ +cp -r /tmp/pw/commands ~/.claude/commands/ +cp /tmp/pw/hooks/hooks.json ~/.claude/hooks.json ```
+### First-run smoke test + +```bash +/doctor # confirms SQLite store, hooks, skills load +/wrap-up # runs the end-of-session ritual (no-op on fresh install) +``` + +If `/doctor` reports `KB: missing`, run `cd ~/.claude/plugins/*/pro-workflow && npm install && npm run build` — the SQLite components need a build step a handful of marketplaces skip. + +--- + +## What to type first + +After install you have **34 auto-trigger skills** and **22 slash commands**. You don't need to memorize them; the agent picks the right skill from your prompt. The five commands below cover 80% of daily use: + +| When | Command | What it does | +|---|---|---| +| **Wrong correction repeats** | `/learn-rule` | Capture the correction as a rule. Loaded on every future `SessionStart`. | +| **End of a coding session** | `/wrap-up` | Audit changes, persist learnings, write a handoff doc. | +| **Researching a topic** | `/wiki init ` | Spin up a persistent FTS5 wiki. Auto-injected when you mention the topic later. | +| **Stuck on a hard bug** | `/develop` | Research → Plan → Implement phases with validation gates. | +| **Before a PR** | `/smart-commit` | Quality gates, staged review, conventional commit message. | + +Full list: [`commands/`](./commands) · [`skills/`](./skills) · [`/list`](./commands/list.md) inside any session. + --- ## 60-second tour diff --git a/scripts/session-start.js b/scripts/session-start.js index 89462bf..4b6e54a 100644 --- a/scripts/session-start.js +++ b/scripts/session-start.js @@ -120,7 +120,23 @@ async function main() { // Not a git repo or git not available } - log('[ProWorkflow] Ready. Use /wrap-up before ending, /learn to capture corrections.'); + const stateDir = path.join(os.homedir(), '.pro-workflow'); + const firstRunFlag = path.join(stateDir, '.welcomed'); + if (!fs.existsSync(firstRunFlag)) { + try { fs.mkdirSync(stateDir, { recursive: true }); } catch (e) {} + log(''); + log('[ProWorkflow] First run detected. Five commands to know:'); + log(' /learn-rule capture a correction so it never repeats'); + log(' /wrap-up end-of-session ritual (audit + persist + handoff)'); + log(' /wiki init start a persistent FTS5 research wiki'); + log(' /develop research -> plan -> implement with gates'); + log(' /smart-commit quality-gated conventional commit'); + log('[ProWorkflow] Run /doctor to verify install. Full list: /list'); + log(''); + try { fs.writeFileSync(firstRunFlag, new Date().toISOString()); } catch (e) {} + } else { + log('[ProWorkflow] Ready. Use /wrap-up before ending, /learn to capture corrections.'); + } process.exit(0); } diff --git a/skills/auto-setup/SKILL.md b/skills/auto-setup/SKILL.md index 5c07373..6e3dfa8 100644 --- a/skills/auto-setup/SKILL.md +++ b/skills/auto-setup/SKILL.md @@ -72,7 +72,7 @@ Run each command with `--version` or `--help` to confirm availability. Report mi Generate a `.claude/settings.json` with: - Quality gate commands for the detected project type -- Safe permission rules (read-only tools auto-approved) +- Suggested permission rules (user reviews and approves) - Hook configuration for the project ## Output diff --git a/skills/permission-tuner/SKILL.md b/skills/permission-tuner/SKILL.md index 7c5d75e..dbe6a15 100644 --- a/skills/permission-tuner/SKILL.md +++ b/skills/permission-tuner/SKILL.md @@ -33,7 +33,7 @@ cat ~/.claude/settings.json 2>/dev/null | grep -A 20 "permissions" ### Step 2: Identify Safe Patterns -**Auto-approve candidates** (low risk): +**Allow-list candidates** (low risk): - `Read` — all file reads (read-only, no side effects) - `Glob` — file pattern matching (read-only) - `Grep` — content search (read-only) @@ -44,14 +44,14 @@ cat ~/.claude/settings.json 2>/dev/null | grep -A 20 "permissions" - `Bash(npm run lint*)` — linting - `Bash(npm run typecheck*)` — type checking -**Ask candidates** (medium risk — auto-approve only if user confirms): +**Ask candidates** (medium risk — prompt user every time): - `Edit` — file modifications - `Write` — new file creation - `Bash(git add*)` — staging changes - `Bash(git commit*)` — creating commits - `Bash(npm install*)` — dependency changes -**Never auto-approve** (high risk): +**Deny-list candidates** (high risk): - `Bash(git push*)` — affects remote - `Bash(git reset --hard*)` — destructive - `Bash(rm -rf*)` — destructive @@ -112,7 +112,7 @@ Estimated prompts saved per session: ~[N] ## Rules -- Never auto-approve destructive operations +- Destructive operations must stay in the deny list - Always present rules for user approval before applying - Group rules by risk level (safe/medium/dangerous) - Include estimated prompt savings diff --git a/skills/pro-workflow/SKILL.md b/skills/pro-workflow/SKILL.md index fa9f333..3e976df 100644 --- a/skills/pro-workflow/SKILL.md +++ b/skills/pro-workflow/SKILL.md @@ -452,7 +452,7 @@ For features touching >5 files or needing architecture decisions: 3. **Implement** → executes plan step by step with quality gates every 5 edits 4. **Review** → reviewer agent checks for security, logic, quality -Never skip phases. Never proceed without approval between phases. +All four phases run in order. Each phase requires explicit user approval before the next phase begins. ### Agent Skills (Preloaded) diff --git a/skills/safe-mode/SKILL.md b/skills/safe-mode/SKILL.md index 68000f0..31d7140 100644 --- a/skills/safe-mode/SKILL.md +++ b/skills/safe-mode/SKILL.md @@ -37,7 +37,7 @@ Intercepts Bash commands before execution. Warns on dangerous patterns but does | `git clean -f` | Untracked file deletion | | `git checkout .` / `git restore .` | Discard all changes | | `chmod 777` | World-writable permissions | -| `curl \| sh` / `wget \| sh` | Piped remote execution | +| `curl` or `wget` piped to a shell | Piped remote execution | | `> /dev/sda` / `dd if=` | Disk-level operations | | `:(){ :\|:& };:` | Fork bombs | | `sudo rm` | Elevated deletion |