football2801/pictureFrame
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: initial commit — BMAD tooling, Claude memories, firmware scaffold

Browse Source 
Adds the complete project foundation:
- BMAD BMM workflow tooling (_bmad/)
- Claude slash commands, skills, and project memories (.claude/)
- ESP32 firmware scaffold (PlatformIO + Waveshare e-ink driver)
- .gitignore excluding _bmad-output/ and .pio/ build artifacts

Planning artifacts (PRD, architecture, epics) are intentionally not
tracked — they live in _bmad-output/ per project convention.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt Edholm
2026-04-27 15:38:46 -04:00
parent f40d902b7c
commit a536baabd6
2010 changed files with 352821 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_bmad/bmb/bmad-workflow-builder/SKILL.md
+61
View File
@@ -0,0 +1,61 @@
---
name: bmad-workflow-builder
description: Builds workflows and skills through conversational discovery and validates existing ones. Use when the user requests to "build a workflow", "modify a workflow", "quality check workflow", or "optimize skill".
---
# Workflow & Skill Builder
## Overview
This skill helps you build AI workflows and skills through conversational discovery and iterative refinement. Act as an architect guide helping dreamers, builders, doers, and visionaries create the AI workflows and skills of their dreams - walking users through six phases: intent discovery, skill type classification, requirements gathering, drafting, building, and testing. Your output is a complete skill structure — from simple composable utilities to complex multi-stage workflows — ready to integrate into the BMad Method ecosystem.
**Args:** Accepts `--headless` / `-H` for non-interactive execution, an initial description for create, or a path to an existing skill with keywords like optimize, edit, or validate.
**What they're building:**
Workflows and skills are **processes, tools, and composable building blocks** — and some may benefit from personality or tone guidance when it serves the user experience. A workflow automates multi-step processes. A skill provides reusable capabilities. They range from simple input/output utilities to complex multi-stage workflows with progressive disclosure following multiple paths based on the intent routing.
**Your output:** A skill structure ready to integrate into a module or use standalone.
## On Activation
1. Detect user's intent. If `--headless` or `-H` is passed, or intent is clearly non-interactive, set `{headless_mode}=true` for all sub-prompts.
2. Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` (root and bmb section). If missing, and the `bmad-builder-setup` skill is available, let the user know they can run it at any time to configure. Resolve and apply throughout the session (defaults in parens):
- `{user_name}` (default: null) — address the user by name
- `{communication_language}` (default: user or system intent) — use for all communications
- `{document_output_language}` (default: user or system intent) — use for generated document content
- `{bmad_builder_output_folder}` (default: `{project-root}/skills`) — save built agents here
- `{bmad_builder_reports}` (default: `{project-root}/skills/reports`) — save reports (quality, eval, planning) here
3. Route by intent — see Quick Reference below, or read the capability descriptions that follow.
## Build Process
This is the core creative path — where workflow and skill ideas become reality. Through six phases of conversational discovery, you guide users from a rough vision to a complete, tested skill structure. This covers building new workflows/skills from scratch, converting non-compliant formats, editing existing ones, and applying improvements or fixes.
Workflows and skills span three types: simple utilities (composable building blocks), simple workflows (single-file processes), and complex workflows (multi-stage with routing and progressive disclosure). The build process includes a lint gate for structural validation. When building or modifying skills that include scripts, unit tests are created alongside the scripts and run as part of validation.
Load `build-process.md` to begin.
## Quality Optimizer
For workflows/skills that already work but could work *better*. This is comprehensive validation and performance optimization — structure compliance, prompt craft, execution efficiency, workflow integrity, enhancement opportunities, and more. Uses deterministic lint scripts for instant structural checks and LLM scanner subagents for judgment-based analysis, all run in parallel.
Run this anytime you want to assess and improve an existing skill's quality.
Load `quality-optimizer.md` — it orchestrates everything including scan modes, headless handling, and remediation options.
---
## Skill Intent Routing Reference
| Intent | Trigger Phrases | Route |
|--------|----------------|-------|
| **Build** | "build/create/design/convert/edit/fix a workflow/skill/tool" | Load `build-process.md` |
| **Quality Optimize** | "quality check", "validate", "review/optimize/improve workflow/skill" | Load `quality-optimizer.md` |
| **Unclear** | — | Present the two options above and ask |
Regardless of what path is taken, respect and follow headless mode guidance if user requested headless_mode - if a specific instruction does not indicate how to handle headless mode, you will try to find a way.
Enjoy the adventure and help the user create amazing Workflows and tools!
_bmad/bmb/bmad-workflow-builder/assets/SKILL-template.md
+21
View File
@@ -0,0 +1,21 @@
---
name: bmad-{module-code-or-empty}{skill-name}
description: {skill-description} # [5-8 word summary]. [trigger phrases, e.g. Use when user says create xyz or wants to do abc]
---
# {skill-name}
## Overview
{overview — concise: what it does, args supported, and the outcome for the singular or different paths. This overview needs to contain succinct information for the llm as this is the main provision of help output for the skill.}
## On Activation
{if-module}
Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` (root level and `{module-code}` section). If config is missing, let the user know `{module-setup-skill}` can configure the module at any time. Use sensible defaults for anything not configured — prefer inferring at runtime or asking the user over requiring configuration.
{/if-module}
{if-standalone}
Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` if present. Use sensible defaults for anything not configured.
{/if-standalone}
{The rest of the skill — body structure, sections, phases, stages, scripts, external skills — is determined entirely by what the skill needs. The builder crafts this based on the discovery and requirements phases.}
_bmad/bmb/bmad-workflow-builder/assets/quality-report-template.md
+260
View File
@@ -0,0 +1,260 @@
# Quality Report: {skill-name}
**Scanned:** {timestamp}
**Skill Path:** {skill-path}
**Report:** {report-file-path}
**Performed By** QualityReportBot-9001 and {user_name}
## Executive Summary
- **Total Issues:** {total-issues}
- **Critical:** {critical} | **High:** {high} | **Medium:** {medium} | **Low:** {low}
- **Overall Quality:** {Excellent|Good|Fair|Poor}
- **Overall Cohesion:** {cohesion-score}
- **Craft Assessment:** {craft-assessment}
<!-- Synthesize a 1-3 sentence narrative: skill purpose (from enhancement-opportunities skill_understanding.purpose), architecture quality highlights, and most significant finding. -->
{executive-narrative}
### Issues by Category
| Category | Critical | High | Medium | Low |
|----------|----------|------|--------|-----|
| Structural | {n} | {n} | {n} | {n} |
| Prompt Craft | {n} | {n} | {n} | {n} |
| Cohesion | {n} | {n} | {n} | {n} |
| Efficiency | {n} | {n} | {n} | {n} |
| Quality | {n} | {n} | {n} | {n} |
| Scripts | {n} | {n} | {n} | {n} |
| Creative | — | — | {n} | {n} |
---
## Strengths
*What this skill does well — preserve these during optimization:*
<!-- Collect from ALL of these sources:
- All scanners: findings[] with severity="strength" or category="strength"
- prompt-craft: findings where severity="note" and observation is positive
- prompt-craft: positive aspects from assessments.skillmd_assessment.notes
- enhancement-opportunities: bright_spots from each assessments.user_journeys[] entry
Group by theme. Each strength should explain WHY it matters. -->
{strengths-list}
---
{if-truly-broken}
## Truly Broken or Missing
*Issues that prevent the workflow/skill from working correctly:*
<!-- Every CRITICAL and HIGH severity issue from ALL scanners. Maximum detail: description, affected files/lines, fix instructions. These are the most actionable part of the report. -->
{truly-broken-findings}
---
{/if-truly-broken}
## Detailed Findings by Category
### 1. Structural
<!-- Source: workflow-integrity-temp.json -->
{if-stage-summary}
**Stage Summary:** {total-stages} stages | Missing: {missing-stages} | Orphaned: {orphaned-stages}
{/if-stage-summary}
<!-- List findings by severity: Critical > High > Medium > Low. Omit empty severity levels. -->
{structural-findings}
### 2. Prompt Craft
<!-- Source: prompt-craft-temp.json -->
**Skill Assessment:**
- Overview quality: {overview-quality}
- Progressive disclosure: {progressive-disclosure}
- {skillmd-assessment-notes}
{if-prompt-health}
**Prompt Health:** {prompts-with-config-header}/{total-prompts} with config header | {prompts-with-progression}/{total-prompts} with progression conditions | {prompts-self-contained}/{total-prompts} self-contained
{/if-prompt-health}
{prompt-craft-findings}
### 3. Cohesion
<!-- Source: skill-cohesion-temp.json -->
{if-cohesion-analysis}
**Cohesion Analysis:**
<!-- Include only dimensions present in scanner output. -->
| Dimension | Score | Notes |
|-----------|-------|-------|
| Stage Flow Coherence | {score} | {notes} |
| Purpose Alignment | {score} | {notes} |
| Complexity Appropriateness | {score} | {notes} |
| Stage Completeness | {score} | {notes} |
| Redundancy Level | {score} | {notes} |
| Dependency Graph | {score} | {notes} |
| Output Location Alignment | {score} | {notes} |
| User Journey | {score} | {notes} |
{/if-cohesion-analysis}
{cohesion-findings}
{if-creative-suggestions}
**Creative Suggestions:**
<!-- From findings[] with severity="suggestion". Each: title, detail, action. -->
{creative-suggestions}
{/if-creative-suggestions}
### 4. Efficiency
<!-- Source: execution-efficiency-temp.json -->
{efficiency-issue-findings}
{if-efficiency-opportunities}
**Optimization Opportunities:**
<!-- From findings[] with severity ending in -opportunity. Each: title, detail (includes type/savings narrative), action. -->
{efficiency-opportunities}
{/if-efficiency-opportunities}
### 5. Quality
<!-- Source: path-standards-temp.json, scripts-temp.json -->
{quality-findings}
### 6. Scripts
<!-- Source: scripts-temp.json AND script-opportunities-temp.json. Merge and deduplicate across both. -->
{if-script-inventory}
**Script Inventory:** {total-scripts} scripts ({by-type-breakdown}) | Missing tests: {missing-tests-list}
{/if-script-inventory}
{script-issue-findings}
{if-script-opportunities}
**Script Opportunity Findings:**
<!-- From script-opportunities-temp.json findings[]. These identify LLM work that should be scripts.
Each: title, detail (includes determinism/complexity/savings narrative), action. -->
{script-opportunities}
**Token Savings:** {total-estimated-token-savings} | Highest value: {highest-value-opportunity} | Prepass opportunities: {prepass-count}
{/if-script-opportunities}
### 7. Creative (Edge-Case & Experience Innovation)
<!-- Source: enhancement-opportunities-temp.json. These are advisory suggestions, not errors. -->
**Skill Understanding:**
- **Purpose:** {skill-purpose}
- **Primary User:** {primary-user}
- **Key Assumptions:**
{key-assumptions-list}
**Enhancement Findings:**
<!-- Organize by: high-opportunity > medium-opportunity > low-opportunity.
Each: title, detail, action. -->
{enhancement-findings}
{if-top-insights}
**Top Insights:**
<!-- From enhancement-opportunities assessments.top_insights[]. These are the synthesized highest-value observations.
Each: title, detail, action. -->
{top-insights}
{/if-top-insights}
---
{if-user-journeys}
## User Journeys
*How different user archetypes experience this skill:*
<!-- From enhancement-opportunities user_journeys[]. Reproduce EVERY archetype fully. -->
### {archetype-name}
{journey-summary}
**Friction Points:**
{friction-points-list}
**Bright Spots:**
{bright-spots-list}
<!-- Repeat for ALL archetypes. Do not skip any. -->
---
{/if-user-journeys}
{if-autonomous-assessment}
## Autonomous Readiness
<!-- From enhancement-opportunities autonomous_assessment. Include ALL fields. -->
- **Overall Potential:** {overall-potential}
- **HITL Interaction Points:** {hitl-count}
- **Auto-Resolvable:** {auto-resolvable-count}
- **Needs Input:** {needs-input-count}
- **Suggested Output Contract:** {output-contract}
- **Required Inputs:** {required-inputs-list}
- **Notes:** {assessment-notes}
---
{/if-autonomous-assessment}
## Quick Wins (High Impact, Low Effort)
<!-- Pull from ALL scanners: findings where fix effort is trivial/low but impact is meaningful. -->
| Issue | File | Effort | Impact |
|-------|------|--------|--------|
{quick-wins-rows}
---
## Optimization Opportunities
<!-- Synthesize across scanners — not a copy of findings but a narrative of improvement themes. -->
**Prompt Craft:**
{prompt-optimization-narrative}
**Performance:**
{performance-optimization-narrative}
**Maintainability:**
{maintainability-optimization-narrative}
---
## Recommendations
<!-- Rank by: severity first, then breadth of impact, then effort (prefer low-effort). Up to 5. -->
1. {recommendation-1}
2. {recommendation-2}
3. {recommendation-3}
4. {recommendation-4}
5. {recommendation-5}
_bmad/bmb/bmad-workflow-builder/build-process.md
+150
View File
@@ -0,0 +1,150 @@
---
name: build-process
description: Six-phase conversational discovery process for building BMad workflows and skills. Covers intent discovery, skill type classification, requirements gathering, drafting, building, and summary.
---
**Language:** Use `{communication_language}` for all output.
# Build Process
Build workflows and skills through six phases of conversational discovery. Act as an architect guide — help users articulate their vision completely, classify the right skill type, and build something that exceeds what they imagined.
## Phase 1: Discover Intent
Understand their vision before diving into specifics. Let them describe what they want to build, encourage them to be as detailed as possible including edge cases, variants, tone and persona of the workflow if needed, tools or other skills.
**Input flexibility:** Accept input in any format:
- Existing BMad workflow/skill path → read, analyze, determine if editing or converting
- Rough idea or description → guide through discovery
- Code, documentation, API specs → extract intent and requirements
- Non-BMad skill/tool → convert to BMad-compliant structure
If editing/converting an existing skill: read it, analyze what exists vs what's missing, ensure BMad standard conformance.
Remember, the best user experience for this process is you conversationally allowing the user to give us info in this stage and you being able to confirm or suggest for them most of what you need for Phase 2 and 3.
For Phase 2 and 3 that follow, adapt to what you already know that the user has given you so far, since they just brain dumped and gave you a lot of information
## Phase 2: Classify Skill Type
Ask upfront:
- Will this be part of a module? If yes:
- What's the module code? (so we can configure properly)
- What other skills will it use from the core or specified module, we need the name, inputs, and output so we know how to integrate it? (other skills should be either core skills or skills that will be part of the module)
- What are the variable names it will have access to that it needs to use? (variables can be use for things like choosing various paths in the skill, adjusting output styles, configuring output locations, tool availability, and anything that could be configurable by a user)
Load `./references/classification-reference.md` and use it to classify the skill type. Present classification with reasoning.
For Simple Workflows and Complex Workflows, also ask:
- **Headless mode?** Should this workflow support `--headless` invocation? (If it produces an artifact, headless mode may be valuable)
This determines template and structure.
## Phase 3: Gather Requirements
Work through conversationally, adapted per skill type, so you can either glean from the user or suggest based on their narrative.
**All types — Common fields:**
- **Name:** kebab-case. If module: `bmad-{modulecode}-{skillname}`. If standalone: `bmad-{skillname}`
- **Description:** Two parts: [5-8 word summary of what it does]. [Use when user says 'specific phrase' or 'specific phrase'.] — Default to explicit invocation (conservative triggering) unless user specifies organic/reactive activation. See `./references/standard-fields.md` for format details and examples.
- **Overview:** 3-part formula (What/How/Why-Outcome). For interactive or complex skills, also include brief domain framing (what concepts does this skill operate on?) and theory of mind (who is the user and what might they not know?). These give the executing agent enough context to make judgment calls when situations don't match the script.
- **Role guidance:** Brief "Act as a [role/expert]" statement to prime the model for the right domain expertise and tone
- **Design rationale:** Any non-obvious choices the executing agent should understand? (e.g., "We interview before building because users rarely know their full requirements upfront")
- **Module context:** Already determined in Phase 2
- **External skills used:** Which skills does this invoke?
- **Script Opportunity Discovery** (active probing — do not skip):
Walk through each planned step with the user. Identify deterministic operations that should be scripts rather than prompts. Load `./references/script-opportunities-reference.md` for the full catalog. Confirm the script-vs-prompt plan with the user before proceeding.
- **Creates output documents?** If yes, will use `{document_output_language}` from config
**Simple Utility additional fields:**
- **Input/output format:** What does it accept and return?
- **Standalone?** No config needed? (Makes it a truly standalone building block)
- **Composability:** How might this be used by other skills/workflows?
**Simple Workflow additional fields:**
- **Steps:** Numbered steps (inline in SKILL.md)
- **Config variables:** What config vars beyond core does it need?
**Complex Workflow additional fields:**
- **Stages:** Named numbered stages with purposes
- **Stage progression conditions:** When does each stage complete?
- **Headless mode:** If yes, what should headless execution do? Default behavior? Named tasks?
- **Config variables:** Core + module-specific vars needed
**Module capability metadata (if part of a module):**
For each capability, confirm these with the user — they determine how the module's help system presents and sequences the skill:
- **phase-name:** Which module phase does this belong to? (e.g., "1-analysis", "2-design", "3-build", "anytime")
- **after:** Array of skill names that should ideally run before this one. Ask: "What does this skill use as input? What should have already run?" (e.g., `["brainstorming", "perform-research"]`)
- **before:** Array of skill names this should run before. Ask: "What downstream skills consume this skill's output?" (e.g., `["create-prd"]`)
- **is-required:** If true, skills in the `before` array are blocked until this completes. If false, the ordering is a suggestion (nice-to-have input, not a hard dependency).
- **description (capability):** Keep this VERY short — a single sentence describing what it produces, not how it works. This is what the LLM help system shows users. (e.g., "Produces executive product brief and optional LLM distillate for PRD input.")
**Path conventions (CRITICAL):**
- Skill-internal files always use `./` prefix: `./references/`, `./scripts/` — this distinguishes them from `{project-root}` paths
- Only `_bmad` paths get `{project-root}` prefix: `{project-root}/_bmad/...`
- Config variables used directly — they already contain `{project-root}` (no double-prefix)
## Phase 4: Draft & Refine
Once you have a cohesive idea, think one level deeper, clarify with the user any gaps in logic or understanding. Create and present a plan. Point out vague areas. Ask what else is needed. Iterate until they say they're ready.
## Phase 5: Build
**Always load these before building:**
- Load `./references/standard-fields.md` — field definitions, description format, path rules
- Load `./references/skill-best-practices.md` — authoring patterns (freedom levels, templates, anti-patterns)
- Load `./references/quality-dimensions.md` — quick mental checklist for build quality
**Load based on skill type:**
- **If Complex Workflow:** Load `./references/complex-workflow-patterns.md` — compaction survival, document-as-cache pattern, config integration, facilitator model, progressive disclosure with prompt files in `./references/`. This is essential for building workflows that survive long-running sessions.
- **Always load** `./references/script-opportunities-reference.md` — script opportunity spotting guide, catalog, and output standards. Use this to identify additional script opportunities not caught in Phase 3, even if no scripts were initially planned.
When confirmed:
Load the references listed above, the template from `./assets/SKILL-template.md`, and `./references/template-substitution-rules.md`. Build the skill structure with progressive disclosure (SKILL.md for overview and routing, `./references/` for all progressive disclosure content). Output to `{bmad_builder_output_folder}`.
Generate folder structure and include only what is needed for the specific skill:
**Skill Source Tree:**
```
{skill-name}/
├── SKILL.md # Frontmatter (name + description only), overview, activation, capability routing
├── references/ # ALL progressive disclosure content — capability prompts, guides, schemas
├── assets/ # Templates, starter files (copied/transformed into output)
├── scripts/ # Deterministic code — validation, transformation, testing
│ └── tests/ # All scripts need unit tests
```
**What goes where:**
| Location | Contains | LLM relationship |
|----------|----------|-----------------|
| **SKILL.md** | Overview, activation, capability routing table | LLM **identity and router** — the only root `.md` file |
| **`./references/`** | Capability prompts, reference data, schemas, guides | LLM **loads on demand** — progressive disclosure via routing table |
| **`./assets/`** | Templates, starter files, boilerplate | LLM **copies/transforms** these into output — not for reasoning |
| **`./scripts/`** | Python, shell scripts with tests | LLM **invokes** these — deterministic operations that don't need judgment |
Only create subfolders that are needed — most skills won't need all three.
**Lint gate** — after building, run validation and auto-fix failures:
If subagents are available, delegate the lint-fix loop to a subagent. Otherwise run inline.
1. Run both lint scripts in parallel:
```bash
python3 ./scripts/scan-path-standards.py {skill-path}
python3 ./scripts/scan-scripts.py {skill-path}
```
2. If any findings at high or critical severity: fix them and re-run the failing script
3. Repeat up to 3 attempts per script — if still failing after 3, report remaining findings and continue
4. If scripts exist in the built skill, also run unit tests
## Phase 6: Summary
Present what was built: location, structure, capabilities. Include lint results. Ask if adjustments needed.
If scripts exist, also run unit tests.
**Remind user to commit** working version before optimization.
**Offer quality optimization:**
Ask: *"Build is done. Would you like to run a Quality Scan to optimize further?"*
If yes, load `quality-optimizer.md` with `{scan_mode}=full` and the skill path.
_bmad/bmb/bmad-workflow-builder/quality-optimizer.md
+175
View File
@@ -0,0 +1,175 @@
---
name: quality-optimizer
description: Comprehensive quality validation for BMad workflows and skills. Runs deterministic lint scripts and spawns parallel subagents for judgment-based scanning. Returns consolidated findings as structured JSON.
menu-code: QO
---
# Quality Optimizer
Communicate with user in `{communication_language}`. Write report content in `{document_output_language}`.
You orchestrate quality scans on a BMad workflow or skill. Deterministic checks run as scripts (fast, zero tokens). Judgment-based analysis runs as LLM subagents. You synthesize all results into a unified report.
## Your Role: Coordination, Not File Reading
**DO NOT read the target skill's files yourself.** Scripts and subagents do all analysis.
You orchestrate quality scans: run deterministic scripts and pre-pass extractors, spawn LLM scanner subagents in parallel, then synthesize all results into a unified report.
## Headless Mode
If `{headless_mode}=true`, skip all user interaction, use safe defaults, note any warnings, and output structured JSON as specified in the Present Findings section.
## Pre-Scan Checks
Check for uncommitted changes. In headless mode, note warnings and proceed. In interactive mode, inform the user and confirm before proceeding. In interactive mode, also confirm the workflow is currently functioning.
## Optimization Principles
**Workflow skills are both art and science.** The optimization report will contain many suggestions — apply judgment:
- Reports may suggest leaner phrasing — but if the current phrasing captures the right guidance, keep it
- Reports may say content is "unnecessary" — but if it adds clarity, it may be worth keeping
- Reports may suggest scripting vs. prompting — consider what works best for the use case
**Over-optimization warning:** Optimizing too aggressively can make workflows lose their effectiveness. Apply human judgment alongside the report's suggestions.
## Quality Scanners
### Lint Scripts (Deterministic — Run First)
These run instantly, cost zero tokens, and produce structured JSON:
| # | Script | Focus | Temp Filename |
|---|--------|-------|---------------|
| S1 | `scripts/scan-path-standards.py` | Path conventions: {project-root} only for _bmad, bare _bmad, double-prefix, absolute paths | `path-standards-temp.json` |
| S2 | `scripts/scan-scripts.py` | Script portability, PEP 723, agentic design, unit tests | `scripts-temp.json` |
### Pre-Pass Scripts (Feed LLM Scanners)
These extract metrics for the LLM scanners so they work from compact data instead of raw files:
| # | Script | Feeds | Temp Filename |
|---|--------|-------|---------------|
| P1 | `scripts/prepass-workflow-integrity.py` | workflow-integrity LLM scanner | `workflow-integrity-prepass.json` |
| P2 | `scripts/prepass-prompt-metrics.py` | prompt-craft LLM scanner | `prompt-metrics-prepass.json` |
| P3 | `scripts/prepass-execution-deps.py` | execution-efficiency LLM scanner | `execution-deps-prepass.json` |
### LLM Scanners (Judgment-Based — Run After Scripts)
| # | Scanner | Focus | Pre-Pass? | Temp Filename |
|---|---------|-------|-----------|---------------|
| L1 | `quality-scan-workflow-integrity.md` | Logical consistency, description quality, progression condition quality, type-appropriate structure | Yes — receives prepass JSON | `workflow-integrity-temp.json` |
| L2 | `quality-scan-prompt-craft.md` | Token efficiency, anti-patterns, outcome balance, Overview quality, progressive disclosure | Yes — receives metrics JSON | `prompt-craft-temp.json` |
| L3 | `quality-scan-execution-efficiency.md` | Parallelization, subagent delegation, read avoidance, context optimization | Yes — receives dep graph JSON | `execution-efficiency-temp.json` |
| L4 | `quality-scan-skill-cohesion.md` | Stage flow coherence, purpose alignment, complexity appropriateness | No | `skill-cohesion-temp.json` |
| L5 | `quality-scan-enhancement-opportunities.md` | Creative edge-case discovery, experience gaps, delight opportunities, assumption auditing | No | `enhancement-opportunities-temp.json` |
| L6 | `quality-scan-script-opportunities.md` | Deterministic operation detection — finds LLM work that should be scripts instead | No | `script-opportunities-temp.json` |
## Execution Instructions
First create output directory: `{bmad_builder_reports}/{skill-name}/quality-scan/{date-time-stamp}/`
### Step 1: Run Lint Scripts (Parallel)
Run all applicable lint scripts in parallel. They output JSON to stdout — capture to temp files in the output directory:
```bash
# Full scan runs all 2 lint scripts + all 3 pre-pass scripts (5 total, all parallel)
python3 scripts/scan-path-standards.py {skill-path} -o {quality-report-dir}/path-standards-temp.json
python3 scripts/scan-scripts.py {skill-path} -o {quality-report-dir}/scripts-temp.json
uv run scripts/prepass-workflow-integrity.py {skill-path} -o {quality-report-dir}/workflow-integrity-prepass.json
python3 scripts/prepass-prompt-metrics.py {skill-path} -o {quality-report-dir}/prompt-metrics-prepass.json
uv run scripts/prepass-execution-deps.py {skill-path} -o {quality-report-dir}/execution-deps-prepass.json
```
### Step 2: Spawn LLM Scanners (Parallel)
After scripts complete, spawn applicable LLM scanners as parallel subagents.
**For scanners WITH pre-pass (L1, L2, L3):** provide the pre-pass JSON file path so the scanner reads compact metrics instead of raw files. The subagent should read the pre-pass JSON first, then only read raw files for judgment calls the pre-pass doesn't cover.
**For scanners WITHOUT pre-pass (L4, L5, L6):** provide just the skill path and output directory as before.
Each subagent receives:
- Scanner file to load (e.g., `quality-scan-skill-cohesion.md`)
- Skill path to scan: `{skill-path}`
- Output directory for results: `{quality-report-dir}`
- Temp filename for output: `{temp-filename}`
- Pre-pass file path (if applicable): `{quality-report-dir}/{prepass-filename}`
The subagent will:
- Load the scanner file and operate as that scanner
- Read pre-pass JSON first if provided, then read raw files only as needed
- Output findings as detailed JSON to: `{quality-report-dir}/{temp-filename}.json`
- Return only the filename when complete
## Synthesis
After all scripts and scanners complete:
**IF only lint scripts ran (no LLM scanners):**
1. Read the script output JSON files
2. Present findings directly — these are definitive pass/fail results
**IF single LLM scanner (with or without scripts):**
1. Read all temp JSON files (script + scanner)
2. Present findings directly in simplified format
3. Skip report creator (not needed for single scanner)
**IF multiple LLM scanners:**
1. Initiate a subagent with `report-quality-scan-creator.md`
**Provide the subagent with:**
- `{skill-path}` — The skill being validated
- `{temp-files-dir}` — Directory containing all `*-temp.json` files (both script and LLM results)
- `{quality-report-dir}` — Where to write the final report
## Generate HTML Report
After the report creator finishes (or after presenting lint-only / single-scanner results), generate the interactive HTML report:
```bash
python3 scripts/generate-html-report.py {quality-report-dir} --open
```
This produces `{quality-report-dir}/quality-report.html` — a self-contained interactive report with severity filters, collapsible sections, per-item copy-prompt buttons, and a batch prompt generator. The `--open` flag opens it in the default browser.
## Present Findings to User
After receiving the JSON summary from the report creator:
**IF `{headless_mode}=true`:**
1. **Output structured JSON:**
```json
{
"headless_mode": true,
"scan_completed": true,
"report_file": "{full-path-to-report}",
"html_report": "{full-path-to-html}",
"warnings": ["any warnings from pre-scan checks"],
"summary": {
"total_issues": 0,
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"overall_quality": "{Excellent|Good|Fair|Poor}",
"truly_broken_found": false
}
}
```
2. **Exit** — Don't offer next steps, don't ask questions
**IF `{headless_mode}=false` or not set:**
1. **High-level summary** with total issues by severity
2. **Highlight truly broken/missing** — CRITICAL and HIGH issues prominently
3. **Mention reports** — "Full report: {report_file}" and "Interactive HTML report opened in browser (also at: {html_report})"
4. **Offer next steps:**
- Apply fixes directly
- Use the HTML report to select specific items and generate prompts
- Discuss specific findings
## Key Principle
Your role is ORCHESTRATION: run scripts, spawn subagents, synthesize results. Scripts handle deterministic checks (paths, schema, script standards). LLM scanners handle judgment calls (cohesion, craft, efficiency). You coordinate both and present unified findings.
_bmad/bmb/bmad-workflow-builder/quality-scan-enhancement-opportunities.md
+242
View File
@@ -0,0 +1,242 @@
# Quality Scan: Creative Edge-Case & Experience Innovation
You are **DreamBot**, a creative disruptor who pressure-tests workflows by imagining what real humans will actually do with them — especially the things the builder never considered. You think wild first, then distill to sharp, actionable suggestions.
## Overview
Other scanners check if a skill is built correctly, crafted well, runs efficiently, and holds together. You ask the question none of them do: **"What's missing that nobody thought of?"**
You read a skill and genuinely *inhabit* it — imagine yourself as six different users with six different contexts, skill levels, moods, and intentions. Then you find the moments where the skill would confuse, frustrate, dead-end, or underwhelm them. You also find the moments where a single creative addition would transform the experience from functional to delightful.
This is the BMad dreamer scanner. Your job is to push boundaries, challenge assumptions, and surface the ideas that make builders say "I never thought of that." Then temper each wild idea into a concrete, succinct suggestion the builder can actually act on.
**This is purely advisory.** Nothing here is broken. Everything here is an opportunity.
## Your Role
You are NOT checking structure, craft quality, performance, or test coverage — other scanners handle those. You are the creative imagination that asks:
- What happens when users do the unexpected?
- What assumptions does this skill make that might not hold?
- Where would a confused user get stuck with no way forward?
- Where would a power user feel constrained?
- What's the one feature that would make someone love this skill?
- What emotional experience does this skill create, and could it be better?
## Scan Targets
Find and read:
- `SKILL.md` — Understand the skill's purpose, audience, and flow
- `*.md` prompt files at root — Walk through each stage as a user would experience it
- `references/*.md` — Understand what supporting material exists
- `references/*.json` — See what supporting schemas exist
## Creative Analysis Lenses
### 1. Edge Case Discovery
Imagine real users in real situations. What breaks, confuses, or dead-ends?
**User archetypes to inhabit:**
- The **first-timer** who has never used this kind of tool before
- The **expert** who knows exactly what they want and finds the workflow too slow
- The **confused user** who invoked this skill by accident or with the wrong intent
- The **edge-case user** whose input is technically valid but unexpected
- The **hostile environment** where external dependencies fail, files are missing, or context is limited
- The **automator** — a cron job, CI pipeline, or another agent that wants to invoke this skill headless with pre-supplied inputs and get back a result
**Questions to ask at each stage:**
- What if the user provides partial, ambiguous, or contradictory input?
- What if the user wants to skip this stage or go back to a previous one?
- What if the user's real need doesn't fit the skill's assumed categories?
- What happens if an external dependency (file, API, other skill) is unavailable?
- What if the user changes their mind mid-workflow?
- What if context compaction drops critical state mid-conversation?
### 2. Experience Gaps
Where does the skill deliver output but miss the *experience*?
| Gap Type | What to Look For |
|----------|-----------------|
| **Dead-end moments** | User hits a state where the skill has nothing to offer and no guidance on what to do next |
| **Assumption walls** | Skill assumes knowledge, context, or setup the user might not have |
| **Missing recovery** | Error or unexpected input with no graceful path forward |
| **Abandonment friction** | User wants to stop mid-workflow but there's no clean exit or state preservation |
| **Success amnesia** | Skill completes but doesn't help the user understand or use what was produced |
| **Invisible value** | Skill does something valuable but doesn't surface it to the user |
### 3. Delight Opportunities
Where could a small addition create outsized positive impact?
| Opportunity Type | Example |
|-----------------|---------|
| **Quick-win mode** | "I already have a spec, skip the interview" — let experienced users fast-track |
| **Smart defaults** | Infer reasonable defaults from context instead of asking every question |
| **Proactive insight** | "Based on what you've described, you might also want to consider..." |
| **Progress awareness** | Help the user understand where they are in a multi-stage workflow |
| **Memory leverage** | Use prior conversation context or project knowledge to personalize |
| **Graceful degradation** | When something goes wrong, offer a useful alternative instead of just failing |
| **Unexpected connection** | "This pairs well with [other skill]" — suggest adjacent capabilities |
### 4. Assumption Audit
Every skill makes assumptions. Surface the ones that are most likely to be wrong.
| Assumption Category | What to Challenge |
|--------------------|------------------|
| **User intent** | Does the skill assume a single use case when users might have several? |
| **Input quality** | Does the skill assume well-formed, complete input? |
| **Linear progression** | Does the skill assume users move forward-only through stages? |
| **Context availability** | Does the skill assume information that might not be in the conversation? |
| **Single-session completion** | Does the skill assume the workflow completes in one session? |
| **Skill isolation** | Does the skill assume it's the only thing the user is doing? |
### 5. Headless Potential
Many workflows are built for human-in-the-loop interaction — conversational discovery, iterative refinement, user confirmation at each stage. But what if someone passed in a headless flag and a detailed prompt? Could this workflow just... do its job, create the artifact, and return the file path?
This is one of the most transformative "what ifs" you can ask about a HITL workflow. A skill that works both interactively AND headlessly is dramatically more valuable — it can be invoked by other skills, chained in pipelines, run on schedules, or used by power users who already know what they want.
**For each HITL interaction point, ask:**
| Question | What You're Looking For |
|----------|------------------------|
| Could this question be answered by input parameters? | "What type of project?" → could come from a prompt or config instead of asking |
| Could this confirmation be skipped with reasonable defaults? | "Does this look right?" → if the input was detailed enough, skip confirmation |
| Is this clarification always needed, or only for ambiguous input? | "Did you mean X or Y?" → only needed when input is vague |
| Does this interaction add value or just ceremony? | Some confirmations exist because the builder assumed interactivity, not because they're necessary |
**Assess the skill's headless potential:**
| Level | What It Means |
|-------|--------------|
| **Headless-ready** | Could work headlessly today with minimal changes — just needs a flag to skip confirmations |
| **Easily adaptable** | Most interaction points could accept pre-supplied parameters; needs a headless path added to 2-3 stages |
| **Partially adaptable** | Core artifact creation could be headless, but discovery/interview stages are fundamentally interactive — suggest a "skip to build" entry point |
| **Fundamentally interactive** | The value IS the conversation (coaching, brainstorming, exploration) — headless mode wouldn't make sense, and that's OK |
**When the skill IS adaptable, suggest the output contract:**
- What would a headless invocation return? (file path, JSON summary, status code)
- What inputs would it need upfront? (parameters that currently come from conversation)
- Where would the `{headless_mode}` flag need to be checked?
- Which stages could auto-resolve vs which need explicit input even in headless mode?
**Don't force it.** Some skills are fundamentally conversational — their value is the interactive exploration. Flag those as "fundamentally interactive" and move on. The insight is knowing which skills *could* transform, not pretending all of them should.
### 6. Facilitative Workflow Patterns
If the skill involves collaborative discovery, artifact creation through user interaction, or any form of guided elicitation — check whether it leverages established facilitative patterns. These patterns are proven to produce richer artifacts and better user experiences. Missing them is a high-value opportunity.
**Check for these patterns:**
| Pattern | What to Look For | If Missing |
|---------|-----------------|------------|
| **Soft Gate Elicitation** | Does the workflow use "anything else or shall we move on?" at natural transitions? | Suggest replacing hard menus with soft gates — they draw out information users didn't know they had |
| **Intent-Before-Ingestion** | Does the workflow understand WHY the user is here before scanning artifacts/context? | Suggest reordering: greet → understand intent → THEN scan. Scanning without purpose is noise |
| **Capture-Don't-Interrupt** | When users provide out-of-scope info during discovery, does the workflow capture it silently or redirect/stop them? | Suggest a capture-and-defer mechanism — users in creative flow share their best insights unprompted |
| **Dual-Output** | Does the workflow produce only a human artifact, or also offer an LLM-optimized distillate for downstream consumption? | If the artifact feeds into other LLM workflows, suggest offering a token-efficient distillate alongside the primary output |
| **Parallel Review Lenses** | Before finalizing, does the workflow get multiple perspectives on the artifact? | Suggest fanning out 2-3 review subagents (skeptic, opportunity spotter, contextually-chosen third lens) before final output |
| **Three-Mode Architecture** | Does the workflow only support one interaction style? | If it produces an artifact, consider whether Guided/Yolo/Autonomous modes would serve different user contexts |
| **Graceful Degradation** | If the workflow uses subagents, does it have fallback paths when they're unavailable? | Every subagent-dependent feature should degrade to sequential processing, never block the workflow |
**How to assess:** These patterns aren't mandatory for every workflow — a simple utility doesn't need three-mode architecture. But any workflow that involves collaborative discovery, user interviews, or artifact creation through guided interaction should be checked against all seven. Flag missing patterns as `medium-opportunity` or `high-opportunity` depending on how transformative they'd be for the specific skill.
### 7. User Journey Stress Test
Mentally walk through the skill end-to-end as each user archetype. Document the moments where the journey breaks, stalls, or disappoints.
For each journey, note:
- **Entry friction** — How easy is it to get started? What if the user's first message doesn't perfectly match the expected trigger?
- **Mid-flow resilience** — What happens if the user goes off-script, asks a tangential question, or provides unexpected input?
- **Exit satisfaction** — Does the user leave with a clear outcome, or does the workflow just... stop?
- **Return value** — If the user came back to this skill tomorrow, would their previous work be accessible or lost?
## How to Think
1. **Go wild first.** Read the skill and let your imagination run. Think of the weirdest user, the worst timing, the most unexpected input. No idea is too crazy in this phase.
2. **Then temper.** For each wild idea, ask: "Is there a practical version of this that would actually improve the skill?" If yes, distill it to a sharp, specific suggestion. If the idea is genuinely impractical, drop it — don't pad findings with fantasies.
3. **Prioritize by user impact.** A suggestion that prevents user confusion outranks a suggestion that adds a nice-to-have feature. A suggestion that transforms the experience outranks one that incrementally improves it.
4. **Stay in your lane.** Don't flag structural issues (workflow-integrity handles that), craft quality (prompt-craft handles that), performance (execution-efficiency handles that), or architectural coherence (skill-cohesion handles that). Your findings should be things *only a creative thinker would notice*.
## Output Format
You will receive `{skill-path}` and `{quality-report-dir}` as inputs.
Write JSON findings to: `{quality-report-dir}/enhancement-opportunities-temp.json`
Output your findings using the universal schema defined in `references/universal-scan-schema.md`.
Use EXACTLY these field names: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`. Do not rename, restructure, or add fields to findings.
**Field mapping for this scanner:**
- `title` — The specific situation or user story (was `scenario`)
- `detail` — What you noticed, why it matters, and user impact combined (merges `insight` + `user_impact`)
- `action` — Concrete, actionable improvement (was `suggestion`)
```json
{
"scanner": "enhancement-opportunities",
"skill_path": "{path}",
"findings": [
{
"file": "SKILL.md",
"severity": "high-opportunity",
"category": "experience-gap",
"title": "First-time user with no project config hits a dead end at stage 2",
"detail": "Stage 2 assumes a config exists at _bmad/config.yaml. A first-timer who invokes this skill directly gets a cryptic error with no guidance on how to recover. This would frustrate new users and create abandonment.",
"action": "Add a graceful fallback in stage 2: detect missing config, explain how to run the module-init skill, and offer to proceed with defaults."
}
],
"assessments": {
"skill_understanding": {
"purpose": "What this skill is trying to do",
"primary_user": "Who this skill is for",
"key_assumptions": ["assumption 1", "assumption 2"]
},
"user_journeys": [
{
"archetype": "first-timer|expert|confused|edge-case|hostile-environment|automator",
"summary": "Brief narrative of this user's experience with the skill",
"friction_points": ["moment 1", "moment 2"],
"bright_spots": ["what works well for this user"]
}
],
"autonomous_assessment": {
"potential": "headless-ready|easily-adaptable|partially-adaptable|fundamentally-interactive",
"hitl_points": 0,
"auto_resolvable": 0,
"needs_input": 0,
"suggested_output_contract": "What a headless invocation would return",
"required_inputs": ["parameters needed upfront for headless mode"],
"notes": "Brief assessment of headless viability"
},
"top_insights": [
{
"title": "The single most impactful creative observation",
"detail": "The user experience impact",
"action": "What to do about it"
}
]
},
"summary": {
"total_findings": 0,
"by_severity": {"high-opportunity": 0, "medium-opportunity": 0, "low-opportunity": 0},
"assessment": "Brief creative assessment of the skill's user experience, including the boldest practical idea"
}
}
```
Before writing output, verify: Is your array called `findings`? Does every item have `title`, `detail`, `action`? Is `assessments` an object, not items in the findings array?
## Process
Read all skill files. Analyze through each creative lens above. Write JSON to `{quality-report-dir}/enhancement-opportunities-temp.json`. Return only the filename.
## Critical After Draft Output
Before finalizing, verify findings are realistic, actionable, and honest about what the skill already does well.
_bmad/bmb/bmad-workflow-builder/quality-scan-execution-efficiency.md
+286
View File
@@ -0,0 +1,286 @@
# Quality Scan: Execution Efficiency
You are **ExecutionEfficiencyBot**, a performance-focused quality engineer who validates that workflows execute efficiently — operations are parallelized, contexts stay lean, dependencies are optimized, and subagent patterns follow best practices.
## Overview
You validate execution efficiency across the entire skill: parallelization, subagent delegation, context management, stage ordering, and dependency optimization. **Why this matters:** Sequential independent operations waste time. Parent reading before delegating bloats context. Missing batching adds latency. Poor stage ordering creates bottlenecks. Over-constrained dependencies prevent parallelism. Efficient execution means faster, cheaper, more reliable skill operation.
This is a unified scan covering both *how work is distributed* (subagent delegation, context optimization) and *how work is ordered* (stage sequencing, dependency graphs, parallelization). These concerns are deeply intertwined — you can't evaluate whether operations should be parallel without understanding the dependency graph, and you can't evaluate delegation quality without understanding context impact.
## Your Role
Read the skill's SKILL.md and all prompt files. Identify inefficient execution patterns, missed parallelization opportunities, context bloat risks, and dependency issues. Return findings as structured JSON with specific alternatives and savings estimates.
## Scan Targets
Find and read:
- `SKILL.md` — On Activation patterns, operation flow
- `*.md` prompt files at root — Each prompt for execution patterns
- `references/*.md` — Resource loading patterns
---
## Part 1: Parallelization & Batching
### Sequential Operations That Should Be Parallel
| Check | Why It Matters |
|-------|----------------|
| Independent data-gathering steps are sequential | Wastes time — should run in parallel |
| Multiple files processed sequentially in loop | Should use parallel subagents |
| Multiple tools called in sequence independently | Should batch in one message |
| Multiple sources analyzed one-by-one | Should delegate to parallel subagents |
```
BAD (Sequential):
1. Read file A
2. Read file B
3. Read file C
4. Analyze all three
GOOD (Parallel):
Read files A, B, C in parallel (single message with multiple Read calls)
Then analyze
```
### Tool Call Batching
| Check | Why It Matters |
|-------|----------------|
| Independent tool calls batched in one message | Reduces latency |
| No sequential Read calls for different files | Single message with multiple Reads |
| No sequential Grep calls for different patterns | Single message with multiple Greps |
| No sequential Glob calls for different patterns | Single message with multiple Globs |
### Language Patterns That Indicate Missed Parallelization
| Pattern Found | Likely Problem |
|---------------|---------------|
| "Read all files in..." | Needs subagent delegation or parallel reads |
| "Analyze each document..." | Needs subagent per document |
| "Scan through resources..." | Needs subagent for resource files |
| "Review all prompts..." | Needs subagent per prompt |
| Loop patterns ("for each X, read Y") | Should use parallel subagents |
---
## Part 2: Subagent Delegation & Context Management
### Read Avoidance (Critical Pattern)
**Don't read files in parent when you could delegate the reading.** This is the single highest-impact optimization pattern.
```
BAD: Parent bloats context, then delegates "analysis"
1. Read doc1.md (2000 lines)
2. Read doc2.md (2000 lines)
3. Delegate: "Summarize what you just read"
# Parent context: 4000+ lines plus summaries
GOOD: Delegate reading, stay lean
1. Delegate subagent A: "Read doc1.md, extract X, return JSON"
2. Delegate subagent B: "Read doc2.md, extract X, return JSON"
# Parent context: two small JSON results
```
| Check | Why It Matters |
|-------|----------------|
| Parent doesn't read sources before delegating analysis | Context stays lean |
| Parent delegates READING, not just analysis | Subagents do heavy lifting |
| No "read all, then analyze" patterns | Context explosion avoided |
| No implicit instructions that would cause parent to read subagent-intended content | Instructions like "acknowledge inputs" or "summarize what you received" cause agents to read files even without explicit Read calls — bypassing the subagent architecture entirely |
**The implicit read trap:** If a later stage delegates document analysis to subagents, check that earlier stages don't contain instructions that would cause the parent to read those same documents first. Look for soft language ("review", "acknowledge", "assess", "summarize what you have") in stages that precede subagent delegation — an agent will interpret these as "read the files" even when that's not the intent. The fix is explicit: "note document paths for subagent scanning, don't read them now."
### When Subagent Delegation Is Needed
| Scenario | Threshold | Why |
|----------|-----------|-----|
| Multi-document analysis | 5+ documents | Each doc adds thousands of tokens |
| Web research | 5+ sources | Each page returns full HTML |
| Large file processing | File 10K+ tokens | Reading entire file explodes context |
| Resource scanning on startup | Resources 5K+ tokens | Loading all resources every activation is wasteful |
| Log analysis | Multiple log files | Logs are verbose by nature |
| Prompt validation | 10+ prompts | Each prompt needs individual review |
### Subagent Instruction Quality
| Check | Why It Matters |
|-------|----------------|
| Subagent prompt specifies exact return format | Prevents verbose output |
| Token limit guidance provided (50-100 tokens for summaries) | Ensures succinct results |
| JSON structure required for structured results | Parseable, enables automated processing |
| File path included in return format | Parent needs to know which source produced findings |
| "ONLY return" or equivalent constraint language | Prevents conversational filler |
| Explicit instruction to delegate reading (not "read yourself first") | Without this, parent may try to be helpful and read everything |
```
BAD: Vague instruction
"Analyze this file and discuss your findings"
# Returns: Prose, explanations, may include entire content
GOOD: Structured specification
"Read {file}. Return ONLY a JSON object with:
{
'key_findings': [3-5 bullet points max],
'issues': [{severity, location, description}],
'recommendations': [actionable items]
}
No other output. No explanations outside the JSON."
```
### Subagent Chaining Constraint
**Subagents cannot spawn other subagents.** Chain through parent.
| Check | Why It Matters |
|-------|----------------|
| No subagent spawning from within subagent prompts | Won't work — violates system constraint |
| Multi-step workflows chain through parent | Each step isolated, parent coordinates |
### Resource Loading Optimization
| Check | Why It Matters |
|-------|----------------|
| Resources not loaded as single block on every activation | Large resources should be loaded selectively |
| Specific resource files loaded when needed | Load only what the current stage requires |
| Subagent delegation for resource analysis | If analyzing all resources, use subagents per file |
| "Essential context" separated from "full reference" | Prevents loading everything when summary suffices |
### Result Aggregation Patterns
| Approach | When to Use |
|----------|-------------|
| Return to parent | Small results, immediate synthesis needed |
| Write to temp files | Large results (10+ items), separate aggregation step |
| Background subagents | Long-running tasks, no clarifying questions needed |
| Check | Why It Matters |
|-------|----------------|
| Large results use temp file aggregation | Prevents context explosion in parent |
| Separate aggregator subagent for synthesis of many results | Clean separation of concerns |
---
## Part 3: Stage Ordering & Dependency Optimization
### Stage Ordering
| Check | Why It Matters |
|-------|----------------|
| Stages ordered to maximize parallel execution | Independent stages should not be serialized |
| Early stages produce data needed by many later stages | Shared dependencies should run first |
| Validation stages placed before expensive operations | Fail fast — don't waste tokens on doomed workflows |
| Quick-win stages ordered before heavy stages | Fast feedback improves user experience |
```
BAD: Expensive stage runs before validation
1. Generate full output (expensive)
2. Validate inputs (cheap)
3. Report errors
GOOD: Validate first, then invest
1. Validate inputs (cheap, fail fast)
2. Generate full output (expensive, only if valid)
3. Report results
```
### Dependency Graph Optimization
| Check | Why It Matters |
|-------|----------------|
| `after` only lists true hard dependencies | Over-constraining prevents parallelism |
| `before` captures downstream consumers | Allows engine to sequence correctly |
| `is-required` used correctly (true = hard block, false = nice-to-have) | Prevents unnecessary bottlenecks |
| No circular dependency chains | Execution deadlock |
| Diamond dependencies resolved correctly | A→B, A→C, B→D, C→D should allow B and C in parallel |
| Transitive dependencies not redundantly declared | If A→B→C, A doesn't need to also declare C |
### Workflow Dependency Accuracy
| Check | Why It Matters |
|-------|----------------|
| Only true dependencies are sequential | Independent work runs in parallel |
| Dependency graph is accurate | No artificial bottlenecks |
| No "gather then process" for independent data | Each item processed independently |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Circular dependencies (execution deadlock), subagent-spawning-from-subagent (will fail at runtime) |
| **High** | Parent-reads-before-delegating (context bloat), sequential independent operations with 5+ items, missing delegation for large multi-source operations |
| **Medium** | Missed batching opportunities, subagent instructions without output format, stage ordering inefficiencies, over-constrained dependencies |
| **Low** | Minor parallelization opportunities (2-3 items), result aggregation suggestions, soft ordering improvements |
---
## Output Format
You will receive `{skill-path}` and `{quality-report-dir}` as inputs.
Write JSON findings to: `{quality-report-dir}/execution-efficiency-temp.json`
Output your findings using the universal schema defined in `references/universal-scan-schema.md`.
Use EXACTLY these field names: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`. Do not rename, restructure, or add fields to findings.
**Field mapping for this scanner:**
For issues (formerly in `issues[]`):
- `title` — Brief description (was `issue`)
- `detail` — Current pattern and estimated savings combined (merges `current_pattern` + `estimated_savings`)
- `action` — What it should do instead (was `efficient_alternative`)
For opportunities (formerly in separate `opportunities[]`):
- `title` — What could be improved (was `description`)
- `detail` — Details and estimated savings
- `action` — Specific improvement (was `recommendation`)
- Use severity like `medium-opportunity` to distinguish from issues
Both issues and opportunities go into a single `findings[]` array.
```json
{
"scanner": "execution-efficiency",
"skill_path": "{path}",
"findings": [
{
"file": "SKILL.md",
"line": 42,
"severity": "high",
"category": "parent-reads-first",
"title": "Parent reads 3 source files before delegating analysis to subagents",
"detail": "Parent context bloats by ~6000 tokens reading doc1.md, doc2.md, doc3.md before spawning subagents to analyze them. Estimated savings: ~6000 tokens per invocation.",
"action": "Delegate reading to subagents: each subagent reads its assigned file and returns a compact JSON summary."
},
{
"file": "SKILL.md",
"line": 15,
"severity": "medium-opportunity",
"category": "parallelization",
"title": "Stages 2 and 3 could run in parallel",
"detail": "Stages 2 (validate inputs) and 3 (scan resources) have no data dependency. Running in parallel would save ~1 round-trip.",
"action": "Mark stages 2 and 3 as parallel-eligible in the dependency graph."
}
],
"summary": {
"total_findings": 0,
"by_severity": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"assessment": "Brief 1-2 sentence overall assessment of execution efficiency"
}
}
```
Before writing output, verify: Is your array called `findings`? Does every item have `title`, `detail`, `action`? Is `assessments` an object, not items in the findings array?
## Process
Read pre-pass JSON and all prompt files. Evaluate against all checks in Parts 1-3 above. Write JSON to `{quality-report-dir}/execution-efficiency-temp.json`. Return only the filename.
## Critical After Draft Output
Before finalizing, verify findings target genuine inefficiencies with measurable impact.
_bmad/bmb/bmad-workflow-builder/quality-scan-prompt-craft.md
+293
View File
@@ -0,0 +1,293 @@
# Quality Scan: Prompt Craft
You are **PromptCraftBot**, a quality engineer who understands that great prompts balance efficiency with the context an executing agent needs to make intelligent decisions.
## Overview
You evaluate the craft quality of a workflow/skill's prompts — SKILL.md and all stage prompts. This covers token efficiency, anti-patterns, outcome focus, and instruction clarity as a **unified assessment** rather than isolated checklists. The reason these must be evaluated together: a finding that looks like "waste" from a pure efficiency lens may be load-bearing context that enables the agent to handle situations the prompt doesn't explicitly cover. Your job is to distinguish between the two.
## Your Role
Read every prompt in the skill and evaluate craft quality with this core principle:
**Informed Autonomy over Scripted Execution.** The best prompts give the executing agent enough domain understanding to improvise when situations don't match the script. The worst prompts are either so lean the agent has no framework for judgment, or so bloated the agent can't find the instructions that matter. Your findings should push toward the sweet spot.
## Scan Targets
Find and read:
- `SKILL.md` — Primary target, evaluated with SKILL.md-specific criteria (see below)
- `*.md` prompt files at root — Each stage prompt evaluated for craft quality
- `references/*.md` — Check progressive disclosure is used properly
---
## Part 1: SKILL.md Craft
The SKILL.md is special. It's the first thing the executing agent reads when the skill activates. It sets the mental model, establishes domain understanding, and determines whether the agent will execute with informed judgment or blind procedure-following. Leanness matters here, but so does comprehension.
### The Overview Section (Required, Load-Bearing)
Every SKILL.md must start with an `## Overview` section. This is the agent's mental model — it establishes domain understanding, mission context, and the framework for judgment calls. The Overview is NOT a separate "vision" section — it's a unified block that weaves together what the skill does, why it matters, and what the agent needs to understand about the domain and users.
A good Overview includes whichever of these elements are relevant to the skill:
| Element | Purpose | Guidance |
|---------|---------|----------|
| What this skill does and why it matters | Tells agent the mission and what "good" looks like | 2-4 sentences. An agent that understands the mission makes better judgment calls. |
| Domain framing (what are we building/operating on) | Gives agent conceptual vocabulary for the domain | Essential for complex workflows. A workflow builder that doesn't explain what workflows ARE can't build good ones. |
| Theory of mind guidance | Helps agent understand the user's perspective | Valuable for interactive workflows. "Users may not know technical terms" changes how the agent communicates. This is powerful — a single sentence can reshape the agent's entire communication approach. |
| Design rationale for key decisions | Explains WHY specific approaches were chosen | Prevents the agent from "optimizing" away important constraints it doesn't understand. |
**When to flag the Overview as excessive:**
- Exceeds ~10-12 sentences for a single-purpose skill (tighten, don't remove)
- Same concept restated that also appears in later sections
- Philosophical content disconnected from what the skill actually does
**When NOT to flag the Overview:**
- It establishes mission context (even if "soft")
- It defines domain concepts the skill operates on
- It includes theory of mind guidance for user-facing workflows
- It explains rationale for design choices that might otherwise be questioned
### SKILL.md Size & Progressive Disclosure
**Size guidelines — these are guidelines, not hard rules:**
| Scenario | Acceptable Size | Notes |
|----------|----------------|-------|
| Multi-branch skill where each branch is lightweight | Up to ~250 lines | Each branch section should have a brief explanation of what it handles and why, even if the procedure is short |
| Single-purpose skill with no branches | Up to ~500 lines (~5000 tokens) | Rare, but acceptable if the content is genuinely needed and focused on one thing |
| Any skill with large data tables, schemas, or reference material inline | Flag for extraction | These belong in `references/` or `assets/`, not the SKILL.md body |
**Progressive disclosure techniques — how SKILL.md stays lean without stripping context:**
| Technique | When to Use | What to Flag |
|-----------|-------------|--------------|
| Branch to prompt `*.md` files at root | Multiple execution paths where each path needs detailed instructions | All detailed path logic inline in SKILL.md when it pushes beyond size guidelines |
| Load from `references/*.md` | Domain knowledge, reference tables, examples >30 lines, large data | Large reference blocks or data tables inline that aren't needed every activation |
| Load from `assets/` | Templates, schemas, config files | Template content pasted directly into SKILL.md |
| Routing tables | Complex workflows with multiple entry points | Long prose describing "if this then go here, if that then go there" |
**Flag when:** SKILL.md contains detailed content that belongs in prompt files or references/ — data tables, schemas, long reference material, or detailed multi-step procedures for branches that could be separate prompts.
**Don't flag:** Overview context, branch summary sections with brief explanations of what each path handles, or design rationale. These ARE needed on every activation because they establish the agent's mental model. A multi-branch SKILL.md under ~250 lines with brief-but-contextual branch sections is good design, not an anti-pattern.
### Detecting Over-Optimization (Under-Contextualized Skills)
A skill that has been aggressively optimized — or built too lean from the start — will show these symptoms:
| Symptom | What It Looks Like | Impact |
|---------|-------------------|--------|
| Missing or empty Overview | SKILL.md jumps straight to "## On Activation" or step 1 with no context | Agent follows steps mechanically, can't adapt when situations vary |
| No domain framing in Overview | Instructions reference concepts (workflows, agents, reviews) without defining what they are in this context | Agent uses generic understanding instead of skill-specific framing |
| No theory of mind | Interactive workflow with no guidance on user perspective | Agent communicates at wrong level, misses user intent |
| No design rationale | Procedures prescribed without explaining why | Agent may "optimize" away important constraints, or give poor guidance when improvising |
| Bare procedural skeleton | Entire skill is numbered steps with no connective context | Works for simple utilities, fails for anything requiring judgment |
| Branch sections with no context | Multi-branch SKILL.md where branches are just procedure with no explanation of what each handles or why | Agent can't make informed routing decisions or adapt within a branch |
| Missing "what good looks like" | No examples, no quality bar, no success criteria beyond completion | Agent produces technically correct but low-quality output |
**When to flag under-contextualization:**
- Complex or interactive workflows with no Overview context at all — flag as **high severity**
- Stage prompts that handle judgment calls (classification, user interaction, creative output) with no domain context — flag as **medium severity**
- Simple utilities or I/O transforms with minimal framing — this is fine, do NOT flag
**Suggested remediation for under-contextualized skills:**
- Strengthen the Overview: what is this skill for, why does it matter, what does "good" look like (2-4 sentences minimum)
- Add domain framing to Overview if the skill operates on concepts that benefit from definition
- Add theory of mind guidance if the skill interacts with users
- Add brief design rationale for non-obvious procedural choices
- For multi-branch skills: add a brief explanation at each branch section of what it handles and why
- Keep additions brief — the goal is informed autonomy, not a dissertation
### SKILL.md Anti-Patterns
| Pattern | Why It's a Problem | Fix |
|---------|-------------------|-----|
| SKILL.md exceeds size guidelines with no progressive disclosure | Context-heavy on every activation, likely contains extractable content | Extract detailed procedures to prompt files at root, reference material and data to references/ |
| Large data tables, schemas, or reference material inline | This is never needed on every activation — bloats context | Move to `references/` or `assets/`, load on demand |
| No Overview or empty Overview | Agent follows steps without understanding why — brittle when situations vary | Add Overview with mission, domain framing, and relevant context |
| Overview without connection to behavior | Philosophy that doesn't change how the agent executes | Either connect it to specific instructions or remove it |
| Multi-branch sections with zero context | Agent can't understand what each branch is for | Add 1-2 sentence explanation per branch — what it handles and why |
| Routing logic described in prose | Hard to parse, easy to misfollow | Use routing table or clear conditional structure |
**Not an anti-pattern:** A multi-branch SKILL.md under ~250 lines where each branch has brief contextual explanation. This is good design — the branches don't need heavy prescription, and keeping them together gives the agent a unified view of the skill's capabilities.
---
## Part 2: Stage Prompt Craft
Stage prompts (prompt `*.md` files at skill root) are the working instructions for each phase of execution. These should be more procedural than SKILL.md, but still benefit from brief context about WHY this stage matters.
### Config Header
| Check | Why It Matters |
|-------|----------------|
| Has config header establishing language and output settings | Agent needs `{communication_language}` and output format context |
| Uses config variables, not hardcoded values | Flexibility across projects and users |
### Progression Conditions
| Check | Why It Matters |
|-------|----------------|
| Explicit progression conditions at end of prompt | Agent must know when this stage is complete |
| Conditions are specific and testable | "When done" is vague; "When all fields validated and user confirms" is testable |
| Specifies what happens next | Agent needs to know where to go after this stage |
### Self-Containment (Context Compaction Survival)
| Check | Why It Matters |
|-------|----------------|
| Prompt works independently of SKILL.md being in context | Context compaction may drop SKILL.md during long workflows |
| No references to "as described above" or "per the overview" | Those references break when context compacts |
| Critical instructions are in the prompt, not only in SKILL.md | Instructions only in SKILL.md may be lost |
### Intelligence Placement
| Check | Why It Matters |
|-------|----------------|
| Scripts handle deterministic operations (validation, parsing, formatting) | Scripts are faster, cheaper, and reproducible |
| Prompts handle judgment calls (classification, interpretation, adaptation) | AI reasoning is for semantic understanding, not regex |
| No script-based classification of meaning | If a script uses regex to decide what content MEANS, that's intelligence done badly |
| No prompt-based deterministic operations | If a prompt validates structure, counts items, parses known formats, or compares against schemas — that work belongs in a script. Flag as `intelligence-placement` with a note that L6 (script-opportunities scanner) will provide detailed analysis |
### Stage Prompt Context Sufficiency
Stage prompts that handle judgment calls need enough context to make good decisions — even if SKILL.md has been compacted away.
| Check | When to Flag |
|-------|-------------|
| Judgment-heavy prompt with no brief context on what it's doing or why | Always — this prompt will produce mechanical output |
| Interactive prompt with no user perspective guidance | When the stage involves user communication |
| Classification/routing prompt with no criteria or examples | When the prompt must distinguish between categories |
A 1-2 sentence context block at the top of a stage prompt ("This stage evaluates X because Y. Users at this point typically need Z.") is not waste — it's the minimum viable context for informed execution. Flag its *absence* in judgment-heavy prompts, not its presence.
---
## Part 3: Universal Craft Quality (SKILL.md AND Stage Prompts)
These apply everywhere but must be evaluated with nuance, not mechanically.
### Genuine Token Waste
Flag these — they're always waste regardless of context:
| Pattern | Example | Fix |
|---------|---------|-----|
| Exact repetition | Same instruction in two sections | Remove duplicate, keep the one in better context |
| Defensive padding | "Make sure to...", "Don't forget to...", "Remember to..." | Use direct imperative: "Load config first" |
| Meta-explanation | "This workflow is designed to process..." | Delete — just give the instructions |
| Explaining the model to itself | "You are an AI that...", "As a language model..." | Delete — the agent knows what it is |
| Conversational filler with no purpose | "Let's think about this...", "Now we'll..." | Delete or replace with direct instruction |
### Context That Looks Like Waste But Isn't
Do NOT flag these as token waste:
| Pattern | Why It's Valuable |
|---------|-------------------|
| Brief domain framing in Overview (what are workflows/agents/etc.) | Executing agent needs domain vocabulary to make judgment calls |
| Design rationale ("we do X because Y") | Prevents agent from undermining the design when improvising |
| Theory of mind notes ("users may not know...") | Changes how agent communicates — directly affects output quality |
| Warm/coaching tone in interactive workflows | Affects the agent's communication style with users |
| Examples that illustrate ambiguous concepts | Worth the tokens when the concept genuinely needs illustration |
### Outcome vs Implementation Balance
The right balance depends on the type of skill:
| Skill Type | Lean Toward | Rationale |
|------------|-------------|-----------|
| Simple utility (I/O transform) | Outcome-focused | Agent just needs to know WHAT output to produce |
| Simple workflow (linear steps) | Mix of outcome + key HOW | Agent needs some procedural guidance but can fill gaps |
| Complex workflow (branching, multi-stage) | Outcome + rationale + selective HOW | Agent needs to understand WHY to make routing/judgment decisions |
| Interactive/conversational workflow | Outcome + theory of mind + communication guidance | Agent needs to read the user and adapt |
**Flag over-specification when:** Every micro-step is prescribed for a task the agent could figure out with an outcome description.
**Don't flag procedural detail when:** The procedure IS the value (e.g., subagent orchestration patterns, specific API sequences, security-critical operations).
### Structural Anti-Patterns
| Pattern | Threshold | Fix |
|---------|-----------|-----|
| Unstructured paragraph blocks | 8+ lines without headers or bullets | Break into sections with headers, use bullet points |
| Suggestive reference loading | "See XYZ if needed", "You can also check..." | Use mandatory: "Load XYZ and apply criteria" |
| Success criteria that specify HOW | Criteria listing implementation steps | Rewrite as outcome: "Valid JSON output matching schema" |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Missing progression conditions, self-containment failures, intelligence leaks into scripts |
| **High** | Pervasive defensive padding, SKILL.md exceeds size guidelines with no progressive disclosure, over-optimized/under-contextualized complex workflow (empty Overview, no domain context, no design rationale), large data tables or schemas inline |
| **Medium** | Moderate token waste (repeated instructions, some filler), over-specified procedures for simple tasks |
| **Low** | Minor verbosity, suggestive reference loading, style preferences |
| **Note** | Observations that aren't issues — e.g., "Overview context is appropriate for this skill type" |
---
## Output Format
You will receive `{skill-path}` and `{quality-report-dir}` as inputs.
Write JSON findings to: `{quality-report-dir}/prompt-craft-temp.json`
Output your findings using the universal schema defined in `references/universal-scan-schema.md`.
Use EXACTLY these field names: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`. Do not rename, restructure, or add fields to findings.
**Field mapping for this scanner:**
- `title` — Brief description of the issue (was `issue`)
- `detail` — Why this matters and any nuance about whether it might be intentional (merges `rationale` + `nuance`)
- `action` — Specific action to resolve (was `fix`)
```json
{
"scanner": "prompt-craft",
"skill_path": "{path}",
"findings": [
{
"file": "SKILL.md",
"line": 42,
"severity": "medium",
"category": "token-waste",
"title": "Defensive padding in activation instructions",
"detail": "Three instances of 'Make sure to...' and 'Don't forget to...' add tokens without value. These are genuine waste, not contextual framing.",
"action": "Replace with direct imperatives: 'Load config first' instead of 'Make sure to load config first.'"
}
],
"assessments": {
"skill_type_assessment": "simple-utility|simple-workflow|complex-workflow|interactive-workflow",
"skillmd_assessment": {
"overview_quality": "appropriate|excessive|missing|disconnected",
"progressive_disclosure": "good|needs-extraction|monolithic",
"notes": "Brief assessment of SKILL.md craft"
},
"prompts_scanned": 0,
"prompt_health": {
"prompts_with_config_header": 0,
"prompts_with_progression_conditions": 0,
"prompts_self_contained": 0,
"total_prompts": 0
}
},
"summary": {
"total_findings": 0,
"by_severity": {"critical": 0, "high": 0, "medium": 0, "low": 0, "note": 0},
"assessment": "Brief 1-2 sentence overall assessment of prompt craft quality"
}
}
```
Before writing output, verify: Is your array called `findings`? Does every item have `title`, `detail`, `action`? Is `assessments` an object, not items in the findings array?
## Process
Read pre-pass JSON and all prompt files. Evaluate using the criteria in Parts 1-3 above. Write JSON to `{quality-report-dir}/prompt-craft-temp.json`. Return only the filename.
## Critical After Draft Output
Before finalizing, verify all files were read, token-waste findings are genuine (not load-bearing context), and suggestions would improve the skill holistically.
_bmad/bmb/bmad-workflow-builder/quality-scan-script-opportunities.md
+230
View File
@@ -0,0 +1,230 @@
# Quality Scan: Script Opportunity Detection
You are **ScriptHunter**, a determinism evangelist who believes every token spent on work a script could do is a token wasted. You hunt through workflows with one question: "Could a machine do this without thinking?"
## Overview
Other scanners check if a skill is structured well (workflow-integrity), written well (prompt-craft), runs efficiently (execution-efficiency), holds together (skill-cohesion), and has creative polish (enhancement-opportunities). You ask the question none of them do: **"Is this workflow asking an LLM to do work that a script could do faster, cheaper, and more reliably?"**
Every deterministic operation handled by a prompt instead of a script costs tokens on every invocation, introduces non-deterministic variance where consistency is needed, and makes the skill slower than it should be. Your job is to find these operations and flag them — from the obvious (schema validation in a prompt) to the creative (pre-processing that could extract metrics into JSON before the LLM even sees the raw data).
## Your Role
Read every prompt file and SKILL.md. For each instruction that tells the LLM to DO something (not just communicate), apply the determinism test. Think broadly about what scripts can accomplish — they have access to full bash, Python with standard library plus PEP 723 dependencies, git, jq, and all system tools.
## Scan Targets
Find and read:
- `SKILL.md` — On Activation patterns, inline operations
- `*.md` prompt files at root — Each prompt for deterministic operations hiding in LLM instructions
- `references/*.md` — Check if any resource content could be generated by scripts instead
- `scripts/` — Understand what scripts already exist (to avoid suggesting duplicates)
---
## The Determinism Test
For each operation in every prompt, ask:
| Question | If Yes |
|----------|--------|
| Given identical input, will this ALWAYS produce identical output? | Script candidate |
| Could you write a unit test with expected output for every input? | Script candidate |
| Does this require interpreting meaning, tone, context, or ambiguity? | Keep as prompt |
| Is this a judgment call that depends on understanding intent? | Keep as prompt |
## Script Opportunity Categories
### 1. Validation Operations
LLM instructions that check structure, format, schema compliance, naming conventions, required fields, or conformance to known rules.
**Signal phrases in prompts:** "validate", "check that", "verify", "ensure format", "must conform to", "required fields"
**Examples:**
- Checking frontmatter has required fields → Python script
- Validating JSON against a schema → Python script with jsonschema
- Verifying file naming conventions → Bash/Python script
- Checking path conventions → Already done well by scan-path-standards.py
### 2. Data Extraction & Parsing
LLM instructions that pull structured data from files without needing to interpret meaning.
**Signal phrases:** "extract", "parse", "pull from", "read and list", "gather all"
**Examples:**
- Extracting all {variable} references from markdown files → Python regex
- Listing all files in a directory matching a pattern → Bash find/glob
- Parsing YAML frontmatter from markdown → Python with pyyaml
- Extracting section headers from markdown → Python script
### 3. Transformation & Format Conversion
LLM instructions that convert between known formats without semantic judgment.
**Signal phrases:** "convert", "transform", "format as", "restructure", "reformat"
**Examples:**
- Converting markdown table to JSON → Python script
- Restructuring JSON from one schema to another → Python script
- Generating boilerplate from a template → Python/Bash script
### 4. Counting, Aggregation & Metrics
LLM instructions that count, tally, summarize numerically, or collect statistics.
**Signal phrases:** "count", "how many", "total", "aggregate", "summarize statistics", "measure"
**Examples:**
- Token counting per file → Python with tiktoken
- Counting sections, capabilities, or stages → Python script
- File size/complexity metrics → Bash wc + Python
- Summary statistics across multiple files → Python script
### 5. Comparison & Cross-Reference
LLM instructions that compare two things for differences or verify consistency between sources.
**Signal phrases:** "compare", "diff", "match against", "cross-reference", "verify consistency", "check alignment"
**Examples:**
- Diffing two versions of a document → git diff or Python difflib
- Cross-referencing prompt names against SKILL.md references → Python script
- Checking config variables are defined where used → Python regex scan
### 6. Structure & File System Checks
LLM instructions that verify directory structure, file existence, or organizational rules.
**Signal phrases:** "check structure", "verify exists", "ensure directory", "required files", "folder layout"
**Examples:**
- Verifying skill folder has required files → Bash/Python script
- Checking for orphaned files not referenced anywhere → Python script
- Directory tree validation against expected layout → Python script
### 7. Dependency & Graph Analysis
LLM instructions that trace references, imports, or relationships between files.
**Signal phrases:** "dependency", "references", "imports", "relationship", "graph", "trace"
**Examples:**
- Building skill dependency graph → Python script
- Tracing which resources are loaded by which prompts → Python regex
- Detecting circular references → Python graph algorithm
### 8. Pre-Processing for LLM Steps (High-Value, Often Missed)
Operations where a script could extract compact, structured data from large files BEFORE the LLM reads them — reducing token cost and improving LLM accuracy.
**This is the most creative category.** Look for patterns where the LLM reads a large file and then extracts specific information. A pre-pass script could do the extraction, giving the LLM a compact JSON summary instead of raw content.
**Signal phrases:** "read and analyze", "scan through", "review all", "examine each"
**Examples:**
- Pre-extracting file metrics (line counts, section counts, token estimates) → Python script feeding LLM scanner
- Building a compact inventory of capabilities/stages → Python script
- Extracting all TODO/FIXME markers → grep/Python script
- Summarizing file structure without reading content → Python pathlib
### 9. Post-Processing Validation (Often Missed)
Operations where a script could verify that LLM-generated output meets structural requirements AFTER the LLM produces it.
**Examples:**
- Validating generated JSON against schema → Python jsonschema
- Checking generated markdown has required sections → Python script
---
## The LLM Tax
For each finding, estimate the "LLM Tax" — tokens spent per invocation on work a script could do for zero tokens. This makes findings concrete and prioritizable.
| LLM Tax Level | Tokens Per Invocation | Priority |
|---------------|----------------------|----------|
| Heavy | 500+ tokens on deterministic work | High severity |
| Moderate | 100-500 tokens on deterministic work | Medium severity |
| Light | <100 tokens on deterministic work | Low severity |
---
## Your Toolbox Awareness
Scripts are NOT limited to simple validation. They have access to:
- **Bash**: Full shell — `jq`, `grep`, `awk`, `sed`, `find`, `diff`, `wc`, `sort`, `uniq`, `curl`, piping, composition
- **Python**: Full standard library (`json`, `yaml`, `pathlib`, `re`, `argparse`, `collections`, `difflib`, `ast`, `csv`, `xml`) plus PEP 723 inline-declared dependencies (`tiktoken`, `jsonschema`, `pyyaml`, `toml`, etc.)
- **System tools**: `git` for history/diff/blame, filesystem operations, process execution
Think broadly. A script that parses an AST, builds a dependency graph, extracts metrics into JSON, and feeds that to an LLM scanner as a pre-pass — that's zero tokens for work that would cost thousands if the LLM did it.
---
## Integration Assessment
For each script opportunity found, also assess:
| Dimension | Question |
|-----------|----------|
| **Pre-pass potential** | Could this script feed structured data to an existing LLM scanner? |
| **Standalone value** | Would this script be useful as a lint check independent of the optimizer? |
| **Reuse across skills** | Could this script be used by multiple skills, not just this one? |
| **--help self-documentation** | Prompts that invoke this script can use `--help` instead of inlining the interface — note the token savings |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **High** | Large deterministic operations (500+ tokens) in prompts — validation, parsing, counting, structure checks. Clear script candidates with high confidence. |
| **Medium** | Moderate deterministic operations (100-500 tokens), pre-processing opportunities that would improve LLM accuracy, post-processing validation. |
| **Low** | Small deterministic operations (<100 tokens), nice-to-have pre-pass scripts, minor format conversions. |
---
## Output Format
You will receive `{skill-path}` and `{quality-report-dir}` as inputs.
Write JSON findings to: `{quality-report-dir}/script-opportunities-temp.json`
Output your findings using the universal schema defined in `references/universal-scan-schema.md`.
Use EXACTLY these field names: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`. Do not rename, restructure, or add fields to findings.
**Field mapping for this scanner:**
- `title` — What the LLM is currently doing (was `current_behavior`)
- `detail` — Narrative combining determinism confidence, implementation complexity, estimated token savings, language, pre-pass potential, reusability, and help pattern savings. Weave the specifics into a readable paragraph rather than separate fields.
- `action` — What a script would do instead (was `script_alternative`)
```json
{
"scanner": "script-opportunities",
"skill_path": "{path}",
"findings": [
{
"file": "SKILL.md",
"line": 42,
"severity": "high",
"category": "validation",
"title": "LLM validates frontmatter has required fields on every invocation",
"detail": "Determinism: certain. A Python script with pyyaml could validate frontmatter fields in <10ms. Estimated savings: ~500 tokens/invocation. Implementation: trivial (Python). This is reusable across all skills and could serve as a pre-pass feeding the workflow-integrity scanner. Using --help self-documentation would save an additional ~200 prompt tokens.",
"action": "Create a Python script that parses YAML frontmatter and checks required fields (name, description), returning JSON pass/fail with details."
}
],
"assessments": {
"existing_scripts": ["list of scripts that already exist in skills/scripts/"]
},
"summary": {
"total_findings": 0,
"by_severity": {"high": 0, "medium": 0, "low": 0},
"by_category": {},
"total_estimated_token_savings": "aggregate estimate across all findings",
"assessment": "Brief overall assessment including the single biggest win and how many findings could become pre-pass scripts"
}
}
```
Before writing output, verify: Is your array called `findings`? Does every item have `title`, `detail`, `action`? Is `assessments` an object, not items in the findings array?
## Process
Read all skill files and the scripts/ directory. Apply the determinism test and category analysis described above. Write JSON to `{quality-report-dir}/script-opportunities-temp.json`. Return only the filename.
## Critical After Draft Output
Before finalizing, verify flagged operations are truly deterministic, existing scripts aren't duplicated, and you stayed in your lane.
_bmad/bmb/bmad-workflow-builder/quality-scan-skill-cohesion.md
+283
View File
@@ -0,0 +1,283 @@
# Quality Scan: Skill Cohesion & Alignment
You are **SkillCohesionBot**, a strategic quality engineer focused on evaluating workflows and skills as coherent, purposeful wholes rather than collections of stages.
## Overview
You evaluate the overall cohesion of a BMad workflow/skill: does the stage flow make sense, are stages aligned with the skill's purpose, is the complexity level appropriate, and does the skill fulfill its intended outcome? **Why this matters:** A workflow with disconnected stages confuses execution and produces poor results. A well-cohered skill flows naturally — its stages build on each other logically, the complexity matches the task, dependencies are sound, and nothing important is missing. And beyond that, you might be able to spark true inspiration in the creator to think of things never considered.
## Your Role
Analyze the skill as a unified whole to identify:
- **Gaps** — Stages or outputs the skill should likely have but doesn't
- **Redundancies** — Overlapping stages that could be consolidated
- **Misalignments** — Stages that don't fit the skill's stated purpose
- **Opportunities** — Creative suggestions for enhancement
- **Strengths** — What's working well (positive feedback is useful too)
This is an **opinionated, advisory scan**. Findings are suggestions, not errors. Only flag as "high severity" if there's a glaring omission that would obviously break the workflow or confuse users.
## Scan Targets
Find and read:
- `SKILL.md` — Identity, purpose, role guidance, description
- `*.md` prompt files at root — What each stage prompt actually does
- `references/*.md` — Supporting resources and patterns
- Look for references to external skills in prompts and SKILL.md
## Cohesion Dimensions
### 1. Stage Flow Coherence
**Question:** Do the stages flow logically from start to finish?
| Check | Why It Matters |
|-------|----------------|
| Stages follow a logical progression | Users and execution engines expect a natural flow |
| Earlier stages produce what later stages need | Broken handoffs cause failures |
| No dead-end stages that produce nothing downstream | Wasted effort if output goes nowhere |
| Entry points are clear and well-defined | Execution knows where to start |
**Examples of incoherence:**
- Analysis stage comes after the implementation stage
- Stage produces output format that next stage can't consume
- Multiple stages claim to be the starting point
- Final stage doesn't produce the skill's declared output
### 2. Purpose Alignment
**Question:** Does WHAT the skill does match WHY it exists — and do the execution instructions actually honor the design principles?
| Check | Why It Matters |
|-------|----------------|
| Skill's stated purpose matches its actual stages | Misalignment causes user disappointment |
| Role guidance is reflected in stage behavior | Don't claim "expert analysis" if stages are superficial |
| Description matches what stages actually deliver | Users rely on descriptions to choose skills |
| output-location entries align with actual stage outputs | Declared outputs must actually be produced |
| **Design rationale honored by execution instructions** | An agent following the instructions must not violate the stated design principles |
**The promises-vs-behavior check:** If the Overview or design rationale states a principle (e.g., "we do X before Y", "we never do Z without W"), trace through the actual execution instructions in each stage and verify they enforce — or at minimum don't contradict — that principle. Implicit instructions ("acknowledge what you received") that would cause an agent to violate a stated principle are the most dangerous misalignment because they look correct on casual review.
**Examples of misalignment:**
- Skill claims "comprehensive code review" but only has a linting stage
- Role guidance says "collaborative" but no stages involve user interaction
- Description says "end-to-end deployment" but stops at build
- Overview says "understand intent before scanning artifacts" but Stage 1 instructions would cause an agent to read all provided documents immediately
### 3. Complexity Appropriateness
**Question:** Is this the right type and complexity level for what it does?
| Check | Why It Matters |
|-------|----------------|
| Simple tasks use simple workflow type | Over-engineering wastes tokens and time |
| Complex tasks use guided/complex workflow type | Under-engineering misses important steps |
| Number of stages matches task complexity | 15 stages for a 2-step task is wrong |
| Branching complexity matches decision space | Don't branch when linear suffices |
**Complexity test:**
- Too complex: 10-stage workflow for "format a file"
- Too simple: 2-stage workflow for "architect a microservices system"
- Just right: Complexity matches the actual decision space and output requirements
### 4. Gap & Redundancy Detection in Stages
**Question:** Are there missing or duplicated stages?
| Check | Why It Matters |
|-------|----------------|
| No missing stages in core workflow | Users shouldn't need to manually fill gaps |
| No overlapping stages doing the same work | Wastes tokens and execution time |
| Validation/review stages present where needed | Quality gates prevent bad outputs |
| Error handling or fallback stages exist | Graceful degradation matters |
**Gap detection heuristic:**
- If skill analyzes something, does it also report/act on findings?
- If skill creates something, does it also validate the creation?
- If skill has a multi-step process, are all steps covered?
- If skill produces output, is there a final assembly/formatting stage?
### 5. Dependency Graph Logic
**Question:** Are `after`, `before`, and `is-required` dependencies correct and complete?
| Check | Why It Matters |
|-------|----------------|
| `after` captures true input dependencies | Missing deps cause execution failures |
| `before` captures downstream consumers | Incorrect ordering degrades quality |
| `is-required` distinguishes hard blocks from nice-to-have ordering | Unnecessary blocks prevent parallelism |
| No circular dependencies | Execution deadlock |
| No unnecessary dependencies creating bottlenecks | Slows parallel execution |
| output-location entries match what stages actually produce | Downstream consumers rely on these declarations |
**Dependency patterns to check:**
- Stage declares `after: [X]` but doesn't actually use X's output
- Stage uses output from Y but doesn't declare `after: [Y]`
- `is-required` set to true when the dependency is actually a nice-to-have
- Ordering declared too strictly when parallel execution is possible
- Linear chain where parallel execution is possible
### 6. External Skill Integration Coherence
**Question:** How does this skill work with external skills, and is that intentional?
| Check | Why It Matters |
|-------|----------------|
| Referenced external skills fit the workflow | Random skill calls confuse the purpose |
| Skill can function standalone OR with external skills | Don't REQUIRE skills that aren't documented |
| External skill delegation follows a clear pattern | Haphazard calling suggests poor design |
| External skill outputs are consumed properly | Don't call a skill and ignore its output |
**Note:** If external skills aren't available, infer their purpose from name and usage context.
## Output Format
You will receive `{skill-path}` and `{quality-report-dir}` as inputs.
Write JSON findings to: `{quality-report-dir}/skill-cohesion-temp.json`
Output your findings using the universal schema defined in `references/universal-scan-schema.md`.
Use EXACTLY these field names: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`. Do not rename, restructure, or add fields to findings.
**Field mapping for this scanner:**
For findings (issues, gaps, redundancies, misalignments):
- `title` — Brief description (was `issue`)
- `detail` — Observation, rationale, and impact combined (merges `observation` + `rationale` + `impact`)
- `action` — Specific improvement idea (was `suggestion`)
For strengths (formerly in separate `strengths[]`):
- Use `severity: "strength"` and `category: "strength"`
- `title` — What works well
- `detail` — Why it works well
- `action` — (use empty string or "No action needed")
For creative suggestions (formerly in separate `creative_suggestions[]`):
- Use `severity: "suggestion"` and the appropriate category
- `title` — The creative idea (was `idea`)
- `detail` — Why this would strengthen the skill (was `rationale` + `estimated_impact`)
- `action` — How to implement it
All go into a single `findings[]` array.
```json
{
"scanner": "skill-cohesion",
"skill_path": "{path}",
"findings": [
{
"file": "SKILL.md",
"severity": "medium",
"category": "gap",
"title": "No validation stage after artifact creation",
"detail": "Stage 04 produces the final artifact but nothing verifies it meets the declared schema. Users would need to manually validate. This matters because invalid artifacts propagate errors downstream.",
"action": "Add a validation stage (05) that checks the artifact against the declared schema before presenting to the user."
},
{
"file": "SKILL.md",
"severity": "strength",
"category": "strength",
"title": "Excellent progressive disclosure in stage routing",
"detail": "The routing table cleanly separates entry points and each branch loads only what it needs. This keeps context lean across all paths.",
"action": ""
},
{
"file": "SKILL.md",
"severity": "suggestion",
"category": "opportunity",
"title": "Consolidate stages 02 and 03 into a single analysis stage",
"detail": "Both stages read overlapping file sets and produce similar output structures. Consolidation would reduce token cost and simplify the dependency graph. Estimated impact: high.",
"action": "Merge stage 02 (structural analysis) and 03 (content analysis) into a single stage with both checks."
}
],
"assessments": {
"cohesion_analysis": {
"stage_flow_coherence": {
"score": "strong|moderate|weak",
"notes": "Brief explanation of how well stages flow together"
},
"purpose_alignment": {
"score": "strong|moderate|weak",
"notes": "Brief explanation of why purpose fits or doesn't fit stages"
},
"complexity_appropriateness": {
"score": "appropriate|over-engineered|under-engineered",
"notes": "Is this the right level of complexity for the task?"
},
"stage_completeness": {
"score": "complete|mostly-complete|gaps-obvious",
"missing_areas": ["area1", "area2"],
"notes": "What's missing that should probably be there"
},
"redundancy_level": {
"score": "clean|some-overlap|significant-redundancy",
"consolidation_opportunities": [
{
"stages": ["stage-a", "stage-b"],
"suggested_consolidation": "How these could be combined"
}
]
},
"dependency_graph": {
"score": "sound|minor-issues|significant-issues",
"circular_deps": false,
"unnecessary_bottlenecks": [],
"missing_dependencies": [],
"notes": "Assessment of after/before/is-required correctness"
},
"output_location_alignment": {
"score": "aligned|partially-aligned|misaligned",
"undeclared_outputs": [],
"declared_but_not_produced": [],
"notes": "Do output-location entries match what stages actually produce?"
},
"external_integration": {
"external_skills_referenced": 0,
"integration_pattern": "intentional|incidental|unclear",
"notes": "How external skills fit into the overall design"
},
"user_journey_score": {
"score": "complete-end-to-end|mostly-complete|fragmented",
"broken_workflows": ["workflow that can't be completed"],
"notes": "Can the skill accomplish its stated purpose end-to-end?"
}
},
"skill_identity": {
"name": "{skill-name}",
"purpose_summary": "Brief characterization of what this skill does",
"primary_outcome": "What this skill produces",
"stage_count": 7
}
},
"summary": {
"total_findings": 0,
"by_severity": {"high": 0, "medium": 0, "low": 0, "suggestion": 0, "strength": 0},
"overall_cohesion": "cohesive|mostly-cohesive|fragmented|confused",
"single_most_important_fix": "The ONE thing that would most improve this skill"
}
}
```
Before writing output, verify: Is your array called `findings`? Does every item have `title`, `detail`, `action`? Is `assessments` an object, not items in the findings array?
## Severity Guidelines
| Severity | When to Use |
|----------|-------------|
| **high** | Glaring omission that would obviously break the workflow OR stage that completely contradicts the skill's purpose |
| **medium** | Clear gap in core workflow OR significant redundancy OR moderate misalignment |
| **low** | Minor enhancement opportunity OR edge case not covered |
| **suggestion** | Creative idea, nice-to-have, speculative improvement |
## Process
Read all skill files. Build a mental model of the skill as a whole, then evaluate against all cohesion dimensions above. Write JSON to `{quality-report-dir}/skill-cohesion-temp.json`. Return only the filename.
## Critical After Draft Output
Before finalizing, verify completeness across all dimensions and that findings tell a coherent story.
## Key Principle
You are NOT checking for syntax errors or missing fields. You are evaluating whether this skill makes sense as a coherent workflow. Think like a process engineer reviewing a pipeline: Does this flow? Is it complete? Does it fit together? Is it the right level of complexity? Be opinionated but fair — call out what works well, not just what needs improvement.
_bmad/bmb/bmad-workflow-builder/quality-scan-workflow-integrity.md
+236
View File
@@ -0,0 +1,236 @@
# Quality Scan: Workflow Integrity
You are **WorkflowIntegrityBot**, a quality engineer who validates that a skill is correctly built — everything that should exist does exist, everything is properly wired together, and the structure matches its declared type.
## Overview
You validate structural completeness and correctness across the entire skill: SKILL.md, stage prompts, and their interconnections. **Why this matters:** Structure is what the AI reads first — frontmatter determines whether the skill triggers, sections establish the mental model, stage files are the executable units, and broken references cause runtime failures. A structurally sound skill is one where the blueprint (SKILL.md) and the implementation (prompt files, references/) are aligned and complete.
This is a single unified scan that checks both the skill's skeleton (SKILL.md structure) and its organs (stage files, progression, config). Checking these together lets you catch mismatches that separate scans would miss — like a SKILL.md claiming complex workflow with routing but having no stage files, or stage files that exist but aren't referenced.
## Your Role
Read the skill's SKILL.md and all stage prompts. Verify structural completeness, naming conventions, logical consistency, and type-appropriate requirements. Return findings as structured JSON.
## Scan Targets
Find and read:
- `SKILL.md` — Primary structure and blueprint
- `*.md` prompt files at root — Stage prompt files (if complex workflow)
---
## Part 1: SKILL.md Structure
### Frontmatter (The Trigger)
| Check | Why It Matters |
|-------|----------------|
| `name` MUST match the folder name AND follows pattern `bmad-{code}-{skillname}` or `bmad-{skillname}` | Naming convention identifies module affiliation |
| `description` follows two-part format: [5-8 word summary]. [trigger clause] | Description is PRIMARY trigger mechanism — wrong format causes over-triggering or under-triggering |
| Trigger clause uses quoted specific phrases: `Use when user says 'create a PRD' or 'edit a PRD'` | Quoted phrases prevent accidental triggering on casual keyword mentions |
| Trigger clause is conservative (explicit invocation) unless organic activation is clearly intentional | Most skills should NOT fire on passing mentions — only on direct requests |
| No vague trigger language like "Use on any mention of..." or "Helps with..." | Over-broad descriptions hijack unrelated conversations |
| No extra frontmatter fields beyond name/description | Extra fields clutter metadata, may not parse correctly |
### Required Sections
| Check | Why It Matters |
|-------|----------------|
| Has `## Overview` section | Primes AI's understanding before detailed instructions — see prompt-craft scanner for depth assessment |
| Has role guidance (who/what executes this workflow) | Clarifies the executor's perspective without creating a full persona |
| Has `## On Activation` with clear activation steps | Prevents confusion about what to do when invoked |
| Sections in logical order | Scrambled sections make AI work harder to understand flow |
### Optional Sections (Valid When Purposeful)
Workflows may include Identity, Communication Style, or Principles sections if personality or tone serves the workflow's purpose. These are more common in agents but not restricted to them.
| Check | Why It Matters |
|-------|----------------|
| `## Identity` section (if present) serves a purpose | Valid when personality/tone affects workflow outcomes |
| `## Communication Style` (if present) serves a purpose | Valid when consistent tone matters for the workflow |
| `## Principles` (if present) serves a purpose | Valid when guiding values improve workflow outcomes |
| **NO `## On Exit` or `## Exiting` section** | There are NO exit hooks in the system — this section would never run |
### Language & Directness
| Check | Why It Matters |
|-------|----------------|
| No "you should" or "please" language | Direct commands work better than polite requests |
| No over-specification of obvious things | Wastes tokens, AI already knows basics |
| Instructions address the AI directly | "When activated, this workflow..." is meta — better: "When activated, load config..." |
| No ambiguous phrasing like "handle appropriately" | AI doesn't know what "appropriate" means without specifics |
### Template Artifacts (Incomplete Build Detection)
| Check | Why It Matters |
|-------|----------------|
| No orphaned `{if-complex-workflow}` conditionals | Orphaned conditional means build process incomplete |
| No orphaned `{if-simple-workflow}` conditionals | Should have been resolved during skill creation |
| No orphaned `{if-simple-utility}` conditionals | Should have been resolved during skill creation |
| No bare placeholders like `{displayName}`, `{skillName}` | Should have been replaced with actual values |
| No other template fragments (`{if-module}`, `{if-headless}`, etc.) | Conditional blocks should be removed, not left as text |
| Config variables are OK | `{user_name}`, `{communication_language}`, `{document_output_language}` are intentional runtime variables |
### Config Integration
| Check | Why It Matters |
|-------|----------------|
| Config loading present in On Activation | Config provides user preferences, language settings, project context |
| Config values used where appropriate | Hardcoded values that should come from config cause inflexibility |
---
## Part 2: Workflow Type Detection & Type-Specific Checks
Determine workflow type from SKILL.md before applying type-specific checks:
| Type | Indicators |
|------|-----------|
| Complex Workflow | Has routing logic, references stage files at root, stages table |
| Simple Workflow | Has inline numbered steps, no external stage files |
| Simple Utility | Input/output focused, transformation rules, minimal process |
### Complex Workflow
#### Stage Files
| Check | Why It Matters |
|-------|----------------|
| Each stage referenced in SKILL.md exists at skill root | Missing stage file means workflow cannot proceed — **critical** |
| All stage files at root are referenced in SKILL.md | Orphaned stage files indicate incomplete refactoring |
| Stage files use numbered prefixes (`01-`, `02-`, etc.) | Numbering establishes execution order at a glance |
| Numbers are sequential with no gaps | Gaps suggest missing or deleted stages |
| Stage file names are descriptive after the number | `01-gather-requirements.md` is clear; `01-step.md` is not |
#### Progression Conditions
| Check | Why It Matters |
|-------|----------------|
| Each stage prompt has explicit progression conditions | Without conditions, AI doesn't know when to advance — **critical** |
| Progression conditions are specific and testable | "When ready" is vague; "When all 5 fields are populated" is testable |
| Final stage has completion/output criteria | Workflow needs a defined end state |
| No circular stage references without exit conditions | Infinite loops break workflow execution |
#### Config Headers in Stage Prompts
| Check | Why It Matters |
|-------|----------------|
| Each stage prompt has config header specifying Language | AI needs to know what language to communicate in |
| Stage prompts that create documents specify Output Language | Document language may differ from communication language |
| Config header uses config variables correctly | `{communication_language}`, `{document_output_language}` |
### Simple Workflow
| Check | Why It Matters |
|-------|----------------|
| Steps are numbered sequentially | Clear execution order prevents confusion |
| Each step has a clear action | Vague steps produce unreliable behavior |
| Steps have defined outputs or state changes | AI needs to know what each step produces |
| Final step has clear completion criteria | Workflow needs a defined end state |
| No references to external stage files | Simple workflows should be self-contained inline |
### Simple Utility
| Check | Why It Matters |
|-------|----------------|
| Input format is clearly defined | AI needs to know what it receives |
| Output format is clearly defined | AI needs to know what to produce |
| Transformation rules are explicit | Ambiguous transformations produce inconsistent results |
| Edge cases for input are addressed | Unexpected input causes failures |
| No unnecessary process steps | Utilities should be direct: input → transform → output |
### Headless Mode (If Declared)
| Check | Why It Matters |
|-------|----------------|
| Headless mode setup is defined if SKILL.md declares headless capability | Headless execution needs explicit non-interactive path |
| All user interaction points have headless alternatives | Prompts for user input break headless execution |
| Default values specified for headless mode | Missing defaults cause headless execution to stall |
---
## Part 3: Logical Consistency (Cross-File Alignment)
These checks verify that the skill's parts agree with each other — catching mismatches that only surface when you look at SKILL.md and its implementation together.
| Check | Why It Matters |
|-------|----------------|
| Description matches what workflow actually does | Mismatch causes confusion when skill triggers inappropriately |
| Workflow type claim matches actual structure | Claiming "complex" but having inline steps signals incomplete build |
| Stage references in SKILL.md point to existing files | Dead references cause runtime failures |
| Activation sequence is logically ordered | Can't route to stages before loading config |
| Routing table entries (if present) match stage files | Routing to nonexistent stages breaks flow |
| SKILL.md type-appropriate sections match detected type | Missing routing logic for complex, or unnecessary stage refs for simple |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Missing stage files, missing progression conditions, circular dependencies without exit, broken references |
| **High** | Missing On Activation, vague/missing description, orphaned template artifacts, type mismatch |
| **Medium** | Naming convention violations, minor config issues, ambiguous language, orphaned stage files |
| **Low** | Style preferences, ordering suggestions, minor directness improvements |
---
## Output Format
You will receive `{skill-path}` and `{quality-report-dir}` as inputs.
Write JSON findings to: `{quality-report-dir}/workflow-integrity-temp.json`
Output your findings using the universal schema defined in `references/universal-scan-schema.md`.
Use EXACTLY these field names: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`. Do not rename, restructure, or add fields to findings.
**Field mapping for this scanner:**
- `title` — Brief description of the issue (was `issue`)
- `detail` — Why this is a problem (was `rationale`)
- `action` — Specific action to resolve (was `fix`)
```json
{
"scanner": "workflow-integrity",
"skill_path": "{path}",
"findings": [
{
"file": "SKILL.md",
"line": 42,
"severity": "critical",
"category": "progression",
"title": "Stage 03 has no progression conditions",
"detail": "Without explicit conditions, the AI does not know when to advance to the next stage, causing stalls or premature transitions.",
"action": "Add progression conditions: 'Advance when all required fields are populated and user confirms.'"
}
],
"assessments": {
"workflow_type": "complex|simple-workflow|simple-utility",
"stage_summary": {
"total_stages": 0,
"missing_stages": [],
"orphaned_stages": [],
"stages_without_progression": [],
"stages_without_config_header": []
}
},
"summary": {
"total_findings": 0,
"by_severity": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"assessment": "Brief 1-2 sentence overall assessment of workflow integrity"
}
}
```
Before writing output, verify: Is your array called `findings`? Does every item have `title`, `detail`, `action`? Is `assessments` an object, not items in the findings array?
## Process
Read SKILL.md and all prompt files. For complex workflows, also read all stage prompt files. Evaluate against all checks in Parts 1-3 above. Write JSON to `{quality-report-dir}/workflow-integrity-temp.json`. Return only the filename.
## Critical After Draft Output
Before finalizing, verify findings are complete, severity ratings are honest, and you stayed within structural validation.
_bmad/bmb/bmad-workflow-builder/references/classification-reference.md
+59
View File
@@ -0,0 +1,59 @@
# Workflow Classification Reference
Classify the skill type based on user requirements. This table is for internal use — DO NOT show to user.
## 3-Type Taxonomy
| Type | Description | Structure | When to Use |
|------|-------------|-----------|-------------|
| **Simple Utility** | Input/output building block. Headless, composable, often has scripts. | Single SKILL.md + scripts/ | Composable building block with clear input/output, single-purpose |
| **Simple Workflow** | Multi-step process contained in a single SKILL.md. Minimal or no prompt files. | SKILL.md + optional references/ | Multi-step process that fits in one file, no progressive disclosure needed |
| **Complex Workflow** | Multi-stage with progressive disclosure, numbered prompt files at root, config integration. May support headless mode. | SKILL.md (routing) + prompt stages at root + references/ | Multiple stages, long-running process, progressive disclosure, routing logic |
## Decision Tree
```
1. Is it a composable building block with clear input/output?
└─ YES → Simple Utility
└─ NO ↓
2. Can it fit in a single SKILL.md without progressive disclosure?
└─ YES → Simple Workflow
└─ NO ↓
3. Does it need multiple stages, long-running process, or progressive disclosure?
└─ YES → Complex Workflow
```
## Classification Signals
### Simple Utility Signals
- Clear input → processing → output pattern
- No user interaction needed during execution
- Other skills/workflows call it
- Deterministic or near-deterministic behavior
- Could be a script but needs LLM judgment
- Examples: JSON validator, schema checker, format converter
### Simple Workflow Signals
- 3-8 numbered steps
- User interaction at specific points
- Uses standard tools (gh, git, npm, etc.)
- Produces a single output artifact
- No need to track state across compactions
- Examples: PR creator, deployment checklist, code review
### Complex Workflow Signals
- Multiple distinct phases/stages
- Long-running (likely to hit context compaction)
- Progressive disclosure needed (too much for one file)
- Routing logic in SKILL.md dispatches to stage prompts
- Produces multiple artifacts across stages
- May support headless/autonomous mode
- Examples: agent builder, module builder, project scaffolder
## Module Context (Orthogonal)
Module context is asked for ALL types:
- **Module-based:** Part of a BMad module. Uses `bmad-{modulecode}-{skillname}` naming. Config loading includes a fallback pattern — if config is missing, the skill informs the user that the module setup skill is available and continues with sensible defaults.
- **Standalone:** Independent skill. Uses `bmad-{skillname}` naming. Config loading is best-effort — load if available, use defaults if not, no mention of a setup skill.
_bmad/bmb/bmad-workflow-builder/references/complex-workflow-patterns.md
+508
View File
@@ -0,0 +1,508 @@
# BMad Module Workflows
Advanced patterns for BMad module workflows — long-running, multi-stage processes with progressive disclosure, config integration, and compaction survival.
---
## Workflow Persona: Facilitator Model
BMad workflows treat the human operator as the expert. The agent's role is **facilitator**, not replacement.
**Principles:**
- Ask clarifying questions when requirements are ambiguous
- Present options with trade-offs, don't assume preferences
- Validate decisions before executing irreversible actions
- The operator knows their domain; the workflow knows the process
**Example voice:**
```markdown
## Discovery
I found 3 API endpoints that could handle this. Which approach fits your use case?
**Option A**: POST /bulk-import — Faster, but no validation until complete
**Option B**: POST /validate + POST /import — Slower, but catches errors early
**Option C**: Streaming import — Best of both, requires backend support
Which would you prefer?
```
---
## Config Reading and Integration
Workflows read config values from `{project-root}/_bmad/config.yaml` and `config.user.yaml`. The loading behavior differs based on whether the skill is part of a module or standalone.
### Config Loading Pattern
**Module-based skills** — load config with fallback and setup skill awareness:
```
Load config from {project-root}/_bmad/config.yaml ({module-code} section) and config.user.yaml.
If config is missing:
- Inform the user that the module setup skill ({module-setup-skill}) is available for initial setup
- Continue with sensible fallback values for each variable
```
**Standalone skills** — load config best-effort:
```
Load config from {project-root}/_bmad/config.yaml and config.user.yaml if available.
If config is missing:
- Continue with fallback values — no mention of a setup skill
```
Store config values in memory as `{var_name}` for use in prompts.
### Required Core Variables
Load core config variables (user preferences, language, output locations) with sensible defaults. If the workflow creates documents, include document output language.
**Example for BMB workflow (creates documents, has output var):**
```
vars: user_name:BMad,communication_language:English,document_output_language:English,output_folder:{project-root}/_bmad-output,bmad_builder_output_folder:{project-root}/bmad-builder-creations/
```
**Example for analysis workflow (no documents, has output var):**
```
vars: user_name:BMad,communication_language:English,output_folder:{project-root}/_bmad-output,analysis_output_folder:{project-root}/_bmad-output/analysis/
```
**Example for processing workflow (no documents, no output var):**
```
vars: user_name:BMad,communication_language:English,output_folder:{project-root}/_bmad-output
```
### Using Config Values in Prompts
Each prompt file should establish communication language and relevant output settings at the top.
**Use throughout prompts:**
```markdown
"Creating documentation in {document_output_language}..." ← ONLY if creates documents
"Writing output to {bmad_builder_output_folder}/report.md" ← ONLY if has output var
"Connecting to API at {my_module_api_url}..."
```
---
## {project_root} Pattern for Portable Paths
Artifacts MUST use `{project_root}` for paths so the skill works regardless of install location (user directory or project).
### Path Pattern
```
{project_root}/docs/foo.md → Correct (portable)
./docs/foo.md → Wrong (breaks if skill in user dir)
~/my-project/docs/foo.md → Wrong (not portable)
/bizarre/absolute/path/foo.md → Wrong (not portable)
```
### Writing Artifacts
```markdown
1. Create the artifact at {project_root}/docs/architecture.md
2. Update {project_root}/CHANGELOG.md with entry
3. Copy template to {project_root}/.bmad-cache/template.md
```
### {project_root} Resolution
`{project_root}` is automatically resolved to the directory where the workflow was launched. This ensures:
- Skills work whether installed globally or per-project
- Multiple projects can use the same skill without conflict
- Artifact paths are always relative to the active project
---
## Long-Running Workflows: Compaction Survival
Workflows that run long (many steps, large context) may trigger context compaction. Critical state MUST be preserved in output files.
### The Document-Itself Pattern
**The output document is the cache.** Write directly to the file you're creating, updating it progressively as the workflow advances.
The document stores both content and context:
- **YAML front matter** — paths to input files used (for recovery after compaction)
- **Draft sections** — progressive content as it's built
- **Status marker** — which stage is complete (for resumption)
This avoids:
- File collisions when working on multiple PRDs/research projects simultaneously
- Extra `_bmad-cache` folder overhead
- State synchronization complexity
### Draft Document Structure
```markdown
---
title: "Analysis: Research Topic"
status: "analysis" # discovery | planning | analysis | synthesis | polish
inputs:
- "{project_root}/docs/brief.md"
- "{project_root}/data/sources.json"
created: "2025-03-02T10:00:00Z"
updated: "2025-03-02T11:30:00Z"
---
# Analysis: Research Topic
## Discovery
[content from stage 1...]
## Analysis
[content from stage 2...]
---
*Last updated: Stage 2 complete*
```
### Input Tracking Pattern
**Stage 1: Initialize document with inputs**
```markdown
## Stage 1: Discovery
1. Gather sources and identify input files
2. Create output document with YAML front matter:
```yaml
---
title: "{document_title}"
status: "discovery"
inputs:
- "{relative_path_to_input_1}"
- "{relative_path_to_input_2}"
created: "{timestamp}"
updated: "{timestamp}"
---
```
3. Write discovery content to document
4. Present summary to user
```
**Stage 2+: Reload context if compacted**
Each stage after the first should begin by reading the output document to recover context. If compacted, re-read input files listed in the YAML front matter.
```markdown
## Stage 1: Research
1. Gather sources
2. **Write findings to {project_root}/docs/research-topic.md**
3. Present summary to user
## Stage 2: Analysis
1. **Read {project_root}/docs/research-topic.md** (survives compaction)
2. Analyze patterns
3. **Append/insert analysis into the same file**
## Stage 3: Synthesis
1. Read the growing document
2. Synthesize into final structure
3. **Update the same file in place**
## Stage 4: Final Polish
1. Spawn a subagent to polish the completed document:
- Cohesion check
- Redundancy removal
- Contradiction detection and fixes
- Add TOC if long document
2. Write final version to {project_root}/docs/research-topic.md
```
### When to Use This Pattern
**Guided flows with long documents:** Always write updates to the document itself at each stage.
**Yolo flows with multiple turns:** If the workflow takes multiple conversational turns, write to the output file progressively.
**Single-pass yolo:** Can wait to write final output if the entire response fits in one turn.
### Progressive Document Structure
Each stage appends to or restructures the document:
```markdown
## Initial Stage
# Document Title
## Section 1: Initial Research
[content...]
---
## Second Stage (reads file, appends)
# Document Title
## Section 1: Initial Research
[existing content...]
## Section 2: Analysis
[new content...]
---
## Third Stage (reads file, restructures)
# Document Title
## Executive Summary
[ synthesized from sections ]
## Background
[ section 1 content ]
## Analysis
[ section 2 content ]
```
### Final Polish Subagent
At workflow completion, spawn a subagent for final quality pass:
```markdown
## Final Polish
Launch a general-purpose agent with:
```
Task: Polish {output_file_path}
Actions:
1. Check cohesion - do sections flow logically?
2. Find and remove redundancy
3. Detect contradictions and fix them
4. If document is >5 sections, add a TOC at the top
5. Ensure consistent formatting and tone
Write the polished version back to the same file.
```
### Compaction Recovery Pattern
Each stage after the first should begin by reading the output document to recover context. If compacted, re-read input files listed in the YAML front matter.
### When NOT to Use This Pattern
- **Short, single-turn outputs:** Just write once at the end
- **Purely conversational workflows:** No persistent document needed
- **Multiple independent artifacts:** Each gets its own file; write each directly
---
## Sequential Progressive Disclosure
Place numbered prompt files at the skill root when:
- Multi-phase workflow with ordered questions
- Input of one phase affects the next
- User requires specific sequence
- Workflow is long-running and stages shouldn't be visible upfront
### Prompt File Structure
```
my-workflow/
├── SKILL.md
├── 01-discovery.md # Stage 1: Gather requirements, start output doc
├── 02-planning.md # Stage 2: Create plan (uses discovery output)
├── 03-execution.md # Stage 3: Execute (uses plan, updates output)
├── 04-review.md # Stage 4: Review and polish final output
└── references/
└── stage-templates.md
```
### Progression Conditions
Each prompt file specifies when to proceed:
```markdown
# 02-planning.md
## Prerequisites
- Discovery complete (output doc exists and has discovery section)
- User approved scope (user confirmed: proceed)
## On Activation
1. Read the output doc to get discovery context
2. Generate plan based on discovered requirements
3. **Append/insert plan section into the output doc**
4. Present plan summary to user
## Progression Condition
Proceed to execution stage when user confirms: "Proceed with plan" OR user provides modifications
## On User Approval
Route to 03-execution.md
```
### SKILL.md Routes to Prompt Files
Main SKILL.md is minimal — just routing logic:
```markdown
## Workflow Entry
1. Load config from {project-root}/_bmad/bmb/config.yaml
2. Check if workflow in progress:
- If output doc exists (user specifies path or we prompt):
- Read doc to determine current stage
- Resume from last completed section
- Else: Start at 01-discovery.md
3. Route to appropriate prompt file based on stage
```
### When NOT to Use Separate Prompt Files
Keep inline in SKILL.md when:
- Simple skill (session-long context fits)
- Well-known domain tool usage
- Single-purpose utility
- All stages are independent or can be visible upfront
---
## Module Metadata Reference
BMad module workflows require extended frontmatter metadata. See `references/metadata-reference.md` for the metadata template, field explanations, and comparisons between standalone skills and module workflows.
---
## Workflow Architecture Checklist
Before finalizing a BMad module workflow, verify:
- [ ] **Facilitator persona**: Does the workflow treat the operator as expert?
- [ ] **Config integration**: Are language, output locations, and module props read and used?
- [ ] **Portable paths**: All artifact paths use `{project_root}`?
- [ ] **Continuous output**: Does each stage write to the output document directly (survives compaction)?
- [ ] **Document-as-cache**: Output doc has YAML front matter with `status` and `inputs` for recovery?
- [ ] **Input tracking**: Does front matter list relative paths to all input files used?
- [ ] **Final polish**: Does workflow include a subagent polish step at the end?
- [ ] **Progressive disclosure**: Are stages in `./references/` with clear progression conditions?
- [ ] **Metadata complete**: All bmad-* fields present and accurate?
- [ ] **Recovery pattern**: Can the workflow resume by reading the output doc front matter?
---
## Example: Complete BMad Workflow Skeleton
```
my-module-workflow/
├── SKILL.md # Routing + entry logic
├── 01-discovery.md # Gather requirements
├── 02-planning.md # Create plan
├── 03-execution.md # Execute
├── 04-review.md # Review results
├── references/
│ └── templates.md # Stage templates
└── scripts/
└── validator.sh # Output validation
```
**SKILL.md** (minimal routing):
```yaml
---
name: bmad-mymodule-workflow
description: Complex multi-stage workflow for my module. Use when user requests to 'run my module workflow' or 'create analysis report'.
---
## Workflow Entry
1. Load config from `{project-root}/_bmad/config.yaml` (`mymod` section) and `config.user.yaml`. If config is missing, inform that `bmad-mymodule-setup` is available for initial setup, then continue with fallbacks:
- `user_name` — fallback: omit
- `communication_language` — fallback: match the user's language
- `document_output_language` — fallback: match the user's language
- `my_output_folder` — fallback: `{project-root}/_bmad-output/mymodule`
2. Ask user for output document path (or suggest {my_output_folder}/analysis-{timestamp}.md)
3. Check if doc exists:
- If yes: read to determine current stage, resume
- If no: start at 01-discovery.md
4. Route to appropriate prompt file based on stage
```
**01-discovery.md**:
```markdown
Language: {communication_language}
Output Language: {document_output_language}
Output Location: {my_output_folder}
## Discovery
1. What are we building?
2. What are the constraints?
3. What input files should we reference?
**Create**: {output_doc_path} with:
```markdown
---
title: "Analysis: {topic}"
status: "discovery"
inputs:
- "{relative_path_to_input_1}"
- "{relative_path_to_input_2}"
created: "{timestamp}"
updated: "{timestamp}"
---
# Analysis: {topic}
## Discovery
[findings...]
---
*Status: Stage 1 complete*
```
## Progression
When complete → 02-planning.md
```
**02-planning.md**:
```markdown
Language: {communication_language}
Output Language: {document_output_language}
## Planning Start
1. Read {output_doc_path}
2. Parse YAML front matter — reload all `inputs` to restore context
3. Verify status is "discovery"
## Planning
1. Generate plan based on discovery
2. Update {output_doc_path}:
- Update status to "planning"
- Append planning section
## Progression
When complete → 03-execution.md
```
**04-review.md**:
```markdown
Language: {communication_language}
Output Language: {document_output_language}
## Final Polish
1. Read the complete output doc
2. Launch a general-purpose agent:
```
Task: Polish {output_doc_path}
Actions:
1. Check cohesion - do sections flow logically?
2. Find and remove redundancy
3. Detect contradictions and fix them
4. If document is >5 sections, add a TOC at the top
5. Ensure consistent formatting and tone
6. Update YAML status to "complete" and remove draft markers
Write the polished version back to the same file.
```
## Progression
When complete → present final result to user
```
_bmad/bmb/bmad-workflow-builder/references/quality-dimensions.md
+45
View File
@@ -0,0 +1,45 @@
# Quality Dimensions — Quick Reference
Six dimensions to keep in mind when building skills. The quality scanners check these automatically during optimization — this is a mental checklist for the build phase.
## 1. Informed Autonomy
The executing agent needs enough context to make judgment calls when situations don't match the script. The Overview section establishes this: domain framing, theory of mind, design rationale.
- Simple utilities need minimal context — input/output is self-explanatory
- Interactive/complex workflows need domain understanding, user perspective, and rationale for non-obvious choices
- When in doubt, explain *why* — an agent that understands the mission improvises better than one following blind steps
## 2. Intelligence Placement
Scripts handle plumbing (fetch, transform, validate). Prompts handle judgment (interpret, classify, decide).
**Test:** If a script contains an `if` that decides what content *means*, intelligence has leaked.
**Reverse test:** If a prompt validates structure, counts items, parses known formats, compares against schemas, or checks file existence — determinism has leaked into the LLM. That work belongs in a script. Scripts have access to full bash, Python with standard library plus PEP 723 dependencies, and system tools — think broadly about what can be offloaded.
## 3. Progressive Disclosure
SKILL.md stays focused. Detail goes where it belongs.
- Stage instructions → `./references/`
- Reference data, schemas, large tables → `./references/`
- Templates, config files → `./assets/`
- Multi-branch SKILL.md under ~250 lines: fine as-is
- Single-purpose up to ~500 lines: acceptable if focused
## 4. Description Format
Two parts: `[5-8 word summary]. [Use when user says 'X' or 'Y'.]`
Default to conservative triggering. See `./references/standard-fields.md` for full format and examples.
## 5. Path Construction
Only use `{project-root}` for `_bmad` paths. Config variables used directly — they already contain `{project-root}`.
See `./references/standard-fields.md` for correct/incorrect patterns.
## 6. Token Efficiency
Remove genuine waste (repetition, defensive padding, meta-explanation). Preserve context that enables judgment (domain framing, theory of mind, design rationale). These are different things — the prompt-craft scanner distinguishes between them.
_bmad/bmb/bmad-workflow-builder/references/script-opportunities-reference.md
+349
View File
@@ -0,0 +1,349 @@
# Script Opportunities Reference — Workflow Builder
## Core Principle
Scripts handle deterministic operations (validate, transform, count). Prompts handle judgment (interpret, classify, decide). If a check has clear pass/fail criteria, it belongs in a script.
---
## Section 1: How to Spot Script Opportunities
### The Determinism Test
Ask two questions about any operation:
1. **Given identical input, will it always produce identical output?** If yes, it's a script candidate.
2. **Could you write a unit test with expected output?** If yes, it's definitely a script.
**Script territory:** The operation has no ambiguity — same input, same result, every time.
**Prompt territory:** The operation requires interpreting meaning, tone, or context — reasonable people could disagree on the output.
### The Judgment Boundary
| Scripts Handle | Prompts Handle |
|----------------|----------------|
| Fetch | Interpret |
| Transform | Classify (with ambiguity) |
| Validate | Create |
| Count | Decide (with incomplete info) |
| Parse | Evaluate quality |
| Compare | Synthesize meaning |
| Extract | Assess tone/style |
| Format | Generate recommendations |
| Check structure | Weigh tradeoffs |
### Pattern Recognition Checklist
When you see these verbs or patterns in a workflow's requirements, think scripts first:
| Signal Verb / Pattern | Script Type | Example |
|----------------------|-------------|---------|
| validate | Validation script | "Validate frontmatter fields exist" |
| count | Metric script | "Count tokens per file" |
| extract | Data extraction | "Extract all config variable references" |
| convert / transform | Transformation script | "Convert stage definitions to graph" |
| compare | Comparison script | "Compare prompt frontmatter vs SKILL.md references" |
| scan for | Pattern scanning | "Scan for orphaned template artifacts" |
| check structure | File structure checker | "Check skill directory has required files" |
| against schema | Schema validation | "Validate output against JSON schema" |
| graph / map dependencies | Dependency analysis | "Map skill-to-skill dependencies" |
| list all | Enumeration script | "List all resource files loaded by prompts" |
| detect pattern | Pattern detector | "Detect subagent delegation patterns" |
| diff / changes between | Diff analysis | "Show what changed between versions" |
### The Outside-the-Box Test
Scripts are not limited to validation. Push your thinking:
- **Data gathering as script:** Could a script collect structured data (file sizes, dependency lists, config values) and return JSON for the LLM to interpret? The LLM gets pre-digested facts instead of reading raw files.
- **Pre-processing:** Could a script reduce what the LLM needs to read? Extract only the relevant sections, strip boilerplate, summarize structure.
- **Post-processing validation:** Could a script validate LLM output after generation? Check that generated YAML parses, that referenced files exist, that naming conventions are followed.
- **Metric collection:** Could scripts count, measure, and tabulate so the LLM makes decisions based on numbers it didn't have to compute? Token counts, file counts, complexity scores — feed these to LLM judgment without making the LLM count.
- **Workflow stage analysis:** Could a script parse stage definitions and progression conditions, giving the LLM a structural map without it needing to parse markdown?
### Your Toolbox
Scripts have access to the full capabilities of the execution environment. Think broadly — if you can express the logic as deterministic code, it's a script candidate.
**Bash:** Full shell power — `jq`, `grep`, `awk`, `sed`, `find`, `diff`, `wc`, `sort`, `uniq`, `curl`, plus piping and composition. Great for file discovery, text processing, and orchestrating other scripts.
**Python:** The entire standard library — `json`, `yaml`, `pathlib`, `re`, `argparse`, `collections`, `difflib`, `ast`, `csv`, `xml.etree`, `textwrap`, `dataclasses`, and more. Plus PEP 723 inline-declared dependencies for anything else: `tiktoken` for accurate token counting, `jsonschema` for schema validation, `pyyaml` for YAML parsing, etc.
**System tools:** `git` commands for history, diff, blame, and log analysis. Filesystem operations for directory scanning and structure validation. Process execution for orchestrating multi-script pipelines.
### The --help Pattern
All scripts use PEP 723 metadata and implement `--help`. This creates a powerful integration pattern for prompts:
Instead of inlining a script's interface details into a prompt, the prompt can simply say:
> Run `scripts/foo.py --help` to understand its inputs and outputs, then invoke appropriately.
This saves tokens in the prompt and keeps a single source of truth for the script's API. When a script's interface changes, the prompt doesn't need updating — `--help` always reflects the current contract.
---
## Section 2: Script Opportunity Catalog
Each entry follows the format: What it does, Why it matters for workflows, What it checks, What it outputs, and Implementation notes.
---
### 1. Frontmatter Validator
**What:** Validate SKILL.md frontmatter structure and content.
**Why:** Frontmatter drives skill triggering and routing. Malformed frontmatter means the skill never activates or activates incorrectly.
**Checks:**
- `name` exists and is kebab-case
- `description` exists and follows "Use when..." pattern
- No forbidden fields or reserved prefixes
- Optional fields have valid values if present
**Output:** JSON with pass/fail per field, line numbers for errors.
**Implementation:** Python with argparse, no external deps needed. Parse YAML frontmatter between `---` delimiters.
---
### 2. Template Artifact Scanner
**What:** Scan all skill files for orphaned template substitution artifacts.
**Why:** The build process may leave behind `{if-autonomous}`, `{displayName}`, `{skill-name}`, or other placeholders that should have been replaced. These cause runtime confusion.
**Checks:**
- Scan all `.md` files for `{placeholder}` patterns
- Distinguish real config variables (loaded at runtime) from build-time artifacts
- Flag any that don't match known runtime variables
**Output:** JSON with file path, line number, artifact text, and whether it looks intentional.
**Implementation:** Bash script with `grep` and `jq` for JSON output, or Python with regex.
---
### 3. Prompt Frontmatter Comparator
**What:** Compare prompt file frontmatter against SKILL.md stage references.
**Why:** Misalignment between prompts and SKILL.md causes routing failures — the skill references a stage it can't deliver, or has a prompt that's never reachable.
**Checks:**
- Every prompt file at root has frontmatter with `name`, `description`, `menu-code`
- Every stage referenced in SKILL.md has a corresponding prompt file
- Flag orphaned prompts not referenced in SKILL.md
**Output:** JSON with mismatches, missing files, orphaned prompts.
**Implementation:** Python, reads SKILL.md and all prompt `.md` files at skill root.
---
### 4. Token Counter
**What:** Count approximate token counts for each file in a skill.
**Why:** Identify verbose files that need optimization. Catch skills that exceed context window budgets. Understand where token budget is spent across prompts, resources, and the SKILL.md.
**Checks:**
- Total tokens per `.md` file (approximate: chars / 4, or accurate via tiktoken)
- Code block tokens vs prose tokens
- Cumulative token cost of full skill activation (SKILL.md + loaded resources + initial prompt)
**Output:** JSON with file path, token count, percentage of total, and a sorted ranking.
**Implementation:** Python. Use `tiktoken` (PEP 723 dependency) for accuracy, or fall back to character approximation.
---
### 5. Dependency Graph Generator
**What:** Map dependencies between the current skill and external skills it invokes.
**Why:** Understand the skill's dependency surface. Catch references to skills that don't exist or have been renamed.
**Checks:**
- Parse SKILL.md and prompts for skill invocation patterns (`invoke`, `load`, skill name references)
- Build a dependency list with direction (this skill depends on X, Y depends on this skill)
**Output:** JSON adjacency list or DOT format (GraphViz). Include whether each dependency is required or optional.
**Implementation:** Python with regex for invocation pattern detection.
---
### 6. Stage Flow Analyzer
**What:** Parse multi-stage workflow definitions to extract stage ordering, progression conditions, and routing logic.
**Why:** Complex workflows define stages with specific progression conditions. Misaligned stage ordering, missing progression gates, or unreachable stages cause workflow failures that are hard to debug at runtime.
**Checks:**
- Extract all defined stages from SKILL.md and prompt files
- Verify each stage has a clear entry condition and exit/progression condition
- Detect unreachable stages (no path leads to them)
- Detect dead-end stages (no progression and not marked as terminal)
- Validate stage ordering matches the documented flow
- Check for circular stage references
**Output:** JSON with stage list, progression map, and structural warnings.
**Implementation:** Python with regex for stage/condition extraction from markdown.
---
### 7. Config Variable Tracker
**What:** Find all `{var}` references across skill files and verify they are loaded or defined.
**Why:** Unresolved config variables cause runtime errors or produce literal `{var_name}` text in outputs. This is especially common after refactoring or renaming variables.
**Checks:**
- Scan all `.md` files for `{variable_name}` patterns
- Cross-reference against variables defined in `{project-root}/_bmad/config.yaml`
- Distinguish template variables from literal text in code blocks
- Flag undefined variables and unused loaded variables
**Output:** JSON with variable name, locations where used, and whether it's defined/loaded.
**Implementation:** Python with regex scanning and config file parsing.
---
### 8. Resource Loading Analyzer
**What:** Map which resources are loaded at which point during skill execution.
**Why:** Resources loaded too early waste context. Resources never loaded are dead weight in the skill directory. Understanding the loading sequence helps optimize token budget.
**Checks:**
- Parse SKILL.md and prompts for `Load resource` / `Read` / file reference patterns
- Map each resource to the stage/prompt where it's first loaded
- Identify resources in `references/` that are never referenced
- Identify resources referenced but missing from `references/`
- Calculate cumulative token cost at each loading point
**Output:** JSON with resource file, loading trigger (which prompt/stage), and orphan/missing flags.
**Implementation:** Python with regex for load-pattern detection and directory scanning.
---
### 9. Subagent Pattern Detector
**What:** Detect whether a skill that processes multiple sources uses the BMad Advanced Context Pattern (subagent delegation).
**Why:** Skills processing 5+ sources without subagent delegation risk context overflow and degraded output quality. This pattern is required for high-source-count workflows.
**Checks:**
- Count distinct source/input references in the skill
- Look for subagent delegation patterns: "DO NOT read sources yourself", "delegate to sub-agents", `/tmp/analysis-` temp file patterns
- Check for sub-agent output templates (50-100 token summaries)
- Flag skills with 5+ sources that lack the pattern
**Output:** JSON with source count, pattern found/missing, and recommendations.
**Implementation:** Python with keyword search and context extraction.
---
### 10. Prompt Chain Validator
**What:** Trace the chain of prompt loads through a workflow and verify every path is valid.
**Why:** Workflows route between prompts based on user intent and stage progression. A broken link in the chain — a `Load foo.md` where `foo.md` doesn't exist — halts the workflow.
**Checks:**
- Extract all `Load *.md` prompt references from SKILL.md and every prompt file
- Verify each referenced prompt file exists
- Build a reachability map from SKILL.md entry points
- Flag prompts that exist but are unreachable from any entry point
**Output:** JSON with prompt chain map, broken links, and unreachable prompts.
**Implementation:** Python with regex extraction and file existence checks.
---
### 11. Skill Health Check (Composite)
**What:** Run all available validation scripts and aggregate results into a single report.
**Why:** One command to assess overall skill quality. Useful as a build gate or pre-commit check.
**Composition:** Runs scripts 1-10 in sequence, collects JSON outputs, aggregates findings by severity.
**Output:** Unified JSON health report with per-script results and overall status.
**Implementation:** Bash script orchestrating Python scripts, `jq` for JSON aggregation. Or a Python orchestrator using `subprocess`.
---
### 12. Skill Comparison Validator
**What:** Compare two versions of a skill (or two skills) for structural differences.
**Why:** Validate that changes during iteration didn't break structure. Useful for reviewing edits, comparing before/after optimization, or diffing a skill against a template.
**Checks:**
- Frontmatter changes
- New or removed prompt files
- Token count changes per file
- Stage flow changes (for workflows)
- Resource additions/removals
**Output:** JSON with categorized changes and severity assessment.
**Implementation:** Bash with `git diff` or file comparison, Python for structural analysis.
---
## Section 3: Script Output Standard and Implementation Checklist
### Script Output Standard
All scripts MUST output structured JSON for agent consumption:
```json
{
"script": "script-name",
"version": "1.0.0",
"skill_path": "/path/to/skill",
"timestamp": "2025-03-08T10:30:00Z",
"status": "pass|fail|warning",
"findings": [
{
"severity": "critical|high|medium|low|info",
"category": "structure|security|performance|consistency",
"location": {"file": "SKILL.md", "line": 42},
"issue": "Clear description",
"fix": "Specific action to resolve"
}
],
"summary": {
"total": 0,
"critical": 0,
"high": 0,
"medium": 0,
"low": 0
}
}
```
### Implementation Checklist
When creating new validation scripts:
- [ ] Uses `--help` for documentation (PEP 723 metadata)
- [ ] Accepts skill path as argument
- [ ] `-o` flag for output file (defaults to stdout)
- [ ] Writes diagnostics to stderr
- [ ] Returns meaningful exit codes: 0=pass, 1=fail, 2=error
- [ ] Includes `--verbose` flag for debugging
- [ ] Self-contained (PEP 723 for Python dependencies)
- [ ] No interactive prompts
- [ ] No network dependencies
- [ ] Outputs valid JSON to stdout
- [ ] Has tests in `scripts/tests/` subfolder
_bmad/bmb/bmad-workflow-builder/references/skill-best-practices.md
+109
View File
@@ -0,0 +1,109 @@
# Skill Authoring Best Practices
For field definitions and description format, see `./references/standard-fields.md`. For quality dimensions, see `./references/quality-dimensions.md`.
## Core Philosophy: Outcome-Based Authoring
Skills should describe **what to achieve**, not **how to achieve it**. The LLM is capable of figuring out the approach — it needs to know the goal, the constraints, and the why.
**The test for every instruction:** Would removing this cause the LLM to produce a worse outcome? If the LLM would do it anyway — or if it's just spelling out mechanical steps — cut it.
### Outcome vs Prescriptive
| Prescriptive (avoid) | Outcome-based (prefer) |
|---|---|
| "Step 1: Ask about goals. Step 2: Ask about constraints. Step 3: Summarize and confirm." | "Ensure the user's vision is fully captured — goals, constraints, and edge cases — before proceeding." |
| "Load config. Read user_name. Read communication_language. Greet the user by name in their language." | "Load available config and greet the user appropriately." |
| "Create a file. Write the header. Write section 1. Write section 2. Save." | "Produce a report covering X, Y, and Z." |
The prescriptive versions miss requirements the author didn't think of. The outcome-based versions let the LLM adapt to the actual situation.
### Why This Works
- **Why over what** — When you explain why something matters, the LLM adapts to novel situations. When you just say what to do, it follows blindly even when it shouldn't.
- **Context enables judgment** — Give domain knowledge, constraints, and goals. The LLM figures out the approach. It's better at adapting to messy reality than any script you could write.
- **Prescriptive steps create brittleness** — When reality doesn't match the script, the LLM either follows the wrong script or gets confused. Outcomes let it adapt.
- **Every instruction should carry its weight** — If the LLM would do it anyway, the instruction is noise. If the LLM wouldn't know to do it without being told, that's signal.
### When Prescriptive Is Right
Reserve exact steps for **fragile operations** where getting it wrong has consequences — script invocations, exact file paths, specific CLI commands, API calls with precise parameters. These need low freedom because there's one right way to do them.
| Freedom | When | Example |
|---------|------|---------|
| **High** (outcomes) | Multiple valid approaches, LLM judgment adds value | "Ensure the user's requirements are complete" |
| **Medium** (guided) | Preferred approach exists, some variation OK | "Present findings in a structured report with an executive summary" |
| **Low** (exact) | Fragile, one right way, consequences for deviation | `python3 scripts/scan-path-standards.py {skill-path}` |
## Patterns
These are patterns that naturally emerge from outcome-based thinking. Apply them when they fit — they're not a checklist.
### Soft Gate Elicitation
At natural transitions, invite contribution without demanding it: "Anything else, or shall we move on?" Users almost always remember one more thing when given a graceful exit ramp. This produces richer artifacts than rigid section-by-section questioning.
### Intent-Before-Ingestion
Understand why the user is here before scanning documents or project context. Intent gives you the relevance filter — without it, scanning is noise.
### Capture-Don't-Interrupt
When users provide information beyond the current scope, capture it for later rather than redirecting. Users in creative flow share their best insights unprompted — interrupting loses them.
### Dual-Output: Human Artifact + LLM Distillate
Artifact-producing skills can output both a polished human-facing document and a token-efficient distillate for downstream LLM consumption. The distillate captures overflow, rejected ideas, and detail that doesn't belong in the human doc but has value for the next workflow. Always optional.
### Parallel Review Lenses
Before finalizing significant artifacts, fan out reviewers with different perspectives — skeptic, opportunity spotter, domain-specific lens. If subagents aren't available, do a single critical self-review pass. Multiple perspectives catch blind spots no single reviewer would.
### Three-Mode Architecture (Guided / Yolo / Headless)
Consider whether the skill benefits from multiple execution modes:
| Mode | When | Behavior |
|------|------|----------|
| **Guided** | Default | Conversational discovery with soft gates |
| **Yolo** | "just draft it" | Ingest everything, draft complete artifact, then refine |
| **Headless** | `--headless` / `-H` | Complete the task without user input, using sensible defaults |
Not all skills need all three. But considering them during design prevents locking into a single interaction model.
### Graceful Degradation
Every subagent-dependent feature should have a fallback path. A skill that hard-fails without subagents is fragile — one that falls back to sequential processing works everywhere.
### Verifiable Intermediate Outputs
For complex tasks with consequences: plan → validate → execute → verify. Create a verifiable plan before executing, validate with scripts where possible. Catches errors early and makes the work reversible.
## Writing Guidelines
- **Consistent terminology** — one term per concept, stick to it
- **Third person** in descriptions — "Processes files" not "I help process files"
- **Descriptive file names**`form_validation_rules.md` not `doc2.md`
- **Forward slashes** in all paths — cross-platform
- **One level deep** for reference files — SKILL.md → reference.md, never chains
- **TOC for long files** — >100 lines
## Anti-Patterns
| Anti-Pattern | Fix |
|---|---|
| Numbered steps for things the LLM would figure out | Describe the outcome and why it matters |
| Explaining how to load config (the mechanic) | List the config keys and their defaults (the outcome) |
| Prescribing exact greeting/menu format | "Greet the user and present capabilities" |
| Spelling out headless mode in detail | "If headless, complete without user input" |
| Too many options upfront | One default with escape hatch |
| Deep reference nesting (A→B→C) | Keep references 1 level from SKILL.md |
| Inconsistent terminology | Choose one term per concept |
| Scripts that classify meaning via regex | Intelligence belongs in prompts, not scripts |
## Scripts in Skills
- **Execute vs reference** — "Run `analyze.py`" (execute) vs "See `analyze.py` for the algorithm" (read)
- **Document constants** — explain why `TIMEOUT = 30`, not just what
- **PEP 723 for Python** — self-contained with inline dependency declarations
- **MCP tools** — use fully qualified names: `ServerName:tool_name`
_bmad/bmb/bmad-workflow-builder/references/standard-fields.md
+129
View File
@@ -0,0 +1,129 @@
# Standard Workflow/Skill Fields
## Frontmatter Fields
Only these fields go in the YAML frontmatter block:
| Field | Description | Example |
|-------|-------------|---------|
| `name` | Full skill name (kebab-case, same as folder name) | `bmad-workflow-builder`, `bmad-validate-json` |
| `description` | [5-8 word summary]. [Use when user says 'X' or 'Y'.] | See Description Format below |
## Content Fields (All Types)
These are used within the SKILL.md body — never in frontmatter:
| Field | Description | Example |
|-------|-------------|---------|
| `role-guidance` | Brief expertise primer | "Act as a senior DevOps engineer" |
| `module-code` | Module code (if module-based) | `bmb`, `cis` |
## Simple Utility Fields
| Field | Description | Example |
|-------|-------------|---------|
| `input-format` | What it accepts | JSON file path, stdin text |
| `output-format` | What it returns | Validated JSON, error report |
| `standalone` | Fully standalone, no config needed? | true/false |
| `composability` | How other skills use it | "Called by quality scanners for validation" |
## Simple Workflow Fields
| Field | Description | Example |
|-------|-------------|---------|
| `steps` | Numbered inline steps | "1. Load config 2. Read input 3. Process" |
| `tools-used` | CLIs/tools/scripts | gh, jq, python scripts |
| `output` | What it produces | PR, report, file |
## Complex Workflow Fields
| Field | Description | Example |
|-------|-------------|---------|
| `stages` | Named numbered stages | "01-discover, 02-plan, 03-build" |
| `progression-conditions` | When stages complete | "User approves outline" |
| `headless-mode` | Supports autonomous? | true/false |
| `config-variables` | Beyond core vars | `planning_artifacts`, `output_folder` |
| `output-artifacts` | What it creates (output-location) | "PRD document", "agent skill" |
## Overview Section Format
The Overview is the first section after the title — it primes the AI for everything that follows.
**3-part formula:**
1. **What** — What this workflow/skill does
2. **How** — How it works (approach, key stages)
3. **Why/Outcome** — Value delivered, quality standard
**Templates by skill type:**
**Complex Workflow:**
```markdown
This skill helps you {outcome} through {approach}. Act as {role-guidance}, guiding users through {key stages}. Your output is {deliverable}.
```
**Simple Workflow:**
```markdown
This skill {what it does} by {approach}. Act as {role-guidance}. Use when {trigger conditions}. Produces {output}.
```
**Simple Utility:**
```markdown
This skill {what it does}. Use when {when to use}. Returns {output format} with {key feature}.
```
## SKILL.md Description Format
The frontmatter `description` is the PRIMARY trigger mechanism — it determines when the AI invokes this skill. Most BMad skills are **explicitly invoked** by name (`/skill-name` or direct request), so descriptions should be conservative to prevent accidental triggering.
**Format:** Two parts, one sentence each:
```
[What it does in 5-8 words]. [Use when user says 'specific phrase' or 'specific phrase'.]
```
**The trigger clause** uses one of these patterns depending on the skill's activation style:
- **Explicit invocation (default):** `Use when the user requests to 'create a PRD' or 'edit an existing PRD'.` — Quotes around specific phrases the user would actually say. Conservative — won't fire on casual mentions.
- **Organic/reactive:** `Trigger when code imports anthropic SDK, or user asks to use Claude API.` — For lightweight skills that should activate on contextual signals, not explicit requests.
**Examples:**
Good (explicit): `Builds workflows and skills through conversational discovery. Use when the user requests to 'build a workflow', 'modify a workflow', or 'quality check workflow'.`
Good (organic): `Initializes BMad project configuration. Trigger when any skill needs module-specific configuration values, or when setting up a new BMad project.`
Bad: `Helps with PRDs and product requirements.` — Too vague, would trigger on any mention of PRD even in passing conversation.
Bad: `Use on any mention of workflows, building, or creating things.` — Over-broad, would hijack unrelated conversations.
**Default to explicit invocation** unless the user specifically describes organic/reactive activation during discovery.
## Role Guidance Format
Every generated workflow SKILL.md includes a brief role statement in the Overview or as a standalone line:
```markdown
Act as {role-guidance}. {brief expertise/approach description}.
```
This provides quick prompt priming for expertise and tone. Workflows may also use full Identity/Communication Style/Principles sections when personality serves the workflow's purpose.
## Path Rules
### Skill-Internal Files
All references to files within the skill use `./` prefix:
- `./references/reference.md`
- `./references/discover.md`
- `./scripts/validate.py`
This distinguishes skill-internal files from `{project-root}` paths — without the `./` prefix the LLM may confuse them.
### Project `_bmad` Paths
Use `{project-root}/_bmad/...`:
- `{project-root}/_bmad/planning/prd.md`
### Config Variables
Use directly — they already contain `{project-root}` in their resolved values:
- `{output_folder}/file.md`
- `{planning_artifacts}/prd.md`
**Never:**
- `{project-root}/{output_folder}/file.md` (WRONG — double-prefix, config var already has path)
- `_bmad/planning/prd.md` (WRONG — bare `_bmad` must have `{project-root}` prefix)
_bmad/bmb/bmad-workflow-builder/references/template-substitution-rules.md
+32
View File
@@ -0,0 +1,32 @@
# Template Substitution Rules
The SKILL-template provides a minimal skeleton: frontmatter, overview, and activation with config loading. Everything beyond that is crafted by the builder based on what was learned during discovery and requirements phases.
## Frontmatter
- `{module-code-or-empty}` → Module code prefix with hyphen (e.g., `bmb-`) or empty for standalone
- `{skill-name}` → Skill functional name (kebab-case)
- `{skill-description}` → Two parts: [5-8 word summary]. [trigger phrases]
## Module Conditionals
### For Module-Based Skills
- `{if-module}` ... `{/if-module}` → Keep the content inside
- `{if-standalone}` ... `{/if-standalone}` → Remove the entire block including markers
- `{module-code}` → Module code without trailing hyphen (e.g., `bmb`)
- `{module-setup-skill}` → Name of the module's setup skill (e.g., `bmad-builder-setup`)
### For Standalone Skills
- `{if-module}` ... `{/if-module}` → Remove the entire block including markers
- `{if-standalone}` ... `{/if-standalone}` → Keep the content inside
## Beyond the Template
The builder determines the rest of the skill structure — body sections, phases, stages, scripts, external skills, headless mode, role guidance — based on the skill type classification and requirements gathered during the build process. The template intentionally does not prescribe these; the builder has the context to craft them.
## Path References
All generated skills use `./` prefix for skill-internal paths:
- `./references/{reference}.md` — Reference documents loaded on demand
- `./references/{stage}.md` — Stage prompts (complex workflows)
- `./scripts/` — Python/shell scripts for deterministic operations
_bmad/bmb/bmad-workflow-builder/references/universal-scan-schema.md
+267
View File
@@ -0,0 +1,267 @@
# Universal Scanner Output Schema
All quality scanners — both LLM-based and deterministic lint scripts — MUST produce output conforming to this schema. No exceptions.
## Top-Level Structure
```json
{
"scanner": "scanner-name",
"skill_path": "{path}",
"findings": [],
"assessments": {},
"summary": {
"total_findings": 0,
"by_severity": {},
"assessment": "1-2 sentence overall assessment"
}
}
```
| Key | Type | Required | Description |
|-----|------|----------|-------------|
| `scanner` | string | yes | Scanner identifier (e.g., `"workflow-integrity"`, `"prompt-craft"`) |
| `skill_path` | string | yes | Absolute path to the skill being scanned |
| `findings` | array | yes | ALL items — issues, strengths, suggestions, opportunities. Always an array, never an object |
| `assessments` | object | yes | Scanner-specific structured analysis (cohesion tables, health metrics, user journeys, etc.). Free-form per scanner |
| `summary` | object | yes | Aggregate counts and brief overall assessment |
## Finding Schema (7 fields)
Every item in `findings[]` has exactly these 7 fields:
```json
{
"file": "SKILL.md",
"line": 42,
"severity": "high",
"category": "frontmatter",
"title": "Brief headline of the finding",
"detail": "Full context — rationale, what was observed, why it matters",
"action": "What to do about it — fix, suggestion, or script to create"
}
```
| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `file` | string | yes | Relative path to the affected file (e.g., `"SKILL.md"`, `"scripts/build.py"`). Empty string if not file-specific |
| `line` | int\|null | no | Line number (1-based). `null` or `0` if not line-specific |
| `severity` | string | yes | One of the severity values below |
| `category` | string | yes | Scanner-specific category (e.g., `"frontmatter"`, `"token-waste"`, `"lint"`) |
| `title` | string | yes | Brief headline (1 sentence). This is the primary display text |
| `detail` | string | yes | Full context — fold rationale, observation, impact, nuance into one narrative. Empty string if title is self-explanatory |
| `action` | string | yes | What to do — fix instruction, suggestion, or script to create. Empty string for strengths/notes |
## Severity Values (complete enum)
```
critical | high | medium | low | high-opportunity | medium-opportunity | low-opportunity | suggestion | strength | note
```
**Routing rules:**
- `critical`, `high` → "Truly Broken" section in report
- `medium`, `low` → category-specific findings sections
- `high-opportunity`, `medium-opportunity`, `low-opportunity` → enhancement/creative sections
- `suggestion` → creative suggestions section
- `strength` → strengths section (positive observations worth preserving)
- `note` → informational observations, also routed to strengths
## Assessment Sub-Structure Contracts
The `assessments` object is free-form per scanner, but the HTML report renderer expects specific shapes for specific keys. These are the canonical formats.
### user_journeys (enhancement-opportunities scanner)
**Always an array of objects. Never an object keyed by persona.**
```json
"user_journeys": [
{
"archetype": "first-timer",
"summary": "Brief narrative of this user's experience",
"friction_points": ["moment 1", "moment 2"],
"bright_spots": ["what works well"]
}
]
```
### autonomous_assessment (enhancement-opportunities scanner)
```json
"autonomous_assessment": {
"potential": "headless-ready|easily-adaptable|partially-adaptable|fundamentally-interactive",
"hitl_points": 3,
"auto_resolvable": 2,
"needs_input": 1,
"notes": "Brief assessment"
}
```
### top_insights (enhancement-opportunities scanner)
**Always an array of objects with title/detail/action (same shape as findings but without file/line/severity/category).**
```json
"top_insights": [
{
"title": "The key observation",
"detail": "Why it matters",
"action": "What to do about it"
}
]
```
### cohesion_analysis (skill-cohesion / agent-cohesion scanner)
```json
"cohesion_analysis": {
"dimension_name": { "score": "strong|moderate|weak", "notes": "explanation" }
}
```
Dimension names are scanner-specific (e.g., `stage_flow_coherence`, `persona_alignment`). The report renderer iterates all keys and renders a table row per dimension.
### skill_identity / agent_identity (cohesion scanners)
```json
"skill_identity": {
"name": "skill-name",
"purpose_summary": "Brief characterization",
"primary_outcome": "What this skill produces"
}
```
### skillmd_assessment (prompt-craft scanner)
```json
"skillmd_assessment": {
"overview_quality": "appropriate|excessive|missing",
"progressive_disclosure": "good|needs-extraction|monolithic",
"notes": "brief assessment"
}
```
Agent variant adds `"persona_context": "appropriate|excessive|missing"`.
### prompt_health (prompt-craft scanner)
```json
"prompt_health": {
"total_prompts": 3,
"with_config_header": 2,
"with_progression": 1,
"self_contained": 3
}
```
### skill_understanding (enhancement-opportunities scanner)
```json
"skill_understanding": {
"purpose": "what this skill does",
"primary_user": "who it's for",
"assumptions": ["assumption 1", "assumption 2"]
}
```
### stage_summary (workflow-integrity scanner)
```json
"stage_summary": {
"total_stages": 0,
"missing_stages": [],
"orphaned_stages": [],
"stages_without_progression": [],
"stages_without_config_header": []
}
```
### metadata (structure scanner)
Free-form key-value pairs. Rendered as a metadata block.
### script_summary (scripts lint)
```json
"script_summary": {
"total_scripts": 5,
"by_type": {"python": 3, "shell": 2},
"missing_tests": ["script1.py"]
}
```
### existing_scripts (script-opportunities scanner)
Array of strings (script paths that already exist).
## Complete Example
```json
{
"scanner": "workflow-integrity",
"skill_path": "/path/to/skill",
"findings": [
{
"file": "SKILL.md",
"line": 12,
"severity": "high",
"category": "frontmatter",
"title": "Missing 'description' field in frontmatter",
"detail": "The SKILL.md frontmatter is missing the description field. Without a description, the skill cannot be triggered reliably by the help system.",
"action": "Add a description with trigger phrases to the YAML frontmatter block"
},
{
"file": "build-process.md",
"line": null,
"severity": "strength",
"category": "design",
"title": "Excellent progressive disclosure pattern in build stages",
"detail": "Each stage provides exactly the context needed without front-loading information. This reduces token waste and improves LLM comprehension.",
"action": ""
},
{
"file": "SKILL.md",
"line": 45,
"severity": "medium-opportunity",
"category": "experience-gap",
"title": "No guidance for first-time users unfamiliar with build workflows",
"detail": "A user encountering this skill for the first time has no onboarding path. The skill assumes familiarity with stage-based workflows, which creates friction for newcomers.",
"action": "Add a 'Getting Started' section or link to onboarding documentation"
}
],
"assessments": {
"stage_summary": {
"total_stages": 7,
"missing_stages": [],
"orphaned_stages": ["cleanup"]
}
},
"summary": {
"total_findings": 3,
"by_severity": {"high": 1, "medium-opportunity": 1, "strength": 1},
"assessment": "Well-structured skill with one critical frontmatter gap. Progressive disclosure is a notable strength."
}
}
```
## DO NOT
- **DO NOT** rename fields. Use exactly: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`
- **DO NOT** use `issues` instead of `findings` — the array is always called `findings`
- **DO NOT** add fields to findings beyond the 7 defined above. Put scanner-specific structured data in `assessments`
- **DO NOT** use separate arrays for strengths, suggestions, or opportunities — they go in `findings` with appropriate severity values
- **DO NOT** change `user_journeys` from an array to an object keyed by persona name
- **DO NOT** restructure assessment sub-objects — use the shapes defined above
- **DO NOT** put free-form narrative data into `assessments` — that belongs in `detail` fields of findings or in `summary.assessment`
## Self-Check Before Output
Before writing your JSON output, verify:
1. Is your array called `findings` (not `issues`, not `opportunities`)?
2. Does every item in `findings` have all 7 fields: `file`, `line`, `severity`, `category`, `title`, `detail`, `action`?
3. Are strengths in `findings` with `severity: "strength"` (not in a separate `strengths` array)?
4. Are suggestions in `findings` with `severity: "suggestion"` (not in a separate `creative_suggestions` array)?
5. Is `assessments` an object containing structured analysis data (not items that belong in findings)?
6. Is `user_journeys` an array of objects (not an object keyed by persona)?
7. Do `top_insights` items use `title`/`detail`/`action` (not `insight`/`suggestion`/`why_it_matters`)?
_bmad/bmb/bmad-workflow-builder/report-quality-scan-creator.md
+93
View File
@@ -0,0 +1,93 @@
# Quality Scan Report Creator
You are a master quality engineer tech writer agent QualityReportBot-9001. You create comprehensive, cohesive quality reports from multiple scanner outputs. You read all temporary JSON fragments, consolidate findings, remove duplicates, and produce a well-organized markdown report using the provided template. You are quality obsessed — nothing gets dropped. You will never attempt to fix anything — you are a writer, not a fixer.
## Inputs
- `{skill-path}` — Path to the workflow/skill being validated
- `{quality-report-dir}` — Directory containing scanner temp files AND where to write the final report
## Template
Read `assets/quality-report-template.md` for the report structure. The template contains:
- `{placeholder}` markers — replace with actual data
- `{if-section}...{/if-section}` blocks — include only when data exists, omit entirely when empty
- `<!-- comments -->` — inline guidance for what data to pull and from where; strip from final output
## Process
Read `assets/quality-report-template.md` and every JSON file in `{quality-report-dir}` (both `*-temp.json` scanner findings and `*-prepass.json` structural metrics). All scanners use the universal schema defined in `references/universal-scan-schema.md`. Extract all data types from each scanner file:
| Data Type | Where It Lives | Report Destination |
|-----------|---------------|-------------------|
| Issues/findings (severity: critical-low) | All scanner `findings[]` | Detailed Findings by Category |
| Strengths (severity: "strength"/"note", category: "strength") | All scanners: findings where severity="strength" | Strengths section |
| Cohesion dimensional analysis | skill-cohesion `assessments.cohesion_analysis` | Cohesion Analysis table |
| Craft & skill assessment | prompt-craft `assessments.skillmd_assessment`, `assessments.prompt_health`, `summary.assessment` | Prompt Craft section header + Executive Summary |
| User journeys | enhancement-opportunities `assessments.user_journeys[]` | User Journeys section |
| Autonomous assessment | enhancement-opportunities `assessments.autonomous_assessment` | Autonomous Readiness section |
| Skill understanding | enhancement-opportunities `assessments.skill_understanding` | Creative section header |
| Top insights | enhancement-opportunities `assessments.top_insights[]` | Top Insights in Creative section |
| Creative suggestions | `findings[]` with severity="suggestion" (no separate creative_suggestions array) | Creative Suggestions in Cohesion section |
| Optimization opportunities | `findings[]` with severity ending in "-opportunity" (no separate opportunities array) | Optimization Opportunities in Efficiency section |
| Script inventory & token savings | scripts `assessments.script_summary`, script-opportunities `summary` | Scripts section |
| Stage summary | workflow-integrity `assessments.stage_summary` | Structural section header |
| Prepass metrics | `*-prepass.json` files | Context data points where useful |
Populate the template section by section, following the `<!-- comment -->` guidance in each. Only include `{if-...}` blocks when data exists. Omit empty severity sub-headers. Strip all `<!-- ... -->` blocks from final output.
Deduplicate: same issue from two scanners becomes one entry citing both sources. Same pattern across multiple files becomes one entry with all file:line references. Keep both strengths and issues about the same thing. Route "note"/"strength" severity to Strengths section, "suggestion" severity to Creative subsection.
Re-read all temp files and verify every finding appears in the report.
### Write and Return
Write report to: `{quality-report-dir}/quality-report.md`
Return JSON:
```json
{
"report_file": "{full-path-to-report}",
"summary": {
"total_issues": 0,
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"strengths_count": 0,
"enhancements_count": 0,
"user_journeys_count": 0,
"overall_quality": "Excellent|Good|Fair|Poor",
"overall_cohesion": "cohesive|mostly-cohesive|fragmented|confused",
"craft_assessment": "brief summary from prompt-craft",
"truly_broken_found": true,
"truly_broken_count": 0
},
"by_category": {
"structural": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"prompt_craft": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"cohesion": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"efficiency": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"quality": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"scripts": {"critical": 0, "high": 0, "medium": 0, "low": 0},
"creative": {"high_opportunity": 0, "medium_opportunity": 0, "low_opportunity": 0}
},
"high_impact_quick_wins": [
{"issue": "description", "file": "location", "effort": "low"}
]
}
```
## Scanner Reference
| Scanner | Temp File | Primary Category |
|---------|-----------|-----------------|
| workflow-integrity | workflow-integrity-temp.json | Structural |
| prompt-craft | prompt-craft-temp.json | Prompt Craft |
| skill-cohesion | skill-cohesion-temp.json | Cohesion |
| execution-efficiency | execution-efficiency-temp.json | Efficiency |
| path-standards | path-standards-temp.json | Quality |
| scripts | scripts-temp.json | Scripts |
| script-opportunities | script-opportunities-temp.json | Scripts |
| enhancement-opportunities | enhancement-opportunities-temp.json | Creative |
_bmad/bmb/bmad-workflow-builder/scripts/generate-html-report.py
+1002
View File
File diff suppressed because it is too large Load Diff
_bmad/bmb/bmad-workflow-builder/scripts/prepass-execution-deps.py
Executable
+288
View File
@@ -0,0 +1,288 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for execution efficiency scanner.
Extracts dependency graph data and execution patterns from a BMad skill
so the LLM scanner can evaluate efficiency from compact structured data.
Covers:
- Dependency graph from skill structure
- Circular dependency detection
- Transitive dependency redundancy
- Parallelizable stage groups (independent nodes)
- Sequential pattern detection in prompts (numbered Read/Grep/Glob steps)
- Subagent-from-subagent detection
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
def detect_cycles(graph: dict[str, list[str]]) -> list[list[str]]:
"""Detect circular dependencies in a directed graph using DFS."""
cycles = []
visited = set()
path = []
path_set = set()
def dfs(node: str) -> None:
if node in path_set:
cycle_start = path.index(node)
cycles.append(path[cycle_start:] + [node])
return
if node in visited:
return
visited.add(node)
path.append(node)
path_set.add(node)
for neighbor in graph.get(node, []):
dfs(neighbor)
path.pop()
path_set.discard(node)
for node in graph:
dfs(node)
return cycles
def find_transitive_redundancy(graph: dict[str, list[str]]) -> list[dict]:
"""Find cases where A declares dependency on C, but A->B->C already exists."""
redundancies = []
def get_transitive(node: str, visited: set | None = None) -> set[str]:
if visited is None:
visited = set()
for dep in graph.get(node, []):
if dep not in visited:
visited.add(dep)
get_transitive(dep, visited)
return visited
for node, direct_deps in graph.items():
for dep in direct_deps:
# Check if dep is reachable through other direct deps
other_deps = [d for d in direct_deps if d != dep]
for other in other_deps:
transitive = get_transitive(other)
if dep in transitive:
redundancies.append({
'node': node,
'redundant_dep': dep,
'already_via': other,
'issue': f'"{node}" declares "{dep}" as dependency, but already reachable via "{other}"',
})
return redundancies
def find_parallel_groups(graph: dict[str, list[str]], all_nodes: set[str]) -> list[list[str]]:
"""Find groups of nodes that have no dependencies on each other (can run in parallel)."""
# Nodes with no incoming edges from other nodes in the set
independent_groups = []
# Simple approach: find all nodes at each "level" of the DAG
remaining = set(all_nodes)
while remaining:
# Nodes whose dependencies are all satisfied (not in remaining)
ready = set()
for node in remaining:
deps = set(graph.get(node, []))
if not deps & remaining:
ready.add(node)
if not ready:
break # Circular dependency, can't proceed
if len(ready) > 1:
independent_groups.append(sorted(ready))
remaining -= ready
return independent_groups
def scan_sequential_patterns(filepath: Path, rel_path: str) -> list[dict]:
"""Detect sequential operation patterns that could be parallel."""
content = filepath.read_text(encoding='utf-8')
patterns = []
# Sequential numbered steps with Read/Grep/Glob
tool_steps = re.findall(
r'^\s*\d+\.\s+.*?\b(Read|Grep|Glob|read|grep|glob)\b.*$',
content, re.MULTILINE
)
if len(tool_steps) >= 3:
patterns.append({
'file': rel_path,
'type': 'sequential-tool-calls',
'count': len(tool_steps),
'issue': f'{len(tool_steps)} sequential tool call steps found — check if independent calls can be parallel',
})
# "Read all files" / "for each" loop patterns
loop_patterns = [
(r'[Rr]ead all (?:files|documents|prompts)', 'read-all'),
(r'[Ff]or each (?:file|document|prompt|stage)', 'for-each-loop'),
(r'[Aa]nalyze each', 'analyze-each'),
(r'[Ss]can (?:through|all|each)', 'scan-all'),
(r'[Rr]eview (?:all|each)', 'review-all'),
]
for pattern, ptype in loop_patterns:
matches = re.findall(pattern, content)
if matches:
patterns.append({
'file': rel_path,
'type': ptype,
'count': len(matches),
'issue': f'"{matches[0]}" pattern found — consider parallel subagent delegation',
})
# Subagent spawning from subagent (impossible)
if re.search(r'(?i)spawn.*subagent|launch.*subagent|create.*subagent', content):
# Check if this file IS a subagent (non-SKILL.md, non-numbered prompt at root)
if rel_path != 'SKILL.md' and not re.match(r'^\d+-', rel_path):
patterns.append({
'file': rel_path,
'type': 'subagent-chain-violation',
'count': 1,
'issue': 'Subagent file references spawning other subagents — subagents cannot spawn subagents',
})
return patterns
def scan_execution_deps(skill_path: Path) -> dict:
"""Run all deterministic execution efficiency checks."""
# Build dependency graph from skill structure
dep_graph: dict[str, list[str]] = {}
prefer_after: dict[str, list[str]] = {}
all_stages: set[str] = set()
# Check for stage-level prompt files at skill root
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md':
all_stages.add(f.stem)
# Cycle detection
cycles = detect_cycles(dep_graph)
# Transitive redundancy
redundancies = find_transitive_redundancy(dep_graph)
# Parallel groups
parallel_groups = find_parallel_groups(dep_graph, all_stages)
# Sequential pattern detection across all prompt and agent files at root
sequential_patterns = []
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md':
patterns = scan_sequential_patterns(f, f.name)
sequential_patterns.extend(patterns)
# Also scan SKILL.md
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
sequential_patterns.extend(scan_sequential_patterns(skill_md, 'SKILL.md'))
# Build issues from deterministic findings
issues = []
for cycle in cycles:
issues.append({
'severity': 'critical',
'category': 'circular-dependency',
'issue': f'Circular dependency detected: {"".join(cycle)}',
})
for r in redundancies:
issues.append({
'severity': 'medium',
'category': 'dependency-bloat',
'issue': r['issue'],
})
for p in sequential_patterns:
severity = 'critical' if p['type'] == 'subagent-chain-violation' else 'medium'
issues.append({
'file': p['file'],
'severity': severity,
'category': p['type'],
'issue': p['issue'],
})
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
for issue in issues:
sev = issue['severity']
if sev in by_severity:
by_severity[sev] += 1
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['medium'] > 0:
status = 'warning'
return {
'scanner': 'execution-efficiency-prepass',
'script': 'prepass-execution-deps.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'dependency_graph': {
'stages': sorted(all_stages),
'hard_dependencies': dep_graph,
'soft_dependencies': prefer_after,
'cycles': cycles,
'transitive_redundancies': redundancies,
'parallel_groups': parallel_groups,
},
'sequential_patterns': sequential_patterns,
'issues': issues,
'summary': {
'total_issues': len(issues),
'by_severity': by_severity,
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Extract execution dependency graph and patterns for LLM scanner pre-pass',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_execution_deps(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0
if __name__ == '__main__':
sys.exit(main())
_bmad/bmb/bmad-workflow-builder/scripts/prepass-prompt-metrics.py
Executable
+285
View File
@@ -0,0 +1,285 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for prompt craft scanner.
Extracts metrics and flagged patterns from SKILL.md and prompt files
so the LLM scanner can work from compact data instead of reading raw files.
Covers:
- SKILL.md line count and section inventory
- Overview section size
- Inline data detection (tables, fenced code blocks)
- Defensive padding pattern grep
- Meta-explanation pattern grep
- Back-reference detection ("as described above")
- Config header and progression condition presence per prompt
- File-level token estimates (chars / 4 rough approximation)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Defensive padding / filler patterns
WASTE_PATTERNS = [
(r'\b[Mm]ake sure (?:to|you)\b', 'defensive-padding', 'Defensive: "make sure to/you"'),
(r"\b[Dd]on'?t forget (?:to|that)\b", 'defensive-padding', "Defensive: \"don't forget\""),
(r'\b[Rr]emember (?:to|that)\b', 'defensive-padding', 'Defensive: "remember to/that"'),
(r'\b[Bb]e sure to\b', 'defensive-padding', 'Defensive: "be sure to"'),
(r'\b[Pp]lease ensure\b', 'defensive-padding', 'Defensive: "please ensure"'),
(r'\b[Ii]t is important (?:to|that)\b', 'defensive-padding', 'Defensive: "it is important"'),
(r'\b[Yy]ou are an AI\b', 'meta-explanation', 'Meta: "you are an AI"'),
(r'\b[Aa]s a language model\b', 'meta-explanation', 'Meta: "as a language model"'),
(r'\b[Aa]s an AI assistant\b', 'meta-explanation', 'Meta: "as an AI assistant"'),
(r'\b[Tt]his (?:workflow|skill|process) is designed to\b', 'meta-explanation', 'Meta: "this workflow is designed to"'),
(r'\b[Tt]he purpose of this (?:section|step) is\b', 'meta-explanation', 'Meta: "the purpose of this section is"'),
(r"\b[Ll]et'?s (?:think about|begin|start)\b", 'filler', "Filler: \"let's think/begin\""),
(r'\b[Nn]ow we(?:\'ll| will)\b', 'filler', "Filler: \"now we'll\""),
]
# Back-reference patterns (self-containment risk)
BACKREF_PATTERNS = [
(r'\bas described above\b', 'Back-reference: "as described above"'),
(r'\bper the overview\b', 'Back-reference: "per the overview"'),
(r'\bas mentioned (?:above|in|earlier)\b', 'Back-reference: "as mentioned above/in/earlier"'),
(r'\bsee (?:above|the overview)\b', 'Back-reference: "see above/the overview"'),
(r'\brefer to (?:the )?(?:above|overview|SKILL)\b', 'Back-reference: "refer to above/overview"'),
]
def count_tables(content: str) -> tuple[int, int]:
"""Count markdown tables and their total lines."""
table_count = 0
table_lines = 0
in_table = False
for line in content.split('\n'):
if '|' in line and re.match(r'^\s*\|', line):
if not in_table:
table_count += 1
in_table = True
table_lines += 1
else:
in_table = False
return table_count, table_lines
def count_fenced_blocks(content: str) -> tuple[int, int]:
"""Count fenced code blocks and their total lines."""
block_count = 0
block_lines = 0
in_block = False
for line in content.split('\n'):
if line.strip().startswith('```'):
if in_block:
in_block = False
else:
in_block = True
block_count += 1
elif in_block:
block_lines += 1
return block_count, block_lines
def extract_overview_size(content: str) -> int:
"""Count lines in the ## Overview section."""
lines = content.split('\n')
in_overview = False
overview_lines = 0
for line in lines:
if re.match(r'^##\s+Overview\b', line):
in_overview = True
continue
elif in_overview and re.match(r'^##\s', line):
break
elif in_overview:
overview_lines += 1
return overview_lines
def scan_file_patterns(filepath: Path, rel_path: str) -> dict:
"""Extract metrics and pattern matches from a single file."""
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# Token estimate (rough: chars / 4)
token_estimate = len(content) // 4
# Section inventory
sections = []
for i, line in enumerate(lines, 1):
m = re.match(r'^(#{2,3})\s+(.+)$', line)
if m:
sections.append({'level': len(m.group(1)), 'title': m.group(2).strip(), 'line': i})
# Tables and code blocks
table_count, table_lines = count_tables(content)
block_count, block_lines = count_fenced_blocks(content)
# Pattern matches
waste_matches = []
for pattern, category, label in WASTE_PATTERNS:
for m in re.finditer(pattern, content):
line_num = content[:m.start()].count('\n') + 1
waste_matches.append({
'line': line_num,
'category': category,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
backref_matches = []
for pattern, label in BACKREF_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
backref_matches.append({
'line': line_num,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
# Config header
has_config_header = '{communication_language}' in content or '{document_output_language}' in content
# Progression condition
prog_keywords = ['progress', 'advance', 'move to', 'next stage',
'when complete', 'proceed to', 'transition', 'completion criteria']
has_progression = any(kw in content.lower() for kw in prog_keywords)
result = {
'file': rel_path,
'line_count': line_count,
'token_estimate': token_estimate,
'sections': sections,
'table_count': table_count,
'table_lines': table_lines,
'fenced_block_count': block_count,
'fenced_block_lines': block_lines,
'waste_patterns': waste_matches,
'back_references': backref_matches,
'has_config_header': has_config_header,
'has_progression': has_progression,
}
return result
def scan_prompt_metrics(skill_path: Path) -> dict:
"""Extract metrics from all prompt-relevant files."""
files_data = []
# SKILL.md
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
data = scan_file_patterns(skill_md, 'SKILL.md')
content = skill_md.read_text(encoding='utf-8')
data['overview_lines'] = extract_overview_size(content)
data['is_skill_md'] = True
files_data.append(data)
# Prompt files at skill root (non-SKILL.md .md files)
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md':
data = scan_file_patterns(f, f.name)
data['is_skill_md'] = False
files_data.append(data)
# Resources (just sizes, for progressive disclosure assessment)
resources_dir = skill_path / 'resources'
resource_sizes = {}
if resources_dir.exists():
for f in sorted(resources_dir.iterdir()):
if f.is_file() and f.suffix in ('.md', '.json', '.yaml', '.yml'):
content = f.read_text(encoding='utf-8')
resource_sizes[f.name] = {
'lines': len(content.split('\n')),
'tokens': len(content) // 4,
}
# Aggregate stats
total_waste = sum(len(f['waste_patterns']) for f in files_data)
total_backrefs = sum(len(f['back_references']) for f in files_data)
total_tokens = sum(f['token_estimate'] for f in files_data)
prompts_with_config = sum(1 for f in files_data if not f.get('is_skill_md') and f['has_config_header'])
prompts_with_progression = sum(1 for f in files_data if not f.get('is_skill_md') and f['has_progression'])
total_prompts = sum(1 for f in files_data if not f.get('is_skill_md'))
skill_md_data = next((f for f in files_data if f.get('is_skill_md')), None)
return {
'scanner': 'prompt-craft-prepass',
'script': 'prepass-prompt-metrics.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'info',
'skill_md_summary': {
'line_count': skill_md_data['line_count'] if skill_md_data else 0,
'token_estimate': skill_md_data['token_estimate'] if skill_md_data else 0,
'overview_lines': skill_md_data.get('overview_lines', 0) if skill_md_data else 0,
'table_count': skill_md_data['table_count'] if skill_md_data else 0,
'table_lines': skill_md_data['table_lines'] if skill_md_data else 0,
'fenced_block_count': skill_md_data['fenced_block_count'] if skill_md_data else 0,
'fenced_block_lines': skill_md_data['fenced_block_lines'] if skill_md_data else 0,
'section_count': len(skill_md_data['sections']) if skill_md_data else 0,
},
'prompt_health': {
'total_prompts': total_prompts,
'prompts_with_config_header': prompts_with_config,
'prompts_with_progression': prompts_with_progression,
},
'aggregate': {
'total_files_scanned': len(files_data),
'total_token_estimate': total_tokens,
'total_waste_patterns': total_waste,
'total_back_references': total_backrefs,
},
'resource_sizes': resource_sizes,
'files': files_data,
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Extract prompt craft metrics for LLM scanner pre-pass',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_prompt_metrics(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0
if __name__ == '__main__':
sys.exit(main())
_bmad/bmb/bmad-workflow-builder/scripts/prepass-workflow-integrity.py
Executable
+480
View File
@@ -0,0 +1,480 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for workflow integrity scanner.
Extracts structural metadata from a BMad skill that the LLM scanner
can use instead of reading all files itself. Covers:
- Frontmatter parsing and validation
- Section inventory (H2/H3 headers)
- Template artifact detection
- Stage file cross-referencing
- Stage numbering validation
- Config header detection in prompts
- Language/directness pattern grep
- On Exit / Exiting section detection (invalid)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Template artifacts that should NOT appear in finalized skills
TEMPLATE_ARTIFACTS = [
r'\{if-complex-workflow\}', r'\{/if-complex-workflow\}',
r'\{if-simple-workflow\}', r'\{/if-simple-workflow\}',
r'\{if-simple-utility\}', r'\{/if-simple-utility\}',
r'\{if-module\}', r'\{/if-module\}',
r'\{if-headless\}', r'\{/if-headless\}',
r'\{displayName\}', r'\{skillName\}',
]
# Runtime variables that ARE expected (not artifacts)
RUNTIME_VARS = {
'{user_name}', '{communication_language}', '{document_output_language}',
'{project-root}', '{output_folder}', '{planning_artifacts}',
}
# Directness anti-patterns
DIRECTNESS_PATTERNS = [
(r'\byou should\b', 'Suggestive "you should" — use direct imperative'),
(r'\bplease\b(?! note)', 'Polite "please" — use direct imperative'),
(r'\bhandle appropriately\b', 'Ambiguous "handle appropriately" — specify how'),
(r'\bwhen ready\b', 'Vague "when ready" — specify testable condition'),
]
# Invalid sections
INVALID_SECTIONS = [
(r'^##\s+On\s+Exit\b', 'On Exit section found — no exit hooks exist in the system, this will never run'),
(r'^##\s+Exiting\b', 'Exiting section found — no exit hooks exist in the system, this will never run'),
]
def parse_frontmatter(content: str) -> tuple[dict | None, list[dict]]:
"""Parse YAML frontmatter and validate."""
findings = []
fm_match = re.match(r'^---\s*\n(.*?)\n---\s*\n', content, re.DOTALL)
if not fm_match:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'No YAML frontmatter found',
})
return None, findings
try:
# Frontmatter is YAML-like key: value pairs — parse manually
fm = {}
for line in fm_match.group(1).strip().split('\n'):
line = line.strip()
if not line or line.startswith('#'):
continue
if ':' in line:
key, _, value = line.partition(':')
fm[key.strip()] = value.strip().strip('"').strip("'")
except Exception as e:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': f'Invalid frontmatter: {e}',
})
return None, findings
if not isinstance(fm, dict):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'Frontmatter is not a YAML mapping',
})
return None, findings
# name check
name = fm.get('name')
if not name:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'Missing "name" field in frontmatter',
})
elif not re.match(r'^[a-z0-9]+(-[a-z0-9]+)*$', name):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'frontmatter',
'issue': f'Name "{name}" is not kebab-case',
})
elif not name.startswith('bmad-'):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'medium', 'category': 'frontmatter',
'issue': f'Name "{name}" does not follow bmad-* naming convention',
})
# description check
desc = fm.get('description')
if not desc:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'frontmatter',
'issue': 'Missing "description" field in frontmatter',
})
elif 'Use when' not in desc and 'use when' not in desc:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'medium', 'category': 'frontmatter',
'issue': 'Description missing "Use when..." trigger phrase',
})
# Extra fields check
allowed = {'name', 'description', 'menu-code'}
extra = set(fm.keys()) - allowed
if extra:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'low', 'category': 'frontmatter',
'issue': f'Extra frontmatter fields: {", ".join(sorted(extra))}',
})
return fm, findings
def extract_sections(content: str) -> list[dict]:
"""Extract all H2 headers with line numbers."""
sections = []
for i, line in enumerate(content.split('\n'), 1):
m = re.match(r'^(#{2,3})\s+(.+)$', line)
if m:
sections.append({
'level': len(m.group(1)),
'title': m.group(2).strip(),
'line': i,
})
return sections
def check_required_sections(sections: list[dict]) -> list[dict]:
"""Check for required and invalid sections."""
findings = []
h2_titles = [s['title'] for s in sections if s['level'] == 2]
if 'Overview' not in h2_titles:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'sections',
'issue': 'Missing ## Overview section',
})
if 'On Activation' not in h2_titles:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'sections',
'issue': 'Missing ## On Activation section',
})
# Invalid sections
for s in sections:
if s['level'] == 2:
for pattern, message in INVALID_SECTIONS:
if re.match(pattern, f"## {s['title']}"):
findings.append({
'file': 'SKILL.md', 'line': s['line'],
'severity': 'high', 'category': 'invalid-section',
'issue': message,
})
return findings
def find_template_artifacts(filepath: Path, rel_path: str) -> list[dict]:
"""Scan for orphaned template substitution artifacts."""
findings = []
content = filepath.read_text(encoding='utf-8')
for pattern in TEMPLATE_ARTIFACTS:
for m in re.finditer(pattern, content):
matched = m.group()
if matched in RUNTIME_VARS:
continue
line_num = content[:m.start()].count('\n') + 1
findings.append({
'file': rel_path, 'line': line_num,
'severity': 'high', 'category': 'artifacts',
'issue': f'Orphaned template artifact: {matched}',
'fix': 'Resolve or remove this template conditional/placeholder',
})
return findings
def cross_reference_stages(skill_path: Path, skill_content: str) -> tuple[dict, list[dict]]:
"""Cross-reference stage files between SKILL.md and numbered prompt files at skill root."""
findings = []
# Get actual numbered prompt files at skill root (exclude SKILL.md)
actual_files = set()
for f in skill_path.iterdir():
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md' and re.match(r'^\d+-', f.name):
actual_files.add(f.name)
# Find stage references in SKILL.md — look for both old prompts/ style and new root style
referenced = set()
# Match `prompts/XX-name.md` (legacy) or bare `XX-name.md` references
ref_pattern = re.compile(r'(?:prompts/)?(\d+-[^\s)`]+\.md)')
for m in ref_pattern.finditer(skill_content):
referenced.add(m.group(1))
# Missing files (referenced but don't exist)
missing = referenced - actual_files
for f in sorted(missing):
findings.append({
'file': 'SKILL.md', 'line': 0,
'severity': 'critical', 'category': 'missing-stage',
'issue': f'Referenced stage file does not exist: {f}',
})
# Orphaned files (exist but not referenced)
orphaned = actual_files - referenced
for f in sorted(orphaned):
findings.append({
'file': f, 'line': 0,
'severity': 'medium', 'category': 'naming',
'issue': f'Stage file exists but not referenced in SKILL.md: {f}',
})
# Stage numbering check
numbered = []
for f in sorted(actual_files):
m = re.match(r'^(\d+)-(.+)\.md$', f)
if m:
numbered.append((int(m.group(1)), f))
if numbered:
numbered.sort()
nums = [n[0] for n in numbered]
expected = list(range(nums[0], nums[0] + len(nums)))
if nums != expected:
gaps = set(expected) - set(nums)
if gaps:
findings.append({
'file': skill_path.name, 'line': 0,
'severity': 'medium', 'category': 'naming',
'issue': f'Stage numbering has gaps: missing {sorted(gaps)}',
})
stage_summary = {
'total_stages': len(actual_files),
'referenced': sorted(referenced),
'actual': sorted(actual_files),
'missing_stages': sorted(missing),
'orphaned_stages': sorted(orphaned),
}
return stage_summary, findings
def check_prompt_basics(skill_path: Path) -> tuple[list[dict], list[dict]]:
"""Check each prompt file for config header and progression conditions."""
findings = []
prompt_details = []
# Look for numbered prompt files at skill root
prompt_files = sorted(
f for f in skill_path.iterdir()
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md' and re.match(r'^\d+-', f.name)
)
if not prompt_files:
return prompt_details, findings
for f in prompt_files:
content = f.read_text(encoding='utf-8')
rel_path = f.name
detail = {'file': f.name, 'has_config_header': False, 'has_progression': False}
# Config header check
if '{communication_language}' in content or '{document_output_language}' in content:
detail['has_config_header'] = True
else:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'config-header',
'issue': 'No config header with language variables found',
})
# Progression condition check (look for progression-related keywords near end)
lower = content.lower()
prog_keywords = ['progress', 'advance', 'move to', 'next stage', 'when complete',
'proceed to', 'transition', 'completion criteria']
if any(kw in lower for kw in prog_keywords):
detail['has_progression'] = True
else:
findings.append({
'file': rel_path, 'line': len(content.split('\n')),
'severity': 'high', 'category': 'progression',
'issue': 'No progression condition keywords found',
})
# Directness checks
for pattern, message in DIRECTNESS_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
findings.append({
'file': rel_path, 'line': line_num,
'severity': 'low', 'category': 'language',
'issue': message,
})
# Template artifacts
findings.extend(find_template_artifacts(f, rel_path))
prompt_details.append(detail)
return prompt_details, findings
def detect_workflow_type(skill_content: str, has_prompts: bool) -> str:
"""Detect workflow type from SKILL.md content."""
has_stage_refs = bool(re.search(r'(?:prompts/)?\d+-\S+\.md', skill_content))
has_routing = bool(re.search(r'(?i)(rout|stage|branch|path)', skill_content))
if has_stage_refs or (has_prompts and has_routing):
return 'complex'
elif re.search(r'(?m)^\d+\.\s', skill_content):
return 'simple-workflow'
else:
return 'simple-utility'
def scan_workflow_integrity(skill_path: Path) -> dict:
"""Run all deterministic workflow integrity checks."""
all_findings = []
# Read SKILL.md
skill_md = skill_path / 'SKILL.md'
if not skill_md.exists():
return {
'scanner': 'workflow-integrity-prepass',
'script': 'prepass-workflow-integrity.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'fail',
'issues': [{'file': 'SKILL.md', 'line': 1, 'severity': 'critical',
'category': 'missing-file', 'issue': 'SKILL.md does not exist'}],
'summary': {'total_issues': 1, 'by_severity': {'critical': 1, 'high': 0, 'medium': 0, 'low': 0}},
}
skill_content = skill_md.read_text(encoding='utf-8')
# Frontmatter
frontmatter, fm_findings = parse_frontmatter(skill_content)
all_findings.extend(fm_findings)
# Sections
sections = extract_sections(skill_content)
section_findings = check_required_sections(sections)
all_findings.extend(section_findings)
# Template artifacts in SKILL.md
all_findings.extend(find_template_artifacts(skill_md, 'SKILL.md'))
# Directness checks in SKILL.md
for pattern, message in DIRECTNESS_PATTERNS:
for m in re.finditer(pattern, skill_content, re.IGNORECASE):
line_num = skill_content[:m.start()].count('\n') + 1
all_findings.append({
'file': 'SKILL.md', 'line': line_num,
'severity': 'low', 'category': 'language',
'issue': message,
})
# Workflow type
has_prompts = any(
f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md' and re.match(r'^\d+-', f.name)
for f in skill_path.iterdir()
)
workflow_type = detect_workflow_type(skill_content, has_prompts)
# Stage cross-reference
stage_summary, stage_findings = cross_reference_stages(skill_path, skill_content)
all_findings.extend(stage_findings)
# Prompt basics
prompt_details, prompt_findings = check_prompt_basics(skill_path)
all_findings.extend(prompt_findings)
# Build severity summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0:
status = 'warning'
return {
'scanner': 'workflow-integrity-prepass',
'script': 'prepass-workflow-integrity.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'metadata': {
'frontmatter': frontmatter,
'sections': sections,
'workflow_type': workflow_type,
},
'stage_summary': stage_summary,
'prompt_details': prompt_details,
'issues': all_findings,
'summary': {
'total_issues': len(all_findings),
'by_severity': by_severity,
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Deterministic pre-pass for workflow integrity scanning',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_workflow_integrity(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())
_bmad/bmb/bmad-workflow-builder/scripts/scan-path-standards.py
Executable
+300
View File
@@ -0,0 +1,300 @@
#!/usr/bin/env python3
"""Deterministic path standards scanner for BMad skills.
Validates all .md and .json files against BMad path conventions:
1. {project-root} only valid before /_bmad
2. Bare _bmad references must have {project-root} prefix
3. Config variables used directly (no double-prefix)
4. Skill-internal paths must use ./ prefix (references/, scripts/, assets/)
5. No ../ parent directory references
6. No absolute paths
7. Frontmatter allows only name and description
8. No .md files at skill root except SKILL.md
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Patterns to detect
# {project-root} NOT followed by /_bmad
PROJECT_ROOT_NOT_BMAD_RE = re.compile(r'\{project-root\}/(?!_bmad)')
# Bare _bmad without {project-root} prefix — match _bmad at word boundary
# but not when preceded by {project-root}/
BARE_BMAD_RE = re.compile(r'(?<!\{project-root\}/)_bmad[/\s]')
# Absolute paths
ABSOLUTE_PATH_RE = re.compile(r'(?:^|[\s"`\'(])(/(?:Users|home|opt|var|tmp|etc|usr)/\S+)', re.MULTILINE)
HOME_PATH_RE = re.compile(r'(?:^|[\s"`\'(])(~/\S+)', re.MULTILINE)
# Parent directory reference (still invalid)
RELATIVE_DOT_RE = re.compile(r'(?:^|[\s"`\'(])(\.\./\S+)', re.MULTILINE)
# Bare skill-internal paths without ./ prefix
# Match references/, scripts/, assets/ when NOT preceded by ./
BARE_INTERNAL_RE = re.compile(r'(?:^|[\s"`\'(])(?<!\./)((?:references|scripts|assets)/\S+)', re.MULTILINE)
# Fenced code block detection (to skip examples showing wrong patterns)
FENCE_RE = re.compile(r'^```', re.MULTILINE)
# Valid frontmatter keys
VALID_FRONTMATTER_KEYS = {'name', 'description'}
def is_in_fenced_block(content: str, pos: int) -> bool:
"""Check if a position is inside a fenced code block."""
fences = [m.start() for m in FENCE_RE.finditer(content[:pos])]
# Odd number of fences before pos means we're inside a block
return len(fences) % 2 == 1
def get_line_number(content: str, pos: int) -> int:
"""Get 1-based line number for a position in content."""
return content[:pos].count('\n') + 1
def check_frontmatter(content: str, filepath: Path) -> list[dict]:
"""Validate SKILL.md frontmatter contains only allowed keys."""
findings = []
if filepath.name != 'SKILL.md':
return findings
if not content.startswith('---'):
findings.append({
'file': filepath.name,
'line': 1,
'severity': 'critical',
'category': 'frontmatter',
'title': 'SKILL.md missing frontmatter block',
'detail': 'SKILL.md must start with --- frontmatter containing name and description',
'action': 'Add frontmatter with name and description fields',
})
return findings
# Find closing ---
end = content.find('\n---', 3)
if end == -1:
findings.append({
'file': filepath.name,
'line': 1,
'severity': 'critical',
'category': 'frontmatter',
'title': 'SKILL.md frontmatter block not closed',
'detail': 'Missing closing --- for frontmatter',
'action': 'Add closing --- after frontmatter fields',
})
return findings
frontmatter = content[4:end]
for i, line in enumerate(frontmatter.split('\n'), start=2):
line = line.strip()
if not line or line.startswith('#'):
continue
if ':' in line:
key = line.split(':', 1)[0].strip()
if key not in VALID_FRONTMATTER_KEYS:
findings.append({
'file': filepath.name,
'line': i,
'severity': 'high',
'category': 'frontmatter',
'title': f'Invalid frontmatter key: {key}',
'detail': f'Only {", ".join(sorted(VALID_FRONTMATTER_KEYS))} are allowed in frontmatter',
'action': f'Remove {key} from frontmatter — use as content field in SKILL.md body instead',
})
return findings
def check_root_md_files(skill_path: Path) -> list[dict]:
"""Check that no .md files exist at skill root except SKILL.md."""
findings = []
for md_file in skill_path.glob('*.md'):
if md_file.name != 'SKILL.md':
findings.append({
'file': md_file.name,
'line': 0,
'severity': 'high',
'category': 'structure',
'title': f'Prompt file at skill root: {md_file.name}',
'detail': 'All progressive disclosure content must be in ./references/ — only SKILL.md belongs at root',
'action': f'Move {md_file.name} to references/{md_file.name}',
})
return findings
def scan_file(filepath: Path, skip_fenced: bool = True) -> list[dict]:
"""Scan a single file for path standard violations."""
findings = []
content = filepath.read_text(encoding='utf-8')
rel_path = filepath.name
checks = [
(PROJECT_ROOT_NOT_BMAD_RE, 'project-root-not-bmad', 'critical',
'{project-root} used for non-_bmad path — only valid use is {project-root}/_bmad/...'),
(ABSOLUTE_PATH_RE, 'absolute-path', 'high',
'Absolute path found — not portable across machines'),
(HOME_PATH_RE, 'absolute-path', 'high',
'Home directory path (~/) found — environment-specific'),
(RELATIVE_DOT_RE, 'relative-prefix', 'high',
'Parent directory reference (../) found — fragile, breaks with reorganization'),
(BARE_INTERNAL_RE, 'bare-internal-path', 'high',
'Bare skill-internal path without ./ prefix — use ./references/, ./scripts/, ./assets/ to distinguish from {project-root} paths'),
]
for pattern, category, severity, message in checks:
for match in pattern.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': severity,
'category': category,
'title': message,
'detail': line_content[:120],
'action': '',
})
# Bare _bmad check — more nuanced, need to avoid false positives
# inside {project-root}/_bmad which is correct
for match in BARE_BMAD_RE.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
start = max(0, pos - 30)
before = content[start:pos]
if '{project-root}/' in before:
continue
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': 'high',
'category': 'bare-bmad',
'title': 'Bare _bmad reference without {project-root} prefix',
'detail': line_content[:120],
'action': '',
})
return findings
def scan_skill(skill_path: Path, skip_fenced: bool = True) -> dict:
"""Scan all .md and .json files in a skill directory."""
all_findings = []
# Check for .md files at root that aren't SKILL.md
all_findings.extend(check_root_md_files(skill_path))
# Check SKILL.md frontmatter
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
content = skill_md.read_text(encoding='utf-8')
all_findings.extend(check_frontmatter(content, skill_md))
# Find all .md and .json files
md_files = sorted(list(skill_path.rglob('*.md')) + list(skill_path.rglob('*.json')))
if not md_files:
print(f"Warning: No .md or .json files found in {skill_path}", file=sys.stderr)
files_scanned = []
for md_file in md_files:
rel = md_file.relative_to(skill_path)
files_scanned.append(str(rel))
file_findings = scan_file(md_file, skip_fenced)
for f in file_findings:
f['file'] = str(rel)
all_findings.extend(file_findings)
# Build summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
by_category = {
'project_root_not_bmad': 0,
'bare_bmad': 0,
'double_prefix': 0,
'absolute_path': 0,
'relative_prefix': 0,
'bare_internal_path': 0,
'frontmatter': 0,
'structure': 0,
}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
cat = f['category'].replace('-', '_')
if cat in by_category:
by_category[cat] += 1
return {
'scanner': 'path-standards',
'script': 'scan-path-standards.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'files_scanned': files_scanned,
'status': 'pass' if not all_findings else 'fail',
'findings': all_findings,
'assessments': {},
'summary': {
'total_findings': len(all_findings),
'by_severity': by_severity,
'by_category': by_category,
'assessment': 'Path standards scan complete',
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Scan BMad skill for path standard violations',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
parser.add_argument(
'--include-fenced',
action='store_true',
help='Also check inside fenced code blocks (by default they are skipped)',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_skill(args.skill_path, skip_fenced=not args.include_fenced)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())
_bmad/bmb/bmad-workflow-builder/scripts/scan-scripts.py
Executable
+745
View File
@@ -0,0 +1,745 @@
#!/usr/bin/env python3
"""Deterministic scripts scanner for BMad skills.
Validates scripts in a skill's scripts/ folder for:
- PEP 723 inline dependencies (Python)
- Shebang, set -e, portability (Shell)
- Version pinning for npx/uvx
- Agentic design: no input(), has argparse/--help, JSON output, exit codes
- Unit test existence
- Over-engineering signals (line count, simple-op imports)
- External lint: ruff (Python), shellcheck (Bash), biome (JS/TS)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import ast
import json
import re
import shutil
import subprocess
import sys
from datetime import datetime, timezone
from pathlib import Path
# =============================================================================
# External Linter Integration
# =============================================================================
def _run_command(cmd: list[str], timeout: int = 30) -> tuple[int, str, str]:
"""Run a command and return (returncode, stdout, stderr)."""
try:
result = subprocess.run(
cmd, capture_output=True, text=True, timeout=timeout,
)
return result.returncode, result.stdout, result.stderr
except FileNotFoundError:
return -1, '', f'Command not found: {cmd[0]}'
except subprocess.TimeoutExpired:
return -2, '', f'Command timed out after {timeout}s: {" ".join(cmd)}'
def _find_uv() -> str | None:
"""Find uv binary on PATH."""
return shutil.which('uv')
def _find_npx() -> str | None:
"""Find npx binary on PATH."""
return shutil.which('npx')
def lint_python_ruff(filepath: Path, rel_path: str) -> list[dict]:
"""Run ruff on a Python file via uv. Returns lint findings."""
uv = _find_uv()
if not uv:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'uv not found on PATH — cannot run ruff for Python linting',
'detail': '',
'action': 'Install uv: https://docs.astral.sh/uv/getting-started/installation/',
}]
rc, stdout, stderr = _run_command([
uv, 'run', 'ruff', 'check', '--output-format', 'json', str(filepath),
])
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run ruff via uv: {stderr.strip()}',
'detail': '',
'action': 'Ensure uv can install and run ruff: uv run ruff --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'ruff timed out on {rel_path}',
'detail': '',
'action': '',
}]
# ruff outputs JSON array on stdout (even on rc=1 when issues found)
findings = []
try:
issues = json.loads(stdout) if stdout.strip() else []
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse ruff output for {rel_path}',
'detail': '',
'action': '',
}]
for issue in issues:
fix_msg = issue.get('fix', {}).get('message', '') if issue.get('fix') else ''
findings.append({
'file': rel_path,
'line': issue.get('location', {}).get('row', 0),
'severity': 'high',
'category': 'lint',
'title': f'[{issue.get("code", "?")}] {issue.get("message", "")}',
'detail': '',
'action': fix_msg or f'See https://docs.astral.sh/ruff/rules/{issue.get("code", "")}',
})
return findings
def lint_shell_shellcheck(filepath: Path, rel_path: str) -> list[dict]:
"""Run shellcheck on a shell script via uv. Returns lint findings."""
uv = _find_uv()
if not uv:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'uv not found on PATH — cannot run shellcheck for shell linting',
'detail': '',
'action': 'Install uv: https://docs.astral.sh/uv/getting-started/installation/',
}]
rc, stdout, stderr = _run_command([
uv, 'run', '--with', 'shellcheck-py',
'shellcheck', '--format', 'json', str(filepath),
])
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run shellcheck via uv: {stderr.strip()}',
'detail': '',
'action': 'Ensure uv can install shellcheck-py: uv run --with shellcheck-py shellcheck --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'shellcheck timed out on {rel_path}',
'detail': '',
'action': '',
}]
findings = []
# shellcheck outputs JSON on stdout (rc=1 when issues found)
raw = stdout.strip() or stderr.strip()
try:
issues = json.loads(raw) if raw else []
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse shellcheck output for {rel_path}',
'detail': '',
'action': '',
}]
# Map shellcheck levels to our severity
level_map = {'error': 'high', 'warning': 'high', 'info': 'high', 'style': 'medium'}
for issue in issues:
sc_code = issue.get('code', '')
findings.append({
'file': rel_path,
'line': issue.get('line', 0),
'severity': level_map.get(issue.get('level', ''), 'high'),
'category': 'lint',
'title': f'[SC{sc_code}] {issue.get("message", "")}',
'detail': '',
'action': f'See https://www.shellcheck.net/wiki/SC{sc_code}',
})
return findings
def lint_node_biome(filepath: Path, rel_path: str) -> list[dict]:
"""Run biome on a JS/TS file via npx. Returns lint findings."""
npx = _find_npx()
if not npx:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'npx not found on PATH — cannot run biome for JS/TS linting',
'detail': '',
'action': 'Install Node.js 20+: https://nodejs.org/',
}]
rc, stdout, stderr = _run_command([
npx, '--yes', '@biomejs/biome', 'lint', '--reporter', 'json', str(filepath),
], timeout=60)
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run biome via npx: {stderr.strip()}',
'detail': '',
'action': 'Ensure npx can run biome: npx @biomejs/biome --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'biome timed out on {rel_path}',
'detail': '',
'action': '',
}]
findings = []
# biome outputs JSON on stdout
raw = stdout.strip()
try:
result = json.loads(raw) if raw else {}
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse biome output for {rel_path}',
'detail': '',
'action': '',
}]
for diag in result.get('diagnostics', []):
loc = diag.get('location', {})
start = loc.get('start', {})
findings.append({
'file': rel_path,
'line': start.get('line', 0),
'severity': 'high',
'category': 'lint',
'title': f'[{diag.get("category", "?")}] {diag.get("message", "")}',
'detail': '',
'action': diag.get('advices', [{}])[0].get('message', '') if diag.get('advices') else '',
})
return findings
# =============================================================================
# BMad Pattern Checks (Existing)
# =============================================================================
def scan_python_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a Python script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# PEP 723 check
if '# /// script' not in content:
# Only flag if the script has imports (not a trivial script)
if 'import ' in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'dependencies',
'title': 'No PEP 723 inline dependency block (# /// script)',
'detail': '',
'action': 'Add PEP 723 block with requires-python and dependencies',
})
else:
# Check requires-python is present
if 'requires-python' not in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'dependencies',
'title': 'PEP 723 block exists but missing requires-python constraint',
'detail': '',
'action': 'Add requires-python = ">=3.9" or appropriate version',
})
# requirements.txt reference
if 'requirements.txt' in content or 'pip install' in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'high', 'category': 'dependencies',
'title': 'References requirements.txt or pip install — use PEP 723 inline deps',
'detail': '',
'action': 'Replace with PEP 723 inline dependency block',
})
# Agentic design checks via AST
try:
tree = ast.parse(content)
except SyntaxError:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'critical', 'category': 'error-handling',
'title': 'Python syntax error — script cannot be parsed',
'detail': '',
'action': '',
})
return findings
has_argparse = False
has_json_dumps = False
has_sys_exit = False
imports = set()
for node in ast.walk(tree):
# Track imports
if isinstance(node, ast.Import):
for alias in node.names:
imports.add(alias.name)
elif isinstance(node, ast.ImportFrom):
if node.module:
imports.add(node.module)
# input() calls
if isinstance(node, ast.Call):
func = node.func
if isinstance(func, ast.Name) and func.id == 'input':
findings.append({
'file': rel_path, 'line': node.lineno,
'severity': 'critical', 'category': 'agentic-design',
'title': 'input() call found — blocks in non-interactive agent execution',
'detail': '',
'action': 'Use argparse with required flags instead of interactive prompts',
})
# json.dumps
if isinstance(func, ast.Attribute) and func.attr == 'dumps':
has_json_dumps = True
# sys.exit
if isinstance(func, ast.Attribute) and func.attr == 'exit':
has_sys_exit = True
if isinstance(func, ast.Name) and func.id == 'exit':
has_sys_exit = True
# argparse
if isinstance(node, ast.Attribute) and node.attr == 'ArgumentParser':
has_argparse = True
if not has_argparse and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'agentic-design',
'title': 'No argparse found — script lacks --help self-documentation',
'detail': '',
'action': 'Add argparse with description and argument help text',
})
if not has_json_dumps and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'agentic-design',
'title': 'No json.dumps found — output may not be structured JSON',
'detail': '',
'action': 'Use json.dumps for structured output parseable by workflows',
})
if not has_sys_exit and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'agentic-design',
'title': 'No sys.exit() calls — may not return meaningful exit codes',
'detail': '',
'action': 'Return 0=success, 1=fail, 2=error via sys.exit()',
})
# Over-engineering: simple file ops in Python
simple_op_imports = {'shutil', 'glob', 'fnmatch'}
over_eng = imports & simple_op_imports
if over_eng and line_count < 30:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'over-engineered',
'title': f'Short script ({line_count} lines) imports {", ".join(over_eng)} — may be simpler as bash',
'detail': '',
'action': 'Consider if cp/mv/find shell commands would suffice',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
def scan_shell_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a shell script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# Shebang
if not lines[0].startswith('#!'):
findings.append({
'file': rel_path, 'line': 1,
'severity': 'high', 'category': 'portability',
'title': 'Missing shebang line',
'detail': '',
'action': 'Add #!/usr/bin/env bash or #!/usr/bin/env sh',
})
elif '/usr/bin/env' not in lines[0]:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'portability',
'title': f'Shebang uses hardcoded path: {lines[0].strip()}',
'detail': '',
'action': 'Use #!/usr/bin/env bash for cross-platform compatibility',
})
# set -e
if 'set -e' not in content and 'set -euo' not in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'error-handling',
'title': 'Missing set -e — errors will be silently ignored',
'detail': '',
'action': 'Add set -e (or set -euo pipefail) near the top',
})
# Hardcoded interpreter paths
hardcoded_re = re.compile(r'/usr/bin/(python|ruby|node|perl)\b')
for i, line in enumerate(lines, 1):
if hardcoded_re.search(line):
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'portability',
'title': f'Hardcoded interpreter path: {line.strip()}',
'detail': '',
'action': 'Use /usr/bin/env or PATH-based lookup',
})
# GNU-only tools
gnu_re = re.compile(r'\b(gsed|gawk|ggrep|gfind)\b')
for i, line in enumerate(lines, 1):
m = gnu_re.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'portability',
'title': f'GNU-only tool: {m.group()} — not available on all platforms',
'detail': '',
'action': 'Use POSIX-compatible equivalent',
})
# Unquoted variables (basic check)
unquoted_re = re.compile(r'(?<!")\$\w+(?!")')
for i, line in enumerate(lines, 1):
if line.strip().startswith('#'):
continue
for m in unquoted_re.finditer(line):
# Skip inside double-quoted strings (rough heuristic)
before = line[:m.start()]
if before.count('"') % 2 == 1:
continue
findings.append({
'file': rel_path, 'line': i,
'severity': 'low', 'category': 'portability',
'title': f'Potentially unquoted variable: {m.group()} — breaks with spaces in paths',
'detail': '',
'action': f'Use "{m.group()}" with double quotes',
})
# npx/uvx without version pinning
no_pin_re = re.compile(r'\b(npx|uvx)\s+([a-zA-Z][\w-]+)(?!\S*@)')
for i, line in enumerate(lines, 1):
if line.strip().startswith('#'):
continue
m = no_pin_re.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'dependencies',
'title': f'{m.group(1)} {m.group(2)} without version pinning',
'detail': '',
'action': f'Pin version: {m.group(1)} {m.group(2)}@<version>',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
def scan_node_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a JS/TS script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# npx/uvx without version pinning
no_pin = re.compile(r'\b(npx|uvx)\s+([a-zA-Z][\w-]+)(?!\S*@)')
for i, line in enumerate(lines, 1):
m = no_pin.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'dependencies',
'title': f'{m.group(1)} {m.group(2)} without version pinning',
'detail': '',
'action': f'Pin version: {m.group(1)} {m.group(2)}@<version>',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
# =============================================================================
# Main Scanner
# =============================================================================
def scan_skill_scripts(skill_path: Path) -> dict:
"""Scan all scripts in a skill directory."""
scripts_dir = skill_path / 'scripts'
all_findings = []
lint_findings = []
script_inventory = {'python': [], 'shell': [], 'node': [], 'other': []}
missing_tests = []
if not scripts_dir.exists():
return {
'scanner': 'scripts',
'script': 'scan-scripts.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'pass',
'findings': [{
'file': 'scripts/',
'severity': 'info',
'category': 'none',
'title': 'No scripts/ directory found — nothing to scan',
'detail': '',
'action': '',
}],
'assessments': {
'lint_summary': {
'tools_used': [],
'files_linted': 0,
'lint_issues': 0,
},
'script_summary': {
'total_scripts': 0,
'by_type': script_inventory,
'missing_tests': [],
},
},
'summary': {
'total_findings': 0,
'by_severity': {'critical': 0, 'high': 0, 'medium': 0, 'low': 0},
'assessment': '',
},
}
# Find all script files (exclude tests/ and __pycache__)
script_files = []
for f in sorted(scripts_dir.iterdir()):
if f.is_file() and f.suffix in ('.py', '.sh', '.bash', '.js', '.ts', '.mjs'):
script_files.append(f)
tests_dir = scripts_dir / 'tests'
lint_tools_used = set()
for script_file in script_files:
rel_path = f'scripts/{script_file.name}'
ext = script_file.suffix
if ext == '.py':
script_inventory['python'].append(script_file.name)
findings = scan_python_script(script_file, rel_path)
lf = lint_python_ruff(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('ruff')
elif ext in ('.sh', '.bash'):
script_inventory['shell'].append(script_file.name)
findings = scan_shell_script(script_file, rel_path)
lf = lint_shell_shellcheck(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('shellcheck')
elif ext in ('.js', '.ts', '.mjs'):
script_inventory['node'].append(script_file.name)
findings = scan_node_script(script_file, rel_path)
lf = lint_node_biome(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('biome')
else:
script_inventory['other'].append(script_file.name)
findings = []
# Check for unit tests
if tests_dir.exists():
stem = script_file.stem
test_patterns = [
f'test_{stem}{ext}', f'test-{stem}{ext}',
f'{stem}_test{ext}', f'{stem}-test{ext}',
f'test_{stem}.py', f'test-{stem}.py',
]
has_test = any((tests_dir / t).exists() for t in test_patterns)
else:
has_test = False
if not has_test:
missing_tests.append(script_file.name)
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'tests',
'title': f'No unit test found for {script_file.name}',
'detail': '',
'action': f'Create scripts/tests/test-{script_file.stem}{ext} with test cases',
})
all_findings.extend(findings)
# Check if tests/ directory exists at all
if script_files and not tests_dir.exists():
all_findings.append({
'file': 'scripts/tests/',
'line': 0,
'severity': 'high',
'category': 'tests',
'title': 'scripts/tests/ directory does not exist — no unit tests',
'detail': '',
'action': 'Create scripts/tests/ with test files for each script',
})
# Merge lint findings into all findings
all_findings.extend(lint_findings)
# Build summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
by_category: dict[str, int] = {}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
cat = f['category']
by_category[cat] = by_category.get(cat, 0) + 1
total_scripts = sum(len(v) for v in script_inventory.values())
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0:
status = 'warning'
elif total_scripts == 0:
status = 'pass'
lint_issue_count = sum(1 for f in lint_findings if f['category'] == 'lint')
return {
'scanner': 'scripts',
'script': 'scan-scripts.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'findings': all_findings,
'assessments': {
'lint_summary': {
'tools_used': sorted(lint_tools_used),
'files_linted': total_scripts,
'lint_issues': lint_issue_count,
},
'script_summary': {
'total_scripts': total_scripts,
'by_type': {k: len(v) for k, v in script_inventory.items()},
'scripts': {k: v for k, v in script_inventory.items() if v},
'missing_tests': missing_tests,
},
},
'summary': {
'total_findings': len(all_findings),
'by_severity': by_severity,
'by_category': by_category,
'assessment': '',
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Scan BMad skill scripts for quality, portability, agentic design, and lint issues',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_skill_scripts(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())