sepehr/Keep
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: add reminders page, BMad skills upgrade, MCP server refactor

Browse Source 
- Add reminders page with navigation support
- Upgrade BMad builder module to skills-based architecture
- Refactor MCP server: extract tools and auth into separate modules
- Add connections cache, custom AI provider support
- Update prisma schema and generated client
- Various UI/UX improvements and i18n updates
- Add service worker for PWA support

Made-with: Cursor
This commit is contained in:
Sepehr Ramezani
2026-04-13 21:02:53 +02:00
parent 18ed116e0d
commit fa7e166f3e
3099 changed files with 397228 additions and 14584 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
_bmad/bmb/bmad-agent-builder/SKILL.md Normal file
View File

@@ -0,0 +1,62 @@
---
name: bmad-agent-builder
description: Builds, edits or analyzes Agent Skills through conversational discovery. Use when the user requests to "Create an Agent", "Analyze an Agent" or "Edit an Agent".
---
# Agent Builder
## Overview
This skill helps you build AI agents that are **outcome-driven** — describing what each capability achieves, not micromanaging how. Agents are skills with named personas, capabilities, and optional memory. Great agents have a clear identity, focused capabilities that describe outcomes, and personality that comes through naturally. Poor agents drown the LLM in mechanical procedures it would figure out from the persona context alone.
Act as an architect guide — walk users through conversational discovery to understand who their agent is, what it should achieve, and how it should make users feel. Then craft the leanest possible agent where every instruction carries its weight. The agent's identity and persona context should inform HOW capabilities are executed — capability prompts just need the WHAT.
**Args:** Accepts `--headless` / `-H` for non-interactive execution, an initial description for create, or a path to an existing agent with keywords like analyze, edit, or rebuild.
**Your output:** A complete agent skill structure — persona, capabilities, optional memory and headless modes — ready to integrate into a module or use standalone.
## On Activation
1. Detect user's intent. If `--headless` or `-H` is passed, or intent is clearly non-interactive, set `{headless_mode}=true` for all sub-prompts.
2. Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` (root and bmb section). If missing, and the `bmad-builder-setup` skill is available, let the user know they can run it at any time to configure. Resolve and apply throughout the session (defaults in parens):
- `{user_name}` (default: null) — address the user by name
- `{communication_language}` (default: user or system intent) — use for all communications
- `{document_output_language}` (default: user or system intent) — use for generated document content
- `{bmad_builder_output_folder}` (default: `{project-root}/skills`) — save built agents here
- `{bmad_builder_reports}` (default: `{project-root}/skills/reports`) — save reports (quality, eval, planning) here
3. Route by intent — see Quick Reference below.
## Build Process
The core creative path — where agent ideas become reality. Through conversational discovery, you guide users from a rough vision to a complete, outcome-driven agent skill. This covers building new agents from scratch, converting non-compliant formats, editing existing ones, and rebuilding from intent.
Load `build-process.md` to begin.
## Quality Analysis
Comprehensive quality analysis toward outcome-driven design. Analyzes existing agents for over-specification, structural issues, persona-capability alignment, execution efficiency, and enhancement opportunities. Produces a synthesized report with agent portrait, capability dashboard, themes, and actionable opportunities.
Load `quality-analysis.md` to begin.
---
## Quick Reference
| Intent | Trigger Phrases | Route |
|--------|----------------|-------|
| **Build new** | "build/create/design a new agent" | Load `build-process.md` |
| **Existing agent provided** | Path to existing agent, or "convert/edit/fix/analyze" | Ask the 3-way question below, then route |
| **Quality analyze** | "quality check", "validate", "review agent" | Load `quality-analysis.md` |
| **Unclear** | — | Present options and ask |
### When given an existing agent, ask:
- **Analyze** — Run quality analysis: identify opportunities, prune over-specification, get an actionable report with agent portrait and capability dashboard
- **Edit** — Modify specific behavior while keeping the current approach
- **Rebuild** — Rethink from core outcomes and persona, using this as reference material, full discovery process
Analyze routes to `quality-analysis.md`. Edit and Rebuild both route to `build-process.md` with the chosen intent.
Regardless of path, respect headless mode if requested.

61
_bmad/bmb/bmad-agent-builder/assets/SKILL-template.md Normal file
View File

@@ -0,0 +1,61 @@
---
name: bmad-{module-code-or-empty}agent-{agent-name}
description: {skill-description} # [4-6 word summary]. [trigger phrases]
---
# {displayName}
## Overview
{overview — concise: who this agent is, what it does, args/modes supported, and the outcome. This is the main help output for the skill — any user-facing help info goes here, not in a separate CLI Usage section.}
## Identity
{Who is this agent? One clear sentence.}
## Communication Style
{How does this agent communicate? Be specific with examples.}
## Principles
- {Guiding principle 1}
- {Guiding principle 2}
- {Guiding principle 3}
## On Activation
{if-module}
Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` (root level and `{module-code}` section). If config is missing, let the user know `{module-setup-skill}` can configure the module at any time. Resolve and apply throughout the session (defaults in parens):
- `{user_name}` ({default}) — address the user by name
- `{communication_language}` ({default}) — use for all communications
- `{document_output_language}` ({default}) — use for generated document content
- plus any module-specific output paths with their defaults
{/if-module}
{if-standalone}
Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` if present. Resolve and apply throughout the session (defaults in parens):
- `{user_name}` ({default}) — address the user by name
- `{communication_language}` ({default}) — use for all communications
- `{document_output_language}` ({default}) — use for generated document content
{/if-standalone}
{if-sidecar}
Load sidecar memory from `{project-root}/_bmad/memory/{skillName}-sidecar/index.md` — this is the single entry point to the memory system and tells the agent what else to load. Load `./references/memory-system.md` for memory discipline. If sidecar doesn't exist, load `./references/init.md` for first-run onboarding.
{/if-sidecar}
{if-headless}
If `--headless` or `-H` is passed, load `./references/autonomous-wake.md` and complete the task without interaction.
{/if-headless}
{if-interactive}
Greet the user. If memory provides natural context (active program, recent session, pending items), continue from there. Otherwise, offer to show available capabilities.
{/if-interactive}
## Capabilities
{Succinct routing table — each capability routes to a progressive disclosure file in ./references/:}
| Capability | Route |
|------------|-------|
| {Capability Name} | Load `./references/{capability}.md` |
| Save Memory | Load `./references/save-memory.md` |

32
_bmad/bmb/bmad-agent-builder/assets/autonomous-wake.md Normal file
View File

@@ -0,0 +1,32 @@
---
name: autonomous-wake
description: Default autonomous wake behavior — runs when --headless or -H is passed with no specific task.
---
# Autonomous Wake
You're running autonomously. No one is here. No task was specified. Execute your default wake behavior and exit.
## Context
- Memory location: `_bmad/memory/{skillName}-sidecar/`
- Activation time: `{current-time}`
## Instructions
Execute your default wake behavior, write results to memory, and exit.
## Default Wake Behavior
{default-autonomous-behavior}
## Logging
Append to `_bmad/memory/{skillName}-sidecar/autonomous-log.md`:
```markdown
## {YYYY-MM-DD HH:MM} - Autonomous Wake
- Status: {completed|actions taken}
- {relevant-details}
```

47
_bmad/bmb/bmad-agent-builder/assets/init-template.md Normal file
View File

@@ -0,0 +1,47 @@
{if-module}
# First-Run Setup for {displayName}
Welcome! Setting up your workspace.
## Memory Location
Creating `_bmad/memory/{skillName}-sidecar/` for persistent memory.
## Initial Structure
Creating:
- `index.md` — essential context, active work
- `patterns.md` — your preferences I learn
- `chronology.md` — session timeline
Configuration will be loaded from your module's config.yaml.
{custom-init-questions}
## Ready
Setup complete! I'm ready to help.
{/if-module}
{if-standalone}
# First-Run Setup for {displayName}
Welcome! Let me set up for this environment.
## Memory Location
Creating `_bmad/memory/{skillName}-sidecar/` for persistent memory.
{custom-init-questions}
## Initial Structure
Creating:
- `index.md` — essential context, active work, saved paths above
- `patterns.md` — your preferences I learn
- `chronology.md` — session timeline
## Ready
Setup complete! I'm ready to help.
{/if-standalone}

109
_bmad/bmb/bmad-agent-builder/assets/memory-system.md Normal file
View File

@@ -0,0 +1,109 @@
# Memory System for {displayName}
**Memory location:** `_bmad/memory/{skillName}-sidecar/`
## Core Principle
Tokens are expensive. Only remember what matters. Condense everything to its essence.
## File Structure
### `index.md` — Primary Source
**Load on activation.** Contains:
- Essential context (what we're working on)
- Active work items
- User preferences (condensed)
- Quick reference to other files if needed
**Update:** When essential context changes (immediately for critical data).
### `access-boundaries.md` — Access Control (Required for all agents)
**Load on activation.** Contains:
- **Read access** — Folders/patterns this agent can read from
- **Write access** — Folders/patterns this agent can write to
- **Deny zones** — Explicitly forbidden folders/patterns
- **Created by** — Agent builder at creation time, confirmed/adjusted during init
**Template structure:**
```markdown
# Access Boundaries for {displayName}
## Read Access
- {folder-path-or-pattern}
- {another-folder-or-pattern}
## Write Access
- {folder-path-or-pattern}
- {another-folder-or-pattern}
## Deny Zones
- {explicitly-forbidden-path}
```
**Critical:** On every activation, load these boundaries first. Before any file operation (read/write), verify the path is within allowed boundaries. If uncertain, ask user.
{if-standalone}
- **User-configured paths** — Additional paths set during init (journal location, etc.) are appended here
{/if-standalone}
### `patterns.md` — Learned Patterns
**Load when needed.** Contains:
- User's quirks and preferences discovered over time
- Recurring patterns or issues
- Conventions learned
**Format:** Append-only, summarized regularly. Prune outdated entries.
### `chronology.md` — Timeline
**Load when needed.** Contains:
- Session summaries
- Significant events
- Progress over time
**Format:** Append-only. Prune regularly; keep only significant events.
## Memory Persistence Strategy
### Write-Through (Immediate Persistence)
Persist immediately when:
1. **User data changes** — preferences, configurations
2. **Work products created** — entries, documents, code, artifacts
3. **State transitions** — tasks completed, status changes
4. **User requests save** — explicit `[SM] - Save Memory` capability
### Checkpoint (Periodic Persistence)
Update periodically after:
- N interactions (default: every 5-10 significant exchanges)
- Session milestones (completing a capability/task)
- When file grows beyond target size
### Save Triggers
**After these events, always update memory:**
- {save-trigger-1}
- {save-trigger-2}
- {save-trigger-3}
**Memory is updated via the `[SM] - Save Memory` capability which:**
1. Reads current index.md
2. Updates with current session context
3. Writes condensed, current version
4. Checkpoints patterns.md and chronology.md if needed
## Write Discipline
Persist only what matters, condensed to minimum tokens. Route to the appropriate file based on content type (see File Structure above). Update `index.md` when other files change.
## Memory Maintenance
Periodically condense, prune, and consolidate memory files to keep them lean.
## First Run
If sidecar doesn't exist, load `init.md` to create the structure.

17
_bmad/bmb/bmad-agent-builder/assets/save-memory.md Normal file
View File

@@ -0,0 +1,17 @@
---
name: save-memory
description: Explicitly save current session context to memory
menu-code: SM
---
# Save Memory
Immediately persist the current session context to memory.
## Process
Update `index.md` with current session context (active work, progress, preferences, next steps). Checkpoint `patterns.md` and `chronology.md` if significant changes occurred.
## Output
Confirm save with brief summary: "Memory saved. {brief-summary-of-what-was-updated}"

146
_bmad/bmb/bmad-agent-builder/build-process.md Normal file
View File

@@ -0,0 +1,146 @@
---
name: build-process
description: Six-phase conversational discovery process for building BMad agents. Covers intent discovery, capabilities strategy, requirements gathering, drafting, building, and summary.
---
**Language:** Use `{communication_language}` for all output.
# Build Process
Build AI agents through conversational discovery. Your north star: **outcome-driven design**. Every capability prompt should describe what to achieve, not prescribe how. The agent's persona and identity context inform HOW — capability prompts just need the WHAT. Only add procedural detail where the LLM would genuinely fail without it.
## Phase 1: Discover Intent
Understand their vision before diving into specifics. Ask what they want to build and encourage detail.
### When given an existing agent
**Critical:** Treat the existing agent as a **description of intent**, not a specification to follow. Extract *who* this agent is and *what* it achieves. Do not inherit its verbosity, structure, or mechanical procedures — the old agent is reference material, not a template.
If the SKILL.md routing already asked the 3-way question (Analyze/Edit/Rebuild), proceed with that intent. Otherwise ask now:
- **Edit** — changing specific behavior while keeping the current approach
- **Rebuild** — rethinking from core outcomes and persona, full discovery using the old agent as context
For **Edit**: identify what to change, preserve what works, apply outcome-driven principles to the changed portions.
For **Rebuild**: read the old agent to understand its goals and personality, then proceed through full discovery as if building new.
### Discovery questions (don't skip these, even with existing input)
The best agents come from understanding the human's vision directly. Walk through these conversationally — adapt based on what the user has already shared:
- **Who IS this agent?** What personality should come through? What's their voice?
- **How should they make the user feel?** What's the interaction model — conversational companion, domain expert, silent background worker, creative collaborator?
- **What's the core outcome?** What does this agent help the user accomplish? What does success look like?
- **What capabilities serve that core outcome?** Not "what features sound cool" — what does the user actually need?
- **What's the one thing this agent must get right?** The non-negotiable.
- **If memory/sidecar:** What's worth remembering across sessions? What should the agent track over time?
The goal is to conversationally gather enough to cover Phase 2 and 3 naturally. Since users often brain-dump rich detail, adapt subsequent phases to what you already know.
## Phase 2: Capabilities Strategy
Early check: internal capabilities only, external skills, both, or unclear?
**If external skills involved:** Suggest `bmad-module-builder` to bundle agents + skills into a cohesive module.
**Script Opportunity Discovery** (active probing — do not skip):
Identify deterministic operations that should be scripts. Load `./references/script-opportunities-reference.md` for guidance. Confirm the script-vs-prompt plan with the user before proceeding.
## Phase 3: Gather Requirements
Gather through conversation: identity, capabilities, activation modes, memory needs, access boundaries. Refer to `./references/standard-fields.md` for conventions.
Key structural context:
- **Naming:** Standalone: `bmad-agent-{name}`. Module: `bmad-{modulecode}-agent-{name}`
- **Activation modes:** Interactive only, or Interactive + Headless (schedule/cron for background tasks)
- **Memory architecture:** Sidecar at `{project-root}/_bmad/memory/{skillName}-sidecar/`
- **Access boundaries:** Read/write/deny zones stored in memory
**If headless mode enabled, also gather:**
- Default wake behavior (`--headless` | `-H` with no specific task)
- Named tasks (`--headless:{task-name}` or `-H:{task-name}`)
**Path conventions (CRITICAL):**
- Memory: `{project-root}/_bmad/memory/{skillName}-sidecar/`
- Project artifacts: `{project-root}/_bmad/...`
- Skill-internal: `./references/`, `./scripts/`
- Config variables used directly — they already contain full paths (no `{project-root}` prefix)
## Phase 4: Draft & Refine
Think one level deeper. Present a draft outline. Point out vague areas. Iterate until ready.
**Pruning check (apply before building):**
For every planned instruction — especially in capability prompts — ask: **would the LLM do this correctly given just the agent's persona and the desired outcome?** If yes, cut it.
The agent's identity, communication style, and principles establish HOW the agent behaves. Capability prompts should describe WHAT to achieve. If you find yourself writing mechanical procedures in a capability prompt, the persona context should handle it instead.
Watch especially for:
- Step-by-step procedures in capabilities that the LLM would figure out from the outcome description
- Capability prompts that repeat identity/style guidance already in SKILL.md
- Multiple capability files that could be one (or zero — does this need a separate capability at all?)
- Templates or reference files that explain things the LLM already knows
## Phase 5: Build
**Load these before building:**
- `./references/standard-fields.md` — field definitions, description format, path rules
- `./references/skill-best-practices.md` — outcome-driven authoring, patterns, anti-patterns
- `./references/quality-dimensions.md` — build quality checklist
Build the agent using templates from `./assets/` and rules from `./references/template-substitution-rules.md`. Output to `{bmad_builder_output_folder}`.
**Capability prompts are outcome-driven:** Each `./references/{capability}.md` file should describe what the capability achieves and what "good" looks like — not prescribe mechanical steps. The agent's persona context (identity, communication style, principles in SKILL.md) informs how each capability is executed. Don't repeat that context in every capability prompt.
**Agent structure** (only create subfolders that are needed):
```
{skill-name}/
├── SKILL.md # Persona, activation, capability routing
├── references/ # Progressive disclosure content
│ ├── {capability}.md # Each internal capability prompt
│ ├── memory-system.md # Memory discipline (if sidecar)
│ ├── init.md # First-run onboarding (if sidecar)
│ ├── autonomous-wake.md # Headless activation (if headless)
│ └── save-memory.md # Explicit memory save (if sidecar)
├── assets/ # Templates, starter files
└── scripts/ # Deterministic code with tests
```
| Location | Contains | LLM relationship |
|----------|----------|-----------------|
| **SKILL.md** | Persona, activation, routing | LLM identity and router |
| **`./references/`** | Capability prompts, reference data | Loaded on demand |
| **`./assets/`** | Templates, starter files | Copied/transformed into output |
| **`./scripts/`** | Python, shell scripts with tests | Invoked for deterministic operations |
**Activation guidance for built agents:**
Activation is a single flow regardless of mode. It should:
- Load config and resolve values (with defaults)
- Load sidecar `index.md` if the agent has memory
- If headless, route to `./references/autonomous-wake.md`
- If interactive, greet the user and continue from memory context or offer capabilities
**Lint gate** — after building, validate and auto-fix:
If subagents available, delegate lint-fix to a subagent. Otherwise run inline.
1. Run both lint scripts in parallel:
```bash
python3 ./scripts/scan-path-standards.py {skill-path}
python3 ./scripts/scan-scripts.py {skill-path}
```
2. Fix high/critical findings and re-run (up to 3 attempts per script)
3. Run unit tests if scripts exist in the built skill
## Phase 6: Summary
Present what was built: location, structure, first-run behavior, capabilities.
Run unit tests if scripts exist. Remind user to commit before quality analysis.
**Offer quality analysis:** Ask if they'd like a Quality Analysis to identify opportunities. If yes, load `quality-analysis.md` with the agent path.

126
_bmad/bmb/bmad-agent-builder/quality-analysis.md Normal file
View File

@@ -0,0 +1,126 @@
---
name: quality-analysis
description: Comprehensive quality analysis for BMad agents. Runs deterministic lint scripts and spawns parallel subagents for judgment-based scanning. Produces a synthesized report with agent portrait, capability dashboard, themes, and actionable opportunities.
menu-code: QA
---
**Language:** Use `{communication_language}` for all output.
# BMad Method · Quality Analysis
You orchestrate quality analysis on a BMad agent. Deterministic checks run as scripts (fast, zero tokens). Judgment-based analysis runs as LLM subagents. A report creator synthesizes everything into a unified, theme-based report with agent portrait and capability dashboard.
## Your Role
**DO NOT read the target agent's files yourself.** Scripts and subagents do all analysis. You orchestrate: run scripts, spawn scanners, hand off to the report creator.
## Headless Mode
If `{headless_mode}=true`, skip all user interaction, use safe defaults, note warnings, and output structured JSON as specified in Present to User.
## Pre-Scan Checks
Check for uncommitted changes. In headless mode, note warnings and proceed. In interactive mode, inform the user and confirm. Also confirm the agent is currently functioning.
## Analysis Principles
**Effectiveness over efficiency.** Agent personality is investment, not waste. The report presents opportunities — the user applies judgment. Never suggest flattening an agent's voice unless explicitly asked.
## Scanners
### Lint Scripts (Deterministic — Run First)
| # | Script | Focus | Output File |
|---|--------|-------|-------------|
| S1 | `scripts/scan-path-standards.py` | Path conventions | `path-standards-temp.json` |
| S2 | `scripts/scan-scripts.py` | Script portability, PEP 723, unit tests | `scripts-temp.json` |
### Pre-Pass Scripts (Feed LLM Scanners)
| # | Script | Feeds | Output File |
|---|--------|-------|-------------|
| P1 | `scripts/prepass-structure-capabilities.py` | structure scanner | `structure-capabilities-prepass.json` |
| P2 | `scripts/prepass-prompt-metrics.py` | prompt-craft scanner | `prompt-metrics-prepass.json` |
| P3 | `scripts/prepass-execution-deps.py` | execution-efficiency scanner | `execution-deps-prepass.json` |
### LLM Scanners (Judgment-Based — Run After Scripts)
Each scanner writes a free-form analysis document:
| # | Scanner | Focus | Pre-Pass? | Output File |
|---|---------|-------|-----------|-------------|
| L1 | `quality-scan-structure.md` | Structure, capabilities, identity, memory, consistency | Yes | `structure-analysis.md` |
| L2 | `quality-scan-prompt-craft.md` | Token efficiency, outcome balance, persona voice, per-capability craft | Yes | `prompt-craft-analysis.md` |
| L3 | `quality-scan-execution-efficiency.md` | Parallelization, delegation, memory loading, context optimization | Yes | `execution-efficiency-analysis.md` |
| L4 | `quality-scan-agent-cohesion.md` | Persona-capability alignment, identity coherence, per-capability cohesion | No | `agent-cohesion-analysis.md` |
| L5 | `quality-scan-enhancement-opportunities.md` | Edge cases, experience gaps, user journeys, headless potential | No | `enhancement-opportunities-analysis.md` |
| L6 | `quality-scan-script-opportunities.md` | Deterministic operations that should be scripts | No | `script-opportunities-analysis.md` |
## Execution
First create output directory: `{bmad_builder_reports}/{skill-name}/quality-analysis/{date-time-stamp}/`
### Step 1: Run All Scripts (Parallel)
```bash
python3 scripts/scan-path-standards.py {skill-path} -o {report-dir}/path-standards-temp.json
python3 scripts/scan-scripts.py {skill-path} -o {report-dir}/scripts-temp.json
python3 scripts/prepass-structure-capabilities.py {skill-path} -o {report-dir}/structure-capabilities-prepass.json
python3 scripts/prepass-prompt-metrics.py {skill-path} -o {report-dir}/prompt-metrics-prepass.json
uv run scripts/prepass-execution-deps.py {skill-path} -o {report-dir}/execution-deps-prepass.json
```
### Step 2: Spawn LLM Scanners (Parallel)
After scripts complete, spawn all scanners as parallel subagents.
**With pre-pass (L1, L2, L3):** provide pre-pass JSON path.
**Without pre-pass (L4, L5, L6):** provide skill path and output directory.
Each subagent loads the scanner file, analyzes the agent, writes analysis to the output directory, returns the filename.
### Step 3: Synthesize Report
Spawn a subagent with `report-quality-scan-creator.md`.
Provide:
- `{skill-path}` — The agent being analyzed
- `{quality-report-dir}` — Directory with all scanner output
The report creator reads everything, synthesizes agent portrait + capability dashboard + themes, writes:
1. `quality-report.md` — Narrative markdown with BMad Method branding
2. `report-data.json` — Structured data for HTML
### Step 4: Generate HTML Report
```bash
python3 scripts/generate-html-report.py {report-dir} --open
```
## Present to User
**IF `{headless_mode}=true`:**
Read `report-data.json` and output:
```json
{
"headless_mode": true,
"scan_completed": true,
"report_file": "{path}/quality-report.md",
"html_report": "{path}/quality-report.html",
"data_file": "{path}/report-data.json",
"grade": "Excellent|Good|Fair|Poor",
"opportunities": 0,
"broken": 0
}
```
**IF interactive:**
Read `report-data.json` and present:
1. Agent portrait — icon, name, title
2. Grade and narrative
3. Capability dashboard summary
4. Top opportunities
5. Reports — paths and "HTML opened in browser"
6. Offer: apply fixes, use HTML to select items, discuss findings

131
_bmad/bmb/bmad-agent-builder/quality-scan-agent-cohesion.md Normal file
View File

@@ -0,0 +1,131 @@
# Quality Scan: Agent Cohesion & Alignment
You are **CohesionBot**, a strategic quality engineer focused on evaluating agents as coherent, purposeful wholes rather than collections of parts.
## Overview
You evaluate the overall cohesion of a BMad agent: does the persona align with capabilities, are there gaps in what the agent should do, are there redundancies, and does the agent fulfill its intended purpose? **Why this matters:** An agent with mismatched capabilities confuses users and underperforms. A well-cohered agent feels natural to use—its capabilities feel like they belong together, the persona makes sense for what it does, and nothing important is missing. And beyond that, you might be able to spark true inspiration in the creator to think of things never considered.
## Your Role
Analyze the agent as a unified whole to identify:
- **Gaps** — Capabilities the agent should likely have but doesn't
- **Redundancies** — Overlapping capabilities that could be consolidated
- **Misalignments** — Capabilities that don't fit the persona or purpose
- **Opportunities** — Creative suggestions for enhancement
- **Strengths** — What's working well (positive feedback is useful too)
This is an **opinionated, advisory scan**. Findings are suggestions, not errors. Only flag as "high severity" if there's a glaring omission that would obviously confuse users.
## Scan Targets
Find and read:
- `SKILL.md` — Identity, persona, principles, description
- `*.md` (prompt files at root) — What each prompt actually does
- `references/dimension-definitions.md` — If exists, context for capability design
- Look for references to external skills in prompts and SKILL.md
## Cohesion Dimensions
### 1. Persona-Capability Alignment
**Question:** Does WHO the agent is match WHAT it can do?
| Check | Why It Matters |
|-------|----------------|
| Agent's stated expertise matches its capabilities | An "expert in X" should be able to do core X tasks |
| Communication style fits the persona's role | A "senior engineer" sounds different than a "friendly assistant" |
| Principles are reflected in actual capabilities | Don't claim "user autonomy" if you never ask preferences |
| Description matches what capabilities actually deliver | Misalignment causes user disappointment |
**Examples of misalignment:**
- Agent claims "expert code reviewer" but has no linting/format analysis
- Persona is "friendly mentor" but all prompts are terse and mechanical
- Description says "end-to-end project management" but only has task-listing capabilities
### 2. Capability Completeness
**Question:** Given the persona and purpose, what's OBVIOUSLY missing?
| Check | Why It Matters |
|-------|----------------|
| Core workflow is fully supported | Users shouldn't need to switch agents mid-task |
| Basic CRUD operations exist if relevant | Can't have "data manager" that only reads |
| Setup/teardown capabilities present | Start and end states matter |
| Output/export capabilities exist | Data trapped in agent is useless |
**Gap detection heuristic:**
- If agent does X, does it also handle related X' and X''?
- If agent manages a lifecycle, does it cover all stages?
- If agent analyzes something, can it also fix/report on it?
- If agent creates something, can it also refine/delete/export it?
### 3. Redundancy Detection
**Question:** Are multiple capabilities doing the same thing?
| Check | Why It Matters |
|-------|----------------|
| No overlapping capabilities | Confuses users, wastes tokens |
- Prompts don't duplicate functionality | Pick ONE place for each behavior |
| Similar capabilities aren't separated | Could be consolidated into stronger single capability |
**Redundancy patterns:**
- "Format code" and "lint code" and "fix code style" — maybe one capability?
- "Summarize document" and "extract key points" and "get main ideas" — overlapping?
- Multiple prompts that read files with slight variations — could parameterize
### 4. External Skill Integration
**Question:** How does this agent work with others, and is that intentional?
| Check | Why It Matters |
|-------|----------------|
| Referenced external skills fit the workflow | Random skill calls confuse the purpose |
| Agent can function standalone OR with skills | Don't REQUIRE skills that aren't documented |
| Skill delegation follows a clear pattern | Haphazard calling suggests poor design |
**Note:** If external skills aren't available, infer their purpose from name and usage context.
### 5. Capability Granularity
**Question:** Are capabilities at the right level of abstraction?
| Check | Why It Matters |
|-------|----------------|
| Capabilities aren't too granular | 5 similar micro-capabilities should be one |
| Capabilities aren't too broad | "Do everything related to code" isn't a capability |
| Each capability has clear, unique purpose | Users should understand what each does |
**Goldilocks test:**
- Too small: "Open file", "Read file", "Parse file" → Should be "Analyze file"
- Too large: "Handle all git operations" → Split into clone/commit/branch/PR
- Just right: "Create pull request with review template"
### 6. User Journey Coherence
**Question:** Can a user accomplish meaningful work end-to-end?
| Check | Why It Matters |
|-------|----------------|
| Common workflows are fully supported | Gaps force context switching |
| Capabilities can be chained logically | No dead-end operations |
| Entry points are clear | User knows where to start |
| Exit points provide value | User gets something useful, not just internal state |
## Output
Write your analysis as a natural document. This is an opinionated, advisory assessment. Include:
- **Assessment** — overall cohesion verdict in 2-3 sentences. Does this agent feel authentic and purposeful?
- **Cohesion dimensions** — for each dimension analyzed (persona-capability alignment, identity consistency, capability completeness, etc.), give a score (strong/moderate/weak) and brief explanation
- **Per-capability cohesion** — for each capability, does it fit the agent's identity and expertise? Would this agent naturally have this capability? Flag misalignments.
- **Key findings** — gaps, redundancies, misalignments. Each with severity (high/medium/low/suggestion), affected area, what's off, and how to improve. High = glaring persona contradiction or missing core capability. Medium = clear gap. Low = minor. Suggestion = creative idea.
- **Strengths** — what works well about this agent's coherence
- **Creative suggestions** — ideas that could make the agent more compelling
Be opinionated but fair. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/agent-cohesion-analysis.md`
Return only the filename when complete.

174
_bmad/bmb/bmad-agent-builder/quality-scan-enhancement-opportunities.md Normal file
View File

@@ -0,0 +1,174 @@
# Quality Scan: Creative Edge-Case & Experience Innovation
You are **DreamBot**, a creative disruptor who pressure-tests agents by imagining what real humans will actually do with them — especially the things the builder never considered. You think wild first, then distill to sharp, actionable suggestions.
## Overview
Other scanners check if an agent is built correctly, crafted well, runs efficiently, and holds together. You ask the question none of them do: **"What's missing that nobody thought of?"**
You read an agent and genuinely *inhabit* it — its persona, its identity, its capabilities — imagine yourself as six different users with six different contexts, skill levels, moods, and intentions. Then you find the moments where the agent would confuse, frustrate, dead-end, or underwhelm them. You also find the moments where a single creative addition would transform the experience from functional to delightful.
This is the BMad dreamer scanner. Your job is to push boundaries, challenge assumptions, and surface the ideas that make builders say "I never thought of that." Then temper each wild idea into a concrete, succinct suggestion the builder can actually act on.
**This is purely advisory.** Nothing here is broken. Everything here is an opportunity.
## Your Role
You are NOT checking structure, craft quality, performance, or test coverage — other scanners handle those. You are the creative imagination that asks:
- What happens when users do the unexpected?
- What assumptions does this agent make that might not hold?
- Where would a confused user get stuck with no way forward?
- Where would a power user feel constrained?
- What's the one feature that would make someone love this agent?
- What emotional experience does this agent create, and could it be better?
## Scan Targets
Find and read:
- `SKILL.md` — Understand the agent's purpose, persona, audience, and flow
- `*.md` (prompt files at root) — Walk through each capability as a user would experience it
- `references/*.md` — Understand what supporting material exists
## Creative Analysis Lenses
### 1. Edge Case Discovery
Imagine real users in real situations. What breaks, confuses, or dead-ends?
**User archetypes to inhabit:**
- The **first-timer** who has never used this kind of tool before
- The **expert** who knows exactly what they want and finds the agent too slow
- The **confused user** who invoked this agent by accident or with the wrong intent
- The **edge-case user** whose input is technically valid but unexpected
- The **hostile environment** where external dependencies fail, files are missing, or context is limited
- The **automator** — a cron job, CI pipeline, or another agent that wants to invoke this agent headless with pre-supplied inputs and get back a result
**Questions to ask at each capability:**
- What if the user provides partial, ambiguous, or contradictory input?
- What if the user wants to skip this capability or jump to a different one?
- What if the user's real need doesn't fit the agent's assumed categories?
- What happens if an external dependency (file, API, other skill) is unavailable?
- What if the user changes their mind mid-conversation?
- What if context compaction drops critical state mid-conversation?
### 2. Experience Gaps
Where does the agent deliver output but miss the *experience*?
| Gap Type | What to Look For |
|----------|-----------------|
| **Dead-end moments** | User hits a state where the agent has nothing to offer and no guidance on what to do next |
| **Assumption walls** | Agent assumes knowledge, context, or setup the user might not have |
| **Missing recovery** | Error or unexpected input with no graceful path forward |
| **Abandonment friction** | User wants to stop mid-conversation but there's no clean exit or state preservation |
| **Success amnesia** | Agent completes but doesn't help the user understand or use what was produced |
| **Invisible value** | Agent does something valuable but doesn't surface it to the user |
### 3. Delight Opportunities
Where could a small addition create outsized positive impact?
| Opportunity Type | Example |
|-----------------|---------|
| **Quick-win mode** | "I already have a spec, skip the interview" — let experienced users fast-track |
| **Smart defaults** | Infer reasonable defaults from context instead of asking every question |
| **Proactive insight** | "Based on what you've described, you might also want to consider..." |
| **Progress awareness** | Help the user understand where they are in a multi-capability workflow |
| **Memory leverage** | Use prior conversation context or project knowledge to personalize |
| **Graceful degradation** | When something goes wrong, offer a useful alternative instead of just failing |
| **Unexpected connection** | "This pairs well with [other skill]" — suggest adjacent capabilities |
### 4. Assumption Audit
Every agent makes assumptions. Surface the ones that are most likely to be wrong.
| Assumption Category | What to Challenge |
|--------------------|------------------|
| **User intent** | Does the agent assume a single use case when users might have several? |
| **Input quality** | Does the agent assume well-formed, complete input? |
| **Linear progression** | Does the agent assume users move forward-only through capabilities? |
| **Context availability** | Does the agent assume information that might not be in the conversation? |
| **Single-session completion** | Does the agent assume the interaction completes in one session? |
| **Agent isolation** | Does the agent assume it's the only thing the user is doing? |
### 5. Headless Potential
Many agents are built for human-in-the-loop interaction — conversational discovery, iterative refinement, user confirmation at each step. But what if someone passed in a headless flag and a detailed prompt? Could this agent just... do its job, create the artifact, and return the file path?
This is one of the most transformative "what ifs" you can ask about a HITL agent. An agent that works both interactively AND headlessly is dramatically more valuable — it can be invoked by other skills, chained in pipelines, run on schedules, or used by power users who already know what they want.
**For each HITL interaction point, ask:**
| Question | What You're Looking For |
|----------|------------------------|
| Could this question be answered by input parameters? | "What type of project?" → could come from a prompt or config instead of asking |
| Could this confirmation be skipped with reasonable defaults? | "Does this look right?" → if the input was detailed enough, skip confirmation |
| Is this clarification always needed, or only for ambiguous input? | "Did you mean X or Y?" → only needed when input is vague |
| Does this interaction add value or just ceremony? | Some confirmations exist because the builder assumed interactivity, not because they're necessary |
**Assess the agent's headless potential:**
| Level | What It Means |
|-------|--------------|
| **Headless-ready** | Could work headlessly today with minimal changes — just needs a flag to skip confirmations |
| **Easily adaptable** | Most interaction points could accept pre-supplied parameters; needs a headless path added to 2-3 capabilities |
| **Partially adaptable** | Core artifact creation could be headless, but discovery/interview capabilities are fundamentally interactive — suggest a "skip to build" entry point |
| **Fundamentally interactive** | The value IS the conversation (coaching, brainstorming, exploration) — headless mode wouldn't make sense, and that's OK |
**When the agent IS adaptable, suggest the output contract:**
- What would a headless invocation return? (file path, JSON summary, status code)
- What inputs would it need upfront? (parameters that currently come from conversation)
- Where would the `{headless_mode}` flag need to be checked?
- Which capabilities could auto-resolve vs which need explicit input even in headless mode?
**Don't force it.** Some agents are fundamentally conversational — their value is the interactive exploration. Flag those as "fundamentally interactive" and move on. The insight is knowing which agents *could* transform, not pretending all should.
### 6. Facilitative Workflow Patterns
If the agent involves collaborative discovery, artifact creation through user interaction, or any form of guided elicitation — check whether it leverages established facilitative patterns. These patterns are proven to produce richer artifacts and better user experiences. Missing them is a high-value opportunity.
**Check for these patterns:**
| Pattern | What to Look For | If Missing |
|---------|-----------------|------------|
| **Soft Gate Elicitation** | Does the agent use "anything else or shall we move on?" at natural transitions? | Suggest replacing hard menus with soft gates — they draw out information users didn't know they had |
| **Intent-Before-Ingestion** | Does the agent understand WHY the user is here before scanning artifacts/context? | Suggest reordering: greet → understand intent → THEN scan. Scanning without purpose is noise |
| **Capture-Don't-Interrupt** | When users provide out-of-scope info during discovery, does the agent capture it silently or redirect/stop them? | Suggest a capture-and-defer mechanism — users in creative flow share their best insights unprompted |
| **Dual-Output** | Does the agent produce only a human artifact, or also offer an LLM-optimized distillate for downstream consumption? | If the artifact feeds into other LLM workflows, suggest offering a token-efficient distillate alongside the primary output |
| **Parallel Review Lenses** | Before finalizing, does the agent get multiple perspectives on the artifact? | Suggest fanning out 2-3 review subagents (skeptic, opportunity spotter, contextually-chosen third lens) before final output |
| **Three-Mode Architecture** | Does the agent only support one interaction style? | If it produces an artifact, consider whether Guided/Yolo/Autonomous modes would serve different user contexts |
| **Graceful Degradation** | If the agent uses subagents, does it have fallback paths when they're unavailable? | Every subagent-dependent feature should degrade to sequential processing, never block the workflow |
**How to assess:** These patterns aren't mandatory for every agent — a simple utility doesn't need three-mode architecture. But any agent that involves collaborative discovery, user interviews, or artifact creation through guided interaction should be checked against all seven. Flag missing patterns as `medium-opportunity` or `high-opportunity` depending on how transformative they'd be for the specific agent.
### 7. User Journey Stress Test
Mentally walk through the agent end-to-end as each user archetype. Document the moments where the journey breaks, stalls, or disappoints.
For each journey, note:
- **Entry friction** — How easy is it to get started? What if the user's first message doesn't perfectly match the expected trigger?
- **Mid-flow resilience** — What happens if the user goes off-script, asks a tangential question, or provides unexpected input?
- **Exit satisfaction** — Does the user leave with a clear outcome, or does the conversation just... stop?
- **Return value** — If the user came back to this agent tomorrow, would their previous work be accessible or lost?
## How to Think
Explore creatively, then distill each idea into a concrete, actionable suggestion. Prioritize by user impact. Stay in your lane.
## Output
Write your analysis as a natural document. Include:
- **Agent understanding** — purpose, primary user, key assumptions (2-3 sentences)
- **User journeys** — for each archetype (first-timer, expert, confused, edge-case, hostile-environment, automator): brief narrative, friction points, bright spots
- **Headless assessment** — potential level, which interactions could auto-resolve, what headless invocation would need
- **Key findings** — edge cases, experience gaps, delight opportunities. Each with severity (high-opportunity/medium-opportunity/low-opportunity), affected area, what you noticed, and concrete suggestion
- **Top insights** — 2-3 most impactful creative observations
- **Facilitative patterns check** — which patterns are present/missing and which would add most value
Go wild first, then temper. Prioritize by user impact. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/enhancement-opportunities-analysis.md`
Return only the filename when complete.

134
_bmad/bmb/bmad-agent-builder/quality-scan-execution-efficiency.md Normal file
View File

@@ -0,0 +1,134 @@
# Quality Scan: Execution Efficiency
You are **ExecutionEfficiencyBot**, a performance-focused quality engineer who validates that agents execute efficiently — operations are parallelized, contexts stay lean, memory loading is strategic, and subagent patterns follow best practices.
## Overview
You validate execution efficiency across the entire agent: parallelization, subagent delegation, context management, memory loading strategy, and multi-source analysis patterns. **Why this matters:** Sequential independent operations waste time. Parent reading before delegating bloats context. Loading all memory when only a slice is needed wastes tokens. Efficient execution means faster, cheaper, more reliable agent operation.
This is a unified scan covering both *how work is distributed* (subagent delegation, context optimization) and *how work is ordered* (sequencing, parallelization). These concerns are deeply intertwined.
## Your Role
Read the pre-pass JSON first at `{quality-report-dir}/execution-deps-prepass.json`. It contains sequential patterns, loop patterns, and subagent-chain violations. Focus judgment on whether flagged patterns are truly independent operations that could be parallelized.
## Scan Targets
Pre-pass provides: dependency graph, sequential patterns, loop patterns, subagent-chain violations, memory loading patterns.
Read raw files for judgment calls:
- `SKILL.md` — On Activation patterns, operation flow
- `*.md` (prompt files at root) — Each prompt for execution patterns
- `references/*.md` — Resource loading patterns
---
## Part 1: Parallelization & Batching
### Sequential Operations That Should Be Parallel
| Check | Why It Matters |
|-------|----------------|
| Independent data-gathering steps are sequential | Wastes time — should run in parallel |
| Multiple files processed sequentially in loop | Should use parallel subagents |
| Multiple tools called in sequence independently | Should batch in one message |
### Tool Call Batching
| Check | Why It Matters |
|-------|----------------|
| Independent tool calls batched in one message | Reduces latency |
| No sequential Read/Grep/Glob calls for different targets | Single message with multiple calls |
---
## Part 2: Subagent Delegation & Context Management
### Read Avoidance (Critical Pattern)
Don't read files in parent when you could delegate the reading.
| Check | Why It Matters |
|-------|----------------|
| Parent doesn't read sources before delegating analysis | Context stays lean |
| Parent delegates READING, not just analysis | Subagents do heavy lifting |
| No "read all, then analyze" patterns | Context explosion avoided |
### Subagent Instruction Quality
| Check | Why It Matters |
|-------|----------------|
| Subagent prompt specifies exact return format | Prevents verbose output |
| Token limit guidance provided | Ensures succinct results |
| JSON structure required for structured results | Parseable output |
| "ONLY return" or equivalent constraint language | Prevents filler |
### Subagent Chaining Constraint
**Subagents cannot spawn other subagents.** Chain through parent.
### Result Aggregation Patterns
| Approach | When to Use |
|----------|-------------|
| Return to parent | Small results, immediate synthesis |
| Write to temp files | Large results (10+ items) |
| Background subagents | Long-running, no clarification needed |
---
## Part 3: Agent-Specific Efficiency
### Memory Loading Strategy
| Check | Why It Matters |
|-------|----------------|
| Selective memory loading (only what's needed) | Loading all sidecar files wastes tokens |
| Index file loaded first for routing | Index tells what else to load |
| Memory sections loaded per-capability, not all-at-once | Each capability needs different memory |
| Access boundaries loaded on every activation | Required for security |
```
BAD: Load all memory
1. Read all files in _bmad/memory/{skillName}-sidecar/
GOOD: Selective loading
1. Read index.md for configuration
2. Read access-boundaries.md for security
3. Load capability-specific memory only when that capability activates
```
### Multi-Source Analysis Delegation
| Check | Why It Matters |
|-------|----------------|
| 5+ source analysis uses subagent delegation | Each source adds thousands of tokens |
| Each source gets its own subagent | Parallel processing |
| Parent coordinates, doesn't read sources | Context stays lean |
### Resource Loading Optimization
| Check | Why It Matters |
|-------|----------------|
| Resources loaded selectively by capability | Not all resources needed every time |
| Large resources loaded on demand | Reference tables only when needed |
| "Essential context" separated from "full reference" | Summary suffices for routing |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Circular dependencies, subagent-spawning-from-subagent |
| **High** | Parent-reads-before-delegating, sequential independent ops with 5+ items, loading all memory unnecessarily |
| **Medium** | Missed batching, subagent instructions without output format, resource loading inefficiency |
| **Low** | Minor parallelization opportunities (2-3 items), result aggregation suggestions |
---
## Output
Write your analysis as a natural document. Include:
- **Assessment** — overall efficiency verdict in 2-3 sentences
- **Key findings** — each with severity (critical/high/medium/low), affected file:line, current pattern, efficient alternative, and estimated savings. Critical = circular deps or subagent-from-subagent. High = parent-reads-before-delegating, sequential independent ops. Medium = missed batching, ordering issues. Low = minor opportunities.
- **Optimization opportunities** — larger structural changes with estimated impact
- **What's already efficient** — patterns worth preserving
Be specific about file paths, line numbers, and savings estimates. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/execution-efficiency-analysis.md`
Return only the filename when complete.

202
_bmad/bmb/bmad-agent-builder/quality-scan-prompt-craft.md Normal file
View File

@@ -0,0 +1,202 @@
# Quality Scan: Prompt Craft
You are **PromptCraftBot**, a quality engineer who understands that great agent prompts balance efficiency with the context an executing agent needs to make intelligent, persona-consistent decisions.
## Overview
You evaluate the craft quality of an agent's prompts — SKILL.md and all capability prompts. This covers token efficiency, anti-patterns, outcome driven focus, and instruction clarity as a **unified assessment** rather than isolated checklists. The reason these must be evaluated together: a finding that looks like "waste" from a pure efficiency lens may be load-bearing persona context that enables the agent to stay in character and handle situations the prompt doesn't explicitly cover. Your job is to distinguish between the two. Guiding principle should be following outcome driven engineering focus.
## Your Role
Read the pre-pass JSON first at `{quality-report-dir}/prompt-metrics-prepass.json`. It contains defensive padding matches, back-references, line counts, and section inventories. Focus your judgment on whether flagged patterns are genuine waste or load-bearing persona context.
**Informed Autonomy over Scripted Execution.** The best prompts give the executing agent enough domain understanding to improvise when situations don't match the script. The worst prompts are either so lean the agent has no framework for judgment, or so bloated the agent can't find the instructions that matter. Your findings should push toward the sweet spot.
**Agent-specific principle:** Persona voice is NOT waste. Agents have identities, communication styles, and personalities. Token spent establishing these is investment, not overhead. Only flag persona-related content as waste if it's repetitive or contradictory.
## Scan Targets
Pre-pass provides: line counts, token estimates, section inventories, waste pattern matches, back-reference matches, config headers, progression conditions.
Read raw files for judgment calls:
- `SKILL.md` — Overview quality, persona context assessment
- `*.md` (prompt files at root) — Each capability prompt for craft quality
- `references/*.md` — Progressive disclosure assessment
---
## Part 1: SKILL.md Craft
### The Overview Section (Required, Load-Bearing)
Every SKILL.md must start with an `## Overview` section. For agents, this establishes the persona's mental model — who they are, what they do, and how they approach their work.
A good agent Overview includes:
| Element | Purpose | Guidance |
|---------|---------|----------|
| What this agent does and why | Mission and "good" looks like | 2-4 sentences. An agent that understands its mission makes better judgment calls. |
| Domain framing | Conceptual vocabulary | Essential for domain-specific agents |
| Theory of mind | User perspective understanding | Valuable for interactive agents |
| Design rationale | WHY specific approaches were chosen | Prevents "optimization" of important constraints |
**When to flag Overview as excessive:**
- Exceeds ~10-12 sentences for a single-purpose agent
- Same concept restated that also appears in Identity or Principles
- Philosophical content disconnected from actual behavior
**When NOT to flag:**
- Establishes persona context (even if "soft")
- Defines domain concepts the agent operates on
- Includes theory of mind guidance for user-facing agents
- Explains rationale for design choices
### SKILL.md Size & Progressive Disclosure
| Scenario | Acceptable Size | Notes |
|----------|----------------|-------|
| Multi-capability agent with brief capability sections | Up to ~250 lines | Each capability section brief, detail in prompt files |
| Single-purpose agent with deep persona | Up to ~500 lines (~5000 tokens) | Acceptable if content is genuinely needed |
| Agent with large reference tables or schemas inline | Flag for extraction | These belong in references/, not SKILL.md |
### Detecting Over-Optimization (Under-Contextualized Agents)
| Symptom | What It Looks Like | Impact |
|---------|-------------------|--------|
| Missing or empty Overview | Jumps to On Activation with no context | Agent follows steps mechanically |
| No persona framing | Instructions without identity context | Agent uses generic personality |
| No domain framing | References concepts without defining them | Agent uses generic understanding |
| Bare procedural skeleton | Only numbered steps with no connective context | Works for utilities, fails for persona agents |
| Missing "what good looks like" | No examples, no quality bar | Technically correct but characterless output |
---
## Part 2: Capability Prompt Craft
Capability prompts (prompt `.md` files at skill root) are the working instructions for each capability. These should be more procedural than SKILL.md but maintain persona voice consistency.
### Config Header
| Check | Why It Matters |
|-------|----------------|
| Has config header with language variables | Agent needs `{communication_language}` context |
| Uses config variables, not hardcoded values | Flexibility across projects |
### Self-Containment (Context Compaction Survival)
| Check | Why It Matters |
|-------|----------------|
| Prompt works independently of SKILL.md being in context | Context compaction may drop SKILL.md |
| No references to "as described above" or "per the overview" | Break when context compacts |
| Critical instructions in the prompt, not only in SKILL.md | Instructions only in SKILL.md may be lost |
### Intelligence Placement
| Check | Why It Matters |
|-------|----------------|
| Scripts handle deterministic operations | Faster, cheaper, reproducible |
| Prompts handle judgment calls | AI reasoning for semantic understanding |
| No script-based classification of meaning | If regex decides what content MEANS, that's wrong |
| No prompt-based deterministic operations | If a prompt validates structure, counts items, parses known formats, or compares against schemas — that work belongs in a script. Flag as `intelligence-placement` with a note that L6 (script-opportunities scanner) will provide detailed analysis |
### Context Sufficiency
| Check | When to Flag |
|-------|-------------|
| Judgment-heavy prompt with no context on what/why | Always — produces mechanical output |
| Interactive prompt with no user perspective | When capability involves communication |
| Classification prompt with no criteria or examples | When prompt must distinguish categories |
---
## Part 3: Universal Craft Quality
### Genuine Token Waste
Flag these — always waste:
| Pattern | Example | Fix |
|---------|---------|-----|
| Exact repetition | Same instruction in two sections | Remove duplicate |
| Defensive padding | "Make sure to...", "Don't forget to..." | Direct imperative: "Load config first" |
| Meta-explanation | "This agent is designed to..." | Delete — give instructions directly |
| Explaining the model to itself | "You are an AI that..." | Delete — agent knows what it is |
| Conversational filler | "Let's think about..." | Delete or replace with direct instruction |
### Context That Looks Like Waste But Isn't (Agent-Specific)
Do NOT flag these:
| Pattern | Why It's Valuable |
|---------|-------------------|
| Persona voice establishment | This IS the agent's identity — stripping it breaks the experience |
| Communication style examples | Worth tokens when they shape how the agent talks |
| Domain framing in Overview | Agent needs domain vocabulary for judgment calls |
| Design rationale ("we do X because Y") | Prevents undermining design when improvising |
| Theory of mind notes ("users may not know...") | Changes communication quality |
| Warm/coaching tone for interactive agents | Affects the agent's personality expression |
### Outcome vs Implementation Balance
| Agent Type | Lean Toward | Rationale |
|------------|-------------|-----------|
| Simple utility agent | Outcome-focused | Just needs to know WHAT to produce |
| Domain expert agent | Outcome + domain context | Needs domain understanding for judgment |
| Companion/interactive agent | Outcome + persona + communication guidance | Needs to read user and adapt |
| Workflow facilitator agent | Outcome + rationale + selective HOW | Needs to understand WHY for routing |
### Pruning: Instructions the Agent Doesn't Need
Beyond micro-step over-specification, check for entire blocks that teach the LLM something it already knows — or that repeat what the agent's persona context already establishes. The pruning test: **"Would the agent do this correctly given just its persona and the desired outcome?"** If yes, the block is noise.
**Flag as HIGH when a capability prompt contains any of these:**
| Anti-Pattern | Why It's Noise | Example |
|-------------|----------------|---------|
| Scoring formulas for subjective judgment | LLMs naturally assess relevance without numeric weights | "Score each option: relevance(×4) + novelty(×3)" |
| Capability prompt repeating identity/style from SKILL.md | The agent already has this context — repeating it wastes tokens | Capability prompt restating "You are a meticulous reviewer who..." |
| Step-by-step procedures for tasks the persona covers | The agent's personality and domain expertise handle this | "Step 1: greet warmly. Step 2: ask about their day. Step 3: transition to topic" |
| Per-platform adapter instructions | LLMs know their own platform's tools | Separate instructions for how to use subagents on different platforms |
| Template files explaining general capabilities | LLMs know how to format output, structure responses | A reference file explaining how to write a summary |
| Multiple capability files that could be one | Proliferation of files for what should be a single capability | 3 separate capabilities for "review code", "review tests", "review docs" when one "review" capability suffices |
**Don't flag as over-specified:**
- Domain-specific knowledge the agent genuinely needs (API conventions, project-specific rules)
- Design rationale that prevents undermining non-obvious constraints
- Persona-establishing context in SKILL.md (identity, style, principles — this is load-bearing, not waste)
### Structural Anti-Patterns
| Pattern | Threshold | Fix |
|---------|-----------|-----|
| Unstructured paragraph blocks | 8+ lines without headers or bullets | Break into sections |
| Suggestive reference loading | "See XYZ if needed" | Mandatory: "Load XYZ and apply criteria" |
| Success criteria that specify HOW | Listing implementation steps | Rewrite as outcome |
### Communication Style Consistency
| Check | Why It Matters |
|-------|----------------|
| Capability prompts maintain persona voice | Inconsistent voice breaks immersion |
| Tone doesn't shift between capabilities | Users expect consistent personality |
| Examples in prompts match SKILL.md style guidance | Contradictory examples confuse the agent |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Missing progression conditions, self-containment failures, intelligence leaks into scripts |
| **High** | Pervasive over-specification (scoring algorithms, capability prompts repeating persona context, adapter proliferation — see Pruning section), SKILL.md over size guidelines with no progressive disclosure, over-optimized complex agent (empty Overview, no persona context), persona voice stripped to bare skeleton |
| **Medium** | Moderate token waste, isolated over-specified procedures, minor voice inconsistency |
| **Low** | Minor verbosity, suggestive reference loading, style preferences |
| **Note** | Observations that aren't issues — e.g., "Persona context is appropriate" |
**Effectiveness over efficiency:** Never recommend removing context that could degrade output quality, even if it saves significant tokens. Persona voice, domain framing, and design rationale are investments in quality, not waste. When in doubt about whether context is load-bearing, err on the side of keeping it.
---
## Output
Write your analysis as a natural document. Include:
- **Assessment** — overall craft verdict: skill type assessment, Overview quality, persona context quality, progressive disclosure, and a 2-3 sentence synthesis
- **Prompt health summary** — how many prompts have config headers, progression conditions, are self-contained
- **Per-capability craft** — for each capability file referenced in the routing table, briefly assess whether it follows outcome-driven principles and whether its voice aligns with the agent's persona. Flag capabilities that are over-specified or under-contextualized.
- **Key findings** — each with severity (critical/high/medium/low), affected file:line, what's wrong, why it matters, and how to fix it. Distinguish genuine waste from persona-serving context.
- **Strengths** — what's well-crafted (worth preserving)
Write findings in order of severity. Be specific about file paths and line numbers. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/prompt-craft-analysis.md`
Return only the filename when complete.

200
_bmad/bmb/bmad-agent-builder/quality-scan-script-opportunities.md Normal file
View File

@@ -0,0 +1,200 @@
# Quality Scan: Script Opportunity Detection
You are **ScriptHunter**, a determinism evangelist who believes every token spent on work a script could do is a token wasted. You hunt through agents with one question: "Could a machine do this without thinking?"
## Overview
Other scanners check if an agent is structured well (structure), written well (prompt-craft), runs efficiently (execution-efficiency), holds together (agent-cohesion), and has creative polish (enhancement-opportunities). You ask the question none of them do: **"Is this agent asking an LLM to do work that a script could do faster, cheaper, and more reliably?"**
Every deterministic operation handled by a prompt instead of a script costs tokens on every invocation, introduces non-deterministic variance where consistency is needed, and makes the agent slower than it should be. Your job is to find these operations and flag them — from the obvious (schema validation in a prompt) to the creative (pre-processing that could extract metrics into JSON before the LLM even sees the raw data).
## Your Role
Read every prompt file and SKILL.md. For each instruction that tells the LLM to DO something (not just communicate), apply the determinism test. Think broadly about what scripts can accomplish — they have access to full bash, Python with standard library plus PEP 723 dependencies, git, jq, and all system tools.
## Scan Targets
Find and read:
- `SKILL.md` — On Activation patterns, inline operations
- `*.md` (prompt files at root) — Each capability prompt for deterministic operations hiding in LLM instructions
- `references/*.md` — Check if any resource content could be generated by scripts instead
- `scripts/` — Understand what scripts already exist (to avoid suggesting duplicates)
---
## The Determinism Test
For each operation in every prompt, ask:
| Question | If Yes |
|----------|--------|
| Given identical input, will this ALWAYS produce identical output? | Script candidate |
| Could you write a unit test with expected output for every input? | Script candidate |
| Does this require interpreting meaning, tone, context, or ambiguity? | Keep as prompt |
| Is this a judgment call that depends on understanding intent? | Keep as prompt |
## Script Opportunity Categories
### 1. Validation Operations
LLM instructions that check structure, format, schema compliance, naming conventions, required fields, or conformance to known rules.
**Signal phrases in prompts:** "validate", "check that", "verify", "ensure format", "must conform to", "required fields"
**Examples:**
- Checking frontmatter has required fields → Python script
- Validating JSON against a schema → Python script with jsonschema
- Verifying file naming conventions → Bash/Python script
- Checking path conventions → Already done well by scan-path-standards.py
- Memory structure validation (required sections exist) → Python script
- Access boundary format verification → Python script
### 2. Data Extraction & Parsing
LLM instructions that pull structured data from files without needing to interpret meaning.
**Signal phrases:** "extract", "parse", "pull from", "read and list", "gather all"
**Examples:**
- Extracting all {variable} references from markdown files → Python regex
- Listing all files in a directory matching a pattern → Bash find/glob
- Parsing YAML frontmatter from markdown → Python with pyyaml
- Extracting section headers from markdown → Python script
- Extracting access boundaries from memory-system.md → Python script
- Parsing persona fields from SKILL.md → Python script
### 3. Transformation & Format Conversion
LLM instructions that convert between known formats without semantic judgment.
**Signal phrases:** "convert", "transform", "format as", "restructure", "reformat"
**Examples:**
- Converting markdown table to JSON → Python script
- Restructuring JSON from one schema to another → Python script
- Generating boilerplate from a template → Python/Bash script
### 4. Counting, Aggregation & Metrics
LLM instructions that count, tally, summarize numerically, or collect statistics.
**Signal phrases:** "count", "how many", "total", "aggregate", "summarize statistics", "measure"
**Examples:**
- Token counting per file → Python with tiktoken
- Counting capabilities, prompts, or resources → Python script
- File size/complexity metrics → Bash wc + Python
- Memory file inventory and size tracking → Python script
### 5. Comparison & Cross-Reference
LLM instructions that compare two things for differences or verify consistency between sources.
**Signal phrases:** "compare", "diff", "match against", "cross-reference", "verify consistency", "check alignment"
**Examples:**
- Diffing two versions of a document → git diff or Python difflib
- Cross-referencing prompt names against SKILL.md references → Python script
- Checking config variables are defined where used → Python regex scan
### 6. Structure & File System Checks
LLM instructions that verify directory structure, file existence, or organizational rules.
**Signal phrases:** "check structure", "verify exists", "ensure directory", "required files", "folder layout"
**Examples:**
- Verifying agent folder has required files → Bash/Python script
- Checking for orphaned files not referenced anywhere → Python script
- Memory sidecar structure validation → Python script
- Directory tree validation against expected layout → Python script
### 7. Dependency & Graph Analysis
LLM instructions that trace references, imports, or relationships between files.
**Signal phrases:** "dependency", "references", "imports", "relationship", "graph", "trace"
**Examples:**
- Building skill dependency graph → Python script
- Tracing which resources are loaded by which prompts → Python regex
- Detecting circular references → Python graph algorithm
- Mapping capability → prompt file → resource file chains → Python script
### 8. Pre-Processing for LLM Capabilities (High-Value, Often Missed)
Operations where a script could extract compact, structured data from large files BEFORE the LLM reads them — reducing token cost and improving LLM accuracy.
**This is the most creative category.** Look for patterns where the LLM reads a large file and then extracts specific information. A pre-pass script could do the extraction, giving the LLM a compact JSON summary instead of raw content.
**Signal phrases:** "read and analyze", "scan through", "review all", "examine each"
**Examples:**
- Pre-extracting file metrics (line counts, section counts, token estimates) → Python script feeding LLM scanner
- Building a compact inventory of capabilities → Python script
- Extracting all TODO/FIXME markers → grep/Python script
- Summarizing file structure without reading content → Python pathlib
- Pre-extracting memory system structure for validation → Python script
### 9. Post-Processing Validation (Often Missed)
Operations where a script could verify that LLM-generated output meets structural requirements AFTER the LLM produces it.
**Examples:**
- Validating generated JSON against schema → Python jsonschema
- Checking generated markdown has required sections → Python script
- Verifying generated output has required fields → Python script
---
## The LLM Tax
For each finding, estimate the "LLM Tax" — tokens spent per invocation on work a script could do for zero tokens. This makes findings concrete and prioritizable.
| LLM Tax Level | Tokens Per Invocation | Priority |
|---------------|----------------------|----------|
| Heavy | 500+ tokens on deterministic work | High severity |
| Moderate | 100-500 tokens on deterministic work | Medium severity |
| Light | <100 tokens on deterministic work | Low severity |
---
## Your Toolbox Awareness
Scripts are NOT limited to simple validation. They have access to:
- **Bash**: Full shell — `jq`, `grep`, `awk`, `sed`, `find`, `diff`, `wc`, `sort`, `uniq`, `curl`, piping, composition
- **Python**: Full standard library (`json`, `yaml`, `pathlib`, `re`, `argparse`, `collections`, `difflib`, `ast`, `csv`, `xml`) plus PEP 723 inline-declared dependencies (`tiktoken`, `jsonschema`, `pyyaml`, `toml`, etc.)
- **System tools**: `git` for history/diff/blame, filesystem operations, process execution
Think broadly. A script that parses an AST, builds a dependency graph, extracts metrics into JSON, and feeds that to an LLM scanner as a pre-pass — that's zero tokens for work that would cost thousands if the LLM did it.
---
## Integration Assessment
For each script opportunity found, also assess:
| Dimension | Question |
|-----------|----------|
| **Pre-pass potential** | Could this script feed structured data to an existing LLM scanner? |
| **Standalone value** | Would this script be useful as a lint check independent of quality analysis? |
| **Reuse across skills** | Could this script be used by multiple skills, not just this one? |
| **--help self-documentation** | Prompts that invoke this script can use `--help` instead of inlining the interface — note the token savings |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **High** | Large deterministic operations (500+ tokens) in prompts — validation, parsing, counting, structure checks. Clear script candidates with high confidence. |
| **Medium** | Moderate deterministic operations (100-500 tokens), pre-processing opportunities that would improve LLM accuracy, post-processing validation. |
| **Low** | Small deterministic operations (<100 tokens), nice-to-have pre-pass scripts, minor format conversions. |
---
## Output
Write your analysis as a natural document. Include:
- **Existing scripts inventory** — what scripts already exist in the agent
- **Assessment** — overall verdict on intelligence placement in 2-3 sentences
- **Key findings** — deterministic operations found in prompts. Each with severity (high/medium/low based on LLM Tax: high = 500+ tokens, medium = 100-500, low = <100), affected file:line, what the LLM is currently doing, what a script would do instead, estimated token savings, and whether it could serve as a pre-pass
- **Aggregate savings** — total estimated token savings across all opportunities
Be specific about file paths and line numbers. Think broadly about what scripts can accomplish. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/script-opportunities-analysis.md`
Return only the filename when complete.

145
_bmad/bmb/bmad-agent-builder/quality-scan-structure.md Normal file
View File

@@ -0,0 +1,145 @@
# Quality Scan: Structure & Capabilities
You are **StructureBot**, a quality engineer who validates the structural integrity and capability completeness of BMad agents.
## Overview
You validate that an agent's structure is complete, correct, and internally consistent. This covers SKILL.md structure, capability cross-references, memory setup, identity quality, and logical consistency. **Why this matters:** Structural issues break agents at runtime — missing files, orphaned capabilities, and inconsistent identity make agents unreliable.
This is a unified scan covering both *structure* (correct files, valid sections) and *capabilities* (capability-prompt alignment). These concerns are tightly coupled — you can't evaluate capability completeness without validating structural integrity.
## Your Role
Read the pre-pass JSON first at `{quality-report-dir}/structure-capabilities-prepass.json`. Use it for all structural data. Only read raw files for judgment calls the pre-pass doesn't cover.
## Scan Targets
Pre-pass provides: frontmatter validation, section inventory, template artifacts, capability cross-reference, memory path consistency.
Read raw files ONLY for:
- Description quality assessment (is it specific enough to trigger reliably?)
- Identity effectiveness (does the one-sentence identity prime behavior?)
- Communication style quality (are examples good? do they match the persona?)
- Principles quality (guiding vs generic platitudes?)
- Logical consistency (does description match actual capabilities?)
- Activation sequence logical ordering
- Memory setup completeness for sidecar agents
- Access boundaries adequacy
- Headless mode setup if declared
---
## Part 1: Pre-Pass Review
Review all findings from `structure-capabilities-prepass.json`:
- Frontmatter issues (missing name, not kebab-case, missing description, no "Use when")
- Missing required sections (Overview, Identity, Communication Style, Principles, On Activation)
- Invalid sections (On Exit, Exiting)
- Template artifacts (orphaned {if-*}, {displayName}, etc.)
- Memory path inconsistencies
- Directness pattern violations
Include all pre-pass findings in your output, preserved as-is. These are deterministic — don't second-guess them.
---
## Part 2: Judgment-Based Assessment
### Description Quality
| Check | Why It Matters |
|-------|----------------|
| Description is specific enough to trigger reliably | Vague descriptions cause false activations or missed activations |
| Description mentions key action verbs matching capabilities | Users invoke agents with action-oriented language |
| Description distinguishes this agent from similar agents | Ambiguous descriptions cause wrong-agent activation |
| Description follows two-part format: [5-8 word summary]. [trigger clause] | Standard format ensures consistent triggering behavior |
| Trigger clause uses quoted specific phrases ('create agent', 'analyze agent') | Specific phrases prevent false activations |
| Trigger clause is conservative (explicit invocation) unless organic activation is intentional | Most skills should only fire on direct requests, not casual mentions |
### Identity Effectiveness
| Check | Why It Matters |
|-------|----------------|
| Identity section provides a clear one-sentence persona | This primes the AI's behavior for everything that follows |
| Identity is actionable, not just a title | "You are a meticulous code reviewer" beats "You are CodeBot" |
| Identity connects to the agent's actual capabilities | Persona mismatch creates inconsistent behavior |
### Communication Style Quality
| Check | Why It Matters |
|-------|----------------|
| Communication style includes concrete examples | Without examples, style guidance is too abstract |
| Style matches the agent's persona and domain | A financial advisor shouldn't use casual gaming language |
| Style guidance is brief but effective | 3-5 examples beat a paragraph of description |
### Principles Quality
| Check | Why It Matters |
|-------|----------------|
| Principles are guiding, not generic platitudes | "Be helpful" is useless; "Prefer concise answers over verbose explanations" is guiding |
| Principles relate to the agent's specific domain | Generic principles waste tokens |
| Principles create clear decision frameworks | Good principles help the agent resolve ambiguity |
### Over-Specification of LLM Capabilities
Agents should describe outcomes, not prescribe procedures for things the LLM does naturally. The agent's persona context (identity, communication style, principles) informs HOW — capability prompts should focus on WHAT to achieve. Flag these structural indicators:
| Check | Why It Matters | Severity |
|-------|----------------|----------|
| Capability files that repeat identity/style already in SKILL.md | The agent already has persona context — repeating it in each capability wastes tokens and creates maintenance burden | MEDIUM per file, HIGH if pervasive |
| Multiple capability files doing essentially the same thing | Proliferation adds complexity without value — e.g., separate capabilities for "review code", "review tests", "review docs" when one "review" capability covers all | MEDIUM |
| Capability prompts with step-by-step procedures the persona would handle | The agent's expertise and communication style already guide execution — mechanical procedures override natural behavior | MEDIUM if isolated, HIGH if pervasive |
| Template or reference files explaining general LLM capabilities | Files that teach the LLM how to format output, use tools, or greet users — it already knows | MEDIUM |
| Per-platform adapter files or instructions | The LLM knows its own platform — multiple files for different platforms add tokens without preventing failures | HIGH |
**Don't flag as over-specification:**
- Domain-specific knowledge the agent genuinely needs
- Persona-establishing context in SKILL.md (identity, style, principles are load-bearing)
- Design rationale for non-obvious choices
### Logical Consistency
| Check | Why It Matters |
|-------|----------------|
| Identity matches communication style | Identity says "formal expert" but style shows casual examples |
| Activation sequence is logically ordered | Config must load before reading config vars |
### Memory Setup (Sidecar Agents)
| Check | Why It Matters |
|-------|----------------|
| Memory system file exists if agent declares sidecar | Sidecar without memory spec is incomplete |
| Access boundaries defined | Critical for headless agents especially |
| Memory paths consistent across all files | Different paths in different files break memory |
| Save triggers defined if memory persists | Without save triggers, memory never updates |
### Headless Mode (If Declared)
| Check | Why It Matters |
|-------|----------------|
| Headless activation prompt exists | Agent declared headless but has no wake prompt |
| Default wake behavior defined | Agent won't know what to do without specific task |
| Headless tasks documented | Users need to know available tasks |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Missing SKILL.md, invalid frontmatter (no name), missing required sections, orphaned capabilities pointing to non-existent files |
| **High** | Description too vague to trigger, identity missing or ineffective, memory setup incomplete for sidecar, activation sequence logically broken |
| **Medium** | Principles are generic, communication style lacks examples, minor consistency issues, headless mode incomplete |
| **Low** | Style refinement suggestions, principle strengthening opportunities |
---
## Output
Write your analysis as a natural document. Include:
- **Assessment** — overall structural verdict in 2-3 sentences
- **Sections found** — which required/optional sections are present
- **Capabilities inventory** — list each capability with its routing, noting any structural issues per capability
- **Key findings** — each with severity (critical/high/medium/low), affected file:line, what's wrong, and how to fix it
- **Strengths** — what's structurally sound (worth preserving)
- **Memory & headless status** — whether these are set up and correctly configured
For each capability referenced in the routing table, confirm the target file exists and note any structural issues. This per-capability view feeds the capability dashboard in the final report.
Write your analysis to: `{quality-report-dir}/structure-analysis.md`
Return only the filename when complete.

54
_bmad/bmb/bmad-agent-builder/references/quality-dimensions.md Normal file
View File

@@ -0,0 +1,54 @@
# Quality Dimensions — Quick Reference
Seven dimensions to keep in mind when building agent skills. The quality scanners check these automatically during quality analysis — this is a mental checklist for the build phase.
## 1. Outcome-Driven Design
Describe what each capability achieves, not how to do it step by step. The agent's persona context (identity, communication style, principles) informs HOW — capability prompts just need the WHAT.
- **The test:** Would removing this instruction cause the agent to produce a worse outcome? If the agent would do it anyway given its persona and the desired outcome, the instruction is noise.
- **Pruning:** If a capability prompt teaches the LLM something it already knows — or repeats guidance already in the agent's identity/style — cut it.
- **When procedure IS value:** Exact script invocations, specific file paths, API calls, security-critical operations. These need low freedom.
## 2. Informed Autonomy
The executing agent needs enough context to make judgment calls when situations don't match the script. The Overview section establishes this: domain framing, theory of mind, design rationale.
- Simple agents with 1-2 capabilities need minimal context
- Agents with memory, autonomous mode, or complex capabilities need domain understanding, user perspective, and rationale for non-obvious choices
- When in doubt, explain *why* — an agent that understands the mission improvises better than one following blind steps
## 3. Intelligence Placement
Scripts handle plumbing (fetch, transform, validate). Prompts handle judgment (interpret, classify, decide).
**Test:** If a script contains an `if` that decides what content *means*, intelligence has leaked.
**Reverse test:** If a prompt validates structure, counts items, parses known formats, compares against schemas, or checks file existence — determinism has leaked into the LLM. That work belongs in a script.
## 4. Progressive Disclosure
SKILL.md stays focused. Detail goes where it belongs.
- Capability instructions → `./references/`
- Reference data, schemas, large tables → `./references/`
- Templates, starter files → `./assets/`
- Memory discipline → `./references/memory-system.md`
- Multi-capability SKILL.md under ~250 lines: fine as-is
- Single-purpose up to ~500 lines: acceptable if focused
## 5. Description Format
Two parts: `[5-8 word summary]. [Use when user says 'X' or 'Y'.]`
Default to conservative triggering. See `./references/standard-fields.md` for full format.
## 6. Path Construction
Only use `{project-root}` for `_bmad` paths. Config variables used directly — they already contain `{project-root}`.
See `./references/standard-fields.md` for correct/incorrect patterns.
## 7. Token Efficiency
Remove genuine waste (repetition, defensive padding, meta-explanation). Preserve context that enables judgment (persona voice, domain framing, theory of mind, design rationale). These are different things — never trade effectiveness for efficiency. A capability that works correctly but uses extra tokens is always better than one that's lean but fails edge cases.

343
_bmad/bmb/bmad-agent-builder/references/script-opportunities-reference.md Normal file
View File

@@ -0,0 +1,343 @@
# Quality Scan Script Opportunities — Reference Guide
**Reference: `references/script-standards.md` for script creation guidelines.**
This document identifies deterministic operations that should be offloaded from the LLM into scripts for quality validation of BMad agents.
---
## Core Principle
Scripts validate structure and syntax (deterministic). Prompts evaluate semantics and meaning (judgment). Create scripts for checks that have clear pass/fail criteria.
---
## How to Spot Script Opportunities
During build, walk through every capability/operation and apply these tests:
### The Determinism Test
For each operation the agent performs, ask:
- Given identical input, will this ALWAYS produce identical output? → Script
- Does this require interpreting meaning, tone, context, or ambiguity? → Prompt
- Could you write a unit test with expected output for every input? → Script
### The Judgment Boundary
Scripts handle: fetch, transform, validate, count, parse, compare, extract, format, check structure
Prompts handle: interpret, classify with ambiguity, create, decide with incomplete info, evaluate quality, synthesize meaning
### Pattern Recognition Checklist
Table of signal verbs/patterns mapping to script types:
| Signal Verb/Pattern | Script Type |
|---------------------|-------------|
| "validate", "check", "verify" | Validation script |
| "count", "tally", "aggregate", "sum" | Metric/counting script |
| "extract", "parse", "pull from" | Data extraction script |
| "convert", "transform", "format" | Transformation script |
| "compare", "diff", "match against" | Comparison script |
| "scan for", "find all", "list all" | Pattern scanning script |
| "check structure", "verify exists" | File structure checker |
| "against schema", "conforms to" | Schema validation script |
| "graph", "map dependencies" | Dependency analysis script |
### The Outside-the-Box Test
Beyond obvious validation, consider:
- Could any data gathering step be a script that returns structured JSON for the LLM to interpret?
- Could pre-processing reduce what the LLM needs to read?
- Could post-processing validate what the LLM produced?
- Could metric collection feed into LLM decision-making without the LLM doing the counting?
### Your Toolbox
Scripts have access to full capabilities — think broadly:
- **Bash**: Full shell — `jq`, `grep`, `awk`, `sed`, `find`, `diff`, `wc`, `sort`, `uniq`, `curl`, plus piping and composition
- **Python**: Standard library (`json`, `yaml`, `pathlib`, `re`, `argparse`, `collections`, `difflib`, `ast`, `csv`, `xml`, etc.) plus PEP 723 inline-declared dependencies (`tiktoken`, `jsonschema`, `pyyaml`, etc.)
- **System tools**: `git` commands for history/diff/blame, filesystem operations, process execution
If you can express the logic as deterministic code, it's a script candidate.
### The --help Pattern
All scripts use PEP 723 and `--help`. When a skill's prompt needs to invoke a script, it can say "Run `scripts/foo.py --help` to understand inputs/outputs, then invoke appropriately" instead of inlining the script's interface. This saves tokens in prompts and keeps a single source of truth for the script's API.
---
## Priority 1: High-Value Validation Scripts
### 1. Frontmatter Validator
**What:** Validate SKILL.md frontmatter structure and content
**Why:** Frontmatter is the #1 factor in skill triggering. Catch errors early.
**Checks:**
```python
# checks:
- name exists and is kebab-case
- description exists and follows pattern "Use when..."
- No forbidden fields (XML, reserved prefixes)
- Optional fields have valid values if present
```
**Output:** JSON with pass/fail per field, line numbers for errors
**Implementation:** Python with argparse, no external deps needed
---
### 2. Template Artifact Scanner
**What:** Scan for orphaned template substitution artifacts
**Why:** Build process may leave `{if-autonomous}`, `{displayName}`, etc.
**Output:** JSON with file path, line number, artifact type
**Implementation:** Bash script with JSON output via jq
---
### 3. Access Boundaries Extractor
**What:** Extract and validate access boundaries from memory-system.md
**Why:** Security critical — must be defined before file operations
**Checks:**
```python
# Parse memory-system.md for:
- ## Read Access section exists
- ## Write Access section exists
- ## Deny Zones section exists (can be empty)
- Paths use placeholders correctly ({project-root} for _bmad paths, relative for skill-internal)
```
**Output:** Structured JSON of read/write/deny zones
**Implementation:** Python with markdown parsing
---
---
## Priority 2: Analysis Scripts
### 4. Token Counter
**What:** Count tokens in each file of an agent
**Why:** Identify verbose files that need optimization
**Checks:**
```python
# For each .md file:
- Total tokens (approximate: chars / 4)
- Code block tokens
- Token density (tokens / meaningful content)
```
**Output:** JSON with file path, token count, density score
**Implementation:** Python with tiktoken for accurate counting, or char approximation
---
### 5. Dependency Graph Generator
**What:** Map skill → external skill dependencies
**Why:** Understand agent's dependency surface
**Checks:**
```python
# Parse SKILL.md for skill invocation patterns
# Parse prompt files for external skill references
# Build dependency graph
```
**Output:** DOT format (GraphViz) or JSON adjacency list
**Implementation:** Python, JSON parsing only
---
### 6. Activation Flow Analyzer
**What:** Parse SKILL.md On Activation section for sequence
**Why:** Validate activation order matches best practices
**Checks:**
Validate that the activation sequence is logically ordered (e.g., config loads before config is used, memory loads before memory is referenced).
**Output:** JSON with detected steps, missing steps, out-of-order warnings
**Implementation:** Python with regex pattern matching
---
### 7. Memory Structure Validator
**What:** Validate memory-system.md structure
**Why:** Memory files have specific requirements
**Checks:**
```python
# Required sections:
- ## Core Principle
- ## File Structure
- ## Write Discipline
- ## Memory Maintenance
```
**Output:** JSON with missing sections, validation errors
**Implementation:** Python with markdown parsing
---
### 8. Subagent Pattern Detector
**What:** Detect if agent uses BMAD Advanced Context Pattern
**Why:** Agents processing 5+ sources MUST use subagents
**Checks:**
```python
# Pattern detection in SKILL.md:
- "DO NOT read sources yourself"
- "delegate to sub-agents"
- "/tmp/analysis-" temp file pattern
- Sub-agent output template (50-100 token summary)
```
**Output:** JSON with pattern found/missing, recommendations
**Implementation:** Python with keyword search and context extraction
---
## Priority 3: Composite Scripts
### 9. Agent Health Check
**What:** Run all validation scripts and aggregate results
**Why:** One-stop shop for agent quality assessment
**Composition:** Runs Priority 1 scripts, aggregates JSON outputs
**Output:** Structured health report with severity levels
**Implementation:** Bash script orchestrating Python scripts, jq for aggregation
---
### 10. Comparison Validator
**What:** Compare two versions of an agent for differences
**Why:** Validate changes during iteration
**Checks:**
```bash
# Git diff with structure awareness:
- Frontmatter changes
- Capability additions/removals
- New prompt files
- Token count changes
```
**Output:** JSON with categorized changes
**Implementation:** Bash with git, jq, python for analysis
---
## Script Output Standard
All scripts MUST output structured JSON for agent consumption:
```json
{
"script": "script-name",
"version": "1.0.0",
"agent_path": "/path/to/agent",
"timestamp": "2025-03-08T10:30:00Z",
"status": "pass|fail|warning",
"findings": [
{
"severity": "critical|high|medium|low|info",
"category": "structure|security|performance|consistency",
"location": {"file": "SKILL.md", "line": 42},
"issue": "Clear description",
"fix": "Specific action to resolve"
}
],
"summary": {
"total": 10,
"critical": 1,
"high": 2,
"medium": 3,
"low": 4
}
}
```
---
## Implementation Checklist
When creating validation scripts:
- [ ] Uses `--help` for documentation
- [ ] Accepts `--agent-path` for target agent
- [ ] Outputs JSON to stdout
- [ ] Writes diagnostics to stderr
- [ ] Returns meaningful exit codes (0=pass, 1=fail, 2=error)
- [ ] Includes `--verbose` flag for debugging
- [ ] Has tests in `scripts/tests/` subfolder
- [ ] Self-contained (PEP 723 for Python)
- [ ] No interactive prompts
---
## Integration with Quality Analysis
The Quality Analysis skill should:
1. **First**: Run available scripts for fast, deterministic checks
2. **Then**: Use sub-agents for semantic analysis (requires judgment)
3. **Finally**: Synthesize both sources into report
**Example flow:**
```bash
# Run all validation scripts
python scripts/validate-frontmatter.py --agent-path {path}
bash scripts/scan-template-artifacts.sh --agent-path {path}
# Collect JSON outputs
# Spawn sub-agents only for semantic checks
# Synthesize complete report
```
---
## Script Creation Priorities
**Phase 1 (Immediate value):**
1. Template Artifact Scanner (Bash + jq)
2. Access Boundaries Extractor (Python)
**Phase 2 (Enhanced validation):**
4. Token Counter (Python)
5. Subagent Pattern Detector (Python)
6. Activation Flow Analyzer (Python)
**Phase 3 (Advanced features):**
7. Dependency Graph Generator (Python)
8. Memory Structure Validator (Python)
9. Agent Health Check orchestrator (Bash)
**Phase 4 (Comparison tools):**
10. Comparison Validator (Bash + Python)

109
_bmad/bmb/bmad-agent-builder/references/skill-best-practices.md Normal file
View File

@@ -0,0 +1,109 @@
# Skill Authoring Best Practices
For field definitions and description format, see `./standard-fields.md`. For quality dimensions, see `./quality-dimensions.md`.
## Core Philosophy: Outcome-Based Authoring
Skills should describe **what to achieve**, not **how to achieve it**. The LLM is capable of figuring out the approach — it needs to know the goal, the constraints, and the why.
**The test for every instruction:** Would removing this cause the LLM to produce a worse outcome? If the LLM would do it anyway — or if it's just spelling out mechanical steps — cut it.
### Outcome vs Prescriptive
| Prescriptive (avoid) | Outcome-based (prefer) |
|---|---|
| "Step 1: Ask about goals. Step 2: Ask about constraints. Step 3: Summarize and confirm." | "Ensure the user's vision is fully captured — goals, constraints, and edge cases — before proceeding." |
| "Load config. Read user_name. Read communication_language. Greet the user by name in their language." | "Load available config and greet the user appropriately." |
| "Create a file. Write the header. Write section 1. Write section 2. Save." | "Produce a report covering X, Y, and Z." |
The prescriptive versions miss requirements the author didn't think of. The outcome-based versions let the LLM adapt to the actual situation.
### Why This Works
- **Why over what** — When you explain why something matters, the LLM adapts to novel situations. When you just say what to do, it follows blindly even when it shouldn't.
- **Context enables judgment** — Give domain knowledge, constraints, and goals. The LLM figures out the approach. It's better at adapting to messy reality than any script you could write.
- **Prescriptive steps create brittleness** — When reality doesn't match the script, the LLM either follows the wrong script or gets confused. Outcomes let it adapt.
- **Every instruction should carry its weight** — If the LLM would do it anyway, the instruction is noise. If the LLM wouldn't know to do it without being told, that's signal.
### When Prescriptive Is Right
Reserve exact steps for **fragile operations** where getting it wrong has consequences — script invocations, exact file paths, specific CLI commands, API calls with precise parameters. These need low freedom because there's one right way to do them.
| Freedom | When | Example |
|---------|------|---------|
| **High** (outcomes) | Multiple valid approaches, LLM judgment adds value | "Ensure the user's requirements are complete" |
| **Medium** (guided) | Preferred approach exists, some variation OK | "Present findings in a structured report with an executive summary" |
| **Low** (exact) | Fragile, one right way, consequences for deviation | `python3 scripts/scan-path-standards.py {skill-path}` |
## Patterns
These are patterns that naturally emerge from outcome-based thinking. Apply them when they fit — they're not a checklist.
### Soft Gate Elicitation
At natural transitions, invite contribution without demanding it: "Anything else, or shall we move on?" Users almost always remember one more thing when given a graceful exit ramp. This produces richer artifacts than rigid section-by-section questioning.
### Intent-Before-Ingestion
Understand why the user is here before scanning documents or project context. Intent gives you the relevance filter — without it, scanning is noise.
### Capture-Don't-Interrupt
When users provide information beyond the current scope, capture it for later rather than redirecting. Users in creative flow share their best insights unprompted — interrupting loses them.
### Dual-Output: Human Artifact + LLM Distillate
Artifact-producing skills can output both a polished human-facing document and a token-efficient distillate for downstream LLM consumption. The distillate captures overflow, rejected ideas, and detail that doesn't belong in the human doc but has value for the next workflow. Always optional.
### Parallel Review Lenses
Before finalizing significant artifacts, fan out reviewers with different perspectives — skeptic, opportunity spotter, domain-specific lens. If subagents aren't available, do a single critical self-review pass. Multiple perspectives catch blind spots no single reviewer would.
### Three-Mode Architecture (Guided / Yolo / Headless)
Consider whether the skill benefits from multiple execution modes:
| Mode | When | Behavior |
|------|------|----------|
| **Guided** | Default | Conversational discovery with soft gates |
| **Yolo** | "just draft it" | Ingest everything, draft complete artifact, then refine |
| **Headless** | `--headless` / `-H` | Complete the task without user input, using sensible defaults |
Not all skills need all three. But considering them during design prevents locking into a single interaction model.
### Graceful Degradation
Every subagent-dependent feature should have a fallback path. A skill that hard-fails without subagents is fragile — one that falls back to sequential processing works everywhere.
### Verifiable Intermediate Outputs
For complex tasks with consequences: plan → validate → execute → verify. Create a verifiable plan before executing, validate with scripts where possible. Catches errors early and makes the work reversible.
## Writing Guidelines
- **Consistent terminology** — one term per concept, stick to it
- **Third person** in descriptions — "Processes files" not "I help process files"
- **Descriptive file names** — `form_validation_rules.md` not `doc2.md`
- **Forward slashes** in all paths — cross-platform
- **One level deep** for reference files — SKILL.md → reference.md, never chains
- **TOC for long files** — >100 lines
## Anti-Patterns
| Anti-Pattern | Fix |
|---|---|
| Numbered steps for things the LLM would figure out | Describe the outcome and why it matters |
| Explaining how to load config (the mechanic) | List the config keys and their defaults (the outcome) |
| Prescribing exact greeting/menu format | "Greet the user and present capabilities" |
| Spelling out headless mode in detail | "If headless, complete without user input" |
| Too many options upfront | One default with escape hatch |
| Deep reference nesting (A→B→C) | Keep references 1 level from SKILL.md |
| Inconsistent terminology | Choose one term per concept |
| Scripts that classify meaning via regex | Intelligence belongs in prompts, not scripts |
## Scripts in Skills
- **Execute vs reference** — "Run `analyze.py`" (execute) vs "See `analyze.py` for the algorithm" (read)
- **Document constants** — explain why `TIMEOUT = 30`, not just what
- **PEP 723 for Python** — self-contained with inline dependency declarations
- **MCP tools** — use fully qualified names: `ServerName:tool_name`

79
_bmad/bmb/bmad-agent-builder/references/standard-fields.md Normal file
View File

@@ -0,0 +1,79 @@
# Standard Agent Fields
## Frontmatter Fields
Only these fields go in the YAML frontmatter block:
| Field | Description | Example |
|-------|-------------|---------|
| `name` | Full skill name (kebab-case, same as folder name) | `bmad-agent-tech-writer`, `bmad-cis-agent-lila` |
| `description` | [What it does]. [Use when user says 'X' or 'Y'.] | See Description Format below |
## Content Fields
These are used within the SKILL.md body — never in frontmatter:
| Field | Description | Example |
|-------|-------------|---------|
| `displayName` | Friendly name (title heading, greetings) | `Paige`, `Lila`, `Floyd` |
| `title` | Role title | `Tech Writer`, `Holodeck Operator` |
| `icon` | Single emoji | `🔥`, `🌟` |
| `role` | Functional role | `Technical Documentation Specialist` |
| `sidecar` | Memory folder (optional) | `{skillName}-sidecar/` |
## Overview Section Format
The Overview is the first section after the title — it primes the AI for everything that follows.
**3-part formula:**
1. **What** — What this agent does
2. **How** — How it works (role, approach, modes)
3. **Why/Outcome** — Value delivered, quality standard
**Templates by agent type:**
**Companion agents:**
```markdown
This skill provides a {role} who helps users {primary outcome}. Act as {displayName} — {key quality}. With {key features}, {displayName} {primary value proposition}.
```
**Workflow agents:**
```markdown
This skill helps you {outcome} through {approach}. Act as {role}, guiding users through {key stages/phases}. Your output is {deliverable}.
```
**Utility agents:**
```markdown
This skill {what it does}. Use when {when to use}. Returns {output format} with {key feature}.
```
## SKILL.md Description Format
```
{description of what the agent does}. Use when the user asks to talk to {displayName}, requests the {title}, or {when to use}.
```
## Path Rules
### Skill-Internal Files
All references to files within the skill use `./` relative paths:
- `./references/memory-system.md`
- `./references/some-guide.md`
- `./scripts/calculate-metrics.py`
This distinguishes skill-internal files from `{project-root}` paths — without the `./` prefix the LLM may confuse them.
### Memory Files (sidecar)
Always use `{project-root}` prefix: `{project-root}/_bmad/memory/{skillName}-sidecar/`
The sidecar `index.md` is the single entry point to the agent's memory system — it tells the agent what else to load (boundaries, logs, references, etc.). Load it once on activation; don't duplicate load instructions for individual memory files.
### Config Variables
Use directly — they already contain `{project-root}` in their resolved values:
- `{output_folder}/file.md`
- Correct: `{bmad_builder_output_folder}/agent.md`
- Wrong: `{project-root}/{bmad_builder_output_folder}/agent.md` (double-prefix)

44
_bmad/bmb/bmad-agent-builder/references/template-substitution-rules.md Normal file
View File

@@ -0,0 +1,44 @@
# Template Substitution Rules
The SKILL-template provides a minimal skeleton: frontmatter, overview, agent identity sections, sidecar, and activation with config loading. Everything beyond that is crafted by the builder based on what was learned during discovery and requirements phases.
## Frontmatter
- `{module-code-or-empty}` → Module code prefix with hyphen (e.g., `cis-`) or empty for standalone
- `{agent-name}` → Agent functional name (kebab-case)
- `{skill-description}` → Two parts: [4-6 word summary]. [trigger phrases]
- `{displayName}` → Friendly display name
- `{skillName}` → Full skill name with module prefix
## Module Conditionals
### For Module-Based Agents
- `{if-module}` ... `{/if-module}` → Keep the content inside
- `{if-standalone}` ... `{/if-standalone}` → Remove the entire block including markers
- `{module-code}` → Module code without trailing hyphen (e.g., `cis`)
- `{module-setup-skill}` → Name of the module's setup skill (e.g., `bmad-cis-setup`)
### For Standalone Agents
- `{if-module}` ... `{/if-module}` → Remove the entire block including markers
- `{if-standalone}` ... `{/if-standalone}` → Keep the content inside
## Sidecar Conditionals
- `{if-sidecar}` ... `{/if-sidecar}` → Keep if agent has persistent memory, otherwise remove
- `{if-no-sidecar}` ... `{/if-no-sidecar}` → Inverse of above
## Headless Conditional
- `{if-headless}` ... `{/if-headless}` → Keep if agent supports headless mode, otherwise remove
## Beyond the Template
The builder determines the rest of the agent structure — capabilities, activation flow, sidecar initialization, capability routing, external skills, scripts — based on the agent's requirements. The template intentionally does not prescribe these.
## Path References
All generated agents use `./` prefix for skill-internal paths:
- `./references/init.md` — First-run onboarding (if sidecar)
- `./references/{capability}.md` — Individual capability prompts
- `./references/memory-system.md` — Memory discipline (if sidecar)
- `./scripts/` — Python/shell scripts for deterministic operations

276
_bmad/bmb/bmad-agent-builder/report-quality-scan-creator.md Normal file
View File

@@ -0,0 +1,276 @@
# BMad Method · Quality Analysis Report Creator
You synthesize scanner analyses into an actionable quality report for a BMad agent. You read all scanner output — structured JSON from lint scripts, free-form analysis from LLM scanners — and produce two outputs: a narrative markdown report for humans and a structured JSON file for the interactive HTML renderer.
Your job is **synthesis, not transcription.** Don't list findings by scanner. Identify themes — root causes that explain clusters of observations across multiple scanners. Lead with the agent's identity, celebrate what's strong, then show opportunities.
## Inputs
- `{skill-path}` — Path to the agent being analyzed
- `{quality-report-dir}` — Directory containing all scanner output AND where to write your reports
## Process
### Step 1: Read Everything
Read all files in `{quality-report-dir}`:
- `*-temp.json` — Lint script output (structured JSON with findings arrays)
- `*-prepass.json` — Pre-pass metrics (structural data, token counts, capabilities)
- `*-analysis.md` — LLM scanner analyses (free-form markdown)
Also read the agent's `SKILL.md` to extract: name, icon, title, identity, communication style, principles, and the capability routing table.
### Step 2: Build the Agent Portrait
From the agent's SKILL.md, synthesize a 2-3 sentence portrait that captures who this agent is — their personality, expertise, and voice. This opens the report and makes the user feel their agent reflected back before any critique. Include the agent's icon, display name, and title.
### Step 3: Build the Capability Dashboard
From the routing table in SKILL.md, list every capability. Cross-reference with scanner findings — any finding that references a capability file gets associated with that capability. Rate each:
- **Good** — no findings or only low/note severity
- **Needs attention** — medium+ findings referencing this capability
This dashboard shows the user the breadth of what they built and directs attention where it's needed.
### Step 4: Synthesize Themes
Look across ALL scanner output for **findings that share a root cause** — observations from different scanners that would be resolved by the same fix.
Ask: "If I fixed X, how many findings across all scanners would this resolve?"
Group related findings into 3-5 themes. A theme has:
- **Name** — clear description of the root cause
- **Description** — what's happening and why it matters (2-3 sentences)
- **Severity** — highest severity of constituent findings
- **Impact** — what fixing this would improve
- **Action** — one coherent instruction to address the root cause
- **Constituent findings** — specific observations with source scanner, file:line, brief description
Findings that don't fit any theme become standalone items in detailed analysis.
### Step 5: Assess Overall Quality
- **Grade:** Excellent / Good / Fair / Poor (based on severity distribution)
- **Narrative:** 2-3 sentences capturing the agent's primary strength and primary opportunity
### Step 6: Collect Strengths
Gather strengths from all scanners. These tell the user what NOT to break — especially important for agents where personality IS the value.
### Step 7: Organize Detailed Analysis
For each analysis dimension, summarize the scanner's assessment and list findings not covered by themes:
- **Structure & Capabilities** — from structure scanner
- **Persona & Voice** — from prompt-craft scanner (agent-specific framing)
- **Identity Cohesion** — from agent-cohesion scanner
- **Execution Efficiency** — from execution-efficiency scanner
- **Conversation Experience** — from enhancement-opportunities scanner (journeys, headless, edge cases)
- **Script Opportunities** — from script-opportunities scanner
### Step 8: Rank Recommendations
Order by impact — "how many findings does fixing this resolve?" The fix that clears 9 findings ranks above the fix that clears 1.
## Write Two Files
### 1. quality-report.md
```markdown
# BMad Method · Quality Analysis: {agent-name}
**{icon} {display-name}** — {title}
**Analyzed:** {timestamp} | **Path:** {skill-path}
**Interactive report:** quality-report.html
## Agent Portrait
{synthesized 2-3 sentence portrait}
## Capabilities
| Capability | Status | Observations |
|-----------|--------|-------------|
| {name} | Good / Needs attention | {count or —} |
## Assessment
**{Grade}** — {narrative}
## What's Broken
{Only if critical/high issues exist}
## Opportunities
### 1. {Theme Name} ({severity} — {N} observations)
{Description + Fix + constituent findings}
## Strengths
{What this agent does well}
## Detailed Analysis
### Structure & Capabilities
### Persona & Voice
### Identity Cohesion
### Execution Efficiency
### Conversation Experience
### Script Opportunities
## Recommendations
1. {Highest impact}
2. ...
```
### 2. report-data.json
**CRITICAL: This file is consumed by a deterministic Python script. Use EXACTLY the field names shown below. Do not rename, restructure, or omit any required fields. The HTML renderer will silently produce empty sections if field names don't match.**
Every `"..."` below is a placeholder for your content. Replace with actual values. Arrays may be empty `[]` but must exist.
```json
{
"meta": {
"skill_name": "the-agent-name",
"skill_path": "/full/path/to/agent",
"timestamp": "2026-03-26T23:03:03Z",
"scanner_count": 8,
"type": "agent"
},
"agent_profile": {
"icon": "emoji icon from agent's SKILL.md",
"display_name": "Agent's display name",
"title": "Agent's title/role",
"portrait": "Synthesized 2-3 sentence personality portrait"
},
"capabilities": [
{
"name": "Capability display name",
"file": "references/capability-file.md",
"status": "good|needs-attention",
"finding_count": 0,
"findings": [
{
"title": "Observation about this capability",
"severity": "medium",
"source": "which-scanner"
}
]
}
],
"narrative": "2-3 sentence synthesis shown at top of report",
"grade": "Excellent|Good|Fair|Poor",
"broken": [
{
"title": "Short headline of the broken thing",
"file": "relative/path.md",
"line": 25,
"detail": "Why it's broken",
"action": "Specific fix instruction",
"severity": "critical|high",
"source": "which-scanner"
}
],
"opportunities": [
{
"name": "Theme name — MUST use 'name' not 'title'",
"description": "What's happening and why it matters",
"severity": "high|medium|low",
"impact": "What fixing this achieves",
"action": "One coherent fix instruction for the whole theme",
"finding_count": 9,
"findings": [
{
"title": "Individual observation headline",
"file": "relative/path.md",
"line": 42,
"detail": "What was observed",
"source": "which-scanner"
}
]
}
],
"strengths": [
{
"title": "What's strong — MUST be an object with 'title', not a plain string",
"detail": "Why it matters and should be preserved"
}
],
"detailed_analysis": {
"structure": {
"assessment": "1-3 sentence summary",
"findings": []
},
"persona": {
"assessment": "1-3 sentence summary",
"overview_quality": "appropriate|excessive|missing",
"findings": []
},
"cohesion": {
"assessment": "1-3 sentence summary",
"dimensions": {
"persona_capability_alignment": { "score": "strong|moderate|weak", "notes": "explanation" }
},
"findings": []
},
"efficiency": {
"assessment": "1-3 sentence summary",
"findings": []
},
"experience": {
"assessment": "1-3 sentence summary",
"journeys": [
{
"archetype": "first-timer|expert|confused|edge-case|hostile-environment|automator",
"summary": "Brief narrative of this user's experience",
"friction_points": ["moment where user struggles"],
"bright_spots": ["moment where agent shines"]
}
],
"autonomous": {
"potential": "headless-ready|easily-adaptable|partially-adaptable|fundamentally-interactive",
"notes": "Brief assessment"
},
"findings": []
},
"scripts": {
"assessment": "1-3 sentence summary",
"token_savings": "estimated total",
"findings": []
}
},
"recommendations": [
{
"rank": 1,
"action": "What to do — MUST use 'action' not 'description'",
"resolves": 9,
"effort": "low|medium|high"
}
]
}
```
**Self-check before writing report-data.json:**
1. Is `meta.skill_name` present (not `meta.skill` or `meta.name`)?
2. Is `meta.scanner_count` a number (not an array)?
3. Does `agent_profile` have all 4 fields: `icon`, `display_name`, `title`, `portrait`?
4. Is every strength an object `{"title": "...", "detail": "..."}` (not a plain string)?
5. Does every opportunity use `name` (not `title`) and include `finding_count` and `findings` array?
6. Does every recommendation use `action` (not `description`) and include `rank` number?
7. Does every capability include `name`, `file`, `status`, `finding_count`, `findings`?
8. Are detailed_analysis keys exactly: `structure`, `persona`, `cohesion`, `efficiency`, `experience`, `scripts`?
9. Does every journey use `archetype` (not `persona`), `summary` (not `friction`), `friction_points` array, `bright_spots` array?
10. Does `autonomous` use `potential` and `notes`?
Write both files to `{quality-report-dir}/`.
## Return
Return only the path to `report-data.json` when complete.
## Key Principle
You are the synthesis layer. Scanners analyze through individual lenses. You connect the dots and tell the story of this agent — who it is, what it does well, and what would make it even better. A user reading your report should feel proud of their agent within 3 seconds and know the top 3 improvements within 30.

534
_bmad/bmb/bmad-agent-builder/scripts/generate-html-report.py Normal file
View File

@@ -0,0 +1,534 @@
# /// script
# requires-python = ">=3.9"
# ///
#!/usr/bin/env python3
"""
Generate an interactive HTML quality analysis report for a BMad agent.
Reads report-data.json produced by the report creator and renders a
self-contained HTML report with:
- BMad Method branding
- Agent portrait (icon, name, title, personality description)
- Capability dashboard with expandable per-capability findings
- Opportunity themes with "Fix This Theme" prompt generation
- Expandable strengths and detailed analysis
Usage:
python3 generate-html-report.py {quality-report-dir} [--open]
"""
from __future__ import annotations
import argparse
import json
import platform
import subprocess
import sys
from pathlib import Path
def load_report_data(report_dir: Path) -> dict:
"""Load report-data.json from the report directory."""
data_file = report_dir / 'report-data.json'
if not data_file.exists():
print(f'Error: {data_file} not found', file=sys.stderr)
sys.exit(2)
return json.loads(data_file.read_text(encoding='utf-8'))
HTML_TEMPLATE = r"""<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>BMad Method · Quality Analysis: SKILL_NAME</title>
<style>
:root {
--bg: #0d1117; --surface: #161b22; --surface2: #21262d; --border: #30363d;
--text: #e6edf3; --text-muted: #8b949e; --text-dim: #6e7681;
--critical: #f85149; --high: #f0883e; --medium: #d29922; --low: #58a6ff;
--strength: #3fb950; --suggestion: #a371f7;
--accent: #58a6ff; --accent-hover: #79c0ff;
--brand: #a371f7;
--font: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif;
--mono: ui-monospace, SFMono-Regular, "SF Mono", Menlo, Consolas, monospace;
}
@media (prefers-color-scheme: light) {
:root {
--bg: #ffffff; --surface: #f6f8fa; --surface2: #eaeef2; --border: #d0d7de;
--text: #1f2328; --text-muted: #656d76; --text-dim: #8c959f;
--critical: #cf222e; --high: #bc4c00; --medium: #9a6700; --low: #0969da;
--strength: #1a7f37; --suggestion: #8250df;
--accent: #0969da; --accent-hover: #0550ae;
--brand: #8250df;
}
}
* { margin: 0; padding: 0; box-sizing: border-box; }
body { font-family: var(--font); background: var(--bg); color: var(--text); line-height: 1.5; padding: 2rem; max-width: 900px; margin: 0 auto; }
.brand { color: var(--brand); font-size: 0.8rem; font-weight: 600; letter-spacing: 0.05em; text-transform: uppercase; margin-bottom: 0.25rem; }
h1 { font-size: 1.5rem; margin-bottom: 0.25rem; }
.subtitle { color: var(--text-muted); font-size: 0.85rem; margin-bottom: 1.5rem; }
.subtitle a { color: var(--accent); text-decoration: none; }
.subtitle a:hover { text-decoration: underline; }
.portrait { background: var(--surface); border: 1px solid var(--border); border-radius: 0.5rem; padding: 1.25rem; margin-bottom: 1.5rem; }
.portrait-header { display: flex; align-items: center; gap: 0.75rem; margin-bottom: 0.5rem; }
.portrait-icon { font-size: 2rem; }
.portrait-name { font-size: 1.25rem; font-weight: 700; }
.portrait-title { font-size: 0.9rem; color: var(--text-muted); }
.portrait-desc { font-size: 0.95rem; color: var(--text-muted); line-height: 1.6; font-style: italic; }
.grade { font-size: 2.5rem; font-weight: 700; margin: 0.5rem 0; }
.grade-Excellent { color: var(--strength); }
.grade-Good { color: var(--low); }
.grade-Fair { color: var(--medium); }
.grade-Poor { color: var(--critical); }
.narrative { color: var(--text-muted); font-size: 0.95rem; margin-bottom: 1.5rem; line-height: 1.6; }
.badge { display: inline-flex; align-items: center; padding: 0.15rem 0.5rem; border-radius: 2rem; font-size: 0.75rem; font-weight: 600; }
.badge-critical { background: color-mix(in srgb, var(--critical) 20%, transparent); color: var(--critical); }
.badge-high { background: color-mix(in srgb, var(--high) 20%, transparent); color: var(--high); }
.badge-medium { background: color-mix(in srgb, var(--medium) 20%, transparent); color: var(--medium); }
.badge-low { background: color-mix(in srgb, var(--low) 20%, transparent); color: var(--low); }
.badge-strength { background: color-mix(in srgb, var(--strength) 20%, transparent); color: var(--strength); }
.badge-good { background: color-mix(in srgb, var(--strength) 15%, transparent); color: var(--strength); }
.badge-attention { background: color-mix(in srgb, var(--medium) 15%, transparent); color: var(--medium); }
.section { border: 1px solid var(--border); border-radius: 0.5rem; margin: 0.75rem 0; overflow: hidden; }
.section-header { display: flex; align-items: center; gap: 0.75rem; padding: 0.75rem 1rem; background: var(--surface); cursor: pointer; user-select: none; }
.section-header:hover { background: var(--surface2); }
.section-header .arrow { font-size: 0.7rem; transition: transform 0.15s; color: var(--text-muted); width: 1rem; }
.section-header.open .arrow { transform: rotate(90deg); }
.section-header .label { font-weight: 600; flex: 1; }
.section-header .actions { display: flex; gap: 0.5rem; }
.section-body { display: none; }
.section-body.open { display: block; }
.cap-row { display: flex; align-items: center; gap: 0.75rem; padding: 0.6rem 1rem; border-top: 1px solid var(--border); }
.cap-row:hover { background: var(--surface); }
.cap-name { font-weight: 600; font-size: 0.9rem; flex: 1; }
.cap-file { font-family: var(--mono); font-size: 0.75rem; color: var(--text-dim); }
.cap-findings { display: none; padding: 0.5rem 1rem 0.5rem 2rem; border-top: 1px solid var(--border); background: var(--bg); }
.cap-findings.open { display: block; }
.cap-finding { font-size: 0.85rem; padding: 0.25rem 0; color: var(--text-muted); }
.item { padding: 0.75rem 1rem; border-top: 1px solid var(--border); }
.item:hover { background: var(--surface); }
.item-title { font-weight: 600; font-size: 0.9rem; }
.item-file { font-family: var(--mono); font-size: 0.75rem; color: var(--text-muted); }
.item-desc { font-size: 0.85rem; color: var(--text-muted); margin-top: 0.25rem; }
.item-action { font-size: 0.85rem; margin-top: 0.25rem; }
.item-action strong { color: var(--strength); }
.opp { padding: 1rem; border-top: 1px solid var(--border); }
.opp-header { display: flex; align-items: center; gap: 0.75rem; flex-wrap: wrap; }
.opp-name { font-weight: 600; font-size: 1rem; flex: 1; }
.opp-count { font-size: 0.8rem; color: var(--text-muted); }
.opp-desc { font-size: 0.9rem; color: var(--text-muted); margin: 0.5rem 0; }
.opp-impact { font-size: 0.85rem; color: var(--text-dim); font-style: italic; }
.opp-findings { margin-top: 0.75rem; padding-left: 1rem; border-left: 2px solid var(--border); display: none; }
.opp-findings.open { display: block; }
.opp-finding { font-size: 0.85rem; padding: 0.25rem 0; color: var(--text-muted); }
.opp-finding .source { font-size: 0.75rem; color: var(--text-dim); }
.btn { background: none; border: 1px solid var(--border); border-radius: 0.25rem; padding: 0.3rem 0.7rem; cursor: pointer; color: var(--text-muted); font-size: 0.8rem; transition: all 0.15s; }
.btn:hover { border-color: var(--accent); color: var(--accent); }
.btn-primary { background: var(--accent); color: #fff; border-color: var(--accent); font-weight: 600; }
.btn-primary:hover { background: var(--accent-hover); }
.strength-item { padding: 0.5rem 1rem; border-top: 1px solid var(--border); }
.strength-item .title { font-weight: 600; font-size: 0.9rem; color: var(--strength); }
.strength-item .detail { font-size: 0.85rem; color: var(--text-muted); }
.analysis-section { padding: 0.75rem 1rem; border-top: 1px solid var(--border); }
.analysis-section h4 { font-size: 0.9rem; margin-bottom: 0.25rem; }
.analysis-section p { font-size: 0.85rem; color: var(--text-muted); }
.analysis-finding { font-size: 0.85rem; padding: 0.25rem 0 0.25rem 1rem; border-left: 2px solid var(--border); margin: 0.25rem 0; color: var(--text-muted); }
.recs { padding: 0.75rem 1rem; border-top: 1px solid var(--border); }
.rec { padding: 0.3rem 0; font-size: 0.9rem; }
.rec-rank { font-weight: 700; color: var(--accent); margin-right: 0.5rem; }
.rec-resolves { font-size: 0.8rem; color: var(--text-dim); }
.modal-overlay { display: none; position: fixed; inset: 0; background: rgba(0,0,0,0.6); z-index: 200; align-items: center; justify-content: center; }
.modal-overlay.visible { display: flex; }
.modal { background: var(--surface); border: 1px solid var(--border); border-radius: 0.5rem; padding: 1.5rem; width: 90%; max-width: 700px; max-height: 80vh; overflow-y: auto; }
.modal h3 { margin-bottom: 0.75rem; }
.modal pre { background: var(--bg); border: 1px solid var(--border); border-radius: 0.375rem; padding: 1rem; font-family: var(--mono); font-size: 0.8rem; white-space: pre-wrap; word-wrap: break-word; max-height: 50vh; overflow-y: auto; }
.modal-actions { display: flex; gap: 0.75rem; margin-top: 1rem; justify-content: flex-end; }
</style>
</head>
<body>
<div class="brand">BMad Method</div>
<h1>Quality Analysis: <span id="skill-name"></span></h1>
<div class="subtitle" id="subtitle"></div>
<div id="portrait"></div>
<div id="grade-area"></div>
<div class="narrative" id="narrative"></div>
<div id="capabilities-section"></div>
<div id="broken-section"></div>
<div id="opportunities-section"></div>
<div id="strengths-section"></div>
<div id="recommendations-section"></div>
<div id="detailed-section"></div>
<div class="modal-overlay" id="modal" onclick="if(event.target===this)closeModal()">
<div class="modal">
<h3 id="modal-title">Generated Prompt</h3>
<pre id="modal-content"></pre>
<div class="modal-actions">
<button class="btn" onclick="closeModal()">Close</button>
<button class="btn btn-primary" onclick="copyModal()">Copy to Clipboard</button>
</div>
</div>
</div>
<script>
const RAW = JSON.parse(document.getElementById('report-data').textContent);
const DATA = normalize(RAW);
function normalize(d) {
if (d.meta) {
d.meta.skill_name = d.meta.skill_name || d.meta.skill || d.meta.name || 'Unknown';
d.meta.scanner_count = typeof d.meta.scanner_count === 'number' ? d.meta.scanner_count
: Array.isArray(d.meta.scanners_run) ? d.meta.scanners_run.length
: d.meta.scanner_count || 0;
}
d.strengths = (d.strengths || []).map(s =>
typeof s === 'string' ? { title: s, detail: '' } : { title: s.title || '', detail: s.detail || '' }
);
(d.opportunities || []).forEach(o => {
o.name = o.name || o.title || '';
o.finding_count = o.finding_count || (o.findings || o.findings_resolved || []).length;
if (!o.findings && o.findings_resolved) o.findings = [];
o.action = o.action || o.fix || '';
});
(d.broken || []).forEach(b => {
b.detail = b.detail || b.description || '';
b.action = b.action || b.fix || '';
});
(d.recommendations || []).forEach((r, i) => {
r.action = r.action || r.description || '';
r.rank = r.rank || i + 1;
});
// Fix journeys
if (d.detailed_analysis && d.detailed_analysis.experience) {
d.detailed_analysis.experience.journeys = (d.detailed_analysis.experience.journeys || []).map(j => ({
archetype: j.archetype || j.persona || j.name || 'Unknown',
summary: j.summary || j.journey_summary || j.description || j.friction || '',
friction_points: j.friction_points || (j.friction ? [j.friction] : []),
bright_spots: j.bright_spots || (j.bright ? [j.bright] : [])
}));
}
// Fix capabilities
(d.capabilities || []).forEach(c => {
c.finding_count = c.finding_count || (c.findings || []).length;
c.status = c.status || (c.finding_count > 0 ? 'needs-attention' : 'good');
});
return d;
}
function esc(s) {
if (!s) return '';
const d = document.createElement('div');
d.textContent = String(s);
return d.innerHTML;
}
function init() {
const m = DATA.meta;
document.getElementById('skill-name').textContent = m.skill_name;
document.getElementById('subtitle').innerHTML =
`${esc(m.skill_path)} &bull; ${m.timestamp ? m.timestamp.split('T')[0] : ''} &bull; ${m.scanner_count || 0} scanners &bull; <a href="quality-report.md">Full Report &nearr;</a>`;
renderPortrait();
document.getElementById('grade-area').innerHTML = `<div class="grade grade-${DATA.grade}">${esc(DATA.grade)}</div>`;
document.getElementById('narrative').textContent = DATA.narrative || '';
renderCapabilities();
renderBroken();
renderOpportunities();
renderStrengths();
renderRecommendations();
renderDetailed();
}
function renderPortrait() {
const p = DATA.agent_profile;
if (!p) return;
let html = `<div class="portrait"><div class="portrait-header">`;
if (p.icon) html += `<span class="portrait-icon">${esc(p.icon)}</span>`;
html += `<div><div class="portrait-name">${esc(p.display_name)}</div>`;
if (p.title) html += `<div class="portrait-title">${esc(p.title)}</div>`;
html += `</div></div>`;
if (p.portrait) html += `<div class="portrait-desc">${esc(p.portrait)}</div>`;
html += `</div>`;
document.getElementById('portrait').innerHTML = html;
}
function renderCapabilities() {
const caps = DATA.capabilities || [];
if (!caps.length) return;
const good = caps.filter(c => c.status === 'good').length;
const attn = caps.length - good;
let summary = `${caps.length} capabilities`;
if (attn > 0) summary += ` \u00b7 ${attn} need attention`;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Capabilities (${summary})</span>`;
html += `</div><div class="section-body open">`;
caps.forEach((cap, idx) => {
const statusBadge = cap.status === 'good'
? `<span class="badge badge-good">Good</span>`
: `<span class="badge badge-attention">${cap.finding_count} observation${cap.finding_count !== 1 ? 's' : ''}</span>`;
const hasFindings = cap.findings && cap.findings.length > 0;
html += `<div class="cap-row" ${hasFindings ? `onclick="toggleCapFindings(${idx})" style="cursor:pointer"` : ''}>`;
html += `${statusBadge} <span class="cap-name">${esc(cap.name)}</span>`;
if (cap.file) html += `<span class="cap-file">${esc(cap.file)}</span>`;
html += `</div>`;
if (hasFindings) {
html += `<div class="cap-findings" id="cap-findings-${idx}">`;
cap.findings.forEach(f => {
html += `<div class="cap-finding">`;
if (f.severity) html += `<span class="badge badge-${f.severity}">${esc(f.severity)}</span> `;
html += `${esc(f.title)}`;
if (f.source) html += ` <span class="source" style="font-size:0.75rem;color:var(--text-dim)">[${esc(f.source)}]</span>`;
html += `</div>`;
});
html += `</div>`;
}
});
html += `</div></div>`;
document.getElementById('capabilities-section').innerHTML = html;
}
function renderBroken() {
const items = DATA.broken || [];
if (!items.length) return;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Broken / Critical (${items.length})</span>`;
html += `<div class="actions"><button class="btn btn-primary" onclick="event.stopPropagation();showBrokenPrompt()">Fix These</button></div>`;
html += `</div><div class="section-body open">`;
items.forEach(item => {
const loc = item.file ? `${item.file}${item.line ? ':'+item.line : ''}` : '';
html += `<div class="item"><span class="badge badge-${item.severity || 'high'}">${esc(item.severity || 'high')}</span> `;
if (loc) html += `<span class="item-file">${esc(loc)}</span>`;
html += `<div class="item-title">${esc(item.title)}</div>`;
if (item.detail) html += `<div class="item-desc">${esc(item.detail)}</div>`;
if (item.action) html += `<div class="item-action"><strong>Fix:</strong> ${esc(item.action)}</div>`;
html += `</div>`;
});
html += `</div></div>`;
document.getElementById('broken-section').innerHTML = html;
}
function renderOpportunities() {
const opps = DATA.opportunities || [];
if (!opps.length) return;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Opportunities (${opps.length})</span>`;
html += `</div><div class="section-body open">`;
opps.forEach((opp, idx) => {
html += `<div class="opp"><div class="opp-header">`;
html += `<span class="badge badge-${opp.severity || 'medium'}">${esc(opp.severity || 'medium')}</span>`;
html += `<span class="opp-name">${idx+1}. ${esc(opp.name)}</span>`;
html += `<span class="opp-count">${opp.finding_count || (opp.findings||[]).length} observations</span>`;
html += `<button class="btn" onclick="toggleFindings(${idx})">Details</button>`;
html += `<button class="btn btn-primary" onclick="showThemePrompt(${idx})">Fix This</button>`;
html += `</div>`;
html += `<div class="opp-desc">${esc(opp.description)}</div>`;
if (opp.impact) html += `<div class="opp-impact">Impact: ${esc(opp.impact)}</div>`;
html += `<div class="opp-findings" id="findings-${idx}">`;
(opp.findings || []).forEach(f => {
const loc = f.file ? `${f.file}${f.line ? ':'+f.line : ''}` : '';
html += `<div class="opp-finding"><strong>${esc(f.title)}</strong>`;
if (loc) html += ` <span class="item-file">${esc(loc)}</span>`;
if (f.source) html += ` <span class="source">[${esc(f.source)}]</span>`;
if (f.detail) html += `<br>${esc(f.detail)}`;
html += `</div>`;
});
html += `</div></div>`;
});
html += `</div></div>`;
document.getElementById('opportunities-section').innerHTML = html;
}
function renderStrengths() {
const items = DATA.strengths || [];
if (!items.length) return;
let html = `<div class="section"><div class="section-header" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Strengths (${items.length})</span>`;
html += `</div><div class="section-body">`;
items.forEach(s => {
html += `<div class="strength-item"><div class="title">${esc(s.title)}</div>`;
if (s.detail) html += `<div class="detail">${esc(s.detail)}</div>`;
html += `</div>`;
});
html += `</div></div>`;
document.getElementById('strengths-section').innerHTML = html;
}
function renderRecommendations() {
const recs = DATA.recommendations || [];
if (!recs.length) return;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Recommendations</span>`;
html += `</div><div class="section-body open"><div class="recs">`;
recs.forEach(r => {
html += `<div class="rec"><span class="rec-rank">#${r.rank}</span>${esc(r.action)}`;
if (r.resolves) html += ` <span class="rec-resolves">(resolves ${r.resolves} observations)</span>`;
html += `</div>`;
});
html += `</div></div></div>`;
document.getElementById('recommendations-section').innerHTML = html;
}
function renderDetailed() {
const da = DATA.detailed_analysis;
if (!da) return;
const dims = [
['structure', 'Structure & Capabilities'],
['persona', 'Persona & Voice'],
['cohesion', 'Identity Cohesion'],
['efficiency', 'Execution Efficiency'],
['experience', 'Conversation Experience'],
['scripts', 'Script Opportunities']
];
let html = `<div class="section"><div class="section-header" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Detailed Analysis</span>`;
html += `</div><div class="section-body">`;
dims.forEach(([key, label]) => {
const dim = da[key];
if (!dim) return;
html += `<div class="analysis-section"><h4>${label}</h4>`;
if (dim.assessment) html += `<p>${esc(dim.assessment)}</p>`;
if (dim.dimensions) {
html += `<table style="width:100%;font-size:0.85rem;margin:0.5rem 0;border-collapse:collapse;">`;
html += `<tr><th style="text-align:left;padding:0.3rem;border-bottom:1px solid var(--border)">Dimension</th><th style="text-align:left;padding:0.3rem;border-bottom:1px solid var(--border)">Score</th><th style="text-align:left;padding:0.3rem;border-bottom:1px solid var(--border)">Notes</th></tr>`;
Object.entries(dim.dimensions).forEach(([d, v]) => {
if (v && typeof v === 'object') {
html += `<tr><td style="padding:0.3rem;border-bottom:1px solid var(--border)">${esc(d.replace(/_/g,' '))}</td><td style="padding:0.3rem;border-bottom:1px solid var(--border)">${esc(v.score||'')}</td><td style="padding:0.3rem;border-bottom:1px solid var(--border)">${esc(v.notes||'')}</td></tr>`;
}
});
html += `</table>`;
}
if (dim.journeys && dim.journeys.length) {
dim.journeys.forEach(j => {
html += `<div style="margin:0.5rem 0"><strong>${esc(j.archetype)}</strong>: ${esc(j.summary || j.journey_summary || '')}`;
if (j.friction_points && j.friction_points.length) {
html += `<ul style="color:var(--high);font-size:0.85rem;padding-left:1.25rem">`;
j.friction_points.forEach(fp => { html += `<li>${esc(fp)}</li>`; });
html += `</ul>`;
}
html += `</div>`;
});
}
if (dim.autonomous) {
const a = dim.autonomous;
html += `<p><strong>Headless Potential:</strong> ${esc(a.potential||'')}`;
if (a.notes) html += ` \u2014 ${esc(a.notes)}`;
html += `</p>`;
}
(dim.findings || []).forEach(f => {
const loc = f.file ? `${f.file}${f.line ? ':'+f.line : ''}` : '';
html += `<div class="analysis-finding">`;
if (f.severity) html += `<span class="badge badge-${f.severity}">${esc(f.severity)}</span> `;
html += `${esc(f.title)}`;
if (loc) html += ` <span class="item-file">${esc(loc)}</span>`;
html += `</div>`;
});
html += `</div>`;
});
html += `</div></div>`;
document.getElementById('detailed-section').innerHTML = html;
}
function toggleSection(el) { el.classList.toggle('open'); el.nextElementSibling.classList.toggle('open'); }
function toggleFindings(idx) { document.getElementById('findings-'+idx).classList.toggle('open'); }
function toggleCapFindings(idx) { document.getElementById('cap-findings-'+idx).classList.toggle('open'); }
function showThemePrompt(idx) {
const opp = DATA.opportunities[idx];
if (!opp) return;
let prompt = `## Task: ${opp.name}\nAgent path: ${DATA.meta.skill_path}\n\n### Problem\n${opp.description}\n\n### Fix\n${opp.action}\n\n`;
if (opp.findings && opp.findings.length) {
prompt += `### Specific observations to address:\n\n`;
opp.findings.forEach((f, i) => {
const loc = f.file ? (f.line ? `${f.file}:${f.line}` : f.file) : '';
prompt += `${i+1}. **${f.title}**`;
if (loc) prompt += ` (${loc})`;
if (f.detail) prompt += `\n ${f.detail}`;
prompt += `\n`;
});
}
document.getElementById('modal-title').textContent = `Fix: ${opp.name}`;
document.getElementById('modal-content').textContent = prompt.trim();
document.getElementById('modal').classList.add('visible');
}
function showBrokenPrompt() {
const items = DATA.broken || [];
let prompt = `## Task: Fix Critical Issues\nAgent path: ${DATA.meta.skill_path}\n\n`;
items.forEach((item, i) => {
const loc = item.file ? (item.line ? `${item.file}:${item.line}` : item.file) : '';
prompt += `${i+1}. **[${(item.severity||'high').toUpperCase()}] ${item.title}**\n`;
if (loc) prompt += ` File: ${loc}\n`;
if (item.detail) prompt += ` Context: ${item.detail}\n`;
if (item.action) prompt += ` Fix: ${item.action}\n\n`;
});
document.getElementById('modal-title').textContent = 'Fix Critical Issues';
document.getElementById('modal-content').textContent = prompt.trim();
document.getElementById('modal').classList.add('visible');
}
function closeModal() { document.getElementById('modal').classList.remove('visible'); }
function copyModal() {
navigator.clipboard.writeText(document.getElementById('modal-content').textContent).then(() => {
const btn = document.querySelector('.modal .btn-primary');
btn.textContent = 'Copied!';
setTimeout(() => { btn.textContent = 'Copy to Clipboard'; }, 1500);
});
}
init();
</script>
</body>
</html>"""
def generate_html(report_data: dict) -> str:
data_json = json.dumps(report_data, indent=None, ensure_ascii=False)
data_tag = f'<script id="report-data" type="application/json">{data_json}</script>'
html = HTML_TEMPLATE.replace('<script>\nconst RAW', f'{data_tag}\n<script>\nconst RAW')
html = html.replace('SKILL_NAME', report_data.get('meta', {}).get('skill_name', 'Unknown'))
return html
def main() -> int:
parser = argparse.ArgumentParser(description='Generate interactive HTML quality analysis report for a BMad agent')
parser.add_argument('report_dir', type=Path, help='Directory containing report-data.json')
parser.add_argument('--open', action='store_true', help='Open in default browser')
parser.add_argument('--output', '-o', type=Path, help='Output HTML file path')
args = parser.parse_args()
if not args.report_dir.is_dir():
print(f'Error: {args.report_dir} is not a directory', file=sys.stderr)
return 2
report_data = load_report_data(args.report_dir)
html = generate_html(report_data)
output_path = args.output or (args.report_dir / 'quality-report.html')
output_path.write_text(html, encoding='utf-8')
print(json.dumps({
'html_report': str(output_path),
'grade': report_data.get('grade', 'Unknown'),
'opportunities': len(report_data.get('opportunities', [])),
'broken': len(report_data.get('broken', [])),
}))
if args.open:
system = platform.system()
if system == 'Darwin':
subprocess.run(['open', str(output_path)])
elif system == 'Linux':
subprocess.run(['xdg-open', str(output_path)])
elif system == 'Windows':
subprocess.run(['start', str(output_path)], shell=True)
return 0
if __name__ == '__main__':
sys.exit(main())

337
_bmad/bmb/bmad-agent-builder/scripts/prepass-execution-deps.py Normal file
View File

@@ -0,0 +1,337 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for execution efficiency scanner (agent builder).
Extracts dependency graph data and execution patterns from a BMad agent skill
so the LLM scanner can evaluate efficiency from compact structured data.
Covers:
- Dependency graph from skill structure
- Circular dependency detection
- Transitive dependency redundancy
- Parallelizable stage groups (independent nodes)
- Sequential pattern detection in prompts (numbered Read/Grep/Glob steps)
- Subagent-from-subagent detection
- Loop patterns (read all, analyze each, for each file)
- Memory loading pattern detection (load all memory, read all sidecar, etc.)
- Multi-source operation detection
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
def detect_cycles(graph: dict[str, list[str]]) -> list[list[str]]:
"""Detect circular dependencies in a directed graph using DFS."""
cycles = []
visited = set()
path = []
path_set = set()
def dfs(node: str) -> None:
if node in path_set:
cycle_start = path.index(node)
cycles.append(path[cycle_start:] + [node])
return
if node in visited:
return
visited.add(node)
path.append(node)
path_set.add(node)
for neighbor in graph.get(node, []):
dfs(neighbor)
path.pop()
path_set.discard(node)
for node in graph:
dfs(node)
return cycles
def find_transitive_redundancy(graph: dict[str, list[str]]) -> list[dict]:
"""Find cases where A declares dependency on C, but A->B->C already exists."""
redundancies = []
def get_transitive(node: str, visited: set | None = None) -> set[str]:
if visited is None:
visited = set()
for dep in graph.get(node, []):
if dep not in visited:
visited.add(dep)
get_transitive(dep, visited)
return visited
for node, direct_deps in graph.items():
for dep in direct_deps:
# Check if dep is reachable through other direct deps
other_deps = [d for d in direct_deps if d != dep]
for other in other_deps:
transitive = get_transitive(other)
if dep in transitive:
redundancies.append({
'node': node,
'redundant_dep': dep,
'already_via': other,
'issue': f'"{node}" declares "{dep}" as dependency, but already reachable via "{other}"',
})
return redundancies
def find_parallel_groups(graph: dict[str, list[str]], all_nodes: set[str]) -> list[list[str]]:
"""Find groups of nodes that have no dependencies on each other (can run in parallel)."""
independent_groups = []
# Simple approach: find all nodes at each "level" of the DAG
remaining = set(all_nodes)
while remaining:
# Nodes whose dependencies are all satisfied (not in remaining)
ready = set()
for node in remaining:
deps = set(graph.get(node, []))
if not deps & remaining:
ready.add(node)
if not ready:
break # Circular dependency, can't proceed
if len(ready) > 1:
independent_groups.append(sorted(ready))
remaining -= ready
return independent_groups
def scan_sequential_patterns(filepath: Path, rel_path: str) -> list[dict]:
"""Detect sequential operation patterns that could be parallel."""
content = filepath.read_text(encoding='utf-8')
patterns = []
# Sequential numbered steps with Read/Grep/Glob
tool_steps = re.findall(
r'^\s*\d+\.\s+.*?\b(Read|Grep|Glob|read|grep|glob)\b.*$',
content, re.MULTILINE
)
if len(tool_steps) >= 3:
patterns.append({
'file': rel_path,
'type': 'sequential-tool-calls',
'count': len(tool_steps),
'issue': f'{len(tool_steps)} sequential tool call steps found — check if independent calls can be parallel',
})
# "Read all files" / "for each" loop patterns
loop_patterns = [
(r'[Rr]ead all (?:files|documents|prompts)', 'read-all'),
(r'[Ff]or each (?:file|document|prompt|stage)', 'for-each-loop'),
(r'[Aa]nalyze each', 'analyze-each'),
(r'[Ss]can (?:through|all|each)', 'scan-all'),
(r'[Rr]eview (?:all|each)', 'review-all'),
]
for pattern, ptype in loop_patterns:
matches = re.findall(pattern, content)
if matches:
patterns.append({
'file': rel_path,
'type': ptype,
'count': len(matches),
'issue': f'"{matches[0]}" pattern found — consider parallel subagent delegation',
})
# Memory loading patterns (agent-specific)
memory_loading_patterns = [
(r'[Ll]oad all (?:memory|memories)', 'load-all-memory'),
(r'[Rr]ead all sidecar (?:files|data)', 'read-all-sidecar'),
(r'[Ll]oad (?:entire|full|complete) sidecar', 'load-entire-sidecar'),
(r'[Ll]oad all (?:context|state)', 'load-all-context'),
(r'[Rr]ead (?:entire|full|complete) memory', 'read-entire-memory'),
]
for pattern, ptype in memory_loading_patterns:
matches = re.findall(pattern, content)
if matches:
patterns.append({
'file': rel_path,
'type': ptype,
'count': len(matches),
'issue': f'"{matches[0]}" pattern found — bulk memory loading is expensive, load specific paths',
})
# Multi-source operation detection (agent-specific)
multi_source_patterns = [
(r'[Rr]ead all\b', 'multi-source-read-all'),
(r'[Aa]nalyze each\b', 'multi-source-analyze-each'),
(r'[Ff]or each file\b', 'multi-source-for-each-file'),
]
for pattern, ptype in multi_source_patterns:
matches = re.findall(pattern, content)
if matches:
# Only add if not already captured by loop_patterns above
existing_types = {p['type'] for p in patterns}
if ptype not in existing_types:
patterns.append({
'file': rel_path,
'type': ptype,
'count': len(matches),
'issue': f'"{matches[0]}" pattern found — multi-source operation may be parallelizable',
})
# Subagent spawning from subagent (impossible)
if re.search(r'(?i)spawn.*subagent|launch.*subagent|create.*subagent', content):
# Check if this file IS a subagent (quality-scan-* or report-* files at root)
if re.match(r'(?:quality-scan-|report-)', rel_path):
patterns.append({
'file': rel_path,
'type': 'subagent-chain-violation',
'count': 1,
'issue': 'Subagent file references spawning other subagents — subagents cannot spawn subagents',
})
return patterns
def scan_execution_deps(skill_path: Path) -> dict:
"""Run all deterministic execution efficiency checks."""
# Build dependency graph from skill structure
dep_graph: dict[str, list[str]] = {}
prefer_after: dict[str, list[str]] = {}
all_stages: set[str] = set()
# Check for stage definitions in prompt files
prompts_dir = skill_path / 'prompts'
if prompts_dir.exists():
for f in sorted(prompts_dir.iterdir()):
if f.is_file() and f.suffix == '.md':
all_stages.add(f.stem)
# Cycle detection
cycles = detect_cycles(dep_graph)
# Transitive redundancy
redundancies = find_transitive_redundancy(dep_graph)
# Parallel groups
parallel_groups = find_parallel_groups(dep_graph, all_stages)
# Sequential pattern detection across all prompt and agent files
sequential_patterns = []
for scan_dir in ['prompts', 'agents']:
d = skill_path / scan_dir
if d.exists():
for f in sorted(d.iterdir()):
if f.is_file() and f.suffix == '.md':
patterns = scan_sequential_patterns(f, f'{scan_dir}/{f.name}')
sequential_patterns.extend(patterns)
# Also scan SKILL.md
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
sequential_patterns.extend(scan_sequential_patterns(skill_md, 'SKILL.md'))
# Build issues from deterministic findings
issues = []
for cycle in cycles:
issues.append({
'severity': 'critical',
'category': 'circular-dependency',
'issue': f'Circular dependency detected: {"".join(cycle)}',
})
for r in redundancies:
issues.append({
'severity': 'medium',
'category': 'dependency-bloat',
'issue': r['issue'],
})
for p in sequential_patterns:
if p['type'] == 'subagent-chain-violation':
severity = 'critical'
elif p['type'] in ('load-all-memory', 'read-all-sidecar', 'load-entire-sidecar',
'load-all-context', 'read-entire-memory'):
severity = 'high'
else:
severity = 'medium'
issues.append({
'file': p['file'],
'severity': severity,
'category': p['type'],
'issue': p['issue'],
})
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
for issue in issues:
sev = issue['severity']
if sev in by_severity:
by_severity[sev] += 1
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0 or by_severity['medium'] > 0:
status = 'warning'
return {
'scanner': 'execution-efficiency-prepass',
'script': 'prepass-execution-deps.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'dependency_graph': {
'stages': sorted(all_stages),
'hard_dependencies': dep_graph,
'soft_dependencies': prefer_after,
'cycles': cycles,
'transitive_redundancies': redundancies,
'parallel_groups': parallel_groups,
},
'sequential_patterns': sequential_patterns,
'issues': issues,
'summary': {
'total_issues': len(issues),
'by_severity': by_severity,
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Extract execution dependency graph and patterns for LLM scanner pre-pass (agent builder)',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_execution_deps(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0
if __name__ == '__main__':
sys.exit(main())

403
_bmad/bmb/bmad-agent-builder/scripts/prepass-prompt-metrics.py Normal file
View File

@@ -0,0 +1,403 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for prompt craft scanner (agent builder).
Extracts metrics and flagged patterns from SKILL.md and prompt files
so the LLM scanner can work from compact data instead of reading raw files.
Covers:
- SKILL.md line count and section inventory
- Overview section size
- Inline data detection (tables, fenced code blocks)
- Defensive padding pattern grep
- Meta-explanation pattern grep
- Back-reference detection ("as described above")
- Config header and progression condition presence per prompt
- File-level token estimates (chars / 4 rough approximation)
- Prompt frontmatter validation (name, description, menu-code)
- Wall-of-text detection
- Suggestive loading grep
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Defensive padding / filler patterns
WASTE_PATTERNS = [
(r'\b[Mm]ake sure (?:to|you)\b', 'defensive-padding', 'Defensive: "make sure to/you"'),
(r"\b[Dd]on'?t forget (?:to|that)\b", 'defensive-padding', "Defensive: \"don't forget\""),
(r'\b[Rr]emember (?:to|that)\b', 'defensive-padding', 'Defensive: "remember to/that"'),
(r'\b[Bb]e sure to\b', 'defensive-padding', 'Defensive: "be sure to"'),
(r'\b[Pp]lease ensure\b', 'defensive-padding', 'Defensive: "please ensure"'),
(r'\b[Ii]t is important (?:to|that)\b', 'defensive-padding', 'Defensive: "it is important"'),
(r'\b[Yy]ou are an AI\b', 'meta-explanation', 'Meta: "you are an AI"'),
(r'\b[Aa]s a language model\b', 'meta-explanation', 'Meta: "as a language model"'),
(r'\b[Aa]s an AI assistant\b', 'meta-explanation', 'Meta: "as an AI assistant"'),
(r'\b[Tt]his (?:workflow|skill|process) is designed to\b', 'meta-explanation', 'Meta: "this workflow is designed to"'),
(r'\b[Tt]he purpose of this (?:section|step) is\b', 'meta-explanation', 'Meta: "the purpose of this section is"'),
(r"\b[Ll]et'?s (?:think about|begin|start)\b", 'filler', "Filler: \"let's think/begin\""),
(r'\b[Nn]ow we(?:\'ll| will)\b', 'filler', "Filler: \"now we'll\""),
]
# Back-reference patterns (self-containment risk)
BACKREF_PATTERNS = [
(r'\bas described above\b', 'Back-reference: "as described above"'),
(r'\bper the overview\b', 'Back-reference: "per the overview"'),
(r'\bas mentioned (?:above|in|earlier)\b', 'Back-reference: "as mentioned above/in/earlier"'),
(r'\bsee (?:above|the overview)\b', 'Back-reference: "see above/the overview"'),
(r'\brefer to (?:the )?(?:above|overview|SKILL)\b', 'Back-reference: "refer to above/overview"'),
]
# Suggestive loading patterns
SUGGESTIVE_LOADING_PATTERNS = [
(r'\b[Ll]oad (?:the |all )?(?:relevant|necessary|needed|required)\b', 'Suggestive loading: "load relevant/necessary"'),
(r'\b[Rr]ead (?:the |all )?(?:relevant|necessary|needed|required)\b', 'Suggestive loading: "read relevant/necessary"'),
(r'\b[Gg]ather (?:the |all )?(?:relevant|necessary|needed)\b', 'Suggestive loading: "gather relevant/necessary"'),
]
def count_tables(content: str) -> tuple[int, int]:
"""Count markdown tables and their total lines."""
table_count = 0
table_lines = 0
in_table = False
for line in content.split('\n'):
if '|' in line and re.match(r'^\s*\|', line):
if not in_table:
table_count += 1
in_table = True
table_lines += 1
else:
in_table = False
return table_count, table_lines
def count_fenced_blocks(content: str) -> tuple[int, int]:
"""Count fenced code blocks and their total lines."""
block_count = 0
block_lines = 0
in_block = False
for line in content.split('\n'):
if line.strip().startswith('```'):
if in_block:
in_block = False
else:
in_block = True
block_count += 1
elif in_block:
block_lines += 1
return block_count, block_lines
def extract_overview_size(content: str) -> int:
"""Count lines in the ## Overview section."""
lines = content.split('\n')
in_overview = False
overview_lines = 0
for line in lines:
if re.match(r'^##\s+Overview\b', line):
in_overview = True
continue
elif in_overview and re.match(r'^##\s', line):
break
elif in_overview:
overview_lines += 1
return overview_lines
def detect_wall_of_text(content: str) -> list[dict]:
"""Detect long runs of text without headers or breaks."""
walls = []
lines = content.split('\n')
run_start = None
run_length = 0
for i, line in enumerate(lines, 1):
stripped = line.strip()
is_break = (
not stripped
or re.match(r'^#{1,6}\s', stripped)
or re.match(r'^[-*]\s', stripped)
or re.match(r'^\d+\.\s', stripped)
or stripped.startswith('```')
or stripped.startswith('|')
)
if is_break:
if run_length >= 15:
walls.append({
'start_line': run_start,
'length': run_length,
})
run_start = None
run_length = 0
else:
if run_start is None:
run_start = i
run_length += 1
if run_length >= 15:
walls.append({
'start_line': run_start,
'length': run_length,
})
return walls
def parse_prompt_frontmatter(filepath: Path) -> dict:
"""Parse YAML frontmatter from a prompt file and validate."""
content = filepath.read_text(encoding='utf-8')
result = {
'has_frontmatter': False,
'fields': {},
'missing_fields': [],
}
fm_match = re.match(r'^---\s*\n(.*?)\n---\s*\n', content, re.DOTALL)
if not fm_match:
result['missing_fields'] = ['name', 'description', 'menu-code']
return result
result['has_frontmatter'] = True
try:
import yaml
fm = yaml.safe_load(fm_match.group(1))
except Exception:
# Fallback: simple key-value parsing
fm = {}
for line in fm_match.group(1).split('\n'):
if ':' in line:
key, _, val = line.partition(':')
fm[key.strip()] = val.strip()
if not isinstance(fm, dict):
result['missing_fields'] = ['name', 'description', 'menu-code']
return result
expected_fields = ['name', 'description', 'menu-code']
for field in expected_fields:
if field in fm:
result['fields'][field] = fm[field]
else:
result['missing_fields'].append(field)
return result
def scan_file_patterns(filepath: Path, rel_path: str) -> dict:
"""Extract metrics and pattern matches from a single file."""
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# Token estimate (rough: chars / 4)
token_estimate = len(content) // 4
# Section inventory
sections = []
for i, line in enumerate(lines, 1):
m = re.match(r'^(#{2,3})\s+(.+)$', line)
if m:
sections.append({'level': len(m.group(1)), 'title': m.group(2).strip(), 'line': i})
# Tables and code blocks
table_count, table_lines = count_tables(content)
block_count, block_lines = count_fenced_blocks(content)
# Pattern matches
waste_matches = []
for pattern, category, label in WASTE_PATTERNS:
for m in re.finditer(pattern, content):
line_num = content[:m.start()].count('\n') + 1
waste_matches.append({
'line': line_num,
'category': category,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
backref_matches = []
for pattern, label in BACKREF_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
backref_matches.append({
'line': line_num,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
# Suggestive loading
suggestive_loading = []
for pattern, label in SUGGESTIVE_LOADING_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
suggestive_loading.append({
'line': line_num,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
# Config header
has_config_header = '{communication_language}' in content or '{document_output_language}' in content
# Progression condition
prog_keywords = ['progress', 'advance', 'move to', 'next stage',
'when complete', 'proceed to', 'transition', 'completion criteria']
has_progression = any(kw in content.lower() for kw in prog_keywords)
# Wall-of-text detection
walls = detect_wall_of_text(content)
result = {
'file': rel_path,
'line_count': line_count,
'token_estimate': token_estimate,
'sections': sections,
'table_count': table_count,
'table_lines': table_lines,
'fenced_block_count': block_count,
'fenced_block_lines': block_lines,
'waste_patterns': waste_matches,
'back_references': backref_matches,
'suggestive_loading': suggestive_loading,
'has_config_header': has_config_header,
'has_progression': has_progression,
'wall_of_text': walls,
}
return result
def scan_prompt_metrics(skill_path: Path) -> dict:
"""Extract metrics from all prompt-relevant files."""
files_data = []
# SKILL.md
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
data = scan_file_patterns(skill_md, 'SKILL.md')
content = skill_md.read_text(encoding='utf-8')
data['overview_lines'] = extract_overview_size(content)
data['is_skill_md'] = True
files_data.append(data)
# Prompt files at skill root
skip_files = {'SKILL.md'}
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name not in skip_files and f.name != 'SKILL.md':
data = scan_file_patterns(f, f.name)
data['is_skill_md'] = False
# Parse prompt frontmatter
pfm = parse_prompt_frontmatter(f)
data['prompt_frontmatter'] = pfm
files_data.append(data)
# Resources (just sizes, for progressive disclosure assessment)
resources_dir = skill_path / 'resources'
resource_sizes = {}
if resources_dir.exists():
for f in sorted(resources_dir.iterdir()):
if f.is_file() and f.suffix in ('.md', '.json', '.yaml', '.yml'):
content = f.read_text(encoding='utf-8')
resource_sizes[f.name] = {
'lines': len(content.split('\n')),
'tokens': len(content) // 4,
}
# Aggregate stats
total_waste = sum(len(f['waste_patterns']) for f in files_data)
total_backrefs = sum(len(f['back_references']) for f in files_data)
total_suggestive = sum(len(f.get('suggestive_loading', [])) for f in files_data)
total_tokens = sum(f['token_estimate'] for f in files_data)
total_walls = sum(len(f.get('wall_of_text', [])) for f in files_data)
prompts_with_config = sum(1 for f in files_data if not f.get('is_skill_md') and f['has_config_header'])
prompts_with_progression = sum(1 for f in files_data if not f.get('is_skill_md') and f['has_progression'])
total_prompts = sum(1 for f in files_data if not f.get('is_skill_md'))
skill_md_data = next((f for f in files_data if f.get('is_skill_md')), None)
return {
'scanner': 'prompt-craft-prepass',
'script': 'prepass-prompt-metrics.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'info',
'skill_md_summary': {
'line_count': skill_md_data['line_count'] if skill_md_data else 0,
'token_estimate': skill_md_data['token_estimate'] if skill_md_data else 0,
'overview_lines': skill_md_data.get('overview_lines', 0) if skill_md_data else 0,
'table_count': skill_md_data['table_count'] if skill_md_data else 0,
'table_lines': skill_md_data['table_lines'] if skill_md_data else 0,
'fenced_block_count': skill_md_data['fenced_block_count'] if skill_md_data else 0,
'fenced_block_lines': skill_md_data['fenced_block_lines'] if skill_md_data else 0,
'section_count': len(skill_md_data['sections']) if skill_md_data else 0,
},
'prompt_health': {
'total_prompts': total_prompts,
'prompts_with_config_header': prompts_with_config,
'prompts_with_progression': prompts_with_progression,
},
'aggregate': {
'total_files_scanned': len(files_data),
'total_token_estimate': total_tokens,
'total_waste_patterns': total_waste,
'total_back_references': total_backrefs,
'total_suggestive_loading': total_suggestive,
'total_wall_of_text': total_walls,
},
'resource_sizes': resource_sizes,
'files': files_data,
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Extract prompt craft metrics for LLM scanner pre-pass (agent builder)',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_prompt_metrics(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0
if __name__ == '__main__':
sys.exit(main())

445
_bmad/bmb/bmad-agent-builder/scripts/prepass-structure-capabilities.py Normal file
View File

@@ -0,0 +1,445 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for agent structure and capabilities scanner.
Extracts structural metadata from a BMad agent skill that the LLM scanner
can use instead of reading all files itself. Covers:
- Frontmatter parsing and validation
- Section inventory (H2/H3 headers)
- Template artifact detection
- Agent name validation (bmad-{code}-agent-{name} or bmad-agent-{name})
- Required agent sections (Overview, Identity, Communication Style, Principles, On Activation)
- Memory path consistency checking
- Language/directness pattern grep
- On Exit / Exiting section detection (invalid)
"""
# /// script
# requires-python = ">=3.9"
# dependencies = [
# "pyyaml>=6.0",
# ]
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
try:
import yaml
except ImportError:
print("Error: pyyaml required. Run with: uv run prepass-structure-capabilities.py", file=sys.stderr)
sys.exit(2)
# Template artifacts that should NOT appear in finalized skills
TEMPLATE_ARTIFACTS = [
r'\{if-complex-workflow\}', r'\{/if-complex-workflow\}',
r'\{if-simple-workflow\}', r'\{/if-simple-workflow\}',
r'\{if-simple-utility\}', r'\{/if-simple-utility\}',
r'\{if-module\}', r'\{/if-module\}',
r'\{if-headless\}', r'\{/if-headless\}',
r'\{if-autonomous\}', r'\{/if-autonomous\}',
r'\{if-sidecar\}', r'\{/if-sidecar\}',
r'\{displayName\}', r'\{skillName\}',
]
# Runtime variables that ARE expected (not artifacts)
RUNTIME_VARS = {
'{user_name}', '{communication_language}', '{document_output_language}',
'{project-root}', '{output_folder}', '{planning_artifacts}',
'{headless_mode}',
}
# Directness anti-patterns
DIRECTNESS_PATTERNS = [
(r'\byou should\b', 'Suggestive "you should" — use direct imperative'),
(r'\bplease\b(?! note)', 'Polite "please" — use direct imperative'),
(r'\bhandle appropriately\b', 'Ambiguous "handle appropriately" — specify how'),
(r'\bwhen ready\b', 'Vague "when ready" — specify testable condition'),
]
# Invalid sections
INVALID_SECTIONS = [
(r'^##\s+On\s+Exit\b', 'On Exit section found — no exit hooks exist in the system, this will never run'),
(r'^##\s+Exiting\b', 'Exiting section found — no exit hooks exist in the system, this will never run'),
]
def parse_frontmatter(content: str) -> tuple[dict | None, list[dict]]:
"""Parse YAML frontmatter and validate."""
findings = []
fm_match = re.match(r'^---\s*\n(.*?)\n---\s*\n', content, re.DOTALL)
if not fm_match:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'No YAML frontmatter found',
})
return None, findings
try:
fm = yaml.safe_load(fm_match.group(1))
except yaml.YAMLError as e:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': f'Invalid YAML frontmatter: {e}',
})
return None, findings
if not isinstance(fm, dict):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'Frontmatter is not a YAML mapping',
})
return None, findings
# name check
name = fm.get('name')
if not name:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'Missing "name" field in frontmatter',
})
elif not re.match(r'^[a-z0-9]+(-[a-z0-9]+)*$', name):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'frontmatter',
'issue': f'Name "{name}" is not kebab-case',
})
elif not (re.match(r'^bmad-[a-z0-9]+-agent-[a-z0-9]+(-[a-z0-9]+)*$', name)
or re.match(r'^bmad-agent-[a-z0-9]+(-[a-z0-9]+)*$', name)):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'medium', 'category': 'frontmatter',
'issue': f'Name "{name}" does not follow bmad-{{code}}-agent-{{name}} or bmad-agent-{{name}} pattern',
})
# description check
desc = fm.get('description')
if not desc:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'frontmatter',
'issue': 'Missing "description" field in frontmatter',
})
elif 'Use when' not in desc and 'use when' not in desc:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'medium', 'category': 'frontmatter',
'issue': 'Description missing "Use when..." trigger phrase',
})
# Extra fields check — only name and description allowed for agents
allowed = {'name', 'description'}
extra = set(fm.keys()) - allowed
if extra:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'low', 'category': 'frontmatter',
'issue': f'Extra frontmatter fields: {", ".join(sorted(extra))}',
})
return fm, findings
def extract_sections(content: str) -> list[dict]:
"""Extract all H2/H3 headers with line numbers."""
sections = []
for i, line in enumerate(content.split('\n'), 1):
m = re.match(r'^(#{2,3})\s+(.+)$', line)
if m:
sections.append({
'level': len(m.group(1)),
'title': m.group(2).strip(),
'line': i,
})
return sections
def check_required_sections(sections: list[dict]) -> list[dict]:
"""Check for required and invalid sections."""
findings = []
h2_titles = [s['title'] for s in sections if s['level'] == 2]
required = ['Overview', 'Identity', 'Communication Style', 'Principles', 'On Activation']
for req in required:
if req not in h2_titles:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'sections',
'issue': f'Missing ## {req} section',
})
# Invalid sections
for s in sections:
if s['level'] == 2:
for pattern, message in INVALID_SECTIONS:
if re.match(pattern, f"## {s['title']}"):
findings.append({
'file': 'SKILL.md', 'line': s['line'],
'severity': 'high', 'category': 'invalid-section',
'issue': message,
})
return findings
def find_template_artifacts(filepath: Path, rel_path: str) -> list[dict]:
"""Scan for orphaned template substitution artifacts."""
findings = []
content = filepath.read_text(encoding='utf-8')
for pattern in TEMPLATE_ARTIFACTS:
for m in re.finditer(pattern, content):
matched = m.group()
if matched in RUNTIME_VARS:
continue
line_num = content[:m.start()].count('\n') + 1
findings.append({
'file': rel_path, 'line': line_num,
'severity': 'high', 'category': 'artifacts',
'issue': f'Orphaned template artifact: {matched}',
'fix': 'Resolve or remove this template conditional/placeholder',
})
return findings
def extract_memory_paths(skill_path: Path) -> tuple[list[str], list[dict]]:
"""Extract all memory path references across files and check consistency."""
findings = []
memory_paths = set()
# Memory path patterns
mem_pattern = re.compile(r'(?:memory/|sidecar/)[\w\-/]+(?:\.\w+)?')
files_to_scan = []
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
files_to_scan.append(('SKILL.md', skill_md))
for subdir in ['prompts', 'resources']:
d = skill_path / subdir
if d.exists():
for f in sorted(d.iterdir()):
if f.is_file() and f.suffix in ('.md', '.json', '.yaml', '.yml'):
files_to_scan.append((f'{subdir}/{f.name}', f))
for rel_path, filepath in files_to_scan:
content = filepath.read_text(encoding='utf-8')
for m in mem_pattern.finditer(content):
memory_paths.add(m.group())
sorted_paths = sorted(memory_paths)
# Check for inconsistent formats
prefixes = set()
for p in sorted_paths:
prefix = p.split('/')[0]
prefixes.add(prefix)
memory_prefixes = {p for p in prefixes if 'memory' in p.lower()}
sidecar_prefixes = {p for p in prefixes if 'sidecar' in p.lower()}
if len(memory_prefixes) > 1:
findings.append({
'file': 'multiple', 'line': 0,
'severity': 'medium', 'category': 'memory-paths',
'issue': f'Inconsistent memory path prefixes: {", ".join(sorted(memory_prefixes))}',
})
if len(sidecar_prefixes) > 1:
findings.append({
'file': 'multiple', 'line': 0,
'severity': 'medium', 'category': 'memory-paths',
'issue': f'Inconsistent sidecar path prefixes: {", ".join(sorted(sidecar_prefixes))}',
})
return sorted_paths, findings
def check_prompt_basics(skill_path: Path) -> tuple[list[dict], list[dict]]:
"""Check each prompt file for config header and progression conditions."""
findings = []
prompt_details = []
skip_files = {'SKILL.md'}
prompt_files = [f for f in sorted(skill_path.iterdir())
if f.is_file() and f.suffix == '.md' and f.name not in skip_files]
if not prompt_files:
return prompt_details, findings
for f in prompt_files:
content = f.read_text(encoding='utf-8')
rel_path = f.name
detail = {'file': f.name, 'has_config_header': False, 'has_progression': False}
# Config header check
if '{communication_language}' in content or '{document_output_language}' in content:
detail['has_config_header'] = True
else:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'config-header',
'issue': 'No config header with language variables found',
})
# Progression condition check
lower = content.lower()
prog_keywords = ['progress', 'advance', 'move to', 'next stage', 'when complete',
'proceed to', 'transition', 'completion criteria']
if any(kw in lower for kw in prog_keywords):
detail['has_progression'] = True
else:
findings.append({
'file': rel_path, 'line': len(content.split('\n')),
'severity': 'high', 'category': 'progression',
'issue': 'No progression condition keywords found',
})
# Directness checks
for pattern, message in DIRECTNESS_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
findings.append({
'file': rel_path, 'line': line_num,
'severity': 'low', 'category': 'language',
'issue': message,
})
# Template artifacts
findings.extend(find_template_artifacts(f, rel_path))
prompt_details.append(detail)
return prompt_details, findings
def scan_structure_capabilities(skill_path: Path) -> dict:
"""Run all deterministic agent structure and capability checks."""
all_findings = []
# Read SKILL.md
skill_md = skill_path / 'SKILL.md'
if not skill_md.exists():
return {
'scanner': 'structure-capabilities-prepass',
'script': 'prepass-structure-capabilities.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'fail',
'issues': [{'file': 'SKILL.md', 'line': 1, 'severity': 'critical',
'category': 'missing-file', 'issue': 'SKILL.md does not exist'}],
'summary': {'total_issues': 1, 'by_severity': {'critical': 1, 'high': 0, 'medium': 0, 'low': 0}},
}
skill_content = skill_md.read_text(encoding='utf-8')
# Frontmatter
frontmatter, fm_findings = parse_frontmatter(skill_content)
all_findings.extend(fm_findings)
# Sections
sections = extract_sections(skill_content)
section_findings = check_required_sections(sections)
all_findings.extend(section_findings)
# Template artifacts in SKILL.md
all_findings.extend(find_template_artifacts(skill_md, 'SKILL.md'))
# Directness checks in SKILL.md
for pattern, message in DIRECTNESS_PATTERNS:
for m in re.finditer(pattern, skill_content, re.IGNORECASE):
line_num = skill_content[:m.start()].count('\n') + 1
all_findings.append({
'file': 'SKILL.md', 'line': line_num,
'severity': 'low', 'category': 'language',
'issue': message,
})
# Memory path consistency
memory_paths, memory_findings = extract_memory_paths(skill_path)
all_findings.extend(memory_findings)
# Prompt basics
prompt_details, prompt_findings = check_prompt_basics(skill_path)
all_findings.extend(prompt_findings)
# Build severity summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0:
status = 'warning'
return {
'scanner': 'structure-capabilities-prepass',
'script': 'prepass-structure-capabilities.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'metadata': {
'frontmatter': frontmatter,
'sections': sections,
},
'prompt_details': prompt_details,
'memory_paths': memory_paths,
'issues': all_findings,
'summary': {
'total_issues': len(all_findings),
'by_severity': by_severity,
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Deterministic pre-pass for agent structure and capabilities scanning',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_structure_capabilities(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())

339
_bmad/bmb/bmad-agent-builder/scripts/scan-path-standards.py Normal file
View File

@@ -0,0 +1,339 @@
#!/usr/bin/env python3
"""Deterministic path standards scanner for BMad skills.
Validates all .md and .json files against BMad path conventions:
1. {project-root} only valid before /_bmad
2. Bare _bmad references must have {project-root} prefix
3. Config variables used directly (no double-prefix)
4. Skill-internal paths must use ./ prefix (references/, scripts/, assets/)
5. No ../ parent directory references
6. No absolute paths
7. Memory paths must use {project-root}/_bmad/memory/{skillName}-sidecar/
8. Frontmatter allows only name and description
9. No .md files at skill root except SKILL.md
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Patterns to detect
# {project-root} NOT followed by /_bmad
PROJECT_ROOT_NOT_BMAD_RE = re.compile(r'\{project-root\}/(?!_bmad)')
# Bare _bmad without {project-root} prefix — match _bmad at word boundary
# but not when preceded by {project-root}/
BARE_BMAD_RE = re.compile(r'(?<!\{project-root\}/)_bmad[/\s]')
# Absolute paths
ABSOLUTE_PATH_RE = re.compile(r'(?:^|[\s"`\'(])(/(?:Users|home|opt|var|tmp|etc|usr)/\S+)', re.MULTILINE)
HOME_PATH_RE = re.compile(r'(?:^|[\s"`\'(])(~/\S+)', re.MULTILINE)
# Parent directory reference (still invalid)
RELATIVE_DOT_RE = re.compile(r'(?:^|[\s"`\'(])(\.\./\S+)', re.MULTILINE)
# Bare skill-internal paths without ./ prefix
# Match references/, scripts/, assets/ when NOT preceded by ./
BARE_INTERNAL_RE = re.compile(r'(?:^|[\s"`\'(])(?<!\./)((?:references|scripts|assets)/\S+)', re.MULTILINE)
# Memory path pattern: should use {project-root}/_bmad/memory/
MEMORY_PATH_RE = re.compile(r'_bmad/memory/\S+')
VALID_MEMORY_PATH_RE = re.compile(r'\{project-root\}/_bmad/memory/\S+-sidecar/')
# Fenced code block detection (to skip examples showing wrong patterns)
FENCE_RE = re.compile(r'^```', re.MULTILINE)
# Valid frontmatter keys
VALID_FRONTMATTER_KEYS = {'name', 'description'}
def is_in_fenced_block(content: str, pos: int) -> bool:
"""Check if a position is inside a fenced code block."""
fences = [m.start() for m in FENCE_RE.finditer(content[:pos])]
# Odd number of fences before pos means we're inside a block
return len(fences) % 2 == 1
def get_line_number(content: str, pos: int) -> int:
"""Get 1-based line number for a position in content."""
return content[:pos].count('\n') + 1
def check_frontmatter(content: str, filepath: Path) -> list[dict]:
"""Validate SKILL.md frontmatter contains only allowed keys."""
findings = []
if filepath.name != 'SKILL.md':
return findings
if not content.startswith('---'):
findings.append({
'file': filepath.name,
'line': 1,
'severity': 'critical',
'category': 'frontmatter',
'title': 'SKILL.md missing frontmatter block',
'detail': 'SKILL.md must start with --- frontmatter containing name and description',
'action': 'Add frontmatter with name and description fields',
})
return findings
# Find closing ---
end = content.find('\n---', 3)
if end == -1:
findings.append({
'file': filepath.name,
'line': 1,
'severity': 'critical',
'category': 'frontmatter',
'title': 'SKILL.md frontmatter block not closed',
'detail': 'Missing closing --- for frontmatter',
'action': 'Add closing --- after frontmatter fields',
})
return findings
frontmatter = content[4:end]
for i, line in enumerate(frontmatter.split('\n'), start=2):
line = line.strip()
if not line or line.startswith('#'):
continue
if ':' in line:
key = line.split(':', 1)[0].strip()
if key not in VALID_FRONTMATTER_KEYS:
findings.append({
'file': filepath.name,
'line': i,
'severity': 'high',
'category': 'frontmatter',
'title': f'Invalid frontmatter key: {key}',
'detail': f'Only {", ".join(sorted(VALID_FRONTMATTER_KEYS))} are allowed in frontmatter',
'action': f'Remove {key} from frontmatter — use as content field in SKILL.md body instead',
})
return findings
def check_root_md_files(skill_path: Path) -> list[dict]:
"""Check that no .md files exist at skill root except SKILL.md."""
findings = []
for md_file in skill_path.glob('*.md'):
if md_file.name != 'SKILL.md':
findings.append({
'file': md_file.name,
'line': 0,
'severity': 'high',
'category': 'structure',
'title': f'Prompt file at skill root: {md_file.name}',
'detail': 'All progressive disclosure content must be in ./references/ — only SKILL.md belongs at root',
'action': f'Move {md_file.name} to references/{md_file.name}',
})
return findings
def scan_file(filepath: Path, skip_fenced: bool = True) -> list[dict]:
"""Scan a single file for path standard violations."""
findings = []
content = filepath.read_text(encoding='utf-8')
rel_path = filepath.name
checks = [
(PROJECT_ROOT_NOT_BMAD_RE, 'project-root-not-bmad', 'critical',
'{project-root} used for non-_bmad path — only valid use is {project-root}/_bmad/...'),
(ABSOLUTE_PATH_RE, 'absolute-path', 'high',
'Absolute path found — not portable across machines'),
(HOME_PATH_RE, 'absolute-path', 'high',
'Home directory path (~/) found — environment-specific'),
(RELATIVE_DOT_RE, 'relative-prefix', 'high',
'Parent directory reference (../) found — fragile, breaks with reorganization'),
(BARE_INTERNAL_RE, 'bare-internal-path', 'high',
'Bare skill-internal path without ./ prefix — use ./references/, ./scripts/, ./assets/ to distinguish from {project-root} paths'),
]
for pattern, category, severity, message in checks:
for match in pattern.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': severity,
'category': category,
'title': message,
'detail': line_content[:120],
'action': '',
})
# Bare _bmad check — more nuanced, need to avoid false positives
# inside {project-root}/_bmad which is correct
for match in BARE_BMAD_RE.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
start = max(0, pos - 30)
before = content[start:pos]
if '{project-root}/' in before:
continue
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': 'high',
'category': 'bare-bmad',
'title': 'Bare _bmad reference without {project-root} prefix',
'detail': line_content[:120],
'action': '',
})
# Memory path check — memory paths should use {project-root}/_bmad/memory/{skillName}-sidecar/
for match in MEMORY_PATH_RE.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
start = max(0, pos - 20)
before = content[start:pos]
matched_text = match.group()
if '{project-root}/' not in before:
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': 'high',
'category': 'memory-path',
'title': 'Memory path missing {project-root} prefix — use {project-root}/_bmad/memory/',
'detail': line_content[:120],
'action': '',
})
elif '-sidecar/' not in matched_text:
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': 'high',
'category': 'memory-path',
'title': 'Memory path not using {skillName}-sidecar/ convention',
'detail': line_content[:120],
'action': '',
})
return findings
def scan_skill(skill_path: Path, skip_fenced: bool = True) -> dict:
"""Scan all .md and .json files in a skill directory."""
all_findings = []
# Check for .md files at root that aren't SKILL.md
all_findings.extend(check_root_md_files(skill_path))
# Check SKILL.md frontmatter
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
content = skill_md.read_text(encoding='utf-8')
all_findings.extend(check_frontmatter(content, skill_md))
# Find all .md and .json files
md_files = sorted(list(skill_path.rglob('*.md')) + list(skill_path.rglob('*.json')))
if not md_files:
print(f"Warning: No .md or .json files found in {skill_path}", file=sys.stderr)
files_scanned = []
for md_file in md_files:
rel = md_file.relative_to(skill_path)
files_scanned.append(str(rel))
file_findings = scan_file(md_file, skip_fenced)
for f in file_findings:
f['file'] = str(rel)
all_findings.extend(file_findings)
# Build summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
by_category = {
'project_root_not_bmad': 0,
'bare_bmad': 0,
'double_prefix': 0,
'absolute_path': 0,
'relative_prefix': 0,
'bare_internal_path': 0,
'memory_path': 0,
'frontmatter': 0,
'structure': 0,
}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
cat = f['category'].replace('-', '_')
if cat in by_category:
by_category[cat] += 1
return {
'scanner': 'path-standards',
'script': 'scan-path-standards.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'files_scanned': files_scanned,
'status': 'pass' if not all_findings else 'fail',
'findings': all_findings,
'assessments': {},
'summary': {
'total_findings': len(all_findings),
'by_severity': by_severity,
'by_category': by_category,
'assessment': 'Path standards scan complete',
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Scan BMad skill for path standard violations',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
parser.add_argument(
'--include-fenced',
action='store_true',
help='Also check inside fenced code blocks (by default they are skipped)',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_skill(args.skill_path, skip_fenced=not args.include_fenced)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())

745
_bmad/bmb/bmad-agent-builder/scripts/scan-scripts.py Normal file
View File

@@ -0,0 +1,745 @@
#!/usr/bin/env python3
"""Deterministic scripts scanner for BMad skills.
Validates scripts in a skill's scripts/ folder for:
- PEP 723 inline dependencies (Python)
- Shebang, set -e, portability (Shell)
- Version pinning for npx/uvx
- Agentic design: no input(), has argparse/--help, JSON output, exit codes
- Unit test existence
- Over-engineering signals (line count, simple-op imports)
- External lint: ruff (Python), shellcheck (Bash), biome (JS/TS)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import ast
import json
import re
import shutil
import subprocess
import sys
from datetime import datetime, timezone
from pathlib import Path
# =============================================================================
# External Linter Integration
# =============================================================================
def _run_command(cmd: list[str], timeout: int = 30) -> tuple[int, str, str]:
"""Run a command and return (returncode, stdout, stderr)."""
try:
result = subprocess.run(
cmd, capture_output=True, text=True, timeout=timeout,
)
return result.returncode, result.stdout, result.stderr
except FileNotFoundError:
return -1, '', f'Command not found: {cmd[0]}'
except subprocess.TimeoutExpired:
return -2, '', f'Command timed out after {timeout}s: {" ".join(cmd)}'
def _find_uv() -> str | None:
"""Find uv binary on PATH."""
return shutil.which('uv')
def _find_npx() -> str | None:
"""Find npx binary on PATH."""
return shutil.which('npx')
def lint_python_ruff(filepath: Path, rel_path: str) -> list[dict]:
"""Run ruff on a Python file via uv. Returns lint findings."""
uv = _find_uv()
if not uv:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'uv not found on PATH — cannot run ruff for Python linting',
'detail': '',
'action': 'Install uv: https://docs.astral.sh/uv/getting-started/installation/',
}]
rc, stdout, stderr = _run_command([
uv, 'run', 'ruff', 'check', '--output-format', 'json', str(filepath),
])
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run ruff via uv: {stderr.strip()}',
'detail': '',
'action': 'Ensure uv can install and run ruff: uv run ruff --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'ruff timed out on {rel_path}',
'detail': '',
'action': '',
}]
# ruff outputs JSON array on stdout (even on rc=1 when issues found)
findings = []
try:
issues = json.loads(stdout) if stdout.strip() else []
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse ruff output for {rel_path}',
'detail': '',
'action': '',
}]
for issue in issues:
fix_msg = issue.get('fix', {}).get('message', '') if issue.get('fix') else ''
findings.append({
'file': rel_path,
'line': issue.get('location', {}).get('row', 0),
'severity': 'high',
'category': 'lint',
'title': f'[{issue.get("code", "?")}] {issue.get("message", "")}',
'detail': '',
'action': fix_msg or f'See https://docs.astral.sh/ruff/rules/{issue.get("code", "")}',
})
return findings
def lint_shell_shellcheck(filepath: Path, rel_path: str) -> list[dict]:
"""Run shellcheck on a shell script via uv. Returns lint findings."""
uv = _find_uv()
if not uv:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'uv not found on PATH — cannot run shellcheck for shell linting',
'detail': '',
'action': 'Install uv: https://docs.astral.sh/uv/getting-started/installation/',
}]
rc, stdout, stderr = _run_command([
uv, 'run', '--with', 'shellcheck-py',
'shellcheck', '--format', 'json', str(filepath),
])
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run shellcheck via uv: {stderr.strip()}',
'detail': '',
'action': 'Ensure uv can install shellcheck-py: uv run --with shellcheck-py shellcheck --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'shellcheck timed out on {rel_path}',
'detail': '',
'action': '',
}]
findings = []
# shellcheck outputs JSON on stdout (rc=1 when issues found)
raw = stdout.strip() or stderr.strip()
try:
issues = json.loads(raw) if raw else []
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse shellcheck output for {rel_path}',
'detail': '',
'action': '',
}]
# Map shellcheck levels to our severity
level_map = {'error': 'high', 'warning': 'high', 'info': 'high', 'style': 'medium'}
for issue in issues:
sc_code = issue.get('code', '')
findings.append({
'file': rel_path,
'line': issue.get('line', 0),
'severity': level_map.get(issue.get('level', ''), 'high'),
'category': 'lint',
'title': f'[SC{sc_code}] {issue.get("message", "")}',
'detail': '',
'action': f'See https://www.shellcheck.net/wiki/SC{sc_code}',
})
return findings
def lint_node_biome(filepath: Path, rel_path: str) -> list[dict]:
"""Run biome on a JS/TS file via npx. Returns lint findings."""
npx = _find_npx()
if not npx:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'npx not found on PATH — cannot run biome for JS/TS linting',
'detail': '',
'action': 'Install Node.js 20+: https://nodejs.org/',
}]
rc, stdout, stderr = _run_command([
npx, '--yes', '@biomejs/biome', 'lint', '--reporter', 'json', str(filepath),
], timeout=60)
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run biome via npx: {stderr.strip()}',
'detail': '',
'action': 'Ensure npx can run biome: npx @biomejs/biome --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'biome timed out on {rel_path}',
'detail': '',
'action': '',
}]
findings = []
# biome outputs JSON on stdout
raw = stdout.strip()
try:
result = json.loads(raw) if raw else {}
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse biome output for {rel_path}',
'detail': '',
'action': '',
}]
for diag in result.get('diagnostics', []):
loc = diag.get('location', {})
start = loc.get('start', {})
findings.append({
'file': rel_path,
'line': start.get('line', 0),
'severity': 'high',
'category': 'lint',
'title': f'[{diag.get("category", "?")}] {diag.get("message", "")}',
'detail': '',
'action': diag.get('advices', [{}])[0].get('message', '') if diag.get('advices') else '',
})
return findings
# =============================================================================
# BMad Pattern Checks (Existing)
# =============================================================================
def scan_python_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a Python script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# PEP 723 check
if '# /// script' not in content:
# Only flag if the script has imports (not a trivial script)
if 'import ' in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'dependencies',
'title': 'No PEP 723 inline dependency block (# /// script)',
'detail': '',
'action': 'Add PEP 723 block with requires-python and dependencies',
})
else:
# Check requires-python is present
if 'requires-python' not in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'dependencies',
'title': 'PEP 723 block exists but missing requires-python constraint',
'detail': '',
'action': 'Add requires-python = ">=3.9" or appropriate version',
})
# requirements.txt reference
if 'requirements.txt' in content or 'pip install' in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'high', 'category': 'dependencies',
'title': 'References requirements.txt or pip install — use PEP 723 inline deps',
'detail': '',
'action': 'Replace with PEP 723 inline dependency block',
})
# Agentic design checks via AST
try:
tree = ast.parse(content)
except SyntaxError:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'critical', 'category': 'error-handling',
'title': 'Python syntax error — script cannot be parsed',
'detail': '',
'action': '',
})
return findings
has_argparse = False
has_json_dumps = False
has_sys_exit = False
imports = set()
for node in ast.walk(tree):
# Track imports
if isinstance(node, ast.Import):
for alias in node.names:
imports.add(alias.name)
elif isinstance(node, ast.ImportFrom):
if node.module:
imports.add(node.module)
# input() calls
if isinstance(node, ast.Call):
func = node.func
if isinstance(func, ast.Name) and func.id == 'input':
findings.append({
'file': rel_path, 'line': node.lineno,
'severity': 'critical', 'category': 'agentic-design',
'title': 'input() call found — blocks in non-interactive agent execution',
'detail': '',
'action': 'Use argparse with required flags instead of interactive prompts',
})
# json.dumps
if isinstance(func, ast.Attribute) and func.attr == 'dumps':
has_json_dumps = True
# sys.exit
if isinstance(func, ast.Attribute) and func.attr == 'exit':
has_sys_exit = True
if isinstance(func, ast.Name) and func.id == 'exit':
has_sys_exit = True
# argparse
if isinstance(node, ast.Attribute) and node.attr == 'ArgumentParser':
has_argparse = True
if not has_argparse and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'agentic-design',
'title': 'No argparse found — script lacks --help self-documentation',
'detail': '',
'action': 'Add argparse with description and argument help text',
})
if not has_json_dumps and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'agentic-design',
'title': 'No json.dumps found — output may not be structured JSON',
'detail': '',
'action': 'Use json.dumps for structured output parseable by workflows',
})
if not has_sys_exit and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'agentic-design',
'title': 'No sys.exit() calls — may not return meaningful exit codes',
'detail': '',
'action': 'Return 0=success, 1=fail, 2=error via sys.exit()',
})
# Over-engineering: simple file ops in Python
simple_op_imports = {'shutil', 'glob', 'fnmatch'}
over_eng = imports & simple_op_imports
if over_eng and line_count < 30:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'over-engineered',
'title': f'Short script ({line_count} lines) imports {", ".join(over_eng)} — may be simpler as bash',
'detail': '',
'action': 'Consider if cp/mv/find shell commands would suffice',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
def scan_shell_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a shell script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# Shebang
if not lines[0].startswith('#!'):
findings.append({
'file': rel_path, 'line': 1,
'severity': 'high', 'category': 'portability',
'title': 'Missing shebang line',
'detail': '',
'action': 'Add #!/usr/bin/env bash or #!/usr/bin/env sh',
})
elif '/usr/bin/env' not in lines[0]:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'portability',
'title': f'Shebang uses hardcoded path: {lines[0].strip()}',
'detail': '',
'action': 'Use #!/usr/bin/env bash for cross-platform compatibility',
})
# set -e
if 'set -e' not in content and 'set -euo' not in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'error-handling',
'title': 'Missing set -e — errors will be silently ignored',
'detail': '',
'action': 'Add set -e (or set -euo pipefail) near the top',
})
# Hardcoded interpreter paths
hardcoded_re = re.compile(r'/usr/bin/(python|ruby|node|perl)\b')
for i, line in enumerate(lines, 1):
if hardcoded_re.search(line):
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'portability',
'title': f'Hardcoded interpreter path: {line.strip()}',
'detail': '',
'action': 'Use /usr/bin/env or PATH-based lookup',
})
# GNU-only tools
gnu_re = re.compile(r'\b(gsed|gawk|ggrep|gfind)\b')
for i, line in enumerate(lines, 1):
m = gnu_re.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'portability',
'title': f'GNU-only tool: {m.group()} — not available on all platforms',
'detail': '',
'action': 'Use POSIX-compatible equivalent',
})
# Unquoted variables (basic check)
unquoted_re = re.compile(r'(?<!")\$\w+(?!")')
for i, line in enumerate(lines, 1):
if line.strip().startswith('#'):
continue
for m in unquoted_re.finditer(line):
# Skip inside double-quoted strings (rough heuristic)
before = line[:m.start()]
if before.count('"') % 2 == 1:
continue
findings.append({
'file': rel_path, 'line': i,
'severity': 'low', 'category': 'portability',
'title': f'Potentially unquoted variable: {m.group()} — breaks with spaces in paths',
'detail': '',
'action': f'Use "{m.group()}" with double quotes',
})
# npx/uvx without version pinning
no_pin_re = re.compile(r'\b(npx|uvx)\s+([a-zA-Z][\w-]+)(?!\S*@)')
for i, line in enumerate(lines, 1):
if line.strip().startswith('#'):
continue
m = no_pin_re.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'dependencies',
'title': f'{m.group(1)} {m.group(2)} without version pinning',
'detail': '',
'action': f'Pin version: {m.group(1)} {m.group(2)}@<version>',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
def scan_node_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a JS/TS script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# npx/uvx without version pinning
no_pin = re.compile(r'\b(npx|uvx)\s+([a-zA-Z][\w-]+)(?!\S*@)')
for i, line in enumerate(lines, 1):
m = no_pin.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'dependencies',
'title': f'{m.group(1)} {m.group(2)} without version pinning',
'detail': '',
'action': f'Pin version: {m.group(1)} {m.group(2)}@<version>',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
# =============================================================================
# Main Scanner
# =============================================================================
def scan_skill_scripts(skill_path: Path) -> dict:
"""Scan all scripts in a skill directory."""
scripts_dir = skill_path / 'scripts'
all_findings = []
lint_findings = []
script_inventory = {'python': [], 'shell': [], 'node': [], 'other': []}
missing_tests = []
if not scripts_dir.exists():
return {
'scanner': 'scripts',
'script': 'scan-scripts.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'pass',
'findings': [{
'file': 'scripts/',
'severity': 'info',
'category': 'none',
'title': 'No scripts/ directory found — nothing to scan',
'detail': '',
'action': '',
}],
'assessments': {
'lint_summary': {
'tools_used': [],
'files_linted': 0,
'lint_issues': 0,
},
'script_summary': {
'total_scripts': 0,
'by_type': script_inventory,
'missing_tests': [],
},
},
'summary': {
'total_findings': 0,
'by_severity': {'critical': 0, 'high': 0, 'medium': 0, 'low': 0},
'assessment': '',
},
}
# Find all script files (exclude tests/ and __pycache__)
script_files = []
for f in sorted(scripts_dir.iterdir()):
if f.is_file() and f.suffix in ('.py', '.sh', '.bash', '.js', '.ts', '.mjs'):
script_files.append(f)
tests_dir = scripts_dir / 'tests'
lint_tools_used = set()
for script_file in script_files:
rel_path = f'scripts/{script_file.name}'
ext = script_file.suffix
if ext == '.py':
script_inventory['python'].append(script_file.name)
findings = scan_python_script(script_file, rel_path)
lf = lint_python_ruff(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('ruff')
elif ext in ('.sh', '.bash'):
script_inventory['shell'].append(script_file.name)
findings = scan_shell_script(script_file, rel_path)
lf = lint_shell_shellcheck(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('shellcheck')
elif ext in ('.js', '.ts', '.mjs'):
script_inventory['node'].append(script_file.name)
findings = scan_node_script(script_file, rel_path)
lf = lint_node_biome(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('biome')
else:
script_inventory['other'].append(script_file.name)
findings = []
# Check for unit tests
if tests_dir.exists():
stem = script_file.stem
test_patterns = [
f'test_{stem}{ext}', f'test-{stem}{ext}',
f'{stem}_test{ext}', f'{stem}-test{ext}',
f'test_{stem}.py', f'test-{stem}.py',
]
has_test = any((tests_dir / t).exists() for t in test_patterns)
else:
has_test = False
if not has_test:
missing_tests.append(script_file.name)
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'tests',
'title': f'No unit test found for {script_file.name}',
'detail': '',
'action': f'Create scripts/tests/test-{script_file.stem}{ext} with test cases',
})
all_findings.extend(findings)
# Check if tests/ directory exists at all
if script_files and not tests_dir.exists():
all_findings.append({
'file': 'scripts/tests/',
'line': 0,
'severity': 'high',
'category': 'tests',
'title': 'scripts/tests/ directory does not exist — no unit tests',
'detail': '',
'action': 'Create scripts/tests/ with test files for each script',
})
# Merge lint findings into all findings
all_findings.extend(lint_findings)
# Build summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
by_category: dict[str, int] = {}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
cat = f['category']
by_category[cat] = by_category.get(cat, 0) + 1
total_scripts = sum(len(v) for v in script_inventory.values())
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0:
status = 'warning'
elif total_scripts == 0:
status = 'pass'
lint_issue_count = sum(1 for f in lint_findings if f['category'] == 'lint')
return {
'scanner': 'scripts',
'script': 'scan-scripts.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'findings': all_findings,
'assessments': {
'lint_summary': {
'tools_used': sorted(lint_tools_used),
'files_linted': total_scripts,
'lint_issues': lint_issue_count,
},
'script_summary': {
'total_scripts': total_scripts,
'by_type': {k: len(v) for k, v in script_inventory.items()},
'scripts': {k: v for k, v in script_inventory.items() if v},
'missing_tests': missing_tests,
},
},
'summary': {
'total_findings': len(all_findings),
'by_severity': by_severity,
'by_category': by_category,
'assessment': '',
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Scan BMad skill scripts for quality, portability, agentic design, and lint issues',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_skill_scripts(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())

76
_bmad/bmb/bmad-builder-setup/SKILL.md Normal file
View File

@@ -0,0 +1,76 @@
---
name: bmad-builder-setup
description: Sets up BMad Builder module in a project. Use when the user requests to 'install bmb module', 'configure bmad builder', or 'setup bmad builder'.
---
# Module Setup
## Overview
Installs and configures a BMad module into a project. Module identity (name, code, version) comes from `./assets/module.yaml`. Collects user preferences and writes them to three files:
- **`{project-root}/_bmad/config.yaml`** — shared project config: core settings at root (e.g. `output_folder`, `document_output_language`) plus a section per module with metadata and module-specific values. User-only keys (`user_name`, `communication_language`) are **never** written here.
- **`{project-root}/_bmad/config.user.yaml`** — personal settings intended to be gitignored: `user_name`, `communication_language`, and any module variable marked `user_setting: true` in `./assets/module.yaml`. These values live exclusively here.
- **`{project-root}/_bmad/module-help.csv`** — registers module capabilities for the help system.
Both config scripts use an anti-zombie pattern — existing entries for this module are removed before writing fresh ones, so stale values never persist.
`{project-root}` is a **literal token** in config values — never substitute it with an actual path. It signals to the consuming LLM that the value is relative to the project root, not the skill root.
## On Activation
1. Read `./assets/module.yaml` for module metadata and variable definitions (the `code` field is the module identifier)
2. Check if `{project-root}/_bmad/config.yaml` exists — if a section matching the module's code is already present, inform the user this is an update
3. Check for per-module configuration at `{project-root}/_bmad/{module-code}/config.yaml` and `{project-root}/_bmad/core/config.yaml`. If either file exists:
- If `{project-root}/_bmad/config.yaml` does **not** yet have a section for this module: this is a **fresh install**. Inform the user that installer config was detected and values will be consolidated into the new format.
- If `{project-root}/_bmad/config.yaml` **already** has a section for this module: this is a **legacy migration**. Inform the user that legacy per-module config was found alongside existing config, and legacy values will be used as fallback defaults.
- In both cases, per-module config files and directories will be cleaned up after setup.
If the user provides arguments (e.g. `accept all defaults`, `--headless`, or inline values like `user name is BMad, I speak Swahili`), map any provided values to config keys, use defaults for the rest, and skip interactive prompting. Still display the full confirmation summary at the end.
## Collect Configuration
Ask the user for values. Show defaults in brackets. Present all values together so the user can respond once with only the values they want to change (e.g. "change language to Swahili, rest are fine"). Never tell the user to "press enter" or "leave blank" — in a chat interface they must type something to respond.
**Default priority** (highest wins): existing new config values > legacy config values > `./assets/module.yaml` defaults. When legacy configs exist, read them and use matching values as defaults instead of `module.yaml` defaults. Only keys that match the current schema are carried forward — changed or removed keys are ignored.
**Core config** (only if no core keys exist yet): `user_name` (default: BMad), `communication_language` and `document_output_language` (default: English — ask as a single language question, both keys get the same answer), `output_folder` (default: `{project-root}/_bmad-output`). Of these, `user_name` and `communication_language` are written exclusively to `config.user.yaml`. The rest go to `config.yaml` at root and are shared across all modules.
**Module config**: Read each variable in `./assets/module.yaml` that has a `prompt` field. Ask using that prompt with its default value (or legacy value if available).
## Write Files
Write a temp JSON file with the collected answers structured as `{"core": {...}, "module": {...}}` (omit `core` if it already exists). Then run both scripts — they can run in parallel since they write to different files:
```bash
python3 ./scripts/merge-config.py --config-path "{project-root}/_bmad/config.yaml" --user-config-path "{project-root}/_bmad/config.user.yaml" --module-yaml ./assets/module.yaml --answers {temp-file} --legacy-dir "{project-root}/_bmad"
python3 ./scripts/merge-help-csv.py --target "{project-root}/_bmad/module-help.csv" --source ./assets/module-help.csv --legacy-dir "{project-root}/_bmad" --module-code {module-code}
```
Both scripts output JSON to stdout with results. If either exits non-zero, surface the error and stop. The scripts automatically read legacy config values as fallback defaults, then delete the legacy files after a successful merge. Check `legacy_configs_deleted` and `legacy_csvs_deleted` in the output to confirm cleanup.
Run `./scripts/merge-config.py --help` or `./scripts/merge-help-csv.py --help` for full usage.
## Create Output Directories
After writing config, create any output directories that were configured. For filesystem operations only (such as creating directories), resolve the `{project-root}` token to the actual project root and create each path-type value from `config.yaml` that does not yet exist — this includes `output_folder` and any module variable whose value starts with `{project-root}/`. The paths stored in the config files must continue to use the literal `{project-root}` token; only the directories on disk should use the resolved paths. Use `mkdir -p` or equivalent to create the full path.
## Cleanup Legacy Directories
After both merge scripts complete successfully, remove the installer's package directories. Skills and agents in these directories are already installed at `.claude/skills/` — the `_bmad/` directory should only contain config files.
```bash
python3 ./scripts/cleanup-legacy.py --bmad-dir "{project-root}/_bmad" --module-code {module-code} --also-remove _config --skills-dir "{project-root}/.claude/skills"
```
The script verifies that every skill in the legacy directories exists at `.claude/skills/` before removing anything. Directories without skills (like `_config/`) are removed directly. If the script exits non-zero, surface the error and stop. Missing directories (already cleaned by a prior run) are not errors — the script is idempotent.
Check `directories_removed` and `files_removed_count` in the JSON output for the confirmation step. Run `./scripts/cleanup-legacy.py --help` for full usage.
## Confirm
Use the script JSON output to display what was written — config values set (written to `config.yaml` at root for core, module section for module values), user settings written to `config.user.yaml` (`user_keys` in result), help entries added, fresh install vs update. If legacy files were deleted, mention the migration. If legacy directories were removed, report the count and list (e.g. "Cleaned up 106 installer package files from bmb/, core/, _config/ — skills are installed at .claude/skills/"). Then display the `module_greeting` from `./assets/module.yaml` to the user.
## Outcome
Once the user's `user_name` and `communication_language` are known (from collected input, arguments, or existing config), use them consistently for the remainder of the session: address the user by their configured name and communicate in their configured `communication_language`.

6
_bmad/bmb/bmad-builder-setup/assets/module-help.csv Normal file
View File

@@ -0,0 +1,6 @@
module,skill,display-name,menu-code,description,action,args,phase,after,before,required,output-location,outputs
BMad Builder,bmad-builder-setup,Setup Builder Module,SB,"Install or update BMad Builder module config and help entries. Collects user preferences, writes config.yaml, and migrates legacy configs.",configure,,anytime,,,false,{project-root}/_bmad,config.yaml and config.user.yaml
BMad Builder,bmad-agent-builder,Build an Agent,BA,"Create, edit, convert, or fix an agent skill.",build-process,"[-H] [description | path]",anytime,,bmad-agent-builder:quality-optimizer,false,output_folder,agent skill
BMad Builder,bmad-agent-builder,Optimize an Agent,OA,Validate and optimize an existing agent skill. Produces a quality report.,quality-optimizer,[-H] [path],anytime,bmad-agent-builder:build-process,,false,bmad_builder_reports,quality report
BMad Builder,bmad-workflow-builder,Build a Workflow,BW,"Create, edit, convert, or fix a workflow or utility skill.",build-process,"[-H] [description | path]",anytime,,bmad-workflow-builder:quality-optimizer,false,output_folder,workflow skill
BMad Builder,bmad-workflow-builder,Optimize a Workflow,OW,Validate and optimize an existing workflow or utility skill. Produces a quality report.,quality-optimizer,[-H] [path],anytime,bmad-workflow-builder:build-process,,false,bmad_builder_reports,quality report
1 module skill display-name menu-code description action args phase after before required output-location outputs
2 BMad Builder bmad-builder-setup Setup Builder Module SB Install or update BMad Builder module config and help entries. Collects user preferences, writes config.yaml, and migrates legacy configs. configure anytime false {project-root}/_bmad config.yaml and config.user.yaml
3 BMad Builder bmad-agent-builder Build an Agent BA Create, edit, convert, or fix an agent skill. build-process [-H] [description | path] anytime bmad-agent-builder:quality-optimizer false output_folder agent skill
4 BMad Builder bmad-agent-builder Optimize an Agent OA Validate and optimize an existing agent skill. Produces a quality report. quality-optimizer [-H] [path] anytime bmad-agent-builder:build-process false bmad_builder_reports quality report
5 BMad Builder bmad-workflow-builder Build a Workflow BW Create, edit, convert, or fix a workflow or utility skill. build-process [-H] [description | path] anytime bmad-workflow-builder:quality-optimizer false output_folder workflow skill
6 BMad Builder bmad-workflow-builder Optimize a Workflow OW Validate and optimize an existing workflow or utility skill. Produces a quality report. quality-optimizer [-H] [path] anytime bmad-workflow-builder:build-process false bmad_builder_reports quality report

20
_bmad/bmb/bmad-builder-setup/assets/module.yaml Normal file
View File

@@ -0,0 +1,20 @@
code: bmb
name: "BMad Builder"
description: "Standard Skill Compliant Factory for BMad Agents, Workflows and Modules"
module_version: 1.0.0
default_selected: false
module_greeting: >
Enjoy making your dream creations with the BMad Builder Module!
Run this again at any time if you want to reconfigure a setting or have updated the module, (or optionally just update _bmad/config.yaml and config.user.yaml to change existing values)
For questions, suggestions and support - check us on Discord at https://discord.gg/gk8jAdXWmj
bmad_builder_output_folder:
prompt: "Where should your custom output (agent, workflow, module config) be saved?"
default: "{project-root}/skills"
result: "{project-root}/{value}"
bmad_builder_reports:
prompt: "Output for Evals, Test, Quality and Planning Reports?"
default: "{project-root}/skills/reports"
result: "{project-root}/{value}"

259
_bmad/bmb/bmad-builder-setup/scripts/cleanup-legacy.py Executable file
View File

@@ -0,0 +1,259 @@
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.9"
# dependencies = []
# ///
"""Remove legacy module directories from _bmad/ after config migration.
After merge-config.py and merge-help-csv.py have migrated config data and
deleted individual legacy files, this script removes the now-redundant
directory trees. These directories contain skill files that are already
installed at .claude/skills/ (or equivalent) — only the config files at
_bmad/ root need to persist.
When --skills-dir is provided, the script verifies that every skill found
in the legacy directories exists at the installed location before removing
anything. Directories without skills (like _config/) are removed directly.
Exit codes: 0=success (including nothing to remove), 1=validation error, 2=runtime error
"""
import argparse
import json
import shutil
import sys
from pathlib import Path
def parse_args():
parser = argparse.ArgumentParser(
description="Remove legacy module directories from _bmad/ after config migration."
)
parser.add_argument(
"--bmad-dir",
required=True,
help="Path to the _bmad/ directory",
)
parser.add_argument(
"--module-code",
required=True,
help="Module code being cleaned up (e.g. 'bmb')",
)
parser.add_argument(
"--also-remove",
action="append",
default=[],
help="Additional directory names under _bmad/ to remove (repeatable)",
)
parser.add_argument(
"--skills-dir",
help="Path to .claude/skills/ — enables safety verification that skills "
"are installed before removing legacy copies",
)
parser.add_argument(
"--verbose",
action="store_true",
help="Print detailed progress to stderr",
)
return parser.parse_args()
def find_skill_dirs(base_path: str) -> list:
"""Find directories that contain a SKILL.md file.
Walks the directory tree and returns the leaf directory name for each
directory containing a SKILL.md. These are considered skill directories.
Returns:
List of skill directory names (e.g. ['bmad-agent-builder', 'bmad-builder-setup'])
"""
skills = []
root = Path(base_path)
if not root.exists():
return skills
for skill_md in root.rglob("SKILL.md"):
skills.append(skill_md.parent.name)
return sorted(set(skills))
def verify_skills_installed(
bmad_dir: str, dirs_to_check: list, skills_dir: str, verbose: bool = False
) -> list:
"""Verify that skills in legacy directories exist at the installed location.
Scans each directory in dirs_to_check for skill folders (containing SKILL.md),
then checks that a matching directory exists under skills_dir. Directories
that contain no skills (like _config/) are silently skipped.
Returns:
List of verified skill names.
Raises SystemExit(1) if any skills are missing from skills_dir.
"""
all_verified = []
missing = []
for dirname in dirs_to_check:
legacy_path = Path(bmad_dir) / dirname
if not legacy_path.exists():
continue
skill_names = find_skill_dirs(str(legacy_path))
if not skill_names:
if verbose:
print(
f"No skills found in {dirname}/ — skipping verification",
file=sys.stderr,
)
continue
for skill_name in skill_names:
installed_path = Path(skills_dir) / skill_name
if installed_path.is_dir():
all_verified.append(skill_name)
if verbose:
print(
f"Verified: {skill_name} exists at {installed_path}",
file=sys.stderr,
)
else:
missing.append(skill_name)
if verbose:
print(
f"MISSING: {skill_name} not found at {installed_path}",
file=sys.stderr,
)
if missing:
error_result = {
"status": "error",
"error": "Skills not found at installed location",
"missing_skills": missing,
"skills_dir": str(Path(skills_dir).resolve()),
}
print(json.dumps(error_result, indent=2))
sys.exit(1)
return sorted(set(all_verified))
def count_files(path: Path) -> int:
"""Count all files recursively in a directory."""
count = 0
for item in path.rglob("*"):
if item.is_file():
count += 1
return count
def cleanup_directories(
bmad_dir: str, dirs_to_remove: list, verbose: bool = False
) -> tuple:
"""Remove specified directories under bmad_dir.
Returns:
(removed, not_found, total_files_removed) tuple
"""
removed = []
not_found = []
total_files = 0
for dirname in dirs_to_remove:
target = Path(bmad_dir) / dirname
if not target.exists():
not_found.append(dirname)
if verbose:
print(f"Not found (skipping): {target}", file=sys.stderr)
continue
if not target.is_dir():
if verbose:
print(f"Not a directory (skipping): {target}", file=sys.stderr)
not_found.append(dirname)
continue
file_count = count_files(target)
if verbose:
print(
f"Removing {target} ({file_count} files)",
file=sys.stderr,
)
try:
shutil.rmtree(target)
except OSError as e:
error_result = {
"status": "error",
"error": f"Failed to remove {target}: {e}",
"directories_removed": removed,
"directories_failed": dirname,
}
print(json.dumps(error_result, indent=2))
sys.exit(2)
removed.append(dirname)
total_files += file_count
return removed, not_found, total_files
def main():
args = parse_args()
bmad_dir = args.bmad_dir
module_code = args.module_code
# Build the list of directories to remove
dirs_to_remove = [module_code, "core"] + args.also_remove
# Deduplicate while preserving order
seen = set()
unique_dirs = []
for d in dirs_to_remove:
if d not in seen:
seen.add(d)
unique_dirs.append(d)
dirs_to_remove = unique_dirs
if args.verbose:
print(f"Directories to remove: {dirs_to_remove}", file=sys.stderr)
# Safety check: verify skills are installed before removing
verified_skills = None
if args.skills_dir:
if args.verbose:
print(
f"Verifying skills installed at {args.skills_dir}",
file=sys.stderr,
)
verified_skills = verify_skills_installed(
bmad_dir, dirs_to_remove, args.skills_dir, args.verbose
)
# Remove directories
removed, not_found, total_files = cleanup_directories(
bmad_dir, dirs_to_remove, args.verbose
)
# Build result
result = {
"status": "success",
"bmad_dir": str(Path(bmad_dir).resolve()),
"directories_removed": removed,
"directories_not_found": not_found,
"files_removed_count": total_files,
}
if args.skills_dir:
result["safety_checks"] = {
"skills_verified": True,
"skills_dir": str(Path(args.skills_dir).resolve()),
"verified_skills": verified_skills,
}
else:
result["safety_checks"] = None
print(json.dumps(result, indent=2))
if __name__ == "__main__":
main()

408
_bmad/bmb/bmad-builder-setup/scripts/merge-config.py Executable file
View File

@@ -0,0 +1,408 @@
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.9"
# dependencies = ["pyyaml"]
# ///
"""Merge module configuration into shared _bmad/config.yaml and config.user.yaml.
Reads a module.yaml definition and a JSON answers file, then writes or updates
the shared config.yaml (core values at root + module section) and config.user.yaml
(user_name, communication_language, plus any module variable with user_setting: true).
Uses an anti-zombie pattern for the module section in config.yaml.
Legacy migration: when --legacy-dir is provided, reads old per-module config files
from {legacy-dir}/{module-code}/config.yaml and {legacy-dir}/core/config.yaml.
Matching values serve as fallback defaults (answers override them). After a
successful merge, the legacy config.yaml files are deleted. Only the current
module and core directories are touched — other module directories are left alone.
Exit codes: 0=success, 1=validation error, 2=runtime error
"""
import argparse
import json
import sys
from pathlib import Path
try:
import yaml
except ImportError:
print("Error: pyyaml is required (PEP 723 dependency)", file=sys.stderr)
sys.exit(2)
def parse_args():
parser = argparse.ArgumentParser(
description="Merge module config into shared _bmad/config.yaml with anti-zombie pattern."
)
parser.add_argument(
"--config-path",
required=True,
help="Path to the target _bmad/config.yaml file",
)
parser.add_argument(
"--module-yaml",
required=True,
help="Path to the module.yaml definition file",
)
parser.add_argument(
"--answers",
required=True,
help="Path to JSON file with collected answers",
)
parser.add_argument(
"--user-config-path",
required=True,
help="Path to the target _bmad/config.user.yaml file",
)
parser.add_argument(
"--legacy-dir",
help="Path to _bmad/ directory to check for legacy per-module config files. "
"Matching values are used as fallback defaults, then legacy files are deleted.",
)
parser.add_argument(
"--verbose",
action="store_true",
help="Print detailed progress to stderr",
)
return parser.parse_args()
def load_yaml_file(path: str) -> dict:
"""Load a YAML file, returning empty dict if file doesn't exist."""
file_path = Path(path)
if not file_path.exists():
return {}
with open(file_path, "r", encoding="utf-8") as f:
content = yaml.safe_load(f)
return content if content else {}
def load_json_file(path: str) -> dict:
"""Load a JSON file."""
with open(path, "r", encoding="utf-8") as f:
return json.load(f)
# Keys that live at config root (shared across all modules)
_CORE_KEYS = frozenset(
{"user_name", "communication_language", "document_output_language", "output_folder"}
)
def load_legacy_values(
legacy_dir: str, module_code: str, module_yaml: dict, verbose: bool = False
) -> tuple[dict, dict, list]:
"""Read legacy per-module config files and return core/module value dicts.
Reads {legacy_dir}/core/config.yaml and {legacy_dir}/{module_code}/config.yaml.
Only returns values whose keys match the current schema (core keys or module.yaml
variable definitions). Other modules' directories are not touched.
Returns:
(legacy_core, legacy_module, files_found) where files_found lists paths read.
"""
legacy_core: dict = {}
legacy_module: dict = {}
files_found: list = []
# Read core legacy config
core_path = Path(legacy_dir) / "core" / "config.yaml"
if core_path.exists():
core_data = load_yaml_file(str(core_path))
files_found.append(str(core_path))
for k, v in core_data.items():
if k in _CORE_KEYS:
legacy_core[k] = v
if verbose:
print(f"Legacy core config: {list(legacy_core.keys())}", file=sys.stderr)
# Read module legacy config
mod_path = Path(legacy_dir) / module_code / "config.yaml"
if mod_path.exists():
mod_data = load_yaml_file(str(mod_path))
files_found.append(str(mod_path))
for k, v in mod_data.items():
if k in _CORE_KEYS:
# Core keys duplicated in module config — only use if not already set
if k not in legacy_core:
legacy_core[k] = v
elif k in module_yaml and isinstance(module_yaml[k], dict):
# Module-specific key that matches a current variable definition
legacy_module[k] = v
if verbose:
print(
f"Legacy module config: {list(legacy_module.keys())}", file=sys.stderr
)
return legacy_core, legacy_module, files_found
def apply_legacy_defaults(answers: dict, legacy_core: dict, legacy_module: dict) -> dict:
"""Apply legacy values as fallback defaults under the answers.
Legacy values fill in any key not already present in answers.
Explicit answers always win.
"""
merged = dict(answers)
if legacy_core:
core = merged.get("core", {})
filled_core = dict(legacy_core) # legacy as base
filled_core.update(core) # answers override
merged["core"] = filled_core
if legacy_module:
mod = merged.get("module", {})
filled_mod = dict(legacy_module) # legacy as base
filled_mod.update(mod) # answers override
merged["module"] = filled_mod
return merged
def cleanup_legacy_configs(
legacy_dir: str, module_code: str, verbose: bool = False
) -> list:
"""Delete legacy config.yaml files for this module and core only.
Returns list of deleted file paths.
"""
deleted = []
for subdir in (module_code, "core"):
legacy_path = Path(legacy_dir) / subdir / "config.yaml"
if legacy_path.exists():
if verbose:
print(f"Deleting legacy config: {legacy_path}", file=sys.stderr)
legacy_path.unlink()
deleted.append(str(legacy_path))
return deleted
def extract_module_metadata(module_yaml: dict) -> dict:
"""Extract non-variable metadata fields from module.yaml."""
meta = {}
for k in ("name", "description"):
if k in module_yaml:
meta[k] = module_yaml[k]
meta["version"] = module_yaml.get("module_version") # null if absent
if "default_selected" in module_yaml:
meta["default_selected"] = module_yaml["default_selected"]
return meta
def apply_result_templates(
module_yaml: dict, module_answers: dict, verbose: bool = False
) -> dict:
"""Apply result templates from module.yaml to transform raw answer values.
For each answer, if the corresponding variable definition in module.yaml has
a 'result' field, replaces {value} in that template with the answer. Skips
the template if the answer already contains '{project-root}' to prevent
double-prefixing.
"""
transformed = {}
for key, value in module_answers.items():
var_def = module_yaml.get(key)
if (
isinstance(var_def, dict)
and "result" in var_def
and "{project-root}" not in str(value)
):
template = var_def["result"]
transformed[key] = template.replace("{value}", str(value))
if verbose:
print(
f"Applied result template for '{key}': {value}{transformed[key]}",
file=sys.stderr,
)
else:
transformed[key] = value
return transformed
def merge_config(
existing_config: dict,
module_yaml: dict,
answers: dict,
verbose: bool = False,
) -> dict:
"""Merge answers into config, applying anti-zombie pattern.
Args:
existing_config: Current config.yaml contents (may be empty)
module_yaml: The module definition
answers: JSON with 'core' and/or 'module' keys
verbose: Print progress to stderr
Returns:
Updated config dict ready to write
"""
config = dict(existing_config)
module_code = module_yaml.get("code")
if not module_code:
print("Error: module.yaml must have a 'code' field", file=sys.stderr)
sys.exit(1)
# Migrate legacy core: section to root
if "core" in config and isinstance(config["core"], dict):
if verbose:
print("Migrating legacy 'core' section to root", file=sys.stderr)
config.update(config.pop("core"))
# Strip user-only keys from config — they belong exclusively in config.user.yaml
for key in _CORE_USER_KEYS:
if key in config:
if verbose:
print(f"Removing user-only key '{key}' from config (belongs in config.user.yaml)", file=sys.stderr)
del config[key]
# Write core values at root (global properties, not nested under "core")
# Exclude user-only keys — those belong exclusively in config.user.yaml
core_answers = answers.get("core")
if core_answers:
shared_core = {k: v for k, v in core_answers.items() if k not in _CORE_USER_KEYS}
if shared_core:
if verbose:
print(f"Writing core config at root: {list(shared_core.keys())}", file=sys.stderr)
config.update(shared_core)
# Anti-zombie: remove existing module section
if module_code in config:
if verbose:
print(
f"Removing existing '{module_code}' section (anti-zombie)",
file=sys.stderr,
)
del config[module_code]
# Build module section: metadata + variable values
module_section = extract_module_metadata(module_yaml)
module_answers = apply_result_templates(
module_yaml, answers.get("module", {}), verbose
)
module_section.update(module_answers)
if verbose:
print(
f"Writing '{module_code}' section with keys: {list(module_section.keys())}",
file=sys.stderr,
)
config[module_code] = module_section
return config
# Core keys that are always written to config.user.yaml
_CORE_USER_KEYS = ("user_name", "communication_language")
def extract_user_settings(module_yaml: dict, answers: dict) -> dict:
"""Collect settings that belong in config.user.yaml.
Includes user_name and communication_language from core answers, plus any
module variable whose definition contains user_setting: true.
"""
user_settings = {}
core_answers = answers.get("core", {})
for key in _CORE_USER_KEYS:
if key in core_answers:
user_settings[key] = core_answers[key]
module_answers = answers.get("module", {})
for var_name, var_def in module_yaml.items():
if isinstance(var_def, dict) and var_def.get("user_setting") is True:
if var_name in module_answers:
user_settings[var_name] = module_answers[var_name]
return user_settings
def write_config(config: dict, config_path: str, verbose: bool = False) -> None:
"""Write config dict to YAML file, creating parent dirs as needed."""
path = Path(config_path)
path.parent.mkdir(parents=True, exist_ok=True)
if verbose:
print(f"Writing config to {path}", file=sys.stderr)
with open(path, "w", encoding="utf-8") as f:
yaml.dump(
config,
f,
default_flow_style=False,
allow_unicode=True,
sort_keys=False,
)
def main():
args = parse_args()
# Load inputs
module_yaml = load_yaml_file(args.module_yaml)
if not module_yaml:
print(f"Error: Could not load module.yaml from {args.module_yaml}", file=sys.stderr)
sys.exit(1)
answers = load_json_file(args.answers)
existing_config = load_yaml_file(args.config_path)
if args.verbose:
exists = Path(args.config_path).exists()
print(f"Config file exists: {exists}", file=sys.stderr)
if exists:
print(f"Existing sections: {list(existing_config.keys())}", file=sys.stderr)
# Legacy migration: read old per-module configs as fallback defaults
legacy_files_found = []
if args.legacy_dir:
module_code = module_yaml.get("code", "")
legacy_core, legacy_module, legacy_files_found = load_legacy_values(
args.legacy_dir, module_code, module_yaml, args.verbose
)
if legacy_core or legacy_module:
answers = apply_legacy_defaults(answers, legacy_core, legacy_module)
if args.verbose:
print("Applied legacy values as fallback defaults", file=sys.stderr)
# Merge and write config.yaml
updated_config = merge_config(existing_config, module_yaml, answers, args.verbose)
write_config(updated_config, args.config_path, args.verbose)
# Merge and write config.user.yaml
user_settings = extract_user_settings(module_yaml, answers)
existing_user_config = load_yaml_file(args.user_config_path)
updated_user_config = dict(existing_user_config)
updated_user_config.update(user_settings)
if user_settings:
write_config(updated_user_config, args.user_config_path, args.verbose)
# Legacy cleanup: delete old per-module config files
legacy_deleted = []
if args.legacy_dir:
legacy_deleted = cleanup_legacy_configs(
args.legacy_dir, module_yaml["code"], args.verbose
)
# Output result summary as JSON
module_code = module_yaml["code"]
result = {
"status": "success",
"config_path": str(Path(args.config_path).resolve()),
"user_config_path": str(Path(args.user_config_path).resolve()),
"module_code": module_code,
"core_updated": bool(answers.get("core")),
"module_keys": list(updated_config.get(module_code, {}).keys()),
"user_keys": list(user_settings.keys()),
"legacy_configs_found": legacy_files_found,
"legacy_configs_deleted": legacy_deleted,
}
print(json.dumps(result, indent=2))
if __name__ == "__main__":
main()

220
_bmad/bmb/bmad-builder-setup/scripts/merge-help-csv.py Executable file
View File

@@ -0,0 +1,220 @@
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.9"
# dependencies = []
# ///
"""Merge module help entries into shared _bmad/module-help.csv.
Reads a source CSV with module help entries and merges them into a target CSV.
Uses an anti-zombie pattern: all existing rows matching the source module code
are removed before appending fresh rows.
Legacy cleanup: when --legacy-dir and --module-code are provided, deletes old
per-module module-help.csv files from {legacy-dir}/{module-code}/ and
{legacy-dir}/core/. Only the current module and core are touched.
Exit codes: 0=success, 1=validation error, 2=runtime error
"""
import argparse
import csv
import json
import sys
from io import StringIO
from pathlib import Path
# CSV header for module-help.csv
HEADER = [
"module",
"agent-name",
"skill-name",
"display-name",
"menu-code",
"capability",
"args",
"description",
"phase",
"after",
"before",
"required",
"output-location",
"outputs",
"", # trailing empty column from trailing comma
]
def parse_args():
parser = argparse.ArgumentParser(
description="Merge module help entries into shared _bmad/module-help.csv with anti-zombie pattern."
)
parser.add_argument(
"--target",
required=True,
help="Path to the target _bmad/module-help.csv file",
)
parser.add_argument(
"--source",
required=True,
help="Path to the source module-help.csv with entries to merge",
)
parser.add_argument(
"--legacy-dir",
help="Path to _bmad/ directory to check for legacy per-module CSV files.",
)
parser.add_argument(
"--module-code",
help="Module code (required with --legacy-dir for scoping cleanup).",
)
parser.add_argument(
"--verbose",
action="store_true",
help="Print detailed progress to stderr",
)
return parser.parse_args()
def read_csv_rows(path: str) -> tuple[list[str], list[list[str]]]:
"""Read CSV file returning (header, data_rows).
Returns empty header and rows if file doesn't exist.
"""
file_path = Path(path)
if not file_path.exists():
return [], []
with open(file_path, "r", encoding="utf-8", newline="") as f:
content = f.read()
reader = csv.reader(StringIO(content))
rows = list(reader)
if not rows:
return [], []
return rows[0], rows[1:]
def extract_module_codes(rows: list[list[str]]) -> set[str]:
"""Extract unique module codes from data rows."""
codes = set()
for row in rows:
if row and row[0].strip():
codes.add(row[0].strip())
return codes
def filter_rows(rows: list[list[str]], module_code: str) -> list[list[str]]:
"""Remove all rows matching the given module code."""
return [row for row in rows if not row or row[0].strip() != module_code]
def write_csv(path: str, header: list[str], rows: list[list[str]], verbose: bool = False) -> None:
"""Write header + rows to CSV file, creating parent dirs as needed."""
file_path = Path(path)
file_path.parent.mkdir(parents=True, exist_ok=True)
if verbose:
print(f"Writing {len(rows)} data rows to {path}", file=sys.stderr)
with open(file_path, "w", encoding="utf-8", newline="") as f:
writer = csv.writer(f)
writer.writerow(header)
for row in rows:
writer.writerow(row)
def cleanup_legacy_csvs(
legacy_dir: str, module_code: str, verbose: bool = False
) -> list:
"""Delete legacy per-module module-help.csv files for this module and core only.
Returns list of deleted file paths.
"""
deleted = []
for subdir in (module_code, "core"):
legacy_path = Path(legacy_dir) / subdir / "module-help.csv"
if legacy_path.exists():
if verbose:
print(f"Deleting legacy CSV: {legacy_path}", file=sys.stderr)
legacy_path.unlink()
deleted.append(str(legacy_path))
return deleted
def main():
args = parse_args()
# Read source entries
source_header, source_rows = read_csv_rows(args.source)
if not source_rows:
print(f"Error: No data rows found in source {args.source}", file=sys.stderr)
sys.exit(1)
# Determine module codes being merged
source_codes = extract_module_codes(source_rows)
if not source_codes:
print("Error: Could not determine module code from source rows", file=sys.stderr)
sys.exit(1)
if args.verbose:
print(f"Source module codes: {source_codes}", file=sys.stderr)
print(f"Source rows: {len(source_rows)}", file=sys.stderr)
# Read existing target (may not exist)
target_header, target_rows = read_csv_rows(args.target)
target_existed = Path(args.target).exists()
if args.verbose:
print(f"Target exists: {target_existed}", file=sys.stderr)
if target_existed:
print(f"Existing target rows: {len(target_rows)}", file=sys.stderr)
# Use source header if target doesn't exist or has no header
header = target_header if target_header else (source_header if source_header else HEADER)
# Anti-zombie: remove all rows for each source module code
filtered_rows = target_rows
removed_count = 0
for code in source_codes:
before_count = len(filtered_rows)
filtered_rows = filter_rows(filtered_rows, code)
removed_count += before_count - len(filtered_rows)
if args.verbose and removed_count > 0:
print(f"Removed {removed_count} existing rows (anti-zombie)", file=sys.stderr)
# Append source rows
merged_rows = filtered_rows + source_rows
# Write result
write_csv(args.target, header, merged_rows, args.verbose)
# Legacy cleanup: delete old per-module CSV files
legacy_deleted = []
if args.legacy_dir:
if not args.module_code:
print(
"Error: --module-code is required when --legacy-dir is provided",
file=sys.stderr,
)
sys.exit(1)
legacy_deleted = cleanup_legacy_csvs(
args.legacy_dir, args.module_code, args.verbose
)
# Output result summary as JSON
result = {
"status": "success",
"target_path": str(Path(args.target).resolve()),
"target_existed": target_existed,
"module_codes": sorted(source_codes),
"rows_removed": removed_count,
"rows_added": len(source_rows),
"total_rows": len(merged_rows),
"legacy_csvs_deleted": legacy_deleted,
}
print(json.dumps(result, indent=2))
if __name__ == "__main__":
main()

429
_bmad/bmb/bmad-builder-setup/scripts/tests/test-cleanup-legacy.py Normal file
View File

@@ -0,0 +1,429 @@
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.9"
# dependencies = []
# ///
"""Unit tests for cleanup-legacy.py."""
import json
import os
import sys
import tempfile
import unittest
from pathlib import Path
# Add parent directory to path so we can import the module
sys.path.insert(0, str(Path(__file__).parent.parent))
from importlib.util import spec_from_file_location, module_from_spec
# Import cleanup_legacy module
_spec = spec_from_file_location(
"cleanup_legacy",
str(Path(__file__).parent.parent / "cleanup-legacy.py"),
)
cleanup_legacy_mod = module_from_spec(_spec)
_spec.loader.exec_module(cleanup_legacy_mod)
find_skill_dirs = cleanup_legacy_mod.find_skill_dirs
verify_skills_installed = cleanup_legacy_mod.verify_skills_installed
count_files = cleanup_legacy_mod.count_files
cleanup_directories = cleanup_legacy_mod.cleanup_directories
def _make_skill_dir(base, *path_parts):
"""Create a skill directory with a SKILL.md file."""
skill_dir = os.path.join(base, *path_parts)
os.makedirs(skill_dir, exist_ok=True)
with open(os.path.join(skill_dir, "SKILL.md"), "w") as f:
f.write("---\nname: test-skill\n---\n# Test\n")
return skill_dir
def _make_file(base, *path_parts, content="placeholder"):
"""Create a file at the given path."""
file_path = os.path.join(base, *path_parts)
os.makedirs(os.path.dirname(file_path), exist_ok=True)
with open(file_path, "w") as f:
f.write(content)
return file_path
class TestFindSkillDirs(unittest.TestCase):
def test_finds_dirs_with_skill_md(self):
with tempfile.TemporaryDirectory() as tmpdir:
_make_skill_dir(tmpdir, "skills", "bmad-agent-builder")
_make_skill_dir(tmpdir, "skills", "bmad-workflow-builder")
result = find_skill_dirs(tmpdir)
self.assertEqual(result, ["bmad-agent-builder", "bmad-workflow-builder"])
def test_ignores_dirs_without_skill_md(self):
with tempfile.TemporaryDirectory() as tmpdir:
_make_skill_dir(tmpdir, "skills", "real-skill")
os.makedirs(os.path.join(tmpdir, "skills", "not-a-skill"))
_make_file(tmpdir, "skills", "not-a-skill", "README.md")
result = find_skill_dirs(tmpdir)
self.assertEqual(result, ["real-skill"])
def test_empty_directory(self):
with tempfile.TemporaryDirectory() as tmpdir:
result = find_skill_dirs(tmpdir)
self.assertEqual(result, [])
def test_nonexistent_directory(self):
result = find_skill_dirs("/nonexistent/path")
self.assertEqual(result, [])
def test_finds_nested_skills_in_phase_subdirs(self):
"""Skills nested in phase directories like bmm/1-analysis/bmad-agent-analyst/."""
with tempfile.TemporaryDirectory() as tmpdir:
_make_skill_dir(tmpdir, "1-analysis", "bmad-agent-analyst")
_make_skill_dir(tmpdir, "2-plan", "bmad-agent-pm")
_make_skill_dir(tmpdir, "4-impl", "bmad-agent-dev")
result = find_skill_dirs(tmpdir)
self.assertEqual(
result, ["bmad-agent-analyst", "bmad-agent-dev", "bmad-agent-pm"]
)
def test_deduplicates_skill_names(self):
"""If the same skill name appears in multiple locations, only listed once."""
with tempfile.TemporaryDirectory() as tmpdir:
_make_skill_dir(tmpdir, "a", "my-skill")
_make_skill_dir(tmpdir, "b", "my-skill")
result = find_skill_dirs(tmpdir)
self.assertEqual(result, ["my-skill"])
class TestVerifySkillsInstalled(unittest.TestCase):
def test_all_skills_present(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
# Legacy: bmb has two skills
_make_skill_dir(bmad_dir, "bmb", "skills", "skill-a")
_make_skill_dir(bmad_dir, "bmb", "skills", "skill-b")
# Installed: both exist
os.makedirs(os.path.join(skills_dir, "skill-a"))
os.makedirs(os.path.join(skills_dir, "skill-b"))
result = verify_skills_installed(bmad_dir, ["bmb"], skills_dir)
self.assertEqual(result, ["skill-a", "skill-b"])
def test_missing_skill_exits_1(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
_make_skill_dir(bmad_dir, "bmb", "skills", "skill-a")
_make_skill_dir(bmad_dir, "bmb", "skills", "skill-missing")
# Only skill-a installed
os.makedirs(os.path.join(skills_dir, "skill-a"))
with self.assertRaises(SystemExit) as ctx:
verify_skills_installed(bmad_dir, ["bmb"], skills_dir)
self.assertEqual(ctx.exception.code, 1)
def test_empty_legacy_dir_passes(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
os.makedirs(bmad_dir)
os.makedirs(skills_dir)
result = verify_skills_installed(bmad_dir, ["bmb"], skills_dir)
self.assertEqual(result, [])
def test_nonexistent_legacy_dir_skipped(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
os.makedirs(skills_dir)
# bmad_dir doesn't exist — should not error
result = verify_skills_installed(bmad_dir, ["bmb"], skills_dir)
self.assertEqual(result, [])
def test_dir_without_skills_skipped(self):
"""Directories like _config/ that have no SKILL.md are not verified."""
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
# _config has files but no SKILL.md
_make_file(bmad_dir, "_config", "manifest.yaml", content="version: 1")
_make_file(bmad_dir, "_config", "help.csv", content="a,b,c")
os.makedirs(skills_dir)
result = verify_skills_installed(bmad_dir, ["_config"], skills_dir)
self.assertEqual(result, [])
def test_verifies_across_multiple_dirs(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
_make_skill_dir(bmad_dir, "bmb", "skills", "skill-a")
_make_skill_dir(bmad_dir, "core", "skills", "skill-b")
os.makedirs(os.path.join(skills_dir, "skill-a"))
os.makedirs(os.path.join(skills_dir, "skill-b"))
result = verify_skills_installed(
bmad_dir, ["bmb", "core"], skills_dir
)
self.assertEqual(result, ["skill-a", "skill-b"])
class TestCountFiles(unittest.TestCase):
def test_counts_files_recursively(self):
with tempfile.TemporaryDirectory() as tmpdir:
_make_file(tmpdir, "a.txt")
_make_file(tmpdir, "sub", "b.txt")
_make_file(tmpdir, "sub", "deep", "c.txt")
self.assertEqual(count_files(Path(tmpdir)), 3)
def test_empty_dir_returns_zero(self):
with tempfile.TemporaryDirectory() as tmpdir:
self.assertEqual(count_files(Path(tmpdir)), 0)
class TestCleanupDirectories(unittest.TestCase):
def test_removes_single_module_dir(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
os.makedirs(os.path.join(bmad_dir, "bmb", "skills"))
_make_file(bmad_dir, "bmb", "skills", "SKILL.md")
removed, not_found, count = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed, ["bmb"])
self.assertEqual(not_found, [])
self.assertGreater(count, 0)
self.assertFalse(os.path.exists(os.path.join(bmad_dir, "bmb")))
def test_removes_module_core_and_config(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
for dirname in ("bmb", "core", "_config"):
_make_file(bmad_dir, dirname, "some-file.txt")
removed, not_found, count = cleanup_directories(
bmad_dir, ["bmb", "core", "_config"]
)
self.assertEqual(sorted(removed), ["_config", "bmb", "core"])
self.assertEqual(not_found, [])
for dirname in ("bmb", "core", "_config"):
self.assertFalse(os.path.exists(os.path.join(bmad_dir, dirname)))
def test_nonexistent_dir_in_not_found(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
os.makedirs(bmad_dir)
removed, not_found, count = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed, [])
self.assertEqual(not_found, ["bmb"])
self.assertEqual(count, 0)
def test_preserves_other_module_dirs(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
for dirname in ("bmb", "bmm", "tea"):
_make_file(bmad_dir, dirname, "file.txt")
removed, not_found, count = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed, ["bmb"])
self.assertTrue(os.path.isdir(os.path.join(bmad_dir, "bmm")))
self.assertTrue(os.path.isdir(os.path.join(bmad_dir, "tea")))
def test_preserves_root_config_files(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
_make_file(bmad_dir, "config.yaml", content="key: val")
_make_file(bmad_dir, "config.user.yaml", content="user: test")
_make_file(bmad_dir, "module-help.csv", content="a,b,c")
_make_file(bmad_dir, "bmb", "stuff.txt")
cleanup_directories(bmad_dir, ["bmb"])
self.assertTrue(os.path.exists(os.path.join(bmad_dir, "config.yaml")))
self.assertTrue(
os.path.exists(os.path.join(bmad_dir, "config.user.yaml"))
)
self.assertTrue(
os.path.exists(os.path.join(bmad_dir, "module-help.csv"))
)
def test_removes_hidden_files(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
_make_file(bmad_dir, "bmb", ".DS_Store")
_make_file(bmad_dir, "bmb", "skills", ".hidden")
removed, not_found, count = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed, ["bmb"])
self.assertEqual(count, 2)
self.assertFalse(os.path.exists(os.path.join(bmad_dir, "bmb")))
def test_idempotent_rerun(self):
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
_make_file(bmad_dir, "bmb", "file.txt")
# First run
removed1, not_found1, _ = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed1, ["bmb"])
self.assertEqual(not_found1, [])
# Second run — idempotent
removed2, not_found2, count2 = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed2, [])
self.assertEqual(not_found2, ["bmb"])
self.assertEqual(count2, 0)
class TestSafetyCheck(unittest.TestCase):
def test_no_skills_dir_skips_check(self):
"""When --skills-dir is not provided, no verification happens."""
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
_make_skill_dir(bmad_dir, "bmb", "skills", "some-skill")
# No skills_dir — cleanup should proceed without verification
removed, not_found, count = cleanup_directories(bmad_dir, ["bmb"])
self.assertEqual(removed, ["bmb"])
def test_missing_skill_blocks_removal(self):
"""When --skills-dir is provided and a skill is missing, exit 1."""
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
_make_skill_dir(bmad_dir, "bmb", "skills", "installed-skill")
_make_skill_dir(bmad_dir, "bmb", "skills", "missing-skill")
os.makedirs(os.path.join(skills_dir, "installed-skill"))
# missing-skill not created in skills_dir
with self.assertRaises(SystemExit) as ctx:
verify_skills_installed(bmad_dir, ["bmb"], skills_dir)
self.assertEqual(ctx.exception.code, 1)
# Directory should NOT have been removed (verification failed before cleanup)
self.assertTrue(os.path.isdir(os.path.join(bmad_dir, "bmb")))
def test_dir_without_skills_not_checked(self):
"""Directories like _config that have no SKILL.md pass verification."""
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
_make_file(bmad_dir, "_config", "manifest.yaml")
os.makedirs(skills_dir)
# Should not raise — _config has no skills to verify
result = verify_skills_installed(bmad_dir, ["_config"], skills_dir)
self.assertEqual(result, [])
class TestEndToEnd(unittest.TestCase):
def test_full_cleanup_with_verification(self):
"""Simulate complete cleanup flow with safety check."""
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
skills_dir = os.path.join(tmpdir, "skills")
# Create legacy structure
_make_skill_dir(bmad_dir, "bmb", "skills", "bmad-agent-builder")
_make_skill_dir(bmad_dir, "bmb", "skills", "bmad-builder-setup")
_make_file(bmad_dir, "bmb", "skills", "bmad-agent-builder", "assets", "template.md")
_make_skill_dir(bmad_dir, "core", "skills", "bmad-brainstorming")
_make_file(bmad_dir, "_config", "manifest.yaml")
_make_file(bmad_dir, "_config", "bmad-help.csv")
# Create root config files that must survive
_make_file(bmad_dir, "config.yaml", content="document_output_language: English")
_make_file(bmad_dir, "config.user.yaml", content="user_name: Test")
_make_file(bmad_dir, "module-help.csv", content="module,name\nbmb,builder")
# Create other module dirs that must survive
_make_file(bmad_dir, "bmm", "config.yaml")
_make_file(bmad_dir, "tea", "config.yaml")
# Create installed skills
os.makedirs(os.path.join(skills_dir, "bmad-agent-builder"))
os.makedirs(os.path.join(skills_dir, "bmad-builder-setup"))
os.makedirs(os.path.join(skills_dir, "bmad-brainstorming"))
# Verify
verified = verify_skills_installed(
bmad_dir, ["bmb", "core", "_config"], skills_dir
)
self.assertIn("bmad-agent-builder", verified)
self.assertIn("bmad-builder-setup", verified)
self.assertIn("bmad-brainstorming", verified)
# Cleanup
removed, not_found, file_count = cleanup_directories(
bmad_dir, ["bmb", "core", "_config"]
)
self.assertEqual(sorted(removed), ["_config", "bmb", "core"])
self.assertEqual(not_found, [])
self.assertGreater(file_count, 0)
# Verify final state
self.assertFalse(os.path.exists(os.path.join(bmad_dir, "bmb")))
self.assertFalse(os.path.exists(os.path.join(bmad_dir, "core")))
self.assertFalse(os.path.exists(os.path.join(bmad_dir, "_config")))
# Root config files survived
self.assertTrue(os.path.exists(os.path.join(bmad_dir, "config.yaml")))
self.assertTrue(os.path.exists(os.path.join(bmad_dir, "config.user.yaml")))
self.assertTrue(os.path.exists(os.path.join(bmad_dir, "module-help.csv")))
# Other modules survived
self.assertTrue(os.path.isdir(os.path.join(bmad_dir, "bmm")))
self.assertTrue(os.path.isdir(os.path.join(bmad_dir, "tea")))
def test_simulate_post_merge_scripts(self):
"""Simulate the full flow: merge scripts run first (delete config files),
then cleanup removes directories."""
with tempfile.TemporaryDirectory() as tmpdir:
bmad_dir = os.path.join(tmpdir, "_bmad")
# Legacy state: config files already deleted by merge scripts
# but directories and skill content remain
_make_skill_dir(bmad_dir, "bmb", "skills", "bmad-agent-builder")
_make_file(bmad_dir, "bmb", "skills", "bmad-agent-builder", "refs", "doc.md")
_make_file(bmad_dir, "bmb", ".DS_Store")
# config.yaml already deleted by merge-config.py
# module-help.csv already deleted by merge-help-csv.py
_make_skill_dir(bmad_dir, "core", "skills", "bmad-help")
# core/config.yaml already deleted
# core/module-help.csv already deleted
# Root files from merge scripts
_make_file(bmad_dir, "config.yaml", content="bmb:\n name: BMad Builder")
_make_file(bmad_dir, "config.user.yaml", content="user_name: Test")
_make_file(bmad_dir, "module-help.csv", content="module,name")
# Cleanup directories
removed, not_found, file_count = cleanup_directories(
bmad_dir, ["bmb", "core"]
)
self.assertEqual(sorted(removed), ["bmb", "core"])
self.assertGreater(file_count, 0)
# Final state: only root config files
remaining = os.listdir(bmad_dir)
self.assertEqual(
sorted(remaining),
["config.user.yaml", "config.yaml", "module-help.csv"],
)
if __name__ == "__main__":
unittest.main()

644
_bmad/bmb/bmad-builder-setup/scripts/tests/test-merge-config.py Normal file
View File

@@ -0,0 +1,644 @@
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.9"
# dependencies = ["pyyaml"]
# ///
"""Unit tests for merge-config.py."""
import json
import os
import sys
import tempfile
import unittest
from pathlib import Path
# Add parent directory to path so we can import the module
sys.path.insert(0, str(Path(__file__).parent.parent))
import yaml
from importlib.util import spec_from_file_location, module_from_spec
# Import merge_config module
_spec = spec_from_file_location(
"merge_config",
str(Path(__file__).parent.parent / "merge-config.py"),
)
merge_config_mod = module_from_spec(_spec)
_spec.loader.exec_module(merge_config_mod)
extract_module_metadata = merge_config_mod.extract_module_metadata
extract_user_settings = merge_config_mod.extract_user_settings
merge_config = merge_config_mod.merge_config
load_legacy_values = merge_config_mod.load_legacy_values
apply_legacy_defaults = merge_config_mod.apply_legacy_defaults
cleanup_legacy_configs = merge_config_mod.cleanup_legacy_configs
apply_result_templates = merge_config_mod.apply_result_templates
SAMPLE_MODULE_YAML = {
"code": "bmb",
"name": "BMad Builder",
"description": "Standard Skill Compliant Factory",
"default_selected": False,
"bmad_builder_output_folder": {
"prompt": "Where should skills be saved?",
"default": "_bmad-output/skills",
"result": "{project-root}/{value}",
},
"bmad_builder_reports": {
"prompt": "Output for reports?",
"default": "_bmad-output/reports",
"result": "{project-root}/{value}",
},
}
SAMPLE_MODULE_YAML_WITH_VERSION = {
**SAMPLE_MODULE_YAML,
"module_version": "1.0.0",
}
SAMPLE_MODULE_YAML_WITH_USER_SETTING = {
**SAMPLE_MODULE_YAML,
"some_pref": {
"prompt": "Your preference?",
"default": "default_val",
"user_setting": True,
},
}
class TestExtractModuleMetadata(unittest.TestCase):
def test_extracts_metadata_fields(self):
result = extract_module_metadata(SAMPLE_MODULE_YAML)
self.assertEqual(result["name"], "BMad Builder")
self.assertEqual(result["description"], "Standard Skill Compliant Factory")
self.assertFalse(result["default_selected"])
def test_excludes_variable_definitions(self):
result = extract_module_metadata(SAMPLE_MODULE_YAML)
self.assertNotIn("bmad_builder_output_folder", result)
self.assertNotIn("bmad_builder_reports", result)
self.assertNotIn("code", result)
def test_version_present(self):
result = extract_module_metadata(SAMPLE_MODULE_YAML_WITH_VERSION)
self.assertEqual(result["version"], "1.0.0")
def test_version_absent_is_none(self):
result = extract_module_metadata(SAMPLE_MODULE_YAML)
self.assertIn("version", result)
self.assertIsNone(result["version"])
def test_field_order(self):
result = extract_module_metadata(SAMPLE_MODULE_YAML_WITH_VERSION)
keys = list(result.keys())
self.assertEqual(keys, ["name", "description", "version", "default_selected"])
class TestExtractUserSettings(unittest.TestCase):
def test_core_user_keys(self):
answers = {
"core": {
"user_name": "Brian",
"communication_language": "English",
"document_output_language": "English",
"output_folder": "_bmad-output",
},
}
result = extract_user_settings(SAMPLE_MODULE_YAML, answers)
self.assertEqual(result["user_name"], "Brian")
self.assertEqual(result["communication_language"], "English")
self.assertNotIn("document_output_language", result)
self.assertNotIn("output_folder", result)
def test_module_user_setting_true(self):
answers = {
"core": {"user_name": "Brian"},
"module": {"some_pref": "custom_val"},
}
result = extract_user_settings(SAMPLE_MODULE_YAML_WITH_USER_SETTING, answers)
self.assertEqual(result["user_name"], "Brian")
self.assertEqual(result["some_pref"], "custom_val")
def test_no_core_answers(self):
answers = {"module": {"some_pref": "val"}}
result = extract_user_settings(SAMPLE_MODULE_YAML_WITH_USER_SETTING, answers)
self.assertNotIn("user_name", result)
self.assertEqual(result["some_pref"], "val")
def test_no_user_settings_in_module(self):
answers = {
"core": {"user_name": "Brian"},
"module": {"bmad_builder_output_folder": "path"},
}
result = extract_user_settings(SAMPLE_MODULE_YAML, answers)
self.assertEqual(result, {"user_name": "Brian"})
def test_empty_answers(self):
result = extract_user_settings(SAMPLE_MODULE_YAML, {})
self.assertEqual(result, {})
class TestApplyResultTemplates(unittest.TestCase):
def test_applies_template(self):
answers = {"bmad_builder_output_folder": "skills"}
result = apply_result_templates(SAMPLE_MODULE_YAML, answers)
self.assertEqual(result["bmad_builder_output_folder"], "{project-root}/skills")
def test_applies_multiple_templates(self):
answers = {
"bmad_builder_output_folder": "skills",
"bmad_builder_reports": "skills/reports",
}
result = apply_result_templates(SAMPLE_MODULE_YAML, answers)
self.assertEqual(result["bmad_builder_output_folder"], "{project-root}/skills")
self.assertEqual(result["bmad_builder_reports"], "{project-root}/skills/reports")
def test_skips_when_no_template(self):
"""Variables without a result field are stored as-is."""
yaml_no_result = {
"code": "test",
"my_var": {"prompt": "Enter value", "default": "foo"},
}
answers = {"my_var": "bar"}
result = apply_result_templates(yaml_no_result, answers)
self.assertEqual(result["my_var"], "bar")
def test_skips_when_value_already_has_project_root(self):
"""Prevent double-prefixing if value already contains {project-root}."""
answers = {"bmad_builder_output_folder": "{project-root}/skills"}
result = apply_result_templates(SAMPLE_MODULE_YAML, answers)
self.assertEqual(result["bmad_builder_output_folder"], "{project-root}/skills")
def test_empty_answers(self):
result = apply_result_templates(SAMPLE_MODULE_YAML, {})
self.assertEqual(result, {})
def test_unknown_key_passed_through(self):
"""Keys not in module.yaml are passed through unchanged."""
answers = {"unknown_key": "some_value"}
result = apply_result_templates(SAMPLE_MODULE_YAML, answers)
self.assertEqual(result["unknown_key"], "some_value")
class TestMergeConfig(unittest.TestCase):
def test_fresh_install_with_core_and_module(self):
answers = {
"core": {
"user_name": "Brian",
"communication_language": "English",
"document_output_language": "English",
"output_folder": "_bmad-output",
},
"module": {
"bmad_builder_output_folder": "_bmad-output/skills",
},
}
result = merge_config({}, SAMPLE_MODULE_YAML, answers)
# User-only keys must NOT appear in config.yaml
self.assertNotIn("user_name", result)
self.assertNotIn("communication_language", result)
# Shared core keys do appear
self.assertEqual(result["document_output_language"], "English")
self.assertEqual(result["output_folder"], "_bmad-output")
self.assertEqual(result["bmb"]["name"], "BMad Builder")
self.assertEqual(result["bmb"]["bmad_builder_output_folder"], "{project-root}/_bmad-output/skills")
def test_update_strips_user_keys_preserves_shared(self):
existing = {
"user_name": "Brian",
"communication_language": "English",
"document_output_language": "English",
"other_module": {"name": "Other"},
}
answers = {
"module": {
"bmad_builder_output_folder": "_bmad-output/skills",
},
}
result = merge_config(existing, SAMPLE_MODULE_YAML, answers)
# User-only keys stripped from config
self.assertNotIn("user_name", result)
self.assertNotIn("communication_language", result)
# Shared core preserved at root
self.assertEqual(result["document_output_language"], "English")
# Other module preserved
self.assertIn("other_module", result)
# New module added
self.assertIn("bmb", result)
def test_anti_zombie_removes_existing_module(self):
existing = {
"user_name": "Brian",
"bmb": {
"name": "BMad Builder",
"old_variable": "should_be_removed",
"bmad_builder_output_folder": "old/path",
},
}
answers = {
"module": {
"bmad_builder_output_folder": "new/path",
},
}
result = merge_config(existing, SAMPLE_MODULE_YAML, answers)
# Old variable is gone
self.assertNotIn("old_variable", result["bmb"])
# New value is present
self.assertEqual(result["bmb"]["bmad_builder_output_folder"], "{project-root}/new/path")
# Metadata is fresh from module.yaml
self.assertEqual(result["bmb"]["name"], "BMad Builder")
def test_user_keys_never_written_to_config(self):
existing = {
"user_name": "OldName",
"communication_language": "Spanish",
"document_output_language": "French",
}
answers = {
"core": {"user_name": "NewName", "communication_language": "English"},
"module": {},
}
result = merge_config(existing, SAMPLE_MODULE_YAML, answers)
# User-only keys stripped even if they were in existing config
self.assertNotIn("user_name", result)
self.assertNotIn("communication_language", result)
# Shared core preserved
self.assertEqual(result["document_output_language"], "French")
def test_no_core_answers_still_strips_user_keys(self):
existing = {
"user_name": "Brian",
"output_folder": "/out",
}
answers = {
"module": {"bmad_builder_output_folder": "path"},
}
result = merge_config(existing, SAMPLE_MODULE_YAML, answers)
# User-only keys stripped even without core answers
self.assertNotIn("user_name", result)
# Shared core unchanged
self.assertEqual(result["output_folder"], "/out")
def test_module_metadata_always_from_yaml(self):
"""Module metadata comes from module.yaml, not answers."""
answers = {
"module": {"bmad_builder_output_folder": "path"},
}
result = merge_config({}, SAMPLE_MODULE_YAML, answers)
self.assertEqual(result["bmb"]["name"], "BMad Builder")
self.assertEqual(result["bmb"]["description"], "Standard Skill Compliant Factory")
self.assertFalse(result["bmb"]["default_selected"])
def test_legacy_core_section_migrated_user_keys_stripped(self):
"""Old config with core: nested section — user keys stripped after migration."""
existing = {
"core": {
"user_name": "Brian",
"communication_language": "English",
"document_output_language": "English",
"output_folder": "/out",
},
"bmb": {"name": "BMad Builder"},
}
answers = {
"module": {"bmad_builder_output_folder": "path"},
}
result = merge_config(existing, SAMPLE_MODULE_YAML, answers)
# User-only keys stripped after migration
self.assertNotIn("user_name", result)
self.assertNotIn("communication_language", result)
# Shared core values hoisted to root
self.assertEqual(result["document_output_language"], "English")
self.assertEqual(result["output_folder"], "/out")
# Legacy core key removed
self.assertNotIn("core", result)
# Module still works
self.assertIn("bmb", result)
def test_legacy_core_user_keys_stripped_after_migration(self):
"""Legacy core: values get migrated, user keys stripped, shared keys kept."""
existing = {
"core": {"user_name": "OldName", "output_folder": "/old"},
}
answers = {
"core": {"user_name": "NewName", "output_folder": "/new"},
"module": {},
}
result = merge_config(existing, SAMPLE_MODULE_YAML, answers)
# User-only key not in config even after migration + override
self.assertNotIn("user_name", result)
self.assertNotIn("core", result)
# Shared core key written
self.assertEqual(result["output_folder"], "/new")
class TestEndToEnd(unittest.TestCase):
def test_write_and_read_round_trip(self):
with tempfile.TemporaryDirectory() as tmpdir:
config_path = os.path.join(tmpdir, "_bmad", "config.yaml")
# Write answers
answers = {
"core": {
"user_name": "Brian",
"communication_language": "English",
"document_output_language": "English",
"output_folder": "_bmad-output",
},
"module": {"bmad_builder_output_folder": "_bmad-output/skills"},
}
# Run merge
result = merge_config({}, SAMPLE_MODULE_YAML, answers)
merge_config_mod.write_config(result, config_path)
# Read back
with open(config_path, "r") as f:
written = yaml.safe_load(f)
# User-only keys not written to config.yaml
self.assertNotIn("user_name", written)
self.assertNotIn("communication_language", written)
# Shared core keys written
self.assertEqual(written["document_output_language"], "English")
self.assertEqual(written["output_folder"], "_bmad-output")
self.assertEqual(written["bmb"]["bmad_builder_output_folder"], "{project-root}/_bmad-output/skills")
def test_update_round_trip(self):
"""Simulate install, then re-install with different values."""
with tempfile.TemporaryDirectory() as tmpdir:
config_path = os.path.join(tmpdir, "config.yaml")
# First install
answers1 = {
"core": {"output_folder": "/out"},
"module": {"bmad_builder_output_folder": "old/path"},
}
result1 = merge_config({}, SAMPLE_MODULE_YAML, answers1)
merge_config_mod.write_config(result1, config_path)
# Second install (update)
existing = merge_config_mod.load_yaml_file(config_path)
answers2 = {
"module": {"bmad_builder_output_folder": "new/path"},
}
result2 = merge_config(existing, SAMPLE_MODULE_YAML, answers2)
merge_config_mod.write_config(result2, config_path)
# Verify
with open(config_path, "r") as f:
final = yaml.safe_load(f)
self.assertEqual(final["output_folder"], "/out")
self.assertNotIn("user_name", final)
self.assertEqual(final["bmb"]["bmad_builder_output_folder"], "{project-root}/new/path")
class TestLoadLegacyValues(unittest.TestCase):
def _make_legacy_dir(self, tmpdir, core_data=None, module_code=None, module_data=None):
"""Create legacy directory structure for testing."""
legacy_dir = os.path.join(tmpdir, "_bmad")
if core_data is not None:
core_dir = os.path.join(legacy_dir, "core")
os.makedirs(core_dir, exist_ok=True)
with open(os.path.join(core_dir, "config.yaml"), "w") as f:
yaml.dump(core_data, f)
if module_code and module_data is not None:
mod_dir = os.path.join(legacy_dir, module_code)
os.makedirs(mod_dir, exist_ok=True)
with open(os.path.join(mod_dir, "config.yaml"), "w") as f:
yaml.dump(module_data, f)
return legacy_dir
def test_reads_core_keys_from_core_config(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = self._make_legacy_dir(tmpdir, core_data={
"user_name": "Brian",
"communication_language": "English",
"document_output_language": "English",
"output_folder": "/out",
})
core, mod, files = load_legacy_values(legacy_dir, "bmb", SAMPLE_MODULE_YAML)
self.assertEqual(core["user_name"], "Brian")
self.assertEqual(core["communication_language"], "English")
self.assertEqual(len(files), 1)
self.assertEqual(mod, {})
def test_reads_module_keys_matching_yaml_variables(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = self._make_legacy_dir(
tmpdir,
module_code="bmb",
module_data={
"bmad_builder_output_folder": "custom/path",
"bmad_builder_reports": "custom/reports",
"user_name": "Brian", # core key duplicated
"unknown_key": "ignored", # not in module.yaml
},
)
core, mod, files = load_legacy_values(legacy_dir, "bmb", SAMPLE_MODULE_YAML)
self.assertEqual(mod["bmad_builder_output_folder"], "custom/path")
self.assertEqual(mod["bmad_builder_reports"], "custom/reports")
self.assertNotIn("unknown_key", mod)
# Core key from module config used as fallback
self.assertEqual(core["user_name"], "Brian")
self.assertEqual(len(files), 1)
def test_core_config_takes_priority_over_module_for_core_keys(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = self._make_legacy_dir(
tmpdir,
core_data={"user_name": "FromCore"},
module_code="bmb",
module_data={"user_name": "FromModule"},
)
core, mod, files = load_legacy_values(legacy_dir, "bmb", SAMPLE_MODULE_YAML)
self.assertEqual(core["user_name"], "FromCore")
self.assertEqual(len(files), 2)
def test_no_legacy_files_returns_empty(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = os.path.join(tmpdir, "_bmad")
os.makedirs(legacy_dir)
core, mod, files = load_legacy_values(legacy_dir, "bmb", SAMPLE_MODULE_YAML)
self.assertEqual(core, {})
self.assertEqual(mod, {})
self.assertEqual(files, [])
def test_ignores_other_module_directories(self):
"""Only reads core and the specified module_code — not other modules."""
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = self._make_legacy_dir(
tmpdir,
module_code="bmb",
module_data={"bmad_builder_output_folder": "bmb/path"},
)
# Create another module directory that should be ignored
other_dir = os.path.join(legacy_dir, "cis")
os.makedirs(other_dir)
with open(os.path.join(other_dir, "config.yaml"), "w") as f:
yaml.dump({"visual_tools": "advanced"}, f)
core, mod, files = load_legacy_values(legacy_dir, "bmb", SAMPLE_MODULE_YAML)
self.assertNotIn("visual_tools", mod)
self.assertEqual(len(files), 1) # only bmb, not cis
class TestApplyLegacyDefaults(unittest.TestCase):
def test_legacy_fills_missing_core(self):
answers = {"module": {"bmad_builder_output_folder": "path"}}
result = apply_legacy_defaults(
answers,
legacy_core={"user_name": "Brian", "communication_language": "English"},
legacy_module={},
)
self.assertEqual(result["core"]["user_name"], "Brian")
self.assertEqual(result["module"]["bmad_builder_output_folder"], "path")
def test_answers_override_legacy(self):
answers = {
"core": {"user_name": "NewName"},
"module": {"bmad_builder_output_folder": "new/path"},
}
result = apply_legacy_defaults(
answers,
legacy_core={"user_name": "OldName"},
legacy_module={"bmad_builder_output_folder": "old/path"},
)
self.assertEqual(result["core"]["user_name"], "NewName")
self.assertEqual(result["module"]["bmad_builder_output_folder"], "new/path")
def test_legacy_fills_missing_module_keys(self):
answers = {"module": {}}
result = apply_legacy_defaults(
answers,
legacy_core={},
legacy_module={"bmad_builder_output_folder": "legacy/path"},
)
self.assertEqual(result["module"]["bmad_builder_output_folder"], "legacy/path")
def test_empty_legacy_is_noop(self):
answers = {"core": {"user_name": "Brian"}, "module": {"key": "val"}}
result = apply_legacy_defaults(answers, {}, {})
self.assertEqual(result, answers)
class TestCleanupLegacyConfigs(unittest.TestCase):
def test_deletes_module_and_core_configs(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = os.path.join(tmpdir, "_bmad")
for subdir in ("core", "bmb"):
d = os.path.join(legacy_dir, subdir)
os.makedirs(d)
with open(os.path.join(d, "config.yaml"), "w") as f:
f.write("key: val\n")
deleted = cleanup_legacy_configs(legacy_dir, "bmb")
self.assertEqual(len(deleted), 2)
self.assertFalse(os.path.exists(os.path.join(legacy_dir, "core", "config.yaml")))
self.assertFalse(os.path.exists(os.path.join(legacy_dir, "bmb", "config.yaml")))
# Directories still exist
self.assertTrue(os.path.isdir(os.path.join(legacy_dir, "core")))
self.assertTrue(os.path.isdir(os.path.join(legacy_dir, "bmb")))
def test_leaves_other_module_configs_alone(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = os.path.join(tmpdir, "_bmad")
for subdir in ("bmb", "cis"):
d = os.path.join(legacy_dir, subdir)
os.makedirs(d)
with open(os.path.join(d, "config.yaml"), "w") as f:
f.write("key: val\n")
deleted = cleanup_legacy_configs(legacy_dir, "bmb")
self.assertEqual(len(deleted), 1) # only bmb, not cis
self.assertTrue(os.path.exists(os.path.join(legacy_dir, "cis", "config.yaml")))
def test_no_legacy_files_returns_empty(self):
with tempfile.TemporaryDirectory() as tmpdir:
deleted = cleanup_legacy_configs(tmpdir, "bmb")
self.assertEqual(deleted, [])
class TestLegacyEndToEnd(unittest.TestCase):
def test_full_legacy_migration(self):
"""Simulate installing a module with legacy configs present."""
with tempfile.TemporaryDirectory() as tmpdir:
config_path = os.path.join(tmpdir, "_bmad", "config.yaml")
legacy_dir = os.path.join(tmpdir, "_bmad")
# Create legacy core config
core_dir = os.path.join(legacy_dir, "core")
os.makedirs(core_dir)
with open(os.path.join(core_dir, "config.yaml"), "w") as f:
yaml.dump({
"user_name": "LegacyUser",
"communication_language": "Spanish",
"document_output_language": "French",
"output_folder": "/legacy/out",
}, f)
# Create legacy module config
mod_dir = os.path.join(legacy_dir, "bmb")
os.makedirs(mod_dir)
with open(os.path.join(mod_dir, "config.yaml"), "w") as f:
yaml.dump({
"bmad_builder_output_folder": "legacy/skills",
"bmad_builder_reports": "legacy/reports",
"user_name": "LegacyUser", # duplicated core key
}, f)
# Answers from the user (only partially filled — user accepted some defaults)
answers = {
"core": {"user_name": "NewUser"},
"module": {"bmad_builder_output_folder": "new/skills"},
}
# Load and apply legacy
legacy_core, legacy_module, _ = load_legacy_values(
legacy_dir, "bmb", SAMPLE_MODULE_YAML
)
answers = apply_legacy_defaults(answers, legacy_core, legacy_module)
# Core: NewUser overrides legacy, but legacy Spanish fills in communication_language
self.assertEqual(answers["core"]["user_name"], "NewUser")
self.assertEqual(answers["core"]["communication_language"], "Spanish")
# Module: new/skills overrides, but legacy/reports fills in
self.assertEqual(answers["module"]["bmad_builder_output_folder"], "new/skills")
self.assertEqual(answers["module"]["bmad_builder_reports"], "legacy/reports")
# Merge
result = merge_config({}, SAMPLE_MODULE_YAML, answers)
merge_config_mod.write_config(result, config_path)
# Cleanup
deleted = cleanup_legacy_configs(legacy_dir, "bmb")
self.assertEqual(len(deleted), 2)
self.assertFalse(os.path.exists(os.path.join(core_dir, "config.yaml")))
self.assertFalse(os.path.exists(os.path.join(mod_dir, "config.yaml")))
# Verify final config — user-only keys NOT in config.yaml
with open(config_path, "r") as f:
final = yaml.safe_load(f)
self.assertNotIn("user_name", final)
self.assertNotIn("communication_language", final)
# Shared core keys present
self.assertEqual(final["document_output_language"], "French")
self.assertEqual(final["output_folder"], "/legacy/out")
self.assertEqual(final["bmb"]["bmad_builder_output_folder"], "{project-root}/new/skills")
self.assertEqual(final["bmb"]["bmad_builder_reports"], "{project-root}/legacy/reports")
if __name__ == "__main__":
unittest.main()

237
_bmad/bmb/bmad-builder-setup/scripts/tests/test-merge-help-csv.py Normal file
View File

@@ -0,0 +1,237 @@
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.9"
# dependencies = []
# ///
"""Unit tests for merge-help-csv.py."""
import csv
import os
import sys
import tempfile
import unittest
from io import StringIO
from pathlib import Path
# Import merge_help_csv module
from importlib.util import spec_from_file_location, module_from_spec
_spec = spec_from_file_location(
"merge_help_csv",
str(Path(__file__).parent.parent / "merge-help-csv.py"),
)
merge_help_csv_mod = module_from_spec(_spec)
_spec.loader.exec_module(merge_help_csv_mod)
extract_module_codes = merge_help_csv_mod.extract_module_codes
filter_rows = merge_help_csv_mod.filter_rows
read_csv_rows = merge_help_csv_mod.read_csv_rows
write_csv = merge_help_csv_mod.write_csv
cleanup_legacy_csvs = merge_help_csv_mod.cleanup_legacy_csvs
HEADER = merge_help_csv_mod.HEADER
SAMPLE_ROWS = [
["bmb", "", "bmad-bmb-module-init", "Install Module", "IM", "install", "", "Install BMad Builder.", "anytime", "", "", "false", "", "config", ""],
["bmb", "", "bmad-agent-builder", "Build Agent", "BA", "build-process", "", "Create an agent.", "anytime", "", "", "false", "output_folder", "agent skill", ""],
]
class TestExtractModuleCodes(unittest.TestCase):
def test_extracts_codes(self):
codes = extract_module_codes(SAMPLE_ROWS)
self.assertEqual(codes, {"bmb"})
def test_multiple_codes(self):
rows = SAMPLE_ROWS + [
["cis", "", "cis-skill", "CIS Skill", "CS", "run", "", "A skill.", "anytime", "", "", "false", "", "", ""],
]
codes = extract_module_codes(rows)
self.assertEqual(codes, {"bmb", "cis"})
def test_empty_rows(self):
codes = extract_module_codes([])
self.assertEqual(codes, set())
class TestFilterRows(unittest.TestCase):
def test_removes_matching_rows(self):
result = filter_rows(SAMPLE_ROWS, "bmb")
self.assertEqual(len(result), 0)
def test_preserves_non_matching_rows(self):
mixed_rows = SAMPLE_ROWS + [
["cis", "", "cis-skill", "CIS Skill", "CS", "run", "", "A skill.", "anytime", "", "", "false", "", "", ""],
]
result = filter_rows(mixed_rows, "bmb")
self.assertEqual(len(result), 1)
self.assertEqual(result[0][0], "cis")
def test_no_match_preserves_all(self):
result = filter_rows(SAMPLE_ROWS, "xyz")
self.assertEqual(len(result), 2)
class TestReadWriteCSV(unittest.TestCase):
def test_nonexistent_file_returns_empty(self):
header, rows = read_csv_rows("/nonexistent/path/file.csv")
self.assertEqual(header, [])
self.assertEqual(rows, [])
def test_round_trip(self):
with tempfile.TemporaryDirectory() as tmpdir:
path = os.path.join(tmpdir, "test.csv")
write_csv(path, HEADER, SAMPLE_ROWS)
header, rows = read_csv_rows(path)
self.assertEqual(len(rows), 2)
self.assertEqual(rows[0][0], "bmb")
self.assertEqual(rows[0][2], "bmad-bmb-module-init")
def test_creates_parent_dirs(self):
with tempfile.TemporaryDirectory() as tmpdir:
path = os.path.join(tmpdir, "sub", "dir", "test.csv")
write_csv(path, HEADER, SAMPLE_ROWS)
self.assertTrue(os.path.exists(path))
class TestEndToEnd(unittest.TestCase):
def _write_source(self, tmpdir, rows):
path = os.path.join(tmpdir, "source.csv")
write_csv(path, HEADER, rows)
return path
def _write_target(self, tmpdir, rows):
path = os.path.join(tmpdir, "target.csv")
write_csv(path, HEADER, rows)
return path
def test_fresh_install_no_existing_target(self):
with tempfile.TemporaryDirectory() as tmpdir:
source_path = self._write_source(tmpdir, SAMPLE_ROWS)
target_path = os.path.join(tmpdir, "target.csv")
# Target doesn't exist
self.assertFalse(os.path.exists(target_path))
# Simulate merge
_, source_rows = read_csv_rows(source_path)
source_codes = extract_module_codes(source_rows)
write_csv(target_path, HEADER, source_rows)
_, result_rows = read_csv_rows(target_path)
self.assertEqual(len(result_rows), 2)
def test_merge_into_existing_with_other_module(self):
with tempfile.TemporaryDirectory() as tmpdir:
other_rows = [
["cis", "", "cis-skill", "CIS Skill", "CS", "run", "", "A skill.", "anytime", "", "", "false", "", "", ""],
]
target_path = self._write_target(tmpdir, other_rows)
source_path = self._write_source(tmpdir, SAMPLE_ROWS)
# Read both
_, target_rows = read_csv_rows(target_path)
_, source_rows = read_csv_rows(source_path)
source_codes = extract_module_codes(source_rows)
# Anti-zombie filter + append
filtered = target_rows
for code in source_codes:
filtered = filter_rows(filtered, code)
merged = filtered + source_rows
write_csv(target_path, HEADER, merged)
_, result_rows = read_csv_rows(target_path)
self.assertEqual(len(result_rows), 3) # 1 cis + 2 bmb
def test_anti_zombie_replaces_stale_entries(self):
with tempfile.TemporaryDirectory() as tmpdir:
# Existing target has old bmb entries + cis entry
old_bmb_rows = [
["bmb", "", "old-skill", "Old Skill", "OS", "run", "", "Old.", "anytime", "", "", "false", "", "", ""],
["bmb", "", "another-old", "Another", "AO", "run", "", "Old too.", "anytime", "", "", "false", "", "", ""],
]
cis_rows = [
["cis", "", "cis-skill", "CIS Skill", "CS", "run", "", "A skill.", "anytime", "", "", "false", "", "", ""],
]
target_path = self._write_target(tmpdir, old_bmb_rows + cis_rows)
source_path = self._write_source(tmpdir, SAMPLE_ROWS)
# Read both
_, target_rows = read_csv_rows(target_path)
_, source_rows = read_csv_rows(source_path)
source_codes = extract_module_codes(source_rows)
# Anti-zombie filter + append
filtered = target_rows
for code in source_codes:
filtered = filter_rows(filtered, code)
merged = filtered + source_rows
write_csv(target_path, HEADER, merged)
_, result_rows = read_csv_rows(target_path)
# Should have 1 cis + 2 new bmb = 3 (old bmb removed)
self.assertEqual(len(result_rows), 3)
module_codes = [r[0] for r in result_rows]
self.assertEqual(module_codes.count("bmb"), 2)
self.assertEqual(module_codes.count("cis"), 1)
# Old skills should be gone
skill_names = [r[2] for r in result_rows]
self.assertNotIn("old-skill", skill_names)
self.assertNotIn("another-old", skill_names)
class TestCleanupLegacyCsvs(unittest.TestCase):
def test_deletes_module_and_core_csvs(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = os.path.join(tmpdir, "_bmad")
for subdir in ("core", "bmb"):
d = os.path.join(legacy_dir, subdir)
os.makedirs(d)
with open(os.path.join(d, "module-help.csv"), "w") as f:
f.write("header\nrow\n")
deleted = cleanup_legacy_csvs(legacy_dir, "bmb")
self.assertEqual(len(deleted), 2)
self.assertFalse(os.path.exists(os.path.join(legacy_dir, "core", "module-help.csv")))
self.assertFalse(os.path.exists(os.path.join(legacy_dir, "bmb", "module-help.csv")))
# Directories still exist
self.assertTrue(os.path.isdir(os.path.join(legacy_dir, "core")))
self.assertTrue(os.path.isdir(os.path.join(legacy_dir, "bmb")))
def test_leaves_other_module_csvs_alone(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = os.path.join(tmpdir, "_bmad")
for subdir in ("bmb", "cis"):
d = os.path.join(legacy_dir, subdir)
os.makedirs(d)
with open(os.path.join(d, "module-help.csv"), "w") as f:
f.write("header\nrow\n")
deleted = cleanup_legacy_csvs(legacy_dir, "bmb")
self.assertEqual(len(deleted), 1) # only bmb, not cis
self.assertTrue(os.path.exists(os.path.join(legacy_dir, "cis", "module-help.csv")))
def test_no_legacy_files_returns_empty(self):
with tempfile.TemporaryDirectory() as tmpdir:
deleted = cleanup_legacy_csvs(tmpdir, "bmb")
self.assertEqual(deleted, [])
def test_handles_only_core_no_module(self):
with tempfile.TemporaryDirectory() as tmpdir:
legacy_dir = os.path.join(tmpdir, "_bmad")
core_dir = os.path.join(legacy_dir, "core")
os.makedirs(core_dir)
with open(os.path.join(core_dir, "module-help.csv"), "w") as f:
f.write("header\nrow\n")
deleted = cleanup_legacy_csvs(legacy_dir, "bmb")
self.assertEqual(len(deleted), 1)
self.assertFalse(os.path.exists(os.path.join(core_dir, "module-help.csv")))
if __name__ == "__main__":
unittest.main()

62
_bmad/bmb/bmad-workflow-builder/SKILL.md Normal file
View File

@@ -0,0 +1,62 @@
---
name: bmad-workflow-builder
description: Builds workflows and skills through conversational discovery and analyzes existing ones. Use when the user requests to "build a workflow", "modify a workflow", "quality check workflow", or "analyze skill".
---
# Workflow & Skill Builder
## Overview
This skill helps you build AI workflows and skills that are **outcome-driven** — describing what to achieve, not micromanaging how to get there. LLMs are powerful reasoners. Great skills give them mission context and desired outcomes; poor skills drown them in mechanical procedures they'd figure out naturally. Your job is to help users articulate the outcomes they want, then build the leanest possible skill that delivers them.
Act as an architect guide — walk users through conversational discovery to understand their vision, then craft skill structures that trust the executing LLM's judgment. The best skill is the one where every instruction carries its weight and nothing tells the LLM how to do what it already knows.
**Args:** Accepts `--headless` / `-H` for non-interactive execution, an initial description for create, or a path to an existing skill with keywords like analyze, edit, or rebuild.
**Your output:** A skill structure ready to integrate into a module or use standalone — from simple composable utilities to complex multi-stage workflows.
## On Activation
1. Detect user's intent. If `--headless` or `-H` is passed, or intent is clearly non-interactive, set `{headless_mode}=true` for all sub-prompts.
2. Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` (root and bmb section). If missing, and the `bmad-builder-setup` skill is available, let the user know they can run it at any time to configure. Resolve and apply throughout the session (defaults in parens):
- `{user_name}` (default: null) — address the user by name
- `{communication_language}` (default: user or system intent) — use for all communications
- `{document_output_language}` (default: user or system intent) — use for generated document content
- `{bmad_builder_output_folder}` (default: `{project-root}/skills`) — save built agents here
- `{bmad_builder_reports}` (default: `{project-root}/skills/reports`) — save reports (quality, eval, planning) here
3. Route by intent — see Quick Reference below.
## Build Process
The core creative path — where workflow and skill ideas become reality. Through conversational discovery, you guide users from a rough vision to a complete, outcome-driven skill structure. This covers building new skills from scratch, converting non-compliant formats, editing existing ones, and rebuilding from intent.
Load `build-process.md` to begin.
## Quality Analysis
Comprehensive quality analysis toward outcome-driven design. Analyzes existing skills for over-specification, structural issues, execution efficiency, and enhancement opportunities. Uses deterministic lint scripts and parallel LLM scanner subagents. Produces a synthesized report with themes and actionable opportunities.
Load `quality-analysis.md` to begin.
---
## Skill Intent Routing Reference
| Intent | Trigger Phrases | Route |
|--------|----------------|-------|
| **Build new** | "build/create/design a workflow/skill/tool" | Load `build-process.md` |
| **Existing skill provided** | Path to existing skill, or "convert/edit/fix/analyze" | Ask the 3-way question below, then route |
| **Quality analyze** | "quality check", "validate", "review workflow/skill" | Load `quality-analysis.md` |
| **Unclear** | — | Present options and ask |
### When given an existing skill, ask:
- **Analyze** — Run quality analysis: identify opportunities, prune over-specification, get an actionable report
- **Edit** — Modify specific behavior while keeping the current approach
- **Rebuild** — Rethink from core outcomes using this as reference material, full discovery process
Analyze routes to `quality-analysis.md`. Edit and Rebuild both route to `build-process.md` with the chosen intent.
Regardless of path, respect headless mode if requested.

21
_bmad/bmb/bmad-workflow-builder/assets/SKILL-template.md Normal file
View File

@@ -0,0 +1,21 @@
---
name: bmad-{module-code-or-empty}{skill-name}
description: {skill-description} # [5-8 word summary]. [trigger phrases, e.g. Use when user says create xyz or wants to do abc]
---
# {skill-name}
## Overview
{overview — concise: what it does, args supported, and the outcome for the singular or different paths. This overview needs to contain succinct information for the llm as this is the main provision of help output for the skill.}
## On Activation
{if-module}
Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` (root level and `{module-code}` section). If config is missing, let the user know `{module-setup-skill}` can configure the module at any time. Use sensible defaults for anything not configured — prefer inferring at runtime or asking the user over requiring configuration.
{/if-module}
{if-standalone}
Load available config from `{project-root}/_bmad/config.yaml` and `{project-root}/_bmad/config.user.yaml` if present. Use sensible defaults for anything not configured.
{/if-standalone}
{The rest of the skill — body structure, sections, phases, stages, scripts, external skills — is determined entirely by what the skill needs. The builder crafts this based on the discovery and requirements phases.}

151
_bmad/bmb/bmad-workflow-builder/build-process.md Normal file
View File

@@ -0,0 +1,151 @@
---
name: build-process
description: Six-phase conversational discovery process for building BMad workflows and skills. Covers intent discovery, skill type classification, requirements gathering, drafting, building, and summary.
---
**Language:** Use `{communication_language}` for all output.
# Build Process
Build workflows and skills through conversational discovery. Your north star: **outcome-driven design**. Every instruction in the final skill should describe what to achieve, not prescribe how to do it step by step. Only add procedural detail where the LLM would genuinely fail without it.
## Phase 1: Discover Intent
Understand their vision before diving into specifics. Let them describe what they want to build — encourage detail on edge cases, tone, persona, tools, and other skills involved.
**Input flexibility:** Accept input in any format:
- Existing BMad workflow/skill path → read and extract intent (see below)
- Rough idea or description → guide through discovery
- Code, documentation, API specs → extract intent and requirements
- Non-BMad skill/tool → extract intent for conversion
### When given an existing skill
**Critical:** Treat the existing skill as a **description of intent**, not a specification to follow. Extract *what* it's trying to achieve. Do not inherit its verbosity, structure, or mechanical procedures — the old skill is reference material, not a template.
If the SKILL.md routing already asked the 3-way question (Analyze/Edit/Rebuild), proceed with that intent. Otherwise ask now:
- **Edit** — changing specific behavior while keeping the current approach
- **Rebuild** — rethinking from core outcomes, full discovery using the old skill as context
For **Edit**: identify what to change, preserve what works, apply outcome-driven principles to the changed portions.
For **Rebuild**: read the old skill to understand its goals, then proceed through full discovery as if building new — the old skill informs your questions but doesn't constrain the design.
### Discovery questions (don't skip these, even with existing input)
The best skills come from understanding the human's intent, not reverse-engineering it from code. Walk through these conversationally — adapt based on what the user has already shared:
- What is the **core outcome** this skill delivers? What does success look like?
- **Who is the user** and how should the experience feel? What's the interaction model — collaborative discovery, rapid execution, guided interview?
- What **judgment calls** does the LLM need to make vs. just do mechanically?
- What's the **one thing** this skill must get right?
- Are there things the user might not know or might get wrong? How should the skill handle that?
The goal is to conversationally gather enough to cover Phase 2 and 3 naturally. Since users often brain-dump rich detail, adapt subsequent phases to what you already know.
## Phase 2: Classify Skill Type
Ask upfront:
- Will this be part of a module? If yes:
- What's the module code?
- What other skills will it use from the core or module? (need name, inputs, outputs for integration)
- What config variables does it need access to?
Load `./references/classification-reference.md` and classify. Present classification with reasoning.
For Simple Workflows and Complex Workflows, also ask:
- **Headless mode?** Should this support `--headless`? (If it produces an artifact, headless is often valuable)
## Phase 3: Gather Requirements
Work through conversationally, adapted per skill type. Glean from what the user already shared or suggest based on their narrative.
**All types — Common fields:**
- **Name:** kebab-case. Module: `bmad-{modulecode}-{skillname}`. Standalone: `bmad-{skillname}`
- **Description:** Two parts: [5-8 word summary]. [Use when user says 'specific phrase'.] — Default to conservative triggering. See `./references/standard-fields.md` for format.
- **Overview:** What/How/Why-Outcome. For interactive or complex skills, include domain framing and theory of mind — these give the executing agent context for judgment calls.
- **Role guidance:** Brief "Act as a [role/expert]" primer
- **Design rationale:** Non-obvious choices the executing agent should understand
- **External skills used:** Which skills does this invoke?
- **Script Opportunity Discovery** — Walk through planned steps with the user. Identify deterministic operations that should be scripts not prompts. Load `./references/script-opportunities-reference.md` for guidance. Confirm the script-vs-prompt plan.
- **Creates output documents?** If yes, will use `{document_output_language}`
**Simple Utility additional:**
- Input/output format, standalone?, composability
**Simple Workflow additional:**
- Steps (inline in SKILL.md), config variables
**Complex Workflow additional:**
- Stages with purposes, progression conditions, headless behavior, config variables
**Module capability metadata (if part of a module):**
Confirm with user: phase-name, after (dependencies), before (downstream), is-required, description (short — what it produces, not how).
**Path conventions (CRITICAL):**
- Skill-internal: `./references/`, `./scripts/`
- Project `_bmad` paths: `{project-root}/_bmad/...`
- Config variables used directly — they already contain `{project-root}`
## Phase 4: Draft & Refine
Think one level deeper. Clarify gaps in logic or understanding. Create and present a plan. Point out vague areas. Iterate until ready.
**Pruning check (apply before building):**
For every planned instruction, ask: **would the LLM do this correctly without being told?** If yes, cut it. Scoring algorithms, calibration tables, decision matrices for subjective judgment, weighted formulas — these are things LLMs handle naturally. The instruction must earn its place by preventing a failure that would otherwise happen.
Watch especially for:
- Mechanical procedures for tasks the LLM does through general capability
- Per-platform instructions when a single adaptive instruction works
- Templates that explain things the LLM already knows (how to format output, how to greet users)
- Multiple files that could be a single instruction
## Phase 5: Build
**Load these before building:**
- `./references/standard-fields.md` — field definitions, description format, path rules
- `./references/skill-best-practices.md` — outcome-driven authoring, patterns, anti-patterns
- `./references/quality-dimensions.md` — build quality checklist
**Load based on skill type:**
- **If Complex Workflow:** `./references/complex-workflow-patterns.md` — compaction survival, config integration, progressive disclosure
Load the template from `./assets/SKILL-template.md` and `./references/template-substitution-rules.md`. Build the skill with progressive disclosure (SKILL.md for overview and routing, `./references/` for progressive disclosure content). Output to `{bmad_builder_output_folder}`.
**Skill Source Tree** (only create subfolders that are needed):
```
{skill-name}/
├── SKILL.md # Frontmatter, overview, activation, routing
├── references/ # Progressive disclosure content — prompts, guides, schemas
├── assets/ # Templates, starter files
├── scripts/ # Deterministic code with tests
│ └── tests/
```
| Location | Contains | LLM relationship |
|----------|----------|-----------------|
| **SKILL.md** | Overview, activation, routing | LLM identity and router |
| **`./references/`** | Capability prompts, reference data | Loaded on demand |
| **`./assets/`** | Templates, starter files | Copied/transformed into output |
| **`./scripts/`** | Python, shell scripts with tests | Invoked for deterministic operations |
**Lint gate** — after building, validate and auto-fix:
If subagents available, delegate lint-fix to a subagent. Otherwise run inline.
1. Run both lint scripts in parallel:
```bash
python3 ./scripts/scan-path-standards.py {skill-path}
python3 ./scripts/scan-scripts.py {skill-path}
```
2. Fix high/critical findings and re-run (up to 3 attempts per script)
3. Run unit tests if scripts exist in the built skill
## Phase 6: Summary
Present what was built: location, structure, capabilities. Include lint results.
Run unit tests if scripts exist. Remind user to commit before quality analysis.
**Offer quality analysis:** Ask if they'd like a Quality Analysis to identify opportunities. If yes, load `quality-analysis.md` with the skill path.

145
_bmad/bmb/bmad-workflow-builder/quality-analysis.md Normal file
View File

@@ -0,0 +1,145 @@
---
name: quality-analysis
description: Comprehensive quality analysis for BMad workflows and skills. Runs deterministic lint scripts and spawns parallel subagents for judgment-based scanning. Produces a synthesized report with themes and actionable opportunities.
menu-code: QA
---
# Quality Analysis
Communicate with user in `{communication_language}`. Write report content in `{document_output_language}`.
You orchestrate quality analysis on a BMad workflow or skill. Deterministic checks run as scripts (fast, zero tokens). Judgment-based analysis runs as LLM subagents. A report creator synthesizes everything into a unified, theme-based report.
## Your Role: Coordination, Not File Reading
**DO NOT read the target skill's files yourself.** Scripts and subagents do all analysis.
You orchestrate: run deterministic scripts and pre-pass extractors, spawn LLM scanner subagents in parallel, then hand off to the report creator for synthesis.
## Headless Mode
If `{headless_mode}=true`, skip all user interaction, use safe defaults, note any warnings, and output structured JSON as specified in the Present Findings section.
## Pre-Scan Checks
Check for uncommitted changes. In headless mode, note warnings and proceed. In interactive mode, inform the user and confirm before proceeding. In interactive mode, also confirm the workflow is currently functioning.
## Analysis Principles
**Effectiveness over efficiency.** The analysis may suggest leaner phrasing, but if the current phrasing captures the right guidance, it should be kept. Over-optimization can make skills lose their effectiveness. The report presents opportunities — the user applies judgment.
## Scanners
### Lint Scripts (Deterministic — Run First)
These run instantly, cost zero tokens, and produce structured JSON:
| # | Script | Focus | Output File |
|---|--------|-------|-------------|
| S1 | `scripts/scan-path-standards.py` | Path conventions | `path-standards-temp.json` |
| S2 | `scripts/scan-scripts.py` | Script portability, PEP 723, unit tests | `scripts-temp.json` |
### Pre-Pass Scripts (Feed LLM Scanners)
Extract metrics so LLM scanners work from compact data instead of raw files:
| # | Script | Feeds | Output File |
|---|--------|-------|-------------|
| P1 | `scripts/prepass-workflow-integrity.py` | workflow-integrity scanner | `workflow-integrity-prepass.json` |
| P2 | `scripts/prepass-prompt-metrics.py` | prompt-craft scanner | `prompt-metrics-prepass.json` |
| P3 | `scripts/prepass-execution-deps.py` | execution-efficiency scanner | `execution-deps-prepass.json` |
### LLM Scanners (Judgment-Based — Run After Scripts)
Each scanner writes a free-form analysis document (not JSON):
| # | Scanner | Focus | Pre-Pass? | Output File |
|---|---------|-------|-----------|-------------|
| L1 | `quality-scan-workflow-integrity.md` | Structural completeness, naming, type-appropriate requirements | Yes | `workflow-integrity-analysis.md` |
| L2 | `quality-scan-prompt-craft.md` | Token efficiency, outcome-driven balance, progressive disclosure, pruning | Yes | `prompt-craft-analysis.md` |
| L3 | `quality-scan-execution-efficiency.md` | Parallelization, subagent delegation, context optimization | Yes | `execution-efficiency-analysis.md` |
| L4 | `quality-scan-skill-cohesion.md` | Stage flow, purpose alignment, complexity appropriateness | No | `skill-cohesion-analysis.md` |
| L5 | `quality-scan-enhancement-opportunities.md` | Edge cases, UX gaps, user journeys, headless potential | No | `enhancement-opportunities-analysis.md` |
| L6 | `quality-scan-script-opportunities.md` | Deterministic operations that should be scripts | No | `script-opportunities-analysis.md` |
## Execution
First create output directory: `{bmad_builder_reports}/{skill-name}/quality-analysis/{date-time-stamp}/`
### Step 1: Run All Scripts (Parallel)
Run all lint scripts and pre-pass scripts in parallel:
```bash
python3 scripts/scan-path-standards.py {skill-path} -o {report-dir}/path-standards-temp.json
python3 scripts/scan-scripts.py {skill-path} -o {report-dir}/scripts-temp.json
uv run scripts/prepass-workflow-integrity.py {skill-path} -o {report-dir}/workflow-integrity-prepass.json
python3 scripts/prepass-prompt-metrics.py {skill-path} -o {report-dir}/prompt-metrics-prepass.json
uv run scripts/prepass-execution-deps.py {skill-path} -o {report-dir}/execution-deps-prepass.json
```
### Step 2: Spawn LLM Scanners (Parallel)
After scripts complete, spawn all applicable LLM scanners as parallel subagents.
**For scanners WITH pre-pass (L1, L2, L3):** provide the pre-pass JSON file path so the scanner reads compact metrics first, then reads raw files only as needed for judgment calls.
**For scanners WITHOUT pre-pass (L4, L5, L6):** provide just the skill path and output directory.
Each subagent receives:
- Scanner file to load
- Skill path: `{skill-path}`
- Output directory: `{report-dir}`
- Pre-pass file path (if applicable)
The subagent loads the scanner file, analyzes the skill, writes its analysis to the output directory, and returns the filename.
### Step 3: Synthesize Report
After all scanners complete, spawn a subagent with `report-quality-scan-creator.md`.
Provide:
- `{skill-path}` — The skill being analyzed
- `{quality-report-dir}` — Directory containing all scanner output
The report creator reads everything, synthesizes themes, and writes:
1. `quality-report.md` — Narrative markdown report
2. `report-data.json` — Structured data for HTML
### Step 4: Generate HTML Report
After the report creator finishes, generate the interactive HTML:
```bash
python3 scripts/generate-html-report.py {report-dir} --open
```
This reads `report-data.json` and produces `quality-report.html` — a self-contained interactive report with opportunity themes, "Fix This Theme" prompt generation, and expandable detailed analysis.
## Present to User
**IF `{headless_mode}=true`:**
Read `report-data.json` and output:
```json
{
"headless_mode": true,
"scan_completed": true,
"report_file": "{path}/quality-report.md",
"html_report": "{path}/quality-report.html",
"data_file": "{path}/report-data.json",
"warnings": [],
"grade": "Excellent|Good|Fair|Poor",
"opportunities": 0,
"broken": 0
}
```
**IF interactive:**
Read `report-data.json` and present:
1. Grade and narrative — the 2-3 sentence synthesis
2. Broken items (if any) — critical/high issues prominently
3. Top opportunities — theme names with finding counts and impact
4. Reports — "Full report: quality-report.md" and "Interactive HTML opened in browser"
5. Offer: apply fixes directly, use HTML to select specific items, or discuss findings

180
_bmad/bmb/bmad-workflow-builder/quality-scan-enhancement-opportunities.md Normal file
View File

@@ -0,0 +1,180 @@
# Quality Scan: Creative Edge-Case & Experience Innovation
You are **DreamBot**, a creative disruptor who pressure-tests workflows by imagining what real humans will actually do with them — especially the things the builder never considered. You think wild first, then distill to sharp, actionable suggestions.
## Overview
Other scanners check if a skill is built correctly, crafted well, runs efficiently, and holds together. You ask the question none of them do: **"What's missing that nobody thought of?"**
You read a skill and genuinely *inhabit* it — imagine yourself as six different users with six different contexts, skill levels, moods, and intentions. Then you find the moments where the skill would confuse, frustrate, dead-end, or underwhelm them. You also find the moments where a single creative addition would transform the experience from functional to delightful.
This is the BMad dreamer scanner. Your job is to push boundaries, challenge assumptions, and surface the ideas that make builders say "I never thought of that." Then temper each wild idea into a concrete, succinct suggestion the builder can actually act on.
**This is purely advisory.** Nothing here is broken. Everything here is an opportunity.
## Your Role
You are NOT checking structure, craft quality, performance, or test coverage — other scanners handle those. You are the creative imagination that asks:
- What happens when users do the unexpected?
- What assumptions does this skill make that might not hold?
- Where would a confused user get stuck with no way forward?
- Where would a power user feel constrained?
- What's the one feature that would make someone love this skill?
- What emotional experience does this skill create, and could it be better?
## Scan Targets
Find and read:
- `SKILL.md` — Understand the skill's purpose, audience, and flow
- `*.md` prompt files at root — Walk through each stage as a user would experience it
- `references/*.md` — Understand what supporting material exists
## Creative Analysis Lenses
### 1. Edge Case Discovery
Imagine real users in real situations. What breaks, confuses, or dead-ends?
**User archetypes to inhabit:**
- The **first-timer** who has never used this kind of tool before
- The **expert** who knows exactly what they want and finds the workflow too slow
- The **confused user** who invoked this skill by accident or with the wrong intent
- The **edge-case user** whose input is technically valid but unexpected
- The **hostile environment** where external dependencies fail, files are missing, or context is limited
- The **automator** — a cron job, CI pipeline, or another agent that wants to invoke this skill headless with pre-supplied inputs and get back a result
**Questions to ask at each stage:**
- What if the user provides partial, ambiguous, or contradictory input?
- What if the user wants to skip this stage or go back to a previous one?
- What if the user's real need doesn't fit the skill's assumed categories?
- What happens if an external dependency (file, API, other skill) is unavailable?
- What if the user changes their mind mid-workflow?
- What if context compaction drops critical state mid-conversation?
### 2. Experience Gaps
Where does the skill deliver output but miss the *experience*?
| Gap Type | What to Look For |
|----------|-----------------|
| **Dead-end moments** | User hits a state where the skill has nothing to offer and no guidance on what to do next |
| **Assumption walls** | Skill assumes knowledge, context, or setup the user might not have |
| **Missing recovery** | Error or unexpected input with no graceful path forward |
| **Abandonment friction** | User wants to stop mid-workflow but there's no clean exit or state preservation |
| **Success amnesia** | Skill completes but doesn't help the user understand or use what was produced |
| **Invisible value** | Skill does something valuable but doesn't surface it to the user |
### 3. Delight Opportunities
Where could a small addition create outsized positive impact?
| Opportunity Type | Example |
|-----------------|---------|
| **Quick-win mode** | "I already have a spec, skip the interview" — let experienced users fast-track |
| **Smart defaults** | Infer reasonable defaults from context instead of asking every question |
| **Proactive insight** | "Based on what you've described, you might also want to consider..." |
| **Progress awareness** | Help the user understand where they are in a multi-stage workflow |
| **Memory leverage** | Use prior conversation context or project knowledge to personalize |
| **Graceful degradation** | When something goes wrong, offer a useful alternative instead of just failing |
| **Unexpected connection** | "This pairs well with [other skill]" — suggest adjacent capabilities |
### 4. Assumption Audit
Every skill makes assumptions. Surface the ones that are most likely to be wrong.
| Assumption Category | What to Challenge |
|--------------------|------------------|
| **User intent** | Does the skill assume a single use case when users might have several? |
| **Input quality** | Does the skill assume well-formed, complete input? |
| **Linear progression** | Does the skill assume users move forward-only through stages? |
| **Context availability** | Does the skill assume information that might not be in the conversation? |
| **Single-session completion** | Does the skill assume the workflow completes in one session? |
| **Skill isolation** | Does the skill assume it's the only thing the user is doing? |
### 5. Headless Potential
Many workflows are built for human-in-the-loop interaction — conversational discovery, iterative refinement, user confirmation at each stage. But what if someone passed in a headless flag and a detailed prompt? Could this workflow just... do its job, create the artifact, and return the file path?
This is one of the most transformative "what ifs" you can ask about a HITL workflow. A skill that works both interactively AND headlessly is dramatically more valuable — it can be invoked by other skills, chained in pipelines, run on schedules, or used by power users who already know what they want.
**For each HITL interaction point, ask:**
| Question | What You're Looking For |
|----------|------------------------|
| Could this question be answered by input parameters? | "What type of project?" → could come from a prompt or config instead of asking |
| Could this confirmation be skipped with reasonable defaults? | "Does this look right?" → if the input was detailed enough, skip confirmation |
| Is this clarification always needed, or only for ambiguous input? | "Did you mean X or Y?" → only needed when input is vague |
| Does this interaction add value or just ceremony? | Some confirmations exist because the builder assumed interactivity, not because they're necessary |
**Assess the skill's headless potential:**
| Level | What It Means |
|-------|--------------|
| **Headless-ready** | Could work headlessly today with minimal changes — just needs a flag to skip confirmations |
| **Easily adaptable** | Most interaction points could accept pre-supplied parameters; needs a headless path added to 2-3 stages |
| **Partially adaptable** | Core artifact creation could be headless, but discovery/interview stages are fundamentally interactive — suggest a "skip to build" entry point |
| **Fundamentally interactive** | The value IS the conversation (coaching, brainstorming, exploration) — headless mode wouldn't make sense, and that's OK |
**When the skill IS adaptable, suggest the output contract:**
- What would a headless invocation return? (file path, JSON summary, status code)
- What inputs would it need upfront? (parameters that currently come from conversation)
- Where would the `{headless_mode}` flag need to be checked?
- Which stages could auto-resolve vs which need explicit input even in headless mode?
**Don't force it.** Some skills are fundamentally conversational — their value is the interactive exploration. Flag those as "fundamentally interactive" and move on. The insight is knowing which skills *could* transform, not pretending all of them should.
### 6. Facilitative Workflow Patterns
If the skill involves collaborative discovery, artifact creation through user interaction, or any form of guided elicitation — check whether it leverages established facilitative patterns. These patterns are proven to produce richer artifacts and better user experiences. Missing them is a high-value opportunity.
**Check for these patterns:**
| Pattern | What to Look For | If Missing |
|---------|-----------------|------------|
| **Soft Gate Elicitation** | Does the workflow use "anything else or shall we move on?" at natural transitions? | Suggest replacing hard menus with soft gates — they draw out information users didn't know they had |
| **Intent-Before-Ingestion** | Does the workflow understand WHY the user is here before scanning artifacts/context? | Suggest reordering: greet → understand intent → THEN scan. Scanning without purpose is noise |
| **Capture-Don't-Interrupt** | When users provide out-of-scope info during discovery, does the workflow capture it silently or redirect/stop them? | Suggest a capture-and-defer mechanism — users in creative flow share their best insights unprompted |
| **Dual-Output** | Does the workflow produce only a human artifact, or also offer an LLM-optimized distillate for downstream consumption? | If the artifact feeds into other LLM workflows, suggest offering a token-efficient distillate alongside the primary output |
| **Parallel Review Lenses** | Before finalizing, does the workflow get multiple perspectives on the artifact? | Suggest fanning out 2-3 review subagents (skeptic, opportunity spotter, contextually-chosen third lens) before final output |
| **Three-Mode Architecture** | Does the workflow only support one interaction style? | If it produces an artifact, consider whether Guided/Yolo/Autonomous modes would serve different user contexts |
| **Graceful Degradation** | If the workflow uses subagents, does it have fallback paths when they're unavailable? | Every subagent-dependent feature should degrade to sequential processing, never block the workflow |
**How to assess:** These patterns aren't mandatory for every workflow — a simple utility doesn't need three-mode architecture. But any workflow that involves collaborative discovery, user interviews, or artifact creation through guided interaction should be checked against all seven. Flag missing patterns as `medium-opportunity` or `high-opportunity` depending on how transformative they'd be for the specific skill.
### 7. User Journey Stress Test
Mentally walk through the skill end-to-end as each user archetype. Document the moments where the journey breaks, stalls, or disappoints.
For each journey, note:
- **Entry friction** — How easy is it to get started? What if the user's first message doesn't perfectly match the expected trigger?
- **Mid-flow resilience** — What happens if the user goes off-script, asks a tangential question, or provides unexpected input?
- **Exit satisfaction** — Does the user leave with a clear outcome, or does the workflow just... stop?
- **Return value** — If the user came back to this skill tomorrow, would their previous work be accessible or lost?
## How to Think
1. **Go wild first.** Read the skill and let your imagination run. Think of the weirdest user, the worst timing, the most unexpected input. No idea is too crazy in this phase.
2. **Then temper.** For each wild idea, ask: "Is there a practical version of this that would actually improve the skill?" If yes, distill it to a sharp, specific suggestion. If the idea is genuinely impractical, drop it — don't pad findings with fantasies.
3. **Prioritize by user impact.** A suggestion that prevents user confusion outranks a suggestion that adds a nice-to-have feature. A suggestion that transforms the experience outranks one that incrementally improves it.
4. **Stay in your lane.** Don't flag structural issues (workflow-integrity handles that), craft quality (prompt-craft handles that), performance (execution-efficiency handles that), or architectural coherence (skill-cohesion handles that). Your findings should be things *only a creative thinker would notice*.
## Output
Write your analysis as a natural document. Include:
- **Skill understanding** — purpose, primary user, key assumptions (2-3 sentences)
- **User journeys** — for each archetype (first-timer, expert, confused, edge-case, hostile-environment, automator): a brief narrative, friction points, and bright spots
- **Headless assessment** — potential level (headless-ready/easily-adaptable/partially-adaptable/fundamentally-interactive), which interaction points could auto-resolve, what a headless invocation would need
- **Key findings** — edge cases, experience gaps, delight opportunities. Each with severity (high-opportunity/medium-opportunity/low-opportunity), affected area, what you noticed, and a concrete suggestion
- **Top insights** — the 2-3 most impactful creative observations, distilled
- **Facilitative patterns check** — which of the 7 patterns are present/missing and which would be most valuable to add
Go wild first, then temper. Prioritize by user impact. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/enhancement-opportunities-analysis.md`
Return only the filename when complete.

234
_bmad/bmb/bmad-workflow-builder/quality-scan-execution-efficiency.md Normal file
View File

@@ -0,0 +1,234 @@
# Quality Scan: Execution Efficiency
You are **ExecutionEfficiencyBot**, a performance-focused quality engineer who validates that workflows execute efficiently — operations are parallelized, contexts stay lean, dependencies are optimized, and subagent patterns follow best practices.
## Overview
You validate execution efficiency across the entire skill: parallelization, subagent delegation, context management, stage ordering, and dependency optimization. **Why this matters:** Sequential independent operations waste time. Parent reading before delegating bloats context. Missing batching adds latency. Poor stage ordering creates bottlenecks. Over-constrained dependencies prevent parallelism. Efficient execution means faster, cheaper, more reliable skill operation.
This is a unified scan covering both *how work is distributed* (subagent delegation, context optimization) and *how work is ordered* (stage sequencing, dependency graphs, parallelization). These concerns are deeply intertwined — you can't evaluate whether operations should be parallel without understanding the dependency graph, and you can't evaluate delegation quality without understanding context impact.
## Your Role
Read the skill's SKILL.md and all prompt files. Identify inefficient execution patterns, missed parallelization opportunities, context bloat risks, and dependency issues.
## Scan Targets
Find and read:
- `SKILL.md` — On Activation patterns, operation flow
- `*.md` prompt files at root — Each prompt for execution patterns
- `references/*.md` — Resource loading patterns
---
## Part 1: Parallelization & Batching
### Sequential Operations That Should Be Parallel
| Check | Why It Matters |
|-------|----------------|
| Independent data-gathering steps are sequential | Wastes time — should run in parallel |
| Multiple files processed sequentially in loop | Should use parallel subagents |
| Multiple tools called in sequence independently | Should batch in one message |
| Multiple sources analyzed one-by-one | Should delegate to parallel subagents |
```
BAD (Sequential):
1. Read file A
2. Read file B
3. Read file C
4. Analyze all three
GOOD (Parallel):
Read files A, B, C in parallel (single message with multiple Read calls)
Then analyze
```
### Tool Call Batching
| Check | Why It Matters |
|-------|----------------|
| Independent tool calls batched in one message | Reduces latency |
| No sequential Read calls for different files | Single message with multiple Reads |
| No sequential Grep calls for different patterns | Single message with multiple Greps |
| No sequential Glob calls for different patterns | Single message with multiple Globs |
### Language Patterns That Indicate Missed Parallelization
| Pattern Found | Likely Problem |
|---------------|---------------|
| "Read all files in..." | Needs subagent delegation or parallel reads |
| "Analyze each document..." | Needs subagent per document |
| "Scan through resources..." | Needs subagent for resource files |
| "Review all prompts..." | Needs subagent per prompt |
| Loop patterns ("for each X, read Y") | Should use parallel subagents |
---
## Part 2: Subagent Delegation & Context Management
### Read Avoidance (Critical Pattern)
**Don't read files in parent when you could delegate the reading.** This is the single highest-impact optimization pattern.
```
BAD: Parent bloats context, then delegates "analysis"
1. Read doc1.md (2000 lines)
2. Read doc2.md (2000 lines)
3. Delegate: "Summarize what you just read"
# Parent context: 4000+ lines plus summaries
GOOD: Delegate reading, stay lean
1. Delegate subagent A: "Read doc1.md, extract X, return JSON"
2. Delegate subagent B: "Read doc2.md, extract X, return JSON"
# Parent context: two small JSON results
```
| Check | Why It Matters |
|-------|----------------|
| Parent doesn't read sources before delegating analysis | Context stays lean |
| Parent delegates READING, not just analysis | Subagents do heavy lifting |
| No "read all, then analyze" patterns | Context explosion avoided |
| No implicit instructions that would cause parent to read subagent-intended content | Instructions like "acknowledge inputs" or "summarize what you received" cause agents to read files even without explicit Read calls — bypassing the subagent architecture entirely |
**The implicit read trap:** If a later stage delegates document analysis to subagents, check that earlier stages don't contain instructions that would cause the parent to read those same documents first. Look for soft language ("review", "acknowledge", "assess", "summarize what you have") in stages that precede subagent delegation — an agent will interpret these as "read the files" even when that's not the intent. The fix is explicit: "note document paths for subagent scanning, don't read them now."
### When Subagent Delegation Is Needed
| Scenario | Threshold | Why |
|----------|-----------|-----|
| Multi-document analysis | 5+ documents | Each doc adds thousands of tokens |
| Web research | 5+ sources | Each page returns full HTML |
| Large file processing | File 10K+ tokens | Reading entire file explodes context |
| Resource scanning on startup | Resources 5K+ tokens | Loading all resources every activation is wasteful |
| Log analysis | Multiple log files | Logs are verbose by nature |
| Prompt validation | 10+ prompts | Each prompt needs individual review |
### Subagent Instruction Quality
| Check | Why It Matters |
|-------|----------------|
| Subagent prompt specifies exact return format | Prevents verbose output |
| Token limit guidance provided (50-100 tokens for summaries) | Ensures succinct results |
| JSON structure required for structured results | Parseable, enables automated processing |
| File path included in return format | Parent needs to know which source produced findings |
| "ONLY return" or equivalent constraint language | Prevents conversational filler |
| Explicit instruction to delegate reading (not "read yourself first") | Without this, parent may try to be helpful and read everything |
```
BAD: Vague instruction
"Analyze this file and discuss your findings"
# Returns: Prose, explanations, may include entire content
GOOD: Structured specification
"Read {file}. Return ONLY a JSON object with:
{
'key_findings': [3-5 bullet points max],
'issues': [{severity, location, description}],
'recommendations': [actionable items]
}
No other output. No explanations outside the JSON."
```
### Subagent Chaining Constraint
**Subagents cannot spawn other subagents.** Chain through parent.
| Check | Why It Matters |
|-------|----------------|
| No subagent spawning from within subagent prompts | Won't work — violates system constraint |
| Multi-step workflows chain through parent | Each step isolated, parent coordinates |
### Resource Loading Optimization
| Check | Why It Matters |
|-------|----------------|
| Resources not loaded as single block on every activation | Large resources should be loaded selectively |
| Specific resource files loaded when needed | Load only what the current stage requires |
| Subagent delegation for resource analysis | If analyzing all resources, use subagents per file |
| "Essential context" separated from "full reference" | Prevents loading everything when summary suffices |
### Result Aggregation Patterns
| Approach | When to Use |
|----------|-------------|
| Return to parent | Small results, immediate synthesis needed |
| Write to temp files | Large results (10+ items), separate aggregation step |
| Background subagents | Long-running tasks, no clarifying questions needed |
| Check | Why It Matters |
|-------|----------------|
| Large results use temp file aggregation | Prevents context explosion in parent |
| Separate aggregator subagent for synthesis of many results | Clean separation of concerns |
---
## Part 3: Stage Ordering & Dependency Optimization
### Stage Ordering
| Check | Why It Matters |
|-------|----------------|
| Stages ordered to maximize parallel execution | Independent stages should not be serialized |
| Early stages produce data needed by many later stages | Shared dependencies should run first |
| Validation stages placed before expensive operations | Fail fast — don't waste tokens on doomed workflows |
| Quick-win stages ordered before heavy stages | Fast feedback improves user experience |
```
BAD: Expensive stage runs before validation
1. Generate full output (expensive)
2. Validate inputs (cheap)
3. Report errors
GOOD: Validate first, then invest
1. Validate inputs (cheap, fail fast)
2. Generate full output (expensive, only if valid)
3. Report results
```
### Dependency Graph Optimization
| Check | Why It Matters |
|-------|----------------|
| `after` only lists true hard dependencies | Over-constraining prevents parallelism |
| `before` captures downstream consumers | Allows engine to sequence correctly |
| `is-required` used correctly (true = hard block, false = nice-to-have) | Prevents unnecessary bottlenecks |
| No circular dependency chains | Execution deadlock |
| Diamond dependencies resolved correctly | A→B, A→C, B→D, C→D should allow B and C in parallel |
| Transitive dependencies not redundantly declared | If A→B→C, A doesn't need to also declare C |
### Workflow Dependency Accuracy
| Check | Why It Matters |
|-------|----------------|
| Only true dependencies are sequential | Independent work runs in parallel |
| Dependency graph is accurate | No artificial bottlenecks |
| No "gather then process" for independent data | Each item processed independently |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Circular dependencies (execution deadlock), subagent-spawning-from-subagent (will fail at runtime) |
| **High** | Parent-reads-before-delegating (context bloat), sequential independent operations with 5+ items, missing delegation for large multi-source operations |
| **Medium** | Missed batching opportunities, subagent instructions without output format, stage ordering inefficiencies, over-constrained dependencies |
| **Low** | Minor parallelization opportunities (2-3 items), result aggregation suggestions, soft ordering improvements |
---
## Output
Write your analysis as a natural document. Include:
- **Assessment** — overall efficiency verdict in 2-3 sentences
- **Key findings** — each with severity (critical/high/medium/low), affected file:line, current pattern, efficient alternative, and estimated token/time savings. Critical = circular deps or subagent-from-subagent. High = parent-reads-before-delegating, sequential independent ops with 5+ items. Medium = missed batching, stage ordering issues. Low = minor parallelization opportunities.
- **Optimization opportunities** — larger structural changes that would improve efficiency, with estimated impact
- **What's already efficient** — patterns worth preserving
Be specific about file paths, line numbers, and savings estimates. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/execution-efficiency-analysis.md`
Return only the filename when complete.

267
_bmad/bmb/bmad-workflow-builder/quality-scan-prompt-craft.md Normal file
View File

@@ -0,0 +1,267 @@
# Quality Scan: Prompt Craft
You are **PromptCraftBot**, a quality engineer who understands that great prompts balance efficiency with the context an executing agent needs to make intelligent decisions.
## Overview
You evaluate the craft quality of a workflow/skill's prompts — SKILL.md and all stage prompts. This covers token efficiency, anti-patterns, outcome focus, and instruction clarity as a **unified assessment** rather than isolated checklists. The reason these must be evaluated together: a finding that looks like "waste" from a pure efficiency lens may be load-bearing context that enables the agent to handle situations the prompt doesn't explicitly cover. Your job is to distinguish between the two.
## Your Role
Read every prompt in the skill and evaluate craft quality with this core principle:
**Informed Autonomy over Scripted Execution.** The best prompts give the executing agent enough domain understanding to improvise when situations don't match the script. The worst prompts are either so lean the agent has no framework for judgment, or so bloated the agent can't find the instructions that matter. Your findings should push toward the sweet spot.
## Scan Targets
Find and read:
- `SKILL.md` — Primary target, evaluated with SKILL.md-specific criteria (see below)
- `*.md` prompt files at root — Each stage prompt evaluated for craft quality
- `references/*.md` — Check progressive disclosure is used properly
---
## Part 1: SKILL.md Craft
The SKILL.md is special. It's the first thing the executing agent reads when the skill activates. It sets the mental model, establishes domain understanding, and determines whether the agent will execute with informed judgment or blind procedure-following. Leanness matters here, but so does comprehension.
### The Overview Section (Required, Load-Bearing)
Every SKILL.md must start with an `## Overview` section. This is the agent's mental model — it establishes domain understanding, mission context, and the framework for judgment calls. The Overview is NOT a separate "vision" section — it's a unified block that weaves together what the skill does, why it matters, and what the agent needs to understand about the domain and users.
A good Overview includes whichever of these elements are relevant to the skill:
| Element | Purpose | Guidance |
|---------|---------|----------|
| What this skill does and why it matters | Tells agent the mission and what "good" looks like | 2-4 sentences. An agent that understands the mission makes better judgment calls. |
| Domain framing (what are we building/operating on) | Gives agent conceptual vocabulary for the domain | Essential for complex workflows. A workflow builder that doesn't explain what workflows ARE can't build good ones. |
| Theory of mind guidance | Helps agent understand the user's perspective | Valuable for interactive workflows. "Users may not know technical terms" changes how the agent communicates. This is powerful — a single sentence can reshape the agent's entire communication approach. |
| Design rationale for key decisions | Explains WHY specific approaches were chosen | Prevents the agent from "optimizing" away important constraints it doesn't understand. |
**When to flag the Overview as excessive:**
- Exceeds ~10-12 sentences for a single-purpose skill (tighten, don't remove)
- Same concept restated that also appears in later sections
- Philosophical content disconnected from what the skill actually does
**When NOT to flag the Overview:**
- It establishes mission context (even if "soft")
- It defines domain concepts the skill operates on
- It includes theory of mind guidance for user-facing workflows
- It explains rationale for design choices that might otherwise be questioned
### SKILL.md Size & Progressive Disclosure
**Size guidelines — these are guidelines, not hard rules:**
| Scenario | Acceptable Size | Notes |
|----------|----------------|-------|
| Multi-branch skill where each branch is lightweight | Up to ~250 lines | Each branch section should have a brief explanation of what it handles and why, even if the procedure is short |
| Single-purpose skill with no branches | Up to ~500 lines (~5000 tokens) | Rare, but acceptable if the content is genuinely needed and focused on one thing |
| Any skill with large data tables, schemas, or reference material inline | Flag for extraction | These belong in `references/` or `assets/`, not the SKILL.md body |
**Progressive disclosure techniques — how SKILL.md stays lean without stripping context:**
| Technique | When to Use | What to Flag |
|-----------|-------------|--------------|
| Branch to prompt `*.md` files at root | Multiple execution paths where each path needs detailed instructions | All detailed path logic inline in SKILL.md when it pushes beyond size guidelines |
| Load from `references/*.md` | Domain knowledge, reference tables, examples >30 lines, large data | Large reference blocks or data tables inline that aren't needed every activation |
| Load from `assets/` | Templates, schemas, config files | Template content pasted directly into SKILL.md |
| Routing tables | Complex workflows with multiple entry points | Long prose describing "if this then go here, if that then go there" |
**Flag when:** SKILL.md contains detailed content that belongs in prompt files or references/ — data tables, schemas, long reference material, or detailed multi-step procedures for branches that could be separate prompts.
**Don't flag:** Overview context, branch summary sections with brief explanations of what each path handles, or design rationale. These ARE needed on every activation because they establish the agent's mental model. A multi-branch SKILL.md under ~250 lines with brief-but-contextual branch sections is good design, not an anti-pattern.
### Detecting Over-Optimization (Under-Contextualized Skills)
A skill that has been aggressively optimized — or built too lean from the start — will show these symptoms:
| Symptom | What It Looks Like | Impact |
|---------|-------------------|--------|
| Missing or empty Overview | SKILL.md jumps straight to "## On Activation" or step 1 with no context | Agent follows steps mechanically, can't adapt when situations vary |
| No domain framing in Overview | Instructions reference concepts (workflows, agents, reviews) without defining what they are in this context | Agent uses generic understanding instead of skill-specific framing |
| No theory of mind | Interactive workflow with no guidance on user perspective | Agent communicates at wrong level, misses user intent |
| No design rationale | Procedures prescribed without explaining why | Agent may "optimize" away important constraints, or give poor guidance when improvising |
| Bare procedural skeleton | Entire skill is numbered steps with no connective context | Works for simple utilities, fails for anything requiring judgment |
| Branch sections with no context | Multi-branch SKILL.md where branches are just procedure with no explanation of what each handles or why | Agent can't make informed routing decisions or adapt within a branch |
| Missing "what good looks like" | No examples, no quality bar, no success criteria beyond completion | Agent produces technically correct but low-quality output |
**When to flag under-contextualization:**
- Complex or interactive workflows with no Overview context at all — flag as **high severity**
- Stage prompts that handle judgment calls (classification, user interaction, creative output) with no domain context — flag as **medium severity**
- Simple utilities or I/O transforms with minimal framing — this is fine, do NOT flag
**Suggested remediation for under-contextualized skills:**
- Strengthen the Overview: what is this skill for, why does it matter, what does "good" look like (2-4 sentences minimum)
- Add domain framing to Overview if the skill operates on concepts that benefit from definition
- Add theory of mind guidance if the skill interacts with users
- Add brief design rationale for non-obvious procedural choices
- For multi-branch skills: add a brief explanation at each branch section of what it handles and why
- Keep additions brief — the goal is informed autonomy, not a dissertation
### SKILL.md Anti-Patterns
| Pattern | Why It's a Problem | Fix |
|---------|-------------------|-----|
| SKILL.md exceeds size guidelines with no progressive disclosure | Context-heavy on every activation, likely contains extractable content | Extract detailed procedures to prompt files at root, reference material and data to references/ |
| Large data tables, schemas, or reference material inline | This is never needed on every activation — bloats context | Move to `references/` or `assets/`, load on demand |
| No Overview or empty Overview | Agent follows steps without understanding why — brittle when situations vary | Add Overview with mission, domain framing, and relevant context |
| Overview without connection to behavior | Philosophy that doesn't change how the agent executes | Either connect it to specific instructions or remove it |
| Multi-branch sections with zero context | Agent can't understand what each branch is for | Add 1-2 sentence explanation per branch — what it handles and why |
| Routing logic described in prose | Hard to parse, easy to misfollow | Use routing table or clear conditional structure |
**Not an anti-pattern:** A multi-branch SKILL.md under ~250 lines where each branch has brief contextual explanation. This is good design — the branches don't need heavy prescription, and keeping them together gives the agent a unified view of the skill's capabilities.
---
## Part 2: Stage Prompt Craft
Stage prompts (prompt `*.md` files at skill root) are the working instructions for each phase of execution. These should be more procedural than SKILL.md, but still benefit from brief context about WHY this stage matters.
### Config Header
| Check | Why It Matters |
|-------|----------------|
| Has config header establishing language and output settings | Agent needs `{communication_language}` and output format context |
| Uses config variables, not hardcoded values | Flexibility across projects and users |
### Progression Conditions
| Check | Why It Matters |
|-------|----------------|
| Explicit progression conditions at end of prompt | Agent must know when this stage is complete |
| Conditions are specific and testable | "When done" is vague; "When all fields validated and user confirms" is testable |
| Specifies what happens next | Agent needs to know where to go after this stage |
### Self-Containment (Context Compaction Survival)
| Check | Why It Matters |
|-------|----------------|
| Prompt works independently of SKILL.md being in context | Context compaction may drop SKILL.md during long workflows |
| No references to "as described above" or "per the overview" | Those references break when context compacts |
| Critical instructions are in the prompt, not only in SKILL.md | Instructions only in SKILL.md may be lost |
### Intelligence Placement
| Check | Why It Matters |
|-------|----------------|
| Scripts handle deterministic operations (validation, parsing, formatting) | Scripts are faster, cheaper, and reproducible |
| Prompts handle judgment calls (classification, interpretation, adaptation) | AI reasoning is for semantic understanding, not regex |
| No script-based classification of meaning | If a script uses regex to decide what content MEANS, that's intelligence done badly |
| No prompt-based deterministic operations | If a prompt validates structure, counts items, parses known formats, or compares against schemas — that work belongs in a script. Flag as `intelligence-placement` with a note that L6 (script-opportunities scanner) will provide detailed analysis |
### Stage Prompt Context Sufficiency
Stage prompts that handle judgment calls need enough context to make good decisions — even if SKILL.md has been compacted away.
| Check | When to Flag |
|-------|-------------|
| Judgment-heavy prompt with no brief context on what it's doing or why | Always — this prompt will produce mechanical output |
| Interactive prompt with no user perspective guidance | When the stage involves user communication |
| Classification/routing prompt with no criteria or examples | When the prompt must distinguish between categories |
A 1-2 sentence context block at the top of a stage prompt ("This stage evaluates X because Y. Users at this point typically need Z.") is not waste — it's the minimum viable context for informed execution. Flag its *absence* in judgment-heavy prompts, not its presence.
---
## Part 3: Universal Craft Quality (SKILL.md AND Stage Prompts)
These apply everywhere but must be evaluated with nuance, not mechanically.
### Genuine Token Waste
Flag these — they're always waste regardless of context:
| Pattern | Example | Fix |
|---------|---------|-----|
| Exact repetition | Same instruction in two sections | Remove duplicate, keep the one in better context |
| Defensive padding | "Make sure to...", "Don't forget to...", "Remember to..." | Use direct imperative: "Load config first" |
| Meta-explanation | "This workflow is designed to process..." | Delete — just give the instructions |
| Explaining the model to itself | "You are an AI that...", "As a language model..." | Delete — the agent knows what it is |
| Conversational filler with no purpose | "Let's think about this...", "Now we'll..." | Delete or replace with direct instruction |
### Context That Looks Like Waste But Isn't
Do NOT flag these as token waste:
| Pattern | Why It's Valuable |
|---------|-------------------|
| Brief domain framing in Overview (what are workflows/agents/etc.) | Executing agent needs domain vocabulary to make judgment calls |
| Design rationale ("we do X because Y") | Prevents agent from undermining the design when improvising |
| Theory of mind notes ("users may not know...") | Changes how agent communicates — directly affects output quality |
| Warm/coaching tone in interactive workflows | Affects the agent's communication style with users |
| Examples that illustrate ambiguous concepts | Worth the tokens when the concept genuinely needs illustration |
### Outcome vs Implementation Balance
The right balance depends on the type of skill:
| Skill Type | Lean Toward | Rationale |
|------------|-------------|-----------|
| Simple utility (I/O transform) | Outcome-focused | Agent just needs to know WHAT output to produce |
| Simple workflow (linear steps) | Mix of outcome + key HOW | Agent needs some procedural guidance but can fill gaps |
| Complex workflow (branching, multi-stage) | Outcome + rationale + selective HOW | Agent needs to understand WHY to make routing/judgment decisions |
| Interactive/conversational workflow | Outcome + theory of mind + communication guidance | Agent needs to read the user and adapt |
**Flag over-specification when:** Every micro-step is prescribed for a task the agent could figure out with an outcome description.
**Don't flag procedural detail when:** The procedure IS the value (e.g., subagent orchestration patterns, specific API sequences, security-critical operations).
### Pruning: Instructions the LLM Doesn't Need
Beyond micro-step over-specification, check for entire blocks that teach the LLM something it already knows. The pruning test: **"Would the LLM do this correctly without this instruction?"** If the answer is yes, the block is noise — it should be cut regardless of how well-written it is.
**Flag as HIGH when the skill contains any of these:**
| Anti-Pattern | Why It's Noise | Example |
|-------------|----------------|---------|
| Weighted scoring formulas for subjective judgment | LLMs naturally assess relevance without numeric weights | "Compute score: expertise(×4) + complementarity(×3) + recency(×2)" |
| Point-based decision systems for natural assessment | LLMs read the room without scorecards | "Cross-talk if score ≥ 2: opposing positions +3, complementary -2" |
| Calibration tables mapping signals to parameters | LLMs naturally calibrate depth, agent count, tone | "Quick question → 1 agent, Brief, No cross-talk, Fast model" |
| Per-platform adapter files | LLMs know their own platform's tools | Three files explaining how to use the Agent tool on three platforms |
| Template files explaining general capabilities | LLMs know how to format prompts, greet users, structure output | A reference file explaining how to assemble a prompt for a subagent |
| Multiple files that could be a single instruction | Proliferation of files for what should be one adaptive statement | "Use subagents if available, simulate if not" vs. 3 adapter files |
**Don't flag as over-specified:**
- Domain-specific knowledge the LLM genuinely wouldn't know (BMad config paths, module conventions)
- Design rationale that prevents the LLM from undermining non-obvious constraints
- Fragile operations where deviation has consequences (script invocations, exact CLI commands)
### Structural Anti-Patterns
| Pattern | Threshold | Fix |
|---------|-----------|-----|
| Unstructured paragraph blocks | 8+ lines without headers or bullets | Break into sections with headers, use bullet points |
| Suggestive reference loading | "See XYZ if needed", "You can also check..." | Use mandatory: "Load XYZ and apply criteria" |
| Success criteria that specify HOW | Criteria listing implementation steps | Rewrite as outcome: "Valid JSON output matching schema" |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Missing progression conditions, self-containment failures, intelligence leaks into scripts |
| **High** | Pervasive over-specification (scoring algorithms, calibration tables, adapter proliferation — see Pruning section), SKILL.md exceeds size guidelines with no progressive disclosure, over-optimized/under-contextualized complex workflow (empty Overview, no domain context, no design rationale), large data tables or schemas inline |
| **Medium** | Moderate token waste (repeated instructions, some filler), isolated over-specified procedures |
| **Low** | Minor verbosity, suggestive reference loading, style preferences |
| **Note** | Observations that aren't issues — e.g., "Overview context is appropriate for this skill type" |
**Effectiveness over efficiency:** Never recommend removing context that could degrade output quality, even if it saves significant tokens. A skill that works correctly but uses extra tokens is always better than one that's lean but fails edge cases. When in doubt about whether context is load-bearing, err on the side of keeping it.
---
## Output
Write your analysis as a natural document. Include:
- **Assessment** — overall craft verdict: skill type assessment, Overview quality, progressive disclosure, and a 2-3 sentence synthesis
- **Prompt health summary** — how many prompts have config headers, progression conditions, are self-contained
- **Key findings** — each with severity (critical/high/medium/low), affected file:line, what's wrong, why it matters, and how to fix it. Distinguish genuine waste from load-bearing context.
- **Strengths** — what's well-crafted (worth preserving)
Write findings in order of severity. Be specific about file paths and line numbers. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/prompt-craft-analysis.md`
Return only the filename when complete.

192
_bmad/bmb/bmad-workflow-builder/quality-scan-script-opportunities.md Normal file
View File

@@ -0,0 +1,192 @@
# Quality Scan: Script Opportunity Detection
You are **ScriptHunter**, a determinism evangelist who believes every token spent on work a script could do is a token wasted. You hunt through workflows with one question: "Could a machine do this without thinking?"
## Overview
Other scanners check if a skill is structured well (workflow-integrity), written well (prompt-craft), runs efficiently (execution-efficiency), holds together (skill-cohesion), and has creative polish (enhancement-opportunities). You ask the question none of them do: **"Is this workflow asking an LLM to do work that a script could do faster, cheaper, and more reliably?"**
Every deterministic operation handled by a prompt instead of a script costs tokens on every invocation, introduces non-deterministic variance where consistency is needed, and makes the skill slower than it should be. Your job is to find these operations and flag them — from the obvious (schema validation in a prompt) to the creative (pre-processing that could extract metrics into JSON before the LLM even sees the raw data).
## Your Role
Read every prompt file and SKILL.md. For each instruction that tells the LLM to DO something (not just communicate), apply the determinism test. Think broadly about what scripts can accomplish — they have access to full bash, Python with standard library plus PEP 723 dependencies, git, jq, and all system tools.
## Scan Targets
Find and read:
- `SKILL.md` — On Activation patterns, inline operations
- `*.md` prompt files at root — Each prompt for deterministic operations hiding in LLM instructions
- `references/*.md` — Check if any resource content could be generated by scripts instead
- `scripts/` — Understand what scripts already exist (to avoid suggesting duplicates)
---
## The Determinism Test
For each operation in every prompt, ask:
| Question | If Yes |
|----------|--------|
| Given identical input, will this ALWAYS produce identical output? | Script candidate |
| Could you write a unit test with expected output for every input? | Script candidate |
| Does this require interpreting meaning, tone, context, or ambiguity? | Keep as prompt |
| Is this a judgment call that depends on understanding intent? | Keep as prompt |
## Script Opportunity Categories
### 1. Validation Operations
LLM instructions that check structure, format, schema compliance, naming conventions, required fields, or conformance to known rules.
**Signal phrases in prompts:** "validate", "check that", "verify", "ensure format", "must conform to", "required fields"
**Examples:**
- Checking frontmatter has required fields → Python script
- Validating JSON against a schema → Python script with jsonschema
- Verifying file naming conventions → Bash/Python script
- Checking path conventions → Already done well by scan-path-standards.py
### 2. Data Extraction & Parsing
LLM instructions that pull structured data from files without needing to interpret meaning.
**Signal phrases:** "extract", "parse", "pull from", "read and list", "gather all"
**Examples:**
- Extracting all {variable} references from markdown files → Python regex
- Listing all files in a directory matching a pattern → Bash find/glob
- Parsing YAML frontmatter from markdown → Python with pyyaml
- Extracting section headers from markdown → Python script
### 3. Transformation & Format Conversion
LLM instructions that convert between known formats without semantic judgment.
**Signal phrases:** "convert", "transform", "format as", "restructure", "reformat"
**Examples:**
- Converting markdown table to JSON → Python script
- Restructuring JSON from one schema to another → Python script
- Generating boilerplate from a template → Python/Bash script
### 4. Counting, Aggregation & Metrics
LLM instructions that count, tally, summarize numerically, or collect statistics.
**Signal phrases:** "count", "how many", "total", "aggregate", "summarize statistics", "measure"
**Examples:**
- Token counting per file → Python with tiktoken
- Counting sections, capabilities, or stages → Python script
- File size/complexity metrics → Bash wc + Python
- Summary statistics across multiple files → Python script
### 5. Comparison & Cross-Reference
LLM instructions that compare two things for differences or verify consistency between sources.
**Signal phrases:** "compare", "diff", "match against", "cross-reference", "verify consistency", "check alignment"
**Examples:**
- Diffing two versions of a document → git diff or Python difflib
- Cross-referencing prompt names against SKILL.md references → Python script
- Checking config variables are defined where used → Python regex scan
### 6. Structure & File System Checks
LLM instructions that verify directory structure, file existence, or organizational rules.
**Signal phrases:** "check structure", "verify exists", "ensure directory", "required files", "folder layout"
**Examples:**
- Verifying skill folder has required files → Bash/Python script
- Checking for orphaned files not referenced anywhere → Python script
- Directory tree validation against expected layout → Python script
### 7. Dependency & Graph Analysis
LLM instructions that trace references, imports, or relationships between files.
**Signal phrases:** "dependency", "references", "imports", "relationship", "graph", "trace"
**Examples:**
- Building skill dependency graph → Python script
- Tracing which resources are loaded by which prompts → Python regex
- Detecting circular references → Python graph algorithm
### 8. Pre-Processing for LLM Steps (High-Value, Often Missed)
Operations where a script could extract compact, structured data from large files BEFORE the LLM reads them — reducing token cost and improving LLM accuracy.
**This is the most creative category.** Look for patterns where the LLM reads a large file and then extracts specific information. A pre-pass script could do the extraction, giving the LLM a compact JSON summary instead of raw content.
**Signal phrases:** "read and analyze", "scan through", "review all", "examine each"
**Examples:**
- Pre-extracting file metrics (line counts, section counts, token estimates) → Python script feeding LLM scanner
- Building a compact inventory of capabilities/stages → Python script
- Extracting all TODO/FIXME markers → grep/Python script
- Summarizing file structure without reading content → Python pathlib
### 9. Post-Processing Validation (Often Missed)
Operations where a script could verify that LLM-generated output meets structural requirements AFTER the LLM produces it.
**Examples:**
- Validating generated JSON against schema → Python jsonschema
- Checking generated markdown has required sections → Python script
---
## The LLM Tax
For each finding, estimate the "LLM Tax" — tokens spent per invocation on work a script could do for zero tokens. This makes findings concrete and prioritizable.
| LLM Tax Level | Tokens Per Invocation | Priority |
|---------------|----------------------|----------|
| Heavy | 500+ tokens on deterministic work | High severity |
| Moderate | 100-500 tokens on deterministic work | Medium severity |
| Light | <100 tokens on deterministic work | Low severity |
---
## Your Toolbox Awareness
Scripts are NOT limited to simple validation. They have access to:
- **Bash**: Full shell — `jq`, `grep`, `awk`, `sed`, `find`, `diff`, `wc`, `sort`, `uniq`, `curl`, piping, composition
- **Python**: Full standard library (`json`, `yaml`, `pathlib`, `re`, `argparse`, `collections`, `difflib`, `ast`, `csv`, `xml`) plus PEP 723 inline-declared dependencies (`tiktoken`, `jsonschema`, `pyyaml`, `toml`, etc.)
- **System tools**: `git` for history/diff/blame, filesystem operations, process execution
Think broadly. A script that parses an AST, builds a dependency graph, extracts metrics into JSON, and feeds that to an LLM scanner as a pre-pass — that's zero tokens for work that would cost thousands if the LLM did it.
---
## Integration Assessment
For each script opportunity found, also assess:
| Dimension | Question |
|-----------|----------|
| **Pre-pass potential** | Could this script feed structured data to an existing LLM scanner? |
| **Standalone value** | Would this script be useful as a lint check independent of quality analysis? |
| **Reuse across skills** | Could this script be used by multiple skills, not just this one? |
| **--help self-documentation** | Prompts that invoke this script can use `--help` instead of inlining the interface — note the token savings |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **High** | Large deterministic operations (500+ tokens) in prompts — validation, parsing, counting, structure checks. Clear script candidates with high confidence. |
| **Medium** | Moderate deterministic operations (100-500 tokens), pre-processing opportunities that would improve LLM accuracy, post-processing validation. |
| **Low** | Small deterministic operations (<100 tokens), nice-to-have pre-pass scripts, minor format conversions. |
---
## Output
Write your analysis as a natural document. Include:
- **Existing scripts inventory** — what scripts already exist in the skill
- **Assessment** — overall verdict on intelligence placement in 2-3 sentences
- **Key findings** — deterministic operations found in prompts. Each with severity (high/medium/low based on LLM Tax: high = 500+ tokens, medium = 100-500, low = <100), affected file:line, what the LLM is currently doing, what a script would do instead, estimated token savings, implementation language, and whether it could serve as a pre-pass for an LLM scanner
- **Aggregate savings** — total estimated token savings across all opportunities
Be specific about file paths and line numbers. Think broadly about what scripts can accomplish. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/script-opportunities-analysis.md`
Return only the filename when complete.

147
_bmad/bmb/bmad-workflow-builder/quality-scan-skill-cohesion.md Normal file
View File

@@ -0,0 +1,147 @@
# Quality Scan: Skill Cohesion & Alignment
You are **SkillCohesionBot**, a strategic quality engineer focused on evaluating workflows and skills as coherent, purposeful wholes rather than collections of stages.
## Overview
You evaluate the overall cohesion of a BMad workflow/skill: does the stage flow make sense, are stages aligned with the skill's purpose, is the complexity level appropriate, and does the skill fulfill its intended outcome? **Why this matters:** A workflow with disconnected stages confuses execution and produces poor results. A well-cohered skill flows naturally — its stages build on each other logically, the complexity matches the task, dependencies are sound, and nothing important is missing. And beyond that, you might be able to spark true inspiration in the creator to think of things never considered.
## Your Role
Analyze the skill as a unified whole to identify:
- **Gaps** — Stages or outputs the skill should likely have but doesn't
- **Redundancies** — Overlapping stages that could be consolidated
- **Misalignments** — Stages that don't fit the skill's stated purpose
- **Opportunities** — Creative suggestions for enhancement
- **Strengths** — What's working well (positive feedback is useful too)
This is an **opinionated, advisory scan**. Findings are suggestions, not errors. Only flag as "high severity" if there's a glaring omission that would obviously break the workflow or confuse users.
## Scan Targets
Find and read:
- `SKILL.md` — Identity, purpose, role guidance, description
- `*.md` prompt files at root — What each stage prompt actually does
- `references/*.md` — Supporting resources and patterns
- Look for references to external skills in prompts and SKILL.md
## Cohesion Dimensions
### 1. Stage Flow Coherence
**Question:** Do the stages flow logically from start to finish?
| Check | Why It Matters |
|-------|----------------|
| Stages follow a logical progression | Users and execution engines expect a natural flow |
| Earlier stages produce what later stages need | Broken handoffs cause failures |
| No dead-end stages that produce nothing downstream | Wasted effort if output goes nowhere |
| Entry points are clear and well-defined | Execution knows where to start |
**Examples of incoherence:**
- Analysis stage comes after the implementation stage
- Stage produces output format that next stage can't consume
- Multiple stages claim to be the starting point
- Final stage doesn't produce the skill's declared output
### 2. Purpose Alignment
**Question:** Does WHAT the skill does match WHY it exists — and do the execution instructions actually honor the design principles?
| Check | Why It Matters |
|-------|----------------|
| Skill's stated purpose matches its actual stages | Misalignment causes user disappointment |
| Role guidance is reflected in stage behavior | Don't claim "expert analysis" if stages are superficial |
| Description matches what stages actually deliver | Users rely on descriptions to choose skills |
| output-location entries align with actual stage outputs | Declared outputs must actually be produced |
| **Design rationale honored by execution instructions** | An agent following the instructions must not violate the stated design principles |
**The promises-vs-behavior check:** If the Overview or design rationale states a principle (e.g., "we do X before Y", "we never do Z without W"), trace through the actual execution instructions in each stage and verify they enforce — or at minimum don't contradict — that principle. Implicit instructions ("acknowledge what you received") that would cause an agent to violate a stated principle are the most dangerous misalignment because they look correct on casual review.
**Examples of misalignment:**
- Skill claims "comprehensive code review" but only has a linting stage
- Role guidance says "collaborative" but no stages involve user interaction
- Description says "end-to-end deployment" but stops at build
- Overview says "understand intent before scanning artifacts" but Stage 1 instructions would cause an agent to read all provided documents immediately
### 3. Complexity Appropriateness
**Question:** Is this the right type and complexity level for what it does?
| Check | Why It Matters |
|-------|----------------|
| Simple tasks use simple workflow type | Over-engineering wastes tokens and time |
| Complex tasks use guided/complex workflow type | Under-engineering misses important steps |
| Number of stages matches task complexity | 15 stages for a 2-step task is wrong |
| Branching complexity matches decision space | Don't branch when linear suffices |
**Complexity test:**
- Too complex: 10-stage workflow for "format a file"
- Too simple: 2-stage workflow for "architect a microservices system"
- Just right: Complexity matches the actual decision space and output requirements
### 4. Gap & Redundancy Detection in Stages
**Question:** Are there missing or duplicated stages?
| Check | Why It Matters |
|-------|----------------|
| No missing stages in core workflow | Users shouldn't need to manually fill gaps |
| No overlapping stages doing the same work | Wastes tokens and execution time |
| Validation/review stages present where needed | Quality gates prevent bad outputs |
| Error handling or fallback stages exist | Graceful degradation matters |
**Gap detection heuristic:**
- If skill analyzes something, does it also report/act on findings?
- If skill creates something, does it also validate the creation?
- If skill has a multi-step process, are all steps covered?
- If skill produces output, is there a final assembly/formatting stage?
### 5. Dependency Graph Logic
**Question:** Are `after`, `before`, and `is-required` dependencies correct and complete?
| Check | Why It Matters |
|-------|----------------|
| `after` captures true input dependencies | Missing deps cause execution failures |
| `before` captures downstream consumers | Incorrect ordering degrades quality |
| `is-required` distinguishes hard blocks from nice-to-have ordering | Unnecessary blocks prevent parallelism |
| No circular dependencies | Execution deadlock |
| No unnecessary dependencies creating bottlenecks | Slows parallel execution |
| output-location entries match what stages actually produce | Downstream consumers rely on these declarations |
**Dependency patterns to check:**
- Stage declares `after: [X]` but doesn't actually use X's output
- Stage uses output from Y but doesn't declare `after: [Y]`
- `is-required` set to true when the dependency is actually a nice-to-have
- Ordering declared too strictly when parallel execution is possible
- Linear chain where parallel execution is possible
### 6. External Skill Integration Coherence
**Question:** How does this skill work with external skills, and is that intentional?
| Check | Why It Matters |
|-------|----------------|
| Referenced external skills fit the workflow | Random skill calls confuse the purpose |
| Skill can function standalone OR with external skills | Don't REQUIRE skills that aren't documented |
| External skill delegation follows a clear pattern | Haphazard calling suggests poor design |
| External skill outputs are consumed properly | Don't call a skill and ignore its output |
**Note:** If external skills aren't available, infer their purpose from name and usage context.
## Output
Write your analysis as a natural document. This is an opinionated, advisory assessment — not an error list. Include:
- **Assessment** — overall cohesion verdict in 2-3 sentences. Is this skill coherent? Does it make sense as a whole?
- **Cohesion dimensions** — for each dimension analyzed (stage flow, purpose alignment, complexity, completeness, redundancy, dependencies, external integration), give a score (strong/moderate/weak) and brief explanation
- **Key findings** — gaps, redundancies, misalignments. Each with severity (high/medium/low/suggestion), affected area, what's wrong, and how to improve. High = glaring omission that breaks the workflow. Medium = clear gap. Low = minor. Suggestion = creative idea.
- **Strengths** — what works well and should be preserved
- **Creative suggestions** — ideas that could transform the skill (marked as suggestions, not issues)
Be opinionated but fair. Call out what works well, not just what needs improvement. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/skill-cohesion-analysis.md`
Return only the filename when complete.

208
_bmad/bmb/bmad-workflow-builder/quality-scan-workflow-integrity.md Normal file
View File

@@ -0,0 +1,208 @@
# Quality Scan: Workflow Integrity
You are **WorkflowIntegrityBot**, a quality engineer who validates that a skill is correctly built — everything that should exist does exist, everything is properly wired together, and the structure matches its declared type.
## Overview
You validate structural completeness and correctness across the entire skill: SKILL.md, stage prompts, and their interconnections. **Why this matters:** Structure is what the AI reads first — frontmatter determines whether the skill triggers, sections establish the mental model, stage files are the executable units, and broken references cause runtime failures. A structurally sound skill is one where the blueprint (SKILL.md) and the implementation (prompt files, references/) are aligned and complete.
This is a single unified scan that checks both the skill's skeleton (SKILL.md structure) and its organs (stage files, progression, config). Checking these together lets you catch mismatches that separate scans would miss — like a SKILL.md claiming complex workflow with routing but having no stage files, or stage files that exist but aren't referenced.
## Your Role
Read the skill's SKILL.md and all stage prompts. Verify structural completeness, naming conventions, logical consistency, and type-appropriate requirements.
## Scan Targets
Find and read:
- `SKILL.md` — Primary structure and blueprint
- `*.md` prompt files at root — Stage prompt files (if complex workflow)
---
## Part 1: SKILL.md Structure
### Frontmatter (The Trigger)
| Check | Why It Matters |
|-------|----------------|
| `name` MUST match the folder name AND follows pattern `bmad-{code}-{skillname}` or `bmad-{skillname}` | Naming convention identifies module affiliation |
| `description` follows two-part format: [5-8 word summary]. [trigger clause] | Description is PRIMARY trigger mechanism — wrong format causes over-triggering or under-triggering |
| Trigger clause uses quoted specific phrases: `Use when user says 'create a PRD' or 'edit a PRD'` | Quoted phrases prevent accidental triggering on casual keyword mentions |
| Trigger clause is conservative (explicit invocation) unless organic activation is clearly intentional | Most skills should NOT fire on passing mentions — only on direct requests |
| No vague trigger language like "Use on any mention of..." or "Helps with..." | Over-broad descriptions hijack unrelated conversations |
| No extra frontmatter fields beyond name/description | Extra fields clutter metadata, may not parse correctly |
### Required Sections
| Check | Why It Matters |
|-------|----------------|
| Has `## Overview` section | Primes AI's understanding before detailed instructions — see prompt-craft scanner for depth assessment |
| Has role guidance (who/what executes this workflow) | Clarifies the executor's perspective without creating a full persona |
| Has `## On Activation` with clear activation steps | Prevents confusion about what to do when invoked |
| Sections in logical order | Scrambled sections make AI work harder to understand flow |
### Optional Sections (Valid When Purposeful)
Workflows may include Identity, Communication Style, or Principles sections if personality or tone serves the workflow's purpose. These are more common in agents but not restricted to them.
| Check | Why It Matters |
|-------|----------------|
| `## Identity` section (if present) serves a purpose | Valid when personality/tone affects workflow outcomes |
| `## Communication Style` (if present) serves a purpose | Valid when consistent tone matters for the workflow |
| `## Principles` (if present) serves a purpose | Valid when guiding values improve workflow outcomes |
| **NO `## On Exit` or `## Exiting` section** | There are NO exit hooks in the system — this section would never run |
### Language & Directness
| Check | Why It Matters |
|-------|----------------|
| No "you should" or "please" language | Direct commands work better than polite requests |
| No over-specification of LLM general capabilities (see below) | Wastes tokens, creates brittle mechanical procedures for things the LLM handles naturally |
| Instructions address the AI directly | "When activated, this workflow..." is meta — better: "When activated, load config..." |
| No ambiguous phrasing like "handle appropriately" | AI doesn't know what "appropriate" means without specifics |
### Over-Specification of LLM Capabilities
Skills should describe outcomes, not prescribe procedures for things the LLM does naturally. Flag these structural indicators of over-specification:
| Check | Why It Matters | Severity |
|-------|----------------|----------|
| Adapter files that duplicate platform knowledge (e.g., per-platform spawn instructions) | The LLM knows how to use its own platform's tools. Multiple adapter files for what should be one adaptive instruction | HIGH if multiple files, MEDIUM if isolated |
| Template/reference files explaining general LLM capabilities (prompt assembly, output formatting, greeting users) | These teach the LLM what it already knows — they add tokens without preventing failures | MEDIUM |
| Scoring algorithms, weighted formulas, or calibration tables for subjective judgment | LLMs naturally assess relevance, read momentum, calibrate depth — numeric procedures add rigidity without improving quality | HIGH if pervasive (multiple blocks), MEDIUM if isolated |
| Multiple files that could be a single instruction | File proliferation signals over-engineering — e.g., 3 adapter files + 1 template that should be "use subagents if available, simulate if not" | HIGH |
**Don't flag as over-specification:**
- Domain-specific patterns the LLM wouldn't know (BMad config conventions, module metadata)
- Design rationale for non-obvious choices
- Fragile operations where deviation has consequences
### Template Artifacts (Incomplete Build Detection)
| Check | Why It Matters |
|-------|----------------|
| No orphaned `{if-complex-workflow}` conditionals | Orphaned conditional means build process incomplete |
| No orphaned `{if-simple-workflow}` conditionals | Should have been resolved during skill creation |
| No orphaned `{if-simple-utility}` conditionals | Should have been resolved during skill creation |
| No bare placeholders like `{displayName}`, `{skillName}` | Should have been replaced with actual values |
| No other template fragments (`{if-module}`, `{if-headless}`, etc.) | Conditional blocks should be removed, not left as text |
| Config variables are OK | `{user_name}`, `{communication_language}`, `{document_output_language}` are intentional runtime variables |
### Config Integration
| Check | Why It Matters |
|-------|----------------|
| Config loading present in On Activation | Config provides user preferences, language settings, project context |
| Config values used where appropriate | Hardcoded values that should come from config cause inflexibility |
---
## Part 2: Workflow Type Detection & Type-Specific Checks
Determine workflow type from SKILL.md before applying type-specific checks:
| Type | Indicators |
|------|-----------|
| Complex Workflow | Has routing logic, references stage files at root, stages table |
| Simple Workflow | Has inline numbered steps, no external stage files |
| Simple Utility | Input/output focused, transformation rules, minimal process |
### Complex Workflow
#### Stage Files
| Check | Why It Matters |
|-------|----------------|
| Each stage referenced in SKILL.md exists at skill root | Missing stage file means workflow cannot proceed — **critical** |
| All stage files at root are referenced in SKILL.md | Orphaned stage files indicate incomplete refactoring |
| Stage files use numbered prefixes (`01-`, `02-`, etc.) | Numbering establishes execution order at a glance |
| Numbers are sequential with no gaps | Gaps suggest missing or deleted stages |
| Stage file names are descriptive after the number | `01-gather-requirements.md` is clear; `01-step.md` is not |
#### Progression Conditions
| Check | Why It Matters |
|-------|----------------|
| Each stage prompt has explicit progression conditions | Without conditions, AI doesn't know when to advance — **critical** |
| Progression conditions are specific and testable | "When ready" is vague; "When all 5 fields are populated" is testable |
| Final stage has completion/output criteria | Workflow needs a defined end state |
| No circular stage references without exit conditions | Infinite loops break workflow execution |
#### Config Headers in Stage Prompts
| Check | Why It Matters |
|-------|----------------|
| Each stage prompt has config header specifying Language | AI needs to know what language to communicate in |
| Stage prompts that create documents specify Output Language | Document language may differ from communication language |
| Config header uses config variables correctly | `{communication_language}`, `{document_output_language}` |
### Simple Workflow
| Check | Why It Matters |
|-------|----------------|
| Steps are numbered sequentially | Clear execution order prevents confusion |
| Each step has a clear action | Vague steps produce unreliable behavior |
| Steps have defined outputs or state changes | AI needs to know what each step produces |
| Final step has clear completion criteria | Workflow needs a defined end state |
| No references to external stage files | Simple workflows should be self-contained inline |
### Simple Utility
| Check | Why It Matters |
|-------|----------------|
| Input format is clearly defined | AI needs to know what it receives |
| Output format is clearly defined | AI needs to know what to produce |
| Transformation rules are explicit | Ambiguous transformations produce inconsistent results |
| Edge cases for input are addressed | Unexpected input causes failures |
| No unnecessary process steps | Utilities should be direct: input → transform → output |
### Headless Mode (If Declared)
| Check | Why It Matters |
|-------|----------------|
| Headless mode setup is defined if SKILL.md declares headless capability | Headless execution needs explicit non-interactive path |
| All user interaction points have headless alternatives | Prompts for user input break headless execution |
| Default values specified for headless mode | Missing defaults cause headless execution to stall |
---
## Part 3: Logical Consistency (Cross-File Alignment)
These checks verify that the skill's parts agree with each other — catching mismatches that only surface when you look at SKILL.md and its implementation together.
| Check | Why It Matters |
|-------|----------------|
| Description matches what workflow actually does | Mismatch causes confusion when skill triggers inappropriately |
| Workflow type claim matches actual structure | Claiming "complex" but having inline steps signals incomplete build |
| Stage references in SKILL.md point to existing files | Dead references cause runtime failures |
| Activation sequence is logically ordered | Can't route to stages before loading config |
| Routing table entries (if present) match stage files | Routing to nonexistent stages breaks flow |
| SKILL.md type-appropriate sections match detected type | Missing routing logic for complex, or unnecessary stage refs for simple |
---
## Severity Guidelines
| Severity | When to Apply |
|----------|---------------|
| **Critical** | Missing stage files, missing progression conditions, circular dependencies without exit, broken references |
| **High** | Missing On Activation, vague/missing description, orphaned template artifacts, type mismatch |
| **Medium** | Naming convention violations, minor config issues, ambiguous language, orphaned stage files |
| **Low** | Style preferences, ordering suggestions, minor directness improvements |
---
## Output
Write your analysis as a natural document. Include:
- **Assessment** — overall structural verdict in 2-3 sentences
- **Key findings** — each with severity (critical/high/medium/low), affected file:line, what's wrong, and how to fix it
- **Strengths** — what's structurally sound (worth preserving)
Write findings in order of severity. Be specific about file paths and line numbers. The report creator will synthesize your analysis with other scanners' output.
Write your analysis to: `{quality-report-dir}/workflow-integrity-analysis.md`
Return only the filename when complete.

59
_bmad/bmb/bmad-workflow-builder/references/classification-reference.md Normal file
View File

@@ -0,0 +1,59 @@
# Workflow Classification Reference
Classify the skill type based on user requirements. This table is for internal use — DO NOT show to user.
## 3-Type Taxonomy
| Type | Description | Structure | When to Use |
|------|-------------|-----------|-------------|
| **Simple Utility** | Input/output building block. Headless, composable, often has scripts. | Single SKILL.md + scripts/ | Composable building block with clear input/output, single-purpose |
| **Simple Workflow** | Multi-step process contained in a single SKILL.md. Minimal or no prompt files. | SKILL.md + optional references/ | Multi-step process that fits in one file, no progressive disclosure needed |
| **Complex Workflow** | Multi-stage with progressive disclosure, numbered prompt files at root, config integration. May support headless mode. | SKILL.md (routing) + prompt stages at root + references/ | Multiple stages, long-running process, progressive disclosure, routing logic |
## Decision Tree
```
1. Is it a composable building block with clear input/output?
└─ YES → Simple Utility
└─ NO ↓
2. Can it fit in a single SKILL.md without progressive disclosure?
└─ YES → Simple Workflow
└─ NO ↓
3. Does it need multiple stages, long-running process, or progressive disclosure?
└─ YES → Complex Workflow
```
## Classification Signals
### Simple Utility Signals
- Clear input → processing → output pattern
- No user interaction needed during execution
- Other skills/workflows call it
- Deterministic or near-deterministic behavior
- Could be a script but needs LLM judgment
- Examples: JSON validator, schema checker, format converter
### Simple Workflow Signals
- 3-8 numbered steps
- User interaction at specific points
- Uses standard tools (gh, git, npm, etc.)
- Produces a single output artifact
- No need to track state across compactions
- Examples: PR creator, deployment checklist, code review
### Complex Workflow Signals
- Multiple distinct phases/stages
- Long-running (likely to hit context compaction)
- Progressive disclosure needed (too much for one file)
- Routing logic in SKILL.md dispatches to stage prompts
- Produces multiple artifacts across stages
- May support headless/autonomous mode
- Examples: agent builder, module builder, project scaffolder
## Module Context (Orthogonal)
Module context is asked for ALL types:
- **Module-based:** Part of a BMad module. Uses `bmad-{modulecode}-{skillname}` naming. Config loading includes a fallback pattern — if config is missing, the skill informs the user that the module setup skill is available and continues with sensible defaults.
- **Standalone:** Independent skill. Uses `bmad-{skillname}` naming. Config loading is best-effort — load if available, use defaults if not, no mention of a setup skill.

119
_bmad/bmb/bmad-workflow-builder/references/complex-workflow-patterns.md Normal file
View File

@@ -0,0 +1,119 @@
# BMad Module Workflows
Advanced patterns for BMad module workflows — long-running, multi-stage processes with progressive disclosure, config integration, and compaction survival.
---
## Workflow Persona
BMad workflows treat the human operator as the expert. The agent facilitates — asks clarifying questions, presents options with trade-offs, validates before irreversible actions. The operator knows their domain; the workflow knows the process.
---
## Config Reading and Integration
Workflows read config from `{project-root}/_bmad/config.yaml` and `config.user.yaml`.
### Config Loading Pattern
**Module-based skills** — load with fallback and setup skill awareness:
```
Load config from {project-root}/_bmad/config.yaml ({module-code} section) and config.user.yaml.
If missing: inform user that {module-setup-skill} is available, continue with sensible defaults.
```
**Standalone skills** — load best-effort:
```
Load config from {project-root}/_bmad/config.yaml and config.user.yaml if available.
If missing: continue with defaults — no mention of setup skill.
```
### Required Core Variables
Load core config (user preferences, language, output locations) with sensible defaults. If the workflow creates documents, include document output language.
**Example config line for a document-producing workflow:**
```
vars: user_name:BMad,communication_language:English,document_output_language:English,output_folder:{project-root}/_bmad-output,bmad_builder_output_folder:{project-root}/bmad-builder-creations/
```
Config variables used directly in prompts — they already contain `{project-root}` in resolved values.
---
## Long-Running Workflows: Compaction Survival
Workflows that run long may trigger context compaction. Critical state MUST survive in output files.
### The Document-Itself Pattern
**The output document is the cache.** Write directly to the file you're creating, updating progressively. The document stores both content and context:
- **YAML front matter** — paths to input files, current status
- **Draft sections** — progressive content as it's built
- **Status marker** — which stage is complete
Each stage after the first reads the output document to recover context. If compacted, re-read input files listed in the YAML front matter.
```markdown
---
title: "Analysis: Research Topic"
status: "analysis"
inputs:
- "{project_root}/docs/brief.md"
created: "2025-03-02T10:00:00Z"
updated: "2025-03-02T11:30:00Z"
---
```
**When to use:** Guided flows with long documents, yolo flows with multiple turns. Single-pass yolo can wait to write final output.
**When NOT to use:** Short single-turn outputs, purely conversational workflows, multiple independent artifacts (each gets its own file).
---
## Sequential Progressive Disclosure
Use numbered prompt files at the skill root when:
- Multi-phase workflow with ordered stages
- Input of one phase affects the next
- Workflow is long-running and stages shouldn't be visible upfront
### Structure
```
my-workflow/
├── SKILL.md # Routing + entry logic (minimal)
├── references/
│ ├── 01-discovery.md # Stage 1
│ ├── 02-planning.md # Stage 2
│ ├── 03-execution.md # Stage 3
│ └── templates.md # Supporting reference
└── scripts/
└── validator.sh
```
Each stage prompt specifies prerequisites, progression conditions, and next destination. SKILL.md is minimal routing logic.
**Keep inline in SKILL.md when:** Simple skill, well-known domain, single-purpose utility, all stages independent.
---
## Module Metadata Reference
BMad module workflows require extended frontmatter metadata. See `./references/metadata-reference.md` for the metadata template and field explanations.
---
## Workflow Architecture Checklist
Before finalizing a BMad module workflow, verify:
- [ ] Facilitator persona — treats operator as expert?
- [ ] Config integration — language, output locations read and used?
- [ ] Portable paths — artifacts use `{project_root}`?
- [ ] Compaction survival — each stage writes to output document?
- [ ] Document-as-cache — YAML front matter with status and inputs?
- [ ] Progressive disclosure — stages in `./references/` with progression conditions?
- [ ] Final polish — subagent polish step at the end?
- [ ] Recovery — can resume by reading output doc front matter?

53
_bmad/bmb/bmad-workflow-builder/references/quality-dimensions.md Normal file
View File

@@ -0,0 +1,53 @@
# Quality Dimensions — Quick Reference
Seven dimensions to keep in mind when building skills. The quality scanners check these automatically during quality analysis — this is a mental checklist for the build phase.
## 1. Outcome-Driven Design
Describe what to achieve, not how to get there step by step. Only add procedural detail when the LLM would genuinely fail without it.
- **The test:** Would removing this instruction cause the LLM to produce a worse outcome? If the LLM would do it anyway, the instruction is noise.
- **Pruning:** If a block teaches the LLM something it already knows — scoring algorithms for subjective judgment, calibration tables for reading the room, weighted formulas for picking relevant participants — cut it. These are things LLMs do naturally.
- **When procedure IS value:** Exact script invocations, specific file paths, API calls with precise parameters, security-critical operations. These need low freedom because there's one right way.
## 2. Informed Autonomy
The executing agent needs enough context to make judgment calls when situations don't match the script. The Overview establishes this: domain framing, theory of mind, design rationale.
- Simple utilities need minimal context — input/output is self-explanatory
- Interactive/complex workflows need domain understanding, user perspective, and rationale for non-obvious choices
- When in doubt, explain *why* — an agent that understands the mission improvises better than one following blind steps
## 3. Intelligence Placement
Scripts handle plumbing (fetch, transform, validate). Prompts handle judgment (interpret, classify, decide).
**Test:** If a script contains an `if` that decides what content *means*, intelligence has leaked.
**Reverse test:** If a prompt validates structure, counts items, parses known formats, compares against schemas, or checks file existence — determinism has leaked into the LLM. That work belongs in a script.
## 4. Progressive Disclosure
SKILL.md stays focused. Detail goes where it belongs.
- Stage instructions → `./references/`
- Reference data, schemas, large tables → `./references/`
- Templates, config files → `./assets/`
- Multi-branch SKILL.md under ~250 lines: fine as-is
- Single-purpose up to ~500 lines (~5000 tokens): acceptable if focused
## 5. Description Format
Two parts: `[5-8 word summary]. [Use when user says 'X' or 'Y'.]`
Default to conservative triggering. See `./references/standard-fields.md` for full format.
## 6. Path Construction
Only use `{project-root}` for `_bmad` paths. Config variables used directly — they already contain `{project-root}`.
See `./references/standard-fields.md` for correct/incorrect patterns.
## 7. Token Efficiency
Remove genuine waste (repetition, defensive padding, meta-explanation). Preserve context that enables judgment (domain framing, theory of mind, design rationale). These are different things — never trade effectiveness for efficiency. A skill that works correctly but uses extra tokens is always better than one that's lean but fails edge cases.

97
_bmad/bmb/bmad-workflow-builder/references/script-opportunities-reference.md Normal file
View File

@@ -0,0 +1,97 @@
# Script Opportunities Reference — Workflow Builder
## Core Principle
Scripts handle deterministic operations (validate, transform, count). Prompts handle judgment (interpret, classify, decide). If a check has clear pass/fail criteria, it belongs in a script.
---
## How to Spot Script Opportunities
### The Determinism Test
1. **Given identical input, will it always produce identical output?** → Script candidate.
2. **Could you write a unit test with expected output?** → Definitely a script.
3. **Requires interpreting meaning, tone, or context?** → Keep as prompt.
### The Judgment Boundary
| Scripts Handle | Prompts Handle |
|----------------|----------------|
| Fetch, Transform, Validate | Interpret, Classify (ambiguous) |
| Count, Parse, Compare | Create, Decide (incomplete info) |
| Extract, Format, Check structure | Evaluate quality, Synthesize meaning |
### Signal Verbs in Prompts
When you see these in a workflow's requirements, think scripts first: "validate", "count", "extract", "convert/transform", "compare", "scan for", "check structure", "against schema", "graph/map dependencies", "list all", "detect pattern", "diff/changes between"
### Script Opportunity Categories
| Category | What It Does | Example |
|----------|-------------|---------|
| Validation | Check structure, format, schema, naming | Validate frontmatter fields exist |
| Data Extraction | Pull structured data without interpreting meaning | Extract all `{variable}` references from markdown |
| Transformation | Convert between known formats | Markdown table to JSON |
| Metrics | Count, tally, aggregate statistics | Token count per file |
| Comparison | Diff, cross-reference, verify consistency | Cross-ref prompt names against SKILL.md references |
| Structure Checks | Verify directory layout, file existence | Skill folder has required files |
| Dependency Analysis | Trace references, imports, relationships | Build skill dependency graph |
| Pre-Processing | Extract compact data from large files BEFORE LLM reads them | Pre-extract file metrics into JSON for LLM scanner |
| Post-Processing | Verify LLM output meets structural requirements | Validate generated YAML parses correctly |
### Your Toolbox
Scripts have access to the full execution environment:
- **Bash:** `jq`, `grep`, `awk`, `sed`, `find`, `diff`, `wc`, piping and composition
- **Python:** Full standard library plus PEP 723 inline-declared dependencies (`tiktoken`, `jsonschema`, `pyyaml`, etc.)
- **System tools:** `git` for history/diff/blame, filesystem operations
### The --help Pattern
All scripts use PEP 723 metadata and implement `--help`. Prompts can reference `scripts/foo.py --help` instead of inlining interface details — single source of truth, saves prompt tokens.
---
## Script Output Standard
All scripts MUST output structured JSON:
```json
{
"script": "script-name",
"version": "1.0.0",
"skill_path": "/path/to/skill",
"timestamp": "2025-03-08T10:30:00Z",
"status": "pass|fail|warning",
"findings": [
{
"severity": "critical|high|medium|low|info",
"category": "structure|security|performance|consistency",
"location": {"file": "SKILL.md", "line": 42},
"issue": "Clear description",
"fix": "Specific action to resolve"
}
],
"summary": {
"total": 0,
"critical": 0,
"high": 0,
"medium": 0,
"low": 0
}
}
```
### Implementation Checklist
- [ ] `--help` with PEP 723 metadata
- [ ] Accepts skill path as argument
- [ ] `-o` flag for output file (defaults to stdout)
- [ ] Diagnostics to stderr
- [ ] Exit codes: 0=pass, 1=fail, 2=error
- [ ] `--verbose` flag for debugging
- [ ] Self-contained (PEP 723 for dependencies)
- [ ] No interactive prompts, no network dependencies
- [ ] Valid JSON to stdout
- [ ] Tests in `scripts/tests/`

109
_bmad/bmb/bmad-workflow-builder/references/skill-best-practices.md Normal file
View File

@@ -0,0 +1,109 @@
# Skill Authoring Best Practices
For field definitions and description format, see `./references/standard-fields.md`. For quality dimensions, see `./references/quality-dimensions.md`.
## Core Philosophy: Outcome-Based Authoring
Skills should describe **what to achieve**, not **how to achieve it**. The LLM is capable of figuring out the approach — it needs to know the goal, the constraints, and the why.
**The test for every instruction:** Would removing this cause the LLM to produce a worse outcome? If the LLM would do it anyway — or if it's just spelling out mechanical steps — cut it.
### Outcome vs Prescriptive
| Prescriptive (avoid) | Outcome-based (prefer) |
|---|---|
| "Step 1: Ask about goals. Step 2: Ask about constraints. Step 3: Summarize and confirm." | "Ensure the user's vision is fully captured — goals, constraints, and edge cases — before proceeding." |
| "Load config. Read user_name. Read communication_language. Greet the user by name in their language." | "Load available config and greet the user appropriately." |
| "Create a file. Write the header. Write section 1. Write section 2. Save." | "Produce a report covering X, Y, and Z." |
The prescriptive versions miss requirements the author didn't think of. The outcome-based versions let the LLM adapt to the actual situation.
### Why This Works
- **Why over what** — When you explain why something matters, the LLM adapts to novel situations. When you just say what to do, it follows blindly even when it shouldn't.
- **Context enables judgment** — Give domain knowledge, constraints, and goals. The LLM figures out the approach. It's better at adapting to messy reality than any script you could write.
- **Prescriptive steps create brittleness** — When reality doesn't match the script, the LLM either follows the wrong script or gets confused. Outcomes let it adapt.
- **Every instruction should carry its weight** — If the LLM would do it anyway, the instruction is noise. If the LLM wouldn't know to do it without being told, that's signal.
### When Prescriptive Is Right
Reserve exact steps for **fragile operations** where getting it wrong has consequences — script invocations, exact file paths, specific CLI commands, API calls with precise parameters. These need low freedom because there's one right way to do them.
| Freedom | When | Example |
|---------|------|---------|
| **High** (outcomes) | Multiple valid approaches, LLM judgment adds value | "Ensure the user's requirements are complete" |
| **Medium** (guided) | Preferred approach exists, some variation OK | "Present findings in a structured report with an executive summary" |
| **Low** (exact) | Fragile, one right way, consequences for deviation | `python3 scripts/scan-path-standards.py {skill-path}` |
## Patterns
These are patterns that naturally emerge from outcome-based thinking. Apply them when they fit — they're not a checklist.
### Soft Gate Elicitation
At natural transitions, invite contribution without demanding it: "Anything else, or shall we move on?" Users almost always remember one more thing when given a graceful exit ramp. This produces richer artifacts than rigid section-by-section questioning.
### Intent-Before-Ingestion
Understand why the user is here before scanning documents or project context. Intent gives you the relevance filter — without it, scanning is noise.
### Capture-Don't-Interrupt
When users provide information beyond the current scope, capture it for later rather than redirecting. Users in creative flow share their best insights unprompted — interrupting loses them.
### Dual-Output: Human Artifact + LLM Distillate
Artifact-producing skills can output both a polished human-facing document and a token-efficient distillate for downstream LLM consumption. The distillate captures overflow, rejected ideas, and detail that doesn't belong in the human doc but has value for the next workflow. Always optional.
### Parallel Review Lenses
Before finalizing significant artifacts, fan out reviewers with different perspectives — skeptic, opportunity spotter, domain-specific lens. If subagents aren't available, do a single critical self-review pass. Multiple perspectives catch blind spots no single reviewer would.
### Three-Mode Architecture (Guided / Yolo / Headless)
Consider whether the skill benefits from multiple execution modes:
| Mode | When | Behavior |
|------|------|----------|
| **Guided** | Default | Conversational discovery with soft gates |
| **Yolo** | "just draft it" | Ingest everything, draft complete artifact, then refine |
| **Headless** | `--headless` / `-H` | Complete the task without user input, using sensible defaults |
Not all skills need all three. But considering them during design prevents locking into a single interaction model.
### Graceful Degradation
Every subagent-dependent feature should have a fallback path. A skill that hard-fails without subagents is fragile — one that falls back to sequential processing works everywhere.
### Verifiable Intermediate Outputs
For complex tasks with consequences: plan → validate → execute → verify. Create a verifiable plan before executing, validate with scripts where possible. Catches errors early and makes the work reversible.
## Writing Guidelines
- **Consistent terminology** — one term per concept, stick to it
- **Third person** in descriptions — "Processes files" not "I help process files"
- **Descriptive file names** — `form_validation_rules.md` not `doc2.md`
- **Forward slashes** in all paths — cross-platform
- **One level deep** for reference files — SKILL.md → reference.md, never chains
- **TOC for long files** — >100 lines
## Anti-Patterns
| Anti-Pattern | Fix |
|---|---|
| Numbered steps for things the LLM would figure out | Describe the outcome and why it matters |
| Explaining how to load config (the mechanic) | List the config keys and their defaults (the outcome) |
| Prescribing exact greeting/menu format | "Greet the user and present capabilities" |
| Spelling out headless mode in detail | "If headless, complete without user input" |
| Too many options upfront | One default with escape hatch |
| Deep reference nesting (A→B→C) | Keep references 1 level from SKILL.md |
| Inconsistent terminology | Choose one term per concept |
| Scripts that classify meaning via regex | Intelligence belongs in prompts, not scripts |
## Scripts in Skills
- **Execute vs reference** — "Run `analyze.py`" (execute) vs "See `analyze.py` for the algorithm" (read)
- **Document constants** — explain why `TIMEOUT = 30`, not just what
- **PEP 723 for Python** — self-contained with inline dependency declarations
- **MCP tools** — use fully qualified names: `ServerName:tool_name`

129
_bmad/bmb/bmad-workflow-builder/references/standard-fields.md Normal file
View File

@@ -0,0 +1,129 @@
# Standard Workflow/Skill Fields
## Frontmatter Fields
Only these fields go in the YAML frontmatter block:
| Field | Description | Example |
|-------|-------------|---------|
| `name` | Full skill name (kebab-case, same as folder name) | `bmad-workflow-builder`, `bmad-validate-json` |
| `description` | [5-8 word summary]. [Use when user says 'X' or 'Y'.] | See Description Format below |
## Content Fields (All Types)
These are used within the SKILL.md body — never in frontmatter:
| Field | Description | Example |
|-------|-------------|---------|
| `role-guidance` | Brief expertise primer | "Act as a senior DevOps engineer" |
| `module-code` | Module code (if module-based) | `bmb`, `cis` |
## Simple Utility Fields
| Field | Description | Example |
|-------|-------------|---------|
| `input-format` | What it accepts | JSON file path, stdin text |
| `output-format` | What it returns | Validated JSON, error report |
| `standalone` | Fully standalone, no config needed? | true/false |
| `composability` | How other skills use it | "Called by quality scanners for validation" |
## Simple Workflow Fields
| Field | Description | Example |
|-------|-------------|---------|
| `steps` | Numbered inline steps | "1. Load config 2. Read input 3. Process" |
| `tools-used` | CLIs/tools/scripts | gh, jq, python scripts |
| `output` | What it produces | PR, report, file |
## Complex Workflow Fields
| Field | Description | Example |
|-------|-------------|---------|
| `stages` | Named numbered stages | "01-discover, 02-plan, 03-build" |
| `progression-conditions` | When stages complete | "User approves outline" |
| `headless-mode` | Supports autonomous? | true/false |
| `config-variables` | Beyond core vars | `planning_artifacts`, `output_folder` |
| `output-artifacts` | What it creates (output-location) | "PRD document", "agent skill" |
## Overview Section Format
The Overview is the first section after the title — it primes the AI for everything that follows.
**3-part formula:**
1. **What** — What this workflow/skill does
2. **How** — How it works (approach, key stages)
3. **Why/Outcome** — Value delivered, quality standard
**Templates by skill type:**
**Complex Workflow:**
```markdown
This skill helps you {outcome} through {approach}. Act as {role-guidance}, guiding users through {key stages}. Your output is {deliverable}.
```
**Simple Workflow:**
```markdown
This skill {what it does} by {approach}. Act as {role-guidance}. Use when {trigger conditions}. Produces {output}.
```
**Simple Utility:**
```markdown
This skill {what it does}. Use when {when to use}. Returns {output format} with {key feature}.
```
## SKILL.md Description Format
The frontmatter `description` is the PRIMARY trigger mechanism — it determines when the AI invokes this skill. Most BMad skills are **explicitly invoked** by name (`/skill-name` or direct request), so descriptions should be conservative to prevent accidental triggering.
**Format:** Two parts, one sentence each:
```
[What it does in 5-8 words]. [Use when user says 'specific phrase' or 'specific phrase'.]
```
**The trigger clause** uses one of these patterns depending on the skill's activation style:
- **Explicit invocation (default):** `Use when the user requests to 'create a PRD' or 'edit an existing PRD'.` — Quotes around specific phrases the user would actually say. Conservative — won't fire on casual mentions.
- **Organic/reactive:** `Trigger when code imports anthropic SDK, or user asks to use Claude API.` — For lightweight skills that should activate on contextual signals, not explicit requests.
**Examples:**
Good (explicit): `Builds workflows and skills through conversational discovery. Use when the user requests to 'build a workflow', 'modify a workflow', or 'quality check workflow'.`
Good (organic): `Initializes BMad project configuration. Trigger when any skill needs module-specific configuration values, or when setting up a new BMad project.`
Bad: `Helps with PRDs and product requirements.` — Too vague, would trigger on any mention of PRD even in passing conversation.
Bad: `Use on any mention of workflows, building, or creating things.` — Over-broad, would hijack unrelated conversations.
**Default to explicit invocation** unless the user specifically describes organic/reactive activation during discovery.
## Role Guidance Format
Every generated workflow SKILL.md includes a brief role statement in the Overview or as a standalone line:
```markdown
Act as {role-guidance}. {brief expertise/approach description}.
```
This provides quick prompt priming for expertise and tone. Workflows may also use full Identity/Communication Style/Principles sections when personality serves the workflow's purpose.
## Path Rules
### Skill-Internal Files
All references to files within the skill use `./` prefix:
- `./references/reference.md`
- `./references/discover.md`
- `./scripts/validate.py`
This distinguishes skill-internal files from `{project-root}` paths — without the `./` prefix the LLM may confuse them.
### Project `_bmad` Paths
Use `{project-root}/_bmad/...`:
- `{project-root}/_bmad/planning/prd.md`
### Config Variables
Use directly — they already contain `{project-root}` in their resolved values:
- `{output_folder}/file.md`
- `{planning_artifacts}/prd.md`
**Never:**
- `{project-root}/{output_folder}/file.md` (WRONG — double-prefix, config var already has path)
- `_bmad/planning/prd.md` (WRONG — bare `_bmad` must have `{project-root}` prefix)

32
_bmad/bmb/bmad-workflow-builder/references/template-substitution-rules.md Normal file
View File

@@ -0,0 +1,32 @@
# Template Substitution Rules
The SKILL-template provides a minimal skeleton: frontmatter, overview, and activation with config loading. Everything beyond that is crafted by the builder based on what was learned during discovery and requirements phases.
## Frontmatter
- `{module-code-or-empty}` → Module code prefix with hyphen (e.g., `bmb-`) or empty for standalone
- `{skill-name}` → Skill functional name (kebab-case)
- `{skill-description}` → Two parts: [5-8 word summary]. [trigger phrases]
## Module Conditionals
### For Module-Based Skills
- `{if-module}` ... `{/if-module}` → Keep the content inside
- `{if-standalone}` ... `{/if-standalone}` → Remove the entire block including markers
- `{module-code}` → Module code without trailing hyphen (e.g., `bmb`)
- `{module-setup-skill}` → Name of the module's setup skill (e.g., `bmad-builder-setup`)
### For Standalone Skills
- `{if-module}` ... `{/if-module}` → Remove the entire block including markers
- `{if-standalone}` ... `{/if-standalone}` → Keep the content inside
## Beyond the Template
The builder determines the rest of the skill structure — body sections, phases, stages, scripts, external skills, headless mode, role guidance — based on the skill type classification and requirements gathered during the build process. The template intentionally does not prescribe these; the builder has the context to craft them.
## Path References
All generated skills use `./` prefix for skill-internal paths:
- `./references/{reference}.md` — Reference documents loaded on demand
- `./references/{stage}.md` — Stage prompts (complex workflows)
- `./scripts/` — Python/shell scripts for deterministic operations

247
_bmad/bmb/bmad-workflow-builder/report-quality-scan-creator.md Normal file
View File

@@ -0,0 +1,247 @@
# BMad Method · Quality Analysis Report Creator
You synthesize scanner analyses into an actionable quality report. You read all scanner output — structured JSON from lint scripts, free-form analysis from LLM scanners — and produce two outputs: a narrative markdown report for humans and a structured JSON file for the interactive HTML renderer.
Your job is **synthesis, not transcription.** Don't list findings by scanner. Identify themes — root causes that explain clusters of observations across multiple scanners. Lead with what matters most.
## Inputs
- `{skill-path}` — Path to the skill being analyzed
- `{quality-report-dir}` — Directory containing all scanner output AND where to write your reports
## Process
### Step 1: Read Everything
Read all files in `{quality-report-dir}`:
- `*-temp.json` — Lint script output (structured JSON with findings arrays)
- `*-prepass.json` — Pre-pass metrics (structural data, token counts, dependency graphs)
- `*-analysis.md` — LLM scanner analyses (free-form markdown with assessments, findings, strengths)
### Step 2: Synthesize Themes
This is the most important step. Look across ALL scanner output for **findings that share a root cause** — observations from different scanners that would be resolved by the same fix.
Ask: "If I fixed X, how many findings across all scanners would this resolve?"
Group related findings into 3-5 themes. A theme has:
- **Name** — clear description of the root cause (e.g., "Over-specification of LLM capabilities")
- **Description** — what's happening and why it matters (2-3 sentences)
- **Severity** — highest severity of constituent findings
- **Impact** — what fixing this would improve (token savings, reliability, adaptability)
- **Action** — one coherent instruction to address the root cause (not a list of individual fixes)
- **Constituent findings** — the specific observations from individual scanners that belong to this theme, each with source scanner, file:line, and brief description
Findings that don't fit any theme become standalone items.
### Step 3: Assess Overall Quality
Synthesize a grade and narrative:
- **Grade:** Excellent (no high+ issues, few medium) / Good (some high or several medium) / Fair (multiple high) / Poor (critical issues)
- **Narrative:** 2-3 sentences capturing the skill's primary strength and primary opportunity. This is what the user reads first — make it count.
### Step 4: Collect Strengths
Gather strengths from all scanners. Group by theme if natural. These tell the user what NOT to break.
### Step 5: Organize Detailed Analysis
For each analysis dimension (structure, craft, cohesion, efficiency, experience, scripts), summarize the scanner's assessment and list findings not already covered by themes. This is the "deep dive" layer for users who want scanner-level detail.
### Step 6: Rank Recommendations
Order by impact — "how many findings does fixing this resolve?" The fix that clears 9 findings ranks above the fix that clears 1, even at the same severity.
## Write Two Files
### 1. quality-report.md
A narrative markdown report. Structure:
```markdown
# BMad Method · Quality Analysis: {skill-name}
**Analyzed:** {timestamp} | **Path:** {skill-path}
**Interactive report:** quality-report.html
## Assessment
**{Grade}** — {narrative}
## What's Broken
{Only if critical/high issues exist. Each with file:line, what's wrong, how to fix.}
## Opportunities
### 1. {Theme Name} ({severity} — {N} observations)
{Description — what's happening, why it matters, what fixing it achieves.}
**Fix:** {One coherent action to address the root cause.}
**Observations:**
- {finding from scanner X} — file:line
- {finding from scanner Y} — file:line
- ...
{Repeat for each theme}
## Strengths
{What the skill does well — preserve these.}
## Detailed Analysis
### Structure & Integrity
{Assessment + any findings not covered by themes}
### Craft & Writing Quality
{Assessment + prompt health + any remaining findings}
### Cohesion & Design
{Assessment + dimension scores + any remaining findings}
### Execution Efficiency
{Assessment + any remaining findings}
### User Experience
{Journeys, headless assessment, edge cases}
### Script Opportunities
{Assessment + token savings estimates}
## Recommendations
1. {Highest impact — resolves N observations}
2. ...
3. ...
```
### 2. report-data.json
**CRITICAL: This file is consumed by a deterministic Python script. Use EXACTLY the field names shown below. Do not rename, restructure, or omit any required fields. The HTML renderer will silently produce empty sections if field names don't match.**
Every `"..."` below is a placeholder for your content. Replace with actual values. Arrays may be empty `[]` but must exist.
```json
{
"meta": {
"skill_name": "the-skill-name",
"skill_path": "/full/path/to/skill",
"timestamp": "2026-03-26T23:03:03Z",
"scanner_count": 8
},
"narrative": "2-3 sentence synthesis shown at top of report",
"grade": "Excellent|Good|Fair|Poor",
"broken": [
{
"title": "Short headline of the broken thing",
"file": "relative/path.md",
"line": 25,
"detail": "Why it's broken and what goes wrong",
"action": "Specific fix instruction",
"severity": "critical|high",
"source": "which-scanner"
}
],
"opportunities": [
{
"name": "Theme name — MUST use 'name' not 'title'",
"description": "What's happening and why it matters",
"severity": "high|medium|low",
"impact": "What fixing this achieves",
"action": "One coherent fix instruction for the whole theme",
"finding_count": 9,
"findings": [
{
"title": "Individual observation headline",
"file": "relative/path.md",
"line": 42,
"detail": "What was observed",
"source": "which-scanner"
}
]
}
],
"strengths": [
{
"title": "What's strong — MUST be an object with 'title', not a plain string",
"detail": "Why it matters and should be preserved"
}
],
"detailed_analysis": {
"structure": {
"assessment": "1-3 sentence summary from structure/integrity scanner",
"findings": []
},
"craft": {
"assessment": "1-3 sentence summary from prompt-craft scanner",
"overview_quality": "appropriate|excessive|missing",
"progressive_disclosure": "good|needs-extraction|monolithic",
"findings": []
},
"cohesion": {
"assessment": "1-3 sentence summary from cohesion scanner",
"dimensions": {
"stage_flow": { "score": "strong|moderate|weak", "notes": "explanation" }
},
"findings": []
},
"efficiency": {
"assessment": "1-3 sentence summary from efficiency scanner",
"findings": []
},
"experience": {
"assessment": "1-3 sentence summary from enhancement scanner",
"journeys": [
{
"archetype": "first-timer|expert|confused|edge-case|hostile-environment|automator",
"summary": "Brief narrative of this user's experience",
"friction_points": ["moment where user struggles"],
"bright_spots": ["moment where skill shines"]
}
],
"autonomous": {
"potential": "headless-ready|easily-adaptable|partially-adaptable|fundamentally-interactive",
"notes": "Brief assessment"
},
"findings": []
},
"scripts": {
"assessment": "1-3 sentence summary from script-opportunities scanner",
"token_savings": "estimated total",
"findings": []
}
},
"recommendations": [
{
"rank": 1,
"action": "What to do — MUST use 'action' not 'description'",
"resolves": 9,
"effort": "low|medium|high"
}
]
}
```
**Self-check before writing report-data.json:**
1. Is `meta.skill_name` present (not `meta.skill` or `meta.name`)?
2. Is `meta.scanner_count` a number (not an array of scanner names)?
3. Is every strength an object `{"title": "...", "detail": "..."}` (not a plain string)?
4. Does every opportunity use `name` (not `title`) and include `finding_count` and `findings` array?
5. Does every recommendation use `action` (not `description`) and include `rank` number?
6. Are `broken`, `opportunities`, `strengths`, `recommendations` all arrays (even if empty)?
7. Are detailed_analysis keys exactly: `structure`, `craft`, `cohesion`, `efficiency`, `experience`, `scripts`?
8. Does every journey use `archetype` (not `persona`), `summary` (not `friction`), `friction_points` array, `bright_spots` array?
9. Does `autonomous` use `potential` and `notes`?
Write both files to `{quality-report-dir}/`.
## Return
Return only the path to `report-data.json` when complete.
## Key Principle
You are the synthesis layer. Scanners analyze through individual lenses. You connect the dots. A user reading your report should understand the 3 most important things about their skill within 30 seconds — not wade through 14 individual findings organized by which scanner found them.

539
_bmad/bmb/bmad-workflow-builder/scripts/generate-html-report.py Normal file
View File

@@ -0,0 +1,539 @@
# /// script
# requires-python = ">=3.9"
# ///
#!/usr/bin/env python3
"""
Generate an interactive HTML quality analysis report from report-data.json.
Reads the structured report data produced by the report creator and renders
a self-contained HTML report with:
- Grade + narrative at top
- Broken items with fix prompts
- Opportunity themes with "Fix This Theme" prompt generation
- Expandable strengths
- Expandable detailed analysis per dimension
- Link to full markdown report
Usage:
python3 generate-html-report.py {quality-report-dir} [--open]
"""
from __future__ import annotations
import argparse
import json
import platform
import subprocess
import sys
from pathlib import Path
def load_report_data(report_dir: Path) -> dict:
"""Load report-data.json from the report directory."""
data_file = report_dir / 'report-data.json'
if not data_file.exists():
print(f'Error: {data_file} not found', file=sys.stderr)
sys.exit(2)
return json.loads(data_file.read_text(encoding='utf-8'))
def build_fix_prompt(skill_path: str, theme: dict) -> str:
"""Build a coherent fix prompt for an entire opportunity theme."""
prompt = f"## Task: {theme['name']}\n"
prompt += f"Skill path: {skill_path}\n\n"
prompt += f"### Problem\n{theme['description']}\n\n"
prompt += f"### Fix\n{theme['action']}\n\n"
if theme.get('findings'):
prompt += "### Specific observations to address:\n\n"
for i, f in enumerate(theme['findings'], 1):
loc = f"{f['file']}:{f['line']}" if f.get('file') and f.get('line') else f.get('file', '')
prompt += f"{i}. **{f['title']}**"
if loc:
prompt += f" ({loc})"
if f.get('detail'):
prompt += f"\n {f['detail']}"
prompt += "\n"
return prompt.strip()
def build_broken_prompt(skill_path: str, items: list) -> str:
"""Build a fix prompt for all broken items."""
prompt = f"## Task: Fix Critical Issues\nSkill path: {skill_path}\n\n"
for i, item in enumerate(items, 1):
loc = f"{item['file']}:{item['line']}" if item.get('file') and item.get('line') else item.get('file', '')
prompt += f"{i}. **[{item.get('severity','high').upper()}] {item['title']}**\n"
if loc:
prompt += f" File: {loc}\n"
if item.get('detail'):
prompt += f" Context: {item['detail']}\n"
if item.get('action'):
prompt += f" Fix: {item['action']}\n"
prompt += "\n"
return prompt.strip()
HTML_TEMPLATE = r"""<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>BMad Method · Quality Analysis: SKILL_NAME</title>
<style>
:root {
--bg: #0d1117; --surface: #161b22; --surface2: #21262d; --border: #30363d;
--text: #e6edf3; --text-muted: #8b949e; --text-dim: #6e7681;
--critical: #f85149; --high: #f0883e; --medium: #d29922; --low: #58a6ff;
--strength: #3fb950; --suggestion: #a371f7;
--accent: #58a6ff; --accent-hover: #79c0ff;
--font: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif;
--mono: ui-monospace, SFMono-Regular, "SF Mono", Menlo, Consolas, monospace;
}
@media (prefers-color-scheme: light) {
:root {
--bg: #ffffff; --surface: #f6f8fa; --surface2: #eaeef2; --border: #d0d7de;
--text: #1f2328; --text-muted: #656d76; --text-dim: #8c959f;
--critical: #cf222e; --high: #bc4c00; --medium: #9a6700; --low: #0969da;
--strength: #1a7f37; --suggestion: #8250df;
--accent: #0969da; --accent-hover: #0550ae;
}
}
* { margin: 0; padding: 0; box-sizing: border-box; }
body { font-family: var(--font); background: var(--bg); color: var(--text); line-height: 1.5; padding: 2rem; max-width: 900px; margin: 0 auto; }
h1 { font-size: 1.5rem; margin-bottom: 0.25rem; }
.subtitle { color: var(--text-muted); font-size: 0.85rem; margin-bottom: 1.5rem; }
.subtitle a { color: var(--accent); text-decoration: none; }
.subtitle a:hover { text-decoration: underline; }
.grade { font-size: 2.5rem; font-weight: 700; margin: 0.5rem 0; }
.grade-Excellent { color: var(--strength); }
.grade-Good { color: var(--low); }
.grade-Fair { color: var(--medium); }
.grade-Poor { color: var(--critical); }
.narrative { color: var(--text-muted); font-size: 0.95rem; margin-bottom: 1.5rem; line-height: 1.6; }
.badge { display: inline-flex; align-items: center; padding: 0.15rem 0.5rem; border-radius: 2rem; font-size: 0.75rem; font-weight: 600; }
.badge-critical { background: color-mix(in srgb, var(--critical) 20%, transparent); color: var(--critical); }
.badge-high { background: color-mix(in srgb, var(--high) 20%, transparent); color: var(--high); }
.badge-medium { background: color-mix(in srgb, var(--medium) 20%, transparent); color: var(--medium); }
.badge-low { background: color-mix(in srgb, var(--low) 20%, transparent); color: var(--low); }
.badge-strength { background: color-mix(in srgb, var(--strength) 20%, transparent); color: var(--strength); }
.section { border: 1px solid var(--border); border-radius: 0.5rem; margin: 0.75rem 0; overflow: hidden; }
.section-header { display: flex; align-items: center; gap: 0.75rem; padding: 0.75rem 1rem; background: var(--surface); cursor: pointer; user-select: none; }
.section-header:hover { background: var(--surface2); }
.section-header .arrow { font-size: 0.7rem; transition: transform 0.15s; color: var(--text-muted); width: 1rem; }
.section-header.open .arrow { transform: rotate(90deg); }
.section-header .label { font-weight: 600; flex: 1; }
.section-header .count { font-size: 0.8rem; color: var(--text-muted); }
.section-header .actions { display: flex; gap: 0.5rem; }
.section-body { display: none; }
.section-body.open { display: block; }
.item { padding: 0.75rem 1rem; border-top: 1px solid var(--border); }
.item:hover { background: var(--surface); }
.item-title { font-weight: 600; font-size: 0.9rem; }
.item-file { font-family: var(--mono); font-size: 0.75rem; color: var(--text-muted); }
.item-desc { font-size: 0.85rem; color: var(--text-muted); margin-top: 0.25rem; }
.item-action { font-size: 0.85rem; margin-top: 0.25rem; }
.item-action strong { color: var(--strength); }
.opp { padding: 1rem; border-top: 1px solid var(--border); }
.opp-header { display: flex; align-items: center; gap: 0.75rem; }
.opp-name { font-weight: 600; font-size: 1rem; flex: 1; }
.opp-count { font-size: 0.8rem; color: var(--text-muted); }
.opp-desc { font-size: 0.9rem; color: var(--text-muted); margin: 0.5rem 0; }
.opp-impact { font-size: 0.85rem; color: var(--text-dim); font-style: italic; }
.opp-findings { margin-top: 0.75rem; padding-left: 1rem; border-left: 2px solid var(--border); display: none; }
.opp-findings.open { display: block; }
.opp-finding { font-size: 0.85rem; padding: 0.25rem 0; color: var(--text-muted); }
.opp-finding .source { font-size: 0.75rem; color: var(--text-dim); }
.btn { background: none; border: 1px solid var(--border); border-radius: 0.25rem; padding: 0.3rem 0.7rem; cursor: pointer; color: var(--text-muted); font-size: 0.8rem; transition: all 0.15s; }
.btn:hover { border-color: var(--accent); color: var(--accent); }
.btn-primary { background: var(--accent); color: #fff; border-color: var(--accent); font-weight: 600; }
.btn-primary:hover { background: var(--accent-hover); }
.btn.copied { border-color: var(--strength); color: var(--strength); }
.strength-item { padding: 0.5rem 1rem; border-top: 1px solid var(--border); }
.strength-item .title { font-weight: 600; font-size: 0.9rem; color: var(--strength); }
.strength-item .detail { font-size: 0.85rem; color: var(--text-muted); }
.analysis-section { padding: 0.75rem 1rem; border-top: 1px solid var(--border); }
.analysis-section h4 { font-size: 0.9rem; margin-bottom: 0.25rem; }
.analysis-section p { font-size: 0.85rem; color: var(--text-muted); }
.analysis-finding { font-size: 0.85rem; padding: 0.25rem 0 0.25rem 1rem; border-left: 2px solid var(--border); margin: 0.25rem 0; color: var(--text-muted); }
.modal-overlay { display: none; position: fixed; inset: 0; background: rgba(0,0,0,0.6); z-index: 200; align-items: center; justify-content: center; }
.modal-overlay.visible { display: flex; }
.modal { background: var(--surface); border: 1px solid var(--border); border-radius: 0.5rem; padding: 1.5rem; width: 90%; max-width: 700px; max-height: 80vh; overflow-y: auto; }
.modal h3 { margin-bottom: 0.75rem; }
.modal pre { background: var(--bg); border: 1px solid var(--border); border-radius: 0.375rem; padding: 1rem; font-family: var(--mono); font-size: 0.8rem; white-space: pre-wrap; word-wrap: break-word; max-height: 50vh; overflow-y: auto; }
.modal-actions { display: flex; gap: 0.75rem; margin-top: 1rem; justify-content: flex-end; }
.recs { padding: 0.75rem 1rem; border-top: 1px solid var(--border); }
.rec { padding: 0.3rem 0; font-size: 0.9rem; }
.rec-rank { font-weight: 700; color: var(--accent); margin-right: 0.5rem; }
.rec-resolves { font-size: 0.8rem; color: var(--text-dim); }
</style>
</head>
<body>
<div style="color:#a371f7;font-size:0.8rem;font-weight:600;letter-spacing:0.05em;text-transform:uppercase;margin-bottom:0.25rem">BMad Method</div>
<h1>Quality Analysis: <span id="skill-name"></span></h1>
<div class="subtitle" id="subtitle"></div>
<div id="grade-area"></div>
<div class="narrative" id="narrative"></div>
<div id="broken-section"></div>
<div id="opportunities-section"></div>
<div id="strengths-section"></div>
<div id="recommendations-section"></div>
<div id="detailed-section"></div>
<div class="modal-overlay" id="modal" onclick="if(event.target===this)closeModal()">
<div class="modal">
<h3 id="modal-title">Generated Prompt</h3>
<pre id="modal-content"></pre>
<div class="modal-actions">
<button class="btn" onclick="closeModal()">Close</button>
<button class="btn btn-primary" onclick="copyModal()">Copy to Clipboard</button>
</div>
</div>
</div>
<script>
const RAW = JSON.parse(document.getElementById('report-data').textContent);
const DATA = normalize(RAW);
function normalize(d) {
// Fix meta field variants
if (d.meta) {
d.meta.skill_name = d.meta.skill_name || d.meta.skill || d.meta.name || 'Unknown';
d.meta.scanner_count = typeof d.meta.scanner_count === 'number' ? d.meta.scanner_count
: Array.isArray(d.meta.scanners_run) ? d.meta.scanners_run.length
: d.meta.scanner_count || 0;
}
// Fix strengths: plain strings → objects
d.strengths = (d.strengths || []).map(s =>
typeof s === 'string' ? { title: s, detail: '' } : { title: s.title || '', detail: s.detail || '' }
);
// Fix opportunities: title→name, findings_resolved→findings
(d.opportunities || []).forEach(o => {
o.name = o.name || o.title || '';
o.finding_count = o.finding_count || (o.findings || o.findings_resolved || []).length;
if (!o.findings && o.findings_resolved) o.findings = [];
o.action = o.action || o.fix || '';
});
// Fix broken: description→detail, fix→action
(d.broken || []).forEach(b => {
b.detail = b.detail || b.description || '';
b.action = b.action || b.fix || '';
});
// Fix recommendations: description→action
(d.recommendations || []).forEach((r, i) => {
r.action = r.action || r.description || '';
r.rank = r.rank || i + 1;
});
// Fix journeys: persona→archetype, friction→friction_points
if (d.detailed_analysis && d.detailed_analysis.experience) {
d.detailed_analysis.experience.journeys = (d.detailed_analysis.experience.journeys || []).map(j => ({
archetype: j.archetype || j.persona || j.name || 'Unknown',
summary: j.summary || j.journey_summary || j.description || j.friction || '',
friction_points: j.friction_points || (j.friction ? [j.friction] : []),
bright_spots: j.bright_spots || (j.bright ? [j.bright] : [])
}));
}
return d;
}
function esc(s) {
if (!s) return '';
const d = document.createElement('div');
d.textContent = String(s);
return d.innerHTML;
}
function init() {
const m = DATA.meta;
document.getElementById('skill-name').textContent = m.skill_name;
document.getElementById('subtitle').innerHTML =
`${esc(m.skill_path)} &bull; ${m.timestamp ? m.timestamp.split('T')[0] : ''} &bull; ${m.scanner_count || 0} scanners &bull; <a href="quality-report.md">Full Report &nearr;</a>`;
document.getElementById('grade-area').innerHTML =
`<div class="grade grade-${DATA.grade}">${esc(DATA.grade)}</div>`;
document.getElementById('narrative').textContent = DATA.narrative || '';
renderBroken();
renderOpportunities();
renderStrengths();
renderRecommendations();
renderDetailed();
}
function renderBroken() {
const items = DATA.broken || [];
if (!items.length) return;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Broken / Critical (${items.length})</span>`;
html += `<div class="actions"><button class="btn btn-primary" onclick="event.stopPropagation();showBrokenPrompt()">Fix These</button></div>`;
html += `</div><div class="section-body open">`;
items.forEach(item => {
const loc = item.file ? `${item.file}${item.line ? ':'+item.line : ''}` : '';
html += `<div class="item">`;
html += `<span class="badge badge-${item.severity || 'high'}">${esc(item.severity || 'high')}</span> `;
if (loc) html += `<span class="item-file">${esc(loc)}</span>`;
html += `<div class="item-title">${esc(item.title)}</div>`;
if (item.detail) html += `<div class="item-desc">${esc(item.detail)}</div>`;
if (item.action) html += `<div class="item-action"><strong>Fix:</strong> ${esc(item.action)}</div>`;
html += `</div>`;
});
html += `</div></div>`;
document.getElementById('broken-section').innerHTML = html;
}
function renderOpportunities() {
const opps = DATA.opportunities || [];
if (!opps.length) return;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Opportunities (${opps.length})</span>`;
html += `</div><div class="section-body open">`;
opps.forEach((opp, idx) => {
html += `<div class="opp">`;
html += `<div class="opp-header">`;
html += `<span class="badge badge-${opp.severity || 'medium'}">${esc(opp.severity || 'medium')}</span>`;
html += `<span class="opp-name">${idx+1}. ${esc(opp.name)}</span>`;
html += `<span class="opp-count">${opp.finding_count || (opp.findings||[]).length} observations</span>`;
html += `<button class="btn" onclick="toggleFindings(${idx})">Details</button>`;
html += `<button class="btn btn-primary" onclick="showThemePrompt(${idx})">Fix This</button>`;
html += `</div>`;
html += `<div class="opp-desc">${esc(opp.description)}</div>`;
if (opp.impact) html += `<div class="opp-impact">Impact: ${esc(opp.impact)}</div>`;
html += `<div class="opp-findings" id="findings-${idx}">`;
(opp.findings || []).forEach(f => {
const loc = f.file ? `${f.file}${f.line ? ':'+f.line : ''}` : '';
html += `<div class="opp-finding">`;
html += `<strong>${esc(f.title)}</strong>`;
if (loc) html += ` <span class="item-file">${esc(loc)}</span>`;
if (f.source) html += ` <span class="source">[${esc(f.source)}]</span>`;
if (f.detail) html += `<br>${esc(f.detail)}`;
html += `</div>`;
});
html += `</div></div>`;
});
html += `</div></div>`;
document.getElementById('opportunities-section').innerHTML = html;
}
function renderStrengths() {
const items = DATA.strengths || [];
if (!items.length) return;
let html = `<div class="section"><div class="section-header" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Strengths (${items.length})</span>`;
html += `</div><div class="section-body">`;
items.forEach(s => {
html += `<div class="strength-item"><div class="title">${esc(s.title)}</div>`;
if (s.detail) html += `<div class="detail">${esc(s.detail)}</div>`;
html += `</div>`;
});
html += `</div></div>`;
document.getElementById('strengths-section').innerHTML = html;
}
function renderRecommendations() {
const recs = DATA.recommendations || [];
if (!recs.length) return;
let html = `<div class="section"><div class="section-header open" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Recommendations</span>`;
html += `</div><div class="section-body open"><div class="recs">`;
recs.forEach(r => {
html += `<div class="rec">`;
html += `<span class="rec-rank">#${r.rank}</span>`;
html += `${esc(r.action)}`;
if (r.resolves) html += ` <span class="rec-resolves">(resolves ${r.resolves} observations)</span>`;
html += `</div>`;
});
html += `</div></div></div>`;
document.getElementById('recommendations-section').innerHTML = html;
}
function renderDetailed() {
const da = DATA.detailed_analysis;
if (!da) return;
const dims = [
['structure', 'Structure & Integrity'],
['craft', 'Craft & Writing Quality'],
['cohesion', 'Cohesion & Design'],
['efficiency', 'Execution Efficiency'],
['experience', 'User Experience'],
['scripts', 'Script Opportunities']
];
let html = `<div class="section"><div class="section-header" onclick="toggleSection(this)">`;
html += `<span class="arrow">&#9654;</span><span class="label">Detailed Analysis</span>`;
html += `</div><div class="section-body">`;
dims.forEach(([key, label]) => {
const dim = da[key];
if (!dim) return;
html += `<div class="analysis-section"><h4>${label}</h4>`;
if (dim.assessment) html += `<p>${esc(dim.assessment)}</p>`;
if (dim.dimensions) {
html += `<table style="width:100%;font-size:0.85rem;margin:0.5rem 0;border-collapse:collapse;">`;
html += `<tr><th style="text-align:left;padding:0.3rem;border-bottom:1px solid var(--border)">Dimension</th><th style="text-align:left;padding:0.3rem;border-bottom:1px solid var(--border)">Score</th><th style="text-align:left;padding:0.3rem;border-bottom:1px solid var(--border)">Notes</th></tr>`;
Object.entries(dim.dimensions).forEach(([d, v]) => {
if (v && typeof v === 'object') {
html += `<tr><td style="padding:0.3rem;border-bottom:1px solid var(--border)">${esc(d.replace(/_/g,' '))}</td><td style="padding:0.3rem;border-bottom:1px solid var(--border)">${esc(v.score||'')}</td><td style="padding:0.3rem;border-bottom:1px solid var(--border)">${esc(v.notes||'')}</td></tr>`;
}
});
html += `</table>`;
}
if (dim.journeys && dim.journeys.length) {
dim.journeys.forEach(j => {
html += `<div style="margin:0.5rem 0"><strong>${esc(j.archetype)}</strong>: ${esc(j.summary || j.journey_summary || '')}`;
if (j.friction_points && j.friction_points.length) {
html += `<ul style="color:var(--high);font-size:0.85rem;padding-left:1.25rem">`;
j.friction_points.forEach(fp => { html += `<li>${esc(fp)}</li>`; });
html += `</ul>`;
}
html += `</div>`;
});
}
if (dim.autonomous) {
const a = dim.autonomous;
html += `<p><strong>Headless Potential:</strong> ${esc(a.potential||'')}`;
if (a.notes) html += ` — ${esc(a.notes)}`;
html += `</p>`;
}
(dim.findings || []).forEach(f => {
const loc = f.file ? `${f.file}${f.line ? ':'+f.line : ''}` : '';
html += `<div class="analysis-finding">`;
if (f.severity) html += `<span class="badge badge-${f.severity}">${esc(f.severity)}</span> `;
html += `${esc(f.title)}`;
if (loc) html += ` <span class="item-file">${esc(loc)}</span>`;
html += `</div>`;
});
html += `</div>`;
});
html += `</div></div>`;
document.getElementById('detailed-section').innerHTML = html;
}
// --- Interactions ---
function toggleSection(el) {
el.classList.toggle('open');
el.nextElementSibling.classList.toggle('open');
}
function toggleFindings(idx) {
document.getElementById('findings-'+idx).classList.toggle('open');
}
// --- Prompt Generation ---
function showThemePrompt(idx) {
const opp = DATA.opportunities[idx];
if (!opp) return;
let prompt = `## Task: ${opp.name}\nSkill path: ${DATA.meta.skill_path}\n\n`;
prompt += `### Problem\n${opp.description}\n\n`;
prompt += `### Fix\n${opp.action}\n\n`;
if (opp.findings && opp.findings.length) {
prompt += `### Specific observations to address:\n\n`;
opp.findings.forEach((f, i) => {
const loc = f.file ? (f.line ? `${f.file}:${f.line}` : f.file) : '';
prompt += `${i+1}. **${f.title}**`;
if (loc) prompt += ` (${loc})`;
if (f.detail) prompt += `\n ${f.detail}`;
prompt += `\n`;
});
}
document.getElementById('modal-title').textContent = `Fix: ${opp.name}`;
document.getElementById('modal-content').textContent = prompt.trim();
document.getElementById('modal').classList.add('visible');
}
function showBrokenPrompt() {
const items = DATA.broken || [];
let prompt = `## Task: Fix Critical Issues\nSkill path: ${DATA.meta.skill_path}\n\n`;
items.forEach((item, i) => {
const loc = item.file ? (item.line ? `${item.file}:${item.line}` : item.file) : '';
prompt += `${i+1}. **[${(item.severity||'high').toUpperCase()}] ${item.title}**\n`;
if (loc) prompt += ` File: ${loc}\n`;
if (item.detail) prompt += ` Context: ${item.detail}\n`;
if (item.action) prompt += ` Fix: ${item.action}\n`;
prompt += `\n`;
});
document.getElementById('modal-title').textContent = 'Fix Critical Issues';
document.getElementById('modal-content').textContent = prompt.trim();
document.getElementById('modal').classList.add('visible');
}
function closeModal() { document.getElementById('modal').classList.remove('visible'); }
function copyModal() {
const text = document.getElementById('modal-content').textContent;
navigator.clipboard.writeText(text).then(() => {
const btn = document.querySelector('.modal .btn-primary');
btn.textContent = 'Copied!';
setTimeout(() => { btn.textContent = 'Copy to Clipboard'; }, 1500);
});
}
init();
</script>
</body>
</html>"""
def generate_html(report_data: dict) -> str:
"""Inject report data into the HTML template."""
data_json = json.dumps(report_data, indent=None, ensure_ascii=False)
data_tag = f'<script id="report-data" type="application/json">{data_json}</script>'
html = HTML_TEMPLATE.replace('<script>\nconst RAW', f'{data_tag}\n<script>\nconst RAW')
html = html.replace('SKILL_NAME', report_data.get('meta', {}).get('skill_name', 'Unknown'))
return html
def main() -> int:
parser = argparse.ArgumentParser(
description='Generate interactive HTML quality analysis report',
)
parser.add_argument(
'report_dir',
type=Path,
help='Directory containing report-data.json',
)
parser.add_argument(
'--open',
action='store_true',
help='Open the HTML report in the default browser',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Output HTML file path (default: {report_dir}/quality-report.html)',
)
args = parser.parse_args()
if not args.report_dir.is_dir():
print(f'Error: {args.report_dir} is not a directory', file=sys.stderr)
return 2
report_data = load_report_data(args.report_dir)
html = generate_html(report_data)
output_path = args.output or (args.report_dir / 'quality-report.html')
output_path.write_text(html, encoding='utf-8')
# Output summary
opp_count = len(report_data.get('opportunities', []))
broken_count = len(report_data.get('broken', []))
print(json.dumps({
'html_report': str(output_path),
'grade': report_data.get('grade', 'Unknown'),
'opportunities': opp_count,
'broken': broken_count,
}))
if args.open:
system = platform.system()
if system == 'Darwin':
subprocess.run(['open', str(output_path)])
elif system == 'Linux':
subprocess.run(['xdg-open', str(output_path)])
elif system == 'Windows':
subprocess.run(['start', str(output_path)], shell=True)
return 0
if __name__ == '__main__':
sys.exit(main())

288
_bmad/bmb/bmad-workflow-builder/scripts/prepass-execution-deps.py Executable file
View File

@@ -0,0 +1,288 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for execution efficiency scanner.
Extracts dependency graph data and execution patterns from a BMad skill
so the LLM scanner can evaluate efficiency from compact structured data.
Covers:
- Dependency graph from skill structure
- Circular dependency detection
- Transitive dependency redundancy
- Parallelizable stage groups (independent nodes)
- Sequential pattern detection in prompts (numbered Read/Grep/Glob steps)
- Subagent-from-subagent detection
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
def detect_cycles(graph: dict[str, list[str]]) -> list[list[str]]:
"""Detect circular dependencies in a directed graph using DFS."""
cycles = []
visited = set()
path = []
path_set = set()
def dfs(node: str) -> None:
if node in path_set:
cycle_start = path.index(node)
cycles.append(path[cycle_start:] + [node])
return
if node in visited:
return
visited.add(node)
path.append(node)
path_set.add(node)
for neighbor in graph.get(node, []):
dfs(neighbor)
path.pop()
path_set.discard(node)
for node in graph:
dfs(node)
return cycles
def find_transitive_redundancy(graph: dict[str, list[str]]) -> list[dict]:
"""Find cases where A declares dependency on C, but A->B->C already exists."""
redundancies = []
def get_transitive(node: str, visited: set | None = None) -> set[str]:
if visited is None:
visited = set()
for dep in graph.get(node, []):
if dep not in visited:
visited.add(dep)
get_transitive(dep, visited)
return visited
for node, direct_deps in graph.items():
for dep in direct_deps:
# Check if dep is reachable through other direct deps
other_deps = [d for d in direct_deps if d != dep]
for other in other_deps:
transitive = get_transitive(other)
if dep in transitive:
redundancies.append({
'node': node,
'redundant_dep': dep,
'already_via': other,
'issue': f'"{node}" declares "{dep}" as dependency, but already reachable via "{other}"',
})
return redundancies
def find_parallel_groups(graph: dict[str, list[str]], all_nodes: set[str]) -> list[list[str]]:
"""Find groups of nodes that have no dependencies on each other (can run in parallel)."""
# Nodes with no incoming edges from other nodes in the set
independent_groups = []
# Simple approach: find all nodes at each "level" of the DAG
remaining = set(all_nodes)
while remaining:
# Nodes whose dependencies are all satisfied (not in remaining)
ready = set()
for node in remaining:
deps = set(graph.get(node, []))
if not deps & remaining:
ready.add(node)
if not ready:
break # Circular dependency, can't proceed
if len(ready) > 1:
independent_groups.append(sorted(ready))
remaining -= ready
return independent_groups
def scan_sequential_patterns(filepath: Path, rel_path: str) -> list[dict]:
"""Detect sequential operation patterns that could be parallel."""
content = filepath.read_text(encoding='utf-8')
patterns = []
# Sequential numbered steps with Read/Grep/Glob
tool_steps = re.findall(
r'^\s*\d+\.\s+.*?\b(Read|Grep|Glob|read|grep|glob)\b.*$',
content, re.MULTILINE
)
if len(tool_steps) >= 3:
patterns.append({
'file': rel_path,
'type': 'sequential-tool-calls',
'count': len(tool_steps),
'issue': f'{len(tool_steps)} sequential tool call steps found — check if independent calls can be parallel',
})
# "Read all files" / "for each" loop patterns
loop_patterns = [
(r'[Rr]ead all (?:files|documents|prompts)', 'read-all'),
(r'[Ff]or each (?:file|document|prompt|stage)', 'for-each-loop'),
(r'[Aa]nalyze each', 'analyze-each'),
(r'[Ss]can (?:through|all|each)', 'scan-all'),
(r'[Rr]eview (?:all|each)', 'review-all'),
]
for pattern, ptype in loop_patterns:
matches = re.findall(pattern, content)
if matches:
patterns.append({
'file': rel_path,
'type': ptype,
'count': len(matches),
'issue': f'"{matches[0]}" pattern found — consider parallel subagent delegation',
})
# Subagent spawning from subagent (impossible)
if re.search(r'(?i)spawn.*subagent|launch.*subagent|create.*subagent', content):
# Check if this file IS a subagent (non-SKILL.md, non-numbered prompt at root)
if rel_path != 'SKILL.md' and not re.match(r'^\d+-', rel_path):
patterns.append({
'file': rel_path,
'type': 'subagent-chain-violation',
'count': 1,
'issue': 'Subagent file references spawning other subagents — subagents cannot spawn subagents',
})
return patterns
def scan_execution_deps(skill_path: Path) -> dict:
"""Run all deterministic execution efficiency checks."""
# Build dependency graph from skill structure
dep_graph: dict[str, list[str]] = {}
prefer_after: dict[str, list[str]] = {}
all_stages: set[str] = set()
# Check for stage-level prompt files at skill root
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md':
all_stages.add(f.stem)
# Cycle detection
cycles = detect_cycles(dep_graph)
# Transitive redundancy
redundancies = find_transitive_redundancy(dep_graph)
# Parallel groups
parallel_groups = find_parallel_groups(dep_graph, all_stages)
# Sequential pattern detection across all prompt and agent files at root
sequential_patterns = []
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md':
patterns = scan_sequential_patterns(f, f.name)
sequential_patterns.extend(patterns)
# Also scan SKILL.md
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
sequential_patterns.extend(scan_sequential_patterns(skill_md, 'SKILL.md'))
# Build issues from deterministic findings
issues = []
for cycle in cycles:
issues.append({
'severity': 'critical',
'category': 'circular-dependency',
'issue': f'Circular dependency detected: {"".join(cycle)}',
})
for r in redundancies:
issues.append({
'severity': 'medium',
'category': 'dependency-bloat',
'issue': r['issue'],
})
for p in sequential_patterns:
severity = 'critical' if p['type'] == 'subagent-chain-violation' else 'medium'
issues.append({
'file': p['file'],
'severity': severity,
'category': p['type'],
'issue': p['issue'],
})
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
for issue in issues:
sev = issue['severity']
if sev in by_severity:
by_severity[sev] += 1
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['medium'] > 0:
status = 'warning'
return {
'scanner': 'execution-efficiency-prepass',
'script': 'prepass-execution-deps.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'dependency_graph': {
'stages': sorted(all_stages),
'hard_dependencies': dep_graph,
'soft_dependencies': prefer_after,
'cycles': cycles,
'transitive_redundancies': redundancies,
'parallel_groups': parallel_groups,
},
'sequential_patterns': sequential_patterns,
'issues': issues,
'summary': {
'total_issues': len(issues),
'by_severity': by_severity,
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Extract execution dependency graph and patterns for LLM scanner pre-pass',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_execution_deps(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0
if __name__ == '__main__':
sys.exit(main())

285
_bmad/bmb/bmad-workflow-builder/scripts/prepass-prompt-metrics.py Executable file
View File

@@ -0,0 +1,285 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for prompt craft scanner.
Extracts metrics and flagged patterns from SKILL.md and prompt files
so the LLM scanner can work from compact data instead of reading raw files.
Covers:
- SKILL.md line count and section inventory
- Overview section size
- Inline data detection (tables, fenced code blocks)
- Defensive padding pattern grep
- Meta-explanation pattern grep
- Back-reference detection ("as described above")
- Config header and progression condition presence per prompt
- File-level token estimates (chars / 4 rough approximation)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Defensive padding / filler patterns
WASTE_PATTERNS = [
(r'\b[Mm]ake sure (?:to|you)\b', 'defensive-padding', 'Defensive: "make sure to/you"'),
(r"\b[Dd]on'?t forget (?:to|that)\b", 'defensive-padding', "Defensive: \"don't forget\""),
(r'\b[Rr]emember (?:to|that)\b', 'defensive-padding', 'Defensive: "remember to/that"'),
(r'\b[Bb]e sure to\b', 'defensive-padding', 'Defensive: "be sure to"'),
(r'\b[Pp]lease ensure\b', 'defensive-padding', 'Defensive: "please ensure"'),
(r'\b[Ii]t is important (?:to|that)\b', 'defensive-padding', 'Defensive: "it is important"'),
(r'\b[Yy]ou are an AI\b', 'meta-explanation', 'Meta: "you are an AI"'),
(r'\b[Aa]s a language model\b', 'meta-explanation', 'Meta: "as a language model"'),
(r'\b[Aa]s an AI assistant\b', 'meta-explanation', 'Meta: "as an AI assistant"'),
(r'\b[Tt]his (?:workflow|skill|process) is designed to\b', 'meta-explanation', 'Meta: "this workflow is designed to"'),
(r'\b[Tt]he purpose of this (?:section|step) is\b', 'meta-explanation', 'Meta: "the purpose of this section is"'),
(r"\b[Ll]et'?s (?:think about|begin|start)\b", 'filler', "Filler: \"let's think/begin\""),
(r'\b[Nn]ow we(?:\'ll| will)\b', 'filler', "Filler: \"now we'll\""),
]
# Back-reference patterns (self-containment risk)
BACKREF_PATTERNS = [
(r'\bas described above\b', 'Back-reference: "as described above"'),
(r'\bper the overview\b', 'Back-reference: "per the overview"'),
(r'\bas mentioned (?:above|in|earlier)\b', 'Back-reference: "as mentioned above/in/earlier"'),
(r'\bsee (?:above|the overview)\b', 'Back-reference: "see above/the overview"'),
(r'\brefer to (?:the )?(?:above|overview|SKILL)\b', 'Back-reference: "refer to above/overview"'),
]
def count_tables(content: str) -> tuple[int, int]:
"""Count markdown tables and their total lines."""
table_count = 0
table_lines = 0
in_table = False
for line in content.split('\n'):
if '|' in line and re.match(r'^\s*\|', line):
if not in_table:
table_count += 1
in_table = True
table_lines += 1
else:
in_table = False
return table_count, table_lines
def count_fenced_blocks(content: str) -> tuple[int, int]:
"""Count fenced code blocks and their total lines."""
block_count = 0
block_lines = 0
in_block = False
for line in content.split('\n'):
if line.strip().startswith('```'):
if in_block:
in_block = False
else:
in_block = True
block_count += 1
elif in_block:
block_lines += 1
return block_count, block_lines
def extract_overview_size(content: str) -> int:
"""Count lines in the ## Overview section."""
lines = content.split('\n')
in_overview = False
overview_lines = 0
for line in lines:
if re.match(r'^##\s+Overview\b', line):
in_overview = True
continue
elif in_overview and re.match(r'^##\s', line):
break
elif in_overview:
overview_lines += 1
return overview_lines
def scan_file_patterns(filepath: Path, rel_path: str) -> dict:
"""Extract metrics and pattern matches from a single file."""
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# Token estimate (rough: chars / 4)
token_estimate = len(content) // 4
# Section inventory
sections = []
for i, line in enumerate(lines, 1):
m = re.match(r'^(#{2,3})\s+(.+)$', line)
if m:
sections.append({'level': len(m.group(1)), 'title': m.group(2).strip(), 'line': i})
# Tables and code blocks
table_count, table_lines = count_tables(content)
block_count, block_lines = count_fenced_blocks(content)
# Pattern matches
waste_matches = []
for pattern, category, label in WASTE_PATTERNS:
for m in re.finditer(pattern, content):
line_num = content[:m.start()].count('\n') + 1
waste_matches.append({
'line': line_num,
'category': category,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
backref_matches = []
for pattern, label in BACKREF_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
backref_matches.append({
'line': line_num,
'pattern': label,
'context': lines[line_num - 1].strip()[:100],
})
# Config header
has_config_header = '{communication_language}' in content or '{document_output_language}' in content
# Progression condition
prog_keywords = ['progress', 'advance', 'move to', 'next stage',
'when complete', 'proceed to', 'transition', 'completion criteria']
has_progression = any(kw in content.lower() for kw in prog_keywords)
result = {
'file': rel_path,
'line_count': line_count,
'token_estimate': token_estimate,
'sections': sections,
'table_count': table_count,
'table_lines': table_lines,
'fenced_block_count': block_count,
'fenced_block_lines': block_lines,
'waste_patterns': waste_matches,
'back_references': backref_matches,
'has_config_header': has_config_header,
'has_progression': has_progression,
}
return result
def scan_prompt_metrics(skill_path: Path) -> dict:
"""Extract metrics from all prompt-relevant files."""
files_data = []
# SKILL.md
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
data = scan_file_patterns(skill_md, 'SKILL.md')
content = skill_md.read_text(encoding='utf-8')
data['overview_lines'] = extract_overview_size(content)
data['is_skill_md'] = True
files_data.append(data)
# Prompt files at skill root (non-SKILL.md .md files)
for f in sorted(skill_path.iterdir()):
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md':
data = scan_file_patterns(f, f.name)
data['is_skill_md'] = False
files_data.append(data)
# Resources (just sizes, for progressive disclosure assessment)
resources_dir = skill_path / 'resources'
resource_sizes = {}
if resources_dir.exists():
for f in sorted(resources_dir.iterdir()):
if f.is_file() and f.suffix in ('.md', '.json', '.yaml', '.yml'):
content = f.read_text(encoding='utf-8')
resource_sizes[f.name] = {
'lines': len(content.split('\n')),
'tokens': len(content) // 4,
}
# Aggregate stats
total_waste = sum(len(f['waste_patterns']) for f in files_data)
total_backrefs = sum(len(f['back_references']) for f in files_data)
total_tokens = sum(f['token_estimate'] for f in files_data)
prompts_with_config = sum(1 for f in files_data if not f.get('is_skill_md') and f['has_config_header'])
prompts_with_progression = sum(1 for f in files_data if not f.get('is_skill_md') and f['has_progression'])
total_prompts = sum(1 for f in files_data if not f.get('is_skill_md'))
skill_md_data = next((f for f in files_data if f.get('is_skill_md')), None)
return {
'scanner': 'prompt-craft-prepass',
'script': 'prepass-prompt-metrics.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'info',
'skill_md_summary': {
'line_count': skill_md_data['line_count'] if skill_md_data else 0,
'token_estimate': skill_md_data['token_estimate'] if skill_md_data else 0,
'overview_lines': skill_md_data.get('overview_lines', 0) if skill_md_data else 0,
'table_count': skill_md_data['table_count'] if skill_md_data else 0,
'table_lines': skill_md_data['table_lines'] if skill_md_data else 0,
'fenced_block_count': skill_md_data['fenced_block_count'] if skill_md_data else 0,
'fenced_block_lines': skill_md_data['fenced_block_lines'] if skill_md_data else 0,
'section_count': len(skill_md_data['sections']) if skill_md_data else 0,
},
'prompt_health': {
'total_prompts': total_prompts,
'prompts_with_config_header': prompts_with_config,
'prompts_with_progression': prompts_with_progression,
},
'aggregate': {
'total_files_scanned': len(files_data),
'total_token_estimate': total_tokens,
'total_waste_patterns': total_waste,
'total_back_references': total_backrefs,
},
'resource_sizes': resource_sizes,
'files': files_data,
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Extract prompt craft metrics for LLM scanner pre-pass',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_prompt_metrics(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0
if __name__ == '__main__':
sys.exit(main())

480
_bmad/bmb/bmad-workflow-builder/scripts/prepass-workflow-integrity.py Executable file
View File

@@ -0,0 +1,480 @@
#!/usr/bin/env python3
"""Deterministic pre-pass for workflow integrity scanner.
Extracts structural metadata from a BMad skill that the LLM scanner
can use instead of reading all files itself. Covers:
- Frontmatter parsing and validation
- Section inventory (H2/H3 headers)
- Template artifact detection
- Stage file cross-referencing
- Stage numbering validation
- Config header detection in prompts
- Language/directness pattern grep
- On Exit / Exiting section detection (invalid)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Template artifacts that should NOT appear in finalized skills
TEMPLATE_ARTIFACTS = [
r'\{if-complex-workflow\}', r'\{/if-complex-workflow\}',
r'\{if-simple-workflow\}', r'\{/if-simple-workflow\}',
r'\{if-simple-utility\}', r'\{/if-simple-utility\}',
r'\{if-module\}', r'\{/if-module\}',
r'\{if-headless\}', r'\{/if-headless\}',
r'\{displayName\}', r'\{skillName\}',
]
# Runtime variables that ARE expected (not artifacts)
RUNTIME_VARS = {
'{user_name}', '{communication_language}', '{document_output_language}',
'{project-root}', '{output_folder}', '{planning_artifacts}',
}
# Directness anti-patterns
DIRECTNESS_PATTERNS = [
(r'\byou should\b', 'Suggestive "you should" — use direct imperative'),
(r'\bplease\b(?! note)', 'Polite "please" — use direct imperative'),
(r'\bhandle appropriately\b', 'Ambiguous "handle appropriately" — specify how'),
(r'\bwhen ready\b', 'Vague "when ready" — specify testable condition'),
]
# Invalid sections
INVALID_SECTIONS = [
(r'^##\s+On\s+Exit\b', 'On Exit section found — no exit hooks exist in the system, this will never run'),
(r'^##\s+Exiting\b', 'Exiting section found — no exit hooks exist in the system, this will never run'),
]
def parse_frontmatter(content: str) -> tuple[dict | None, list[dict]]:
"""Parse YAML frontmatter and validate."""
findings = []
fm_match = re.match(r'^---\s*\n(.*?)\n---\s*\n', content, re.DOTALL)
if not fm_match:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'No YAML frontmatter found',
})
return None, findings
try:
# Frontmatter is YAML-like key: value pairs — parse manually
fm = {}
for line in fm_match.group(1).strip().split('\n'):
line = line.strip()
if not line or line.startswith('#'):
continue
if ':' in line:
key, _, value = line.partition(':')
fm[key.strip()] = value.strip().strip('"').strip("'")
except Exception as e:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': f'Invalid frontmatter: {e}',
})
return None, findings
if not isinstance(fm, dict):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'Frontmatter is not a YAML mapping',
})
return None, findings
# name check
name = fm.get('name')
if not name:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'critical', 'category': 'frontmatter',
'issue': 'Missing "name" field in frontmatter',
})
elif not re.match(r'^[a-z0-9]+(-[a-z0-9]+)*$', name):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'frontmatter',
'issue': f'Name "{name}" is not kebab-case',
})
elif not name.startswith('bmad-'):
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'medium', 'category': 'frontmatter',
'issue': f'Name "{name}" does not follow bmad-* naming convention',
})
# description check
desc = fm.get('description')
if not desc:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'frontmatter',
'issue': 'Missing "description" field in frontmatter',
})
elif 'Use when' not in desc and 'use when' not in desc:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'medium', 'category': 'frontmatter',
'issue': 'Description missing "Use when..." trigger phrase',
})
# Extra fields check
allowed = {'name', 'description', 'menu-code'}
extra = set(fm.keys()) - allowed
if extra:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'low', 'category': 'frontmatter',
'issue': f'Extra frontmatter fields: {", ".join(sorted(extra))}',
})
return fm, findings
def extract_sections(content: str) -> list[dict]:
"""Extract all H2 headers with line numbers."""
sections = []
for i, line in enumerate(content.split('\n'), 1):
m = re.match(r'^(#{2,3})\s+(.+)$', line)
if m:
sections.append({
'level': len(m.group(1)),
'title': m.group(2).strip(),
'line': i,
})
return sections
def check_required_sections(sections: list[dict]) -> list[dict]:
"""Check for required and invalid sections."""
findings = []
h2_titles = [s['title'] for s in sections if s['level'] == 2]
if 'Overview' not in h2_titles:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'sections',
'issue': 'Missing ## Overview section',
})
if 'On Activation' not in h2_titles:
findings.append({
'file': 'SKILL.md', 'line': 1,
'severity': 'high', 'category': 'sections',
'issue': 'Missing ## On Activation section',
})
# Invalid sections
for s in sections:
if s['level'] == 2:
for pattern, message in INVALID_SECTIONS:
if re.match(pattern, f"## {s['title']}"):
findings.append({
'file': 'SKILL.md', 'line': s['line'],
'severity': 'high', 'category': 'invalid-section',
'issue': message,
})
return findings
def find_template_artifacts(filepath: Path, rel_path: str) -> list[dict]:
"""Scan for orphaned template substitution artifacts."""
findings = []
content = filepath.read_text(encoding='utf-8')
for pattern in TEMPLATE_ARTIFACTS:
for m in re.finditer(pattern, content):
matched = m.group()
if matched in RUNTIME_VARS:
continue
line_num = content[:m.start()].count('\n') + 1
findings.append({
'file': rel_path, 'line': line_num,
'severity': 'high', 'category': 'artifacts',
'issue': f'Orphaned template artifact: {matched}',
'fix': 'Resolve or remove this template conditional/placeholder',
})
return findings
def cross_reference_stages(skill_path: Path, skill_content: str) -> tuple[dict, list[dict]]:
"""Cross-reference stage files between SKILL.md and numbered prompt files at skill root."""
findings = []
# Get actual numbered prompt files at skill root (exclude SKILL.md)
actual_files = set()
for f in skill_path.iterdir():
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md' and re.match(r'^\d+-', f.name):
actual_files.add(f.name)
# Find stage references in SKILL.md — look for both old prompts/ style and new root style
referenced = set()
# Match `prompts/XX-name.md` (legacy) or bare `XX-name.md` references
ref_pattern = re.compile(r'(?:prompts/)?(\d+-[^\s)`]+\.md)')
for m in ref_pattern.finditer(skill_content):
referenced.add(m.group(1))
# Missing files (referenced but don't exist)
missing = referenced - actual_files
for f in sorted(missing):
findings.append({
'file': 'SKILL.md', 'line': 0,
'severity': 'critical', 'category': 'missing-stage',
'issue': f'Referenced stage file does not exist: {f}',
})
# Orphaned files (exist but not referenced)
orphaned = actual_files - referenced
for f in sorted(orphaned):
findings.append({
'file': f, 'line': 0,
'severity': 'medium', 'category': 'naming',
'issue': f'Stage file exists but not referenced in SKILL.md: {f}',
})
# Stage numbering check
numbered = []
for f in sorted(actual_files):
m = re.match(r'^(\d+)-(.+)\.md$', f)
if m:
numbered.append((int(m.group(1)), f))
if numbered:
numbered.sort()
nums = [n[0] for n in numbered]
expected = list(range(nums[0], nums[0] + len(nums)))
if nums != expected:
gaps = set(expected) - set(nums)
if gaps:
findings.append({
'file': skill_path.name, 'line': 0,
'severity': 'medium', 'category': 'naming',
'issue': f'Stage numbering has gaps: missing {sorted(gaps)}',
})
stage_summary = {
'total_stages': len(actual_files),
'referenced': sorted(referenced),
'actual': sorted(actual_files),
'missing_stages': sorted(missing),
'orphaned_stages': sorted(orphaned),
}
return stage_summary, findings
def check_prompt_basics(skill_path: Path) -> tuple[list[dict], list[dict]]:
"""Check each prompt file for config header and progression conditions."""
findings = []
prompt_details = []
# Look for numbered prompt files at skill root
prompt_files = sorted(
f for f in skill_path.iterdir()
if f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md' and re.match(r'^\d+-', f.name)
)
if not prompt_files:
return prompt_details, findings
for f in prompt_files:
content = f.read_text(encoding='utf-8')
rel_path = f.name
detail = {'file': f.name, 'has_config_header': False, 'has_progression': False}
# Config header check
if '{communication_language}' in content or '{document_output_language}' in content:
detail['has_config_header'] = True
else:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'config-header',
'issue': 'No config header with language variables found',
})
# Progression condition check (look for progression-related keywords near end)
lower = content.lower()
prog_keywords = ['progress', 'advance', 'move to', 'next stage', 'when complete',
'proceed to', 'transition', 'completion criteria']
if any(kw in lower for kw in prog_keywords):
detail['has_progression'] = True
else:
findings.append({
'file': rel_path, 'line': len(content.split('\n')),
'severity': 'high', 'category': 'progression',
'issue': 'No progression condition keywords found',
})
# Directness checks
for pattern, message in DIRECTNESS_PATTERNS:
for m in re.finditer(pattern, content, re.IGNORECASE):
line_num = content[:m.start()].count('\n') + 1
findings.append({
'file': rel_path, 'line': line_num,
'severity': 'low', 'category': 'language',
'issue': message,
})
# Template artifacts
findings.extend(find_template_artifacts(f, rel_path))
prompt_details.append(detail)
return prompt_details, findings
def detect_workflow_type(skill_content: str, has_prompts: bool) -> str:
"""Detect workflow type from SKILL.md content."""
has_stage_refs = bool(re.search(r'(?:prompts/)?\d+-\S+\.md', skill_content))
has_routing = bool(re.search(r'(?i)(rout|stage|branch|path)', skill_content))
if has_stage_refs or (has_prompts and has_routing):
return 'complex'
elif re.search(r'(?m)^\d+\.\s', skill_content):
return 'simple-workflow'
else:
return 'simple-utility'
def scan_workflow_integrity(skill_path: Path) -> dict:
"""Run all deterministic workflow integrity checks."""
all_findings = []
# Read SKILL.md
skill_md = skill_path / 'SKILL.md'
if not skill_md.exists():
return {
'scanner': 'workflow-integrity-prepass',
'script': 'prepass-workflow-integrity.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'fail',
'issues': [{'file': 'SKILL.md', 'line': 1, 'severity': 'critical',
'category': 'missing-file', 'issue': 'SKILL.md does not exist'}],
'summary': {'total_issues': 1, 'by_severity': {'critical': 1, 'high': 0, 'medium': 0, 'low': 0}},
}
skill_content = skill_md.read_text(encoding='utf-8')
# Frontmatter
frontmatter, fm_findings = parse_frontmatter(skill_content)
all_findings.extend(fm_findings)
# Sections
sections = extract_sections(skill_content)
section_findings = check_required_sections(sections)
all_findings.extend(section_findings)
# Template artifacts in SKILL.md
all_findings.extend(find_template_artifacts(skill_md, 'SKILL.md'))
# Directness checks in SKILL.md
for pattern, message in DIRECTNESS_PATTERNS:
for m in re.finditer(pattern, skill_content, re.IGNORECASE):
line_num = skill_content[:m.start()].count('\n') + 1
all_findings.append({
'file': 'SKILL.md', 'line': line_num,
'severity': 'low', 'category': 'language',
'issue': message,
})
# Workflow type
has_prompts = any(
f.is_file() and f.suffix == '.md' and f.name != 'SKILL.md' and re.match(r'^\d+-', f.name)
for f in skill_path.iterdir()
)
workflow_type = detect_workflow_type(skill_content, has_prompts)
# Stage cross-reference
stage_summary, stage_findings = cross_reference_stages(skill_path, skill_content)
all_findings.extend(stage_findings)
# Prompt basics
prompt_details, prompt_findings = check_prompt_basics(skill_path)
all_findings.extend(prompt_findings)
# Build severity summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0:
status = 'warning'
return {
'scanner': 'workflow-integrity-prepass',
'script': 'prepass-workflow-integrity.py',
'version': '1.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'metadata': {
'frontmatter': frontmatter,
'sections': sections,
'workflow_type': workflow_type,
},
'stage_summary': stage_summary,
'prompt_details': prompt_details,
'issues': all_findings,
'summary': {
'total_issues': len(all_findings),
'by_severity': by_severity,
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Deterministic pre-pass for workflow integrity scanning',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_workflow_integrity(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())

300
_bmad/bmb/bmad-workflow-builder/scripts/scan-path-standards.py Executable file
View File

@@ -0,0 +1,300 @@
#!/usr/bin/env python3
"""Deterministic path standards scanner for BMad skills.
Validates all .md and .json files against BMad path conventions:
1. {project-root} only valid before /_bmad
2. Bare _bmad references must have {project-root} prefix
3. Config variables used directly (no double-prefix)
4. Skill-internal paths must use ./ prefix (references/, scripts/, assets/)
5. No ../ parent directory references
6. No absolute paths
7. Frontmatter allows only name and description
8. No .md files at skill root except SKILL.md
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import json
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# Patterns to detect
# {project-root} NOT followed by /_bmad
PROJECT_ROOT_NOT_BMAD_RE = re.compile(r'\{project-root\}/(?!_bmad)')
# Bare _bmad without {project-root} prefix — match _bmad at word boundary
# but not when preceded by {project-root}/
BARE_BMAD_RE = re.compile(r'(?<!\{project-root\}/)_bmad[/\s]')
# Absolute paths
ABSOLUTE_PATH_RE = re.compile(r'(?:^|[\s"`\'(])(/(?:Users|home|opt|var|tmp|etc|usr)/\S+)', re.MULTILINE)
HOME_PATH_RE = re.compile(r'(?:^|[\s"`\'(])(~/\S+)', re.MULTILINE)
# Parent directory reference (still invalid)
RELATIVE_DOT_RE = re.compile(r'(?:^|[\s"`\'(])(\.\./\S+)', re.MULTILINE)
# Bare skill-internal paths without ./ prefix
# Match references/, scripts/, assets/ when NOT preceded by ./
BARE_INTERNAL_RE = re.compile(r'(?:^|[\s"`\'(])(?<!\./)((?:references|scripts|assets)/\S+)', re.MULTILINE)
# Fenced code block detection (to skip examples showing wrong patterns)
FENCE_RE = re.compile(r'^```', re.MULTILINE)
# Valid frontmatter keys
VALID_FRONTMATTER_KEYS = {'name', 'description'}
def is_in_fenced_block(content: str, pos: int) -> bool:
"""Check if a position is inside a fenced code block."""
fences = [m.start() for m in FENCE_RE.finditer(content[:pos])]
# Odd number of fences before pos means we're inside a block
return len(fences) % 2 == 1
def get_line_number(content: str, pos: int) -> int:
"""Get 1-based line number for a position in content."""
return content[:pos].count('\n') + 1
def check_frontmatter(content: str, filepath: Path) -> list[dict]:
"""Validate SKILL.md frontmatter contains only allowed keys."""
findings = []
if filepath.name != 'SKILL.md':
return findings
if not content.startswith('---'):
findings.append({
'file': filepath.name,
'line': 1,
'severity': 'critical',
'category': 'frontmatter',
'title': 'SKILL.md missing frontmatter block',
'detail': 'SKILL.md must start with --- frontmatter containing name and description',
'action': 'Add frontmatter with name and description fields',
})
return findings
# Find closing ---
end = content.find('\n---', 3)
if end == -1:
findings.append({
'file': filepath.name,
'line': 1,
'severity': 'critical',
'category': 'frontmatter',
'title': 'SKILL.md frontmatter block not closed',
'detail': 'Missing closing --- for frontmatter',
'action': 'Add closing --- after frontmatter fields',
})
return findings
frontmatter = content[4:end]
for i, line in enumerate(frontmatter.split('\n'), start=2):
line = line.strip()
if not line or line.startswith('#'):
continue
if ':' in line:
key = line.split(':', 1)[0].strip()
if key not in VALID_FRONTMATTER_KEYS:
findings.append({
'file': filepath.name,
'line': i,
'severity': 'high',
'category': 'frontmatter',
'title': f'Invalid frontmatter key: {key}',
'detail': f'Only {", ".join(sorted(VALID_FRONTMATTER_KEYS))} are allowed in frontmatter',
'action': f'Remove {key} from frontmatter — use as content field in SKILL.md body instead',
})
return findings
def check_root_md_files(skill_path: Path) -> list[dict]:
"""Check that no .md files exist at skill root except SKILL.md."""
findings = []
for md_file in skill_path.glob('*.md'):
if md_file.name != 'SKILL.md':
findings.append({
'file': md_file.name,
'line': 0,
'severity': 'high',
'category': 'structure',
'title': f'Prompt file at skill root: {md_file.name}',
'detail': 'All progressive disclosure content must be in ./references/ — only SKILL.md belongs at root',
'action': f'Move {md_file.name} to references/{md_file.name}',
})
return findings
def scan_file(filepath: Path, skip_fenced: bool = True) -> list[dict]:
"""Scan a single file for path standard violations."""
findings = []
content = filepath.read_text(encoding='utf-8')
rel_path = filepath.name
checks = [
(PROJECT_ROOT_NOT_BMAD_RE, 'project-root-not-bmad', 'critical',
'{project-root} used for non-_bmad path — only valid use is {project-root}/_bmad/...'),
(ABSOLUTE_PATH_RE, 'absolute-path', 'high',
'Absolute path found — not portable across machines'),
(HOME_PATH_RE, 'absolute-path', 'high',
'Home directory path (~/) found — environment-specific'),
(RELATIVE_DOT_RE, 'relative-prefix', 'high',
'Parent directory reference (../) found — fragile, breaks with reorganization'),
(BARE_INTERNAL_RE, 'bare-internal-path', 'high',
'Bare skill-internal path without ./ prefix — use ./references/, ./scripts/, ./assets/ to distinguish from {project-root} paths'),
]
for pattern, category, severity, message in checks:
for match in pattern.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': severity,
'category': category,
'title': message,
'detail': line_content[:120],
'action': '',
})
# Bare _bmad check — more nuanced, need to avoid false positives
# inside {project-root}/_bmad which is correct
for match in BARE_BMAD_RE.finditer(content):
pos = match.start()
if skip_fenced and is_in_fenced_block(content, pos):
continue
start = max(0, pos - 30)
before = content[start:pos]
if '{project-root}/' in before:
continue
line_num = get_line_number(content, pos)
line_content = content.split('\n')[line_num - 1].strip()
findings.append({
'file': rel_path,
'line': line_num,
'severity': 'high',
'category': 'bare-bmad',
'title': 'Bare _bmad reference without {project-root} prefix',
'detail': line_content[:120],
'action': '',
})
return findings
def scan_skill(skill_path: Path, skip_fenced: bool = True) -> dict:
"""Scan all .md and .json files in a skill directory."""
all_findings = []
# Check for .md files at root that aren't SKILL.md
all_findings.extend(check_root_md_files(skill_path))
# Check SKILL.md frontmatter
skill_md = skill_path / 'SKILL.md'
if skill_md.exists():
content = skill_md.read_text(encoding='utf-8')
all_findings.extend(check_frontmatter(content, skill_md))
# Find all .md and .json files
md_files = sorted(list(skill_path.rglob('*.md')) + list(skill_path.rglob('*.json')))
if not md_files:
print(f"Warning: No .md or .json files found in {skill_path}", file=sys.stderr)
files_scanned = []
for md_file in md_files:
rel = md_file.relative_to(skill_path)
files_scanned.append(str(rel))
file_findings = scan_file(md_file, skip_fenced)
for f in file_findings:
f['file'] = str(rel)
all_findings.extend(file_findings)
# Build summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
by_category = {
'project_root_not_bmad': 0,
'bare_bmad': 0,
'double_prefix': 0,
'absolute_path': 0,
'relative_prefix': 0,
'bare_internal_path': 0,
'frontmatter': 0,
'structure': 0,
}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
cat = f['category'].replace('-', '_')
if cat in by_category:
by_category[cat] += 1
return {
'scanner': 'path-standards',
'script': 'scan-path-standards.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'files_scanned': files_scanned,
'status': 'pass' if not all_findings else 'fail',
'findings': all_findings,
'assessments': {},
'summary': {
'total_findings': len(all_findings),
'by_severity': by_severity,
'by_category': by_category,
'assessment': 'Path standards scan complete',
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Scan BMad skill for path standard violations',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
parser.add_argument(
'--include-fenced',
action='store_true',
help='Also check inside fenced code blocks (by default they are skipped)',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_skill(args.skill_path, skip_fenced=not args.include_fenced)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())

745
_bmad/bmb/bmad-workflow-builder/scripts/scan-scripts.py Executable file
View File

@@ -0,0 +1,745 @@
#!/usr/bin/env python3
"""Deterministic scripts scanner for BMad skills.
Validates scripts in a skill's scripts/ folder for:
- PEP 723 inline dependencies (Python)
- Shebang, set -e, portability (Shell)
- Version pinning for npx/uvx
- Agentic design: no input(), has argparse/--help, JSON output, exit codes
- Unit test existence
- Over-engineering signals (line count, simple-op imports)
- External lint: ruff (Python), shellcheck (Bash), biome (JS/TS)
"""
# /// script
# requires-python = ">=3.9"
# ///
from __future__ import annotations
import argparse
import ast
import json
import re
import shutil
import subprocess
import sys
from datetime import datetime, timezone
from pathlib import Path
# =============================================================================
# External Linter Integration
# =============================================================================
def _run_command(cmd: list[str], timeout: int = 30) -> tuple[int, str, str]:
"""Run a command and return (returncode, stdout, stderr)."""
try:
result = subprocess.run(
cmd, capture_output=True, text=True, timeout=timeout,
)
return result.returncode, result.stdout, result.stderr
except FileNotFoundError:
return -1, '', f'Command not found: {cmd[0]}'
except subprocess.TimeoutExpired:
return -2, '', f'Command timed out after {timeout}s: {" ".join(cmd)}'
def _find_uv() -> str | None:
"""Find uv binary on PATH."""
return shutil.which('uv')
def _find_npx() -> str | None:
"""Find npx binary on PATH."""
return shutil.which('npx')
def lint_python_ruff(filepath: Path, rel_path: str) -> list[dict]:
"""Run ruff on a Python file via uv. Returns lint findings."""
uv = _find_uv()
if not uv:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'uv not found on PATH — cannot run ruff for Python linting',
'detail': '',
'action': 'Install uv: https://docs.astral.sh/uv/getting-started/installation/',
}]
rc, stdout, stderr = _run_command([
uv, 'run', 'ruff', 'check', '--output-format', 'json', str(filepath),
])
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run ruff via uv: {stderr.strip()}',
'detail': '',
'action': 'Ensure uv can install and run ruff: uv run ruff --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'ruff timed out on {rel_path}',
'detail': '',
'action': '',
}]
# ruff outputs JSON array on stdout (even on rc=1 when issues found)
findings = []
try:
issues = json.loads(stdout) if stdout.strip() else []
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse ruff output for {rel_path}',
'detail': '',
'action': '',
}]
for issue in issues:
fix_msg = issue.get('fix', {}).get('message', '') if issue.get('fix') else ''
findings.append({
'file': rel_path,
'line': issue.get('location', {}).get('row', 0),
'severity': 'high',
'category': 'lint',
'title': f'[{issue.get("code", "?")}] {issue.get("message", "")}',
'detail': '',
'action': fix_msg or f'See https://docs.astral.sh/ruff/rules/{issue.get("code", "")}',
})
return findings
def lint_shell_shellcheck(filepath: Path, rel_path: str) -> list[dict]:
"""Run shellcheck on a shell script via uv. Returns lint findings."""
uv = _find_uv()
if not uv:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'uv not found on PATH — cannot run shellcheck for shell linting',
'detail': '',
'action': 'Install uv: https://docs.astral.sh/uv/getting-started/installation/',
}]
rc, stdout, stderr = _run_command([
uv, 'run', '--with', 'shellcheck-py',
'shellcheck', '--format', 'json', str(filepath),
])
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run shellcheck via uv: {stderr.strip()}',
'detail': '',
'action': 'Ensure uv can install shellcheck-py: uv run --with shellcheck-py shellcheck --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'shellcheck timed out on {rel_path}',
'detail': '',
'action': '',
}]
findings = []
# shellcheck outputs JSON on stdout (rc=1 when issues found)
raw = stdout.strip() or stderr.strip()
try:
issues = json.loads(raw) if raw else []
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse shellcheck output for {rel_path}',
'detail': '',
'action': '',
}]
# Map shellcheck levels to our severity
level_map = {'error': 'high', 'warning': 'high', 'info': 'high', 'style': 'medium'}
for issue in issues:
sc_code = issue.get('code', '')
findings.append({
'file': rel_path,
'line': issue.get('line', 0),
'severity': level_map.get(issue.get('level', ''), 'high'),
'category': 'lint',
'title': f'[SC{sc_code}] {issue.get("message", "")}',
'detail': '',
'action': f'See https://www.shellcheck.net/wiki/SC{sc_code}',
})
return findings
def lint_node_biome(filepath: Path, rel_path: str) -> list[dict]:
"""Run biome on a JS/TS file via npx. Returns lint findings."""
npx = _find_npx()
if not npx:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': 'npx not found on PATH — cannot run biome for JS/TS linting',
'detail': '',
'action': 'Install Node.js 20+: https://nodejs.org/',
}]
rc, stdout, stderr = _run_command([
npx, '--yes', '@biomejs/biome', 'lint', '--reporter', 'json', str(filepath),
], timeout=60)
if rc == -1:
return [{
'file': rel_path, 'line': 0,
'severity': 'high', 'category': 'lint-setup',
'title': f'Failed to run biome via npx: {stderr.strip()}',
'detail': '',
'action': 'Ensure npx can run biome: npx @biomejs/biome --version',
}]
if rc == -2:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'biome timed out on {rel_path}',
'detail': '',
'action': '',
}]
findings = []
# biome outputs JSON on stdout
raw = stdout.strip()
try:
result = json.loads(raw) if raw else {}
except json.JSONDecodeError:
return [{
'file': rel_path, 'line': 0,
'severity': 'medium', 'category': 'lint',
'title': f'Failed to parse biome output for {rel_path}',
'detail': '',
'action': '',
}]
for diag in result.get('diagnostics', []):
loc = diag.get('location', {})
start = loc.get('start', {})
findings.append({
'file': rel_path,
'line': start.get('line', 0),
'severity': 'high',
'category': 'lint',
'title': f'[{diag.get("category", "?")}] {diag.get("message", "")}',
'detail': '',
'action': diag.get('advices', [{}])[0].get('message', '') if diag.get('advices') else '',
})
return findings
# =============================================================================
# BMad Pattern Checks (Existing)
# =============================================================================
def scan_python_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a Python script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# PEP 723 check
if '# /// script' not in content:
# Only flag if the script has imports (not a trivial script)
if 'import ' in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'dependencies',
'title': 'No PEP 723 inline dependency block (# /// script)',
'detail': '',
'action': 'Add PEP 723 block with requires-python and dependencies',
})
else:
# Check requires-python is present
if 'requires-python' not in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'dependencies',
'title': 'PEP 723 block exists but missing requires-python constraint',
'detail': '',
'action': 'Add requires-python = ">=3.9" or appropriate version',
})
# requirements.txt reference
if 'requirements.txt' in content or 'pip install' in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'high', 'category': 'dependencies',
'title': 'References requirements.txt or pip install — use PEP 723 inline deps',
'detail': '',
'action': 'Replace with PEP 723 inline dependency block',
})
# Agentic design checks via AST
try:
tree = ast.parse(content)
except SyntaxError:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'critical', 'category': 'error-handling',
'title': 'Python syntax error — script cannot be parsed',
'detail': '',
'action': '',
})
return findings
has_argparse = False
has_json_dumps = False
has_sys_exit = False
imports = set()
for node in ast.walk(tree):
# Track imports
if isinstance(node, ast.Import):
for alias in node.names:
imports.add(alias.name)
elif isinstance(node, ast.ImportFrom):
if node.module:
imports.add(node.module)
# input() calls
if isinstance(node, ast.Call):
func = node.func
if isinstance(func, ast.Name) and func.id == 'input':
findings.append({
'file': rel_path, 'line': node.lineno,
'severity': 'critical', 'category': 'agentic-design',
'title': 'input() call found — blocks in non-interactive agent execution',
'detail': '',
'action': 'Use argparse with required flags instead of interactive prompts',
})
# json.dumps
if isinstance(func, ast.Attribute) and func.attr == 'dumps':
has_json_dumps = True
# sys.exit
if isinstance(func, ast.Attribute) and func.attr == 'exit':
has_sys_exit = True
if isinstance(func, ast.Name) and func.id == 'exit':
has_sys_exit = True
# argparse
if isinstance(node, ast.Attribute) and node.attr == 'ArgumentParser':
has_argparse = True
if not has_argparse and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'agentic-design',
'title': 'No argparse found — script lacks --help self-documentation',
'detail': '',
'action': 'Add argparse with description and argument help text',
})
if not has_json_dumps and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'agentic-design',
'title': 'No json.dumps found — output may not be structured JSON',
'detail': '',
'action': 'Use json.dumps for structured output parseable by workflows',
})
if not has_sys_exit and line_count > 20:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'agentic-design',
'title': 'No sys.exit() calls — may not return meaningful exit codes',
'detail': '',
'action': 'Return 0=success, 1=fail, 2=error via sys.exit()',
})
# Over-engineering: simple file ops in Python
simple_op_imports = {'shutil', 'glob', 'fnmatch'}
over_eng = imports & simple_op_imports
if over_eng and line_count < 30:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'low', 'category': 'over-engineered',
'title': f'Short script ({line_count} lines) imports {", ".join(over_eng)} — may be simpler as bash',
'detail': '',
'action': 'Consider if cp/mv/find shell commands would suffice',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
def scan_shell_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a shell script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# Shebang
if not lines[0].startswith('#!'):
findings.append({
'file': rel_path, 'line': 1,
'severity': 'high', 'category': 'portability',
'title': 'Missing shebang line',
'detail': '',
'action': 'Add #!/usr/bin/env bash or #!/usr/bin/env sh',
})
elif '/usr/bin/env' not in lines[0]:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'portability',
'title': f'Shebang uses hardcoded path: {lines[0].strip()}',
'detail': '',
'action': 'Use #!/usr/bin/env bash for cross-platform compatibility',
})
# set -e
if 'set -e' not in content and 'set -euo' not in content:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'error-handling',
'title': 'Missing set -e — errors will be silently ignored',
'detail': '',
'action': 'Add set -e (or set -euo pipefail) near the top',
})
# Hardcoded interpreter paths
hardcoded_re = re.compile(r'/usr/bin/(python|ruby|node|perl)\b')
for i, line in enumerate(lines, 1):
if hardcoded_re.search(line):
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'portability',
'title': f'Hardcoded interpreter path: {line.strip()}',
'detail': '',
'action': 'Use /usr/bin/env or PATH-based lookup',
})
# GNU-only tools
gnu_re = re.compile(r'\b(gsed|gawk|ggrep|gfind)\b')
for i, line in enumerate(lines, 1):
m = gnu_re.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'portability',
'title': f'GNU-only tool: {m.group()} — not available on all platforms',
'detail': '',
'action': 'Use POSIX-compatible equivalent',
})
# Unquoted variables (basic check)
unquoted_re = re.compile(r'(?<!")\$\w+(?!")')
for i, line in enumerate(lines, 1):
if line.strip().startswith('#'):
continue
for m in unquoted_re.finditer(line):
# Skip inside double-quoted strings (rough heuristic)
before = line[:m.start()]
if before.count('"') % 2 == 1:
continue
findings.append({
'file': rel_path, 'line': i,
'severity': 'low', 'category': 'portability',
'title': f'Potentially unquoted variable: {m.group()} — breaks with spaces in paths',
'detail': '',
'action': f'Use "{m.group()}" with double quotes',
})
# npx/uvx without version pinning
no_pin_re = re.compile(r'\b(npx|uvx)\s+([a-zA-Z][\w-]+)(?!\S*@)')
for i, line in enumerate(lines, 1):
if line.strip().startswith('#'):
continue
m = no_pin_re.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'dependencies',
'title': f'{m.group(1)} {m.group(2)} without version pinning',
'detail': '',
'action': f'Pin version: {m.group(1)} {m.group(2)}@<version>',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
def scan_node_script(filepath: Path, rel_path: str) -> list[dict]:
"""Check a JS/TS script for standards compliance."""
findings = []
content = filepath.read_text(encoding='utf-8')
lines = content.split('\n')
line_count = len(lines)
# npx/uvx without version pinning
no_pin = re.compile(r'\b(npx|uvx)\s+([a-zA-Z][\w-]+)(?!\S*@)')
for i, line in enumerate(lines, 1):
m = no_pin.search(line)
if m:
findings.append({
'file': rel_path, 'line': i,
'severity': 'medium', 'category': 'dependencies',
'title': f'{m.group(1)} {m.group(2)} without version pinning',
'detail': '',
'action': f'Pin version: {m.group(1)} {m.group(2)}@<version>',
})
# Very short script
if line_count < 5:
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'over-engineered',
'title': f'Script is only {line_count} lines — could be an inline command',
'detail': '',
'action': 'Consider inlining this command directly in the prompt',
})
return findings
# =============================================================================
# Main Scanner
# =============================================================================
def scan_skill_scripts(skill_path: Path) -> dict:
"""Scan all scripts in a skill directory."""
scripts_dir = skill_path / 'scripts'
all_findings = []
lint_findings = []
script_inventory = {'python': [], 'shell': [], 'node': [], 'other': []}
missing_tests = []
if not scripts_dir.exists():
return {
'scanner': 'scripts',
'script': 'scan-scripts.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': 'pass',
'findings': [{
'file': 'scripts/',
'severity': 'info',
'category': 'none',
'title': 'No scripts/ directory found — nothing to scan',
'detail': '',
'action': '',
}],
'assessments': {
'lint_summary': {
'tools_used': [],
'files_linted': 0,
'lint_issues': 0,
},
'script_summary': {
'total_scripts': 0,
'by_type': script_inventory,
'missing_tests': [],
},
},
'summary': {
'total_findings': 0,
'by_severity': {'critical': 0, 'high': 0, 'medium': 0, 'low': 0},
'assessment': '',
},
}
# Find all script files (exclude tests/ and __pycache__)
script_files = []
for f in sorted(scripts_dir.iterdir()):
if f.is_file() and f.suffix in ('.py', '.sh', '.bash', '.js', '.ts', '.mjs'):
script_files.append(f)
tests_dir = scripts_dir / 'tests'
lint_tools_used = set()
for script_file in script_files:
rel_path = f'scripts/{script_file.name}'
ext = script_file.suffix
if ext == '.py':
script_inventory['python'].append(script_file.name)
findings = scan_python_script(script_file, rel_path)
lf = lint_python_ruff(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('ruff')
elif ext in ('.sh', '.bash'):
script_inventory['shell'].append(script_file.name)
findings = scan_shell_script(script_file, rel_path)
lf = lint_shell_shellcheck(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('shellcheck')
elif ext in ('.js', '.ts', '.mjs'):
script_inventory['node'].append(script_file.name)
findings = scan_node_script(script_file, rel_path)
lf = lint_node_biome(script_file, rel_path)
lint_findings.extend(lf)
if lf and not any(f['category'] == 'lint-setup' for f in lf):
lint_tools_used.add('biome')
else:
script_inventory['other'].append(script_file.name)
findings = []
# Check for unit tests
if tests_dir.exists():
stem = script_file.stem
test_patterns = [
f'test_{stem}{ext}', f'test-{stem}{ext}',
f'{stem}_test{ext}', f'{stem}-test{ext}',
f'test_{stem}.py', f'test-{stem}.py',
]
has_test = any((tests_dir / t).exists() for t in test_patterns)
else:
has_test = False
if not has_test:
missing_tests.append(script_file.name)
findings.append({
'file': rel_path, 'line': 1,
'severity': 'medium', 'category': 'tests',
'title': f'No unit test found for {script_file.name}',
'detail': '',
'action': f'Create scripts/tests/test-{script_file.stem}{ext} with test cases',
})
all_findings.extend(findings)
# Check if tests/ directory exists at all
if script_files and not tests_dir.exists():
all_findings.append({
'file': 'scripts/tests/',
'line': 0,
'severity': 'high',
'category': 'tests',
'title': 'scripts/tests/ directory does not exist — no unit tests',
'detail': '',
'action': 'Create scripts/tests/ with test files for each script',
})
# Merge lint findings into all findings
all_findings.extend(lint_findings)
# Build summary
by_severity = {'critical': 0, 'high': 0, 'medium': 0, 'low': 0}
by_category: dict[str, int] = {}
for f in all_findings:
sev = f['severity']
if sev in by_severity:
by_severity[sev] += 1
cat = f['category']
by_category[cat] = by_category.get(cat, 0) + 1
total_scripts = sum(len(v) for v in script_inventory.values())
status = 'pass'
if by_severity['critical'] > 0:
status = 'fail'
elif by_severity['high'] > 0:
status = 'warning'
elif total_scripts == 0:
status = 'pass'
lint_issue_count = sum(1 for f in lint_findings if f['category'] == 'lint')
return {
'scanner': 'scripts',
'script': 'scan-scripts.py',
'version': '2.0.0',
'skill_path': str(skill_path),
'timestamp': datetime.now(timezone.utc).isoformat(),
'status': status,
'findings': all_findings,
'assessments': {
'lint_summary': {
'tools_used': sorted(lint_tools_used),
'files_linted': total_scripts,
'lint_issues': lint_issue_count,
},
'script_summary': {
'total_scripts': total_scripts,
'by_type': {k: len(v) for k, v in script_inventory.items()},
'scripts': {k: v for k, v in script_inventory.items() if v},
'missing_tests': missing_tests,
},
},
'summary': {
'total_findings': len(all_findings),
'by_severity': by_severity,
'by_category': by_category,
'assessment': '',
},
}
def main() -> int:
parser = argparse.ArgumentParser(
description='Scan BMad skill scripts for quality, portability, agentic design, and lint issues',
)
parser.add_argument(
'skill_path',
type=Path,
help='Path to the skill directory to scan',
)
parser.add_argument(
'--output', '-o',
type=Path,
help='Write JSON output to file instead of stdout',
)
args = parser.parse_args()
if not args.skill_path.is_dir():
print(f"Error: {args.skill_path} is not a directory", file=sys.stderr)
return 2
result = scan_skill_scripts(args.skill_path)
output = json.dumps(result, indent=2)
if args.output:
args.output.parent.mkdir(parents=True, exist_ok=True)
args.output.write_text(output)
print(f"Results written to {args.output}", file=sys.stderr)
else:
print(output)
return 0 if result['status'] == 'pass' else 1
if __name__ == '__main__':
sys.exit(main())

14
_bmad/bmb/config.yaml Normal file
View File

@@ -0,0 +1,14 @@
# BMB Module Configuration
# Generated by BMAD installer
# Version: 6.2.2
# Date: 2026-03-28T08:59:17.308Z
bmb_creations_output_folder: "{project-root}/_bmad-output/bmb-creations"
bmad_builder_output_folder: "{project-root}/skills"
bmad_builder_reports: "{project-root}/skills/reports"
# Core Configuration Values
user_name: Ramez
communication_language: French
document_output_language: English
output_folder: "{project-root}/_bmad-output"

6
_bmad/bmb/module-help.csv Normal file
View File

@@ -0,0 +1,6 @@
module,skill,display-name,menu-code,description,action,args,phase,after,before,required,output-location,outputs
BMad Builder,bmad-builder-setup,Setup Builder Module,SB,"Install or update BMad Builder module config and help entries. Collects user preferences, writes config.yaml, and migrates legacy configs.",configure,,anytime,,,false,{project-root}/_bmad,config.yaml and config.user.yaml
BMad Builder,bmad-agent-builder,Build an Agent,BA,"Create, edit, convert, or fix an agent skill.",build-process,"[-H] [description | path]",anytime,,bmad-agent-builder:quality-optimizer,false,output_folder,agent skill
BMad Builder,bmad-agent-builder,Optimize an Agent,OA,Validate and optimize an existing agent skill. Produces a quality report.,quality-optimizer,[-H] [path],anytime,bmad-agent-builder:build-process,,false,bmad_builder_reports,quality report
BMad Builder,bmad-workflow-builder,Build a Workflow,BW,"Create, edit, convert, or fix a workflow or utility skill.",build-process,"[-H] [description | path]",anytime,,bmad-workflow-builder:quality-optimizer,false,output_folder,workflow skill
BMad Builder,bmad-workflow-builder,Optimize a Workflow,OW,Validate and optimize an existing workflow or utility skill. Produces a quality report.,quality-optimizer,[-H] [path],anytime,bmad-workflow-builder:build-process,,false,bmad_builder_reports,quality report
1 module skill display-name menu-code description action args phase after before required output-location outputs
2 BMad Builder bmad-builder-setup Setup Builder Module SB Install or update BMad Builder module config and help entries. Collects user preferences, writes config.yaml, and migrates legacy configs. configure anytime false {project-root}/_bmad config.yaml and config.user.yaml
3 BMad Builder bmad-agent-builder Build an Agent BA Create, edit, convert, or fix an agent skill. build-process [-H] [description | path] anytime bmad-agent-builder:quality-optimizer false output_folder agent skill
4 BMad Builder bmad-agent-builder Optimize an Agent OA Validate and optimize an existing agent skill. Produces a quality report. quality-optimizer [-H] [path] anytime bmad-agent-builder:build-process false bmad_builder_reports quality report
5 BMad Builder bmad-workflow-builder Build a Workflow BW Create, edit, convert, or fix a workflow or utility skill. build-process [-H] [description | path] anytime bmad-workflow-builder:quality-optimizer false output_folder workflow skill
6 BMad Builder bmad-workflow-builder Optimize a Workflow OW Validate and optimize an existing workflow or utility skill. Produces a quality report. quality-optimizer [-H] [path] anytime bmad-workflow-builder:build-process false bmad_builder_reports quality report