docs(skills): path anchoring, promised templates shipped, neutral framing, central routing doctrine (M4)#11
Conversation
…tem 2)
loop-contract's scaffold tree + repo-os-contract/platform-map/README all
promise scripts/{verify-safety,judge-rubric,extract-trace-metrics} but
templates/ shipped only verify-fast.sh + verify-full.sh. Add the 3 as
minimal, runnable-stub .sh templates consistent with the existing two, make
verify-full.sh's commented gate examples reference the shipped names, and
clarify in loop-contract which two auto-scaffold vs which three are copy-in
stubs. Sync structural.json template_filenames (11 -> 14).
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…KILLS item 3) The scaffolded WORKFLOW.md and the loop-architect realization list named /verify-slice (claude-code-orchestration) as THE acceptance-verification path, making the author's private stack look required. Reframe both so the bundled verify-fast->verify-full gate is the default and /verify-slice is a clearly optional layer on the same exit codes. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…SKILLS item 4) The read->haiku / reason->sonnet / write->opus table + rationale were repeated across 7 SKILL.md files. Add reference/model-routing.md as the single source of truth (canonical tier table, rationale, optional author-stack enforcement) and trim each spoke to a self-sufficient one-line inline rule + a pointer. Sync structural.json reference_filenames (7 -> 8); references-used stays green. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…S item 1)
Bare relative pointers like reference/safety-and-approvals.md break when a skill
is invoked from another CWD: they resolve against skills/<name>/ (where the file
is not) instead of the plugin root (where the shared reference/ ships). Add a
per-skill "Base directory" note anchoring reference/, templates/, schemas/, and
the bundled scripts/*.py tools to ${CLAUDE_PLUGIN_ROOT} (../../ from the skill
folder), while calling out that the co-located reference/patterns.md and the
operated loop's own scripts/verify-* + .loop/ are NOT plugin-root. The two
referenced-as-missing files (safety-and-approvals.md, prompt-templates.md) were
never missing — they ship at reference/; the pointers were just mis-anchored.
Cross-reference sweep: 115 bundled pointers resolve, 0 unresolved.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Polishes the loop-engineer skill docs and scaffolding templates to clarify plugin-root-relative paths, ship promised verification template stubs, and centralize the model-routing doctrine into a single canonical reference.
Changes:
- Added new bundled template stubs (
verify-safety.sh,judge-rubric.sh,extract-trace-metrics.sh) and updated verification docs to treatverify-*scripts as the default acceptance gate (with/verify-sliceexplicitly optional). - Centralized the model-routing rule into
reference/model-routing.mdand updated multiple skills to point to it. - Updated structural eval case lists to enumerate the new reference/template filenames.
Reviewed changes
Copilot reviewed 18 out of 18 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| templates/WORKFLOW.md.tmpl | Clarifies default acceptance verification as bundled verify-* scripts; makes /verify-slice explicitly optional. |
| templates/verify-safety.sh | Adds a safety/approval/injection gate stub with an initial “no hardcoded secrets” check. |
| templates/verify-full.sh | Updates verification suite template comments to include advisory judging + safety/regression gating examples. |
| templates/judge-rubric.sh | Adds an advisory-only rubric judging harness stub that always exits 0. |
| templates/extract-trace-metrics.sh | Adds a metrics extraction stub emitting a minimal JSON skeleton. |
| skills/loop-runtime-monitor/SKILL.md | Adds plugin-root base-directory anchoring and points model-routing guidance to the canonical reference. |
| skills/loop-runtime-monitor/reference/patterns.md | Adds plugin-root base-directory anchoring for referenced scripts. |
| skills/loop-run/SKILL.md | Adds plugin-root base-directory anchoring and centralizes model-routing details via the new reference doc. |
| skills/loop-repair/SKILL.md | Adds plugin-root base-directory anchoring and points model-routing guidance to canonical reference. |
| skills/loop-inspector/SKILL.md | Adds plugin-root base-directory anchoring and clarifies which filenames are signals vs bundled files. |
| skills/loop-inspector/reference/patterns.md | Adds plugin-root base-directory anchoring and clarifies signals vs bundled files. |
| skills/loop-flywheel/SKILL.md | Adds plugin-root base-directory anchoring and points model-routing to canonical reference. |
| skills/loop-evals/SKILL.md | Adds plugin-root base-directory anchoring and points model-routing to canonical reference. |
| skills/loop-engineer/SKILL.md | Adds plugin-root base-directory anchoring and adds canonical reference/model-routing.md to the router’s references list. |
| skills/loop-contract/SKILL.md | Adds plugin-root base-directory anchoring and clarifies which verification templates scaffold vs copy-in from templates/. |
| skills/loop-architect/SKILL.md | Adds plugin-root base-directory anchoring, clarifies default acceptance gating, and points model-routing to canonical reference. |
| reference/model-routing.md | New canonical model-routing doctrine (tier table + rationale + optional enforcement notes). |
| evals/cases/structural.json | Additively enumerates new reference/template filenames for structural self-eval checks. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # --- GATE 4: artifact quality check --- | ||
| # e.g. python3 scripts/judge-rubric.py --artifacts artifacts/ --rubric EVALS/rubrics/main.md | ||
| # --- GATE 4: artifact quality check (advisory — never blocks) --- | ||
| # e.g. bash scripts/judge-rubric "$WORKSPACE" EVALS/rubrics/main.md |
| # --- GATE 6: regression suite --- | ||
| # e.g. python3 scripts/extract-trace-metrics.py EVALS/traces/ | python3 scripts/verify-safety.py | ||
| # --- GATE 6: regression + safety suite --- | ||
| # e.g. bash scripts/extract-trace-metrics "$WORKSPACE" && bash scripts/verify-safety "$WORKSPACE" |
| if grep -rInE '(api[_-]?key|secret|passwd|password|token)[[:space:]]*=[[:space:]]*[^[:space:]]' \ | ||
| --exclude-dir=.git --exclude-dir=.loop "$WORKSPACE"/src 2>/dev/null; then | ||
| echo "[verify-safety] FAIL: assigned secret literal found — move it to the environment" | ||
| exit 1 | ||
| fi |
| # Flags a label immediately assigned an inline value (env-var NAMES alone are fine). | ||
| # Tighten the value side to a quoted 8+ char token once this loop has real source. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8882d2ed12
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if grep -rInE '(api[_-]?key|secret|passwd|password|token)[[:space:]]*=[[:space:]]*[^[:space:]]' \ | ||
| --exclude-dir=.git --exclude-dir=.loop "$WORKSPACE"/src 2>/dev/null; then |
There was a problem hiding this comment.
Scan more than src for secret literals
For workspaces whose code or contract files live outside src/ (for example docs-only loops, app/, lib/, root scripts, or WORKFLOW.md), this blocking safety gate exits PASS because grep is run only over $WORKSPACE/src and missing-directory errors are suppressed. That means an inline api_key = ... in the tracked contract or non-src source is missed despite this template advertising a real secret-literal safety check; scan tracked files/the workspace with excludes instead of only src.
Useful? React with 👍 / 👎.
M4 skills polish batch (launch criterion S6):
reference/,templates/,schemas/, and bundled scripts to the plugin root; the loop-run reference pointers (safety-and-approvals.md,prompt-templates.md) were mis-anchored to the skill dir — the files ship at plugin-rootreference/and now resolve. Cross-reference sweep: 115 bundled pointers resolved, 0 unresolved.verify-safety.sh,judge-rubric.sh,extract-trace-metrics.shadded as minimal runnable stubs consistent with the existing pair; loop-contract now says honestly which templates auto-scaffold vs copy-in./verify-slicereferences now name the bundledverify-fast→verify-fullgate as the default, with/verify-sliceas a clearly-optional integration.reference/model-routing.md; 7 SKILL.md files trimmed to a one-line rule + pointer.evals/cases/structural.jsonupdated additively only (new template/reference filenames enumerated per the file's own instruction — no check logic altered).Gates: self_eval 13/13, frontmatter 9/9 clean, suite 118+2s / 120 (jsonschema),
claude plugin validate --strictpassed.