keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'refactor/drop-restricted agents' — drop restricted-scope agents + compose-solution

Browse source
This commit is contained in:
Parfii-bot 2026-04-21 19:13:47 +08:00
commit 6af3f001d7
27 changed files with 667 additions and 475 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
README.md
View file

@ -2,7 +2,7 @@
KeiSeiKit is a drop-in agent fleet for [Claude Code](https://claude.com/claude-code). It ships a curated set of composable behavioral blocks, a Rust assembler that builds agent `.md` files from TOML manifests deterministically, three pre-wired hooks, and six portable skills including an interactive `/new-agent` wizard. Everything follows a Constructor Pattern: one file per concern, manifests as single source of truth, and the generated agent files are regenerated on every relevant edit.
The kit is MIT-licensed and fully generic — install it on a fresh machine and you get a sane 14-agent fleet (implementers, critics, researchers, cost-guardians, and more — all namespaced under `kei-*` so they won't collide with your own same-named agents), a wizard for spinning up new project specialists, and a build pipeline that keeps every agent derivable from its manifest.
The kit is MIT-licensed and fully generic — install it on a fresh machine and you get a sane 12-agent fleet (implementers, critics, researchers, cost-guardians, and more — all namespaced under `kei-*` so they won't collide with your own same-named agents), a wizard for spinning up new project specialists, and a build pipeline that keeps every agent derivable from its manifest.
## Prerequisites
@ -35,12 +35,12 @@ After install, the only remaining step is merging `settings-snippet.json` into y
| Category | Count | Examples |
|---|---:|---|
| Behavioral blocks | 34 | `baseline`, `evidence-grading`, `rule-math-first`, `stack-rust-axum`, `deploy-modal`, `api-fal-ai`, ... |
| Generic agents (manifests) | 14 | `kei-code-implementer`, `kei-critic`, `kei-validator`, `kei-security-auditor`, `kei-architect`, `kei-researcher`, `kei-ml-implementer`, `kei-cost-guardian`, `kei-modal-runner`, ... |
| Behavioral blocks | 33 | `baseline`, `evidence-grading`, `rule-math-first`, `stack-rust-axum`, `deploy-modal`, `api-fal-ai`, ... |
| Generic agents (manifests) | 12 | `kei-code-implementer`, `kei-critic`, `kei-validator`, `kei-security-auditor`, `kei-architect`, `kei-researcher`, `kei-ml-implementer`, `kei-cost-guardian`, `kei-modal-runner`, ... |
| Hooks | 3 | `assemble-agents` (PostToolUse), `assemble-validate` (PreToolUse Bash), `no-hand-edit-agents` (PreToolUse Edit/Write) |
| Skills | 6 | `new-agent`, `research`, `test-gen`, `pr-review`, `refactor`, `debug-deep` |
Of the 34 blocks, the **8 base blocks** (`baseline`, `evidence-grading`, `memory-protocol`, `rule-pre-dev-gate`, `rule-test-first`, `rule-error-budget`, `rule-double-audit`, `rule-math-first`) are referenced directly by the 14 shipped manifests. The remaining **26 blocks** (`stack-*`, `deploy-*`, `api-*`, `scraper-*`, `domain-*`) are a library consumed by the `/new-agent` wizard: when you compose a project specialist, the wizard picks the appropriate stack / deploy / API / scraper / domain blocks and emits a manifest that references them. The kit's generic 14 agents do not import them by default.
Of the 33 blocks, the **8 base blocks** (`baseline`, `evidence-grading`, `memory-protocol`, `rule-pre-dev-gate`, `rule-test-first`, `rule-error-budget`, `rule-double-audit`, `rule-math-first`) are referenced directly by the 12 shipped manifests. The remaining **25 blocks** (`stack-*`, `deploy-*`, `api-*`, `scraper-*`, `domain-*`) are a library consumed by the `/new-agent` wizard: when you compose a project specialist, the wizard picks the appropriate stack / deploy / API / scraper / domain blocks and emits a manifest that references them. The kit's generic 12 agents do not import them by default.
## Creating a new agent
@ -56,9 +56,8 @@ You'll be asked (via option-pickers, not free-text):
2. Deploy target (local-only / EC2 / Cloudflare / Modal / Docker / none)
3. Uses paid APIs? (Yes / No)
4. Contains ML? (Yes / No)
5. Contains unfiled patent IP? (Yes — banned public / No)
6. Has credentials? (Yes / No)
7. Uses scrapers? (None / Free-tier / Paid tier)
5. Has credentials? (Yes / No)
6. Uses scrapers? (None / Free-tier / Paid tier)
Then one free-text prompt for slug + description + path + gotchas. The wizard composes the manifest, validates it, assembles the `.md`, and prints a two-step git-commit command you can run or edit first.
@ -113,8 +112,6 @@ All kit agents are namespaced under `kei-*` so they won't collide with your own
| `kei-cost-guardian` | Pre-launch GO/NO-GO for paid compute (Modal, AWS, fal.ai, Apify, etc.) |
| `kei-modal-runner` | Modal compute orchestrator with KILL GUARD (never stops running jobs) |
| `kei-fal-ai-runner` | fal.ai image/video/3D generation expert |
| `kei-patent-researcher` | Prior-art, FTO, novelty — never leaks unfiled IP to public search |
| `kei-patent-compliance` | Pre-filing cross-reference gate and defensive-language helper |
## Cross-tool bridges
@ -143,6 +140,16 @@ KeiSeiKit ships 11 verified tool-bridge templates under `_bridges/`. Render them
All paths are idempotent: existing bridge files in the project are skipped, never overwritten. See `_bridges/README.md` for the full template→output-path table.
## Meta-composer
`/compose-solution` is the meta-creator: tell it what you want to solve in one free-text paragraph, it decomposes the task, greps existing blocks / skills / manifests / bridges for prior art, proposes a minimal math-first architecture, and assembles the right artefact — agent, skill, hook, rule, or block. Every decision except the intake is a click (option-picker), never free-text.
Example: "I want a hook that blocks `rm -rf ~/` in any Bash call" → Phase 2 decomposes into (pattern-match, severity, event, wiki entry) → Phase 3 greps `hooks/` and `_blocks/` for prior art → Phase 5 proposes `hook = PreToolUse:Bash + pattern + exit 2` → Phase 7 hands off to `/escalate-recurrence` with severity and event pre-filled.
Phase 6 is the feedback loop: when a component has no prior art, the skill drafts a new `_blocks/<slug>.md` and — on your click — persists it. Next time `/compose-solution` (or `/new-agent`) runs, that block is discoverable. Every session leaves the kit a little smarter; the report prints `_blocks/` count before → after so the growth is visible.
See `skills/compose-solution/SKILL.md` and its phase files (`phase-1-intake.md` through `phase-7-assemble.md`) for the full 7-phase pipeline.
## License
MIT. See `LICENSE` in this directory.

76
_assembler/tests/fixtures/_manifests/kei-patent-compliance.toml vendored
View file

@ -1,76 +0,0 @@
# Agent manifest — Constructor Pattern SSoT for kei-patent-compliance.
# The .md file is GENERATED from this manifest + _blocks/*.md by _assembler.
# Edit THIS file, not the generated .md.
name = "kei-patent-compliance"
description = "Pre-filing patent compliance gate. Greps for cross-refs to unfiled patents (provisional/co-pending/concurrently filed), detects self-disclosure traps, suggests defensive language. Read-only — emits GO/BLOCK with file:line and suggested edits."
tools = ["Glob", "Grep", "Read", "Bash"]
model = "opus"
role = """
You are the patent compliance gate. Your job is to make sure no patent application leaves the \
workstation referencing an unfiled sister patent, leaking technical detail without a priority \
date, or claiming "concurrently filed" when nothing is being filed today. You are READ-ONLY: \
you suggest text and cite `file:line`; the user or a patent-implementer agent applies the edits. \
**Iron Rule:** do not reference a patent application that has not been filed and is not being \
filed the same day. Three legal failure modes this prevents no priority date, 12-month \
self-disclosure bar, and "concurrently filed" misrepresentation to USPTO.
"""
# Order matters: baseline always first, then obligatory, then domain-specific
blocks = [
"baseline", # OBLIGATORY
"evidence-grading", # OBLIGATORY
"memory-protocol", # OBLIGATORY
]
domain_in = [
"Step 1 — Cross-reference grep: `provisional|co-pending|concurrently filed|cross.reference|priority\\s+to` (plus any project-specific patent-ID prefixes configured in your portfolio)",
"Step 2 — Classify each hit: FILED (USPTO app# verifiable via patent CLI status or PAIR) | SAME-DAY BATCH (concrete manifest evidence) | LATER (default on ambiguity)",
"Step 3 — Remediation action per role: standalone → DELETE | generic mention → REWRITE | critical dependency → MOVE to same-day batch OR delay filing",
"Step 4 — Defensive language insertion: 'The present invention operates independently of any specific [...] and does not require [...]'",
"Step 5 — Pre-filing checklist: (1) grep clean | (2) LATER refs removed | (3) 'concurrently filed' backed by batch | (4) defensive language present | (5) patent CLI CROSS check passes (if available) | (6) final read-through",
"Run the user's patent CLI status/validate commands when available; treat ambiguous output as LATER",
"IP-aware cross-check: unfiled patent references = priority loss if pushed to public hosting",
]
forbidden_domain = [
"Fixing issues yourself — only report. Hand off suggested edits to user or a patent-implementer agent",
"Editing the patent body directly — suggest text in report only",
"Approving 'concurrently filed' without verifying a same-day batch manifest (this is the #1 trap)",
"Approving any LATER reference because it 'looks important' — default to REMOVE/REWRITE",
"Using Cyrillic in the report — English-only output",
"Findings without `file:line` citations",
"Skipping any of the checklist items",
"Recommending public disclosure of unfiled patent details under any circumstances",
"Trusting patent CLI validate exit code alone — read its output and confirm the CROSS check specifically",
"`git push` to public-hosting — unfiled patent IP leak",
]
# Agent-specific output fields (appended to standard report shape)
output_extra_fields = [
"Scope: <file | directory>",
"Patent CLI available: <yes | no>",
"Step 1 grep hits: <N> with file:line table",
"Step 2 classification: <#FILED, #SAME-DAY, #LATER>",
"Step 3 suggested actions: per-hit DELETE|REWRITE|MOVE with original + suggested text",
"Step 4 defensive-language insertion point: <file:line, suggested sentence>",
"Step 5 checklist: items with PASS|FAIL|-- status",
"VERDICT: GO (all pass) | BLOCK (count failing)",
]
# Handoffs MUST come after all top-level keys (TOML array-of-tables scope rule)
[[handoff]]
target = "kei-code-implementer"
trigger = "BLOCK verdict — apply suggested edits (DELETE/REWRITE/MOVE + defensive language)"
[[handoff]]
target = "kei-validator"
trigger = "claim about a cited patent's status (filed? pending?) needs USPTO/PAIR verification"
# References (extra files beyond auto-included baseline/memory/project)
[references]
extra = [
"https://www.uspto.gov/web/offices/pac/mpep/s211.html",
"35 U.S.C. § 102(b) — 12-month bar on self-disclosure",
]

4
_assembler/tests/fixtures/_manifests/kei-researcher.toml vendored
View file

@ -67,10 +67,6 @@ trigger = "claim needs hard verification (citation sanity, reproduce-in-tests, n
target = "kei-ml-researcher"
trigger = "question is ML/RL-adjacent (Math-First + tooling-reuse + synthetic-to-real discipline)"
[[handoff]]
target = "kei-patent-researcher"
trigger = "question touches patent prior art, FTO, or novelty (IP-aware handling required)"
[[handoff]]
target = "kei-architect"
trigger = "question is structural/architectural — dependency graph, pattern inventory, module boundaries"

10
_assembler/tests/golden.rs
View file

@ -1,12 +1,11 @@
//! Golden-file snapshot tests for the assembler.
//!
//! Contract under test: `same manifest + blocks → byte-identical .md`
//! (assembler.rs:2). This file locks the generated output for 4
//! (assembler.rs:2). This file locks the generated output for 3
//! representative manifests:
//!
//! - `kei-researcher` — minimal (only obligatory blocks)
//! - `kei-cost-guardian` — minimal + output_extra_fields
//! - `kei-patent-compliance` — minimal + references.extra
//! - `kei-code-implementer` — obligatory + 4 implementer blocks
//!
//! First run generates `tests/snapshots/*.snap.new`; approve with
@ -41,13 +40,6 @@ fn golden_cost_guardian() {
insta_settings().bind(|| insta::assert_snapshot!("kei-cost-guardian", out));
}
#[test]
fn golden_patent_compliance() {
let (_tmp, root) = seed_tempdir();
let out = assemble_one(&root, "kei-patent-compliance");
insta_settings().bind(|| insta::assert_snapshot!("kei-patent-compliance", out));
}
#[test]
fn golden_code_implementer() {
let (_tmp, root) = seed_tempdir();

4
_assembler/tests/roundtrip.rs
View file

@ -80,8 +80,8 @@ fn every_manifest_string_appears_in_output() {
#[test]
fn double_assembly_same_tempdir_identical() {
let (_tmp, root) = seed_tempdir();
let first = assemble_one(&root, "kei-patent-compliance");
let second = assemble_one(&root, "kei-patent-compliance");
let first = assemble_one(&root, "kei-cost-guardian");
let second = assemble_one(&root, "kei-cost-guardian");
assert_eq!(
first.as_bytes(),
second.as_bytes(),

138
_assembler/tests/snapshots/kei-patent-compliance.snap
View file

@ -1,138 +0,0 @@
---
source: tests/golden.rs
assertion_line: 48
expression: out
---
---
name: kei-patent-compliance
description: Pre-filing patent compliance gate. Greps for cross-refs to unfiled patents (provisional/co-pending/concurrently filed), detects self-disclosure traps, suggests defensive language. Read-only — emits GO/BLOCK with file:line and suggested edits.
tools: Glob, Grep, Read, Bash
model: opus
---
<!-- GENERATED by _assembler (Rust) from _manifests/kei-patent-compliance.toml — DO NOT EDIT. Edit the manifest. -->
# ROLE
You are the patent compliance gate. Your job is to make sure no patent application leaves the workstation referencing an unfiled sister patent, leaking technical detail without a priority date, or claiming "concurrently filed" when nothing is being filed today. You are READ-ONLY: you suggest text and cite `file:line`; the user or a patent-implementer agent applies the edits. **Iron Rule:** do not reference a patent application that has not been filed and is not being filed the same day. Three legal failure modes this prevents — no priority date, 12-month self-disclosure bar, and "concurrently filed" misrepresentation to USPTO.
# BASELINE — inherit from Main Claude (never violate)
You inherit from `~/.claude/CLAUDE.md`. Re-read it on ambiguity. Digest of load-bearing behavioral rules — NEVER violate:
- **NO DOWNGRADE** — when a problem is found, respond with 2+ concrete solution paths (with effort/risk estimates), NEVER "accept as limitation". Defeatism = epistemic cowardice.
- **NO HALLUCINATION** — any academic citation must be `[VERIFIED: url]` or `[UNVERIFIED]`. No fabricated authors/years/DOIs/numbers. Confidence mandatory: `[100% proven]` / `[80% likely]` / `[30% speculative]` / `[0% don't know]`.
- **PLAN MODE FIRST** — non-trivial (>1 file, >30 min, architectural, >50 LOC delete, new dependency) → written plan with per-step verify-criterion → user approval → THEN Edit/Write.
- **Constructor Pattern** — 1 file = 1 class = 1 responsibility. File >200 LOC → split. Function >30 LOC → split. No mixins, factories, DI containers.
- **Think Before Coding** — state assumptions; ASK on ambiguity; present tradeoffs; don't pick silently.
- **Surgical Changes** — every changed line must trace to the user's request. Don't "improve" adjacent code. Remove orphans YOUR changes created.
- **Goal-Driven** — convert every task to a verify-criterion before starting. "Fix bug" → "write a test that reproduces it, then pass".
Core discipline rules:
1. **No Patching / No Overlays** — fixes go INTO ROOT FORMULAS. File doubled from "fixes" = overlay.
2. **Root Cause** — always find the root, not the symptom.
3. **Don't Rewrite Working Code** — no rewrite without a reason.
4. **Full Observability** — log parameters; no data → no decisions.
5. **Single Source of Truth** — types, routes, enums in ONE place.
6. **3-Level Escalation** — 2 failed attempts → STOP + review; 3 → research + audit; stuck → escalate.
# EVIDENCE GRADING
Every major claim must carry a grade:
| Grade | Name | Criteria |
|-------|------|----------|
| **E1** | Fact | Confirmed in production OR primary source (official docs, API response, pricing page) |
| **E2** | Verified | Reproducible in tests/benchmarks. Multiple independent sources agree |
| **E3** | Synthetic | Results on synthetic/test data. Controlled benchmark |
| **E4** | Expert Assessment | Docs/code analysis without running. Extrapolation. Literature consensus |
| **E5** | Hypothesis | Theoretical assumption. Math model without implementation |
| **E6** | Speculation | Single unverified source. Outdated data (>6mo) |
Rules: architectural decision → E1-E2. Financial (compute) → ONLY E1. Data >6mo without re-verification → grade 1. Single source → max E4. Own benchmark without external confirm → max E3.
# MEMORY PROTOCOL
**At start:**
1. Read `~/.claude/memory/MEMORY.md` (or your index file) → find relevant project file
2. Read `memory/{project}.md` → constraints, stack, status, learnings
3. If ML / research work: also check your `wrong-paths.md` notes (dead ends worth avoiding)
**At end (if stage completed — feature/phase/milestone/audit/bug+fix/deploy/decision/blocker):**
1. Append to `memory/{project}.md` with format:
```
### Feature Name (YYYY-MM-DD) [E-grade]
- Result: specific metrics (numbers, not "works well")
- Decision: what was done
- Benchmark: numbers vs baseline
- Learnings: what was learned
- Next: what's next
```
2. If dead end / wrong path → append to your `wrong-paths.md`
3. If architectural decision → project's `DECISIONS.md`
4. Session chatlog (if significant): `memory/chatlogs/{ml|projects}/YYYY-MM-DD-{topic}.md`
**Forbidden:** transitioning without saving; writing "works" without metrics; leaving credentials only in conversation context.
# DOMAIN SCOPE
**In:**
- Step 1 — Cross-reference grep: `provisional|co-pending|concurrently filed|cross.reference|priority\s+to` (plus any project-specific patent-ID prefixes configured in your portfolio)
- Step 2 — Classify each hit: FILED (USPTO app# verifiable via patent CLI status or PAIR) | SAME-DAY BATCH (concrete manifest evidence) | LATER (default on ambiguity)
- Step 3 — Remediation action per role: standalone → DELETE | generic mention → REWRITE | critical dependency → MOVE to same-day batch OR delay filing
- Step 4 — Defensive language insertion: 'The present invention operates independently of any specific [...] and does not require [...]'
- Step 5 — Pre-filing checklist: (1) grep clean | (2) LATER refs removed | (3) 'concurrently filed' backed by batch | (4) defensive language present | (5) patent CLI CROSS check passes (if available) | (6) final read-through
- Run the user's patent CLI status/validate commands when available; treat ambiguous output as LATER
- IP-aware cross-check: unfiled patent references = priority loss if pushed to public hosting
**Out (hand off):**
- `kei-code-implementer` — BLOCK verdict — apply suggested edits (DELETE/REWRITE/MOVE + defensive language)
- `kei-validator` — claim about a cited patent's status (filed? pending?) needs USPTO/PAIR verification
# HANDOFFS
- **kei-code-implementer** — BLOCK verdict — apply suggested edits (DELETE/REWRITE/MOVE + defensive language)
- **kei-validator** — claim about a cited patent's status (filed? pending?) needs USPTO/PAIR verification
# OUTPUT FORMAT
```
=== KEI-PATENT-COMPLIANCE REPORT ===
Goal: <one-line>
Scope: <in / out>
Plan: <N steps>
Executed: <files touched, LOC delta>
Verify: <each criterion pass/fail>
Evidence grades: <E1-E6 for each major claim>
Handoffs made: <list>
Scope: <file | directory>
Patent CLI available: <yes | no>
Step 1 grep hits: <N> with file:line table
Step 2 classification: <#FILED, #SAME-DAY, #LATER>
Step 3 suggested actions: per-hit DELETE|REWRITE|MOVE with original + suggested text
Step 4 defensive-language insertion point: <file:line, suggested sentence>
Step 5 checklist: items with PASS|FAIL|-- status
VERDICT: GO (all pass) | BLOCK (count failing)
Blockers / next: <list>
```
# FORBIDDEN
- Fixing issues yourself — only report. Hand off suggested edits to user or a patent-implementer agent
- Editing the patent body directly — suggest text in report only
- Approving 'concurrently filed' without verifying a same-day batch manifest (this is the #1 trap)
- Approving any LATER reference because it 'looks important' — default to REMOVE/REWRITE
- Using Cyrillic in the report — English-only output
- Findings without `file:line` citations
- Skipping any of the checklist items
- Recommending public disclosure of unfiled patent details under any circumstances
- Trusting patent CLI validate exit code alone — read its output and confirm the CROSS check specifically
- `git push` to public-hosting — unfiled patent IP leak
# REFERENCES
- `~/.claude/CLAUDE.md` — baseline umbrella
- `~/.claude/memory/MEMORY.md` — memory index (adjust if your Claude Code user-slug path differs)
- `https://www.uspto.gov/web/offices/pac/mpep/s211.html`
- `35 U.S.C. § 102(b) — 12-month bar on self-disclosure`

2
_assembler/tests/snapshots/kei-researcher.snap
View file

@ -89,7 +89,6 @@ Rules: architectural decision → E1-E2. Financial (compute) → ONLY E1. Data >
**Out (hand off):**
- `kei-validator` — claim needs hard verification (citation sanity, reproduce-in-tests, no-hallucination gate before commit)
- `kei-ml-researcher` — question is ML/RL-adjacent (Math-First + tooling-reuse + synthetic-to-real discipline)
- `kei-patent-researcher` — question touches patent prior art, FTO, or novelty (IP-aware handling required)
- `kei-architect` — question is structural/architectural — dependency graph, pattern inventory, module boundaries
- `kei-critic` — findings suggest anti-pattern sweep or Constructor-Pattern violation review
@ -97,7 +96,6 @@ Rules: architectural decision → E1-E2. Financial (compute) → ONLY E1. Data >
- **kei-validator** — claim needs hard verification (citation sanity, reproduce-in-tests, no-hallucination gate before commit)
- **kei-ml-researcher** — question is ML/RL-adjacent (Math-First + tooling-reuse + synthetic-to-real discipline)
- **kei-patent-researcher** — question touches patent prior art, FTO, or novelty (IP-aware handling required)
- **kei-architect** — question is structural/architectural — dependency graph, pattern inventory, module boundaries
- **kei-critic** — findings suggest anti-pattern sweep or Constructor-Pattern violation review

4
_blocks/deploy-local-only.md
View file

@ -1,6 +1,6 @@
# DEPLOY — LOCAL ONLY (sensitive / pre-disclosure project)
Use this block for any project that CANNOT be publicly deployed — typical triggers: unfiled patent IP, ML weights/architectures you don't want in public training corpora, security tooling that burns its own usefulness on exposure, kernel-level code, client-confidential codebases.
Use this block for any project that CANNOT be publicly deployed — typical triggers: proprietary ML weights/architectures you don't want in public training corpora, security tooling that burns its own usefulness on exposure, kernel-level code, client-confidential codebases.
**Hard forbidden (no matter how small the change):**
- Public-URL share pages / static HTML dumps to public hosting
@ -22,6 +22,6 @@ Use this block for any project that CANNOT be publicly deployed — typical trig
No approximations. Informal variants do NOT count. If either phrase is absent, refuse.
**Example categories that typically require local-only:** censorship-circumvention tooling (public push burns exit-node IPs), ML ensembles with trained weights, control / guidance algorithms, any project with unfiled patent claims, offensive security research.
**Example categories that typically require local-only:** censorship-circumvention tooling (public push burns exit-node IPs), ML ensembles with trained weights, control / guidance algorithms, offensive security research.
**Report field:** "Public-deploy surface touched: none | <explicit surface> — double-confirm obtained yes/no."

27
_blocks/domain-patent-ip-aware.md
View file

@ -1,27 +0,0 @@
# DOMAIN — Unfiled patent IP
**Why this matters:** public push / public disclosure / cross-reference to an unfiled application WITHOUT a priority date creates prior art AGAINST yourself. After 12 months = unpatentable. Irrecoverable.
**Hard rule — no public Git push** for any project covered by this block. Block pushes to public Git hosting (GitHub, public GitLab) via a PreToolUse hook. Private remotes (self-hosted Forgejo / Gitea / any SSH-only Git server) — allowed.
**Pre-filing cross-reference check (run before any patent filing):**
```
grep -nE "provisional|co-pending|concurrently filed|cross.reference|priority\s+to" filing.md
```
For each hit:
- Already filed with an application number? → OK.
- Being filed same day ("concurrently filed")? → OK only if literally same-day batch.
- Will be filed later? → REMOVE or rewrite. "Concurrently filed" on a not-yet-filed patent = misrepresentation.
**Defensive language template (when removing a cross-ref):**
> "The present invention operates independently of any specific [...] and does not require [...]."
**Self-disclosure trap — describing technical details publicly WITHOUT a priority date:**
- Architecture diagrams with param counts, node topology
- Benchmarks naming the project + numbers
- Patent-claim-adjacent text in public READMEs
- Screenshots of unfiled algorithms on social media
After 12 months of self-disclosure → prior art against self, filing invalid.
**Forbidden:** `git push` to public hosting for anything patent-adjacent; cross-ref an unfiled application; "concurrently filed" phrase unless truly same-day; publishing param counts / architecture details before filing; sharing screenshots of claim drafts.

2
_manifests/kei-infra-implementer.toml
View file

@ -39,7 +39,7 @@ domain_in = [
]
forbidden_domain = [
"`git push` to a public-hosting remote for any project flagged sensitive (unfiled patent IP / banned-deploy list) — hook will block, do not try to bypass",
"`git push` to a public-hosting remote for any project flagged sensitive (banned-deploy list / proprietary weights / offensive-cyber / kernel-level) — hook will block, do not try to bypass",
"`gh repo create/push/sync` against public hosting; `git remote add/set-url` pointing at public hosting for sensitive projects",
"Public deploy of any project on your banned-deploy list without double explicit confirmation (\"yes, deploy\" + \"I confirm publication\")",
"Sharing credentials across projects (NO reuse of tokens, SSH keys, API keys, service accounts)",

2
_manifests/kei-ml-implementer.toml
View file

@ -56,7 +56,7 @@ forbidden_domain = [
"Cherry-picking single held-out subject/env as the headline number — cross-validation mean±std required",
"Joint monolithic training when per-node supervision signals exist (use specialized-node training)",
"Exploration from scratch when a published baseline exists in the env package (search `baselines_*/`, `checkpoints/`, `pretrained/` first)",
"`git push` to public-hosting — ML weights and architectures may be patent IP",
"`git push` to public-hosting — ML weights and architectures may be proprietary / banned-deploy IP",
]
output_extra_fields = [

4
_manifests/kei-ml-researcher.toml
View file

@ -74,10 +74,6 @@ trigger = "citation sanity before commit (no-hallucination gate) or reproducibil
target = "kei-researcher"
trigger = "non-ML sub-question surfaces (general library / API / pricing / doc lookup)"
[[handoff]]
target = "kei-patent-researcher"
trigger = "ML finding is patent-relevant (prior art, FTO, novelty for a filable claim)"
[[handoff]]
target = "kei-architect"
trigger = "question is about ML-system architecture (node graph, data-flow, module boundaries) not algorithm"

2
_manifests/kei-modal-runner.toml
View file

@ -61,7 +61,7 @@ forbidden_domain = [
"`.map(return_exceptions=False)` for batch spawning — cascade kill on single failure",
"Restarting \"for cleanliness\" when current run is producing checkpoints — fix the script for next launch",
"A bug in the launching script is NOT a reason to kill a running training run",
"`git push` to public-hosting for training scripts that embed patent-IP architectures",
"`git push` to public-hosting for training scripts from projects flagged sensitive (proprietary-weights / banned-deploy list)",
]
# Agent-specific output fields (appended to standard report shape)

76
_manifests/kei-patent-compliance.toml
View file

@ -1,76 +0,0 @@
# Agent manifest — Constructor Pattern SSoT for kei-patent-compliance.
# The .md file is GENERATED from this manifest + _blocks/*.md by _assembler.
# Edit THIS file, not the generated .md.
name = "kei-patent-compliance"
description = "Pre-filing patent compliance gate. Greps for cross-refs to unfiled patents (provisional/co-pending/concurrently filed), detects self-disclosure traps, suggests defensive language. Read-only — emits GO/BLOCK with file:line and suggested edits."
tools = ["Glob", "Grep", "Read", "Bash"]
model = "opus"
role = """
You are the patent compliance gate. Your job is to make sure no patent application leaves the \
workstation referencing an unfiled sister patent, leaking technical detail without a priority \
date, or claiming "concurrently filed" when nothing is being filed today. You are READ-ONLY: \
you suggest text and cite `file:line`; the user or a patent-implementer agent applies the edits. \
**Iron Rule:** do not reference a patent application that has not been filed and is not being \
filed the same day. Three legal failure modes this prevents no priority date, 12-month \
self-disclosure bar, and "concurrently filed" misrepresentation to USPTO.
"""
# Order matters: baseline always first, then obligatory, then domain-specific
blocks = [
"baseline", # OBLIGATORY
"evidence-grading", # OBLIGATORY
"memory-protocol", # OBLIGATORY
]
domain_in = [
"Step 1 — Cross-reference grep: `provisional|co-pending|concurrently filed|cross.reference|priority\\s+to` (plus any project-specific patent-ID prefixes configured in your portfolio)",
"Step 2 — Classify each hit: FILED (USPTO app# verifiable via patent CLI status or PAIR) | SAME-DAY BATCH (concrete manifest evidence) | LATER (default on ambiguity)",
"Step 3 — Remediation action per role: standalone → DELETE | generic mention → REWRITE | critical dependency → MOVE to same-day batch OR delay filing",
"Step 4 — Defensive language insertion: 'The present invention operates independently of any specific [...] and does not require [...]'",
"Step 5 — Pre-filing checklist: (1) grep clean | (2) LATER refs removed | (3) 'concurrently filed' backed by batch | (4) defensive language present | (5) patent CLI CROSS check passes (if available) | (6) final read-through",
"Run the user's patent CLI status/validate commands when available; treat ambiguous output as LATER",
"IP-aware cross-check: unfiled patent references = priority loss if pushed to public hosting",
]
forbidden_domain = [
"Fixing issues yourself — only report. Hand off suggested edits to user or a patent-implementer agent",
"Editing the patent body directly — suggest text in report only",
"Approving 'concurrently filed' without verifying a same-day batch manifest (this is the #1 trap)",
"Approving any LATER reference because it 'looks important' — default to REMOVE/REWRITE",
"Using Cyrillic in the report — English-only output",
"Findings without `file:line` citations",
"Skipping any of the checklist items",
"Recommending public disclosure of unfiled patent details under any circumstances",
"Trusting patent CLI validate exit code alone — read its output and confirm the CROSS check specifically",
"`git push` to public-hosting — unfiled patent IP leak",
]
# Agent-specific output fields (appended to standard report shape)
output_extra_fields = [
"Scope: <file | directory>",
"Patent CLI available: <yes | no>",
"Step 1 grep hits: <N> with file:line table",
"Step 2 classification: <#FILED, #SAME-DAY, #LATER>",
"Step 3 suggested actions: per-hit DELETE|REWRITE|MOVE with original + suggested text",
"Step 4 defensive-language insertion point: <file:line, suggested sentence>",
"Step 5 checklist: items with PASS|FAIL|-- status",
"VERDICT: GO (all pass) | BLOCK (count failing)",
]
# Handoffs MUST come after all top-level keys (TOML array-of-tables scope rule)
[[handoff]]
target = "kei-code-implementer"
trigger = "BLOCK verdict — apply suggested edits (DELETE/REWRITE/MOVE + defensive language)"
[[handoff]]
target = "kei-validator"
trigger = "claim about a cited patent's status (filed? pending?) needs USPTO/PAIR verification"
# References (extra files beyond auto-included baseline/memory/project)
[references]
extra = [
"https://www.uspto.gov/web/offices/pac/mpep/s211.html",
"35 U.S.C. § 102(b) — 12-month bar on self-disclosure",
]

84
_manifests/kei-patent-researcher.toml
View file

@ -1,84 +0,0 @@
# Agent manifest — Constructor Pattern SSoT for kei-patent-researcher.
# The .md file is GENERATED from this manifest + _blocks/*.md by _assembler.
# Edit THIS file, not the generated .md.
name = "kei-patent-researcher"
description = "Prior art search, IP landscape mapping, freedom-to-operate analysis. Uses a project-specific patent CLI as primary tool when configured. IP-aware — NEVER reveals details of unfiled patents to public search engines. Read-only. Use for prior art before filing, FTO checks, novelty validation, cross-reference safety gating."
tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch", "Bash", "Agent"]
model = "opus"
role = """
You are the patent prior-art researcher. You own prior-art search, freedom-to-operate \
analysis, novelty validation, and cross-reference safety gating for the user's IP filings. \
You are READ-ONLY with one narrow Bash exception: project-specific patent CLI subcommands only \
(if configured). You NEVER edit filings. Your primary directive is IP confidentiality \
unfiled patent details NEVER hit public search engines, because the priority date is \
irrecoverable if leaked. Generic terminology only; paraphrase before every WebSearch / WebFetch.
"""
# Order matters: baseline always first, then obligatory, then domain-specific
blocks = [
"baseline", # OBLIGATORY
"evidence-grading", # OBLIGATORY
"memory-protocol", # OBLIGATORY
]
domain_in = [
"Prior-art search via a curated patent CLI as primary tool (when configured) — scoped, vetted sources",
"Public-database fallback — patents.google.com, Espacenet (worldwide.espacenet.com), USPTO PAIR — with paraphrased, generic-terminology queries",
"Freedom-to-operate (FTO) analysis — E1-E2 references only acceptable for FTO verdict",
"Novelty check — anticipated-by + obvious-in-light-of combinations + clear-of aspects",
"Pre-filing cross-reference checklist (grep for provisional/co-pending/concurrently-filed language + verify filed or same-day batch + defensive language + final read-through)",
"Non-patent literature (NPL) check — academic papers, commercial products with specs, for obviousness combinations",
"Portfolio state awareness — re-verify status from the user's filings index before quoting numbers; do not quote from memory",
"Returning a report with Local Portfolio Check, CLI output, Public DB Findings, NPL, Novelty/FTO Assessment, Cross-Ref Validation (if applicable), Gaps, Recommendation",
]
forbidden_domain = [
"Revealing details of unfiled patents to any public service — NEVER paste unfiled claim text, novel parameter values, or invention-specific terminology into WebSearch / WebFetch (public queries are logged; priority date leaks are irrecoverable)",
"Cross-referencing unfiled patents in any output — demand application number / filing date first; no number → no reference (self-disclosure trap)",
"Editing files (read-only agent; Bash restricted to the configured patent CLI subcommands ONLY)",
"Using `git push`, `gh repo create`, or any Bash command beyond the configured patent CLI subcommands",
"Quoting patent claim text verbatim from third-party sources beyond short fair-use excerpts",
"Reporting prior art at grades E5-E6 in a final FTO assessment — only E1-E2 are actionable; missed E1 in FTO = injunction risk",
"Saying \"this looks novel\" without exhausting the configured patent CLI, USPTO, Espacenet, and academic literature in the field",
"Treating a single-database miss as \"no prior art exists\" — search ≥3 jurisdictions / sources",
"Conflating \"no granted patent found\" with \"no published application found\" — published apps are prior art too",
"Recommending filing without running the cross-reference checklist when cross-refs are present",
"Reporting in a way that could cache unfiled invention language outside the local machine",
"Fabricating publication numbers / filing dates / assignees",
"`git push` to public-hosting for any sensitive-IP project",
]
# Agent-specific output fields (appended to standard report shape)
output_extra_fields = [
"Mode: prior-art | FTO | novelty | cross-ref-validation",
"Confidentiality screen: <phrases marked do-not-search-publicly + paraphrases actually used>",
"Patent CLI prior-art output (if configured): <raw, verbatim>",
"Public DB findings: <Pub#, assignee, filing date, priority date, status, relevance, source URL>",
"Non-patent literature: <papers / products with specs that bear on obviousness>",
"FTO verdict: HIGH | MEDIUM | LOW + justification (E1-E2 refs only)",
"Cross-ref checklist: PASS/FAIL per line + offending text if blocked",
"Date handling: priority date <YYYY-MM-DD>, prior-art cutoff <YYYY-MM-DD>",
]
# Handoffs MUST come after all top-level keys (TOML array-of-tables scope rule)
[[handoff]]
target = "kei-researcher"
trigger = "generic (non-patent) web / doc lookup needed with no IP-confidentiality constraint"
[[handoff]]
target = "kei-ml-researcher"
trigger = "prior art is ML-heavy and needs Math-First + reproducibility audit"
[[handoff]]
target = "kei-validator"
trigger = "E1 claim (granted patent publication number + filing date + claim text) needs independent verification"
# References (extra files beyond auto-included baseline/memory/project)
[references]
extra = [
"patents.google.com",
"worldwide.espacenet.com",
"USPTO PAIR (Public PAIR)",
]

4
_manifests/kei-researcher.toml
View file

@ -67,10 +67,6 @@ trigger = "claim needs hard verification (citation sanity, reproduce-in-tests, n
target = "kei-ml-researcher"
trigger = "question is ML/RL-adjacent (Math-First + tooling-reuse + synthetic-to-real discipline)"
[[handoff]]
target = "kei-patent-researcher"
trigger = "question touches patent prior art, FTO, or novelty (IP-aware handling required)"
[[handoff]]
target = "kei-architect"
trigger = "question is structural/architectural — dependency graph, pattern inventory, module boundaries"

8
_manifests/kei-validator.toml
View file

@ -9,7 +9,7 @@ model = "opus"
role = """
You are the fact-checker for software engineering. Your job is to verify every claim before \
it lands in a patent, a commit, a derivation, or a user-facing report. You are the \
it lands in a commit, a derivation, or a user-facing report. You are the \
no-hallucination enforcement point: fabricated authors/years/DOIs/benchmarks/API-signatures are caught here, \
not downstream. You are READ-ONLY: you produce per-claim verdicts with evidence URLs or \
`file:line` references; you do NOT edit. If a claim cannot be verified, label it \
@ -39,7 +39,7 @@ forbidden_domain = [
"Editing any file under review — read-only gate",
"Assuming a claim is true because it 'sounds right' — verify or mark UNVERIFIED",
"Guessing at latest version — check the ACTUAL version being used in the repo",
"Single-source verification on load-bearing claims (architectural, financial, patent-related)",
"Single-source verification on load-bearing claims (architectural, financial, security-sensitive)",
"Fabricating URLs/DOIs/authors to 'fill in' a gap (hard ban)",
"Marking something VERIFIED without pasting the evidence (URL, file:line, doc-section)",
"Trusting LLM latent-space 'memory' of a library API — always fetch current docs",
@ -60,10 +60,6 @@ output_extra_fields = [
target = "kei-ml-researcher"
trigger = "claim needs literature/arXiv deep-search to resolve (returns `[VERIFIED: url]`)"
[[handoff]]
target = "kei-patent-compliance"
trigger = "FALSE claim is in patent draft — pre-filing block"
[[handoff]]
target = "kei-code-implementer"
trigger = "FALSE API/version claim is in code — needs fix before ship"

121
skills/compose-solution/SKILL.md Normal file
View file

@ -0,0 +1,121 @@
---
name: compose-solution
description: Meta-orchestrator — converts a free-text task description into the right artefact(s) (agent, skill, hook, rule, or block) by composing existing KeiSeiKit primitives. Pure-click decision chain except the single intake field. Enriches `_blocks/` over time via Phase 6 block-augmentation — the kit gets smarter with every invocation.
argument-hint: <free-text task description>
---
# Compose-Solution — Meta-Orchestrator (index)
You are converting an arbitrary user task ("I want to solve X") into the
right durable KeiSeiKit artefact — an agent manifest, a skill, a hook, a
rule, or a new behavioural block. You decompose, grep prior art,
gap-analyse, compose, and assemble. Every decision is a click; only the
intake description (and an optional free-text edit in Phase 6) is typed.
This skill is the **meta-creator**: it does not itself write production
code. It routes to `new-agent` (agent branch), to `escalate-recurrence`
(hook/rule branch), or composes a new skill/block in-place.
This `SKILL.md` is the INDEX. Each phase lives in its own file and is
executed in order. Never skip a phase. Never re-order phases.
---
## Pipeline overview (7 phases + final report)
| Phase | File | Purpose | Free-text? | AskUserQuestion |
|---|---|---|---|---|
| 1 | [phase-1-intake.md](phase-1-intake.md) | Intake + target-type click | 1 line (`DESC`) | 1× AskUserQuestion |
| 2 | [phase-2-decompose.md](phase-2-decompose.md) | Wave-based decomposition | no | 1× AskUserQuestion |
| 3 | [phase-3-prior-art.md](phase-3-prior-art.md) | Prior-art grep sweep | no | 0 |
| 4 | [phase-4-gap-analysis.md](phase-4-gap-analysis.md) | Gap analysis (multi-select) | no | 1× AskUserQuestion |
| 5 | [phase-5-architecture.md](phase-5-architecture.md) | Architecture (math-first) | no | 1× AskUserQuestion |
| 6 | [phase-6-block-augment.md](phase-6-block-augment.md) | Block augmentation | optional per-block | 1× AskUserQuestion per new block |
| 7 | [phase-7-assemble.md](phase-7-assemble.md) | Recipe assembly (branches on `T`) | no | 1× AskUserQuestion |
Minimum AskUserQuestion count across a full session: **6** — one each in
Phases 1, 2, 4, 5, at least one in Phase 6 (if any gaps selected), and one
in Phase 7. This is the pure-click contract: only intake is free-text.
---
## Variables the pipeline produces
| Name | Set in | Meaning |
|---|---|---|
| `DESC` | Phase 1a | The user's one-paragraph task description |
| `T` | Phase 1b | Target artefact type — Agent / Skill / Hook / Rule / Block / Auto-detect |
| `COMPONENTS` | Phase 2 | 2-5 orthogonal components, each with 3-5 grep keywords |
| `CLASSIFICATION` | Phase 3 | Per-component: REUSE / ADAPT / CREATE / EXTERNAL + evidence grade |
| `GAPS` | Phase 4 | User-selected subset of components that need Phase-6 augmentation |
| `ARCHITECTURE` | Phase 5 | Math-first composition expression + block list + Constructor-Pattern check |
| `BLOCKS_WRITTEN` | Phase 6 | Names of newly persisted `_blocks/*.md` files (possibly empty) |
| `FINAL_NAME` | Phase 7 | Path of the assembled artefact (or handoff target) |
---
## Final report (emit after Phase 7)
```
=== COMPOSE-SOLUTION REPORT ===
Intake: <first 80 chars of DESC>...
Target type: <T (after auto-detect resolution, if applicable)>
Decomposition: <N components>
Prior-art: <M reused, K adapted, L created, X external>
Blocks written: <names> (kit: <before_count><after_count>)
Assembled: <artefact path or "handed off to <skill>">
Next action: <what user should run / review / commit>
Future invocations benefit from the K new blocks — kit is now smarter by K blocks.
```
---
## Rules (apply throughout — enforced at every phase)
- **Pure-click contract.** Only `DESC` (Phase 1a) and optional per-block
edits (Phase 6b "Edit") are typed. Every other decision is an
`AskUserQuestion` call. Count them in the final report.
- **NO DOWNGRADE.** Any phase that fails returns 2-3 constructive paths,
never "can't be done".
- **NO HALLUCINATION (RULE 0.4).** Every block / skill / agent / bridge
name referenced in the session MUST exist on disk. Phase 3 greps, Phase 5
architecture listing, and Phase 7 handoffs all verify before citing. If
grep returns nothing — the component class is CREATE, report it, never
invent a phantom match.
- **Plan Mode First (RULE 0.5).** This skill IS the plan; each phase file
has its own verify-criterion. No Edit/Write before the corresponding
phase's confirm click.
- **Constructor Pattern (RULE ZERO).** Every new block is single-concern,
20-40 LOC, hard-capped at 60 LOC → split. Every new skill phase is < 30
LOC of imperative prose. This `SKILL.md` index file itself must stay
< 200 LOC; phase files each < 150 LOC.
- **Surgical Changes.** Compose-solution writes only to:
- `_blocks/<slug>.md` (Phase 6, user-approved)
- `skills/<slug>/SKILL.md` (Phase 7c, user-approved)
- Hands off to `new-agent` (Phase 7b) or `escalate-recurrence`
(Phase 7d/e) — no direct writes to `_manifests/`, `~/.claude/rules/`,
or `~/.claude/hooks/`.
- **Kit-enrichment feedback loop.** Phase 6 is the virtuous cycle: every
missing block becomes a new permanent block, so the next invocation of
compose-solution (or `new-agent`) finds more prior art in Phase 3.
Report the before/after block count in every session that touched Phase
6 — this makes the loop visible.
---
## References
- [phase-1-intake.md](phase-1-intake.md) · [phase-2-decompose.md](phase-2-decompose.md) · [phase-3-prior-art.md](phase-3-prior-art.md) · [phase-4-gap-analysis.md](phase-4-gap-analysis.md) · [phase-5-architecture.md](phase-5-architecture.md) · [phase-6-block-augment.md](phase-6-block-augment.md) · [phase-7-assemble.md](phase-7-assemble.md)
- `skills/research/SKILL.md` — Variant C "Deep decomposition" wave pattern
(Phase 2 delegation target for heavy tasks)
- `skills/new-agent/SKILL.md` — 8-phase wizard (Phase 7b handoff target)
- `~/.claude/skills/escalate-recurrence/SKILL.md` — hook + rule + wiki
pipeline (Phase 7d/e handoff target)
- `~/.claude/skills/architecture/SKILL.md` — optional, for heavy
architectural decomposition if `research` is overkill
- `_blocks/baseline.md`, `_blocks/rule-math-first.md` — block templates
(Phase 6a shape references)
- `_manifests/kei-*.toml` — 14 kit agents (Phase 7b handoff references)
- `_bridges/*.tmpl` — 11 tool bridges (architecture Phase 5 may reference
them for agent-creation flows)

46
skills/compose-solution/phase-1-intake.md Normal file
View file

@ -0,0 +1,46 @@
# Phase 1 — Intake
One free-text line + one click batch. This is the only typed input required
by the whole skill (Phase 6 may add optional per-block edit prose).
## 1a — Ask for the task description
Emit a regular message (NOT AskUserQuestion):
> Describe the task in one paragraph: what do you want to solve, for which
> project or concern, and what's the expected surface (something that runs,
> something that blocks a mistake, something that documents a pattern)?
> Reply in one message.
Store the user's reply verbatim as `DESC`.
## 1b — Target-type click (AskUserQuestion, ONE call)
```json
{
"questions": [
{
"question": "Target artefact type?",
"header": "Type",
"multiSelect": false,
"options": [
{"label": "Auto-detect", "description": "Orchestrator infers from intake — recommended when unsure"},
{"label": "Agent (specialist)", "description": "New kit-agent manifest — specialist for a project or concern"},
{"label": "Skill (user-invoked)", "description": "A /slash skill in ~/.claude/skills/ or KeiSeiKit/skills/"},
{"label": "Hook (enforcement)", "description": "Shell hook registered in settings.json (block / enforce / warn / remind)"},
{"label": "Rule (documentation)", "description": "Rule file in ~/.claude/rules/ with optional hook partner"},
{"label": "Block (reusable)", "description": "Behavioural block in _blocks/ — composable via manifests"}
]
}
]
}
```
Store the choice as `T`. If `T == "Auto-detect"`, leave resolution until
Phase 7 (after architecture is known).
## Verify-criterion
- `DESC` is non-empty.
- `T` is exactly one of the six labels above.
- If either fails — re-ask the failing input; do not fall through.

49
skills/compose-solution/phase-2-decompose.md Normal file
View file

@ -0,0 +1,49 @@
# Phase 2 — Wave-based decomposition
Goal: break `DESC` into 2-5 orthogonal components that can each be
independently researched and composed.
## 2a — Choose path (heavy vs lightweight)
For heavy / deep-domain / unfamiliar-domain tasks, delegate to the
`research` skill (`skills/research/SKILL.md`, Variant C "Deep decomposition"
is the pattern — Wave 0 decomposition, then Wave 1 per-component
exploration). Invoke via the Agent tool with `subagent_type: kei-researcher`
(or `researcher` if that agent is present in the user's global fleet). Pass
`DESC` as the research question with the constraint:
> Decompose into 2-5 orthogonal components, each with a 1-line description
> and 3-5 distinctive keywords suitable for grep prior-art search.
For lighter tasks (single-feature, obvious stack), do **inline lightweight
decomposition**: emit 3-5 components as a plain markdown bullet list in
chat — one line each — with 3-5 grep keywords per component in parentheses.
## 2b — Confirm decomposition (AskUserQuestion)
```json
{
"questions": [
{
"question": "Decomposition OK?",
"header": "Decomposition",
"multiSelect": false,
"options": [
{"label": "Confirm", "description": "Proceed to Phase 3 prior-art sweep with this decomposition"},
{"label": "Merge / split", "description": "You want to merge two components or split one — reply with one free-text line"},
{"label": "Add component", "description": "A necessary component is missing — reply with one free-text line"},
{"label": "Abort", "description": "Stop — nothing gets written"}
]
}
]
}
```
On `Merge / split` or `Add component` → single free-text prompt, regenerate,
re-ask. Do NOT silently adjust.
## Verify-criterion
- User clicked `Confirm`.
- Each component has ≥ 3 grep keywords (for Phase 3 search).
- Components are orthogonal (no circular dependency between two components).

52
skills/compose-solution/phase-3-prior-art.md Normal file
View file

@ -0,0 +1,52 @@
# Phase 3 — Prior-art grep sweep (parallel)
For EACH component from Phase 2, run three independent searches in parallel
(single message, multiple Bash tool calls).
## 3a — KeiSeiKit reuse
```bash
# Replace <keywords> with the component's 3-5 distinctive keywords as an
# ERE alternation like (foo|bar|baz).
grep -rinlE '<keywords>' _blocks/ _manifests/ skills/ _bridges/ hooks/ 2>/dev/null
```
## 3b — Personal bundle reuse (conditional, skip on missing)
```bash
if [ -d ~/Projects/KeiSeiBundle ]; then
grep -rinlE '<keywords>' ~/Projects/KeiSeiBundle/ 2>/dev/null | head -20
else
echo "KeiSeiBundle: absent — skipping layer B"
fi
```
Document absence in the report — do NOT fabricate a hit.
## 3c — External docs (delegate)
For any component that involves an external API, framework, or third-party
library, delegate a tiny research task to a `kei-researcher` subagent: one
WebSearch call, one WebFetch of the top hit, one-paragraph summary. Skip if
the component is entirely internal.
## 3d — Classify + evidence-grade
For each component produce ONE row:
```
Component N: <one-line>
Keywords: (foo|bar|baz)
3a reuse: <path1>, <path2> or NONE
3b reuse: <path> (bundle) or ABSENT / NONE
3c ext: <URL summary> or INTERNAL
Class: [REUSE | ADAPT | CREATE | EXTERNAL]
Evidence: [E1-E6]
```
## Verify-criterion
- Every component has a classification.
- Every cited file path exists on disk (RULE 0.4 — no fabricated paths).
- If grep returns nothing, class is CREATE and the report says so — no
phantom matches.

38
skills/compose-solution/phase-4-gap-analysis.md Normal file
View file

@ -0,0 +1,38 @@
# Phase 4 — Gap analysis (AskUserQuestion multi-select)
Present the classification matrix from Phase 3 as a code block (markdown
list) in chat, then emit:
```json
{
"questions": [
{
"question": "Which gaps to close this session?",
"header": "Gaps",
"multiSelect": true,
"options": [
{"label": "Component N — CREATE new block", "description": "No prior art found — draft a new _blocks/ entry in Phase 6"},
{"label": "Component M — ADAPT existing block", "description": "Prior art found but needs edits — copy + modify in Phase 6"},
{"label": "Component K — wire external API", "description": "External dep — reference api-*.md block or add a new one"},
{"label": "Skip — components K, L reuse as-is", "description": "No action needed, they're already covered"}
]
}
]
}
```
Options are GENERATED dynamically — one per component from Phase 3 whose
class ∈ {ADAPT, CREATE, EXTERNAL}. User clicks zero or more. Empty
multi-select is valid: means "reuse only, skip Phase 6".
Substitute the literal component descriptions in the option labels (not the
placeholders shown above — those are the shape). For example, if
Component 2 is "cost guard for fal.ai calls" and its class is CREATE, the
option label becomes `"Component 2: cost guard for fal.ai calls — CREATE new block"`.
## Verify-criterion
- Selected gap list stored as `GAPS` (a list of component-indices with
their chosen action: CREATE / ADAPT / EXTERNAL).
- Empty list is allowed and means Phase 6 is skipped entirely.
- No component has two contradicting actions (e.g. REUSE + CREATE).

70
skills/compose-solution/phase-5-architecture.md Normal file
View file

@ -0,0 +1,70 @@
# Phase 5 — Architecture proposal (math-first)
Compose the architecture by following `_blocks/rule-math-first.md`.
## 5a — Expression first
One to three lines describing which primitives combine, in which order,
with which invariants. Use this shape:
```
artefact = compose(block_A, block_B, ..., block_N)
where block_* ∈ {_blocks/, newly drafted, skills/, _manifests/}
invariant: <one-line, e.g. "every cube <200 LOC, every handoff verified">
```
## 5b — What is UNNECESSARY?
For each block listed, justify why it's in. If a block can be removed
without losing the user's goal — remove it. Derive-first: explicit claim
"this is the minimal decomposition, nothing removable". Follow the checklist
from `_blocks/rule-math-first.md`:
- Learned parameters / free knobs? WHY? Determined by input?
- Separate blocks for similar concerns? WHY? Can a single block cover both?
- Gate / wrapper layers? WHY? Is a direct reference enough?
## 5c — Constructor Pattern check
Each output cube must be single-concern, file < 200 LOC, function < 30 LOC.
If the proposed assembly violates this, split before proceeding.
## 5d — Count
Show the numbers explicitly in the preview:
- New files: N
- Edits to existing files: M
- Total lines of markdown to be written: L
## 5e — Preview + confirm
Preview as plain text in chat, then:
```json
{
"questions": [
{
"question": "Architecture OK?",
"header": "Architecture",
"multiSelect": false,
"options": [
{"label": "Confirm", "description": "Proceed to Phase 6 block augmentation (if any gaps) then Phase 7 assembly"},
{"label": "Revise component N", "description": "One component's decomposition or reuse choice is wrong — reply with one free-text line"},
{"label": "Remove something", "description": "You see a block that's not strictly necessary — reply which one"},
{"label": "Abort", "description": "Stop — nothing gets written"}
]
}
]
}
```
On `Revise` / `Remove` → ONE free-text prompt, regenerate the architecture,
re-preview.
## Verify-criterion
- User clicked Confirm.
- The expression (5a) is present and < 3 lines.
- The "what is unnecessary" pass (5b) has been applied and is visible in the
preview.
- Constructor Pattern check (5c) passed.

94
skills/compose-solution/phase-6-block-augment.md Normal file
View file

@ -0,0 +1,94 @@
# Phase 6 — Block augmentation (conditional)
Only runs if `GAPS` from Phase 4 is non-empty. For EACH `CREATE` or `ADAPT`
entry in `GAPS`, run this sub-phase in sequence (NOT in parallel — user must
approve each before the next).
## 6a — Draft the block
Template (follow the shape of `_blocks/baseline.md` or
`_blocks/rule-math-first.md` — short, single-concern, imperative voice):
```markdown
# <HEADING pattern name in short caps>
<One-line purpose statement.>
## When to include
<1-3 bullets describing which manifests should list this block in
their `blocks = [...]` array.>
## What it declares
<3-8 imperative bullets. Constructor Pattern: one concern only.>
## References
- <link to upstream rule or external doc, if any>
- <evidence grade [E1-E6]>
```
Target length: 20-40 LOC markdown. Hard ceiling: 60 LOC — above that, SPLIT
into two blocks before continuing.
Slug: kebab-case, 2-4 words. Must not collide with existing `_blocks/*.md`.
Verify via:
```bash
ls _blocks/<slug>.md 2>/dev/null && echo "COLLISION" || echo "free"
```
If collision: append a disambiguator (`<slug>-v2`, or a domain suffix like
`<slug>-embedded`).
## 6b — Preview + per-block click (AskUserQuestion)
Emit the draft inline in chat, then:
```json
{
"questions": [
{
"question": "Write this block?",
"header": "Block",
"multiSelect": false,
"options": [
{"label": "Write to _blocks/<slug>.md", "description": "Save permanently — enriches the kit for all future sessions"},
{"label": "Edit (free-text)", "description": "Reply with one free-text message describing changes; I regenerate"},
{"label": "Skip this block", "description": "Don't save this one; proceed to next gap"},
{"label": "Abort session", "description": "Stop the whole skill; nothing else gets written"}
]
}
]
}
```
Resolution:
- **Write** → use Write tool to create `_blocks/<slug>.md` under the repo
root (`~/Projects/KeiSeiKit/_blocks/` when running against the kit repo;
or wherever `$PWD`'s `_blocks/` lives when invoked from another KeiSeiKit
fork).
- **Edit** → single free-text prompt, regenerate, re-preview.
- **Skip** → move to next gap.
- **Abort** → stop; no writes Phase 6 onward.
## 6c — After all gaps processed
Report the block-count delta:
```bash
ls _blocks/ | wc -l
```
Show `before → after` count so the user sees the kit got N blocks smarter
this session. This is the feedback-loop signal — make it visible in every
session that touched Phase 6.
## Verify-criterion
Every block written passes two sanity checks:
- File exists on disk after Write.
- No `{{placeholder}}` literals remain (the assembler's `validator.rs`
rejects those; same hygiene applies here).

156
skills/compose-solution/phase-7-assemble.md Normal file
View file

@ -0,0 +1,156 @@
# Phase 7 — Recipe assembly (branches on `T`)
Before branching, resolve auto-detect if `T == "Auto-detect"`.
## 7a — Resolve auto-detect (conditional)
Infer target type from architecture (Phase 5):
- Expression mentions a project's CLAUDE.md + stack block + deploy block →
**Agent**.
- Expression is a 3-phase flow with AskUserQuestion calls → **Skill**.
- Expression is a trigger + enforcement pair, pattern-matched on tool input
**Hook** (and, usually, companion **Rule**).
- Expression is documentation + wiki indexing, no automation → **Rule**.
- Expression is a single reusable 20-40 LOC markdown — already handled in
Phase 6 → **Block**.
Present the inferred type:
```json
{
"questions": [
{
"question": "Detected target: <X>. Proceed?",
"header": "Auto-detect",
"multiSelect": false,
"options": [
{"label": "Yes — proceed with <X>", "description": "Run the <X> branch below"},
{"label": "Change to Agent", "description": "Override the inference — go to 7b"},
{"label": "Change to Skill", "description": "Override — go to 7c"},
{"label": "Change to Hook", "description": "Override — go to 7d"},
{"label": "Change to Rule", "description": "Override — go to 7e"},
{"label": "Block only (no assembly)", "description": "Already handled in Phase 6 — skip to final report"}
]
}
]
}
```
Substitute `<X>` with the literal inferred label.
## 7b — Agent branch
Hand off to the `new-agent` skill — it already codifies the 8-phase wizard
(`skills/new-agent/SKILL.md`). Two handoff methods:
1. **Invoke via Agent tool** with `subagent_type: kei-code-implementer` (or
equivalent), prompt: "Run the `new-agent` skill wizard. Use these
already-decided fields from compose-solution: stack, deploy, paid-APIs,
ML, secrets, scrapers. Slug, description, path, gotchas are
derived from DESC. Blocks list preference (from Phase 5 architecture):
<list>."
2. **Instruct user** to run `/new-agent` in a fresh turn if Agent
delegation is unavailable; paste the Phase-5 architecture into that
session.
Compose-solution steps back here — `new-agent` owns the rest.
## 7c — Skill branch
Compose a new `skills/<slug>/SKILL.md` inline:
```markdown
---
name: <slug>
description: <one-line derived from DESC>
argument-hint: <if the skill takes a target, e.g. "<project or path>">
---
# <Human Name><one-line>
<2-3 sentences: what the skill does, when to invoke, who owns the output.>
## Phase 1 — Intake (<AskUserQuestion | free-text>)
<Derived from architecture Phase 5. Escalate-recurrence style: if the
decision space is discrete, use AskUserQuestion; otherwise one free-text
line, strictly validated.>
## Phase 2 — <Action>
<Steps derived from Phase 5 expression. Verify-criterion per step.>
## Phase 3 — Report
<What the user sees at the end. Concise report block.>
## Rules
<Borrow from _blocks/baseline.md if generic enforcement needed.>
```
Minimum three phases (intake / action / report). AskUserQuestion pattern
follows `escalate-recurrence` (see
`~/.claude/skills/escalate-recurrence/SKILL.md` globally, or
`skills/new-agent/SKILL.md` Phase-1b style locally).
Preview + final confirm:
```json
{
"questions": [
{
"question": "Write this skill?",
"header": "Skill",
"multiSelect": false,
"options": [
{"label": "Write to skills/<slug>/SKILL.md", "description": "Save permanently; user can invoke as /<slug>"},
{"label": "Edit (free-text)", "description": "Reply with one message describing changes"},
{"label": "Abort", "description": "Stop — nothing gets written"}
]
}
]
}
```
On `Write``mkdir -p skills/<slug>/ && Write skills/<slug>/SKILL.md`.
## 7d — Hook branch
Delegate to the `escalate-recurrence` skill
(`~/.claude/skills/escalate-recurrence/SKILL.md`). That skill already owns
hook scaffolding at 4 severities (block / enforce / warn / remind) + 5
event types (PreToolUse:Bash, PreToolUse:Edit|Write, PostToolUse:*,
UserPromptSubmit, Stop) and registers via the `update-config` skill.
Instruct the user:
> Run `/escalate-recurrence` in a fresh turn. Use these already-decided
> fields from compose-solution:
> - Pattern name: `<slug>`
> - Two+ concrete trigger instances: <from DESC and Phase-5 architecture>
> - Suggested severity: <warn | enforce | block | remind> — based on
> <one-line justification from DESC>
> - Suggested event: <PreToolUse:Bash | Edit|Write | UserPromptSubmit | ...>
Or invoke via Agent tool if delegation is permitted.
Compose-solution steps back — `escalate-recurrence` owns writes.
## 7e — Rule branch
Same handoff as 7d — `escalate-recurrence` owns the rule + wiki pipeline
(it writes `~/.claude/rules/<slug>.md`, updates `RULES.md`, `MEMORY.md`, and
optionally `CLAUDE.md` Rules Index). Instruct the user to run
`/escalate-recurrence` with Phase-1 choice "No hook" if the user wants
documentation-only.
## 7f — Block only
Already handled in Phase 6. Skip to final report.
## Verify-criterion
- Exactly one branch ran (7b / 7c / 7d / 7e / 7f).
- The resulting artefact path is captured for the final report.

36
skills/new-agent/SKILL.md
View file

@ -47,7 +47,7 @@ Send ALL FOUR questions in a SINGLE `AskUserQuestion` invocation so the user pic
"header": "Deploy",
"multiSelect": false,
"options": [
{"label": "Local only (banned-public)", "description": "Never deployed — patent IP / ML weights / offensive / kernel"},
{"label": "Local only (banned-public)", "description": "Never deployed — proprietary ML weights / offensive / kernel / client-confidential"},
{"label": "AWS EC2", "description": "Instance, Elastic IP, SSH, docker-compose"},
{"label": "Cloudflare Workers", "description": "Edge, Workers + Pages + KV, wrangler deploy"},
{"label": "Modal", "description": "Serverless GPU, retries + volumes, KILL GUARD"},
@ -83,20 +83,11 @@ Store answers as `Q1`, `Q2`, `Q3`, `Q4`.
## Phase 1b — Follow-up (AskUserQuestion, ALWAYS run — one call)
This call ALWAYS runs. Q7 (scrapers) is independent of Q2/Q3, so every agent answers it. Q5/Q6 default "No" only if user explicitly picks so.
This call ALWAYS runs. Q6 (scrapers) is independent of Q2/Q3, so every agent answers it. Q5 defaults "No" only if user explicitly picks so.
```json
{
"questions": [
{
"question": "Contains unfiled patent IP?",
"header": "Patent IP",
"multiSelect": false,
"options": [
{"label": "Yes (banned public)", "description": "Patent pre-filing — add domain-patent-ip-aware + forbid public deploy"},
{"label": "No", "description": "No patent-sensitive content"}
]
},
{
"question": "Has credentials / secrets?",
"header": "Secrets",
@ -120,7 +111,7 @@ This call ALWAYS runs. Q7 (scrapers) is independent of Q2/Q3, so every agent ans
}
```
Store as `Q5`, `Q6`, `Q7`.
Store as `Q5`, `Q6`.
---
@ -177,10 +168,9 @@ Then deploy block based on Q2 (skip for "None yet"):
Then conditional domain blocks:
- If Q3 == Yes → append `domain-paid-apis`
- If Q4 == Yes → append `domain-ml-training` then `rule-math-first`
- If Q5 == Yes → append `domain-patent-ip-aware`
- If Q6 == Yes → append `domain-has-secrets`
- If Q7 == "Free-tier only" → append `scraper-free-tier` then `scraper-unified-output`
- If Q7 == "Paid tier" → append `scraper-paid-tier` then `scraper-free-tier` then `scraper-unified-output`; ALSO append `domain-paid-apis` if not already present (Q3 != Yes)
- If Q5 == Yes → append `domain-has-secrets`
- If Q6 == "Free-tier only" → append `scraper-free-tier` then `scraper-unified-output`
- If Q6 == "Paid tier" → append `scraper-paid-tier` then `scraper-free-tier` then `scraper-unified-output`; ALSO append `domain-paid-apis` if not already present (Q3 != Yes)
### 3.2 Pre-flight: verify every block exists on disk
@ -213,7 +203,7 @@ Conditional additions:
- Q4 == Yes → add `kei-ml-implementer` — "numerical experiment / training run" AND `kei-ml-researcher` — "literature / prior art lookup"
- Q2 != "None yet" → add `kei-infra-implementer` — "node provisioning / deploy / SSH / container ops"
- Q1 is Rust/Swift/Go (any variant) → add `kei-security-auditor` — "crypto / key handling / network / memory review"
- Q7 == "Paid tier" → add `kei-cost-guardian` if not already present (paid scraping = cost risk even when Q3 == No) — "paid scraper run — Apify/Bright Data pricing + cost estimate + dashboard check"
- Q6 == "Paid tier" → add `kei-cost-guardian` if not already present (paid scraping = cost risk even when Q3 == No) — "paid scraper run — Apify/Bright Data pricing + cost estimate + dashboard check"
### 3.4 Compute `references.extra`
@ -221,7 +211,7 @@ Start from:
- The project's CLAUDE.md (Q2 path + `CLAUDE.md`)
Conditional:
- Q6 == Yes → a note like `"<project-path>/secrets/ (NEVER read into chat)"`
- Q5 == Yes → a note like `"<project-path>/secrets/ (NEVER read into chat)"`
### 3.5 Compute remaining fields
@ -234,7 +224,7 @@ Conditional:
`role` — 2-3 sentences you compose from the answers. Template:
> You are the {slug} specialist. You own {one-line description}. Stack: {Q1}. Deploy: {Q2 or "local-only"}. {If Q5: "Sensitive IP: no public deploy, double explicit confirmation required."} Hand off generic dev work to `kei-code-implementer`, numerical work to `kei-ml-implementer` (if ML), and infra to `kei-infra-implementer` (if deployed).
> You are the {slug} specialist. You own {one-line description}. Stack: {Q1}. Deploy: {Q2 or "local-only"}. Hand off generic dev work to `kei-code-implementer`, numerical work to `kei-ml-implementer` (if ML), and infra to `kei-infra-implementer` (if deployed).
`domain_in` — 5-8 lines derived from Q1/Q2 stack/deploy specifics. Use the
existing generic manifests in `_manifests/` as shape references. If unsure,
@ -246,11 +236,9 @@ verbatim, quoted), then append the standard hardlines every project-specialist
inherits:
- `"\`git push\` to public hosting for any sensitive-IP project"`
- `"\`git add -A\` — stage specific files only"`
- If Q5 == Yes: `"Public deployment without double explicit confirmation (\"yes, deploy\" + \"I confirm publication\")"`
- If Q6 == Yes: `"Echoing any secret from <secrets-dir> in chat — reference paths only"`
- If Q5 == Yes: `"Echoing any secret from <secrets-dir> in chat — reference paths only"`
- If Q4 == Yes: `"Running paid training without cost estimate + single-variant verify first"`
- If Q7 == "Paid tier": `"Paid scraper batch >100 items without \`kei-cost-guardian\` pre-run cost estimate"` + `"LinkedIn paid scrape without legal-review sign-off (BGH Germany Nov 2024 GDPR risk)"`
- If Q5 == Yes AND Q7 != "None": `"Scraper output must never contain PII of subjects whose profile references unfiled patent IP (cross-contamination risk — priority-date leak via enrichment)"`
- If Q6 == "Paid tier": `"Paid scraper batch >100 items without \`kei-cost-guardian\` pre-run cost estimate"` + `"LinkedIn paid scrape without legal-review sign-off (BGH Germany Nov 2024 GDPR risk)"`
- Files >200 LOC without decomposition (Constructor Pattern).
- Picking a non-default language without a documented reason.
@ -262,7 +250,7 @@ inherits:
- `"Checkpoints: <commit-sha> — <description>"`
- If Q3 == Yes: `"Cost estimate: <$N.NN | N/A>"`
- If Q4 == Yes: `"Math-first expression: <1-3 lines LaTeX>"`
- If Q6 == Yes: `"Secrets referenced only (no echo): yes/no"`
- If Q5 == Yes: `"Secrets referenced only (no echo): yes/no"`
---

8
skills/research/SKILL.md
View file

@ -35,7 +35,7 @@ Options (pick ONE):
- **A — Light (2-stage, ~15 min)** — Discovery wave → verification pass. 3-5 agents total. Structured report, no graph, no 9-angle verification. Use for: quick fact-checks, tool comparisons, shallow context.
- **B — Standard (8-phase, ~40 min)** — Current default. Discovery (5 agents) → cross-ref → report → vault save → **9-angle verification wave** → synthesis → graph indexing → cleanup. Full report + graph.json + intersections.md. Use for: technology choice, architectural decisions, competitor mapping.
- **C — Deep Decomposition (wave-based, ~1-2h)** — Wave 0 decomposes question → Wave 1 parallel angle exploration per component → Wave 2 "two-touches rule" expansion (find what was missed; expand each finding via 2 touches upstream/downstream) → Wave 3 cross-analysis + re-expansion of found paths. Each agent writes its own file. Mandatory self-cleanup at end. 15-30+ agents. Outputs component-report-per-file + master synthesis + graph + intersection matrix. Use for: patent-scale research, new domain entry, major strategic decisions.
- **C — Deep Decomposition (wave-based, ~1-2h)** — Wave 0 decomposes question → Wave 1 parallel angle exploration per component → Wave 2 "two-touches rule" expansion (find what was missed; expand each finding via 2 touches upstream/downstream) → Wave 3 cross-analysis + re-expansion of found paths. Each agent writes its own file. Mandatory self-cleanup at end. 15-30+ agents. Outputs component-report-per-file + master synthesis + graph + intersection matrix. Use for: deep-domain research, new domain entry, major strategic decisions.
### Question 2 — "Control level"
@ -152,9 +152,8 @@ Now that Waves 1-2 have generated 30-50 .md files, run 5-7 synthesis agents:
2. `gap-closer` — which gaps from Wave 2 `-gaps` agents are still open? Can any be closed with one more agent?
3. `integration-mapper` — how do components connect to each other + to existing projects (read Project Registry)?
4. `evidence-auditor` — re-grade ALL claims across all files. Downgrade unverified. Flag `[DISPUTED]`.
5. `patent-angle-scanner` — for patent-scale research only: which findings are patentable primitives? Write to `patent-opportunities.md`.
6. `timing-analyst` — what's urgent, what's deferred, what's already obsolete?
7. `meta-critic` — final adversarial pass. "Is this research actually useful or just a pile of data?"
5. `timing-analyst` — what's urgent, what's deferred, what's already obsolete?
6. `meta-critic` — final adversarial pass. "Is this research actually useful or just a pile of data?"
Any finding marked for re-expansion: spawn one more agent for that specific thread.
@ -168,7 +167,6 @@ Lead writes master document at `{topic}/MASTER-REPORT.md` containing:
- Executive summary (2-3 sentences)
- Per-component findings (linked to wave1/wave2 files)
- Cross-component conflicts + resolutions
- Patent angles (if applicable)
- Project-registry intersections
- Evidence grades + confidence matrix
- Timing recommendation