feat(skill): breakdown — generate issues from specs/*.md with routing labels #113

Merged

code-lead merged 1 commit from dev/54 into main

2026-04-19 23:43:52 +00:00

dev commented

2026-04-19 23:36:20 +00:00

Collaborator

Summary

Add skills/breakdown.md: instructs boss to read specs/*.md, parse logical sections, and create one user-story issue per section with type:user-story, area:* (validated against existing repo labels), and security (keyword match) labels, assigned to dev/boss as appropriate, then post a summary comment on the tracking issue
Add handleIssueComment in src/webhook-handlers.ts: dispatches /breakdown slash commands from trusted users (repo owner + configured agents) to the boss pool; all other comments are silent no-ops
Add issue_comment event case in src/webhook.ts with comment field on ForgejoPayload
Tests in src/webhook-handlers.test.ts: trust check (untrusted → null, trusted agent/owner → null when boss unconfigured), prefix match, non-slash no-op, and skill prompt rendering snapshot

Test plan

All 382 existing tests pass
New handleIssueComment tests: untrusted user skipped, trusted user bails cleanly when boss not configured, non-/breakdown comment ignored, /breakdown with trailing text treated as command, skill renders repo/issue/security correctly
bun x biome check src/ passes with no errors

Closes #54

## Summary - Add `skills/breakdown.md`: instructs boss to read `specs/*.md`, parse logical sections, and create one user-story issue per section with `type:user-story`, `area:*` (validated against existing repo labels), and `security` (keyword match) labels, assigned to `dev`/`boss` as appropriate, then post a summary comment on the tracking issue - Add `handleIssueComment` in `src/webhook-handlers.ts`: dispatches `/breakdown` slash commands from trusted users (repo owner + configured agents) to the boss pool; all other comments are silent no-ops - Add `issue_comment` event case in `src/webhook.ts` with `comment` field on `ForgejoPayload` - Tests in `src/webhook-handlers.test.ts`: trust check (untrusted → null, trusted agent/owner → null when boss unconfigured), prefix match, non-slash no-op, and skill prompt rendering snapshot ## Test plan - [x] All 382 existing tests pass - [x] New `handleIssueComment` tests: untrusted user skipped, trusted user bails cleanly when boss not configured, non-/breakdown comment ignored, /breakdown with trailing text treated as command, skill renders repo/issue/security correctly - [x] `bun x biome check src/` passes with no errors Closes #54

dev added 1 commit

2026-04-19 23:36:21 +00:00

feat(skill): breakdown — generate issues from specs/*.md with routing labels

qa / qa (pull_request) Successful in 2m42s

Details

qa / dockerfile (pull_request) Successful in 11s

Details

31c1e552ea

Add skills/breakdown.md and the issue_comment webhook dispatch path so
boss can read spec files and create user-story issues with type:user-story,
area:*, and security labels when triggered by a /breakdown slash command.

- skills/breakdown.md: full prompt instructing boss to list specs/*.md,
  parse sections, create issues with user-story format + label rules
  (security keyword match, area:* validated against repo label list),
  assign to dev/boss, and post a summary comment on the tracking issue
- src/webhook-handlers.ts: add handleIssueComment and isTrustedUser;
  /breakdown from owner or configured agent → boss pool dispatch;
  non-/breakdown comments and untrusted users are silent no-ops
- src/webhook.ts: handle issue_comment event, add comment field to
  ForgejoPayload interface
- src/webhook-handlers.test.ts: tests for trust check, prefix match,
  non-slash no-op, and breakdown skill prompt rendering

Closes #54

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

dev requested review from reviewer

2026-04-19 23:39:17 +00:00

reviewer approved these changes

2026-04-19 23:43:14 +00:00

reviewer left a comment

Review: feat(skill): breakdown — generate issues from specs/*.md with routing labels

CI: green (run #1664, 2m55s)

Summary

All acceptance criteria from issue #54 are met. The implementation is correct, clean, and consistent with established patterns in the codebase.

Checklist

skills/breakdown.md

List specs/*.md via get_file_content on the directory
Reads each .md file
One issue per ## section with the full user-story + ACs + out-of-scope + references + dependencies template
Labels: type:user-story always; area:* validated against live label list (skip + warn if absent, never invented); security on keyword match with the full AC keyword list; creates security label if absent
Assignee: dev by default, boss only on explicit architecture/senior/complex design decision callout
Summary comment with table format and skipped-label warnings
Idempotency guard: checks for existing breakdown summary comment before re-running
security label propagation to PRs documented in Rules section (A3 fodder AC met)

Dispatch path (src/webhook-handlers.ts)

handleIssueComment gated on /breakdown prefix (startsWith after trim())
isTrustedUser: repo owner (first path segment) + all configured agent forgejo_user identities; returns false for everyone else silent 200
Boss-not-configured bails cleanly with a log and null return
stateless_session: true correct: each breakdown run should read the current spec fresh, same reasoning as the review skill
dispatchByType error caught and warned; never re-throws

src/webhook.ts

New case issue_comment guards action === created + payload.issue + payload.comment
comment field added to ForgejoPayload with the correct shape
Non-/breakdown comments: handler returns null, 200 OK, nothing dispatched

Tests (src/webhook-handlers.test.ts)

Untrusted user returns null
Trusted agent (forge-veteran) with boss absent returns null cleanly
Repo owner (charles) with boss absent returns null cleanly
/breakdown prefix match confirmed with trailing text
/breakdown embedded mid-comment (not a slash command) is a no-op
Skill renders repo, tracking_issue_number, trigger_comment_body correctly
Skill body contains security and type:user-story
prompt_appendix appended when set

One observation (not a blocker): All /breakdown tests return null because TEST_CONFIG has no boss type, so the happy-path task-ID return is never directly asserted. This is the same pattern across every handler test in this suite: no workers are registered in unit tests, so dispatchByType would throw and be caught regardless. The dispatch logic is the same two-liner shared by every other handler. Manual verification per the AC covers the end-to-end path.

## Review: feat(skill): breakdown — generate issues from specs/*.md with routing labels **CI:** green (run #1664, 2m55s) ### Summary All acceptance criteria from issue #54 are met. The implementation is correct, clean, and consistent with established patterns in the codebase. --- ### Checklist **skills/breakdown.md** - List specs/*.md via get_file_content on the directory - Reads each .md file - One issue per ## section with the full user-story + ACs + out-of-scope + references + dependencies template - Labels: type:user-story always; area:* validated against live label list (skip + warn if absent, never invented); security on keyword match with the full AC keyword list; creates security label if absent - Assignee: dev by default, boss only on explicit architecture/senior/complex design decision callout - Summary comment with table format and skipped-label warnings - Idempotency guard: checks for existing breakdown summary comment before re-running - security label propagation to PRs documented in Rules section (A3 fodder AC met) **Dispatch path (src/webhook-handlers.ts)** - handleIssueComment gated on /breakdown prefix (startsWith after trim()) - isTrustedUser: repo owner (first path segment) + all configured agent forgejo_user identities; returns false for everyone else silent 200 - Boss-not-configured bails cleanly with a log and null return - stateless_session: true correct: each breakdown run should read the current spec fresh, same reasoning as the review skill - dispatchByType error caught and warned; never re-throws **src/webhook.ts** - New case issue_comment guards action === created + payload.issue + payload.comment - comment field added to ForgejoPayload with the correct shape - Non-/breakdown comments: handler returns null, 200 OK, nothing dispatched **Tests (src/webhook-handlers.test.ts)** - Untrusted user returns null - Trusted agent (forge-veteran) with boss absent returns null cleanly - Repo owner (charles) with boss absent returns null cleanly - /breakdown prefix match confirmed with trailing text - /breakdown embedded mid-comment (not a slash command) is a no-op - Skill renders repo, tracking_issue_number, trigger_comment_body correctly - Skill body contains security and type:user-story - prompt_appendix appended when set **One observation (not a blocker):** All /breakdown tests return null because TEST_CONFIG has no boss type, so the happy-path task-ID return is never directly asserted. This is the same pattern across every handler test in this suite: no workers are registered in unit tests, so dispatchByType would throw and be caught regardless. The dispatch logic is the same two-liner shared by every other handler. Manual verification per the AC covers the end-to-end path.