Skill-first rule now has two halves: route the request to a doing-skill, then gate the result with the matching check-skill before 'done' -- inferred from the request, not user-named. Adds .claude/SKILL_ROUTING.md (on-demand request->doing-skill->check-skill map). Enforcement tier A+B (CORE rule + map; Stop-hook backstop deferred). Calibrate to stakes, Ollama Tier-0 for cheap passes. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
79 lines
5.1 KiB
Markdown
79 lines
5.1 KiB
Markdown
# Skill Routing Map
|
|
|
|
> On-demand reference for the CORE **Skill-first** + **Definition of Done** rules
|
|
> (`.claude/CLAUDE.md`). Read this when a request maps to a skill, or when work nears "done"
|
|
> and needs its check-skill. You infer the right skills from the request + expected end result —
|
|
> the user should NOT have to name them. **Calibrate to stakes** (a typo fix needs no full review)
|
|
> and **use Ollama Tier-0** for the cheap classify/prose passes so this stays low-token.
|
|
|
|
## How to use this (every substantive request)
|
|
1. **Route the action** → pick the *doing-skill* for what's being asked (tables below).
|
|
2. **Do the work** through that skill (not hand-rolled API).
|
|
3. **Gate the result** → before saying "done," run the *check-skill(s)* matching the work-type.
|
|
4. Only declare done after the gate passes. If you skip a gate for stakes reasons, say so.
|
|
|
|
---
|
|
|
|
## Doing-skills (request → the skill that DOES it)
|
|
|
|
| Request signal | Skill |
|
|
|---|---|
|
|
| Ticketing, billing, invoicing, customers, scheduling, appointments | `/syncro` (after-hours/emergency billing → `/syncro-emergency-billing`). Autotask ONLY on an explicit "in Autotask" request. |
|
|
| Any credential — read/store/rotate a secret, API key, password, token, SSH key | `vault` |
|
|
| Run a command / investigate / script on an RMM agent | `/rmm` (find the host first with `rmm-search`) |
|
|
| M365 investigation/remediation, breach check, mailbox/inbox-rule/forwarding audit, tenant sweep | `remediation-tool` |
|
|
| Onboard a new M365 tenant to the remediation app suite | `onboard365` |
|
|
| Backblaze / B2 storage, buckets, backup storage cost | `b2` |
|
|
| Bitdefender / GravityZone AV — endpoints, sweeps, policies, quarantine, EDR | `bitdefender` |
|
|
| Datto EDR / Datto AV — detections, isolate, scan, agent deploy | `datto-edr` |
|
|
| VoIP — PacketDial / OITVOIP / NetSapiens domains, users, DIDs, queues, CDRs | `packetdial` |
|
|
| Email security — Mailprotector/CloudFilter held/quarantined mail, allow/block rules | `mailprotector` |
|
|
| ScreenConnect / CW Control sessions, access installer, backstage command | `screenconnect` |
|
|
| Synology NAS | `synology` |
|
|
| Yealink phone device management | `yealink-ymcs` |
|
|
| UniFi WiFi tuning / RF / channel analysis | `unifi-wifi` |
|
|
| Map/repoint a Windows network drive on a remote endpoint | `drive-map` |
|
|
| Send someone a Discord DM / copy-paste-friendly link or command | `discord-dm` |
|
|
| Inter-session messaging, fleet todos, resource locks, coord status | `coord` |
|
|
| Git / Gitea / submodules / sync health | `gitea` (or `/sync`, `/scc`, `/save` for session ops) |
|
|
| Build/verify GuruRMM agent/server/dashboard, pre-merge check | `gururmm-build` |
|
|
| Capture an RMM feature idea | `/feature-request`; GuruConnect feature → `gc-feature-request` |
|
|
| Compile session logs/Syncro into wiki | `/wiki-compile` |
|
|
| Create a new skill or slash command | `skill-creator` |
|
|
| Independent 2nd opinion / adversarial verify | `grok` (xAI) or `agy` (Gemini) |
|
|
| Image/video gen, live web/X search past cutoff | `grok` |
|
|
| Deep multi-source researched report | `deep-research` |
|
|
|
|
> Not listed? If no skill fits, do it directly — and say so. New recurring need → `skill-creator`.
|
|
|
|
---
|
|
|
|
## Check-skills (work-type → the gate run BEFORE "done")
|
|
|
|
**Code changes** (any edit to source):
|
|
- `/code-review` — correctness/bugs. `/simplify` — reuse/cleanup. Scale to stakes.
|
|
- `/security-review` — REQUIRED when the change touches auth, credentials, security, or production risk.
|
|
- `test-driven-development` — when implementing a feature/bugfix (test first). `/verify` or `run` — confirm real behavior, not just tests.
|
|
- `rust-skills` — Rust. `inject-standards` — apply project coding standards. `human-flow`/`impeccable` — interactive UI.
|
|
- GuruRMM specifically: `gururmm-build` verify before merge-to-main (merge IS the deploy).
|
|
|
|
**Outbound / client-facing** (anything sent to a client or vendor — Syncro comment, email, DM, doc):
|
|
- `impeccable` — polish + correctness before it leaves (standing rule). `stop-slop` — strip AI-slop tone.
|
|
- Internal-only drafts are exempt.
|
|
|
|
**Syncro / vendor actions**:
|
|
- The skill's own **preview + explicit-confirm gate** is the check — show the full payload, wait for yes, then post. Never post-then-report. (Syncro: no API edit/delete after the fact.)
|
|
|
|
**Docs / wiki / memory writes**:
|
|
- Wiki articles → `wiki-lint`. Memory store edits → `memory-dream` checks (index/backlinks/dupes).
|
|
|
|
---
|
|
|
|
## Stakes calibration (don't burn tokens)
|
|
- Trivial/mechanical (typo, comment, rename, one-line doc) → skip the heavy review; a quick self-check is enough. Say you skipped and why.
|
|
- Normal change → the standard gate above.
|
|
- Security / auth / credential / migration / production / data-loss / outbound-to-client → full gate, bump model one tier, never skip.
|
|
- Push the cheap parts (classify which skills apply, prose/tone passes) to **Ollama Tier-0**; reserve inherited/opus for the actual judgment.
|
|
|
|
See also: `.claude/CLAUDE_EXTENDED.md` (full workflow detail), memories `[[feedback_skill_first_routing]]`, `[[feedback_impeccable_on_outbound]]`, `[[feedback_syncro_preview_mandatory]]`, `[[feedback_calibrate_effort_to_stakes]]`.
|