Files
claudetools/.claude/SKILL_ROUTING.md
Howard Enos faf796386a sync: auto-sync from HOWARD-HOME at 2026-07-05 21:24:32
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-07-05 21:24:32
2026-07-05 21:25:01 -07:00

104 lines
6.9 KiB
Markdown

# Skill Routing Map
> On-demand reference for the CORE **Skill-first** + **Definition of Done** rules
> (`.claude/CLAUDE.md`). Read this when a request maps to a skill, or when work nears "done"
> and needs its check-skill. You infer the right skills from the request + expected end result —
> the user should NOT have to name them. **Calibrate to stakes** (a typo fix needs no full review)
> and **use Ollama Tier-0** for the cheap classify/prose passes so this stays low-token.
## How to use this (every substantive request)
1. **Route the action** → pick the *doing-skill* for what's being asked (tables below).
2. **Do the work** through that skill (not hand-rolled API).
3. **Gate the result** → before saying "done," run the *check-skill(s)* matching the work-type.
4. Only declare done after the gate passes. If you skip a gate for stakes reasons, say so.
---
## Doing-skills (request → the skill that DOES it)
| Request signal | Skill |
|---|---|
| Ticketing, billing, invoicing, customers, scheduling, appointments | `/syncro` (after-hours/emergency billing → `/syncro-emergency-billing`). Autotask ONLY on an explicit "in Autotask" request. |
| Any credential — read/store/rotate a secret, API key, password, token, SSH key | `vault` |
| Run a command / investigate / script on an RMM agent | `/rmm` (find the host first with `rmm-search`) |
| M365 investigation/remediation, breach check, mailbox/inbox-rule/forwarding audit, tenant sweep | `remediation-tool` |
| Onboard a new M365 tenant to the remediation app suite | `onboard365` |
| Anything about a customer's **BACKUP** — is X backing up, who backs up where, backup status/failures, or set up / provision a backup | **Backups → wiki-first** (see the "Backups" block right below this table) |
| Bitdefender / GravityZone AV — endpoints, sweeps, policies, quarantine, EDR | `bitdefender` |
| Datto EDR / Datto AV — detections, isolate, scan, agent deploy | `datto-edr` |
| VoIP — PacketDial / OITVOIP / NetSapiens domains, users, DIDs, queues, CDRs | `packetdial` |
| Email security — Mailprotector/CloudFilter held/quarantined mail, allow/block rules | `mailprotector` |
| ScreenConnect / CW Control sessions, access installer, backstage command | `screenconnect` |
| Synology NAS | `synology` |
| Yealink phone device management | `yealink-ymcs` |
| UniFi WiFi tuning / RF / channel analysis | `unifi-wifi` |
| Map/repoint a Windows network drive on a remote endpoint | `drive-map` |
| Send someone a Discord DM / copy-paste-friendly link or command | `discord-dm` |
| Inter-session messaging, fleet todos, resource locks, coord status | `coord` |
| Git / Gitea / submodules / sync health | `gitea` (or `/sync`, `/scc`, `/save` for session ops) |
| Build/verify GuruRMM agent/server/dashboard, pre-merge check | `gururmm-build` |
| Capture an RMM feature idea | `/feature-request`; GuruConnect feature → `gc-feature-request` |
| Compile session logs/Syncro into wiki | `/wiki-compile` |
| Create a new skill or slash command | `skill-creator` |
| Independent 2nd opinion / adversarial verify | `grok` (xAI) or `agy` (Gemini) |
| Image/video gen, live web/X search past cutoff | `grok` |
| Deep multi-source researched report | `deep-research` |
> Not listed? If no skill fits, do it directly — and say so. New recurring need → `skill-creator`.
### Backups (wiki-first routing)
A customer can back up through **any** of several backends, so a backup request is a
two-step route: **first find out which backend THIS customer uses, then use that skill.**
Never assume B2/MSP360 — several clients are on Seafile, ownCloud, or Datto Workplace.
1. **Identify the backend for this customer (don't guess).** Read the client wiki
(`wiki/clients/<slug>.md`) and the backup map (`projects/gps-rmm-audit/backup-map.md`) —
both record each customer's real destination. If it isn't recorded, confirm with
`msp360 monitoring --company <name>` plus the per-backend inventory skills, then write the
answer back to the client wiki.
2. **Route to that backend's skill:**
| Need | Skill |
|---|---|
| Is X backing up? status / last run / failures / stale plans (MSP360 + B2 Cloud plans) | `msp360`**authoritative**, check here not bucket contents |
| Who backs up to Seafile / ownCloud / Datto Workplace (inventory + endpoint detection) | `seafile` / `owncloud` / `datto-workplace` |
| Storage / bucket / cost on the destination side | `b2` (Backblaze) |
| **Set up / provision a backup** — create account/user, quota, library, license, destination | the **target backend's** skill: `msp360` (MBS user/company/license), `seafile`, `owncloud` (all writes gated `--confirm`); `b2` for a new bucket/key |
- **Which machine gets backed up is a per-client decision** — report mismatches (billed vs
running), don't provision jobs off a billing count. See [[feedback_backup_targets_never_guessed]].
- Full per-customer destination + health map: `projects/gps-rmm-audit/backup-map.md`;
how backup-status works: memory `[[reference_msp360_backup_monitoring]]`.
---
## Check-skills (work-type → the gate run BEFORE "done")
**Code changes** (any edit to source):
- `/code-review` — correctness/bugs. `/simplify` — reuse/cleanup. Scale to stakes.
- `/security-review` — REQUIRED when the change touches auth, credentials, security, or production risk.
- `test-driven-development` — when implementing a feature/bugfix (test first). `/verify` or `run` — confirm real behavior, not just tests.
- `rust-skills` — Rust. `inject-standards` — apply project coding standards. `human-flow`/`impeccable` — interactive UI.
- GuruRMM specifically: `gururmm-build` verify before merge-to-main (merge IS the deploy).
**Outbound / client-facing** (anything sent to a client or vendor — Syncro comment, email, DM, doc):
- `impeccable` — polish + correctness before it leaves (standing rule). `stop-slop` — strip AI-slop tone.
- Internal-only drafts are exempt.
**Syncro / vendor actions**:
- The skill's own **preview + explicit-confirm gate** is the check — show the full payload, wait for yes, then post. Never post-then-report. (Syncro: no API edit/delete after the fact.)
**Docs / wiki / memory writes**:
- Wiki articles → `wiki-lint`. Memory store edits → `memory-dream` checks (index/backlinks/dupes).
---
## Stakes calibration (don't burn tokens)
- Trivial/mechanical (typo, comment, rename, one-line doc) → skip the heavy review; a quick self-check is enough. Say you skipped and why.
- Normal change → the standard gate above.
- Security / auth / credential / migration / production / data-loss / outbound-to-client → full gate, bump model one tier, never skip.
- Push the cheap parts (classify which skills apply, prose/tone passes) to **Ollama Tier-0**; reserve inherited/opus for the actual judgment.
See also: `.claude/CLAUDE_EXTENDED.md` (full workflow detail), memories `[[feedback_skill_first_routing]]`, `[[feedback_impeccable_on_outbound]]`, `[[feedback_syncro_preview_mandatory]]`, `[[feedback_calibrate_effort_to_stakes]]`.