ccpe-system/integrations/skills-vault/ccra-local-review-helpers.i...

12 KiB

artifact_type name integration_id integration_type author version created updated status used_by
integration-registration CCRA Local Review Skills-Vault Helpers ccra-local-review-skills-vault-helpers skills-vault-automation-skills CCPE System 0.1.2 2026-06-19 2026-06-19 active
agents/agent-specs/ccra-local-reviewer.agent.md
runtimes/hybrid/ccra-local-review.runtime.md

CCRA Local Review Skills-Vault Helpers

1. Registration Scope

This registration records the installed skills-vault automation Skills used by the ccra-local-review Runtime.

CCPE owns the Agent, Runtime, evaluation rules, authority boundaries, and integration contract.

skills-vault owns the automation Skill source, scripts, fixtures, tests, install notes, and runtime install package.

The client project owns concrete run directories, helper configs, returned reports, Owner decisions, and review evidence.

2. Registered Skills

review-context-builder:
  source_path: C:\Users\wangq\Documents\Codex\skills-vault\skills\review-context-builder
  installed_path: C:\Users\wangq\.agents\skills\review-context-builder
  script: scripts\review_context_builder.py
  primary_outputs: review-context.md, review-file-manifest.json
  runtime_stage: Stage 1 context preparation

review-bundle-audit:
  source_path: C:\Users\wangq\Documents\Codex\skills-vault\skills\review-bundle-audit
  installed_path: C:\Users\wangq\.agents\skills\review-bundle-audit
  script: scripts\review_bundle_audit.py
  primary_outputs: bundle-audit.md, bundle-audit.json
  runtime_stage: Stage 1 bundle preflight

routing-behavior-diff-audit:
  source_path: C:\Users\wangq\Documents\Codex\skills-vault\skills\routing-behavior-diff-audit
  installed_path: C:\Users\wangq\.agents\skills\routing-behavior-diff-audit
  script: scripts\routing_behavior_diff_audit.py
  primary_outputs: routing-behavior-diff.md, routing-behavior-diff.json
  runtime_stage: Stage 1 routing-diff evidence

regression-validation-gate-runner:
  source_path: C:\Users\wangq\Documents\Codex\skills-vault\skills\regression-validation-gate-runner
  installed_path: C:\Users\wangq\.agents\skills\regression-validation-gate-runner
  script: scripts\regression_validation_gate_runner.py
  primary_outputs: gate-run-report.md, gate-run-report.json, logs/
  runtime_stage: Stage 1 validation evidence

lifecycle-status-guard-scan:
  source_path: C:\Users\wangq\Documents\Codex\skills-vault\skills\lifecycle-status-guard-scan
  installed_path: C:\Users\wangq\.agents\skills\lifecycle-status-guard-scan
  script: scripts\lifecycle_status_guard_scan.py
  primary_outputs: lifecycle-status-guard-scan.md, lifecycle-status-guard-scan.json
  runtime_stage: Stage 1 lifecycle overclaim scan

3. Invocation Authority

Allowed operations:

read configured project files or bundle files
read configured JSON/YAML/Markdown manifests
write reports and logs to the configured Local CCRA run directory
execute only user-approved validation gate commands declared in a manifest
record helper command, input, output, exit code, and skipped/failed state in run-notes.md or a Skill execution record

Forbidden operations:

edit project files
repair review bundles
modify model cards, model JSON, selector rules, regression cases, or lifecycle status
install dependencies
invent validation commands
claim Owner approval, Web CCRA approval, lifecycle promotion, or release readiness
replace Local CCRA Agent judgment

4. Command Templates

Run installed scripts through the shared skills-vault environment.

conda run -n skills-vault python -B C:\Users\wangq\.agents\skills\review-context-builder\scripts\review_context_builder.py `
  --project-root <client-project-root> `
  --review-id <review-id> `
  --context-profile ccra-local-review `
  --source-root knowledge_assets `
  --source-root <file-or-directory> `
  --metadata <run-dir>\review-metadata.json `
  --output-dir <run-dir>

conda run -n skills-vault python -B C:\Users\wangq\.agents\skills\review-bundle-audit\scripts\review_bundle_audit.py `
  --bundle-root <review-bundle-dir> `
  --output-dir <run-dir>\helper-outputs `
  --profile ccra_mindscape_review_bundle

conda run -n skills-vault python -B C:\Users\wangq\.agents\skills\routing-behavior-diff-audit\scripts\routing_behavior_diff_audit.py `
  --before-results <before-results> `
  --after-results <after-results> `
  --output-dir <run-dir>\helper-outputs `
  --case-id-field case_id `
  --route-field route

conda run -n skills-vault python -B C:\Users\wangq\.agents\skills\regression-validation-gate-runner\scripts\regression_validation_gate_runner.py `
  --project-root <client-project-root> `
  --gate-manifest <run-dir>\gate-manifest.yaml `
  --output-dir <run-dir>\helper-outputs `
  --mode dry_run

conda run -n skills-vault python -B C:\Users\wangq\.agents\skills\lifecycle-status-guard-scan\scripts\lifecycle_status_guard_scan.py `
  --scan-root <client-project-root> `
  --config <run-dir>\lifecycle-guard-config.yaml `
  --output-dir <run-dir>\helper-outputs

If review-bundle-audit does not support ccra_mindscape_review_bundle, rerun that helper with --profile generic, mark profile_mismatch, and apply the CCRA profile contract manually before deciding whether the bundle blocks review.

Use regression-validation-gate-runner --mode run only after the user explicitly approves running the declared gate commands.

4.1 CCRA-Aware Profile And Execution Contracts

review-bundle-audit profile contract:

profile_id: ccra_mindscape_review_bundle
recognized_manifest_patterns:
  - BUNDLE_FILE_MANIFEST_*.md
  - BUNDLE_FILE_MANIFEST_*.json
examples:
  - BUNDLE_FILE_MANIFEST_04.md
  - BUNDLE_FILE_MANIFEST_04.1.md
validation_sidecar_required: profile-dependent
validation_sidecar_absent_when_optional: profile_warning | not_applicable
generic_profile_mismatch_is_blocker: no
required_output_interpretation:
  active_profile
  recognized_manifest_path
  missing_required_files
  extra_files_or_profile_warnings
  blocks_current_review

If the installed helper lacks this profile, the runtime may run generic as a fallback, but the Local CCRA report must mark profile_mismatch and apply the contract above before deciding whether the bundle actually blocks review.

regression-validation-gate-runner execution contract:

gate_execution_mode:
  dry_run:
    planning/preflight only
    cannot support pass claims
  run:
    requires Owner or explicit runtime approval
    may support pass claims only with executed logs and exit codes
  owner_waived:
    command skipped by Owner decision
    report as evidence limitation
  not_applicable:
    no executable gates in scope

routing-behavior-diff-audit requirement contract:

review_turn_without_after_patch_evidence:
  may_skip_with_reason: skipped_no_after_evidence

patch_verification_or_comparison_with_before_after:
  helper_required: yes
  fallback_if_helper_missing: manual_equivalent_table
  required_categories:
    - target_behavior_changes
    - non_target_behavior_changes
    - accepted_collateral_changes
    - unexpected_regressions
    - unchanged_expected_behavior
    - cases_needing_owner_or_web_calibration

lifecycle-status-guard-scan scope contract:

scope_modes:
  - current_review_bundle
  - changed_files
  - knowledge_assets
  - model_library_state
  - whole_repo

default_blocker_mode:
  current_review_bundle
  changed_files
  model_library_state

whole_repo:
  broad_audit_mode: true
  not_default_blocker_mode: true

triage_categories:
  - current_scope_blocker
  - owner_decision_needed
  - historical_or_archive_noise
  - policy_reference_not_claim
  - false_positive_or_low_confidence

5. Failure Behavior

Missing installed Skill:

block Stage 1 helper execution
record missing path in run-notes.md
continue only if the Local CCRA reviewer can manually inspect equivalent evidence and the report states the missing automation risk

Helper exit codes:

review-bundle-audit:
  0 no blockers
  1 audit blockers
  2 input or profile errors

routing-behavior-diff-audit:
  use machine_readable_summary.status as automation routing evidence only

regression-validation-gate-runner:
  0 PASS or DRY_RUN
  1 required gate failure or timeout
  2 manifest or input errors

lifecycle-status-guard-scan:
  0 warnings or observations only
  1 blocking lifecycle/status findings

Any helper failure may become a Local CCRA finding, but the helper itself does not decide review acceptance.

6. Helper Output Confidence

Local CCRA must classify helper output confidence before using helper reports in findings.

confidence:
  high:
    helper profile matches the review package
    inputs are current
    required command mode was executed
    output is specific to the reviewed evidence

  medium:
    helper output is useful but incomplete
    helper found warnings requiring reviewer judgment
    some optional evidence was skipped

  low:
    helper used a generic profile against project-specific bundle names
    output may be stale
    output is dry_run when executed validation is needed
    helper findings look like false-positive candidates

  not_used:
    helper was unavailable, skipped, or not applicable

Mandatory confidence flags:

used_as_evidence
stale
generic_profile
profile_mismatch
false_positive_candidate
dry_run
executed
planned
waived
missing_helper
skipped_but_should_have_run
broad_scope_noise
active_profile
recognized_manifest_path
blocks_current_review
requires_runtime_tuning

Known Patch 1 examples:

review-bundle-audit:
  generic profile may not recognize versioned bundle manifests such as BUNDLE_FILE_MANIFEST_04.md.

regression-validation-gate-runner:
  dry_run proves command declaration readability, not fresh validation execution.

routing-behavior-diff-audit:
  should run when before/after routing evidence exists.

lifecycle-status-guard-scan:
  broad findings require reviewer triage before becoming blockers.

Known Patch 2 examples:

review-bundle-audit:
  generic profile exit 1 may be a profile mismatch when `BUNDLE_FILE_MANIFEST_04.md` is present and recognized by the CCRA profile contract.

regression-validation-gate-runner:
  `dry_run` is useful for planning but cannot support a final validation pass claim.

routing-behavior-diff-audit:
  skipped is acceptable for no-hindsight initial evidence; missing is an evidence gap when before/after patch evidence exists.

lifecycle-status-guard-scan:
  broad whole-repo findings from older review materials or prior helper outputs must be triaged as archive noise, policy reference, false positive, or current-scope blocker.

7. Validation And Evidence

Observed local install surface:

C:\Users\wangq\.agents\skills\review-context-builder\SKILL.md
C:\Users\wangq\.agents\skills\review-bundle-audit\SKILL.md
C:\Users\wangq\.agents\skills\routing-behavior-diff-audit\SKILL.md
C:\Users\wangq\.agents\skills\regression-validation-gate-runner\SKILL.md
C:\Users\wangq\.agents\skills\lifecycle-status-guard-scan\SKILL.md

Supplier validation remains owned by skills-vault. CCPE consumers should verify path availability before each formal Local CCRA run and record command results in the project run directory.

8. Security Notes

These helpers are read-heavy deterministic tools except regression-validation-gate-runner, which can execute manifest commands in run mode. Treat run mode as a human-gated action.

The helpers may write only inside the configured output directory. They must not write Owner decisions, Local CCRA reports, lifecycle promotions, or Web final review conclusions.