blob: 8776401de12d4dc55f549741a15fd8d28bc0005c [file] [view]
<!-- SPDX-License-Identifier: Apache-2.0
https://www.apache.org/licenses/LICENSE-2.0 -->
---
title: Agentic Drafting mode
status: experimental
kind: feature
mode: Drafting
source: >
MISSION.md § Technical scope (Drafting). docs/modes.md § Drafting.
Implemented by security-issue-fix (stable, security-only),
issue-fix-workflow (experimental), and audit-finding-fix (experimental).
acceptance:
- A drafting skill produces the failing test, the smallest production
change, targeted test runs, and a commit — but never merges.
- The PR is opened via `gh pr create --web` (human reviews in browser)
or handed back for the human to push; no autopilot push/merge.
- Security-class drafts scrub CVE / tracker-slug / "security fix" /
"vulnerability" from every public surface until the embargo lifts.
---
# Agentic Drafting mode
## What it does
The agent drafts a fix for a well-scoped problem — a triaged issue, a
CVE-allocated security report with team consensus on scope, a failing
test with an obvious cause, a documentation hole — and prepares a PR.
Every PR is reviewed and merged by a human committer; the agent never
merges its own work.
## Where it lives
- `security-issue-fix` (stable, security-only) — drafts the fix in the
user's local `<upstream>` clone, runs local checks, opens the public
PR via `gh pr create --web`, scrubs confidential framing.
- `issue-fix-workflow` (experimental) — drafts a fix for a triaged
general-issue; **does not** open the PR on autopilot, hands back a
branch + commits + test results for the human to push.
- `audit-finding-fix` (experimental) — drafts a fix for a finding from
an audit tool (ruff, mypy, security scanner); parses the finding
report, implements the smallest fix, scope-checks the diff, and hands
back a commit for the human to push.
- `tools/dev` — shared local-check helpers.
## Behaviour & contract
- **Draft, never merge.** No skill in this mode merges. Opening the PR is
`gh pr create --web` (human confirms in the browser) or a hand-back.
- **Confidentiality scrub** (security): commit message, branch name, PR
title/body, newsfragment are scrubbed for CVE IDs, the tracker repo
slug, and the words "security fix" / "vulnerability" before any write
or push (see `AGENTS.md` § Confidentiality).
- **Commit trailer** `Generated-by:` — never `Co-Authored-By:` an agent.
## Out of scope
- Generic Agentic Drafting beyond the three shipped families (lint fixes at
scale, doc holes at scale) — `proposed`, not yet built.
- Merging, releasing, or pushing without a human.
## Acceptance criteria
1. No drafting skill merges or force-pushes.
2. Security drafts pass the confidentiality scrub before any public write.
3. `skill-and-tool-validate` passes on the drafting-family skills.
## Validation
```bash
uv run --project tools/skill-and-tool-validator --group dev skill-and-tool-validate
```
## Known gaps
- Three drafting skills are now shipped: `security-issue-fix` (stable),
`issue-fix-workflow` (experimental), and `audit-finding-fix`
(experimental). The remaining `proposed` surface is generic drafting at
scale (lint-fix batches, doc-hole sweeps) — not yet planned.
- No drafting skill covers doc-hole or large-scale lint-fix batch work;
those remain out of scope until a family spec is written.