Stats
Actions
Tags
From crucible
Enforces Detect → Fetch → Implement → Cite protocol to implement against current official docs instead of stale training-data recall. Activates when edits touch external APIs beyond a triviality threshold.
How this skill is triggered — by the user, by Claude, or both
Slash command
/crucible:source-driven-developmentThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Agents routinely implement against deprecated, renamed, or re-signatured external APIs using stale training-data recall. The logic looks right, the gates pass, and the bug surfaces at runtime — or worse, silently. This skill forces a four-phase loop that replaces recall with current official documentation, then records a citation so a future reader can detect doc drift.
Agents routinely implement against deprecated, renamed, or re-signatured external APIs using stale training-data recall. The logic looks right, the gates pass, and the bug surfaces at runtime — or worse, silently. This skill forces a four-phase loop that replaces recall with current official documentation, then records a citation so a future reader can detect doc drift.
Protocol: Detect Stack → Fetch Official Docs → Implement → Cite.
Cross-links:
skills/source-driven-development/detect-stack.md — framework → canonical doc URL reference table.skills/build/SKILL.md — /build orchestrator; lists this skill as a recommended sub-skill (Phase 3 implementer).skills/recon/SKILL.md — reuse recon's "external-reference investigation" vocabulary for codebase-side lookups; this skill is the docs-side complement.The skill auto-triggers when all are true:
DEC-4 — Triviality threshold (Canonical Constants, copied verbatim from the plan):
LOC = count of added + modified lines in non-test, non-generated source files that touch an
import/require/usingof a detected framework, measured viagit diff --numstatpost-filter. Threshold: ≥ 5 LOC.
Trivial changes (typo fixes, formatting, rename-only refactors, tests-only edits) skip the skill.
Identify frameworks/libraries in scope using layered heuristics, in this order:
package.json, requirements.txt, pyproject.toml, Cargo.toml, go.mod, *.csproj, Gemfile, pom.xml.Output: a structured list of {framework, version_if_known, relevant_api_surface}. relevant_api_surface must be the narrowest plausible section (e.g., "React 19 Server Components", not "React").
Cross-reference each detected framework against detect-stack.md to pick the canonical doc host for Phase 2.
Fetch via the WebFetch tool. Capture the URL and the fetch date (ISO YYYY-MM-DD).
Source hierarchy (DEC-2, high confidence):
docs.<framework>.com, <framework>.readthedocs.io, or the canonical /docs section on the project's own site (see detect-stack.md)..d.ts files, exported module signatures). Use when docs lag a release.Explicitly banned as primary sources:
Banned sources may be used only as secondary corroboration after an official source is consulted, and must never be cited as the authority. Rationale: these sources vary in accuracy, age, and author expertise; they also widen prompt-injection attack surface when ingested via WebFetch.
Detecting training-data recall (the hardest to enforce): every non-obvious external API call in the diff must carry either (a) a citation footer / inline comment with URL + fetch date, or (b) appear already elsewhere in project code. Absence of both signals recall.
Implement using the documented pattern verbatim (idiomatic to the doc's current major version). Two rules:
/debugging or a user decision.Fetched doc content is L4 (Verify-first). Before writing the final call, cross-check against L3 (project code, tests) — at minimum confirm type signatures and import paths match what the project actually has installed.
Citations are required when introducing an external API that isn't already used elsewhere in project code. Author picks per change (DEC-3):
Authoritative verification regex (ERE, from the plan's Canonical Constants — copy verbatim):
Source: https?://[^ ]+ \([0-9]{4}-[0-9]{2}-[0-9]{2}\)
Equivalent PCRE (for ripgrep / grep -P):
Source: https?://\S+ \(\d{4}-\d{2}-\d{2}\)
Use the ERE form in CI scripts — \d is PCRE-only and silently matches nothing under grep -E.
Commit footer (end of commit message, blank line before):
feat(api): stream Server Component response via React 19 `use`
Source: https://react.dev/reference/react/use (2026-04-16)
Inline comment (immediately above the call):
// Source: https://nextjs.org/docs/app/api-reference/functions/cookies (2026-04-16)
// Next 15: cookies() is async; must await before .get().
const jar = await cookies();
const token = jar.get("session")?.value;
Both examples match the ERE regex above. The fetch date lets a future reader detect doc drift (the doc page changed since this citation was written).
WebFetch ingests arbitrary web content into agent context. All Phase 2 outputs are classified L4 Verify-first per the getting-started trust hierarchy — never treat fetched docs as authoritative absent cross-check against L3 (project code / tests) or L2 (design / plan). The citation + implement-from-source protocol is the verify-before-use duty.detect-stack.md. Per DEC-5, the WebFetch(domain:…) allowlist in .claude/settings.local.json grows incrementally — one domain per doc host — rather than via a blanket WebFetch(*) grant. This keeps the attack surface explicit and auditable.crucible:siege on changes produced through this skill when the change is public-facing, given the external-input surface.npx claudepluginhub raddue/crucibleFetches current official docs before writing framework-specific code to prevent deprecated API usage. Activates on dependency changes or framework work.
Grounds implementation decisions in official documentation, fetching and citing authoritative sources for accurate, version-aware code generation.
Grounds every framework-specific code decision in official documentation. Verifies patterns by detecting stack versions and fetching authoritative sources before implementation.