From 6ab6283199e16819d8db77d79852b56e73bb9d7c Mon Sep 17 00:00:00 2001 From: okash1n <48118431+okash1n@users.noreply.github.com> Date: Fri, 12 Jun 2026 12:33:29 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20agents/=20=E3=82=92=E7=8F=BE=E4=BB=A3?= =?UTF-8?q?=E5=8C=96=20=E2=80=94=20doc-updater=20sonnet=20=E5=8C=96?= =?UTF-8?q?=E3=83=BBOWASP=20=E5=B9=B4=E6=AC=A1=E5=9B=BA=E5=AE=9A=E8=A7=A3?= =?UTF-8?q?=E9=99=A4=E3=81=BB=E3=81=8B=EF=BC=88#118=E3=80=81v0.68.0?= =?UTF-8?q?=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - doc-updater: model haiku → sonnet(コード矛盾検出の要求仕様と整合、opus 非固定のコスト設計は維持) - e2e-runner: 手動 tracing/video レシピを playwright.config 方針へ、CI Example を 1 行ガイダンスに縮小 - security-reviewer: OWASP Top 10 2021 固定 + 全列挙を current OWASP Top 10 に置換 - build-error-resolver: 起動条件を既存・未知の失敗の隔離調査に絞り込み - tdd-guide の起動ゲート(finding 6)は #116 で対応済み Closes #118 --- CHANGELOG.md | 11 +++++++++++ agents/build-error-resolver.md | 4 ++-- agents/doc-updater.md | 2 +- agents/e2e-runner.md | 19 ++----------------- agents/security-reviewer.md | 15 +-------------- tests/unit/test-agent-definitions.sh | 9 +++++---- 6 files changed, 22 insertions(+), 38 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 578c18d..09d0757 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/), and this project adheres to [Semantic Versioning](https://semver.org/). +## [0.68.0] - 2026-06-12 + +LLM 性能監査(#121)P4 の第 2 弾(#118)。agents/ を現行世代に合わせて現代化した。 + +### Changed +- **doc-updater の model を haiku → sonnet(#118)**: 「現行コードと矛盾する古い記述の除去」というコード理解依存の要求仕様と最弱モデル固定が不整合だった。「高頻度ロールに opus を固定しない」コスト設計は維持 +- **e2e-runner の API レシピと CI 例を方針化(#118)**: 旧モデルの API ハルシネーション対策だった `context.tracing.start()` / video 設定の手動レシピを「playwright.config の config レベル設定(trace on retry / video on failure)優先」の規約に置換。CI Example セクションは「--with-deps でブラウザ導入・失敗時 artifact 回収・最新 action と Active LTS を確認・既存 workflows に合わせる」の 1 行ガイダンスに縮小(固定 YAML は復活させない) +- **security-reviewer の OWASP 年次固定を解除(#118)**: 「OWASP Top 10 2021」明示と全 10 項目の列挙(現行モデルには既知のコンテキスト税)を「current OWASP Top 10 をベースラインに」へ置換。キット固有のシェル文脈チェック(secrets / file access / command execution 等)は維持 +- **build-error-resolver の起動条件を絞り込み(#118)**: 「あらゆる失敗時」から「既存・未知のビルド失敗の隔離調査用。自セッションの変更で壊したエラーはメインコンテキストで直す」に変更。意図的な API 変更との衝突を防ぐ但し書きも追加 +- tdd-guide の起動条件ゲート(finding 6)は v0.66.0(#116)で対応済み + ## [0.67.0] - 2026-06-12 LLM 性能監査(#121)P4 の第 1 弾(#117)。常時注入される rules/ から現行モデルに情報量のない行を削除した(10 → 8 ファイル)。 diff --git a/agents/build-error-resolver.md b/agents/build-error-resolver.md index 63d7fb0..f05e75b 100644 --- a/agents/build-error-resolver.md +++ b/agents/build-error-resolver.md @@ -1,6 +1,6 @@ --- name: build-error-resolver -description: Build and type error resolver. Use when compilation, linting, tests, or package scripts fail and the goal is a minimal fix. +description: Build and type error resolver for pre-existing or unfamiliar build/test failures that need isolated investigation. Do not auto-delegate errors introduced by changes in the current session — fix those directly in the main context. tools: Read, Write, Edit, Bash, Grep, Glob model: sonnet --- @@ -14,7 +14,7 @@ You fix build failures with minimal, well-scoped changes. Keep the goal narrow: 1. Capture the exact failing command and the first meaningful error. 2. Inspect only files needed to understand the failure. 3. Prefer fixing the root cause over suppressing diagnostics. -4. Preserve public APIs unless the failing build proves they are wrong. +4. Preserve public APIs unless the failing build proves they are wrong or the invoking session states the API change is intentional. 5. Re-run the smallest failing command, then a broader relevant check if needed. ## Common Checks diff --git a/agents/doc-updater.md b/agents/doc-updater.md index f8fa9cd..3e7459f 100644 --- a/agents/doc-updater.md +++ b/agents/doc-updater.md @@ -2,7 +2,7 @@ name: doc-updater description: Documentation maintenance specialist. Use when code changes require README, guide, runbook, or changelog updates. tools: Read, Write, Edit, Bash, Grep, Glob -model: haiku +model: sonnet --- # Doc Updater diff --git a/agents/e2e-runner.md b/agents/e2e-runner.md index 848b207..2f823c8 100644 --- a/agents/e2e-runner.md +++ b/agents/e2e-runner.md @@ -20,24 +20,9 @@ You design and run end-to-end tests that protect real user journeys. Prefer a sm ## Playwright Guidance - Prefer role and label selectors over brittle CSS selectors. -- Use `context.tracing.start()` and `context.tracing.stop()` for trace capture. -- Configure video with `use: { video: 'retain-on-failure' }` and `outputDir`. +- Prefer config-level artifact settings in playwright.config (e.g., trace on retry, video on failure) over manual tracing calls. - Keep retries and timeouts explicit and justified. - -## CI Example - -Use the latest major action versions and the active Node LTS at -generation time (verify rather than recalling pinned versions). The -step sequence is: - -```yaml -- checkout -- setup-node (active LTS, cache npm) -- run: npm ci -- run: npx playwright install --with-deps -- run: npm run test:e2e -- upload-artifact (on failure: test-results/) -``` +- In CI, install browsers with `npx playwright install --with-deps` and upload traces/artifacts on failure. Use current action versions and an active Node LTS; match the repository's existing workflows. ## Output diff --git a/agents/security-reviewer.md b/agents/security-reviewer.md index 266f874..a292ac3 100644 --- a/agents/security-reviewer.md +++ b/agents/security-reviewer.md @@ -20,20 +20,7 @@ You review security-sensitive changes and report exploitable risks clearly. ## Baseline Checklist -Use OWASP Top 10 2021 as the baseline: - -- Broken Access Control -- Cryptographic Failures -- Injection -- Insecure Design -- Security Misconfiguration -- Vulnerable and Outdated Components -- Identification and Authentication Failures -- Software and Data Integrity Failures -- Security Logging and Monitoring Failures -- Server-Side Request Forgery - -Also check secrets exposure, unsafe file access, command execution, dependency trust, privacy leaks, and insecure defaults. +Use the current OWASP Top 10 as the baseline. Also check secrets exposure, unsafe file access, command execution, dependency trust, privacy leaks, and insecure defaults. ## Output diff --git a/tests/unit/test-agent-definitions.sh b/tests/unit/test-agent-definitions.sh index c3a945a..d9f0a55 100644 --- a/tests/unit/test-agent-definitions.sh +++ b/tests/unit/test-agent-definitions.sh @@ -34,7 +34,7 @@ && [[ "$(_agent_model e2e-runner)" == "sonnet" ]] \ && [[ "$(_agent_model refactor-cleaner)" == "sonnet" ]] \ && [[ "$(_agent_model security-reviewer)" == "sonnet" ]] \ - && [[ "$(_agent_model doc-updater)" == "haiku" ]] \ + && [[ "$(_agent_model doc-updater)" == "sonnet" ]] \ && [[ "$(_agent_model architect)" == "opus" ]] \ && [[ "$(_agent_model planner)" == "opus" ]]; then pass "$test_name" @@ -50,9 +50,10 @@ && ! grep -q 'actions/checkout@v' "$PROJECT_DIR/commands/e2e.md" \ && ! grep -q 'node-version:' "$PROJECT_DIR/commands/e2e.md" \ && grep -q 'active Node LTS' "$PROJECT_DIR/agents/e2e-runner.md" \ - && grep -q 'context.tracing.start' "$PROJECT_DIR/agents/e2e-runner.md" \ - && grep -q 'OWASP Top 10 2021' "$PROJECT_DIR/agents/security-reviewer.md" \ - && grep -q 'Server-Side Request Forgery' "$PROJECT_DIR/agents/security-reviewer.md"; then + && ! grep -q 'context.tracing.start' "$PROJECT_DIR/agents/e2e-runner.md" \ + && grep -q 'playwright.config' "$PROJECT_DIR/agents/e2e-runner.md" \ + && grep -q 'current OWASP Top 10' "$PROJECT_DIR/agents/security-reviewer.md" \ + && ! grep -q 'OWASP Top 10 20' "$PROJECT_DIR/agents/security-reviewer.md"; then pass "$test_name" else fail "$test_name"