Habilidades spec-discovery
📋

spec-discovery

Seguro 🌐 Acesso à rede📁 Acesso ao sistema de arquivos⚙️ Comandos externos

Discover and trace specification requirements

Finding and tracking requirements across large codebases is time-consuming and error-prone. This skill automatically locates specification files, extracts requirement IDs like REQ-NOTIFY-001, and generates a traceable manifest with content hashes for downstream validation.

Suporta: Claude Codex Code(CC)
📊 69 Adequado
1

Baixar o ZIP da skill

2

Upload no Claude

Vá em Configurações → Capacidades → Skills → Upload skill

3

Ative e comece a usar

Testar

A utilizar "spec-discovery". Find all requirements in this repository

Resultado esperado:

  • Found 12 requirement IDs across 3 spec files
  • REPO: ai-dev-kit | Total specs: 8
  • REPO: external-libs | Total specs: 4
  • ✓ REQ-NOTIFY-001: Email Sending Endpoint (specs/external-requests/notify.md)
  • ✓ REQ-NOTIFY-002: SMS Alert Configuration (specs/external-requests/notify.md)
  • ✓ REQ-DATA-001: Database Schema Definition (specs/data-models.md)
  • Note: No duplicate IDs detected across repositories

A utilizar "spec-discovery". Check for duplicate requirement IDs across repos

Resultado esperado:

  • CROSS-REPO SCAN COMPLETE
  • REPO: frontend | 15 specs found
  • REPO: backend | 12 specs found
  • REPO: shared-libs | 8 specs found
  • ⚠ WARNING: Duplicate ID detected
  • REQ-AUTH-001 found in both frontend (auth/spec.md) and backend (api/auth.md)
  • Action required: Resolve ID conflict before merging specifications

A utilizar "spec-discovery". Verify specification integrity

Resultado esperado:

  • INTEGRITY CHECK RESULTS
  • Baseline: 2024-12-01 manifest
  • Current scan: 2024-12-15
  • All 35 specifications verified
  • SHA-256 hashes match baseline
  • No unauthorized changes detected
  • Result: PASS

Auditoria de Segurança

Seguro
v5 • 1/16/2026

Pure prompt-based skill with no executable code. Provides workflow instructions for AI agents to parse specification files and extract traceability metadata. Static findings are false positives: 'Weak cryptographic algorithm' triggers are misunderstandings of 'hash' as file content hashes (SHA-256 is used for integrity verification, not weak crypto), and 'backtick execution' triggers are markdown formatting backticks, not shell commands. No actual network calls, scripts, or dangerous operations.

2
Arquivos analisados
241
Linhas analisadas
3
achados
5
Total de auditorias

Fatores de risco

🌐 Acesso à rede (1)
skill-report.json:6
📁 Acesso ao sistema de arquivos (1)
skill-report.json:6
⚙️ Comandos externos (14)
SKILL.md:8 SKILL.md:15 SKILL.md:16 SKILL.md:22 SKILL.md:22 SKILL.md:22 SKILL.md:23 SKILL.md:25 SKILL.md:25 SKILL.md:25 SKILL.md:31 SKILL.md:32 SKILL.md:36-54 SKILL.md:54-58
Auditado por: claude Ver Histórico de Auditoria →

Pontuação de qualidade

38
Arquitetura
100
Manutenibilidade
87
Conteúdo
22
Comunidade
100
Segurança
83
Conformidade com especificações

O Que Você Pode Construir

Trace requirements to implementation

Map requirement IDs to source files and track changes across repositories for compliance audits.

Validate specification coverage

Verify that all stated requirements have corresponding test cases and implementation references.

Generate documentation manifests

Create machine-readable specification inventories for downstream CI/CD validation pipelines.

Tente Estes Prompts

Find all requirements 
Use spec-discovery to find all requirement IDs in this repository. Return the manifest showing each spec ID, title, source path, and content hash.
Cross-repo requirements 
Use spec-discovery with EXTRA_REPOS pointing to other project repositories. Generate a combined manifest and flag any duplicate requirement IDs.
External request specs 
Use spec-discovery to scan specs/external-requests/ directory. Extract all external API requirement IDs and generate traceable links to the source markdown files.
Compliance verification 
Run spec-discovery to generate a manifest. Then compare current content hashes against a baseline to detect unauthorized specification changes.

Melhores Práticas

  • Configure EXTRA_REPOS when working with multi-repository projects to capture all specifications
  • Store generated manifests alongside build artifacts for audit trail consistency
  • Review duplicate ID warnings before merging specifications from different teams

Evitar

  • Running spec-discovery without specifying ROOT for monorepos with nested project structures
  • Ignoring duplicate ID warnings which can cause downstream confusion in requirement tracking
  • Using spec-discovery to modify specifications rather than just reading and cataloging them

Perguntas Frequentes

What specification formats are supported?
Markdown files with heading-based requirement IDs following pattern REQ-[A-Za-z0-9_-]+. Other formats require preprocessing.
Can this skill modify specification files?
No. Spec-discovery only reads and parses specifications. It generates manifests but does not alter source files.
How are requirement IDs extracted?
Using regex pattern ^#+\s*(REQ-[A-Za-z0-9_-]+)\s*:?\s*(.*)$ matching markdown headings containing requirement identifiers.
Is my specification data sent externally?
No. Spec-discovery runs entirely within the AI context. No data is transmitted to external servers or services.
What causes requirements to be skipped?
Files in specs/templates/ are skipped. Files without matching ID pattern in headings are reported as having no IDs detected.
How does this compare to grep or find commands?
Spec-discovery provides structured traceability including content hashes, repository context, and normalized links unlike basic text search.

Detalhes do Desenvolvedor

Licença

MIT

Repositório

https://github.com/Consiliency/treesitter-chunker/tree/main/.ai-dev-kit/skills/spec-discovery

Referência

main

Estrutura de arquivos

📄 SKILL.md