بنقرة واحدة
context-partitioning
Manifest-first context isolation — each subagent receives only its scope, never the full codebase
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Manifest-first context isolation — each subagent receives only its scope, never the full codebase
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Apply this skill for Unite-Hub Supabase migrations, PostgREST/Data API visibility, founder-scoped Playwright journeys, or errors such as PGRST205, access=denied, stale Supabase linked refs, or migration history drift. Prevents repeating the SQL/cache/auth loop by enforcing the exact verification sequence for core journeys.
The compass for Unite-Hub's road to /shipit. Defines the single NorthStar (a real, comprehensive, working founder CRM in production, every section GREEN), the binding definition of GREEN, and the No-Invaders Manifest that keeps the build honest and surgical. Consult BEFORE deciding what to build/skip/finish — it resolves "200 ≠ real" temptations and scope-creep pressure. P1, auto-loaded.
Apply this skill WHEN scaffolding a new cron "pull" route that syncs external/derived data into Supabase on a schedule (Vercel cron). Encodes the Unite-Hub cron invariants: CRON_SECRET auth, FOUNDER_USER_ID actor, overlap safety, idempotent upsert, last-sync timestamp, and failure surfacing. Generic `cron-scheduler` covers scheduling; this covers the PULL handler body. P3.
Apply this skill WHEN verifying that a route, page, or integration serves REAL data and not silent mock/placeholder data. Detects the "false-green" failure mode: an endpoint returns 200 (or a page renders) while the underlying data is fabricated because a provider is unconnected. Trigger WHENEVER classifying a section's readiness, reviewing integration wrappers, or before marking anything GREEN. P2 — load on audit/verify tasks.
Apply this skill for ANY decision with non-obvious tradeoffs: architectural choices, debugging without a clear root cause, performance strategies, security decisions, feature design with competing constraints, refactoring scope decisions. Forces multi-perspective analysis before committing to a solution. P1 auto-load — always active on complex reasoning tasks.
Apply this skill before executing ANY irreversible action: bash commands that delete, reset, or overwrite; database migrations; git destructive operations (push --force, reset --hard, branch -D); environment variable changes; deployment triggers. Apply before proposing solutions when requirements are ambiguous. Blocks unsafe execution defaults. P1 auto-load — always active.
| name | context-partitioning |
| category | context |
| version | 2.0.0 |
| description | Manifest-first context isolation — each subagent receives only its scope, never the full codebase |
| author | Unite Group (ported from NodeJS-Starter-V1) |
| priority | 1 |
| auto_load | true |
| triggers | ["any_dispatch","spawn_subagent","agent_harness"] |
| context | fork |
Without explicit context isolation, the main orchestrator context window accumulates:
Result: context bloat → compaction → rule violations → wrong output.
Rule: Before dispatching ANY subagent, the orchestrator MUST produce a typed manifest. The manifest is the subagent's entire world — it reads NOTHING outside its manifest.
{
"agent": "frontend-specialist",
"task": "Add persona avatar upload to SocialPersonasManager",
"toolshed": "frontend",
"token_budget": 60000,
"files": {
"must_read": [
"src/components/social/SocialPersonasManager.tsx",
"src/lib/businesses.ts"
],
"reference_only": [
"src/app/globals.css"
],
"must_not_touch": [
"src/lib/supabase/",
"supabase/migrations/"
]
},
"skills": ["scientific-luxury", "react-best-practices"],
"constraints": [
"founder_id isolation — never workspace_id",
"Scientific Luxury: #050505 bg, #00F5FF accent, rounded-sm only",
"Framer Motion only — no CSS transitions"
],
"success_criteria": "Avatar upload renders, persists to Supabase Storage, no TypeScript errors",
"output_format": "edited_files_list + verification_tier_A_result",
"verification_agent": "verification"
}
| Agent Role | Hard Cap | Consequence of Breach |
|---|---|---|
| Orchestrator | 80,000 | Delegate immediately — do not read more files |
| Frontend Specialist | 60,000 | Scope to src/components/ + src/app/ only |
| Senior Fullstack | 60,000 | Scope to task-relevant src/app/api/ + src/lib/ files |
| Database Specialist | 40,000 | Scope to supabase/migrations/ + schema file only |
| Security Auditor | 50,000 | Scope to auth path + affected routes only |
| Bug Hunter | 40,000 | Failing file + direct imports one level deep only |
| Test Engineer | 50,000 | Test file + source file under test only |
| Verification | 30,000 | Verification output only — no source reads |
| Scope Token | Resolves To |
|---|---|
src/ | Full src directory — only for orchestrator planning |
failing-file-only | The single file containing the error |
direct-imports-one-level | Files imported by the failing file (not transitive) |
test-files | src/**/*.test.ts, src/**/*.spec.ts, tests/ |
source-file-under-test | The exact file being tested |
task-specific | Orchestrator selects based on task decomposition |
Step 1 — DISCOVER (Orchestrator, Glob/Grep only)
→ Identify affected files by pattern, not by reading
→ Check VAULT-INDEX.md for known asset locations
→ Load toolshed entry from toolsheds.json
Step 2 — MANIFEST (Orchestrator, write manifest)
→ Populate must_read, reference_only, must_not_touch
→ Select max 5-6 skills from toolshed
→ Set token_budget from toolsheds.json
→ Write success_criteria in verifiable terms
Step 3 — DISPATCH (Orchestrator → Agent tool)
→ Pass manifest as the agent's complete prompt
→ Agent reads ONLY manifest.files.must_read
→ Agent loads ONLY manifest.skills
Step 4 — RETURN (Subagent → Orchestrator)
→ Return: list of files modified + verification output
→ Do NOT return full file contents
→ Do NOT return intermediate reasoning
Step 5 — INTEGRATE (Orchestrator)
→ Accept structured summary
→ Route to verification agent
→ Main context stays lean
| Anti-Pattern | Why | Fix |
|---|---|---|
Read("src/") in orchestrator | Dumps entire codebase into context | Glob for paths only |
| Subagent reads files outside manifest | Context bleed, token waste | Manifest must_not_touch |
| Return full file content from subagent | Doubles context usage | Return file path + diff summary |
| Load all P1 skills for every task | Token waste on irrelevant skills | Load toolshed subset only |
| Re-verify work in orchestrator | Redundant, wastes context | Delegate to verification agent |
This skill works in tandem with .claude/data/toolsheds.json:
token_budget, skills, and context_scopeReference: .claude/AGENT_HARNESS.md Phase 4 for dispatch protocol.