Skip to content

feat(skills): epic-002 — deploy-time authoring skills (design-adoption + legal-extraction)#46

Merged
ChriRas merged 8 commits into
mainfrom
epic-002-authoring-skills
Jul 8, 2026
Merged

feat(skills): epic-002 — deploy-time authoring skills (design-adoption + legal-extraction)#46
ChriRas merged 8 commits into
mainfrom
epic-002-authoring-skills

Conversation

@ChriRas

@ChriRas ChriRas commented Jul 8, 2026

Copy link
Copy Markdown
Owner

Epic 002 — Authoring Skills (AI). Two deploy-time Claude-Code skills that let a non-programmer operator (or their agency) reach Revoco's best use without writing code. Each pairs a deterministic, Pest-tested artisan command (the correctness-critical core) with an AI skill wrapper (the non-deterministic scrape/extraction, verified hands-on). Nothing ships in the running container — the skills run in a Claude-Code session at setup time, and all output is operator-reviewed, never auto-published.

Slices

slice-018 — design-adoption (PR #25)

  • Skill .claude/skills/design-adoption/SKILL.md: prompts for the shop URL, scans the site, extracts its corporate identity (colours, typography, logo).
  • Command revoco:make-theme (MakeThemeCommand + ThemeOverlayGenerator): generates a .wf-card[data-theme=\"<slug>\"] overlay against the existing --wf-* token contract + a placement report (APP_THEME=<slug>, logo wiring).
  • Guarantees: emits only known --wf-* tokens (no invented ones), preserves the a11y invariants (never overrides focus-ring / reduced-motion), writes to an operator path or stdout — never into this repo's committed theme (rules.md Tabu: no brand assets in the public repo).

slice-019 — legal-extraction (PR #26, depends on 018)

  • Skill .claude/skills/legal-extraction/SKILL.md: prompts for the Impressum + privacy URLs and their locale, scrapes and extracts them into a structured JSON payload.
  • Command revoco:import-legal (ImportLegalCommand + LegalContentImporter): validates the payload against the Phase-10 LegalSettings schema (known keys only), sanitizes incoming HTML (Str::sanitizeHtml, allow-list — stored-XSS defense), and persists § 5 DDG imprint fields (global) + per-locale privacy_content / imprint_address / imprint_addendum.
  • Guarantees: fill-empty by default, --overwrite required to replace populated legal text (never silently clobbers reviewed content); leaves fallback_order + *_link overrides untouched; prints a mandatory controller-review reminder. Filament ManageLegal is the review gate.

Key decisions

  • Deterministic command core + AI wrapper — the artisan command is the CRAFT-tested seam; the AI extraction lives in the skill and is Phase-5 hands-on only. This pattern now appears in both slices → candidate for promotion to design/authoring-skills.md (Phase-9 follow-up).
  • Targets existing shapes, invents no new path — design emits the --wf-*/APP_THEME overlay mechanism; legal fills the existing spatie/laravel-settings store. No new stores, no runtime coupling.
  • CLI conventions (slice-008) — parameter-driven, prompt only on a TTY, clean --no-interaction failure.

Verification

  • Pest: MakeThemeCommandTest, ImportLegalCommandTest cover the command seams end-to-end (valid overlay / contract-only tokens / a11y preserved / report contents; per-locale writes / HTML sanitized / unknown-key rejected-writes-nothing / overwrite guard both ways / clean --no-interaction fail).
  • Phase-5 hands-on (real): run against a live Shopware shop — overwrite guard fired, Str::sanitizeHtml kept structure, Impressum rendered structured. Extraction quality on flat CMS markup is best-effort by design (that's why the Filament review gate exists).
  • Branch merged up to date with current main (0.7.0 / PHP 8.5 / dependabot bumps) — conflict-free; CI runs on the merged state.

Scope

12 files, +1375/−1. New skills + two artisan commands + services + tests + README docs; one line in design/theming.md. No consumer-runtime change, no changes to the 0.6.0/0.7.0 surfaces.

Post-merge follow-ups (not in this PR)

  • Phase-9 epic close: archive slices 018/019, promote the "deterministic core + AI wrapper" pattern to design/authoring-skills.md, run the decisions promotion dialog.
  • Operator note (from slice-018 hands-on): switching APP_THEME needs a container --force-recreate, not just an .env edit → design/deployment.md.
  • Roadmap: mark Phase 11 done; add 0.6.0/0.7.0 to the releases table.

ChriRas added 8 commits July 3, 2026 00:13
First slice of epic-002 (authoring-skills). A deploy-time Claude-Code skill scans
a shop URL, extracts its corporate identity, and feeds the deterministic
`revoco:make-theme` command, which renders a validated `--wf-*` / data-theme brand
overlay plus a placement report.

- ThemeOverlayGenerator validates values against the withdrawal.css token contract,
  guards against CSS injection, and never overrides the a11y-locked focus-ring token.
- MakeThemeCommand is a thin, parameter-driven wrapper (TTY prompt for --slug, clean
  --no-interaction failure); output goes to --output or stdout, never into this repo.
- 10 Pest cases cover the overlay, contract, a11y guard, report and validation.

Brand overlays remain operator-placed and are never committed here (theming.md split).
Add a "Branding the form" section covering the neutral-first theming model, the
deploy-time `design-adoption` Claude-Code skill, and the underlying
`revoco:make-theme` command (with an example invocation). Reiterates that brand
overlays are operator-reviewed, operator-placed, and never committed here.
feat(skills): design-adoption — brand overlay generator + skill (slice-018)
Second slice of epic-002 (authoring-skills). A deploy-time Claude-Code skill scrapes
the operator's existing Impressum and privacy-policy pages and feeds the deterministic
`revoco:import-legal` command, which validates, sanitizes and persists the content into
the Phase-10 LegalSettings for review in Filament.

- LegalContentImporter validates the JSON payload against the LegalSettings schema
  (unknown key / bad e-mail abort — nothing written), scopes per-locale fields by
  --locale, leaves fallback_order and the *_link overrides untouched, and refuses to
  overwrite populated fields without --overwrite.
- Rich text (privacy, addendum) is sanitized with Str::sanitizeHtml — the same tool the
  render path uses; plain-text fields are tag-stripped.
- ImportLegalCommand is a thin, parameter-driven wrapper (--locale/--input/--overwrite,
  clean --no-interaction failure) with a mandatory controller-review reminder.
- 11 Pest cases cover per-locale scoping, sanitisation, the overwrite guard and validation.
Add a "Legal pages (Impressum & privacy)" section covering the operator-editable legal
settings and the deploy-time `legal-extraction` skill with its underlying
`revoco:import-legal` command (validation, sanitisation, overwrite guard, operator review
in Filament).
Replace the Lindinger-derived CI values in the design-adoption README example with
neutral placeholders (indigo/slate/Inter), and drop the prototype brand names from
design/theming.md. Keeps the public repo free of any brand-specific content — the
Lindinger data was only ever a throwaway skill test (gitignored scratch + dev DB).
feat(skills): legal-extraction — Impressum/Datenschutz importer + skill (slice-019)
@ChriRas ChriRas merged commit cd0848d into main Jul 8, 2026
1 check passed
@ChriRas ChriRas deleted the epic-002-authoring-skills branch July 8, 2026 20:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant