{"capabilities":[{"id":"systems-health-scanner","version":"0.1.0","title":"Systems Health Scanner","summary":"Find public website, email, SSL, dependency, and exposed-path risks before they become operating problems.","maturityStage":"improve","resourceType":"diagnostic","useCase":"Audit an existing business system and produce a prioritized health report with plain-English fixes.","toolboxItemIds":["builtin-scanner"],"deliveryTargets":["web-tool","mcp-planning","harness-ready"],"requiredInputs":["Public website URL","Optional dependency manifest"],"requiredIntegrations":["DNS lookup","Public HTTP fetch","Certificate inspection"],"outputArtifacts":["Systems health report","Priority issue list","Recommended owner handoff notes"],"permissions":[{"id":"public-site-read","label":"Read public website and DNS posture","level":"read","target":"Public website, DNS, and certificate metadata","approvalRequired":false},{"id":"dependency-file-read","label":"Read uploaded dependency manifest","level":"read","target":"User-provided dependency file","approvalRequired":false},{"id":"scanner-report-draft","label":"Draft scanner remediation report","level":"draft","target":"Report content and recommendations","approvalRequired":false}],"approvalGates":["Confirm the target domain belongs to the user or their business.","Require explicit approval before sending findings to any external vendor or channel."],"validationChecks":["Reject localhost, private IP ranges, unsupported protocols, and non-standard ports.","Return scanner category grades and overall summary.","Keep all results draft-only unless a user deliberately exports or sends them."],"tools":[{"name":"plan_systems_health_scan","title":"Plan Systems Health Scan","description":"Create a scan plan, required inputs, and approval checklist for a public business system.","permissionIds":["public-site-read","scanner-report-draft"]},{"name":"summarize_systems_health_report","title":"Summarize Systems Health Report","description":"Turn scanner findings into prioritized remediation notes for a business operator.","inputSchemaRef":"schemas/systems-health-report.schema.json","permissionIds":["scanner-report-draft"]}],"resources":[{"name":"systems_health_scan_policy","title":"Systems Health Scan Policy","description":"Boundaries for safe public-system scanning and report handling.","kind":"policy","path":"policies/systems-health-scan.md"},{"name":"systems_health_report_template","title":"Systems Health Report Template","description":"Report outline for scanner findings and business-priority fixes.","kind":"template","path":"templates/systems-health-report.md"}],"prompts":[{"name":"systems_health_triage","title":"Systems Health Triage","description":"Guide an agent through scoping, consent, scanning, and remediation prioritization.","arguments":["business_name","target_url","risk_tolerance"]}]},{"id":"ai-stack-audit","version":"0.1.0","title":"AI Stack Audit","summary":"Map the tools, models, data flows, costs, and operational risks in a business AI stack.","maturityStage":"operate","resourceType":"diagnostic","useCase":"Review a live or planned AI operating stack and identify gaps in cost, reliability, data handling, and ownership.","toolboxItemIds":["builtin-readiness","builtin-roi","builtin-cost"],"deliveryTargets":["agent-kit","mcp-planning","harness-ready"],"requiredInputs":["Tool inventory","Model/provider list","Monthly usage or spend estimates","Business workflows using AI"],"requiredIntegrations":["Optional billing exports","Optional usage logs"],"outputArtifacts":["AI stack inventory","Risk and cost register","Recommended operating controls"],"permissions":[{"id":"stack-inventory-read","label":"Read user-provided stack inventory","level":"read","target":"Tool lists, provider names, and operating notes","approvalRequired":false},{"id":"cost-data-read","label":"Read user-provided cost data","level":"read","target":"Billing exports or manually entered cost data","approvalRequired":false},{"id":"audit-report-draft","label":"Draft AI stack audit report","level":"draft","target":"Internal audit report and recommendations","approvalRequired":false}],"approvalGates":["Redact secrets, API keys, customer data, and internal credentials before processing.","Require approval before sharing the audit with vendors, customers, or public channels."],"validationChecks":["Confirm every risk has an owner or recommended owner.","Separate confirmed facts from inferred operating risks.","Include a next-action list that can be handed to Harness later."],"tools":[{"name":"plan_ai_stack_audit","title":"Plan AI Stack Audit","description":"Create the intake checklist and audit scope for a business AI stack.","permissionIds":["stack-inventory-read","audit-report-draft"]},{"name":"draft_ai_stack_risk_register","title":"Draft AI Stack Risk Register","description":"Convert stack inventory and spend notes into a prioritized risk and control register.","inputSchemaRef":"schemas/ai-stack-risk-register-input.schema.json","permissionIds":["stack-inventory-read","cost-data-read","audit-report-draft"]}],"resources":[{"name":"ai_stack_inventory_schema","title":"AI Stack Inventory Schema","description":"Structured schema for collecting AI tools, models, owners, costs, and data categories.","kind":"schema","path":"schemas/ai-stack-inventory.schema.json"},{"name":"ai_stack_audit_checklist","title":"AI Stack Audit Checklist","description":"Checklist for reviewing AI stack safety, cost, reliability, and ownership.","kind":"checklist","path":"checklists/ai-stack-audit.md"}],"prompts":[{"name":"ai_stack_audit_intake","title":"AI Stack Audit Intake","description":"Guide a founder or operator through the information needed for a practical AI stack audit.","arguments":["business_name","current_tools","primary_workflows"]}]},{"id":"weekly-reporting-kit","version":"0.1.0","title":"Weekly Reporting Kit","summary":"Package repeatable weekly updates from metrics, project notes, blockers, and recommended decisions.","maturityStage":"operate","resourceType":"implementation-kit","useCase":"Help an operating business turn scattered weekly context into a consistent owner-ready report.","toolboxItemIds":["builtin-blueprint"],"deliveryTargets":["agent-kit","mcp-planning","mcp-scaffold","harness-ready"],"requiredInputs":["Reporting audience","Weekly metrics","Project notes","Open blockers","Decisions needed"],"requiredIntegrations":["Optional docs workspace","Optional project tracker export"],"outputArtifacts":["Weekly report draft","Decision log","Follow-up action list","Harness runbook outline"],"permissions":[{"id":"report-source-read","label":"Read reporting source notes","level":"read","target":"User-provided metrics, notes, and project exports","approvalRequired":false},{"id":"weekly-report-draft","label":"Draft weekly report","level":"draft","target":"Internal weekly report","approvalRequired":false},{"id":"report-publish-write","label":"Publish weekly report","level":"write","target":"External docs, email, or team channels","approvalRequired":true}],"approvalGates":["Confirm the report audience before drafting tone and detail level.","Require human approval before publishing or sending the report outside the drafting workspace.","Flag sensitive customer, revenue, or employee details for review."],"validationChecks":["Every report includes wins, risks, blockers, metrics, decisions, and next actions.","Publishing permissions remain disabled unless the host provides an approval flow.","Generated report distinguishes source-backed claims from agent recommendations."],"tools":[{"name":"plan_weekly_report","title":"Plan Weekly Report","description":"Create an intake plan and source checklist for a recurring weekly report.","permissionIds":["report-source-read","weekly-report-draft"]},{"name":"draft_weekly_report","title":"Draft Weekly Report","description":"Turn supplied metrics and notes into a structured weekly report draft.","inputSchemaRef":"schemas/weekly-report-input.schema.json","outputSchemaRef":"schemas/weekly-report-output.schema.json","permissionIds":["report-source-read","weekly-report-draft"]}],"resources":[{"name":"weekly_report_template","title":"Weekly Report Template","description":"Structured weekly update template for operators and founders.","kind":"template","path":"templates/weekly-report.md"},{"name":"weekly_reporting_harness_runbook","title":"Weekly Reporting Harness Runbook","description":"Harness-oriented runbook for future scheduled report generation.","kind":"guide","path":"harness/weekly-reporting-runbook.md"}],"prompts":[{"name":"weekly_report_builder","title":"Weekly Report Builder","description":"Guide an agent through collecting source notes, drafting, reviewing, and preparing a weekly report.","arguments":["audience","reporting_period","source_notes"]}]},{"id":"context-surgeon","version":"0.1.0","title":"Context Surgeon","summary":"Analyze agent sessions for token waste, repeated reads, bloated outputs, and operational drift.","maturityStage":"operate","resourceType":"diagnostic","useCase":"Improve an existing agent workflow by finding context sinks and repeat failure patterns in session exports.","toolboxItemIds":["builtin-context-surgeon"],"deliveryTargets":["web-tool","agent-kit","mcp-planning","harness-ready"],"requiredInputs":["Agent session export","Optional task objective","Optional known pain points"],"requiredIntegrations":["Local session export upload"],"outputArtifacts":["Context efficiency report","Repeat-read ledger","Recommended memory or skill updates"],"permissions":[{"id":"session-export-read","label":"Read uploaded session export","level":"read","target":"User-provided agent transcript or session export","approvalRequired":false},{"id":"context-report-draft","label":"Draft context optimization report","level":"draft","target":"Internal report and recommended improvements","approvalRequired":false}],"approvalGates":["Warn users before uploading transcripts that may include secrets, credentials, or customer data.","Require explicit approval before turning recommendations into persistent memory or skill changes."],"validationChecks":["Preserve privacy wording around uploaded transcripts and sensitive contents.","Report token sinks, repeat reads, large tool outputs, and missed continuity cues.","Do not write memory, skills, or repo files from analysis alone."],"tools":[{"name":"plan_context_review","title":"Plan Context Review","description":"Create a safe review plan for an uploaded coding-agent session.","permissionIds":["session-export-read","context-report-draft"]},{"name":"summarize_context_sinks","title":"Summarize Context Sinks","description":"Turn session-analysis findings into an operator-facing improvement report.","inputSchemaRef":"schemas/context-analysis.schema.json","permissionIds":["session-export-read","context-report-draft"]}],"resources":[{"name":"context_review_privacy_notice","title":"Context Review Privacy Notice","description":"User-facing notice for handling sensitive transcript uploads.","kind":"policy","path":"policies/context-review-privacy.md"},{"name":"context_surgeon_report_template","title":"Context Surgeon Report Template","description":"Report outline for session waste, repeated work, and improvement recommendations.","kind":"template","path":"templates/context-surgeon-report.md"}],"prompts":[{"name":"context_surgeon_review","title":"Context Surgeon Review","description":"Guide an agent through privacy-safe context review and operational recommendations.","arguments":["session_summary","known_issue","desired_outcome"]}]}]}