🤖 I have created a release *beep* *boop*
---


##
[1.1.0](hve-core-v1.0.0...hve-core-v1.1.0)
(2026-01-19)


### ✨ Features

* **.devcontainer:** add development container configuration
([#24](#24))
([45debf5](45debf5))
* **.github:** add github metadata and mcp configuration
([#23](#23))
([1cb898d](1cb898d))
* **agent:** Add automated installation via hve-core-installer agent
([#82](#82))
([a2716d5](a2716d5))
* **agents:** add brd-builder.agent.md for building BRDs
([#122](#122))
([bfdc9f3](bfdc9f3))
* **agents:** redesign installer with Codespaces support and method
documentation ([#123](#123))
([6329fc0](6329fc0))
* **ai:** Establish AI-Assisted Development Framework
([#48](#48))
([f5199a4](f5199a4))
* **build:** implement automated release management with release-please
([#86](#86))
([90150e2](90150e2))
* **chatmodes:** add architecture diagram builder agent
([#145](#145))
([db24637](db24637))
* **config:** add development tools configuration files
([#19](#19))
([9f97522](9f97522))
* **config:** add npm package configuration and dependencies
([#20](#20))
([fcba198](fcba198))
* **copilot:** add GitHub Copilot instruction files
([#22](#22))
([4927284](4927284))
* **copilot:** add specialized chat modes for development workflows
([#21](#21))
([ae8495f](ae8495f))
* **docs:** add comprehensive AI artifact contribution documentation
([#76](#76))
([d81cf96](d81cf96))
* **docs:** add getting started guide for project configuration
([#57](#57))
([3b864fa](3b864fa))
* **docs:** add repository foundation and documentation files
([#18](#18))
([ad7efb6](ad7efb6)),
closes [#2](#2)
* **docs:** add RPI workflow documentation and restructure docs folder
([#102](#102))
([c3af708](c3af708))
* **extension:** hve core vs code extension
([#149](#149))
([041a1fd](041a1fd))
* **extension:** implement pre-release versioning with agent maturity
filtering ([#179](#179))
([fb38233](fb38233))
* **instructions:** add authoring standards for prompt engineering
artifacts ([#177](#177))
([5de3af9](5de3af9))
* **instructions:** add extension quick install and enhance installer
agent ([#176](#176))
([48e3d58](48e3d58))
* **instructions:** add VS Code variant prompt and gitignore
recommendation to installer
([#185](#185))
([b400493](b400493))
* **instructions:** add writing style guide for markdown content
([#151](#151))
([02df6a8](02df6a8))
* **instructions:** consolidate C# guidelines and update prompt agent
fields ([#158](#158))
([65342d4](65342d4))
* **instructions:** provide guidance on using safe commands to reduce
interactive prompting
([#117](#117))
([1268580](1268580))
* **linting:** add linting and validation scripts
([#26](#26))
([66be136](66be136))
* **prompt-builder:** enhance prompt engineering instructions and
validation protocols
([#155](#155))
([bc5004f](bc5004f))
* **prompts:** add ADR placement planning and update template paths
([#69](#69))
([380885f](380885f))
* **prompts:** add git workflow prompts from edge-ai
([#84](#84))
([56d66b6](56d66b6))
* **prompts:** add github-add-issue prompt and github-issue-manager
chatmode with delegation pattern
([#55](#55))
([d0e1789](d0e1789))
* **prompts:** add PR template discovery and integration to pull-request
prompt ([#141](#141))
([b8a4c7a](b8a4c7a))
* **prompts:** add task research initiation prompt and rpi
agent([#124](#124))
([5113e3b](5113e3b))
* **release:** implement release management strategy
([#161](#161))
([6164c3b](6164c3b))
* Risk Register Prompt
([#146](#146))
([843982c](843982c))
* **scripts:** enhanced JSON Schema validation for markdown frontmatter
([#59](#59))
([aba152c](aba152c))
* **security:** add checksum validation infrastructure
([#106](#106))
([07528fb](07528fb))
* **security:** add security scanning scripts
([#25](#25))
([82de5a1](82de5a1))
* **workflows:** add CodeQL security analysis to PR validation
([#132](#132))
([e5b6e8f](e5b6e8f))
* **workflows:** add orchestration workflows and documentation
([#29](#29))
([de442e0](de442e0))
* **workflows:** add security reusable workflows
([#28](#28))
([2c74399](2c74399))
* **workflows:** add validation reusable workflows
([#27](#27))
([f52352d](f52352d))


### 🐛 Bug Fixes

* **build:** add token parameter to release-please action
([#166](#166))
([c9189ec](c9189ec))
* **build:** disable MD012 lint rule in CHANGELOG for release-please
compatibility ([#173](#173))
([54502d8](54502d8)),
closes [#172](#172)
* **build:** pin npm commands for OpenSSF Scorecard compliance
([#181](#181))
([c29db54](c29db54))
* **build:** remediate GHSA-g9mf-h72j-4rw9 undici vulnerability
([#188](#188))
([634bf36](634bf36))
* **build:** seed CHANGELOG.md with version entry for release-please
frontmatter preservation
([#170](#170))
([2b299ac](2b299ac))
* **build:** use GitHub App token for release-please
([#167](#167))
([070e042](070e042))
* **build:** use hashtable splatting for named parameters
([#164](#164))
([02a965f](02a965f))
* **devcontainer:** remove unused Python requirements check
([#78](#78))
([f17a872](f17a872)),
closes [#77](#77)
* **docs:** fix broken links and update validation for .vscode/README.md
([#118](#118))
([160ae7a](160ae7a))
* **docs:** improve language consistency in Automated Installation
section ([#139](#139))
([a932918](a932918))
* **docs:** replace install button anchor with VS Code protocol handler
([#111](#111))
([41a265e](41a265e))
* **docs:** update install badges to use aka.ms redirect URLs
([#114](#114))
([868f655](868f655))
* **linting:** use cross-platform path separators in gitignore pattern
matching ([#121](#121))
([3f0aa1b](3f0aa1b))
* **scripts:** accepts the token (YYYY-MM-dd) in frontmatter validation
([#133](#133))
([2648215](2648215))
* **tools:** correct Method 5 path resolution in hve-core-installer
([#129](#129))
([57ef20d](57ef20d))


### 📚 Documentation

* add comprehensive RPI workflow documentation
([#153](#153))
([cbaa4a9](cbaa4a9))
* enhance README with contributing, responsible AI, and legal sections
([#52](#52))
([a424adc](a424adc))


### ♻️ Refactoring

* **instructions:** consolidate and enhance AI artifact guidelines
([#206](#206))
([54dd959](54dd959))
* migrate chatmodes to agents architecture
([#210](#210))
([712b0b7](712b0b7))


### 🔧 Maintenance

* **build:** clean up workflow permissions for Scorecard compliance
([#183](#183))
([64686e7](64686e7))
* **deps-dev:** bump cspell in the npm-dependencies group
([#61](#61))
([38650eb](38650eb))
* **deps-dev:** bump glob from 10.4.5 to 10.5.0
([#74](#74))
([b3ca9fd](b3ca9fd))
* **deps-dev:** bump markdownlint-cli2 from 0.19.1 to 0.20.0 in the
npm-dependencies group
([#134](#134))
([ebfbe84](ebfbe84))
* **deps-dev:** bump the npm-dependencies group across 1 directory with
2 updates ([#109](#109))
([936ab84](936ab84))
* **deps-dev:** bump the npm-dependencies group with 2 updates
([#30](#30))
([cf99cbf](cf99cbf))
* **deps:** bump actions/upload-artifact from 5.0.0 to 6.0.0 in the
github-actions group
([#142](#142))
([91eac8a](91eac8a))
* **deps:** bump js-yaml, markdown-link-check and markdownlint-cli2
([#75](#75))
([af03d0e](af03d0e))
* **deps:** bump the github-actions group with 2 updates
([#108](#108))
([3e56313](3e56313))
* **deps:** bump the github-actions group with 2 updates
([#135](#135))
([4538a03](4538a03))
* **deps:** bump the github-actions group with 2 updates
([#62](#62))
([d1e0c09](d1e0c09))
* **deps:** bump the github-actions group with 3 updates
([#87](#87))
([ed550f4](ed550f4))
* **deps:** bump the github-actions group with 6 updates
([#162](#162))
([ec5bb12](ec5bb12))
* **devcontainer:** enhance gitleaks installation with checksum
verification ([#100](#100))
([5a8507d](5a8507d))
* **devcontainer:** refactor setup scripts for improved dependency
management ([#94](#94))
([f5f50d1](f5f50d1)),
closes [#98](#98)
* **security:** configure GitHub branch protection for OpenSSF
compliance ([#191](#191))
([90aab1a](90aab1a))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: hve-core-release-please[bot] <254602402+hve-core-release-please[bot]@users.noreply.github.com>

…optimization (#247)

# Pull Request

## Description

This PR introduces a new video-to-gif skill with FFmpeg two-pass palette
optimization, including HDR detection and tonemapping support. The skill
provides cross-platform scripts (bash and PowerShell) for high-quality
video-to-GIF conversion with customizable parameters for frame rate,
width, dithering algorithms, and time range extraction.

Additionally, the PR simplifies the hve-core-installer agent by
consolidating phases and streamlining the installation flow, removes MCP
configuration documentation (moved to external guidance), refactors
several PowerShell scripts for maintainability, and updates
documentation links throughout the repository.

**Key changes:**

- feat(video-to-gif): New skill with SKILL.md documentation, convert.sh
(bash), and convert.ps1 (PowerShell) scripts
  - Two-pass palette optimization for superior GIF quality
- Automatic HDR detection with tonemapping (hable, reinhard, mobius,
bt2390)
  - Workspace-first file search for convenient file discovery
- Configurable FPS, width, dithering, loop count, and time range
extraction

- refactor(installer): Simplified hve-core-installer.agent.md phase
structure
  - Removed MCP configuration guidance checkpoint
  - Consolidated phases for clearer installation flow
- Extension Quick Install now goes directly to gitignore recommendation

- docs: Updated documentation links from `.github/CUSTOM-AGENTS.md` to
`.github/README.md`
- Updated references in README.md, first-workflow.md, install.md, and
RPI documentation

- refactor(scripts): Simplified PowerShell scripts by removing pure
function patterns
- Removed dot-source entry point guards from Generate-PrReference.ps1,
Package-Extension.ps1, Prepare-Extension.ps1, and
Get-VerifiedDownload.ps1
- Deleted associated Pester test files (Generate-PrReference.Tests.ps1,
Get-VerifiedDownload.Tests.ps1, Package-Extension.Tests.ps1,
Prepare-Extension.Tests.ps1)

- chore: Removed `oldsha` from cspell dictionary, updated
extension/README.md with frontmatter

## Related Issue(s)

<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->

## Type of Change

Select all that apply:

**Code & Documentation:**

- [ ] Bug fix (non-breaking change fixing an issue)
- [x] New feature (non-breaking change adding functionality)
- [ ] Breaking change (fix or feature causing existing functionality to
change)
- [x] Documentation update

**Infrastructure & Configuration:**

- [ ] GitHub Actions workflow
- [ ] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [ ] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [ ] Copilot instructions (`.github/instructions/*.instructions.md`)
- [ ] Copilot prompt (`.github/prompts/*.prompt.md`)
- [ ] Copilot agent (`.github/agents/*.agent.md`)

> **Note for AI Artifact Contributors**:
>
> - **Agents**: Research, indexing/referencing other project (using
standard VS Code GitHub Copilot/MCP tools), planning, and general
implementation agents likely already exist. Review `.github/agents/`
before creating new ones.
> - **Model Versions**: Only contributions targeting the **latest
Anthropic and OpenAI models** will be accepted. Older model versions
(e.g., GPT-3.5, Claude 3) will be rejected.
> - See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

- [x] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

<!-- If you checked any boxes under "AI Artifacts" above, provide a
sample prompt showing how to use your contribution -->
<!-- Delete this section if not applicable -->

**User Request:**
<!-- What natural language request would trigger this
agent/prompt/instruction? -->

**Execution Flow:**
<!-- Step-by-step: what happens when invoked? Include tool usage,
decision points -->

**Output Artifacts:**
<!-- What files/content are created? Show first 10-20 lines as preview
-->

**Success Indicators:**
<!-- How does user know it worked correctly? What validation should they
perform? -->

For detailed contribution requirements, see:

- **Common Standards**:
[docs/contributing/ai-artifacts-common.md](../docs/contributing/ai-artifacts-common.md)
- Shared standards for XML blocks, markdown quality, RFC 2119,
validation, and testing
- **Agents**:
[docs/contributing/custom-agents.md](../docs/contributing/custom-agents.md)
- Agent configurations with tools and behavior patterns
- **Prompts**:
[docs/contributing/prompts.md](../docs/contributing/prompts.md) -
Workflow-specific guidance with template variables
- **Instructions**:
[docs/contributing/instructions.md](../docs/contributing/instructions.md)
- Technology-specific standards with glob patterns

## GHCP Artifact Maturity

| File | Type | Maturity | Notes |
| ----------------------------------------- | ----- | ---------- |
---------- |
| `.github/skills/video-to-gif/SKILL.md` | Skill | ✅ stable | All builds
|

## Testing

<!-- Describe how you tested these changes -->

## Checklist

### Required Checks

- [x] Documentation is updated (if applicable)
- [x] Files follow existing naming conventions
- [x] Changes are backwards compatible (if applicable)

### AI Artifact Contributions

<!-- If contributing an agent, prompt, or instruction, complete these
checks -->
- [ ] Used `/prompt-analyze` to review contribution
- [ ] Addressed all feedback from `prompt-builder` review
- [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

- [x] Markdown linting: `npm run lint:md`
- [x] Spell checking: `npm run spell-check`
- [x] Frontmatter validation: `npm run lint:frontmatter`
- [x] Link validation: `npm run lint:md-links`
- [x] PowerShell analysis: `npm run lint:ps`

## Security Considerations

<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
- [x] This PR does not contain any sensitive or NDA information
- [x] Any new dependencies have been reviewed for security issues
- [x] Security-related scripts follow the principle of least privilege

## Additional Notes

- The video-to-gif skill requires FFmpeg to be installed on the system
- HDR tonemapping requires FFmpeg 4.0+ with zscale filter (libzimg)
support
- Deleted MCP configuration documentation
(`docs/getting-started/mcp-configuration.md`) as it was consolidated
elsewhere
- Test file deletions are intentional; the pure function patterns were
removed from the scripts they tested

🎥 - Generated by Copilot

…CP config (#402)

# feat(hve-core-guidance-instructions): update guidance artifacts and
MCP config

## Description
This PR updated guidance artifacts for subagent behavior and location
fallback rules, and expanded MCP configuration inputs and servers.

- Added the `agent` frontmatter field to the pull request prompt
definition.
- Added HVE Core location guidance instructions for missing prompt,
instruction, agent, or script lookups.
- Clarified `runSubagent` limitations when dispatching subagents in the
RPI agent guidance.
- Expanded `.vscode/mcp.json` with Azure DevOps inputs and new MCP
servers for Terraform, Context7, Microsoft Docs, and Azure DevOps.

## Details

This works by abusing this part of the System Message for GitHub
Copilot:

<img width="1090" height="212" alt="image"
src="https://github.com/user-attachments/assets/b9bd7e51-f44a-41ba-b549-ffc001abe816"
/>

## Related Issue(s)
<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->
Fixes #428 

## Type of Change

Select all that apply:

**Code & Documentation:**

- [ ] Bug fix (non-breaking change fixing an issue)
- [x] New feature (non-breaking change adding functionality)
- [ ] Breaking change (fix or feature causing existing functionality to
change)
- [ ] Documentation update

**Infrastructure & Configuration:**

- [ ] GitHub Actions workflow
- [ ] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [ ] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [x] Copilot instructions (`.github/instructions/*.instructions.md`)
- [x] Copilot prompt (`.github/prompts/*.prompt.md`)
- [x] Copilot agent (`.github/agents/*.agent.md`)

> **Note for AI Artifact Contributors**:
>
> - **Agents**: Research, indexing/referencing other project (using
standard VS Code GitHub Copilot/MCP tools), planning, and general
implementation agents likely already exist. Review `.github/agents/`
before creating new ones.
> - **Model Versions**: Only contributions targeting the **latest
Anthropic and OpenAI models** will be accepted. Older model versions
(e.g., GPT-3.5, Claude 3) will be rejected.
> - See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

- [ ] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

**User Request:**
Generate a PR description from `pr-reference.xml` and ensure it follows
the repository template.

**Execution Flow:**
- Read `pr-reference.xml` to capture commit history and diffs.
- Detect AI artifact changes and apply template checkboxes.
- Produce a complete PR description with the required sections.

**Output Artifacts:**
- `pr.md`

**Success Indicators:**
- The PR description uses the repository template and reflects all
significant changes from `pr-reference.xml`.

For detailed contribution requirements, see:

- **Common Standards**:
[docs/contributing/ai-artifacts-common.md](../docs/contributing/ai-artifacts-common.md)
- Shared standards for XML blocks, markdown quality, RFC 2119,
validation, and testing
- **Agents**:
[docs/contributing/custom-agents.md](../docs/contributing/custom-agents.md)
- Agent configurations with tools and behavior patterns
- **Prompts**:
[docs/contributing/prompts.md](../docs/contributing/prompts.md) -
Workflow-specific guidance with template variables
- **Instructions**:
[docs/contributing/instructions.md](../docs/contributing/instructions.md)
- Technology-specific standards with glob patterns

## Testing
Not run (not requested).

## Checklist

### Required Checks

- [ ] Documentation is updated (if applicable)
- [ ] Files follow existing naming conventions
- [ ] Changes are backwards compatible (if applicable)
- [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions
<!-- If contributing an agent, prompt, or instruction, complete these
checks -->
- [ ] Used `/prompt-analyze` to review contribution
- [ ] Addressed all feedback from `prompt-builder` review
- [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

- [ ] Markdown linting: `npm run lint:md`
- [ ] Spell checking: `npm run spell-check`
- [ ] Frontmatter validation: `npm run lint:frontmatter`
- [ ] Link validation: `npm run lint:md-links`
- [ ] PowerShell analysis: `npm run lint:ps`

## Security Considerations
<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
- [x] This PR does not contain any sensitive or NDA information
- [ ] Any new dependencies have been reviewed for security issues
- [ ] Security-related scripts follow the principle of least privilege

## Additional Notes
<!-- Any additional information that reviewers should know -->

# Pull Request

## Description
<!-- Provide a clear description of the changes in this PR -->
This PR adds repository-specific GitHub Actions instructions under
`.github/instructions/`.

The instructions document existing conventions and security requirements
observed across current workflows and are intended to guide contributors
and tooling when authoring or modifying GitHub Actions.

## Related Issue(s)
<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->
Fixes #317

## Type of Change

Select all that apply:

**Code & Documentation:**

- [ ] Bug fix (non-breaking change fixing an issue)
- [ ] New feature (non-breaking change adding functionality)
- [ ] Breaking change (fix or feature causing existing functionality to
change)
- [x] Documentation update

**Infrastructure & Configuration:**

- [ ] GitHub Actions workflow
- [ ] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [ ] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [x] Copilot instructions (`.github/instructions/*.instructions.md`)
- [ ] Copilot prompt (`.github/prompts/*.prompt.md`)
- [ ] Copilot agent (`.github/agents/*.agent.md`)
- [ ] Copilot skill (`.github/skills/*/SKILL.md`)

**Other:**

- [ ] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)
<!-- Not applicable for this change -->

## Testing
<!-- Describe how you tested these changes -->
Not applicable. Documentation-only change.

## Checklist

### Required Checks

- [x] Documentation is updated (if applicable)
- [x] Files follow existing naming conventions
- [ ] Changes are backwards compatible (if applicable)
- [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions
<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
- [ ] Used `/prompt-analyze` to review contribution
- [ ] Addressed all feedback from `prompt-builder` review
- [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

- [ ] Markdown linting: `npm run lint:md`
- [ ] Spell checking: `npm run spell-check`
- [ ] Frontmatter validation: `npm run lint:frontmatter`
- [ ] Link validation: `npm run lint:md-links`
- [ ] PowerShell analysis: `npm run lint:ps`

## Security Considerations
<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
- [x] This PR does not contain any sensitive or NDA information
- [ ] Any new dependencies have been reviewed for security issues
- [ ] Security-related scripts follow the principle of least privilege

## Additional Notes
<!-- Any additional information that reviewers should know -->
None.

---------

Co-authored-by: Bill Berry <[email protected]>

## Description

Introduces a complete TPM-focused GitHub backlog management pipeline — 1
orchestrator agent, 5 instructions (including P0 reference
specification), and 4 entry-point prompts — mirroring the ADO tooling
pipeline architecture with GitHub-native MCP tools. Replaces and
deprecates the single-purpose `github-issue-manager` agent with a
four-stage workflow covering triage, discovery, sprint planning, and
batch execution.

Also fixes a bug in `github-add-issue.prompt.md` where the prompt
referenced non-existent `mcp_github_create_issue` (correct tool:
`mcp_github_issue_write`).

### Architecture

**Instructions-first pipeline** parallels the ADO tooling suite:

```text
github-backlog-planning.instructions.md (P0 — reference specification, 758 lines)
    ├── github-backlog-triage.instructions.md (302 lines)
    ├── github-backlog-discovery.instructions.md (234 lines)
    └── github-backlog-update.instructions.md (226 lines)

github-backlog-manager.agent.md (orchestrator, 174 lines)
    ├── github-triage-issues.prompt.md → triage instructions
    ├── github-discover-issues.prompt.md → discovery instructions
    ├── github-execute-backlog.prompt.md → update instructions
    └── github-sprint-plan.prompt.md → planning spec + milestone APIs
```

Key design decisions:

- **Reference specification as foundation** —
`github-backlog-planning.instructions.md` defines planning file
templates, MCP tool catalog, search protocols, similarity assessment
matrix, state persistence, and the three-tier autonomy model. All
workflow instructions cross-reference this specification.
- **Intent-based routing** — The orchestrator agent classifies requests
into five workflow types (triage, discovery, sprint, execution,
single-issue) and dispatches to the appropriate prompt.
- **Three-tier autonomy** — Full (no gates), Partial (key gates only),
Manual (all gates). Workflows default to Partial.
- **Similarity assessment** — 5-dimension weighted scoring matrix
prevents duplicate issue creation during batch operations.
- **Hierarchy-aware execution** — Batch operations process parent issues
before children to maintain referential integrity with the sub-issues
API.

### New Artifacts (10 files)

| File | Lines | Purpose |
|------|-------|---------|
| `github-backlog-manager.agent.md` | 174 | Orchestrator with intent
classification, five workflow dispatch paths |
| `github-backlog-planning.instructions.md` | 758 | P0 reference:
planning file templates, MCP tool catalog, similarity assessment,
autonomy model |
| `github-backlog-triage.instructions.md` | 302 | Batch label/milestone
suggestion, duplicate detection, triage-plan output |
| `github-backlog-discovery.instructions.md` | 234 | Three discovery
modes: artifact-driven, user-centric, search-based |
| `github-backlog-update.instructions.md` | 226 | Execution pipeline
consuming planning handoffs, hierarchy-aware ordering |
| `community-interaction.instructions.md` | 335 | Voice/tone guidelines
and 20 scenario templates for issue and PR comments |
| `github-triage-issues.prompt.md` | 84 | Triage entry point |
| `github-discover-issues.prompt.md` | 128 | Discovery entry point with
three-path classification |
| `github-execute-backlog.prompt.md` | 78 | Batch execution entry point
|
| `github-sprint-plan.prompt.md` | 109 | Sprint planning with milestone
management and velocity analysis |

### Modified Files (9)

| File | Change |
|------|--------|
| `github-add-issue.prompt.md` | Bug fix: `mcp_github_create_issue` →
`mcp_github_issue_write`; rewritten 304→86 lines; maturity→experimental
|
| `github-issue-manager.agent.md` | Deprecated (133→11 lines) with
`[!CAUTION]` migration notice |
| `CUSTOM-AGENTS.md` | Agent table: `github-issue-manager` →
`github-backlog-manager` |
| `hve-core-installer.agent.md` | Agent count 14→20+; listing updated;
formatting fixes |
| `writing-style.instructions.md` | Community row added to
formality/pronoun tables; cross-reference added |
| `docs/getting-started/install.md` | Reference rename |
| `docs/getting-started/mcp-configuration.md` | Agent MCP Dependencies
table updated |
| `extension/README.md` | Agent listing updated |
| `extension/package.json` | Manifest regenerated: 21 agents, 26
prompts, 23 instructions |

## Related Issue(s)

Closes #447

## Type of Change

Select all that apply:

**Code & Documentation:**

- [x] Bug fix (non-breaking change fixing an issue)
- [x] New feature (non-breaking change adding functionality)
- [ ] Breaking change (fix or feature causing existing functionality to
change)
- [x] Documentation update

**Infrastructure & Configuration:**

- [ ] GitHub Actions workflow
- [ ] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [ ] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [x] Copilot instructions (`.github/instructions/*.instructions.md`)
- [x] Copilot prompt (`.github/prompts/*.prompt.md`)
- [x] Copilot agent (`.github/agents/*.agent.md`)
- [ ] Copilot skill (`.github/skills/*/SKILL.md`)

**Other:**

- [ ] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

### Triage Workflow

**User Request:**

> @github-backlog-manager triage the open issues in microsoft/hve-core

**Execution Flow:**

1. Agent classifies intent → triage workflow
2. Dispatches to `github-triage-issues.prompt.md`
3. Loads `github-backlog-triage.instructions.md` + planning
specification
4. Fetches open issues via `mcp_github_list_issues`
5. Analyzes labels, milestones, and duplicates against the 17-label
taxonomy
6. Generates `triage-plan.md` under
`.copilot-tracking/github-issues/triage/`
7. Prompts for approval at Partial autonomy before applying changes

**Output Artifacts:**

```markdown
---
type: triage-plan
repo: microsoft/hve-core
created: 2026-02-07
---

# Triage Plan

## Issue #123 — Fix broken link in docs

- Labels: `docs`, `bug`
- Milestone: v2.3.0 (EVEN = maintenance)
- Priority: P2
- Duplicates: None detected
```

**Success Indicators:**

- Planning file created under `.copilot-tracking/github-issues/`
- Labels match the 17-label taxonomy from the planning specification
- Milestones follow EVEN/ODD conventions
- User prompted before mutations execute

### Discovery Workflow

**User Request:**

> @github-backlog-manager discover issues related to the new MCP tools
we added

**Execution Flow:**

1. Agent classifies intent → discovery workflow (Path B:
artifact-driven)
2. Dispatches to `github-discover-issues.prompt.md`
3. Scans changed files to extract feature context
4. Searches existing issues via `mcp_github_search_issues` for overlap
5. Generates `issues-plan.md` with new issues to create and existing
ones to update

**Success Indicators:**

- Discovery path correctly classified (artifact, user, or search)
- Similarity assessment prevents duplicate proposals
- Planning file output ready for execution handoff

## Testing

All 6 validators passed clean on committed artifacts:

| Validator | Command | Result |
|-----------|---------|--------|
| Table formatting | `npm run format:tables` | Clean |
| Frontmatter | `npm run lint:frontmatter` | 127 files, 0 errors |
| Markdown | `npm run lint:md` | 0 errors |
| Spelling | `npm run spell-check` | 91 files, 0 issues |
| Link validation | `npm run lint:md-links` | All links passed |
| Extension manifest | `npm run extension:prepare` | 21 agents, 26
prompts, 23 instructions |

## Checklist

### Required Checks

- [x] Documentation is updated (if applicable)
- [x] Files follow existing naming conventions
- [x] Changes are backwards compatible (if applicable)
- [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions

- [ ] Used `/prompt-analyze` to review contribution
- [ ] Addressed all feedback from `prompt-builder` review
- [x] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

- [x] Markdown linting: `npm run lint:md`
- [x] Spell checking: `npm run spell-check`
- [x] Frontmatter validation: `npm run lint:frontmatter`
- [x] Link validation: `npm run lint:md-links`
- [ ] PowerShell analysis: `npm run lint:ps`

## Security Considerations

- [x] This PR does not contain any sensitive or NDA information
- [x] Any new dependencies have been reviewed for security issues
- [x] Security-related scripts follow the principle of least privilege

No new dependencies introduced. No authentication or secret changes. All
artifacts are declarative markdown — no executable code added.

## Additional Notes

### Branch Drift

This branch is based on commit `25b34de` which predates several changes
now on `main` (version rollback 2.2.0→2.1.0, deleted
`incident-response.prompt.md`, `rca-template.md`,
`copyright-headers.yml`). The PR diff shows 14 additional files not part
of this feature work. A rebase onto current `main` before merge will
isolate the feature delta to the 19 files listed above.

### Design Rationale

The instructions-first architecture follows the proven ADO pipeline
pattern where a single P0 reference specification (758 lines) defines
all shared conventions and specialized workflow instructions
cross-reference rather than duplicate. Each prompt file stays focused
(<130 lines) while the orchestrator agent handles intent classification
and routing.

…anifests (#496)

# feat(plugin): support Copilot CLI plugin generation from collection
manifests

## Description

Fixes #476
Fixes #392

Added Copilot CLI plugin support, enabling HVE Core agents, prompts,
instructions, and skills to be packaged as installable CLI plugins. This
feature introduces YAML collection manifests that define artifact
bundles, PowerShell scripts that generate plugin directories with
symlinked content, a validation pipeline, and an auto-generated artifact
catalog with VS Code install badges.

- feat(plugin): added 10 collection manifests
(`collections/*.collection.yml`) defining artifact bundles for ado,
coding-standards, data-science, git, github, hve-core-all,
project-planning, prompt-engineering, rpi, and security-planning

- feat(plugin): implemented `Generate-Plugins.ps1` to create plugin
directories from collection manifests with symlinked agents, commands,
instructions, and skills
- Each plugin directory includes `.github/plugin/plugin.json`, a
generated `README.md`, and symlinks to source artifacts

- feat(plugin): implemented `Validate-Collections.ps1` to validate
collection manifest structure, required fields, and referenced file
paths against `collection-manifest.schema.json`

- feat(plugin): implemented `Generate-Badges.ps1` to produce
`docs/catalog.md` with browsable tables of all agents, prompts,
instructions, and skills with one-click VS Code install badges

- feat(plugin): created `PluginHelpers.psm1` shared PowerShell module
with utility functions for path resolution, manifest parsing, CI
annotation output, symlink creation, and README generation

- ci(plugin): added `plugin-validation.yml` reusable workflow that
validates collection manifests and checks plugin directory freshness
against generated output

- ci(plugin): integrated plugin validation into the existing
`pr-validation.yml` pipeline as a required job

- feat(plugin): added `plugin:generate`, `plugin:validate`, and
`plugin:badges` npm scripts to `package.json`

- docs(plugin): added CLI plugins installation guide at
`docs/getting-started/methods/cli-plugins.md` with prerequisites,
registration, and usage instructions

- docs(plugin): updated `docs/getting-started/README.md` to include
Copilot CLI Plugins as the eighth installation method

- docs(plugin): generated `docs/catalog.md` artifact catalog with 21
agents, 27 prompts, 24 instructions, and 1 skill listed with install
badges

- feat(plugin): generated 10 plugin directories under `plugins/` with
symlinked content from `.github/agents/`, `.github/prompts/`,
`.github/instructions/`, and `.github/skills/`

- refactor(plugin): reordered version and description fields in
`plugin.json` files for consistency

- style(instructions): standardized table formatting across 20+ agent,
instruction, and prompt files for consistent column alignment

- feat(plugin): added `collection-manifest.schema.json` for validating
collection YAML manifest structure

## Related Issue(s)
<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->

## Type of Change

Select all that apply:

**Code & Documentation:**

- [ ] Bug fix (non-breaking change fixing an issue)
- [x] New feature (non-breaking change adding functionality)
- [ ] Breaking change (fix or feature causing existing functionality to
change)
- [x] Documentation update

**Infrastructure & Configuration:**

- [x] GitHub Actions workflow
- [x] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [x] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [x] Copilot instructions (`.github/instructions/*.instructions.md`)
- [x] Copilot prompt (`.github/prompts/*.prompt.md`)
- [x] Copilot agent (`.github/agents/*.agent.md`)
- [ ] Copilot skill (`.github/skills/*/SKILL.md`)

> **Note for AI Artifact Contributors**:
>
> - **Agents**: Research, indexing/referencing other project (using
standard VS Code GitHub Copilot/MCP tools), planning, and general
implementation agents likely already exist. Review `.github/agents/`
before creating new ones.
> - **Skills**: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> - **Model Versions**: Only contributions targeting the **latest
Anthropic and OpenAI models** will be accepted. Older model versions
(e.g., GPT-3.5, Claude 3) will be rejected.
> - See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

- [x] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

AI artifact changes in this PR are limited to table formatting
standardization (style-only). No new agents, prompts, or instructions
were introduced.

## Testing

### Plugin Generation and Validation

- Ran `npm run plugin:validate` — all 10 collection manifests passed
validation (0 errors)
- Ran `npm run plugin:generate` — generated 10 plugin directories with
41 agents, 54 commands, 71 instructions, and 1 skill
- Verified plugin freshness: `git diff --quiet plugins/` confirmed
generated output matches committed state

### Copilot CLI Plugin Usage

Once installed via the plugin marketplace, artifacts become available in
Copilot CLI:

**Marketplace registration and plugin install:**

```bash
copilot plugin marketplace add microsoft/hve-core
copilot plugin install rpi@hve-core
```

**Agents** — Available via `/agent` slash command or `--agent` flag:

```bash
# Non-interactive (one-shot)
copilot --agent=task-researcher -p "Research authentication patterns"

# Interactive (switch agents mid-session)
copilot
> /agent task-researcher
> Research authentication patterns
> /agent task-planner
> Plan based on the research
```

**Commands** — Prompts from `commands/` become namespaced slash
commands:

```bash
copilot
> /rpi:task-research          # runs the task-research prompt
> /git:git-commit-message     # from the git plugin bundle
> /ado:ado-get-build-info     # from the ado plugin bundle
```

**Instructions** — Included in plugin directories but not natively
consumed by the CLI plugin system. Instructions apply when using the
direct file approach (cloning hve-core and letting CLI auto-discover
from `.github/`). For plugin installs, agent files reference
instructions internally, so instruction guidance carries through agent
behavior.

### Known CLI Limitations

- `${input:variableName}` template variables are VS Code-only; CLI users
pass parameters as natural language
- `#file:` context references are VS Code-only; CLI agents use file-read
tools instead
- MCP servers require separate configuration at
`~/.copilot/mcp-config.json`

### Automated Checks

All required automated checks passed (see Required Automated Checks
section below).

## Checklist

### Required Checks

- [x] Documentation is updated (if applicable)
- [x] Files follow existing naming conventions
- [x] Changes are backwards compatible (if applicable)
- [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions
<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
- [ ] Used `/prompt-analyze` to review contribution
- [ ] Addressed all feedback from `prompt-builder` review
- [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

- [x] Markdown linting: `npm run lint:md`
- [x] Spell checking: `npm run spell-check`
- [x] Frontmatter validation: `npm run lint:frontmatter`
- [x] Link validation: `npm run lint:md-links`
- [x] PowerShell analysis: `npm run lint:ps`

## GHCP Artifact Maturity

All modified GHCP artifacts (agents, instructions, prompts) are existing
stable files with style-only table formatting changes. No non-stable
maturity levels detected.

| File | Type | Maturity | Notes |

|-----------------------------------------|--------------|------------|-------------------------|
| Multiple `.agent.md` files | Agent | ✅ stable | Table formatting only
|
| Multiple `.instructions.md` files | Instructions | ✅ stable | Table
formatting only |
| `pull-request.prompt.md` | Prompt | ✅ stable | Table formatting only |
| `risk-register.prompt.md` | Prompt | ✅ stable | Table formatting only
|

## Security Considerations
<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
- [x] This PR does not contain any sensitive or NDA information
- [x] Any new dependencies have been reviewed for security issues
- [x] Security-related scripts follow the principle of least privilege

## Additional Notes

- Plugin directories under `plugins/` use symlinks to source artifacts,
enabling zero-copy installation and automatic content synchronization.
- The `plugin-validation.yml` workflow checks both manifest validity and
plugin freshness (whether generated output matches current manifests).
- Collection manifests support `display.ordering` (manual or alpha) and
`display.show_badge` settings for catalog generation.
- The `scripts/README.md` was updated to document the new
`scripts/plugins/` directory and its scripts.

🔧 - Generated by Copilot

…gins (#549)

# fix(plugins): merge git collection into rpi and distribute to all
plugins

## Description

Consolidated the standalone `git` collection into the `rpi` collection,
removing `plugins/git/` entirely and distributing git-related agents,
prompts, and instructions across all remaining plugin bundles. Since RPI
is the foundational collection included by every other collection, git
workflow tooling now ships as part of the baseline rather than as a
separate opt-in package.

- Deleted `collections/git.collection.yml` and
`collections/git.collection.md`, merging all git items (pr-review agent,
five git prompts, git-merge instruction) into
`collections/rpi.collection.yml`
- Removed `plugins/git/` directory including its `plugin.json`,
`README.md`, all agent/command/instruction symlinks, and script
directory links
- Added pr-review agent, git prompts (`git-commit-message`,
`git-commit`, `git-merge`, `git-setup`, `pull-request`), and git-merge
instruction to all nine remaining collection YMLs (ado,
coding-standards, data-science, github, project-planning,
prompt-engineering, rpi, security-planning, hve-core-all)
- Created corresponding symlinks and updated README tables for each
plugin bundle to surface the newly included git commands, pr-review
agent, and git-merge instruction
- Updated `rpi` plugin description to reflect the merged scope
- Removed the `git` entry from `.github/plugin/marketplace.json`

## Related Issue(s)
<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->

## Type of Change

Select all that apply:

**Code & Documentation:**

- [x] Bug fix (non-breaking change fixing an issue)
- [ ] New feature (non-breaking change adding functionality)
- [ ] Breaking change (fix or feature causing existing functionality to
change)
- [x] Documentation update

**Infrastructure & Configuration:**

- [ ] GitHub Actions workflow
- [ ] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [ ] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [ ] Copilot instructions (`.github/instructions/*.instructions.md`)
- [ ] Copilot prompt (`.github/prompts/*.prompt.md`)
- [ ] Copilot agent (`.github/agents/*.agent.md`)
- [ ] Copilot skill (`.github/skills/*/SKILL.md`)

> **Note for AI Artifact Contributors**:
>
> - **Agents**: Research, indexing/referencing other project (using
standard VS Code GitHub Copilot/MCP tools), planning, and general
implementation agents likely already exist. Review `.github/agents/`
before creating new ones.
> - **Skills**: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> - **Model Versions**: Only contributions targeting the **latest
Anthropic and OpenAI models** will be accepted. Older model versions
(e.g., GPT-3.5, Claude 3) will be rejected.
> - See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

- [ ] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)
<!-- Not applicable — no AI artifacts were created or modified -->

## Testing
<!-- Describe how you tested these changes -->

## Checklist

### Required Checks

- [ ] Documentation is updated (if applicable)
- [ ] Files follow existing naming conventions
- [ ] Changes are backwards compatible (if applicable)
- [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions
<!-- Not applicable -->

### Required Automated Checks

The following validation commands must pass before merging:

- [ ] Markdown linting: `npm run lint:md`
- [ ] Spell checking: `npm run spell-check`
- [ ] Frontmatter validation: `npm run lint:frontmatter`
- [ ] Link validation: `npm run lint:md-links`
- [ ] PowerShell analysis: `npm run lint:ps`

## Security Considerations
<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
- [x] This PR does not contain any sensitive or NDA information
- [ ] Any new dependencies have been reviewed for security issues
- [ ] Security-related scripts follow the principle of least privilege

## Additional Notes

- Version files (`package.json`, `package-lock.json`,
`.release-please-manifest.json`,
`extension/templates/package.template.json`, all `plugin.json` files,
and `marketplace.json`) regressed from `2.3.5` to `2.3.4`, and the
`CHANGELOG.md` entry for `2.3.5` was removed. Confirm this version
rollback is intentional or rebase onto the current `origin/main` to pick
up the `2.3.5` release.

🔀 - Generated by Copilot

…668)

This PR promotes the RPI collection to flagship status by renaming it to
**HVE Core** and redesigning how repo-specific AI artifacts are
identified and excluded from distribution. The change touches every
layer of the system: artifact directories, collection manifests, plugin
outputs, extension packaging, validation scripts, tests, and
documentation.

Previously, all RPI workflow agents, prompts, and instructions lived
under `.github/{type}/rpi/` directories, and repo-specific artifacts
were identified by living under an `hve-core/` subdirectory. This
created a collision: the `hve-core/` name was simultaneously used for
repo-internal exclusions and as the natural identity for the flagship
collection.

The restructuring resolves this by:

- **Moving all `.github/{type}/rpi/` directories to
`.github/{type}/hve-core/`**, making the collection identity match the
project name.

- **Replacing the subdirectory-based exclusion convention with
root-level detection.** Repo-specific artifacts now live directly at the
root of `.github/agents/`, `.github/instructions/`, `.github/prompts/`,
or `.github/skills/` (no subdirectory). Collection-scoped, distributable
artifacts reside in subdirectories like `hve-core/`, `ado/`, `shared/`,
etc.

- **Updating the exclusion functions** `Test-HveCoreRepoSpecificPath`
(from `$RelativePath -like 'hve-core/*'` to `$RelativePath -notlike
'*/*'`) and `Test-HveCoreRepoRelativePath` (from `.github/.*/hve-core/`
regex to `^\.github/(agents|instructions|prompts|skills)/[^/]+$`).

- **Renaming `rpi.collection.yml` to `hve-core.collection.yml`** with
updated metadata, and creating the corresponding `plugins/hve-core/`
output directory while removing `plugins/rpi/`.

- **Reassigning the flagship extension identity from `hve-core-all` to
`hve-core`**, so the `hve-core` collection now produces
`extension/package.json` and `extension/README.md` (the default
extension artifacts), while `hve-core-all` gets explicit
`package.hve-core-all.json` and `README.hve-core-all.md` files.

- **Updating marketplace.json** to register the new `hve-core` plugin
entry and remove the `rpi` entry.

- **Updating VS Code settings** (`.vscode/settings.json`) to point at
the new `hve-core` directories instead of `rpi`.

- **Updating all internal cross-references** within agents, subagents,
documentation, the installer agent, workflow README, and contributing
guides to use `hve-core/` paths.

- **Rewriting all affected tests** across `PluginHelpers.Tests.ps1`,
`Validate-Collections.Tests.ps1`, and `Prepare-Extension.Tests.ps1` to
validate the new root-level exclusion convention and updated collection
identity.

## Related Issue(s)
<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->

## Type of Change

Select all that apply:

**Code & Documentation:**

- [ ] Bug fix (non-breaking change fixing an issue)
- [ ] New feature (non-breaking change adding functionality)
- [x] Breaking change (fix or feature causing existing functionality to
change)
- [x] Documentation update

**Infrastructure & Configuration:**

- [ ] GitHub Actions workflow
- [ ] Linting configuration (markdown, PowerShell, etc.)
- [ ] Security configuration
- [ ] DevContainer configuration
- [ ] Dependency update

**AI Artifacts:**

- [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
- [x] Copilot instructions (`.github/instructions/*.instructions.md`)
- [x] Copilot prompt (`.github/prompts/*.prompt.md`)
- [x] Copilot agent (`.github/agents/*.agent.md`)
- [ ] Copilot skill (`.github/skills/*/SKILL.md`)

> **Note for AI Artifact Contributors**:
>
> - **Agents**: Research, indexing/referencing other project (using
standard VS Code GitHub Copilot/MCP tools), planning, and general
implementation agents likely already exist. Review `.github/agents/`
before creating new ones.
> - **Skills**: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> - **Model Versions**: Only contributions targeting the **latest
Anthropic and OpenAI models** will be accepted. Older model versions
(e.g., GPT-3.5, Claude 3) will be rejected.
> - See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

- [x] Script/automation (`.ps1`, `.sh`, `.py`)
- [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

Not applicable — this PR renames and restructures existing artifacts
without changing their behavior. All agents, prompts, and instructions
retain their original functionality under new paths.

## Testing

- `PluginHelpers.Tests.ps1` — 46/46 passing, validates root-level
exclusion logic (`Test-HveCoreRepoSpecificPath`,
`Test-HveCoreRepoRelativePath`) and `Get-ArtifactFiles` filtering.
- `Validate-Collections.Tests.ps1` — 18/18 passing, validates that
root-level repo-specific paths are rejected from collection manifests
while subdirectory paths are accepted.
- `Prepare-Extension.Tests.ps1` — 131/131 passing, validates updated
flagship collection identity, extension packaging, collection
generation, and maturity filtering with `hve-core` as the default
collection.

## Checklist

### Required Checks

- [x] Documentation is updated (if applicable)
- [x] Files follow existing naming conventions
- [ ] Changes are backwards compatible (if applicable)
- [x] Tests added for new functionality (if applicable)

### AI Artifact Contributions
<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
- [ ] Used `/prompt-analyze` to review contribution
- [ ] Addressed all feedback from `prompt-builder` review
- [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

- [x] Markdown linting: `npm run lint:md`
- [x] Spell checking: `npm run spell-check`
- [x] Frontmatter validation: `npm run lint:frontmatter`
- [x] Skill structure validation: `npm run validate:skills`
- [x] Link validation: `npm run lint:md-links`
- [x] PowerShell analysis: `npm run lint:ps`

## GHCP Artifact Maturity

> [!WARNING]
> This PR includes **experimental** GHCP artifacts that may have
breaking changes.
> - `.github/agents/hve-core/doc-ops.agent.md`
> - `.github/prompts/hve-core/checkpoint.prompt.md`

| File | Type | Maturity | Notes |
|---|---|---|---|
| `.github/agents/hve-core/doc-ops.agent.md` | Agent | ⚠️ experimental |
Renamed from `rpi/` |
| `.github/agents/hve-core/memory.agent.md` | Agent | ✅ stable | Renamed
from `rpi/` |
| `.github/agents/hve-core/pr-review.agent.md` | Agent | ✅ stable |
Renamed from `rpi/` |
| `.github/agents/hve-core/prompt-builder.agent.md` | Agent | ✅ stable |
Renamed from `rpi/` |
| `.github/agents/hve-core/rpi-agent.agent.md` | Agent | ✅ stable |
Renamed from `rpi/` |
| `.github/agents/hve-core/task-implementor.agent.md` | Agent | ✅ stable
| Renamed from `rpi/` |
| `.github/agents/hve-core/task-planner.agent.md` | Agent | ✅ stable |
Renamed from `rpi/` |
| `.github/agents/hve-core/task-researcher.agent.md` | Agent | ✅ stable
| Renamed from `rpi/` |
| `.github/agents/hve-core/task-reviewer.agent.md` | Agent | ✅ stable |
Renamed from `rpi/` |
| `.github/agents/hve-core/subagents/prompt-evaluator.agent.md` | Agent
| ✅ stable | Renamed from `rpi/subagents/` |
| `.github/agents/hve-core/subagents/prompt-updater.agent.md` | Agent |
✅ stable | Renamed from `rpi/subagents/` |
| `.github/prompts/hve-core/checkpoint.prompt.md` | Prompt | ⚠️
experimental | Renamed from `rpi/` |
| `.github/prompts/hve-core/task-research.prompt.md` | Prompt | ✅ stable
| Renamed from `rpi/` |
| `.github/prompts/hve-core/task-plan.prompt.md` | Prompt | ✅ stable |
Renamed from `rpi/` |
| `.github/prompts/hve-core/task-implement.prompt.md` | Prompt | ✅
stable | Renamed from `rpi/` |
| `.github/prompts/hve-core/task-review.prompt.md` | Prompt | ✅ stable |
Renamed from `rpi/` |
| `.github/prompts/hve-core/pull-request.prompt.md` | Prompt | ✅ stable
| Renamed from `rpi/` |
| `.github/prompts/hve-core/git-commit.prompt.md` | Prompt | ✅ stable |
Renamed from `rpi/` |
| `.github/prompts/hve-core/git-merge.prompt.md` | Prompt | ✅ stable |
Renamed from `rpi/` |
| `.github/instructions/hve-core/commit-message.instructions.md` |
Instructions | ✅ stable | Renamed from `rpi/` |
| `.github/instructions/hve-core/git-merge.instructions.md` |
Instructions | ✅ stable | Renamed from `rpi/` |
| `.github/instructions/hve-core/markdown.instructions.md` |
Instructions | ✅ stable | Renamed from `rpi/` |
| `.github/instructions/hve-core/prompt-builder.instructions.md` |
Instructions | ✅ stable | Renamed from `rpi/` |
| `.github/instructions/hve-core/writing-style.instructions.md` |
Instructions | ✅ stable | Renamed from `rpi/` |
| `.github/instructions/workflows.instructions.md` | Instructions | ✅
stable | Moved to root-level (repo-specific) |

### GHCP Maturity Acknowledgment

- [x] I acknowledge this PR includes non-stable GHCP artifacts
- [x] Non-stable artifacts are intentional for this change

## Security Considerations
<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
- [x] This PR does not contain any sensitive or NDA information
- [ ] Any new dependencies have been reviewed for security issues
- [x] Security-related scripts follow the principle of least privilege

## Additional Notes

- **Plugin installation command changed**: `copilot plugin install
rpi@hve-core` becomes `copilot plugin install hve-core@hve-core`.
- **VS Code settings paths changed**: Users referencing `rpi`
directories in `chat.agentFilesLocations`, `chat.promptFilesLocations`,
or `chat.instructionsFilesLocations` must update to `hve-core`.
- The `workflows.instructions.md` file moved from
`.github/instructions/hve-core/` (collection-scoped) to
`.github/instructions/` (root-level, repo-specific), reflecting that it
applies only to this repository's CI workflows.

🔄 - Generated by Copilot

…n security scripts (#705)

## Description

Refactored security scripts to consume shared `SecurityHelpers` and
`CIHelpers` modules, eliminating duplicated helper functions across
`Update-ActionSHAPinning.ps1` and `Test-SHAStaleness.ps1`. Stabilized
YAML display key ordering in `hve-core-all` collection output. Removed
the `dt-method-09-deep` Design Thinking instruction file and updated the
`github-backlog-manager` agent tools declaration format.

* refactor(scripts): replaced local `Write-SecurityLog`,
`Add-SecurityIssue`, and `Write-OutputResult` in
`Update-ActionSHAPinning.ps1` with shared module imports from
`SecurityHelpers.psm1` and `CIHelpers.psm1`, renamed output function to
`Write-SecurityOutput`, and switched `$script:SecurityIssues` from array
to `List[PSCustomObject]` with `New-SecurityIssue`
* refactor(scripts): converted `$script:StaleDependencies` in
`Test-SHAStaleness.ps1` from array concatenation (`+=`) to
`List[PSCustomObject]` with `.Add()` and renamed `Write-OutputResult` to
`Write-SecurityOutput`
* test(scripts): removed duplicated test blocks for `Write-SecurityLog`,
`Add-SecurityIssue`, and `Write-OutputResult` from both test files and
updated mock references to match renamed functions
(`Write-SecurityOutput`, `New-SecurityIssue`)
* fix(scripts): stabilized display key order in `hve-core-all` YAML
output by rebuilding the display section as an ordered hashtable before
serialization
* test(build): added `Update-HveCoreAllCollection` display key ordering
tests covering featured-only, ordering-only, and combined-key scenarios
* chore: removed `dt-method-09-deep.instructions.md` and associated
collection manifest entries, plugin symlinks, and `ADKAR` spell-check
dictionary term
* chore: updated `github-backlog-manager.agent.md` tools declaration to
explicit tool list format

## Related Issue(s)

<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->

## Type of Change

Select all that apply:

**Code & Documentation:**

* [x] Bug fix (non-breaking change fixing an issue)
* [ ] New feature (non-breaking change adding functionality)
* [ ] Breaking change (fix or feature causing existing functionality to
change)
* [ ] Documentation update

**Infrastructure & Configuration:**

* [ ] GitHub Actions workflow
* [ ] Linting configuration (markdown, PowerShell, etc.)
* [x] Security configuration
* [ ] DevContainer configuration
* [ ] Dependency update

**AI Artifacts:**

* [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
* [x] Copilot instructions (`.github/instructions/*.instructions.md`)
* [ ] Copilot prompt (`.github/prompts/*.prompt.md`)
* [x] Copilot agent (`.github/agents/*.agent.md`)
* [ ] Copilot skill (`.github/skills/*/SKILL.md`)

> **Note for AI Artifact Contributors**:
>
> * **Agents**: Research, indexing/referencing other project (using
standard VS Code GitHub Copilot/MCP tools), planning, and general
implementation agents likely already exist. Review `.github/agents/`
before creating new ones.
> * **Skills**: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> * **Model Versions**: Only contributions targeting the **latest
Anthropic and OpenAI models** will be accepted. Older model versions
(e.g., GPT-3.5, Claude 3) will be rejected.
> * See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

* [x] Script/automation (`.ps1`, `.sh`, `.py`)
* [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

<!-- Not applicable — AI artifact changes are a file deletion and a
tools format correction, not new contributions -->

## GHCP Artifact Maturity

> [!WARNING]
> This PR removes an **experimental** GHCP artifact.
>
`.github/instructions/design-thinking/dt-method-09-deep.instructions.md`
was maturity `experimental` in the `design-thinking` collection.

| File | Type | Maturity | Notes |
|---|---|---|---|
| `.github/agents/github/github-backlog-manager.agent.md` | Agent | ✅
stable | Tools format updated |
|
`.github/instructions/design-thinking/dt-method-09-deep.instructions.md`
| Instructions | ⚠️ experimental | Removed in this PR |

### GHCP Maturity Acknowledgment

* [ ] I acknowledge this PR includes non-stable GHCP artifacts
* [ ] Non-stable artifacts are intentional for this change

## Testing

<!-- Describe how you tested these changes -->

## Checklist

### Required Checks

* [ ] Documentation is updated (if applicable)
* [x] Files follow existing naming conventions
* [ ] Changes are backwards compatible (if applicable)
* [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions

<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
* [ ] Used `/prompt-analyze` to review contribution
* [ ] Addressed all feedback from `prompt-builder` review
* [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

* [ ] Markdown linting: `npm run lint:md`
* [ ] Spell checking: `npm run spell-check`
* [ ] Frontmatter validation: `npm run lint:frontmatter`
* [ ] Skill structure validation: `npm run validate:skills`
* [ ] Link validation: `npm run lint:md-links`
* [ ] PowerShell analysis: `npm run lint:ps`

## Security Considerations

<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
* [ ] This PR does not contain any sensitive or NDA information
* [ ] Any new dependencies have been reviewed for security issues
* [x] Security-related scripts follow the principle of least privilege

## Additional Notes

* `Write-OutputResult` was renamed to `Write-SecurityOutput` in both
security scripts to align with the shared module's export naming
convention.
* Removed test blocks for `Write-SecurityLog`, `Add-SecurityIssue`, and
`Write-OutputResult` are now covered by `SecurityHelpers.psm1`
module-level tests.
* The `dt-method-09-deep.instructions.md` removal also cleaned up the
`ADKAR` acronym from `.cspell/industry-acronyms.txt`.

🔧 Generated by Copilot

…entation (#1273)

## Description

Reduced the RAI Planner workflow from **6 phases to 5 phases** by
removing the second phase and renumbering all subsequent phases. This
consolidation touched agent definitions, instruction files, collection
manifests, plugin metadata, documentation, and plan templates.

### Changes by Area

**Agent and Instruction Files** — Updated *rai-planner.agent.md* with
the new 5-phase workflow description. Modified
*rai-identity.instructions.md* to adjust phase boundaries, terminal
state values, and the state machine transitions. Updated
*rai-backlog-handoff.instructions.md* and
*rai-standards.instructions.md* to align phase references throughout.
Deleted the removed phase's dedicated instruction file and all plugin
symlinks pointing to it.

**Collection Manifests and Plugin Metadata** — Removed the deleted
instruction entry from *rai-planning.collection.yml*,
*data-science.collection.yml*, *hve-core-all.collection.yml*,
*project-planning.collection.yml*, and *security.collection.yml*.
Updated collection markdown descriptions to reflect the new phase count.
Regenerated plugin outputs including *plugin.json* and README files
across all affected plugin directories.

**Documentation** — Rewrote *phase-reference.md* with the consolidated
5-phase sequence. Updated *agent-overview.md*, *docs/agents/README.md*,
and *rai-plan-template.md* to remove the deleted phase's sections and
renumber remaining phases. Updated *CUSTOM-AGENTS.md* agent table
descriptions.

**Other** — Deleted *.vscode/mcp.json.sample* (stale configuration
file). Updated *dependency-pr-review.md* terminology.

## Related Issue(s)

<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123" -->

## Type of Change

Select all that apply:

**Code & Documentation:**

* [ ] Bug fix (non-breaking change fixing an issue)
* [ ] New feature (non-breaking change adding functionality)
* [ ] Breaking change (fix or feature causing existing functionality to
change)
* [x] Documentation update

**Infrastructure & Configuration:**

* [ ] GitHub Actions workflow
* [ ] Linting configuration (markdown, PowerShell, etc.)
* [ ] Security configuration
* [ ] DevContainer configuration
* [ ] Dependency update

**AI Artifacts:**

* [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
* [x] Copilot instructions (`.github/instructions/*.instructions.md`)
* [ ] Copilot prompt (`.github/prompts/*.prompt.md`)
* [x] Copilot agent (`.github/agents/*.agent.md`)
* [ ] Copilot skill (`.github/skills/*/SKILL.md`)

> Note for AI Artifact Contributors:
>
> * Agents: Research, indexing/referencing other project (using standard
VS Code GitHub Copilot/MCP tools), planning, and general implementation
agents likely already exist. Review `.github/agents/` before creating
new ones.
> * Skills: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> * Model Versions: Only contributions targeting the **latest Anthropic
and OpenAI models** will be accepted. Older model versions (e.g.,
GPT-3.5, Claude 3) will be rejected.
> * See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

* [ ] Script/automation (`.ps1`, `.sh`, `.py`)
* [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

**User Request:**

Invoke the RAI Planner agent to conduct a responsible AI assessment:
`@rai-planner Assess my project for responsible AI considerations`.

**Execution Flow:**

1. The agent reads *rai-identity.instructions.md* and initializes the
5-phase state machine.
2. **Phase 1 — System Definition**: Gathers system context,
stakeholders, and AI components.
3. **Phase 2 — RAI Standards Mapping**: Maps the system against embedded
RAI standards from *rai-standards.instructions.md*.
4. **Phase 3 — RAI Security Model Analysis**: Performs AI-specific
STRIDE-based threat modeling.
5. **Phase 4 — RAI Impact Assessment**: Evaluates impacts and generates
control surfaces.
6. **Phase 5 — Review and Handoff**: Produces the final assessment with
dual-format backlog handoff per *rai-backlog-handoff.instructions.md*.

**Output Artifacts:**

A RAI plan document in `.copilot-tracking/rai-plans/` following the
template in *docs/templates/rai-plan-template.md*, plus optional ADO or
GitHub work items generated during handoff.

**Success Indicators:**

The agent completes all 5 phases, produces a plan file with populated
sections for each phase, and the plan template aligns with the updated
*rai-plan-template.md* structure.

> [!NOTE]
> Human review is recommended for agent-populated Sample Prompts
content.

## Testing

- **Automated validation**: 4 of 7 required checks passed (`lint:md`,
`spell-check`, `lint:frontmatter`, `validate:skills`). Link validation
and PowerShell analysis were skipped at author request. Plugin freshness
was validated during implementation.
- **Diff-based assessment**: Verified phase renumbering consistency
across all 23 changed files. Confirmed instruction file references,
collection manifest entries, plugin metadata, and documentation all
reflect the updated 5-phase structure.
- **Security analysis**: No new permissions, secrets, dependencies, or
external references introduced. Changes are limited to documentation,
instruction content, and plugin metadata.
- Manual testing was not performed.

## Checklist

### Required Checks

* [x] Documentation is updated (if applicable)
* [x] Files follow existing naming conventions
* [x] Changes are backwards compatible (if applicable) (N/A —
experimental-maturity artifacts; no stable API contract)
* [ ] Tests added for new functionality (if applicable) (N/A —
documentation and instruction changes only)

### AI Artifact Contributions
<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
* [ ] Used `/prompt-analyze` to review contribution
* [ ] Addressed all feedback from `prompt-builder` review
* [ ] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

* [x] Markdown linting: `npm run lint:md`
* [x] Spell checking: `npm run spell-check`
* [x] Frontmatter validation: `npm run lint:frontmatter`
* [x] Skill structure validation: `npm run validate:skills`
* [ ] Link validation: `npm run lint:md-links` (skipped)
* [ ] PowerShell analysis: `npm run lint:ps` (skipped)
* [x] Plugin freshness: `npm run plugin:generate`

## Security Considerations

* [x] This PR does not contain any sensitive or NDA information
* [ ] Any new dependencies have been reviewed for security issues (N/A —
no dependency changes)
* [ ] Security-related scripts follow the principle of least privilege
(N/A — no security script changes)

> [!WARNING]
> This PR includes **experimental** GHCP artifacts that may have
breaking changes.
>
> - `.github/agents/rai-planning/rai-planner.agent.md`
> -
`.github/instructions/rai-planning/rai-backlog-handoff.instructions.md`
> - `.github/instructions/rai-planning/rai-identity.instructions.md`
> - `.github/instructions/rai-planning/rai-standards.instructions.md`

## GHCP Artifact Maturity

| File | Type | Maturity | Notes |
|---|---|---|---|
| `.github/agents/rai-planning/rai-planner.agent.md` | Agent | ⚠️
experimental | Pre-release only |
|
`.github/instructions/rai-planning/rai-backlog-handoff.instructions.md`
| Instructions | ⚠️ experimental | Pre-release only |
| `.github/instructions/rai-planning/rai-identity.instructions.md` |
Instructions | ⚠️ experimental | Pre-release only |
| `.github/instructions/rai-planning/rai-standards.instructions.md` |
Instructions | ⚠️ experimental | Pre-release only |

### GHCP Maturity Acknowledgment

- [ ] I acknowledge this PR includes non-stable GHCP artifacts
- [ ] Non-stable artifacts are intentional for this change

## Additional Notes

All changed AI artifacts carry **experimental** maturity across every
collection they appear in. The phase renumbering is a clean cut with no
backward-compatibility layer — existing RAI plan documents referencing
the old 6-phase structure will need manual alignment with the new
5-phase template.

---------

Co-authored-by: Bill Berry <[email protected]>

…ion (#1419)

Took the existing synthetic data prompt generation from
hve-data-science, added steps to measure the comprehensiveness of the
generated data, and added it to the have-core.

## Related Issue(s)
[<!-- Link to the issue(s) this PR addresses using "Fixes #123" or
"Closes #123"
-->](https://dev.azure.com/IndustrySolutions/IS%20Engagements/_workitems/edit/97297)

## Type of Change

Select all that apply:

**Code & Documentation:**

* [ ] Bug fix (non-breaking change fixing an issue)
* [X] New feature (non-breaking change adding functionality)
* [ ] Breaking change (fix or feature causing existing functionality to
change)
* [ ] Documentation update

**Infrastructure & Configuration:**

* [ ] GitHub Actions workflow
* [ ] Linting configuration (markdown, PowerShell, etc.)
* [ ] Security configuration
* [ ] DevContainer configuration
* [ ] Dependency update

**AI Artifacts:**

* [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
* [ ] Copilot instructions (`.github/instructions/*.instructions.md`)
* [X] Copilot prompt (`.github/prompts/*.prompt.md`)
* [ ] Copilot agent (`.github/agents/*.agent.md`)
* [ ] Copilot skill (`.github/skills/*/SKILL.md`)

> Note for AI Artifact Contributors:
>
> * Agents: Research, indexing/referencing other project (using standard
VS Code GitHub Copilot/MCP tools), planning, and general implementation
agents likely already exist. Review `.github/agents/` before creating
new ones.
> * Skills: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> * Model Versions: Only contributions targeting the **latest Anthropic
and OpenAI models** will be accepted. Older model versions (e.g.,
GPT-3.5, Claude 3) will be rejected.
> * See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).

**Other:**

* [ ] Script/automation (`.ps1`, `.sh`, `.py`)
* [ ] Other (please describe):

## Sample Prompts (for AI Artifact Contributions)

1. Select the prompt in VSCode
2. Type "Using the attached prompt, create 200 synthetic data rows using
test.csv as an input data sample"
3. Wait for the completion.

**User Request:**

"Using the attached prompt, generate synthetic data using (some other
data) as a sample". This uses some input data as an example. OR
"Using the attached prompt, generate (amount of) synthetic data of
(describe the needed format in natural language) for use in (scenario)".
The latter does not use input data as an example.

**Execution Flow:**

1. The prompt creates a project folder per run.
2. It reads the input data.
3. (Optionally, usually on the first run) it creates Python virtual
environment, installs necessary Python packages. On each code
invocation, installation, or file change the user is asked (by default)
to approve.
4. It creates a notebook for synthetic data generation and quality
measurement.
5. The notebook is run.
6. The generated data is saved to the project folder.

**Output Artifacts:**

1. Synthetic data in the project folder (either as one CSV file or, if
requested, as a collection of files (e.g. for Word files generation))
2. The notebook to generate and assess the comprehensiveness of the
data:

# Synthetic Chemical Compounds Data Generator

Generate 200 rows of synthetic data based on `train.csv` (chemical
compound properties) preserving field inter-dependencies for ML
classifier training.

import pandas as pd
import numpy as np
from scipy import stats
from datetime import datetime
import warnings
import os

warnings.filterwarnings('ignore')

random_seed = int(datetime.now().timestamp())
np.random.seed(random_seed)
print(f"Random seed: {random_seed}")

## Load and Explore Training Data

train_csv_path = os.path.join('..', 'train.csv')
df = pd.read_csv(train_csv_path)

print(f"Shape: {df.shape}")
# ...

3. The output of the generation notebook (also repeated in the prompt
window). In particular, pay attention to the last section that shows
statistical comparisons of the original vs. synthetic data. If the input
data was provided, also the AUC of the ML classifier that tried
(blindly) to distinguish the real data from synthetic:

<html>
<body>
<!--StartFragment-->
Metric | Result
-- | --
MW mean | Original: 316.19, Synthetic: 317.50
BP_C mean | Original: 44.20, Synthetic: 52.55
KS test MW | p=0.41 (not significantly different)
KS test BP_C | p=0.07 (marginally acceptable)
MW-BP_C correlation | Original: 0.318, Synthetic: 0.243 (diff: 0.076)
Discriminator AUC | 0.63 (reasonably close to 0.5 ideal)
Status/State distributions | Closely matched

<!--EndFragment-->
</body>
</html>

**Success Indicators:**

1. No errors reported by the prompt.
2. The output data is in the project folder.
3. (If the input data was provided) The discriminator AUC ideally should
be less than ~0.60. Higher figures do not necessarily mean the output is
wrong, but they mean that even a modest ML can distinguish the synthetic
data from the real one, so if the data is used in e.g. classification,
one should not rely solely on it for assessing the overall solution
fidelity.

For detailed contribution requirements, see:

* Common Standards:
[docs/contributing/ai-artifacts-common.md](../docs/contributing/ai-artifacts-common.md)
- Shared standards for XML blocks, markdown quality, RFC 2119,
validation, and testing
* Agents:
[docs/contributing/custom-agents.md](../docs/contributing/custom-agents.md)
- Agent configurations with tools and behavior patterns
* Prompts:
[docs/contributing/prompts.md](../docs/contributing/prompts.md) -
Workflow-specific guidance with template variables
* Instructions:
[docs/contributing/instructions.md](../docs/contributing/instructions.md)
- Technology-specific standards with glob patterns
* Skills: [docs/contributing/skills.md](../docs/contributing/skills.md)
- Task execution utilities with cross-platform scripts

## Testing

Tested on the following cases:
1. ~180 rows of real tabular data on chemical compounds => 200 synthetic
ones. The AUC was 0.63.
2. A simple case of tabular data representing projectile flight distance
as a function of gravity, velocity, and launch angle. The prompt has
correctly figured out the physics behind the data and produced an
"ideal" synthetics with the discrimination AUC of ~0.5
3. Synthetic Word files. The results weren't as diverse as I might've
expected, but the format and the content was readable and realistic.
4. Synthetic JPGs from a collection of ~80 small (160x120) real JPGs.
The results were very distinguishable (AUC ~1.00) from the synthetics,
which is expected from merely pixel learning on such a small dataset.
The comprehensiveness measurement flagged that.
5. Synthetic EXEs. The prompt resorted to creating a bunch of files with
common EXE sections (like PE) filled with statistically lookalike noise.
Not real exes in all senses -- but again, the comprehensiveness
measurement flagged that.

## Checklist

### Required Checks

* [ ] Documentation is updated (if applicable)
* [X] Files follow existing naming conventions
* [ ] Changes are backwards compatible (if applicable)
* [ ] Tests added for new functionality (if applicable)

### AI Artifact Contributions
<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
* [X] Used `/prompt-analyze` to review contribution
* [X] Addressed all feedback from `prompt-builder` review
* [X] Verified contribution follows common standards and type-specific
requirements

### Required Automated Checks

The following validation commands must pass before merging:

* [ ] Markdown linting: `npm run lint:md`
* [ ] Spell checking: `npm run spell-check`
* [ ] Frontmatter validation: `npm run lint:frontmatter`
* [ ] Skill structure validation: `npm run validate:skills`
* [ ] Link validation: `npm run lint:md-links`
* [ ] PowerShell analysis: `npm run lint:ps`
* [ ] Plugin freshness: `npm run plugin:generate`
* [ ] Docusaurus tests: `npm run docs:test`

## Security Considerations
<!-- ⚠️ WARNING: Do not commit sensitive information such as API keys,
passwords, or personal data -->
* [ ] This PR does not contain any sensitive or NDA information
* [ ] Any new dependencies have been reviewed for security issues
* [ ] Security-related scripts follow the principle of least privilege

## Additional Notes
<!-- Any additional information that reviewers should know -->

---------

Co-authored-by: Eugene Bobukh <[email protected]>
Co-authored-by: Bill Berry <[email protected]>
Co-authored-by: Katrien De Graeve <[email protected]>
Co-authored-by: Marcel Bindseil <[email protected]>