This is an automated email from the ASF dual-hosted git repository.

potiuk pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow-steward.git


The following commit(s) were added to refs/heads/main by this push:
     new 54b506f  docs(modes): sync skill inventory for release-family and 
repo-health/issue skills (#584)
54b506f is described below

commit 54b506ff305738eb71d272fea8145d70699ddf4b
Author: Justin Mclean <[email protected]>
AuthorDate: Sat Jun 27 20:23:22 2026 +1000

    docs(modes): sync skill inventory for release-family and repo-health/issue 
skills (#584)
    
    Add six skills on main that were absent from the Triage table:
    issue-backlog-stats, issue-deduplicate, dependency-audit, 
workflow-security-audit,
    release-verify-rc, release-vote-tally. Promote release-verify-rc and
    release-vote-tally from "proposed" to "experimental" with proper skill 
links.
    
    Promote release-promote (Drafting) from "proposed" to "experimental"
    and update the prose paragraph in the Drafting section to reflect that
    one release-* Drafting skill has shipped. Update the "Modes at a glance"
    counts (Triage: 19+4 → 25+2; Drafting: 3+6 → 4+5).
    
    Generated-by: Claude (Opus 4.7)
---
 docs/modes.md | 38 ++++++++++++++++++++++----------------
 1 file changed, 22 insertions(+), 16 deletions(-)

diff --git a/docs/modes.md b/docs/modes.md
index d8a963c..b836891 100644
--- a/docs/modes.md
+++ b/docs/modes.md
@@ -50,7 +50,7 @@ sequencing commitments behind them.
 
 | Mode | Purpose | Status | Skill count |
 |---|---|---|---|
-| **Triage** | Issues, security reports, PRs: spot, classify, route, surface 
duplicates. Every output is a suggestion the human signs off on. | stable 
(security) / experimental (pr-management, issue-management, 
contributor-nomination) / proposed (release-management) | 19 + 4 proposed |
+| **Triage** | Issues, security reports, PRs: spot, classify, route, surface 
duplicates. Every output is a suggestion the human signs off on. | stable 
(security) / experimental (pr-management, issue-management, 
contributor-nomination, repo-health, release-management) | 30 |
 | **Mentoring** | Joins issue and PR threads in a teaching register: 
clarifying questions, pointers to project conventions, paired examples from 
prior PRs, hand-off to a human when scope exceeds the agent. Also authors 
net-new good first issues to lower onboarding latency. | experimental | 3 |
 | **Drafting** | Agent drafts a fix for a well-scoped problem and opens a PR; 
every PR is reviewed and merged by a human committer. | stable (security-only); 
experimental (issue-management, audit-findings, release-management family) | 9 |
 | **Pairing** | Developer-side dev-cycle skills with mentorship intrinsic — 
multi-agent review pipelines, self-review and pre-flight patterns, scoped fix 
drafting under the developer's driver's seat. | experimental | 2 |
@@ -75,6 +75,8 @@ do not act without human review.
 | [`issue-triage`](../skills/issue-triage/SKILL.md) | General-issue-tracker 
triage (per-issue classification + disposition proposal). | experimental |
 | [`issue-reassess`](../skills/issue-reassess/SKILL.md) | Pool-level sweep of 
resolved / EOL issues for re-assessment. | experimental |
 | [`issue-stale-sweep`](../skills/issue-stale-sweep/SKILL.md) | Sweep open 
issues for inactivity past a configurable threshold; proposes a nudge 
(`REQUEST-UPDATE`) or a pre-close notice (`CLOSE-STALE`); waits for maintainer 
confirmation before posting. | experimental |
+| [`issue-backlog-stats`](../skills/issue-backlog-stats/SKILL.md) | Read-only 
maintainer dashboard for the open general-issue backlog: health rating, 
age/staleness breakdowns, area pressure ranking, and triage-funnel summary. | 
experimental |
+| [`issue-deduplicate`](../skills/issue-deduplicate/SKILL.md) | Merge two open 
`<issue-tracker>` issues that describe the same root cause, preserving both 
reporters' context; proposes closure comment on the duplicate and a 
cross-reference on the kept issue. | experimental |
 | [`contributor-nomination`](../skills/contributor-nomination/SKILL.md) | 
Nomination-readiness brief for a named contributor — activity breadth, 
consistency, and evidence prose for a committer or PMC thread. | experimental |
 | [`security-issue-import`](../skills/security-issue-import/SKILL.md) | 
Inbound security-report classification + initial routing. | stable |
 | 
[`security-issue-import-from-pr`](../skills/security-issue-import-from-pr/SKILL.md)
 | Open a tracker from a security-relevant public PR. | stable |
@@ -89,10 +91,14 @@ do not act without human review.
 | 
[`contributor-activity-sweep`](../skills/contributor-activity-sweep/SKILL.md) | 
Read-only GitHub activity card for a named contributor: PR authorship, 
code-review participation, issues, and comments over a configurable window. | 
experimental |
 | [`pr-management-quick-merge`](../skills/pr-management-quick-merge/SKILL.md) 
| Identify trivial, low-risk PRs in the `ready for maintainer review` queue 
that pass every quality gate and touch only supplementary areas (docs, 
changelog, translations, tests); surfaces candidates with diff summaries and 
the exact merge command. | experimental |
 | [`ci-runner-audit`](../skills/ci-runner-audit/SKILL.md) | Read-only audit of 
GitHub Actions workflow runner compatibility across one repo, an explicit set, 
one Apache project's repos, or the full Apache GitHub org. | experimental |
-| `release-verify-rc` | Read-only pre-flight on a staged RC: signatures 
against project KEYS, checksums, license headers (Apache RAT), NOTICE/LICENSE 
diff, no prohibited binaries, version-string consistency. Doubles as a 
Pairing-mode skill voters run in their own dev loop. | proposed |
-| `release-vote-tally` | Parse a `[VOTE]` thread, classify each reply (+1 / 0 
/ -1) binding vs non-binding against the PMC roster, propose `[RESULT] [VOTE]`. 
Conservative on ambiguous votes, refuses to count. | proposed |
-| `release-archive-sweep` | Scan `dist/release/<project>/`, identify releases 
past retention, propose the `svn mv` sequence to `archive.apache.org`. | 
proposed |
-| `release-audit-report` | Per-release structured report (RM, voters with 
binding flags, artefacts with sigs and checksums, promote revision, 
`[ANNOUNCE]` archive URL) appended to the project's audit log. | proposed |
+| [`dependency-audit`](../skills/dependency-audit/SKILL.md) | Read-only 
dependency vulnerability audit: detects the project's dependency manager(s), 
runs the appropriate audit tool, surfaces patchable findings grouped by 
severity, and proposes upgrades for maintainer review. | experimental |
+| [`workflow-security-audit`](../skills/workflow-security-audit/SKILL.md) | 
Read-only GitHub Actions workflow security audit powered by `zizmor`: surfaces 
injection vulnerabilities, excessive permissions, unpinned external actions, 
and self-hosted-runner fork-secret leaks. | experimental |
+| [`license-compliance-audit`](../skills/license-compliance-audit/SKILL.md) | 
Read-only license-compliance audit: LICENSE presence, NOTICE completeness when 
required, and SPDX-header consistency across source files; proposes remedies 
for maintainer review. | experimental |
+| [`flaky-test-triage`](../skills/flaky-test-triage/SKILL.md) | Read-only 
flaky-test detection from CI run history: per-job failure-rate analysis over a 
configurable window, separating intermittent (flaky) from deterministic 
failures. | experimental |
+| [`release-verify-rc`](../skills/release-verify-rc/SKILL.md) | Read-only 
pre-flight on a staged RC: signatures against project KEYS, checksums, license 
headers (Apache RAT), NOTICE/LICENSE diff, no prohibited binaries, 
version-string consistency. Doubles as a Pairing-mode skill voters run in their 
own dev loop. | experimental |
+| [`release-vote-tally`](../skills/release-vote-tally/SKILL.md) | Fetch the 
approval signal for an RC, classify each reply (+1 / 0 / -1) binding vs 
non-binding against the configured roster, produce the tally summary, and draft 
the `[RESULT] [VOTE]` email. Conservative on ambiguous votes, refuses to count. 
| experimental |
+| [`release-archive-sweep`](../skills/release-archive-sweep/SKILL.md) | Scan 
`dist/release/<project>/`, identify releases past retention, propose the `svn 
mv` sequence to `archive.apache.org`. | experimental |
+| [`release-audit-report`](../skills/release-audit-report/SKILL.md) | 
Per-release structured report (RM, voters with binding flags, artefacts with 
sigs and checksums, promote revision, `[ANNOUNCE]` archive URL) appended to the 
project's audit log. | experimental |
 
 Three notes on the boundaries:
 
@@ -159,11 +165,11 @@ the agent never merges its own work.
 | [`security-issue-fix`](../skills/security-issue-fix/SKILL.md) | Draft a fix 
PR in `<upstream>` from a triaged, CVE-allocated tracker. | stable 
(security-only) |
 | [`issue-fix-workflow`](../skills/issue-fix-workflow/SKILL.md) | Draft a fix 
for a triaged general-issue-tracker issue (BUG or FEATURE-REQUEST). | 
experimental |
 | [`audit-finding-fix`](../skills/audit-finding-fix/SKILL.md) | Draft fixes 
for non-security audit-tool findings (lint violations, type errors, CodeQL 
alerts, doc-coverage gaps); re-runs the tool after each batch to confirm 
findings are cleared. | experimental |
-| `release-prepare` | Planning issue + version-bump / changelog / NOTICE / 
LICENSE prep PR (Steps 1-2). Also the post-release `-SNAPSHOT` bump (Step 14). 
| proposed |
-| `release-keys-sync` | Draft the `KEYS` diff for a new Release Manager (Step 
3). Agent never holds the private key. | proposed |
-| `release-rc-cut` | Paste-ready command sequence: signed tag, build, detached 
signatures, checksums, `svn import` to `dist/dev/` (Steps 4-5). Agent never 
signs and never imports. | proposed |
-| `release-vote-draft` | Draft the `[VOTE]` email body to `dev@<project>` 
(Step 7). Agent never sends. | proposed |
-| `release-promote` | Paste-ready `svn mv dist/dev → dist/release` command set 
after a passing vote (Step 10). Agent never moves; the human commit is the act 
of release. | proposed |
+| [`release-prepare`](../skills/release-prepare/SKILL.md) | Planning issue + 
version-bump / changelog / NOTICE / LICENSE prep PR (Steps 1-2). Also the 
post-release `-SNAPSHOT` bump (Step 14). | experimental |
+| [`release-keys-sync`](../skills/release-keys-sync/SKILL.md) | Draft the 
`KEYS` diff for a new Release Manager (Step 3). Agent never holds the private 
key. | experimental |
+| [`release-rc-cut`](../skills/release-rc-cut/SKILL.md) | Paste-ready command 
sequence: signed tag, build, detached signatures, checksums, `svn import` to 
`dist/dev/` (Steps 4-5). Agent never signs and never imports. | experimental |
+| [`release-vote-draft`](../skills/release-vote-draft/SKILL.md) | Draft the 
`[VOTE]` email body to `dev@<project>` (Step 7). Agent never sends. | 
experimental |
+| [`release-promote`](../skills/release-promote/SKILL.md) | Emit the 
backend-shaped promotion command set for a release that has passed its vote; 
proposes the `promoted` label. Agent never runs the promotion command and never 
publishes the release. | experimental |
 | [`release-announce-draft`](../skills/release-announce-draft/SKILL.md) | 
Draft the `[ANNOUNCE]` email body for `[email protected]` and the site-bump 
PR (Step 11). Agent never sends mail and never merges the PR. | experimental |
 
 [`audit-finding-fix`](../skills/audit-finding-fix/SKILL.md)
@@ -176,12 +182,12 @@ gaps. It is the generic-Drafting companion to
 (security-class findings). Failing tests with an obvious cause
 remain proposed.
 
-The `release-*` Drafting skills form a single family
-([`docs/release-management/README.md`](release-management/README.md)).
-`release-announce-draft` shipped experimental; the remaining five
-are proposed. They share the security family's discipline that
-every state-changing action is a *proposal* the human executes —
-see
+The `release-*` skills form a single family
+([`docs/release-management/README.md`](release-management/README.md))
+spanning Drafting (Steps 1–5, 7, 10–11, 14) and Triage (Steps 6, 9,
+12–13). All ten have now shipped `experimental`. They share the
+security family's discipline that every state-changing action is a
+*proposal* the human executes — see
 [`docs/release-management/spec.md` § Cross-cutting 
commitments](release-management/spec.md#cross-cutting-commitments).
 
 For security-class Drafting PRs, the public surface strips CVE

Reply via email to