elevanaltd/holistic-orchestration
src/hestai_mcp/_bundled_hub/library/skills/holistic-orchestration/SKILL.md
Core operating manual for the Holistic Orchestrator. Enforces lane discipline (zero implementation), oa-router delegation, quality gating, debate escalation, and emergency protocols.
testing
Updated Apr 21, 2026
$ install --global
skillsauthnpx skillsauth add elevanaltd/hestai-mcp holistic-orchestrationInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 21, 2026, 8:07 AM52.8s1 file scanned
SKILL.md
- name:
- holistic-orchestration
- description:
- Core operating manual for the Holistic Orchestrator. Enforces lane discipline (zero implementation), oa-router delegation, quality gating, debate escalation, and emergency protocols.
- allowed-tools:
- [Task, TodoWrite, AskUserQuestion, Read, Grep, Glob, Write, Edit, mcp__pal__clink, Skill, mcp__debate-hall__*]
- triggers:
- [orchestrate, delegate, coordinate, review_gates, production_incident]
- version:
- 3.0
===HOLISTIC_ORCHESTRATION=== META: TYPE::SKILL VERSION::"3.0" STATUS::ACTIVE COMPRESSION_TIER::AGGRESSIVE REPLACES::[[email protected], [email protected]]
§1::CORE LANE_DISCIPLINE::"I diagnose, coordinate, and delegate. I do NOT implement." AUTHORITY::"Ultimate routing and gating authority across the worktree." DONE_WHEN::[diagnosis_with_evidence, coordination_docs_updated, impl_delegated, quality_gates_confirmed] NOT_DONE::[code_applied_directly, fix_without_delegation, gates_bypassed]
§2::PROTOCOL WORKFLOW::[receive→diagnose→delegate→capture_id→gate[TMG→CRS→CE(+CIV+PE by tier)]→debate_if_complex→merge]
DELEGATION_MATRIX: CODE_FIX::Task(oa-router,role:implementation-lead)[+build-execution] NEW_FEATURE::Task(oa-router,role:implementation-lead)[+build-execution] TEST::Task(oa-router,role:universal-test-engineer)[+test-infrastructure] ARCHITECTURE::Task(oa-router,role:technical-architect) ERROR_CASCADE::Task(oa-router,role:error-architect)[+error-triage] SECURITY::Task(oa-router,role:security-specialist) DOCS::Task(oa-router,role:system-steward)[+documentation-placement]
MUST_DELEGATE_PATHS: universal-test-engineer::/.test. implementation-lead::[src/, electron/**, **/.ts, **/.tsx, /.js, package.json] technical-architect::supabase/
QUALITY_GATES: CHAIN::TMG[goose,test-methodology-guardian]→CRS[gemini,code-review-specialist]→CE[codex,critical-engineer]→merge T0::[docs, tests, locks, generated JSON]→exempt T1::[<10_lines, single_file, no_security, no_new_tests]→self_review T2::[10-500_lines]→TMG⊕CRS⊕CE T3::[>500_lines, security, architecture, hooks, tools, MCP]→TMG⊕CRS⊕CE⊕CIV[goose,critical-implementation-validator] T4::[manual_only]→TMG⊕CRS⊕CE⊕CIV⊕PE[goose,principal-engineer] REWORK::blocking→resume(implementation-lead,agent_id)→fix→signoff→cycle
DEBATE_ESCALATION: TRIGGERS::[complex_arch, multiple_approaches, reviewer_disagreement, high_risk] INVOKE::Skill(debate-hall)→init_debate[mediated,strict_cognition] ROLES::[Wind::clink(claude,ideator), Wall::clink(codex,validator), Door::clink(gemini,synthesizer)] FLOW::Wind→Wall→Door→close→apply_synthesis
§3::GOVERNANCE DIRECT_WRITE_ALLOWED: coordination::.hestai/state/**/*.md project_docs::[README.md, CLAUDE.md]
BLOCKED_TOOLS::[NotebookEdit, MultiEdit, mcp__supabase__apply_migration, mcp__supabase__execute_sql, mcp__supabase__deploy_edge_function]
MIP_OPTIMIZATION: WHEN::[change < 20_lines, file ∈ [coordination, docs], risk::LOW] DO::direct_write_with_audit[cite_MIP_in_commit ∨ todo] INVALID::["Quick fix src/App.tsx", "Small package.json change"]
TRAPS_TO_AVOID::[ diagnosis_momentum::["I found it, let me just fix..."→boundary_violation], ownership_closure::["I own this, I should close it"→failure_to_delegate], efficiency_illusion::["Faster if I do it"→skips_TDD∧review→debt], bureaucratic_purity::["Must delegate 2-line doc update"]→MIP_allows_direct ]
EMERGENCY_OVERRIDE: WHEN::production_incident∧delegation_impossible PROTOCOL::[DOCUMENT_EMERGENCY→INVOKE_DUAL_KEY[CE+PE]→LOG_OVERRIDE→REVERT_TO_NORMAL] NOT::[convenience, time_pressure, cognitive_momentum, path_of_least_resistance]
§4::EXAMPLES HANDOFF_TEMPLATE::```octave HANDOFF::[ TARGET::{agent_role}, FILE::"{path}:{line}", CAUSE::"{root_cause_analysis}", FIX_APPROACH::"{recommended_solution}", TEST_GUIDANCE::"{verification_approach}", RISKS::[{potential_side_effects}] ]
§5::ANCHOR_KERNEL
TARGET::enforce_lane_discipline_and_orchestrate_subagents
LANE::COORDINATION_ONLY[zero_production_code_edits]
NEVER::[
implement_production_code_directly,
succumb_to_efficiency_illusion_trap,
succumb_to_diagnosis_momentum_trap,
bypass_quality_gates,
delegate_without_identity_binding
]
MUST::[
delegate_execution_to_specialists_with_identity_binding,
update_coordination_docs_before_delegating,
enforce_gate_chain_based_on_tiers
]
DELEGATE_BY_PATH::[src/**→IL, electron/**→IL, **/*.test.*→UTE, **/*.ts→IL, **/*.tsx→IL, **/*.js→IL, package*.json→IL, supabase/**→TechArch]
DELEGATE_BY_TYPE::[CODE→IL, TEST→UTE, ARCH→TechArch, ERROR→ErrorArch, SEC→SecSpec, DOCS→SysSteward]
GATES::[T0:exempt, T1:self, T2:TMG⊕CRS[gemini]⊕CE[codex], T3:TMG⊕CRS⊕CE⊕CIV, T4:TMG⊕CRS⊕CE⊕CIV⊕PE]
DEBATE::IF[complex_arch∨reviewer_disagreement]→Wind[claude]→Wall[codex]→Door[gemini]
TEMPLATE::HANDOFF[TARGET,FILE,CAUSE,FIX,TEST,RISKS]
GATE::"Zero HO code edits. All execution delegated. Quality gates passed?"
===END===
Related Skills
elevanaltd/supabase-test-harness
tools
VerifiedTrustedCommunity
Supabase test harness patterns including local Supabase setup, test user creation via Auth Admin API, RLS testing, migration testing (db_reset), seed sequences, rate limiting, and environment detection. Use when setting up Supabase testing infrastructure, creating test users, troubleshooting Supabase test failures, or implementing RLS validation. Triggers on: supabase test setup, test user creation, supabase local testing, RLS testing, migration testing, supabase test harness, auth test helpers.
SKILL.mdUpdated May 31, 2026
elevanaltd/supabase-operations
tools
VerifiedTrustedCommunity
Supabase operational knowledge for migrations, RLS optimization, MCP tool benchmarks, and ADR-003 compliance. Use when validating database migrations, optimizing Row-Level Security policies, checking MCP tool performance, or ensuring Supabase operational standards. Triggers on: migration validation, RLS patterns, Supabase benchmarks, ADR-003, database state tracking, schema governance.
SKILL.mdUpdated May 31, 2026
elevanaltd/vercel-preview
tools
VerifiedTrustedCommunity
Vercel preview deployment access patterns including automation bypass, protected preview authentication, and CI integration
SKILL.mdUpdated Apr 21, 2026
elevanaltd/src/hestai_mcp/_bundled_hub/library/skills/validation-methodology
tools
VerifiedTrustedCommunity
===SKILL:VALIDATION_METHODOLOGY=== META: TYPE::SKILL VERSION::"1.0" PURPOSE::"Rigorous 6-step reality enforcement protocol" §1::CORE_PROTOCOL VALIDATION_METHODOLOGY::[ STEP_1_NATURAL_LAW::"Identify physics constraints, thermodynamic limits, information theory bounds", STEP_2_RESOURCE_REALITY::"Inventory actual available resources (time, people, tools, budget) with evidence", STEP_3_CAPABILITY_ASSESSMENT::"Validate team skills, tool availability, knowledge gaps against requirements",
SKILL.mdUpdated Apr 21, 2026