Three-Host Runtime Install (v0.51.1)
Silver Bullet ships the same APO workflow contract on Claude Code, Codex, and Cursor. Install surfaces differ; project adoption is always /silver:init after the host has the plugin. Run bash scripts/sb-bootstrap.sh for first-time orientation or bash scripts/sb-diagnostics.sh to read capability tier 0–3 for the active host.
| Host | Public marketplace | Checkout installer | State root |
|---|---|---|---|
| Claude Code | alo-labs/claude-plugins | scripts/install-claude.sh | ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/ |
| Codex | alo-labs/codex-plugins | scripts/install-codex.sh --purge-legacy-skills | ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/ |
| Cursor | alo-labs/alo-labs-cursor-marketplace | scripts/install-cursor.sh --public-release | ~/.cursor/.silver-bullet/ |
scripts/install-cursor.sh merges SB hooks into ~/.cursor/hooks.json via hooks/cursor-hook-bridge.sh. Use the Cursor Skill tool so record-skill can track workflow progress.Capability Matrix
Workflow routes and evidence artifacts cover the specialized quality, test, deploy, backlog, and recovery families that broad quality-layer tools advertise. Findings use docs/evidence-schema.md (BLOCK/WARN/INFO) — not unified numeric grades.
| Capability family | SB route | Key evidence |
|---|---|---|
| Domain audits (code, API, data, CI, a11y, content…) | /silver:domain-audit | DOMAIN-AUDIT with validated finding tables |
| Test engineering (write, E2E, repair, performance, mutation) | /silver:test | TEST-ENGINEERING, verify-tests marker |
| Deploy + post-deploy watch | /silver:deploy, /silver:canary | DEPLOYMENT.md, CANARY.md |
| Backlog / deferred work | /silver:add, /silver:remove | GitHub issue ID or docs/issues/; fingerprint via silver-add.sh |
| Session recovery | /silver:handoff, /silver:forensics, /silver:scan | Handoff prompt, workflow tracker, session logs |
| UI / design continuity | /silver:ui-contract, /silver:ui-review | UI-SPEC, UI-REVIEW, .planning/interface/STATE.md |
| Content / search readiness | /silver:content | CONTENT.md, content-search pack |
| Incident + retro | /silver:incident, /silver:retro | INCIDENT.md, RETRO.md |
| Benchmark / eval | /silver:benchmark | BENCHMARK.md |
| External review enrichment | Optional; SB review authoritative | docs/external-review-policy.md |
SB Lifecycle Commands
Silver Bullet owns the core lifecycle commands. Use these commands for planning, execution, review, verification, ship, release, and recovery workflows.
| Command | Phase | Description |
|---|---|---|
| /silver:init | Init | Initializes SB project state, config, docs, CI where absent, and host instruction references. |
| /silver | Any | Natural-language workflow composer and router. |
| /silver:context | Context | Captures phase context, assumptions, decisions, and research inputs. |
| /silver:plan | Plan | Creates task-level implementation plans with dependencies, waves, acceptance criteria, and verification strategy. |
| /silver:execute | Execute | Executes the active plan through SB checkpointed or autonomous execution. |
| /silver:verify | Verify | Goal-backward verification against requirements, plan, tests, UAT, and user-visible behavior. |
| /silver:review-request | Review | Frames review scope, files, risks, and ship blockers. |
| /silver:review | Review | Produces the authoritative SB review artifact. |
| /silver:review-triage | Review | Accepts, rejects, or defers review findings with rationale. |
| /silver:secure | Secure | Runs the SB security/threat review gate for the active change. |
| /silver:ship | Ship | Handles phase-level branch, PR, CI, deployment-readiness, and traceability duties. |
| /silver:deploy | Deploy | Handles platform detection, deploy command safety, health checks, rollback evidence, and runtime handoff. |
| /silver:canary | Canary | Runs post-deploy runtime watch checks across HTTP, browser, logs, metrics, and rollback readiness. |
| /silver:release | Release | Owns milestone audits, gap closure, docs, ship readiness, archive, and final release creation. |
| /silver:debug | Debug | Systematic debugging for active, reproducible bugs. |
| /silver:forensics | Forensics | Post-mortem investigation for failed, abandoned, stalled, or unclear sessions. |
| /silver:incident | Incident | Coordinates incident response, postmortem, recovery verification, and corrective-action tracking. |
| /silver:retro | Retro | Builds engineering retrospectives from release, CI, git, issue, review, and session evidence. |
Silver Bullet Skills
Silver Bullet is the Agentic Process Orchestrator and lifecycle engine. /silver accepts freeform intent, classifies task complexity, composes the right SB workflow path, and then enforces that the selected path actually runs. Optional plugins enrich specialized domains but do not own the core lifecycle.
Command naming note: public docs use logical slash-command names mapped to catalog flow steps. Claude Code lists SB skills under the /silver: prefix only (no duplicate hyphen stubs); Codex exposes the native /silver: picker and keeps packaged skill-source/ files out of duplicate listings; Cursor uses the Skill tool with merged hooks.
| Skill | When | Description |
|---|---|---|
| /silver | Anytime | Dynamic workflow composer. Routes natural-language work requests to the smallest safe workflow: fast path, clarify, spec, feature, bugfix, UI, DevOps, research, release, docs, quality gates, tests, or SB lifecycle work. |
| /silver:init | Setup | Initializes or reactivates SB for a project. Creates silver-bullet.md, .silver-bullet.json, workflow docs, documentation scaffold, CI where absent, and reconciles CLAUDE.md/AGENTS.md without overwriting user instructions. |
| /silver:ensure-docs | Docs | Bootstraps, reconciles, and audits the bounded documentation scheme: docs/ARCHITECTURE.md, docs/TESTING.md, docs/doc-scheme.md, monthly knowledge/learnings files, task checklist, and related docs. |
| /silver:quality-gatesRequired | Before plan / before ship | 8 core product/software dimensions: modularity, reusability, scalability, security, reliability, usability, testability, and extensibility. AI/LLM safety and domain packs are added only when the phase scope requires them. Failing dimensions become hard requirements. |
| /silver:domain-audit | Specialized quality | Runs domain contract packs for code, tests, API, data, dependencies, performance, structure, CI, environment, accessibility, content/search, UI, architecture, runtime release, incident/retro, and benchmark evidence. |
| /silver:blast-radiusDevOpsRequired | Before DevOps plan | Maps scope, dependencies, failure scenarios, rollback plan, change window, and escalation path. Produces LOW/MEDIUM/HIGH/CRITICAL risk classification. |
| /devops-quality-gatesDevOpsRequired | DevOps pre-plan / pre-ship | 7 IaC-adapted dimensions: reliability, security, scalability, modularity, testability, observability, and change-safety. Focuses on idempotency, drift prevention, least-privilege IAM, rollback safety, and operational reliability. |
| /devops-skill-routerDevOps | DevOps enrichment | Routes to optional IaC/cloud provider skills when installed. It is contextual enrichment, not a substitute for SB planning or SB gates. |
| /silver:forensics | On failure | Root-cause investigation for failed, abandoned, stalled, or unclear SB sessions and workflow artifacts. |
| /silver:test | Testing | Test engineering for test writing, E2E route discovery, test repair, test audit, test performance, and mutation-style challenge workflows. |
| /silver:refactor | Refactor | Behavior-preserving refactor workflow with baseline tests, structure/code-health packs, and proof of no regression. |
| /silver:worktree | Git isolation | Creates or finishes isolated git worktrees with branch state, verification, merge/PR, and cleanup safety. |
| /silver:content | Content/search | Public content, docs, migration, SEO/AI-search, optimization, article, metadata, link, and render workflow. |
| /silver:benchmark | Evaluation | Repeatable benchmark workflow for agents, models, providers, prompts, or implementation approaches. |
| /silver:create-releaseRequired | Milestone release | Generates structured release notes, updates release surfaces, creates the final version tag, and publishes the GitHub Release. Runs last inside /silver:release, after ship and milestone archival. |
| /verify-testsRequired | Final delivery | Runs configured verify commands or stack defaults and writes the freshness marker consumed by SB hooks. Required before final delivery/release gates. |
| /silver:add | Deferred work | Classifies and files bugs, backlog items, tech debt, and follow-ups to GitHub Issues/project board or local docs/issues/ depending on project config. |
| /silver:remove | Deferred work | Removes or retires a tracked work item by ID. |
| /silver:rem | Knowledge capture | Captures project knowledge or portable learnings into monthly files under docs/knowledge/ and docs/learnings/. |
| /silver:scan | Retrospective | Retrospective session scanning for unaddressed deferred items and knowledge/learning candidates. |
| /silver:spike | Feasibility | Runs 2–5 executable experiments with Given/When/Then structure and VALIDATED/INVALIDATED/PARTIAL verdicts before committing to an implementation approach. |
| /silver:phase | Roadmap management | CRUD management for phases in .planning/ROADMAP.md — add, insert, remove, or edit phases. The sanctioned path to mutate the phase list without triggering the planning-file-guard. |
| /silver:undo | Safe revert | Safe git revert for phase or plan commits with dependency checks and artifact cleanup. Keeps STATE.md and SUMMARY.md consistent with reverted code. |
| /silver:thread | Cross-session tracking | Creates and manages lightweight cross-session context threads for tracking a specific topic, decision chain, or concern across multiple sessions. |
| /silver:handoff | Session end | Generates a reusable project-level handoff prompt with project state, milestone context, constraints, verification/release status, and open follow-ups. |
| /silver:update | Maintenance | Checks latest SB release, shows the target version/SHA/changelog, and updates after explicit confirmation. Runs /silver:doctor automatically and surfaces every FAIL for inline fix. |
| /silver:doctor | Diagnostics | Host-aware install and project activation audit via scripts/sb-doctor.sh (checks D1–D13). Run after /silver:update, when hooks seem inactive, or before relying on enforcement. D8 orchestrator rule applies on Cursor only; D2/D3/D13 use the active host plugin paths. |
| /silver:migrate | Upgrade support | Migrates older SB project state into the current composable-workflow structure and per-instance workflow tracker. |
| /silver:review-fix-ladder | High-confidence review | Progressively reviews and fixes scoped or user-confirmed repo-wide work by escalating through a host-aware model ladder until two consecutive clean passes per rung. |
Spec Pipeline Skills
Three skills that form the spec-driven development pipeline. They run before SB planning begins — SPEC.md is the upstream input that REQUIREMENTS.md, ROADMAP.md, and DESIGN.md must stay aligned with.
| Skill | When | Description |
|---|---|---|
| /silver:spec | Before planning (spec-first projects) | AI-driven spec elicitation. Produces a canonical SPEC.md with structured requirements, acceptance criteria, assumption tracking, and source input cross-references. Use when a formal spec is required before SB planning. |
| /silver:ingest | Before spec creation (external sources) | Ingests artifacts from JIRA, Figma, and Google Docs via MCP connectors. No custom API code — all external data access delegated to MCP. Produces a structured INGESTION_MANIFEST.md that maps external inputs to spec sections. |
| /silver:validate | After spec creation, before planning | Read-only pre-build gap analysis. Reads .planning/SPEC.md and PLAN.md files, maps acceptance criteria to planned work, surfaces assumptions and open questions, emits BLOCK/WARN/INFO findings, and writes .planning/VALIDATION.md. BLOCK findings must be resolved before implementation. |
| /silver:review-stats | Anytime (review health reporting) | Generates three summary tables from accumulated review metrics (JSON Lines): pass rates by artifact type, rounds to clean pass, and finding categories by artifact type. Use to track review health over time. |
Quality & Review Skills
These quality gates and domain audit skills provide the one-by-one quality dimensions, domain contract packs, and artifact review roles used by /silver:quality-gates, release readiness, and spec/review workflows. They are included in the skill inventory.
| Skill | Role | Description |
|---|---|---|
| modularity | Quality dimension | Checks separation of concerns, boundaries, cohesion, and coupling. |
| reusability | Quality dimension | Checks whether useful behavior is generalized without premature abstraction. |
| scalability | Quality dimension | Checks growth paths, resource limits, and operational scale assumptions. |
| security | Quality dimension | Checks threat boundaries, injection risks, auth, secrets, and unsafe defaults. |
| reliability | Quality dimension | Checks failure modes, retries, idempotency, observability, and recovery behavior. |
| usability | Quality dimension | Checks user-facing clarity, error states, accessibility-adjacent UX, and workflow friction. |
| testability | Quality dimension | Checks whether behavior can be verified with focused, maintainable tests. |
| extensibility | Quality dimension | Checks future-change seams, compatibility boundaries, and extension risks. |
| ai-llm-safety | Conditional quality dimension | Applies when the phase includes AI behavior, prompts, retrieval, model outputs, or agentic automation. |
| silver-domain-audit | Domain quality packs | Normalizes specialized findings across code/test/API/data/dependency/performance/structure/CI/environment/accessibility/content/search/UI/architecture/runtime/incident/retro/benchmark surfaces. |
| artifact-reviewer | Review orchestrator | Runs structured artifact review against specs, requirements, UAT, roadmap, context, research, design, and cross-artifact sets. |
| artifact-review-assessor | Review triage | Classifies findings as MUST-FIX, NICE-TO-HAVE, or DISMISS so review loops can stop safely. |
| review-spec | Artifact reviewer | Reviews SPEC.md for completeness, ambiguity, assumptions, and acceptance criteria quality. |
| review-requirements | Artifact reviewer | Reviews REQUIREMENTS.md alignment with the spec and user intent. |
| review-roadmap | Artifact reviewer | Reviews roadmap structure, sequencing, dependency clarity, and milestone coverage. |
| review-uat | Artifact reviewer | Reviews UAT criteria and execution evidence before milestone completion. |
| review-design | Artifact reviewer | Reviews design artifacts, UI contracts, and design-system alignment. |
| review-research | Artifact reviewer | Reviews research artifacts for decision quality, evidence, and handoff clarity. |
| review-context | Artifact reviewer | Reviews context packets for enough detail to support downstream planning and execution. |
| review-ingestion-manifest | Artifact reviewer | Reviews external artifact ingestion manifests and source-to-spec traceability. |
| review-cross-artifact | Artifact reviewer | Checks consistency across SPEC, REQUIREMENTS, ROADMAP, DESIGN, UAT, and review artifacts. |
Orchestration Workflows
Catalog-backed WF-* workflows that /silver composes after intent classification. Each workflow is a composition tree of canonical atomic-flow slugs from docs/apo-catalog.json; optional atoms are marked with ?. Extension skills enrich domains only at explicit catalog boundaries.
| Skill | Entry trigger keywords | Typical composed path |
|---|---|---|
| /silver | freeform intent, route, classify | ROUTE → composed workflow |
| /silver:deep-research | how should we, compare X vs Y, spike, architecture decision | CLARIFY → DECIDE → DOCUMENT → VALIDATE |
| /silver:clarify | idea, concept, fuzzy requirement, no SPEC.md | CLARIFY → context/plan handoff |
| /silver:spec | formal spec, acceptance criteria, user stories, write a spec | SPECIFY |
| /silver:ingest | JIRA, Figma, Google Docs, Confluence, external artifact | SPECIFY (ingest sub-step) |
| /silver:validate | validate spec, validate plan, gap analysis, assumption awareness | VALIDATE |
| /silver:feature | add, build, implement, new feature, enhance, extend | BOOTSTRAP? → ORIENT? → CLARIFY? → DECIDE? → SPECIFY? → QUALITY_GATE (pre-plan) → PLAN → DESIGN_CONTRACT? → EXECUTE → post-exec gates |
| /silver:bugfix | bug, broken, crash, error, regression, failing test | ORIENT → DEBUG → PLAN → EXECUTE → post-exec gates |
| /silver:ui | UI, frontend, component, screen, design, layout, responsive | BOOTSTRAP? → ORIENT? → CLARIFY? → DECIDE? → SPECIFY? → QUALITY_GATE (pre-plan) → PLAN → DESIGN_CONTRACT → EXECUTE → post-exec gates |
| /silver:fast | trivial, quick fix, typo, one-liner, config value, bounded small change | FAST_PATH → QUALITY_GATE → PLAN → VALIDATE → EXECUTE → VERIFY (escalates to /silver:feature when scope exceeds bounds) |
| /silver:test | write tests, E2E, Playwright, fix tests, test audit, mutation, slow tests | PLAN → EXECUTE → VERIFY |
| /silver:refactor | refactor, rename, split, extract, move files, simplify | PLAN → EXECUTE → VERIFY → post-exec gates |
| /silver:benchmark | benchmark, compare agents, compare models, provider comparison | ORIENT → EXECUTE → VERIFY → DOCUMENT |
| /silver:content | content, SEO, AI search, article, blog, migration, metadata, links | CLARIFY → SPECIFY → EXECUTE → VERIFY → DOCUMENT |
| /silver:devops | infra, CI/CD, pipeline, terraform, IaC, kubernetes, cloud, ops | BLAST_RADIUS → DEVOPS_ROUTE → QUALITY_GATE → SECURE → ORIENT → PLAN → VALIDATE → EXECUTE → post-exec gates |
| /silver:deploy | deploy, deployment, production deploy, staging deploy, rollout | BLAST_RADIUS → VERIFY → SECURE → SHIP |
| /silver:canary | canary, post-deploy, production watch, runtime watch, health watch | BLAST_RADIUS → VERIFY → SHIP |
| /silver:release | release, publish, version, go live, tag v, ship to users | QUALITY_GATE → REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE → VERIFY → SECURE → VALIDATE → BRANCH_FINISH → COMPLETION_AUDIT → SHIP → RELEASE |
| /silver:review-triad | review_request, review, triage | REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE (WF-REVIEW-TRIAD) |
| /silver:ship-readiness | branch_finish, completion_audit, ship | BRANCH_FINISH → COMPLETION_AUDIT → SHIP (WF-SHIP-READINESS) |
| /silver:incident | incident, outage, production regression, postmortem | BLAST_RADIUS → DEBUG → SECURE → VERIFY → DOCUMENT |
| /silver:retro | retro, retrospective, release metrics, process review | ORIENT → DOCUMENT → DECIDE |
| /silver:forensics | forensics, session failure, post-mortem reconstruction | DEBUG → DOCUMENT → VALIDATE (WF-SILVER-FORENSICS) |
| /silver:process-maintenance | phase, thread, backlog, migration | PHASE_MANAGE → DOCUMENT → VALIDATE (WF-PROCESS-MAINTENANCE) |
| /silver:worktree | worktree, isolated branch, branch workspace, finish worktree | EXECUTE (worktree isolation mode) |
Post-exec gates (WF-POST-EXEC-GATES): UI_QUALITY? → REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE → VERIFY → SECURE → VALIDATE? → QUALITY_GATE (pre-ship) → BRANCH_FINISH → COMPLETION_AUDIT → SHIP.
Complexity Triage
/silver classifies every request before routing. This prevents over-engineering trivial changes and under-engineering risky ones.
| Classification | Signals | Action |
|---|---|---|
| Trivial | Typo, rename, small config/copy change, usually ≤3 files | Route to /silver:fast Tier 1 |
| Bounded medium | Small logic/dependency change, usually 4–10 files, no cross-cutting impact | Route to /silver:fast Tier 2 |
| Simple | Clear scope, single phase, known implementation path | Route to the matching workflow and skip extra clarification when safe |
| Complex | Cross-cutting, multi-phase, architecture or data-model impact | Full workflow with clarify/research/spec gates as needed |
| Fuzzy | Vague intent, unclear success criteria, missing scope | Run /silver:clarify, then re-classify |
Ship Disambiguation
/silver distinguishes phase-level ship from milestone-level release.
| Signal | Route |
|---|---|
| Version number, changelog, release notes, public publish, go live | /silver:release |
| Active phase in progress, no version signal | silver:ship |
| No active phase and milestone complete | /silver:release |
Core Lifecycle Skills
Silver Bullet commands and markers cover the core software-engineering lifecycle from problem framing through final delivery.
| Lifecycle concern | /silver: command | Description |
|---|---|---|
| Problem framing / scope clarification | silver:clarify | Problem framing, option generation, convergence, and handoff. |
| Spec writing | silver:spec | Canonical SPEC and REQUIREMENTS artifacts. |
| Plan writing / phase discussion | silver:context, silver:plan | Context packets, assumptions, task plans, dependency analysis, and verification strategy. |
| TDD discipline | tdd / silver-tdd | Red/green/refactor policy for behavior-changing software work. |
| Review request / triage | silver:review-request, silver:review-triage | Review framing, finding triage, and fix-loop control. |
| Completion verification | silver:completion-audit, silver:verify | Fresh evidence before completion claims. |
| Branch finishing / ship | silver:branch-finish, silver:ship | Branch hygiene, PR readiness, CI, and traceability. |
Runtime Parity Scripts (v0.51.1)
Structural parity scripts align documented evidence contracts with hook-enforced runtime behavior across all three hosts.
| Script / gate | Purpose |
|---|---|
scripts/validate-evidence-findings.py | Validates finding tables in DOMAIN-AUDIT, REVIEW, QUALITY-GATES, SECURITY, VERIFICATION, UI-REVIEW, and TEST-ENGINEERING artifacts. |
hooks/lib/evidence-schema-gate.sh | Warn-first delivery gate on PR/release; set SILVER_BULLET_EVIDENCE_SCHEMA_STRICT=1 to hard-block. |
scripts/silver-add.sh fingerprint|dedup|prioritize | Stable backlog fingerprints shared with silver:scan; dedup against docs/issues/ and scan state. |
scripts/stamp-interface-state.sh | Stamps .planning/interface/STATE.md from template during /silver:init for UI projects. |
scripts/sb-bootstrap.sh | One-command onboarding probe: checks jq, runs diagnostics, prints init/plugin next steps. |
scripts/sb-diagnostics.sh | Install/runtime diagnostics for migrators and support. |
scripts/sb-doctor.sh | Host-aware install + activation audit (/silver:doctor). Checks plugin cache, hooks manifest, config freshness, orchestrator rule (Cursor only), and cross-host contamination. |
DevOps Plugin Skills (Contextual Enrichment)
These skills are optional enrichment — not enforcement gates. They're invoked when a matching DevOps plugin is installed and the IaC toolchain matches.
| Skill | When to Use |
|---|---|
| /devops-skill-router | Determines which DevOps plugin skill to invoke based on file type and toolchain detected. |
| terraform-code-generation | HashiCorp skill for Terraform best practices. Invoke during Discuss/Plan for .tf files. |
| deploy-on-aws | AWS architecture recommendations. Invoke during Plan for AWS deployments. |
| kubernetes-operations | Kubernetes manifest best practices. Invoke during Discuss/Execute for k8s work. |
| k8s-troubleshooter | Pod and cluster diagnostics. Invoke during Verify for k8s deployments. |
| monitoring-observability | SLO validation and observability setup. Invoke during Verify for monitoring phases. |
| gitops-workflows | ArgoCD/Flux patterns. Invoke during Plan if the project uses GitOps. |
| ci-cd | Pipeline best practices. Invoke during Testing Strategy for pipeline phases. |
| aws-cost-optimization | Flag wasteful AWS resources. Invoke during Verify for AWS deployments. |
APO Catalog, Generated Views & Migration
v0.51.1 makes docs/apo-catalog.json the sole authority for the Silver Bullet process model. It defines Process → Workflow → Atomic Flow → Flow Step/Skill, including 27 canonical atomic flows, 22 workflows, 85 flow steps, V-loops, evidence records, intent ledgers, composition logs, tool policies, and runtime mappings.
Catalog source of truth
docs/apo-catalog.json— authoritative APO catalog.docs/composable-flows-contracts.md— generated human-readable contract reference.docs/workflow-composition-matrix.md— generated workflow tree/matrix view.docs/generated/atomic-flow-index.json— generated runtime/test index.
Do not hand-maintain workflow trees in prose. Change the catalog, regenerate the views, then run freshness tests.
V-loops and subagents
Every atomic flow executes as exactly one subagent work package. Each flow step/skill has a local V-loop; step V-loops roll up into the atomic-flow V-gate, atomic-flow V-gates roll up into workflow gates, and final completion validates material user intent against evidence.
v0.51.1 migration notes
- Legacy
FLOW 1–18labels are migration aliases only — not primary navigation. New docs, workflows, and tests should use atomic-flow slugs,WF-*workflow IDs, or public/silver:*routes. - Older
WORKFLOW.mdstate is legacy; active composition state lives in.planning/workflows/<id>.md. - Run
/silver:updateor rerun/silver:initafter upgrading a project so config, instructions, recommended-tool opt-ins, and workflow trackers align with v0.51.1. - If stale generated docs are detected, run
python3 scripts/generate-apo-artifacts.pyand the APO freshness tests before release.
Canonical atomic flows
Cross-checked against docs/generated/atomic-flow-index.json (27 entries). Slugs are the stable catalog identifiers; legacy FLOW numbers map through migration_map.legacy_flows in the catalog.
| Slug | Capability class | Public route | Legacy alias |
|---|---|---|---|
| ROUTE | route intent | /silver | new in APO |
| BOOTSTRAP | project bootstrap | /silver:init | FLOW 1 |
| ORIENT | context orientation | /silver:scan, /silver:context | FLOW 2 |
| CLARIFY | scope clarification | /silver:clarify | FLOW 3 |
| DECIDE | decision research | /silver:deep-research | FLOW 4 |
| SPECIFY | requirements specification | /silver:spec, /silver:ingest | FLOW 5 |
| PLAN | execution planning | /silver:plan | FLOW 6 |
| DESIGN_CONTRACT | design contract | /silver:ui-contract | FLOW 7 |
| VALIDATE | gap validation | /silver:validate | new in APO |
| QUALITY_GATE | cross cutting quality gate | /silver:quality-gates, /devops-quality-gates | FLOW 13 |
| FAST_PATH | bounded fast path | /silver:fast | new in APO |
| EXECUTE | implementation execution | /silver:execute | FLOW 8 |
| DEBUG | failure diagnosis | /silver:debug, /silver:forensics | FLOW 15 |
| UI_QUALITY | ui quality review | /silver:ui-review | FLOW 9 |
| VERIFY | verification and testing | /silver:verify | FLOW 12 |
| SECURE | security and llm safety | /silver:secure | FLOW 11 |
| REVIEW_REQUEST | review request | /silver:review-request | new in APO |
| REVIEW | artifact and code review | /silver:review | new in APO |
| REVIEW_TRIAGE | review triage and fix | /silver:review-triage | new in APO |
| BLAST_RADIUS | blast radius assessment | /silver:blast-radius | new in APO |
| DEVOPS_ROUTE | devops toolchain routing | /silver:devops (IaC routing step) | new in APO |
| BRANCH_FINISH | branch hygiene | /silver:branch-finish | new in APO |
| COMPLETION_AUDIT | completion audit | /silver:completion-audit | new in APO |
| SHIP | ship readiness | /silver:ship | new in APO |
| RELEASE | release management | /silver:release, /silver:create-release | FLOW 18 |
| DOCUMENT | durable documentation | /silver:ensure-docs | FLOW 17 (+ FLOW 16 design handoff in release) |
| PHASE_MANAGE | phase and state management | /silver:phase, /silver:add | new in APO |
Recommended Tools (opt-in)
recommended_tools.graphify.enabled_by_user, recommended_tools.agentmemory.enabled_by_user, recommended_tools.rtk.enabled_by_user, and recommended_tools.context_mode.enabled_by_user live in .silver-bullet.json. Once opted in, a tool is mandatory when the selected catalog flow declares it relevant and must either produce evidence or record a catalog-backed failure/skip reason. RTK and Context Mode gates verify install/wiring only; usage rules are in silver-bullet.md §2g-ii.
.silver-bullet.json Configuration
Project-level configuration file in the repo root. Created by /silver:init and refreshed idempotently on re-run.
See Enterprise Policy Profiles for profile semantics. enterprise_policy is mostly advisory; SessionStart injects the recommended session_mode_default — other profile fields are runtime handoff TODO.
Two-tier enforcement is intentional: commits and pushes only require the planning floor, while PR creation, deploys, and releases require the full delivery list. That lets SB make incremental development commits without weakening final delivery gates.
Session Log Format
A session log is created at the start of every session at docs/sessions/YYYY-MM-DD-{task-slug}.md. The path is written to ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/session-log-path for hooks to access.
Project Root Files
These files live in the project root and are created by /silver:init.
| File | Owner | Description |
|---|---|---|
| silver-bullet.md | Silver Bullet | Silver Bullet enforcement instructions (sections 0-10). Managed by plugin — do not edit manually. Updated by /silver:init. |
| CLAUDE.md | User | Project-specific instructions. CLAUDE.md in Claude, AGENTS.md in Codex. References silver-bullet.md for enforcement rules. User-owned — Silver Bullet only adds a reference line. |
| .silver-bullet.json | Silver Bullet | Project-level configuration: project name, source pattern, semantic compression, verify commands, workflow paths. |
Planning Files (.planning/)
All planning files are managed by SB lifecycle workflows. Do not edit them manually unless you know what you're doing.
| File | Created by | Description |
|---|---|---|
| .planning/PROJECT.md | /silver:init / SB bootstrap | Project goals, scope, metadata, and team context. |
| .planning/REQUIREMENTS.md | /silver:spec / SB planning | Authoritative requirements list. Single source of truth. |
| .planning/ROADMAP.md | /silver:init / SB planning | Phase breakdown with goals and acceptance criteria per phase. |
| .planning/interface/STATE.md | /silver:init, /silver:ui-contract | Durable UI/design tokens and component state for frontend projects. Stamped from template via scripts/stamp-interface-state.sh. |
| .planning/{phase}-CONTEXT.md | /silver:context | Decisions and clarifications captured for this phase. |
| .planning/{phase}-RESEARCH.md | /silver:deep-research / /silver:plan | Implementation research results — how to build the phase. |
| .planning/{phase}-{N}-PLAN.md | /silver:plan | Task-level execution plan. N is the iteration number. |
| .planning/{phase}-{N}-SUMMARY.md | /silver:execute | Execution summary: what was built, commits made, deviations. |
| .planning/{phase}-VERIFICATION.md | /silver:verify | Goal-backward verification results. |
| .planning/{phase}-UAT.md | /silver:verify | User acceptance test results (app workflow only). |
| .planning/.context-cache/ | semantic-compress.sh | Cached semantic context chunks. Auto-invalidated on file change. |
Documentation Files (docs/)
| File | Purpose |
|---|---|
| docs/PRD-Overview.md | High-level product requirements overview synced from planning artifacts. |
| docs/ARCHITECTURE.md | Durable architecture overview, constraints, and design principles. |
| docs/TESTING.md | Test strategy, coverage goals, stack-specific verification commands, and testing decisions. |
| docs/internal/CICD.md | CI/CD pipeline and deployment process documentation when the project keeps operational docs internal. |
| docs/doc-scheme.md | Human-readable documentation architecture and update contract. |
| docs/doc-scheme.json | Machine-readable required-docs/sections contract consumed by SB doc checks. |
| docs/task-doc-checklist.json | Per-task documentation coverage checklist. |
| docs/knowledge/INDEX.md | Gateway index for project-scoped knowledge. |
| docs/knowledge/YYYY-MM.md | Monthly project-specific intelligence: architecture patterns, gotchas, key decisions, recurring patterns, open questions. |
| docs/learnings/YYYY-MM.md | Monthly portable learnings using the strict domain/stack/practice/devops/design taxonomy. |
| docs/CHANGELOG.md | Newest-first task/release changelog. |
| docs/specs/ | Detailed design specs and source-linked specs. |
| docs/workflows/ | Active workflow files such as full-dev-cycle.md and devops-cycle.md. |
| docs/sessions/ | Per-session logs created at session start and completed during finalization/handoff. |
| docs/issues/ | Local issue/backlog storage when the project is not configured for GitHub issue tracking. |
State Files (${SB_RUNTIME_HOME_ROOT}/.silver-bullet/)
These files live in ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/ with restricted permissions (0700). They store session state for hooks.
| File | Purpose |
|---|---|
| ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/mode | Contains interactive or autonomous. Read by hooks throughout the session. Defaults to interactive if missing. |
| ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/session-log-path | Path to the current session log file in docs/sessions/. Used by hooks to write events. |
| ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/trivial | Legacy compatibility marker. Codex agents should route trivial work through /silver:fast instead. |
| ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/session-init | Sentinel file marking that the session init phase (loading context, compacting) has already run. |
| ${SB_RUNTIME_HOME_ROOT}/.silver-bullet/timeout | Timeout sentinel for autonomous mode session duration tracking. |
Useful Shortcuts and Patterns
Common Command Sequences
Runtime and Model Boundaries
Silver Bullet does not provide a generic automatic model-routing layer. Configure model behavior in the active host, then let Silver Bullet compose and enforce the workflow around that execution.