<!-- markdownlint-disable-file -->
# HVE Core All
Full bundle of all stable HVE Core agents, prompts, instructions, and skills
## Overview
HVE Core provides the complete collection of AI chat agents, prompts, instructions, and skills for VS Code with GitHub Copilot. This edition includes every artifact across all domains: development workflows, architecture, Azure DevOps, GitHub and Jira backlog workflows, data science, design thinking, security, and more.
Use this edition when you want access to everything without choosing a focused collection.
> [!CAUTION]
> This collection includes security, responsible AI, and supply chain security agents and prompts that are **assistive tools only**.
> They do not replace professional security tooling (SAST, DAST, SCA, penetration testing, compliance scanners) or qualified human review.
> All AI-generated security and compliance artifacts **must** be reviewed and validated by qualified professionals before use.
> AI outputs may contain inaccuracies, miss critical threats, or produce recommendations that are incomplete or inappropriate for your environment.
## Included Artifacts
<!-- BEGIN AUTO-GENERATED ARTIFACTS -->
### Chat Agents
| Name | Description |
|----------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **ado-backlog-manager** | Azure DevOps backlog orchestrator for triage, discovery, sprint planning, PRD-to-work-item conversion, and execution |
| **ado-prd-to-wit** | Product Manager expert for analyzing PRDs and planning Azure DevOps work item hierarchies |
| **adr-creation** | ADR Creator: phase-gated creator producing standards-aligned Architecture Decision Records (Frame, Decide, Govern), with state recovery, Researcher Subagent delegation, and dual-format backlog handoff |
| **agile-coach** | Creates and refines goal-oriented user stories with clear acceptance criteria for any tracking tool |
| **arch-diagram-builder** | Architecture diagram builder that produces high-quality ASCII-art diagrams |
| **brd-builder** | Business Requirements Document builder with guided Q&A and reference integration |
| **code-review-full** | Orchestrator that runs functional and standards code reviews via subagents and produces a merged report |
| **code-review-functional** | Pre-PR branch diff reviewer for functional correctness, error handling, edge cases, and testing gaps |
| **code-review-standards** | Skills-based code reviewer applying project-defined coding standards to local changes and PRs |
| **codebase-profiler** | Scans the repository to build a technology profile and select applicable security skills |
| **doc-ops** | Documentation operations agent for pattern compliance, accuracy verification, and gap detection |
| **dt-coach** | Design Thinking coach guiding teams through the 9-method HVE framework with Think/Speak/Empower philosophy |
| **dt-learning-tutor** | Design Thinking learning tutor providing structured curriculum, comprehension checks, and adaptive pacing |
| **eval-dataset-creator** | Creates evaluation datasets and documentation for AI agent testing using interview-driven data curation |
| **experiment-designer** | Coach for designing a Minimum Viable Experiment (MVE) with hypothesis formation, vetting, and experiment planning |
| **finding-deep-verifier** | Deep adversarial verification of FAIL and PARTIAL findings for a single security skill |
| **gen-data-spec** | Generate data dictionaries, machine-readable data profiles, and summaries for downstream EDA notebooks and dashboards |
| **gen-jupyter-notebook** | Create exploratory data analysis (EDA) Jupyter notebooks from data sources and data dictionaries |
| **gen-streamlit-dashboard** | Develop a multi-page Streamlit dashboard |
| **github-backlog-manager** | GitHub backlog orchestrator for triage, discovery, sprint planning, and execution |
| **implementation-validator** | Validates implementation quality against architectural requirements, design principles, and code standards with severity-graded findings |
| **jira-backlog-manager** | Jira backlog orchestrator for discovery, triage, execution, and single-issue actions |
| **jira-prd-to-wit** | Product Manager expert for analyzing PRDs and planning Jira issue hierarchies without mutating Jira |
| **meeting-analyst** | Meeting transcript analyzer that extracts product requirements for PRD creation via work-iq-mcp |
| **memory** | Conversation memory persistence for session continuity |
| **network-isa95-planner** | ISA-95-aligned network planning for secure edge Kubernetes to Azure connectivity and remediation roadmaps |
| **phase-implementor** | Executes a single implementation phase from a plan with full codebase access and change tracking |
| **plan-validator** | Validates implementation plans against research documents with severity-graded findings |
| **pptx** | Creates, updates, and manages PowerPoint slide decks using YAML-driven content with python-pptx |
| **pptx-subagent** | Executes PowerPoint skill operations including content extraction, YAML creation, deck building, and visual validation |
| **pr-review** | Pull Request review assistant for code quality, security, and convention compliance |
| **prd-builder** | Product Requirements Document builder with guided Q&A and reference integration |
| **product-manager-advisor** | Product management advisor for requirements discovery, validation, and issue creation |
| **prompt-builder** | Prompt engineering assistant for creating and validating prompts, agents, and instructions |
| **prompt-evaluator** | Evaluates prompt execution results against Prompt Quality Criteria with severity-graded findings and remediation guidance |
| **prompt-tester** | Tests prompt files by following them literally in a sandbox, without interpreting beyond face value |
| **prompt-updater** | Creates and modifies prompts, instructions, agents, and skills following prompt engineering conventions |
| **rai-planner** | Responsible AI assessment planner evaluating against NIST AI RMF 1.0, producing an RAI security model, impact assessment, control surface catalog, and backlog handoff |
| **report-generator** | Collates verified security skill findings into a comprehensive vulnerability report |
| **researcher-subagent** | Research subagent using search, read, web-fetch, GitHub repo, and MCP tools |
| **rpi-agent** | Autonomous RPI orchestrator running Research → Plan → Implement → Review → Discover phases with specialized subagents |
| **rpi-validator** | Validates a Changes Log against the Implementation Plan, Planning Log, and Research Documents for a specific plan phase |
| **security-planner** | Phase-based security planner producing security models, standards mappings, and backlog handoffs with AI/ML detection and RAI Planner integration |
| **security-reviewer** | Security skill assessment orchestrator for codebase profiling and vulnerability reporting |
| **skill-assessor** | Assesses a single security skill against the codebase and returns structured findings |
| **sssc-planner** | Six-phase repository supply chain security assessment against OpenSSF Scorecard, SLSA, Sigstore, and SBOM standards, producing a prioritized backlog of reusable workflows. |
| **system-architecture-reviewer** | System architecture reviewer for design trade-offs, ADR creation, and well-architected alignment |
| **task-challenger** | Adversarial questioning agent that interrogates implementations with What/Why/How questions: no suggestions, no hints, no leading |
| **task-implementor** | Executes implementation plans from .copilot-tracking/plans with progressive tracking and change records |
| **task-planner** | Implementation planner that creates actionable, step-by-step plans |
| **task-researcher** | Task research specialist for comprehensive project analysis |
| **task-reviewer** | Reviews completed implementation work for accuracy, completeness, and convention compliance |
| **test-streamlit-dashboard** | Automated testing for Streamlit dashboards using Playwright with issue tracking and reporting |
| **ux-ui-designer** | UX research specialist for Jobs-to-be-Done analysis, user journey mapping, and accessibility requirements |
### Prompts
| Name | Description |
|-------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------|
| **ado-add-work-item** | Create a single Azure DevOps work item with conversational field collection and parent validation |
| **ado-create-pull-request** | Create an Azure DevOps pull request with generated description, linked work items, and reviewers |
| **ado-discover-work-items** | Discover Azure DevOps work items via user queries, artifact analysis, or search |
| **ado-get-build-info** | Retrieve Azure DevOps build status and logs for a pull request or build number |
| **ado-get-my-work-items** | Retrieve your assigned Azure DevOps work items into a planning file |
| **ado-process-my-work-items-for-task-planning** | Process retrieved work items for task planning and generate task-planning-logs.md handoff file |
| **ado-sprint-plan** | Plan an Azure DevOps sprint by analyzing iteration coverage, capacity, dependencies, and backlog gaps |
| **ado-triage-work-items** | Triage untriaged Azure DevOps work items with field classification, iteration assignment, and duplicate detection |
| **ado-update-wit-items** | Update Azure DevOps work items from planning files |
| **checkpoint** | Save or restore conversation context using memory files |
| **code-review-full** | Run both functional and standards code reviews on the current branch in a single pass |
| **code-review-functional** | Pre-PR branch diff review for functional correctness, error handling, edge cases, and testing gaps |
| **cspell-config** | Create or update the project cspell configuration with project words and ignores |
| **doc-ops-update** | Run the doc-ops agent for documentation quality assurance and updates |
| **dt-canonical-deck** | Canonical deck workflow: opt-in offer, snapshot generation/refresh, and optional customer-card PowerPoint build |
| **dt-figma-export** | Export Design Thinking artifacts to a FigJam board or Figma Design file via the Figma MCP server |
| **dt-handoff-implementation-space** | Compiles DT Methods 7-9 outputs into an RPI-ready handoff artifact targeting Task Researcher |
| **dt-handoff-problem-space** | Problem Space exit handoff - compiles DT Methods 1-3 outputs into an RPI-ready artifact targeting Task Researcher |
| **dt-handoff-solution-space** | Solution Space exit handoff - compiles DT Methods 4-6 outputs into an RPI-ready artifact targeting Task Researcher |
| **dt-method-04-convergence** | Theme discovery for Design Thinking Method 4c through philosophy-based clustering |
| **dt-method-04-ideation** | Divergent ideation for Design Thinking Method 4b with constraint-informed solution generation |
| **dt-method-05-concepts** | Concept articulation for Design Thinking Method 5b from brainstorming themes |
| **dt-method-05-evaluation** | Stakeholder alignment and three-lens evaluation for Design Thinking Method 5c |
| **dt-method-06-building** | Scrappy prototype building with fidelity enforcement for Design Thinking Method 6b |
| **dt-method-06-planning** | Concept analysis and prototype approach design for Design Thinking Method 6a |
| **dt-method-06-testing** | Hypothesis-driven testing and constraint validation for Design Thinking Method 6c |
| **dt-method-next** | Assess DT project state and recommend next method with sequencing validation |
| **dt-resume-coaching** | Resume a Design Thinking coaching session - reads coaching state and re-establishes context |
| **dt-start-project** | Start a new Design Thinking coaching project with state initialization and first coaching interaction |
| **git-commit** | Stage all changes, generate a conventional commit message, and commit |
| **git-commit-message** | Generate a conventional commit message from all branch changes |
| **git-merge** | Coordinate Git merge, rebase, and rebase --onto workflows with conflict handling |
| **git-setup** | Interactive, verification-first Git configuration assistant (non-destructive) |
| **github-add-issue** | Create a GitHub issue using discovered repository templates and conversational field collection |
| **github-discover-issues** | Discover GitHub issues via user queries, artifact analysis, or search and produce planning files |
| **github-execute-backlog** | Execute a GitHub backlog plan by creating, updating, linking, closing, and commenting on issues from a handoff file |
| **github-sprint-plan** | Plan a GitHub milestone sprint by analyzing issue coverage, gaps, and prioritized backlog |
| **github-suggest** | Resume GitHub backlog management workflow after session restore |
| **github-triage-issues** | Triage untriaged GitHub issues with label suggestions, milestone assignment, and duplicate detection |
| **graph-research** | Research a codebase using an existing graphify knowledge graph, with audit-tagged evidence reporting |
| **incident-response** | Run an incident response workflow for Azure operations scenarios |
| **jira-discover-issues** | Discover Jira issues via user queries, artifact analysis, or JQL search and produce planning files |
| **jira-execute-backlog** | Execute a Jira backlog plan by creating, updating, transitioning, and commenting on issues from a handoff file |
| **jira-prd-to-wit** | Analyze PRD artifacts and plan Jira issue hierarchies without mutating Jira |
| **jira-setup** | Interactive, verification-first Jira credential configuration assistant (non-destructive) |
| **jira-triage-issues** | Triage Jira issues with field recommendations, duplicate detection, and optional updates |
| **prompt-analyze** | Evaluate prompt engineering artifacts against quality criteria and report findings |
| **prompt-build** | Build or improve prompt engineering artifacts following quality criteria |
| **prompt-refactor** | Refactor and clean up prompt engineering artifacts through iterative improvement |
| **pull-request** | Generate pull request descriptions from branch diffs |
| **rai-capture** | Start responsible AI assessment planning from existing knowledge using the RAI Planner agent in capture mode |
| **rai-plan-from-prd** | Start responsible AI assessment planning from PRD/BRD artifacts using the RAI Planner agent in from-prd mode |
| **rai-plan-from-security-plan** | Start responsible AI assessment planning from a completed Security Plan using the RAI Planner agent in from-security-plan mode (recommended) |
| **risk-register** | Create a qualitative risk register using a Probability × Impact (P×I) matrix |
| **rpi** | Autonomous Research-Plan-Implement-Review-Discover workflow for completing tasks |
| **security-capture** | Start security planning from existing notes using the Security Planner agent (capture mode) |
| **security-plan-from-prd** | Start security planning from PRD/BRD artifacts using the Security Planner agent (from-prd mode) |
| **security-review** | Run an OWASP vulnerability assessment against the current codebase |
| **security-review-llm** | Run OWASP LLM and Agentic vulnerability assessments with codebase profiling |
| **security-review-sbd** | Run a Secure by Design principles assessment per UK and Australian government guidance |
| **security-review-web** | Run an OWASP Top 10 web vulnerability assessment without codebase profiling |
| **sssc-capture** | Start supply chain security planning from existing knowledge using the SSSC Planner agent in capture mode |
| **sssc-from-brd** | Start supply chain security planning from BRD artifacts using the SSSC Planner agent in from-brd mode |
| **sssc-from-prd** | Start supply chain security planning from PRD artifacts using the SSSC Planner agent in from-prd mode |
| **sssc-from-security-plan** | Extend a Security Planner assessment with supply chain coverage using the SSSC Planner agent in from-security-plan mode |
| **synth-data-generate** | Generate synthetic data for any subject with realistic patterns and relationships |
| **task-challenge** | Adversarial What/Why/How interrogation of completed implementation artifacts |
| **task-implement** | Locate and execute implementation plans using Task Implementor |
| **task-plan** | Initiate implementation planning from user context or research documents |
| **task-research** | Initiate research for implementation planning from user requirements |
| **task-review** | Initiate implementation review from user context or artifact discovery |
### Instructions
| Name | Description |
|----------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **accessibility/accessibility-backlog-handoff** | Accessibility review rubric and dual-format ADO + GitHub backlog handoff with inlined planning disclaimer |
| **accessibility/accessibility-capture-coaching** | Exploration-first questioning techniques for accessibility capture mode covering personas, contextual inquiry, and conflict surfacing |
| **accessibility/accessibility-framework-selection** | Framework selection protocol for the Accessibility Planner: host-aware multi-select, default selections, conformance levels, and the atomic disabled bundle |
| **accessibility/accessibility-identity** | Identity and orchestration instructions for the Accessibility Planner agent. Contains six-phase workflow, state.json schema reference, session recovery, and question cadence. |
| **accessibility/accessibility-impact-assessment** | Accessibility impact assessment covering control surfaces, evidence register, tradeoff documentation, and seed work-item generation |
| **accessibility/accessibility-license-posture** | Required posture for licensing and reproduction of accessibility standards reference text |
| **ado/ado-backlog-sprint** | Sprint planning workflow for Azure DevOps iterations with coverage analysis, capacity tracking, and gap detection |
| **ado/ado-backlog-triage** | Triage workflow for Azure DevOps work items with field classification, iteration assignment, and duplicate detection |
| **ado/ado-create-pull-request** | Azure DevOps pull request creation with work item discovery, reviewer identification, and automated linking |
| **ado/ado-get-build-info** | Azure DevOps build information: status, logs, and details from a PR, build ID, or branch name |
| **ado/ado-interaction-templates** | Work item description and comment templates for consistent Azure DevOps content formatting |
| **ado/ado-update-wit-items** | Work item creation and update protocol using MCP ADO tools with handoff tracking |
| **ado/ado-wit-discovery** | Azure DevOps work item discovery via user assignment or artifact analysis with planning file output |
| **ado/ado-wit-planning** | Azure DevOps work item planning files, templates, field definitions, and search protocols |
| **coding-standards/bash/bash** | Bash script authoring conventions |
| **coding-standards/bicep/bicep** | Bicep infrastructure-as-code authoring conventions |
| **coding-standards/code-review-telemetry** | Code Review telemetry overlay applying telemetry-foundations vocabulary to code-review report artifacts |
| **coding-standards/code-review/diff-computation** | Code review diff computation: branch detection, scope locking, large-diff handling, and non-source filtering |
| **coding-standards/code-review/review-artifacts** | Code review artifact persistence: folder structure, metadata schema, verdict normalization, and writing rules |
| **coding-standards/csharp/csharp** | C# (CSharp) code authoring conventions |
| **coding-standards/csharp/csharp-tests** | C# (CSharp) test code authoring conventions |
| **coding-standards/powershell/pester** | Instructions for Pester testing conventions |
| **coding-standards/powershell/powershell** | PowerShell scripting conventions |
| **coding-standards/python-script** | Python scripting conventions |
| **coding-standards/python-tests** | Python test code authoring conventions |
| **coding-standards/rust/rust** | Rust code authoring conventions |
| **coding-standards/rust/rust-tests** | Rust test code authoring conventions |
| **coding-standards/terraform/terraform** | Terraform infrastructure-as-code authoring conventions |
| **coding-standards/uv-projects** | Create and manage Python virtual environments using uv commands |
| **design-thinking/dt-canonical-deck** | Opt-in canonical deck and customer-card workflow for DT coaching |
| **design-thinking/dt-coach-telemetry** | Design Thinking Coach telemetry overlay applying telemetry-foundations vocabulary to DT session artifacts |
| **design-thinking/dt-coaching-identity** | Design Thinking coach identity, philosophy, and user interaction requirements for consistent coaching |
| **design-thinking/dt-coaching-state** | Coaching state schema for Design Thinking session persistence, method progress tracking, and session recovery |
| **design-thinking/dt-curriculum-01-scoping** | DT Curriculum Module 1: Scope Conversations - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-02-research** | DT Curriculum Module 2: Design Research - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-03-synthesis** | DT Curriculum Module 3: Synthesis - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-04-brainstorming** | DT Curriculum Module 4: Brainstorming - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-05-concepts** | DT Curriculum Module 5: User Concepts - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-06-prototypes** | DT Curriculum Module 6: Low-Fidelity Prototypes - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-07-testing** | DT Curriculum Module 7: High-Fidelity Prototypes - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-08-iteration** | DT Curriculum Module 8: User Testing - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-09-handoff** | DT Curriculum Module 9: Iteration at Scale - concepts, techniques, checks, and exercises |
| **design-thinking/dt-curriculum-scenario-manufacturing** | Manufacturing reference scenario for DT learning - factory floor improvement project used across all 9 curriculum modules |
| **design-thinking/dt-image-prompt-generation** | M365 Copilot image prompt generation techniques for Design Thinking Method 5 concept visualization with lo-fi enforcement |
| **design-thinking/dt-industry-energy** | Energy industry context for DT coaching - vocabulary, constraints, empathy tools, and reference scenarios |
| **design-thinking/dt-industry-healthcare** | Healthcare industry context for DT coaching - vocabulary, constraints, empathy tools, and reference scenarios |
| **design-thinking/dt-industry-manufacturing** | Manufacturing industry context for DT coaching - vocabulary, constraints, empathy tools, and reference scenarios |
| **design-thinking/dt-method-01-deep** | Deep expertise for Method 1: Scope Conversations, covering advanced stakeholder analysis, power dynamics, and scope negotiation |
| **design-thinking/dt-method-01-scope** | Method 1 Scope Conversations coaching knowledge for Design Thinking: frozen vs fluid assessment, stakeholder discovery, constraint patterns, and conversation navigation |
| **design-thinking/dt-method-02-deep** | Deep expertise for Method 2: Design Research, covering advanced interview techniques, ethnographic observation, and evidence triangulation |
| **design-thinking/dt-method-02-research** | Method 2 Design Research coaching knowledge: interview techniques, research planning, environmental observation, and insight extraction patterns |
| **design-thinking/dt-method-03-deep** | Deep expertise for Method 3: Input Synthesis - advanced affinity analysis, insight frameworks, and problem statement articulation |
| **design-thinking/dt-method-03-synthesis** | Method 3 Input Synthesis coaching knowledge: pattern recognition, theme development, synthesis validation, and Problem-to-Solution Space transition readiness |
| **design-thinking/dt-method-04-brainstorming** | Design Thinking Method 4: AI-assisted brainstorming with divergent ideation and convergent clustering for solution space entry |
| **design-thinking/dt-method-04-deep** | Deep expertise for Method 4: Brainstorming - advanced facilitation techniques, creative block recovery, and convergence frameworks |
| **design-thinking/dt-method-05-concepts** | Design Thinking Method 5: User Concepts coaching with concept articulation, three-lens evaluation, and stakeholder alignment for Solution Space development |
| **design-thinking/dt-method-05-deep** | Deep expertise for Method 5: User Concepts, covering advanced D/F/V analysis, image prompt crafting, concept stress-testing, and portfolio management |
| **design-thinking/dt-method-06-deep** | Deep expertise for Method 6: Low-Fidelity Prototypes; advanced paper prototyping, service blueprinting, and experience prototyping |
| **design-thinking/dt-method-06-lofi-prototypes** | Design Thinking Method 6: Lo-fi prototyping techniques, scrappy enforcement, feedback planning, and constraint discovery for Solution Space exit |
| **design-thinking/dt-method-07-deep** | Deep expertise for Method 7: High-Fidelity Prototypes; fidelity translation, architecture, and specification writing |
| **design-thinking/dt-method-07-hifi-prototypes** | Design Thinking Method 7: High-Fidelity Prototypes; technical translation, functional prototypes, and specifications |
| **design-thinking/dt-method-08-deep** | Deep expertise for Method 8: Test and Validate - advanced test design, small-sample analysis, iteration triggers, and bias mitigation |
| **design-thinking/dt-method-08-testing** | Design Thinking Method 8: User Testing - evidence-based evaluation, test protocols, and non-linear iteration support |
| **design-thinking/dt-method-09-deep** | Deep expertise for Method 9: Iteration at Scale - change management, scaling, and adoption measurement |
| **design-thinking/dt-method-09-iteration** | Design Thinking Method 9: Iteration at Scale - systematic refinement, scaling patterns, and organizational deployment |
| **design-thinking/dt-method-sequencing** | Method transition rules, nine-method sequence, space boundaries, and non-linear iteration support for Design Thinking coaching |
| **design-thinking/dt-quality-constraints** | Quality constraints, fidelity rules, and output standards for Design Thinking coaching across all nine methods |
| **design-thinking/dt-rpi-handoff-contract** | DT-to-RPI handoff contract defining exit points, artifact schemas, and per-agent input requirements for lateral transitions from Design Thinking to RPI workflow |
| **design-thinking/dt-rpi-implement-context** | DT-aware Task Implementor context: fidelity constraints, stakeholder validation, and iteration support |
| **design-thinking/dt-rpi-planning-context** | DT-aware Task Planner context: fidelity constraints, iteration support, and confidence-informed planning for DT artifacts |
| **design-thinking/dt-rpi-research-context** | DT-aware Task Researcher context: frames research around DT methods, stakeholder needs, and empathy-driven inquiry |
| **design-thinking/dt-rpi-review-context** | DT-aware Task Reviewer context: quality criteria for Design Thinking artifacts |
| **design-thinking/dt-subagent-handoff** | DT subagent handoff workflow: readiness assessment, artifact compilation, and handoff validation via subagent dispatch |
| **experimental/experiment-designer** | MVE domain knowledge and coaching conventions for the Experiment Designer agent |
| **experimental/graphify** | Conventions for consuming graphify-out/ knowledge-graph evidence inside the RPI workflow |
| **experimental/mural/mural-bootstrap** | Fresh-session Mural bootstrap requirements for doctor checks, credential backend selection, and safe escalation before Mural tool use. |
| **experimental/mural/mural-destinations** | Open destination registry for Mural extractor writeback: registered adapters, intent axis, and per-destination loop-closure metrics. |
| **experimental/mural/mural-human-record** | Mural is the durable record of human conversation; AI never silently authors decisions and AI contribution must remain visible somewhere durable. |
| **experimental/mural/mural-log-hygiene** | Operator log-hygiene contract for Mural customizations: never echo raw URLs, Azure SAS query strings, OAuth tokens, or Authorization headers; the skill _redact() is a defense-in-depth backstop, not a license to log. |
| **experimental/mural/mural-seeding-patterns** | Cross-cutting Mural seeding conventions: duplicate-then-populate, source-artifact-to-area binding, anchor inheritance, probe-before-bulk, z-order visibility (detection-only), layout primitives applied across DT, RAI, and UX/UI workflows. |
| **experimental/mural/mural-writeback-hygiene** | Writeback hygiene rules for Mural: tags, hyperlinks, and parentId are the only stable channels; reserved tags are protected; tag manifests are re-applied defensively. |
| **experimental/mural/mural-writing-style** | Asymmetric writing style for Mural: outbound (writing into Mural) is sticky-concise; inbound (extracting from Mural) is context-hydrated. |
| **experimental/pptx** | Shared conventions for PowerPoint Builder agent, subagent, and powerpoint skill |
| **github/community-interaction** | Community interaction voice, tone, and response templates for GitHub-facing agents and prompts |
| **github/github-backlog-discovery** | GitHub issue backlog discovery: artifact-driven, user-centric, search-based |
| **github/github-backlog-planning** | GitHub backlog management: planning files, search protocols, similarity assessment, and state persistence |
| **github/github-backlog-triage** | GitHub issue backlog triage: label suggestion, milestone assignment, and duplicate detection |
| **github/github-backlog-update** | GitHub issue backlog execution: consumes planning handoffs and runs issue operations |
| **hve-core/commit-message** | Commit message format and conventions |
| **hve-core/git-merge** | Git merge, rebase, and rebase --onto workflows with conflict handling and stop controls |
| **hve-core/markdown** | Markdown authoring conventions for all .md files |
| **hve-core/prompt-builder** | Authoring standards for prompts, agents, instructions, and skills |
| **hve-core/pull-request** | Pull request description generation and creation via diff analysis, subagent review, and MCP tools |
| **hve-core/task-implementor-telemetry** | Task Implementor telemetry overlay applying telemetry-foundations vocabulary to implementation change artifacts |
| **hve-core/writing-style** | Writing style conventions for voice, tone, and language in markdown content |
| **jira/jira-backlog-discovery** | Jira issue backlog discovery: user-centric, artifact-driven, JQL-based |
| **jira/jira-backlog-planning** | Jira backlog management: planning files, search conventions, similarity assessment, and state persistence |
| **jira/jira-backlog-triage** | Jira issue backlog triage: field recommendations, duplicate detection, and controlled execution |
| **jira/jira-backlog-update** | Jira backlog execution: consumes planning handoffs and applies sequential Jira operations |
| **jira/jira-wit-planning** | Jira PRD work item planning: hierarchy mapping, field validation, and handoff contracts |
| **project-planning/adr-byo-template** | BYO ADR template contract: 2-layer config resolution, .adr-config.yml schema, template frontmatter contract, and adopt-template lifecycle for the ADR Creator |
| **project-planning/adr-creation-telemetry** | ADR Planner telemetry overlay applying telemetry-foundations vocabulary to ADR artifacts |
| **project-planning/adr-handoff** | ADR Creator Govern-phase handoff protocol: compact summary template, peer-agent routing heuristics, and dual-format (ADO + GitHub) work item templates |
| **project-planning/adr-identity** | ADR Creator identity, three-phase state machine, six-step per-turn protocol, autonomy tiers, and canonical state.json schema for Architecture Decision Record authoring sessions |
| **project-planning/adr-standards** | Embedded ADR standards: MADR v4.0.0 template (CC0), Y-Statement formula, status taxonomy, naming rules, ASR trigger schema, and Microsoft-attributed paraphrases for ADR Creator sessions |
| **project-planning/prd-builder-telemetry** | PRD Builder telemetry overlay applying telemetry-foundations vocabulary to PRD artifacts |
| **rai-planning/rai-backlog-handoff** | RAI review and backlog handoff for Phase 6: review rubric, RAI review summary, dual-format backlog generation |
| **rai-planning/rai-capture-coaching** | Exploration-first questioning techniques for RAI capture mode adapted from Design Thinking research methods |
| **rai-planning/rai-identity** | RAI Planner identity, 6-phase orchestration, state management, and session recovery |
| **rai-planning/rai-impact-assessment** | RAI impact assessment for Phase 5: control surface taxonomy, evidence register, tradeoff documentation, and work item generation |
| **rai-planning/rai-planner-telemetry** | RAI Planner telemetry overlay applying telemetry-foundations vocabulary to RAI plan artifacts |
| **rai-planning/rai-risk-classification** | Risk classification screening for Phase 2: prohibited uses gate, risk indicator assessment, and depth tier assignment |
| **rai-planning/rai-security-model** | RAI security model analysis for Phase 4: AI STRIDE extensions, dual threat IDs, ML STRIDE matrix, and security model merge protocol |
| **rai-planning/rai-standards** | Embedded RAI standards for Phase 3: NIST AI RMF 1.0 trustworthiness characteristics, subcategory mappings, and framework isolation architecture |
| **security/backlog-handoff** | Dual-format backlog handoff for ADO and GitHub with content sanitization, autonomy tiers, and work item templates |
| **security/identity** | Security Planner identity, six-phase orchestration, state management, and session recovery protocols |
| **security/operational-buckets** | Operational bucket definitions with component classification guidance and cross-cutting security concerns |
| **security/security-model** | STRIDE-based security model analysis per operational bucket with threat table format and data flow analysis |
| **security/security-planner-telemetry** | Security Planner telemetry overlay applying telemetry-foundations vocabulary to security plan artifacts |
| **security/sssc-assessment** | Phase 2 supply chain assessment protocol with the 27 combined capabilities inventory for SSSC Planner. |
| **security/sssc-backlog** | Phase 5 dual-format work item generation with templates and priority derivation for SSSC Planner. |
| **security/sssc-gap-analysis** | Phase 4 gap comparison, adoption categorization, and effort sizing for SSSC Planner. |
| **security/sssc-handoff** | Phase 6 backlog handoff protocol with Scorecard projections and dual-format output for SSSC Planner. |
| **security/sssc-identity** | SSSC Planner identity and orchestration: six-phase workflow, state.json schema, session recovery, and question cadence |
| **security/sssc-planner-telemetry** | SSSC Planner telemetry overlay applying telemetry-foundations vocabulary to SSSC plan artifacts |
| **security/sssc-standards** | Phase 3 OpenSSF Scorecard, SLSA v1.0, OpenSSF Best Practices Badge, Sigstore (cosign), and NTIA SBOM minimum elements standards mapping for SSSC Planner. |
| **security/standards-mapping** | Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups |
| **shared/coaching-patterns** | Shared exploration-first coaching patterns for planning agents (RAI, security, SSSC) adapted from Design Thinking research methods |
| **shared/disclaimer-language** | Centralized disclaimer language for AI-assisted planning agents requiring professional review acknowledgment |
| **shared/hve-core-location** | Important: hve-core is the repository containing this instruction file; Guidance: if a referenced prompt, instructions, agent, or script is missing in the current directory, fall back to this hve-core location by walking up this file's directory tree. |
| **shared/planner-identity-base** | Shared identity scaffold for phase-based planning agents (SSSC, RAI, Security, Accessibility) covering state-file convention, six-phase orchestration template, state protocol, resume protocol, question cadence mechanics, optional disclaimer cadence, and error handling |
| **shared/story-quality** | Shared story quality conventions for work item creation and evaluation across agents and workflows |
### Skills
| Name | Description |
|-------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **adr-author** | Authoring skill for Architecture Decision Records (ADRs) supporting capture, from-planner-handoff, and adopt-template entry modes with selectable Y-Statement or MADR v4.0.0 output templates, supersession lineage, and ASR trigger evaluation - Brought to you by microsoft/hve-core. |
| **aria-apg** | WAI-ARIA Authoring Practices Guide (APG) design pattern knowledge base for accessibility assessment |
| **backlog-templates** | Shared work-item templates and conventions for ADO and GitHub backlog handoff across the RAI, Security, SSSC, and Accessibility planners |
| **coga** | W3C Making Content Usable for People with Cognitive and Learning Disabilities (COGA) knowledge base for accessibility assessment |
| **customer-card-render** | Generate customer-card PowerPoint content YAML from Design Thinking canonical artifacts and build using the shared PowerPoint skill pipeline |
| **en-301-549** | European EN 301 549 V3.2.1 ICT Accessibility Standard knowledge base for accessibility assessment |
| **gh-code-scanning** | Retrieves and groups GitHub code scanning alerts by rule and severity using the gh CLI |
| **gitlab** | Manage GitLab merge requests and pipelines with a Python CLI |
| **hve-core-installer** | Decision-driven HVE-Core installer with multiple clone-based and extension install methods, environment detection, and agent customization |
| **jira** | Jira issue workflows for search, issue updates, transitions, comments, and field discovery via the Jira REST API. Use when you need to search with JQL, inspect an issue, create or update work items, move an issue between statuses, post comments, or discover required fields for issue creation. |
| **mural** | Mural workspace, room, mural, and widget workflows via the Mural REST API exposed through a Python CLI. Use when you need to read or write Mural content or automate widget creation. |
| **owasp-agentic** | OWASP Agentic Security Top 10 knowledge base for identifying, assessing, and remediating AI agent system security risks. |
| **owasp-cicd** | OWASP CI/CD Top 10 knowledge base for identifying, assessing, and remediating CI/CD pipeline security risks. |
| **owasp-infrastructure** | OWASP Infrastructure Top 10 knowledge base for identifying, assessing, and remediating internal IT infrastructure security risks. |
| **owasp-llm** | OWASP Top 10 for LLM Applications (2025) knowledge base for identifying, assessing, and remediating large language model security risks. |
| **owasp-mcp** | OWASP MCP Top 10 knowledge base for identifying, assessing, and remediating Model Context Protocol security risks. |
| **owasp-top-10** | OWASP Top 10 for Web Applications (2025) knowledge base for identifying, assessing, and remediating web application security risks. |
| **powerpoint** | PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling |
| **pr-reference** | Generates PR reference XML with commit history and unified diffs between branches, with extension and path filtering. Use when creating pull request descriptions, preparing code reviews, analyzing branch changes, discovering work items from diffs, or generating structured diff summaries. |
| **python-foundational** | Foundational Python best practices, idioms, and code quality fundamentals |
| **section-508** | US Section 508 ICT Accessibility Standards (revised 2017) knowledge base for accessibility assessment |
| **secure-by-design** | Secure by Design principles knowledge base for assessing security-first design, development, and deployment across the software lifecycle. |
| **security-reviewer-formats** | Format specifications and data contracts for the security reviewer orchestrator and its subagents. |
| **telemetry-foundations** | Declarative OpenTelemetry-aligned telemetry vocabulary and instrumentation conventions for traces, metrics, logs, and PII handling |
| **tts-voiceover** | Text-to-speech voice-over generation from YAML speaker notes using Azure Speech SDK with SSML pronunciation control |
| **video-to-gif** | Video-to-GIF conversion with FFmpeg two-pass optimization |
| **vscode-playwright** | VS Code screenshot capture using Playwright MCP with serve-web for slide decks and documentation |
| **wcag-22** | WCAG 2.2 success criteria knowledge base for accessibility assessment |
<!-- END AUTO-GENERATED ARTIFACTS -->
## Install
```bash
copilot plugin install hve-core-all@hve-core
```
## Agents
| Agent | Description |
|------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ado-backlog-manager | Azure DevOps backlog orchestrator for triage, discovery, sprint planning, PRD-to-work-item conversion, and execution |
| ado-prd-to-wit | Product Manager expert for analyzing PRDs and planning Azure DevOps work item hierarchies |
| code-review-full | Orchestrator that runs functional and standards code reviews via subagents and produces a merged report |
| code-review-functional | Pre-PR branch diff reviewer for functional correctness, error handling, edge cases, and testing gaps |
| code-review-standards | Skills-based code reviewer applying project-defined coding standards to local changes and PRs |
| eval-dataset-creator | Creates evaluation datasets and documentation for AI agent testing using interview-driven data curation |
| gen-data-spec | Generate data dictionaries, machine-readable data profiles, and summaries for downstream EDA notebooks and dashboards |
| gen-jupyter-notebook | Create exploratory data analysis (EDA) Jupyter notebooks from data sources and data dictionaries |
| gen-streamlit-dashboard | Develop a multi-page Streamlit dashboard |
| test-streamlit-dashboard | Automated testing for Streamlit dashboards using Playwright with issue tracking and reporting |
| dt-coach | Design Thinking coach guiding teams through the 9-method HVE framework with Think/Speak/Empower philosophy |
| dt-learning-tutor | Design Thinking learning tutor providing structured curriculum, comprehension checks, and adaptive pacing |
| experiment-designer | Coach for designing a Minimum Viable Experiment (MVE) with hypothesis formation, vetting, and experiment planning |
| pptx | Creates, updates, and manages PowerPoint slide decks using YAML-driven content with python-pptx |
| pptx-subagent | Executes PowerPoint skill operations including content extraction, YAML creation, deck building, and visual validation |
| github-backlog-manager | GitHub backlog orchestrator for triage, discovery, sprint planning, and execution |
| doc-ops | Documentation operations agent for pattern compliance, accuracy verification, and gap detection |
| memory | Conversation memory persistence for session continuity |
| pr-review | Pull Request review assistant for code quality, security, and convention compliance |
| prompt-builder | Prompt engineering assistant for creating and validating prompts, agents, and instructions |
| rpi-agent | Autonomous RPI orchestrator running Research → Plan → Implement → Review → Discover phases with specialized subagents |
| implementation-validator | Validates implementation quality against architectural requirements, design principles, and code standards with severity-graded findings |
| phase-implementor | Executes a single implementation phase from a plan with full codebase access and change tracking |
| plan-validator | Validates implementation plans against research documents with severity-graded findings |
| prompt-evaluator | Evaluates prompt execution results against Prompt Quality Criteria with severity-graded findings and remediation guidance |
| prompt-tester | Tests prompt files by following them literally in a sandbox, without interpreting beyond face value |
| prompt-updater | Creates and modifies prompts, instructions, agents, and skills following prompt engineering conventions |
| researcher-subagent | Research subagent using search, read, web-fetch, GitHub repo, and MCP tools |
| rpi-validator | Validates a Changes Log against the Implementation Plan, Planning Log, and Research Documents for a specific plan phase |
| task-challenger | Adversarial questioning agent that interrogates implementations with What/Why/How questions: no suggestions, no hints, no leading |
| task-implementor | Executes implementation plans from .copilot-tracking/plans with progressive tracking and change records |
| task-planner | Implementation planner that creates actionable, step-by-step plans |
| task-researcher | Task research specialist for comprehensive project analysis |
| task-reviewer | Reviews completed implementation work for accuracy, completeness, and convention compliance |
| jira-backlog-manager | Jira backlog orchestrator for discovery, triage, execution, and single-issue actions |
| jira-prd-to-wit | Product Manager expert for analyzing PRDs and planning Jira issue hierarchies without mutating Jira |
| adr-creation | ADR Creator: phase-gated creator producing standards-aligned Architecture Decision Records (Frame, Decide, Govern), with state recovery, Researcher Subagent delegation, and dual-format backlog handoff |
| agile-coach | Creates and refines goal-oriented user stories with clear acceptance criteria for any tracking tool |
| arch-diagram-builder | Architecture diagram builder that produces high-quality ASCII-art diagrams |
| brd-builder | Business Requirements Document builder with guided Q&A and reference integration |
| meeting-analyst | Meeting transcript analyzer that extracts product requirements for PRD creation via work-iq-mcp |
| network-isa95-planner | ISA-95-aligned network planning for secure edge Kubernetes to Azure connectivity and remediation roadmaps |
| prd-builder | Product Requirements Document builder with guided Q&A and reference integration |
| product-manager-advisor | Product management advisor for requirements discovery, validation, and issue creation |
| system-architecture-reviewer | System architecture reviewer for design trade-offs, ADR creation, and well-architected alignment |
| ux-ui-designer | UX research specialist for Jobs-to-be-Done analysis, user journey mapping, and accessibility requirements |
| rai-planner | Responsible AI assessment planner evaluating against NIST AI RMF 1.0, producing an RAI security model, impact assessment, control surface catalog, and backlog handoff |
| security-planner | Phase-based security planner producing security models, standards mappings, and backlog handoffs with AI/ML detection and RAI Planner integration |
| security-reviewer | Security skill assessment orchestrator for codebase profiling and vulnerability reporting |
| sssc-planner | Six-phase repository supply chain security assessment against OpenSSF Scorecard, SLSA, Sigstore, and SBOM standards, producing a prioritized backlog of reusable workflows. |
| codebase-profiler | Scans the repository to build a technology profile and select applicable security skills |
| finding-deep-verifier | Deep adversarial verification of FAIL and PARTIAL findings for a single security skill |
| report-generator | Collates verified security skill findings into a comprehensive vulnerability report |
| skill-assessor | Assesses a single security skill against the codebase and returns structured findings |
## Commands
| Command | Description |
|---------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------|
| ado-add-work-item | Create a single Azure DevOps work item with conversational field collection and parent validation |
| ado-create-pull-request | Create an Azure DevOps pull request with generated description, linked work items, and reviewers |
| ado-discover-work-items | Discover Azure DevOps work items via user queries, artifact analysis, or search |
| ado-get-build-info | Retrieve Azure DevOps build status and logs for a pull request or build number |
| ado-get-my-work-items | Retrieve your assigned Azure DevOps work items into a planning file |
| ado-process-my-work-items-for-task-planning | Process retrieved work items for task planning and generate task-planning-logs.md handoff file |
| ado-sprint-plan | Plan an Azure DevOps sprint by analyzing iteration coverage, capacity, dependencies, and backlog gaps |
| ado-triage-work-items | Triage untriaged Azure DevOps work items with field classification, iteration assignment, and duplicate detection |
| ado-update-wit-items | Update Azure DevOps work items from planning files |
| code-review-full | Run both functional and standards code reviews on the current branch in a single pass |
| code-review-functional | Pre-PR branch diff review for functional correctness, error handling, edge cases, and testing gaps |
| synth-data-generate | Generate synthetic data for any subject with realistic patterns and relationships |
| dt-canonical-deck | Canonical deck workflow: opt-in offer, snapshot generation/refresh, and optional customer-card PowerPoint build |
| dt-figma-export | Export Design Thinking artifacts to a FigJam board or Figma Design file via the Figma MCP server |
| dt-handoff-implementation-space | Compiles DT Methods 7-9 outputs into an RPI-ready handoff artifact targeting Task Researcher |
| dt-handoff-problem-space | Problem Space exit handoff - compiles DT Methods 1-3 outputs into an RPI-ready artifact targeting Task Researcher |
| dt-handoff-solution-space | Solution Space exit handoff - compiles DT Methods 4-6 outputs into an RPI-ready artifact targeting Task Researcher |
| dt-method-04-convergence | Theme discovery for Design Thinking Method 4c through philosophy-based clustering |
| dt-method-04-ideation | Divergent ideation for Design Thinking Method 4b with constraint-informed solution generation |
| dt-method-05-concepts | Concept articulation for Design Thinking Method 5b from brainstorming themes |
| dt-method-05-evaluation | Stakeholder alignment and three-lens evaluation for Design Thinking Method 5c |
| dt-method-06-building | Scrappy prototype building with fidelity enforcement for Design Thinking Method 6b |
| dt-method-06-planning | Concept analysis and prototype approach design for Design Thinking Method 6a |
| dt-method-06-testing | Hypothesis-driven testing and constraint validation for Design Thinking Method 6c |
| dt-method-next | Assess DT project state and recommend next method with sequencing validation |
| dt-resume-coaching | Resume a Design Thinking coaching session - reads coaching state and re-establishes context |
| dt-start-project | Start a new Design Thinking coaching project with state initialization and first coaching interaction |
| cspell-config | Create or update the project cspell configuration with project words and ignores |
| graph-research | Research a codebase using an existing graphify knowledge graph, with audit-tagged evidence reporting - Brought to you by microsoft/hve-core |
| github-add-issue | Create a GitHub issue using discovered repository templates and conversational field collection |
| github-discover-issues | Discover GitHub issues via user queries, artifact analysis, or search and produce planning files |
| github-execute-backlog | Execute a GitHub backlog plan by creating, updating, linking, closing, and commenting on issues from a handoff file |
| github-sprint-plan | Plan a GitHub milestone sprint by analyzing issue coverage, gaps, and prioritized backlog |
| github-suggest | Resume GitHub backlog management workflow after session restore |
| github-triage-issues | Triage untriaged GitHub issues with label suggestions, milestone assignment, and duplicate detection |
| checkpoint | Save or restore conversation context using memory files |
| doc-ops-update | Run the doc-ops agent for documentation quality assurance and updates |
| git-commit-message | Generate a conventional commit message from all branch changes |
| git-commit | Stage all changes, generate a conventional commit message, and commit |
| git-merge | Coordinate Git merge, rebase, and rebase --onto workflows with conflict handling |
| git-setup | Interactive, verification-first Git configuration assistant (non-destructive) |
| prompt-analyze | Evaluate prompt engineering artifacts against quality criteria and report findings |
| prompt-build | Build or improve prompt engineering artifacts following quality criteria |
| prompt-refactor | Refactor and clean up prompt engineering artifacts through iterative improvement |
| pull-request | Generate pull request descriptions from branch diffs |
| rpi | Autonomous Research-Plan-Implement-Review-Discover workflow for completing tasks |
| task-challenge | Adversarial What/Why/How interrogation of completed implementation artifacts |
| task-implement | Locate and execute implementation plans using Task Implementor |
| task-plan | Initiate implementation planning from user context or research documents |
| task-research | Initiate research for implementation planning from user requirements |
| task-review | Initiate implementation review from user context or artifact discovery |
| jira-discover-issues | Discover Jira issues via user queries, artifact analysis, or JQL search and produce planning files |
| jira-execute-backlog | Execute a Jira backlog plan by creating, updating, transitioning, and commenting on issues from a handoff file |
| jira-prd-to-wit | Analyze PRD artifacts and plan Jira issue hierarchies without mutating Jira |
| jira-setup | Interactive, verification-first Jira credential configuration assistant (non-destructive) |
| jira-triage-issues | Triage Jira issues with field recommendations, duplicate detection, and optional updates |
| rai-capture | Start responsible AI assessment planning from existing knowledge using the RAI Planner agent in capture mode |
| rai-plan-from-prd | Start responsible AI assessment planning from PRD/BRD artifacts using the RAI Planner agent in from-prd mode |
| rai-plan-from-security-plan | Start responsible AI assessment planning from a completed Security Plan using the RAI Planner agent in from-security-plan mode (recommended) |
| incident-response | Run an incident response workflow for Azure operations scenarios |
| risk-register | Create a qualitative risk register using a Probability × Impact (P×I) matrix |
| security-capture | Start security planning from existing notes using the Security Planner agent (capture mode) |
| security-plan-from-prd | Start security planning from PRD/BRD artifacts using the Security Planner agent (from-prd mode) |
| security-review-llm | Run OWASP LLM and Agentic vulnerability assessments with codebase profiling |
| security-review-sbd | Run a Secure by Design principles assessment per UK and Australian government guidance |
| security-review-web | Run an OWASP Top 10 web vulnerability assessment without codebase profiling |
| security-review | Run an OWASP vulnerability assessment against the current codebase |
| sssc-capture | Start supply chain security planning from existing knowledge using the SSSC Planner agent in capture mode |
| sssc-from-brd | Start supply chain security planning from BRD artifacts using the SSSC Planner agent in from-brd mode |
| sssc-from-prd | Start supply chain security planning from PRD artifacts using the SSSC Planner agent in from-prd mode |
| sssc-from-security-plan | Extend a Security Planner assessment with supply chain coverage using the SSSC Planner agent in from-security-plan mode |
## Instructions
| Instruction | Description |
|---------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| accessibility-backlog-handoff.instructions | Accessibility review rubric and dual-format ADO + GitHub backlog handoff with inlined planning disclaimer |
| accessibility-capture-coaching.instructions | Exploration-first questioning techniques for accessibility capture mode covering personas, contextual inquiry, and conflict surfacing |
| accessibility-framework-selection.instructions | Framework selection protocol for the Accessibility Planner: host-aware multi-select, default selections, conformance levels, and the atomic disabled bundle |
| accessibility-identity.instructions | Identity and orchestration instructions for the Accessibility Planner agent. Contains six-phase workflow, state.json schema reference, session recovery, and question cadence. |
| accessibility-impact-assessment.instructions | Accessibility impact assessment covering control surfaces, evidence register, tradeoff documentation, and seed work-item generation |
| accessibility-license-posture.instructions | Required posture for licensing and reproduction of accessibility standards reference text |
| ado-backlog-sprint.instructions | Sprint planning workflow for Azure DevOps iterations with coverage analysis, capacity tracking, and gap detection |
| ado-backlog-triage.instructions | Triage workflow for Azure DevOps work items with field classification, iteration assignment, and duplicate detection |
| ado-create-pull-request.instructions | Azure DevOps pull request creation with work item discovery, reviewer identification, and automated linking |
| ado-get-build-info.instructions | Azure DevOps build information: status, logs, and details from a PR, build ID, or branch name |
| ado-interaction-templates.instructions | Work item description and comment templates for consistent Azure DevOps content formatting |
| ado-update-wit-items.instructions | Work item creation and update protocol using MCP ADO tools with handoff tracking |
| ado-wit-discovery.instructions | Azure DevOps work item discovery via user assignment or artifact analysis with planning file output |
| ado-wit-planning.instructions | Azure DevOps work item planning files, templates, field definitions, and search protocols |
| bash.instructions | Bash script authoring conventions |
| bicep.instructions | Bicep infrastructure-as-code authoring conventions |
| code-review-telemetry.instructions | Code Review telemetry overlay applying telemetry-foundations vocabulary to code-review report artifacts |
| diff-computation.instructions | Code review diff computation: branch detection, scope locking, large-diff handling, and non-source filtering |
| review-artifacts.instructions | Code review artifact persistence: folder structure, metadata schema, verdict normalization, and writing rules |
| csharp-tests.instructions | C# (CSharp) test code authoring conventions |
| csharp.instructions | C# (CSharp) code authoring conventions |
| pester.instructions | Instructions for Pester testing conventions |
| powershell.instructions | PowerShell scripting conventions |
| python-script.instructions | Python scripting conventions |
| python-tests.instructions | Python test code authoring conventions |
| rust-tests.instructions | Rust test code authoring conventions |
| rust.instructions | Rust code authoring conventions |
| terraform.instructions | Terraform infrastructure-as-code authoring conventions |
| uv-projects.instructions | Create and manage Python virtual environments using uv commands |
| dt-canonical-deck.instructions | Opt-in canonical deck and customer-card workflow for DT coaching |
| dt-coach-telemetry.instructions | Design Thinking Coach telemetry overlay applying telemetry-foundations vocabulary to DT session artifacts |
| dt-coaching-identity.instructions | Design Thinking coach identity, philosophy, and user interaction requirements for consistent coaching |
| dt-coaching-state.instructions | Coaching state schema for Design Thinking session persistence, method progress tracking, and session recovery |
| dt-curriculum-01-scoping.instructions | DT Curriculum Module 1: Scope Conversations - concepts, techniques, checks, and exercises |
| dt-curriculum-02-research.instructions | DT Curriculum Module 2: Design Research - concepts, techniques, checks, and exercises |
| dt-curriculum-03-synthesis.instructions | DT Curriculum Module 3: Synthesis - concepts, techniques, checks, and exercises |
| dt-curriculum-04-brainstorming.instructions | DT Curriculum Module 4: Brainstorming - concepts, techniques, checks, and exercises |
| dt-curriculum-05-concepts.instructions | DT Curriculum Module 5: User Concepts - concepts, techniques, checks, and exercises |
| dt-curriculum-06-prototypes.instructions | DT Curriculum Module 6: Low-Fidelity Prototypes - concepts, techniques, checks, and exercises |
| dt-curriculum-07-testing.instructions | DT Curriculum Module 7: High-Fidelity Prototypes - concepts, techniques, checks, and exercises |
| dt-curriculum-08-iteration.instructions | DT Curriculum Module 8: User Testing - concepts, techniques, checks, and exercises |
| dt-curriculum-09-handoff.instructions | DT Curriculum Module 9: Iteration at Scale - concepts, techniques, checks, and exercises |
| dt-curriculum-scenario-manufacturing.instructions | Manufacturing reference scenario for DT learning - factory floor improvement project used across all 9 curriculum modules |
| dt-image-prompt-generation.instructions | M365 Copilot image prompt generation techniques for Design Thinking Method 5 concept visualization with lo-fi enforcement |
| dt-industry-energy.instructions | Energy industry context for DT coaching - vocabulary, constraints, empathy tools, and reference scenarios |
| dt-industry-healthcare.instructions | Healthcare industry context for DT coaching - vocabulary, constraints, empathy tools, and reference scenarios |
| dt-industry-manufacturing.instructions | Manufacturing industry context for DT coaching - vocabulary, constraints, empathy tools, and reference scenarios |
| dt-method-01-deep.instructions | Deep expertise for Method 1: Scope Conversations, covering advanced stakeholder analysis, power dynamics, and scope negotiation |
| dt-method-01-scope.instructions | Method 1 Scope Conversations coaching knowledge for Design Thinking: frozen vs fluid assessment, stakeholder discovery, constraint patterns, and conversation navigation |
| dt-method-02-deep.instructions | Deep expertise for Method 2: Design Research, covering advanced interview techniques, ethnographic observation, and evidence triangulation |
| dt-method-02-research.instructions | Method 2 Design Research coaching knowledge: interview techniques, research planning, environmental observation, and insight extraction patterns |
| dt-method-03-deep.instructions | Deep expertise for Method 3: Input Synthesis - advanced affinity analysis, insight frameworks, and problem statement articulation |
| dt-method-03-synthesis.instructions | Method 3 Input Synthesis coaching knowledge: pattern recognition, theme development, synthesis validation, and Problem-to-Solution Space transition readiness |
| dt-method-04-brainstorming.instructions | Design Thinking Method 4: AI-assisted brainstorming with divergent ideation and convergent clustering for solution space entry |
| dt-method-04-deep.instructions | Deep expertise for Method 4: Brainstorming - advanced facilitation techniques, creative block recovery, and convergence frameworks |
| dt-method-05-concepts.instructions | Design Thinking Method 5: User Concepts coaching with concept articulation, three-lens evaluation, and stakeholder alignment for Solution Space development |
| dt-method-05-deep.instructions | Deep expertise for Method 5: User Concepts, covering advanced D/F/V analysis, image prompt crafting, concept stress-testing, and portfolio management |
| dt-method-06-deep.instructions | Deep expertise for Method 6: Low-Fidelity Prototypes; advanced paper prototyping, service blueprinting, and experience prototyping |
| dt-method-06-lofi-prototypes.instructions | Design Thinking Method 6: Lo-fi prototyping techniques, scrappy enforcement, feedback planning, and constraint discovery for Solution Space exit |
| dt-method-07-deep.instructions | Deep expertise for Method 7: High-Fidelity Prototypes; fidelity translation, architecture, and specification writing |
| dt-method-07-hifi-prototypes.instructions | Design Thinking Method 7: High-Fidelity Prototypes; technical translation, functional prototypes, and specifications |
| dt-method-08-deep.instructions | Deep expertise for Method 8: Test and Validate - advanced test design, small-sample analysis, iteration triggers, and bias mitigation |
| dt-method-08-testing.instructions | Design Thinking Method 8: User Testing - evidence-based evaluation, test protocols, and non-linear iteration support |
| dt-method-09-deep.instructions | Deep expertise for Method 9: Iteration at Scale - change management, scaling, and adoption measurement |
| dt-method-09-iteration.instructions | Design Thinking Method 9: Iteration at Scale - systematic refinement, scaling patterns, and organizational deployment |
| dt-method-sequencing.instructions | Method transition rules, nine-method sequence, space boundaries, and non-linear iteration support for Design Thinking coaching |
| dt-quality-constraints.instructions | Quality constraints, fidelity rules, and output standards for Design Thinking coaching across all nine methods |
| dt-rpi-handoff-contract.instructions | DT-to-RPI handoff contract defining exit points, artifact schemas, and per-agent input requirements for lateral transitions from Design Thinking to RPI workflow |
| dt-rpi-implement-context.instructions | DT-aware Task Implementor context: fidelity constraints, stakeholder validation, and iteration support |
| dt-rpi-planning-context.instructions | DT-aware Task Planner context: fidelity constraints, iteration support, and confidence-informed planning for DT artifacts |
| dt-rpi-research-context.instructions | DT-aware Task Researcher context: frames research around DT methods, stakeholder needs, and empathy-driven inquiry |
| dt-rpi-review-context.instructions | DT-aware Task Reviewer context: quality criteria for Design Thinking artifacts |
| dt-subagent-handoff.instructions | DT subagent handoff workflow: readiness assessment, artifact compilation, and handoff validation via subagent dispatch |
| experiment-designer.instructions | MVE domain knowledge and coaching conventions for the Experiment Designer agent |
| graphify.instructions | Conventions for consuming graphify-out/ knowledge-graph evidence inside the RPI workflow - Brought to you by microsoft/hve-core |
| mural-bootstrap.instructions | Fresh-session Mural bootstrap requirements for doctor checks, credential backend selection, and safe escalation before Mural tool use. |
| mural-destinations.instructions | Open destination registry for Mural extractor writeback: registered adapters, intent axis, and per-destination loop-closure metrics. |
| mural-human-record.instructions | Mural is the durable record of human conversation; AI never silently authors decisions and AI contribution must remain visible somewhere durable. |
| mural-log-hygiene.instructions | Operator log-hygiene contract for Mural customizations: never echo raw URLs, Azure SAS query strings, OAuth tokens, or Authorization headers; the skill _redact() is a defense-in-depth backstop, not a license to log. |
| mural-seeding-patterns.instructions | Cross-cutting Mural seeding conventions: duplicate-then-populate, source-artifact-to-area binding, anchor inheritance, probe-before-bulk, z-order visibility (detection-only), layout primitives applied across DT, RAI, and UX/UI workflows. |
| mural-writeback-hygiene.instructions | Writeback hygiene rules for Mural: tags, hyperlinks, and parentId are the only stable channels; reserved tags are protected; tag manifests are re-applied defensively. |
| mural-writing-style.instructions | Asymmetric writing style for Mural: outbound (writing into Mural) is sticky-concise; inbound (extracting from Mural) is context-hydrated. |
| pptx.instructions | Shared conventions for PowerPoint Builder agent, subagent, and powerpoint skill |
| community-interaction.instructions | Community interaction voice, tone, and response templates for GitHub-facing agents and prompts |
| github-backlog-discovery.instructions | GitHub issue backlog discovery: artifact-driven, user-centric, search-based |
| github-backlog-planning.instructions | GitHub backlog management: planning files, search protocols, similarity assessment, and state persistence |
| github-backlog-triage.instructions | GitHub issue backlog triage: label suggestion, milestone assignment, and duplicate detection |
| github-backlog-update.instructions | GitHub issue backlog execution: consumes planning handoffs and runs issue operations |
| commit-message.instructions | Commit message format and conventions |
| git-merge.instructions | Git merge, rebase, and rebase --onto workflows with conflict handling and stop controls |
| markdown.instructions | Markdown authoring conventions for all .md files |
| prompt-builder.instructions | Authoring standards for prompts, agents, instructions, and skills |
| pull-request.instructions | Pull request description generation and creation via diff analysis, subagent review, and MCP tools |
| task-implementor-telemetry.instructions | Task Implementor telemetry overlay applying telemetry-foundations vocabulary to implementation change artifacts |
| writing-style.instructions | Writing style conventions for voice, tone, and language in markdown content |
| jira-backlog-discovery.instructions | Jira issue backlog discovery: user-centric, artifact-driven, JQL-based |
| jira-backlog-planning.instructions | Jira backlog management: planning files, search conventions, similarity assessment, and state persistence |
| jira-backlog-triage.instructions | Jira issue backlog triage: field recommendations, duplicate detection, and controlled execution |
| jira-backlog-update.instructions | Jira backlog execution: consumes planning handoffs and applies sequential Jira operations |
| jira-wit-planning.instructions | Jira PRD work item planning: hierarchy mapping, field validation, and handoff contracts |
| adr-byo-template.instructions | BYO ADR template contract: 2-layer config resolution, .adr-config.yml schema, template frontmatter contract, and adopt-template lifecycle for the ADR Creator - Brought to you by microsoft/hve-core |
| adr-creation-telemetry.instructions | ADR Planner telemetry overlay applying telemetry-foundations vocabulary to ADR artifacts |
| adr-handoff.instructions | ADR Creator Govern-phase handoff protocol: compact summary template, peer-agent routing heuristics, and dual-format (ADO + GitHub) work item templates - Brought to you by microsoft/hve-core |
| adr-identity.instructions | ADR Creator identity, three-phase state machine, six-step per-turn protocol, autonomy tiers, and canonical state.json schema for Architecture Decision Record authoring sessions - Brought to you by microsoft/hve-core |
| adr-standards.instructions | Embedded ADR standards: MADR v4.0.0 template (CC0), Y-Statement formula, status taxonomy, naming rules, ASR trigger schema, and Microsoft-attributed paraphrases for ADR Creator sessions - Brought to you by microsoft/hve-core |
| prd-builder-telemetry.instructions | PRD Builder telemetry overlay applying telemetry-foundations vocabulary to PRD artifacts |
| rai-backlog-handoff.instructions | RAI review and backlog handoff for Phase 6: review rubric, RAI review summary, dual-format backlog generation |
| rai-capture-coaching.instructions | Exploration-first questioning techniques for RAI capture mode adapted from Design Thinking research methods |
| rai-identity.instructions | RAI Planner identity, 6-phase orchestration, state management, and session recovery |
| rai-impact-assessment.instructions | RAI impact assessment for Phase 5: control surface taxonomy, evidence register, tradeoff documentation, and work item generation |
| rai-planner-telemetry.instructions | RAI Planner telemetry overlay applying telemetry-foundations vocabulary to RAI plan artifacts |
| rai-risk-classification.instructions | Risk classification screening for Phase 2: prohibited uses gate, risk indicator assessment, and depth tier assignment |
| rai-security-model.instructions | RAI security model analysis for Phase 4: AI STRIDE extensions, dual threat IDs, ML STRIDE matrix, and security model merge protocol |
| rai-standards.instructions | Embedded RAI standards for Phase 3: NIST AI RMF 1.0 trustworthiness characteristics, subcategory mappings, and framework isolation architecture |
| backlog-handoff.instructions | Dual-format backlog handoff for ADO and GitHub with content sanitization, autonomy tiers, and work item templates |
| identity.instructions | Security Planner identity, six-phase orchestration, state management, and session recovery protocols |
| operational-buckets.instructions | Operational bucket definitions with component classification guidance and cross-cutting security concerns |
| security-model.instructions | STRIDE-based security model analysis per operational bucket with threat table format and data flow analysis |
| security-planner-telemetry.instructions | Security Planner telemetry overlay applying telemetry-foundations vocabulary to security plan artifacts |
| sssc-assessment.instructions | Phase 2 supply chain assessment protocol with the 27 combined capabilities inventory for SSSC Planner. |
| sssc-backlog.instructions | Phase 5 dual-format work item generation with templates and priority derivation for SSSC Planner. |
| sssc-gap-analysis.instructions | Phase 4 gap comparison, adoption categorization, and effort sizing for SSSC Planner. |
| sssc-handoff.instructions | Phase 6 backlog handoff protocol with Scorecard projections and dual-format output for SSSC Planner. |
| sssc-identity.instructions | SSSC Planner identity and orchestration: six-phase workflow, state.json schema, session recovery, and question cadence |
| sssc-planner-telemetry.instructions | SSSC Planner telemetry overlay applying telemetry-foundations vocabulary to SSSC plan artifacts |
| sssc-standards.instructions | Phase 3 OpenSSF Scorecard, SLSA v1.0, OpenSSF Best Practices Badge, Sigstore (cosign), and NTIA SBOM minimum elements standards mapping for SSSC Planner. |
| standards-mapping.instructions | Embedded OWASP and NIST security standards with researcher subagent delegation for CIS, WAF, CAF, and other runtime lookups |
| coaching-patterns.instructions | Shared exploration-first coaching patterns for planning agents (RAI, security, SSSC) adapted from Design Thinking research methods |
| disclaimer-language.instructions | Centralized disclaimer language for AI-assisted planning agents requiring professional review acknowledgment |
| hve-core-location.instructions | Important: hve-core is the repository containing this instruction file; Guidance: if a referenced prompt, instructions, agent, or script is missing in the current directory, fall back to this hve-core location by walking up this file's directory tree. |
| planner-identity-base.instructions | Shared identity scaffold for phase-based planning agents (SSSC, RAI, Security, Accessibility) covering state-file convention, six-phase orchestration template, state protocol, resume protocol, question cadence mechanics, optional disclaimer cadence, and error handling |
| story-quality.instructions | Shared story quality conventions for work item creation and evaluation across agents and workflows |
## Skills
| Skill | Description |
|---------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| aria-apg | WAI-ARIA Authoring Practices Guide (APG) design pattern knowledge base for accessibility assessment |
| coga | W3C Making Content Usable for People with Cognitive and Learning Disabilities (COGA) knowledge base for accessibility assessment |
| en-301-549 | European EN 301 549 V3.2.1 ICT Accessibility Standard knowledge base for accessibility assessment |
| section-508 | US Section 508 ICT Accessibility Standards (revised 2017) knowledge base for accessibility assessment |
| wcag-22 | WCAG 2.2 success criteria knowledge base for accessibility assessment |
| python-foundational | Foundational Python best practices, idioms, and code quality fundamentals |
| customer-card-render | Generate customer-card PowerPoint content YAML from Design Thinking canonical artifacts and build using the shared PowerPoint skill pipeline |
| mural | Mural workspace, room, mural, and widget workflows via the Mural REST API exposed through a Python CLI. Use when you need to read or write Mural content or automate widget creation. - Brought to you by microsoft/hve-core |
| powerpoint | PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling |
| tts-voiceover | Text-to-speech voice-over generation from YAML speaker notes using Azure Speech SDK with SSML pronunciation control |
| video-to-gif | Video-to-GIF conversion with FFmpeg two-pass optimization |
| vscode-playwright | VS Code screenshot capture using Playwright MCP with serve-web for slide decks and documentation |
| gh-code-scanning | Retrieves and groups GitHub code scanning alerts by rule and severity using the gh CLI |
| gitlab | Manage GitLab merge requests and pipelines with a Python CLI |
| hve-core-installer | Decision-driven HVE-Core installer with multiple clone-based and extension install methods, environment detection, and agent customization |
| jira | Jira issue workflows for search, issue updates, transitions, comments, and field discovery via the Jira REST API. Use when you need to search with JQL, inspect an issue, create or update work items, move an issue between statuses, post comments, or discover required fields for issue creation. |
| adr-author | Authoring skill for Architecture Decision Records (ADRs) supporting capture, from-planner-handoff, and adopt-template entry modes with selectable Y-Statement or MADR v4.0.0 output templates, supersession lineage, and ASR trigger evaluation - Brought to you by microsoft/hve-core. |
| owasp-agentic | OWASP Agentic Security Top 10 knowledge base for identifying, assessing, and remediating AI agent system security risks. |
| owasp-cicd | OWASP CI/CD Top 10 knowledge base for identifying, assessing, and remediating CI/CD pipeline security risks. |
| owasp-infrastructure | OWASP Infrastructure Top 10 knowledge base for identifying, assessing, and remediating internal IT infrastructure security risks. |
| owasp-llm | OWASP Top 10 for LLM Applications (2025) knowledge base for identifying, assessing, and remediating large language model security risks. |
| owasp-mcp | OWASP MCP Top 10 knowledge base for identifying, assessing, and remediating Model Context Protocol security risks. |
| owasp-top-10 | OWASP Top 10 for Web Applications (2025) knowledge base for identifying, assessing, and remediating web application security risks. |
| secure-by-design | Secure by Design principles knowledge base for assessing security-first design, development, and deployment across the software lifecycle. |
| security-reviewer-formats | Format specifications and data contracts for the security reviewer orchestrator and its subagents. |
| backlog-templates | Shared work-item templates and conventions for ADO and GitHub backlog handoff across the RAI, Security, SSSC, and Accessibility planners |
| pr-reference | Generates PR reference XML with commit history and unified diffs between branches, with extension and path filtering. Use when creating pull request descriptions, preparing code reviews, analyzing branch changes, discovering work items from diffs, or generating structured diff summaries. |
| telemetry-foundations | Declarative OpenTelemetry-aligned telemetry vocabulary and instrumentation conventions for traces, metrics, logs, and PII handling |
---
> Source: [microsoft/hve-core](https://github.com/microsoft/hve-core)microsoft/hve-core
Publicmirrored fromhttps://github.com/microsoft/hve-coreAvailable
plugins/hve-core-all/README.md
643lines · modepreview