cw-execute

Executes a single task from the task board using the 11-step implementation protocol. This skill should be used after cw-plan or cw-dispatch assigns a task, or when manually implementing a specific task by ID.

9 stars

Best use case

cw-execute is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Executes a single task from the task board using the 11-step implementation protocol. This skill should be used after cw-plan or cw-dispatch assigns a task, or when manually implementing a specific task by ID.

Teams using cw-execute should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/cw-execute/SKILL.md --create-dirs "https://raw.githubusercontent.com/sighup/claude-workflow/main/skills/cw-execute/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/cw-execute/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How cw-execute Compares

Feature / Agentcw-executeStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Executes a single task from the task board using the 11-step implementation protocol. This skill should be used after cw-plan or cw-dispatch assigns a task, or when manually implementing a specific task by ID.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# CW-Execute: Single Task Execution

## Context Marker

Always begin your response with: **CW-EXECUTE**

## Overview

You are the **Implementer** role in the Claude Workflow system. You execute exactly ONE task from the native task board, following an 11-step protocol that ensures consistent, verifiable, autonomous execution. Each invocation leaves the codebase in a clean, committable state.

## Your Role

You are an **autonomous coding agent**. Your entire context comes from:
1. The native task board via `TaskList()`/`TaskGet()`
2. The task's metadata (scope, requirements, proof artifacts)
3. Git history
4. The codebase itself

You have no memory of previous executions.

## Critical Constraints

- **ALWAYS** execute exactly ONE task per invocation
- **NEVER** skip verification steps — they prevent regressions
- **ALWAYS** commit on success — partial work is lost between sessions
- **ALWAYS** update task status via TaskUpdate — next worker depends on it
- **ALWAYS** leave codebase clean — no uncommitted changes after completion
- **NEVER** proceed to commit without proof files — proof artifacts are BLOCKING
- **NEVER** commit unsanitized proofs — security sanitization is BLOCKING

## MANDATORY FIRST ACTION

**Call TaskList() immediately before any other action.**

```
TaskList()
```

If TaskList() returns "No tasks found", report that and exit.

## Proof File Requirements (MANDATORY)

Every task execution MUST produce proof artifacts on disk under:

```
docs/specs/[spec-dir]/[NN]-proofs/
├── {task_id}-01-{type}.txt    # First proof artifact
├── {task_id}-02-{type}.txt    # Second proof artifact
├── {task_id}-proofs.md        # Summary file (REQUIRED)
└── ...
```

Sanitize in Step 7 before exit — proofs live on disk and could leak if inspected.

## The 11-Step Protocol

### Step 1: Orient

Understand current state without making changes.

1. `cd "$(git rev-parse --show-toplevel)"` — always operate from the repo root. All metadata paths (scope files, proof dirs, spec paths) are repo-root-relative; running from a subpackage cwd will create files in the wrong location.
2. Run `TaskList` to see all tasks
3. Identify your task:
   - If assigned (owner matches): use that task
   - Otherwise: find first unblocked pending task
4. Run `TaskGet(taskId)` to load full metadata
5. Verify git status is clean: `git status --porcelain`
6. Read recent history: `git log --oneline -10`

**Mark task as in_progress:**
```
TaskUpdate({ taskId: "<id>", status: "in_progress" })
```

### Step 2: Baseline

Confirm a clean starting state. **Do not run the full test suite here** — Step 9 (Verify Full) catches regressions caused by your work. 

1. `git status --porcelain` — must be empty (clean tree)
2. `git log --oneline -5` — sanity check recent history
3. If anything looks wrong (dirty tree, missing deps surfaced by Step 3 reads):
   - Environment issue: attempt fix (install deps, etc.)
   - Unfixable: update task description with blocker, exit

Pre-existing test failures (if any) will surface in Step 9 and be documented there.

### Step 3: Context

Load patterns and understand conventions.

1. Read each file in `metadata.scope.patterns_to_follow`
2. Extract: structure, naming, error handling, test patterns
3. Read files in `metadata.scope.files_to_modify`
4. Verify parent directories exist for `metadata.scope.files_to_create`

#### LSP Availability Check

After loading patterns, probe whether an LSP server is available. Pick a file from `metadata.scope.files_to_modify` or `metadata.scope.patterns_to_follow` and attempt a single `documentSymbol` operation:

```
LSP({
  operation: "documentSymbol",
  filePath: "{file from scope}",
  line: 1,
  character: 1
})
```

- **LSP available**: The operation returned symbols. Set `lsp_available = true`.
- **LSP unavailable**: The operation returned an error. Set `lsp_available = false`.

When `lsp_available = true`, use LSP alongside Glob/Grep/Read in this step and Step 4:
- `documentSymbol` on pattern files to understand their structure and exported symbols
- `goToDefinition` to trace types and interfaces referenced in files being modified
- `findReferences` to understand how modified functions/exports are consumed elsewhere

### Step 4: Implement

Create/modify files to satisfy requirements.

For each requirement in `metadata.requirements`:
1. Implement the requirement following extracted patterns
2. Write corresponding tests alongside implementation
3. Run linter incrementally if available

When `lsp_available = true`, use LSP to guide implementation:
- `hover` to check type signatures before modifying function parameters or return types
- `goToImplementation` to find all implementations of interfaces being extended
- `findReferences` before renaming or changing function signatures to understand impact

Rules:
- Follow patterns exactly - don't introduce new conventions
- Keep changes minimal - only what requirements demand
- If unclear, implement most reasonable interpretation and note it
- Max 3 retry attempts for failing tests

### Step 5: Verify Local

Run pre-commit checks.

1. Execute each command in `metadata.verification.pre`
2. Fix any lint or build issues
3. Max 3 retry attempts per command

### Step 6: Proof

Execute proof artifacts and capture evidence.

1. Determine proof directory from `spec_path`: `docs/specs/[spec-dir]/[NN]-proofs/` (repo-root-relative)
2. Create the proof directory if it doesn't exist
3. Read `metadata.proof_capture` for the capture method decided during planning
4. For each proof artifact in `metadata.proof_artifacts`:

**Automated proofs** (test, cli, file, url):
   a. Execute the command/check per artifact type
   b. Capture output to `{task_id}-{index+1:02d}-{type}.txt`
   c. Include header: type, command, expected, timestamp
   d. Compare result against expected
   e. Record PASS or FAIL

**Visual proofs** (browser):

Based on `metadata.proof_capture.visual_method`:

| Method | Action |
|--------|--------|
| `auto` | Use the tool specified in `metadata.proof_capture.tool` to capture |
| `manual` | Prompt user: "Please verify: [description]. Confirmed? (yes/no)" |
| `skip` | Mark as "Skipped - code verification only" |

**Auto-capture with available tools:**

```
# chrome-devtools (web pages)
mcp__chrome-devtools__take_screenshot(filePath: "{proof_dir}/{task_id}-{index+1:02d}-screenshot.png")

# screencapture (macOS native apps)
screencapture -w {proof_dir}/{task_id}-{index+1:02d}-screenshot.png

# scrot (Linux)
scrot -s {proof_dir}/{task_id}-{index+1:02d}-screenshot.png
```

**Manual verification flow:**

```
MANUAL VERIFICATION REQUIRED
============================
Proof: {description}
Expected: {expected}

Please verify this is working correctly.
Enter 'yes' to confirm, 'no' if it fails, or describe the issue:
>
```

Record user response in proof file:
```
Type: visual (manual)
Description: {description}
Expected: {expected}
Timestamp: {ISO timestamp}
User Confirmed: yes|no
User Notes: {any notes provided}
Status: PASS|FAIL
```

5. Create summary: `{task_id}-proofs.md` (REQUIRED)

**Step 6 Gate Check (BLOCKING):**

Before proceeding to Step 7, verify:

```bash
# Check proof directory exists
ls -la docs/specs/[spec-dir]/[NN]-proofs/

# Verify required files exist
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-*.txt
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-proofs.md
```

| Check | Required | Action if Missing |
|-------|----------|-------------------|
| Proof directory exists | Yes | Create it |
| At least one `{task_id}-*.txt` file | Yes | Execute proof artifacts |
| `{task_id}-proofs.md` summary | Yes | Create summary |
| All proof artifacts have status | Yes | Re-run failed proofs |

**BLOCK**: Do not proceed to Step 7 until all proof files exist.

If proof artifacts cannot be executed (e.g., environment issues):
1. Create proof file with status `BLOCKED` and reason
2. Document workaround or manual steps needed
3. Still create the summary file

See [proof-artifact-types.md](references/proof-artifact-types.md) for type-specific instructions.

### Step 7: Sanitize (Blocking)

Remove sensitive data from proof files. **Cannot proceed until clean.**

1. Scan all `{task_id}-*` files for:
   - API keys (`sk-`, `pk_`, `api_key`, `apiKey`)
   - Tokens (Bearer, JWT, session, access_token)
   - Passwords (password, secret, credential fields)
   - Connection strings (with embedded credentials)
   - Private keys (PEM blocks, SSH keys)
2. Replace found values with `[REDACTED]`
3. Re-scan to confirm clean
4. **BLOCK**: Do not proceed to Step 8 until scan is clean

### Step 8: Commit

Atomic path-mode commit of implementation files.

**Pre-Commit Checklist:**

```bash
test -d "docs/specs/[spec-dir]/[NN]-proofs" || { echo "ERROR: Proof directory missing"; exit 1; }
test -f "docs/specs/[spec-dir]/[NN]-proofs/{task_id}-proofs.md" || { echo "ERROR: Proof summary missing"; exit 1; }
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-*.txt >/dev/null 2>&1 || { echo "ERROR: No proof artifacts"; exit 1; }
grep -r "sk-\|pk_\|api_key\|Bearer \|password=" docs/specs/[spec-dir]/[NN]-proofs/{task_id}-* && { echo "ERROR: Unsanitized secrets"; exit 1; }
```

**Commit Steps:**

1. Enumerate your files: `FILES="<file1> <file2> ..."` from `metadata.scope.files_to_create` + `files_to_modify`
2. Stage: `git add -- $FILES`
3. Commit: `git commit -m "<metadata.commit.template>" -- $FILES`
4. Verify: `git show --name-only HEAD -- $FILES`

### Step 9: Verify Full

Post-commit verification.

1. Run each command in `metadata.verification.post`
2. If your changes caused failure:
   - Fix the issue
   - Amend commit
   - Re-verify (max 3 attempts)

### Step 10: Report

Update task board with proof artifact locations.

**Note:** A SubagentStop hook enforces that workers cannot stop after committing
without calling TaskUpdate. If you attempt to exit after Step 8 but before completing
this step, you will be prompted to call TaskUpdate before stopping.

**Determine your model identity** by checking the model name from your system context (e.g. `sonnet`, `opus`, `haiku`). Record this in `model_used`.

```
TaskUpdate({
  taskId: "<native-id>",
  status: "completed",
  metadata: {
    proof_dir: "docs/specs/[spec-dir]/[NN]-proofs",
    proof_results: [
      { type: "test", status: "pass", output_file: "T01-01-test.txt" },
      { type: "cli", status: "pass", output_file: "T01-02-cli.txt" }
    ],
    proof_summary: "T01-proofs.md",
    commit_sha: "<sha from git log>",
    completed_at: "2026-01-24T15:30:00Z",
    model_used: "sonnet"  // The model you are running as (sonnet, opus, haiku)
  }
})
```

The `proof_dir` and `proof_summary` fields allow cw-validate to locate artifacts.
The `model_used` field records which model actually executed the task for auditability.

### Step 11: Clean Exit

1. `git status --porcelain` — should be empty
2. Verify your files in HEAD: `git log -1 --name-only -- $FILES`
3. Output execution summary:

```
CW-EXECUTE COMPLETE
====================
Task: T01 - [subject]
Status: COMPLETED | FAILED | BLOCKED
Model: [model_used]

Proof Artifacts (on disk):
  [PASS] docs/specs/.../01-proofs/T01-01-test.txt
  [PASS] docs/specs/.../01-proofs/T01-02-cli.txt
  [SUMM] docs/specs/.../01-proofs/T01-proofs.md

Commit: abc1234 feat(scope): description
  - Implementation files: X

Progress: X/Y tasks complete
```

**Final Verification:**
```bash
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-*
```

## Error Handling

### Retry Logic

Each step allows max 3 retries before failure:

1. Identify the error
2. Attempt fix
3. Re-run the failed step
4. After 3 failures: trigger failure handler

### Failure Handler

1. Stash partial work: `git stash push -m "cw-execute: {task_id} partial"`
2. Clean working tree: `git checkout -- .`
3. Update task (keep as pending, add failure info):
   ```
   TaskUpdate({
     taskId: "<id>",
     status: "pending",
     metadata: {
       last_failure: "2026-01-24T15:30:00Z",
       failure_count: N,
       failure_reason: "...",
       failed_step: "Proof|Sanitize|Commit|etc",
       proof_status: "none|partial|complete"
     }
   })
   ```
4. Exit with error summary including which step failed

### Proof Creation Failures

If proof artifacts cannot be created:

| Scenario | Action |
|----------|--------|
| Command fails | Create proof file with FAIL status, include error output |
| Environment missing | Create proof file with BLOCKED status, document what's needed |
| Manual verification declined | Create proof file with REJECTED status, include user feedback |
| Tool unavailable | Create proof file with SKIPPED status per `proof_capture.visual_method` |

**Never skip proof file creation entirely.** Even failures must be documented in a proof file so validation can detect gaps.

### Resuming Interrupted Tasks

If a task has `status: "in_progress"` when you start:

1. Check git status for partial work
2. If uncommitted changes: review and continue from Step 5
3. If stashed work: pop stash, review, continue from Step 5
4. If clean: start fresh from Step 4

## Security Notes

- Never execute commands that could leak credentials
- Replace real tokens with placeholders in proof artifacts
- Never push to remote during execution
- Proof files are committed - they must be safe for version control

## What Comes Next

After task completion:
- Next worker picks up the next unblocked task
- `/cw-dispatch` can spawn parallel workers
- `/cw-validate` checks coverage after all tasks complete
- `cw-loop` shell script automates sequential execution

Related Skills

cw-worktree

9
from sighup/claude-workflow

Manages git worktrees for parallel feature development. This skill should be used when starting multiple features at once, or to list, switch between, and merge existing worktrees.

cw-validate

9
from sighup/claude-workflow

Validates implementation against spec using 6 gates and generates a coverage matrix. This skill should be used after implementation is complete to verify coverage, proof artifacts, and credential safety before review.

cw-testing

9
from sighup/claude-workflow

E2E testing with auto-fix. Generates tests from specs, executes in isolated sub-agents, and auto-fixes application bugs. This skill should be used after implementation to verify end-to-end behavior.

cw-spec

9
from sighup/claude-workflow

Generates a structured specification with demoable units, functional requirements, and proof artifact definitions. This skill should be used when starting a new feature to define what will be built before any code is written.

cw-review

9
from sighup/claude-workflow

Reviews implementation code for bugs, security issues, and quality problems. Creates FIX tasks for issues found. This skill should be used after cw-validate to catch issues before merge.

cw-review-team

9
from sighup/claude-workflow

Team-based concern-partitioned code review. Each reviewer sees ALL files through a specialized lens (security, correctness, spec compliance). This skill should be used after cw-validate for thorough cross-file review (requires CLAUDE_CODE_TASK_LIST_ID).

cw-research

9
from sighup/claude-workflow

Performs preliminary codebase fact-finding and produces a structured research report. This skill should be used before cw-spec to understand an unfamiliar or complex codebase and generate enriched context for specification writing.

cw-plan

9
from sighup/claude-workflow

Transforms a specification into a task graph with dependencies. This skill should be used after cw-spec to break a spec into executable tasks with proper sequencing before dispatching with cw-dispatch.

cw-gherkin

9
from sighup/claude-workflow

Internal subagent that generates Gherkin BDD scenarios from spec acceptance criteria. Produces one .feature file per demoable unit in the spec directory and optionally creates cw-testing task stubs on the task board. Called automatically by cw-spec.

cw-dispatch

9
from sighup/claude-workflow

Identifies independent tasks and spawns parallel agent workers. This skill should be used after cw-plan to execute multiple tasks concurrently.

cw-dispatch-team

9
from sighup/claude-workflow

Persistent agent team dispatcher with lead coordination. This skill should be used after cw-plan to execute tasks via a managed team (requires CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1 and CLAUDE_CODE_TASK_LIST_ID).

execute-phase

9
from mlucascosta/ia_boilerplate

Execute a plan with TDD-first delivery and proportional validation.