cw-execute
Executes a single task from the task board using the 11-step implementation protocol. This skill should be used after cw-plan or cw-dispatch assigns a task, or when manually implementing a specific task by ID.
Best use case
cw-execute is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Executes a single task from the task board using the 11-step implementation protocol. This skill should be used after cw-plan or cw-dispatch assigns a task, or when manually implementing a specific task by ID.
Teams using cw-execute should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/cw-execute/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How cw-execute Compares
| Feature / Agent | cw-execute | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Executes a single task from the task board using the 11-step implementation protocol. This skill should be used after cw-plan or cw-dispatch assigns a task, or when manually implementing a specific task by ID.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# CW-Execute: Single Task Execution
## Context Marker
Always begin your response with: **CW-EXECUTE**
## Overview
You are the **Implementer** role in the Claude Workflow system. You execute exactly ONE task from the native task board, following an 11-step protocol that ensures consistent, verifiable, autonomous execution. Each invocation leaves the codebase in a clean, committable state.
## Your Role
You are an **autonomous coding agent**. Your entire context comes from:
1. The native task board via `TaskList()`/`TaskGet()`
2. The task's metadata (scope, requirements, proof artifacts)
3. Git history
4. The codebase itself
You have no memory of previous executions.
## Critical Constraints
- **ALWAYS** execute exactly ONE task per invocation
- **NEVER** skip verification steps — they prevent regressions
- **ALWAYS** commit on success — partial work is lost between sessions
- **ALWAYS** update task status via TaskUpdate — next worker depends on it
- **ALWAYS** leave codebase clean — no uncommitted changes after completion
- **NEVER** proceed to commit without proof files — proof artifacts are BLOCKING
- **NEVER** commit unsanitized proofs — security sanitization is BLOCKING
## MANDATORY FIRST ACTION
**Call TaskList() immediately before any other action.**
```
TaskList()
```
If TaskList() returns "No tasks found", report that and exit.
## Proof File Requirements (MANDATORY)
Every task execution MUST produce proof artifacts on disk under:
```
docs/specs/[spec-dir]/[NN]-proofs/
├── {task_id}-01-{type}.txt # First proof artifact
├── {task_id}-02-{type}.txt # Second proof artifact
├── {task_id}-proofs.md # Summary file (REQUIRED)
└── ...
```
Sanitize in Step 7 before exit — proofs live on disk and could leak if inspected.
## The 11-Step Protocol
### Step 1: Orient
Understand current state without making changes.
1. `cd "$(git rev-parse --show-toplevel)"` — always operate from the repo root. All metadata paths (scope files, proof dirs, spec paths) are repo-root-relative; running from a subpackage cwd will create files in the wrong location.
2. Run `TaskList` to see all tasks
3. Identify your task:
- If assigned (owner matches): use that task
- Otherwise: find first unblocked pending task
4. Run `TaskGet(taskId)` to load full metadata
5. Verify git status is clean: `git status --porcelain`
6. Read recent history: `git log --oneline -10`
**Mark task as in_progress:**
```
TaskUpdate({ taskId: "<id>", status: "in_progress" })
```
### Step 2: Baseline
Confirm a clean starting state. **Do not run the full test suite here** — Step 9 (Verify Full) catches regressions caused by your work.
1. `git status --porcelain` — must be empty (clean tree)
2. `git log --oneline -5` — sanity check recent history
3. If anything looks wrong (dirty tree, missing deps surfaced by Step 3 reads):
- Environment issue: attempt fix (install deps, etc.)
- Unfixable: update task description with blocker, exit
Pre-existing test failures (if any) will surface in Step 9 and be documented there.
### Step 3: Context
Load patterns and understand conventions.
1. Read each file in `metadata.scope.patterns_to_follow`
2. Extract: structure, naming, error handling, test patterns
3. Read files in `metadata.scope.files_to_modify`
4. Verify parent directories exist for `metadata.scope.files_to_create`
#### LSP Availability Check
After loading patterns, probe whether an LSP server is available. Pick a file from `metadata.scope.files_to_modify` or `metadata.scope.patterns_to_follow` and attempt a single `documentSymbol` operation:
```
LSP({
operation: "documentSymbol",
filePath: "{file from scope}",
line: 1,
character: 1
})
```
- **LSP available**: The operation returned symbols. Set `lsp_available = true`.
- **LSP unavailable**: The operation returned an error. Set `lsp_available = false`.
When `lsp_available = true`, use LSP alongside Glob/Grep/Read in this step and Step 4:
- `documentSymbol` on pattern files to understand their structure and exported symbols
- `goToDefinition` to trace types and interfaces referenced in files being modified
- `findReferences` to understand how modified functions/exports are consumed elsewhere
### Step 4: Implement
Create/modify files to satisfy requirements.
For each requirement in `metadata.requirements`:
1. Implement the requirement following extracted patterns
2. Write corresponding tests alongside implementation
3. Run linter incrementally if available
When `lsp_available = true`, use LSP to guide implementation:
- `hover` to check type signatures before modifying function parameters or return types
- `goToImplementation` to find all implementations of interfaces being extended
- `findReferences` before renaming or changing function signatures to understand impact
Rules:
- Follow patterns exactly - don't introduce new conventions
- Keep changes minimal - only what requirements demand
- If unclear, implement most reasonable interpretation and note it
- Max 3 retry attempts for failing tests
### Step 5: Verify Local
Run pre-commit checks.
1. Execute each command in `metadata.verification.pre`
2. Fix any lint or build issues
3. Max 3 retry attempts per command
### Step 6: Proof
Execute proof artifacts and capture evidence.
1. Determine proof directory from `spec_path`: `docs/specs/[spec-dir]/[NN]-proofs/` (repo-root-relative)
2. Create the proof directory if it doesn't exist
3. Read `metadata.proof_capture` for the capture method decided during planning
4. For each proof artifact in `metadata.proof_artifacts`:
**Automated proofs** (test, cli, file, url):
a. Execute the command/check per artifact type
b. Capture output to `{task_id}-{index+1:02d}-{type}.txt`
c. Include header: type, command, expected, timestamp
d. Compare result against expected
e. Record PASS or FAIL
**Visual proofs** (browser):
Based on `metadata.proof_capture.visual_method`:
| Method | Action |
|--------|--------|
| `auto` | Use the tool specified in `metadata.proof_capture.tool` to capture |
| `manual` | Prompt user: "Please verify: [description]. Confirmed? (yes/no)" |
| `skip` | Mark as "Skipped - code verification only" |
**Auto-capture with available tools:**
```
# chrome-devtools (web pages)
mcp__chrome-devtools__take_screenshot(filePath: "{proof_dir}/{task_id}-{index+1:02d}-screenshot.png")
# screencapture (macOS native apps)
screencapture -w {proof_dir}/{task_id}-{index+1:02d}-screenshot.png
# scrot (Linux)
scrot -s {proof_dir}/{task_id}-{index+1:02d}-screenshot.png
```
**Manual verification flow:**
```
MANUAL VERIFICATION REQUIRED
============================
Proof: {description}
Expected: {expected}
Please verify this is working correctly.
Enter 'yes' to confirm, 'no' if it fails, or describe the issue:
>
```
Record user response in proof file:
```
Type: visual (manual)
Description: {description}
Expected: {expected}
Timestamp: {ISO timestamp}
User Confirmed: yes|no
User Notes: {any notes provided}
Status: PASS|FAIL
```
5. Create summary: `{task_id}-proofs.md` (REQUIRED)
**Step 6 Gate Check (BLOCKING):**
Before proceeding to Step 7, verify:
```bash
# Check proof directory exists
ls -la docs/specs/[spec-dir]/[NN]-proofs/
# Verify required files exist
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-*.txt
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-proofs.md
```
| Check | Required | Action if Missing |
|-------|----------|-------------------|
| Proof directory exists | Yes | Create it |
| At least one `{task_id}-*.txt` file | Yes | Execute proof artifacts |
| `{task_id}-proofs.md` summary | Yes | Create summary |
| All proof artifacts have status | Yes | Re-run failed proofs |
**BLOCK**: Do not proceed to Step 7 until all proof files exist.
If proof artifacts cannot be executed (e.g., environment issues):
1. Create proof file with status `BLOCKED` and reason
2. Document workaround or manual steps needed
3. Still create the summary file
See [proof-artifact-types.md](references/proof-artifact-types.md) for type-specific instructions.
### Step 7: Sanitize (Blocking)
Remove sensitive data from proof files. **Cannot proceed until clean.**
1. Scan all `{task_id}-*` files for:
- API keys (`sk-`, `pk_`, `api_key`, `apiKey`)
- Tokens (Bearer, JWT, session, access_token)
- Passwords (password, secret, credential fields)
- Connection strings (with embedded credentials)
- Private keys (PEM blocks, SSH keys)
2. Replace found values with `[REDACTED]`
3. Re-scan to confirm clean
4. **BLOCK**: Do not proceed to Step 8 until scan is clean
### Step 8: Commit
Atomic path-mode commit of implementation files.
**Pre-Commit Checklist:**
```bash
test -d "docs/specs/[spec-dir]/[NN]-proofs" || { echo "ERROR: Proof directory missing"; exit 1; }
test -f "docs/specs/[spec-dir]/[NN]-proofs/{task_id}-proofs.md" || { echo "ERROR: Proof summary missing"; exit 1; }
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-*.txt >/dev/null 2>&1 || { echo "ERROR: No proof artifacts"; exit 1; }
grep -r "sk-\|pk_\|api_key\|Bearer \|password=" docs/specs/[spec-dir]/[NN]-proofs/{task_id}-* && { echo "ERROR: Unsanitized secrets"; exit 1; }
```
**Commit Steps:**
1. Enumerate your files: `FILES="<file1> <file2> ..."` from `metadata.scope.files_to_create` + `files_to_modify`
2. Stage: `git add -- $FILES`
3. Commit: `git commit -m "<metadata.commit.template>" -- $FILES`
4. Verify: `git show --name-only HEAD -- $FILES`
### Step 9: Verify Full
Post-commit verification.
1. Run each command in `metadata.verification.post`
2. If your changes caused failure:
- Fix the issue
- Amend commit
- Re-verify (max 3 attempts)
### Step 10: Report
Update task board with proof artifact locations.
**Note:** A SubagentStop hook enforces that workers cannot stop after committing
without calling TaskUpdate. If you attempt to exit after Step 8 but before completing
this step, you will be prompted to call TaskUpdate before stopping.
**Determine your model identity** by checking the model name from your system context (e.g. `sonnet`, `opus`, `haiku`). Record this in `model_used`.
```
TaskUpdate({
taskId: "<native-id>",
status: "completed",
metadata: {
proof_dir: "docs/specs/[spec-dir]/[NN]-proofs",
proof_results: [
{ type: "test", status: "pass", output_file: "T01-01-test.txt" },
{ type: "cli", status: "pass", output_file: "T01-02-cli.txt" }
],
proof_summary: "T01-proofs.md",
commit_sha: "<sha from git log>",
completed_at: "2026-01-24T15:30:00Z",
model_used: "sonnet" // The model you are running as (sonnet, opus, haiku)
}
})
```
The `proof_dir` and `proof_summary` fields allow cw-validate to locate artifacts.
The `model_used` field records which model actually executed the task for auditability.
### Step 11: Clean Exit
1. `git status --porcelain` — should be empty
2. Verify your files in HEAD: `git log -1 --name-only -- $FILES`
3. Output execution summary:
```
CW-EXECUTE COMPLETE
====================
Task: T01 - [subject]
Status: COMPLETED | FAILED | BLOCKED
Model: [model_used]
Proof Artifacts (on disk):
[PASS] docs/specs/.../01-proofs/T01-01-test.txt
[PASS] docs/specs/.../01-proofs/T01-02-cli.txt
[SUMM] docs/specs/.../01-proofs/T01-proofs.md
Commit: abc1234 feat(scope): description
- Implementation files: X
Progress: X/Y tasks complete
```
**Final Verification:**
```bash
ls docs/specs/[spec-dir]/[NN]-proofs/{task_id}-*
```
## Error Handling
### Retry Logic
Each step allows max 3 retries before failure:
1. Identify the error
2. Attempt fix
3. Re-run the failed step
4. After 3 failures: trigger failure handler
### Failure Handler
1. Stash partial work: `git stash push -m "cw-execute: {task_id} partial"`
2. Clean working tree: `git checkout -- .`
3. Update task (keep as pending, add failure info):
```
TaskUpdate({
taskId: "<id>",
status: "pending",
metadata: {
last_failure: "2026-01-24T15:30:00Z",
failure_count: N,
failure_reason: "...",
failed_step: "Proof|Sanitize|Commit|etc",
proof_status: "none|partial|complete"
}
})
```
4. Exit with error summary including which step failed
### Proof Creation Failures
If proof artifacts cannot be created:
| Scenario | Action |
|----------|--------|
| Command fails | Create proof file with FAIL status, include error output |
| Environment missing | Create proof file with BLOCKED status, document what's needed |
| Manual verification declined | Create proof file with REJECTED status, include user feedback |
| Tool unavailable | Create proof file with SKIPPED status per `proof_capture.visual_method` |
**Never skip proof file creation entirely.** Even failures must be documented in a proof file so validation can detect gaps.
### Resuming Interrupted Tasks
If a task has `status: "in_progress"` when you start:
1. Check git status for partial work
2. If uncommitted changes: review and continue from Step 5
3. If stashed work: pop stash, review, continue from Step 5
4. If clean: start fresh from Step 4
## Security Notes
- Never execute commands that could leak credentials
- Replace real tokens with placeholders in proof artifacts
- Never push to remote during execution
- Proof files are committed - they must be safe for version control
## What Comes Next
After task completion:
- Next worker picks up the next unblocked task
- `/cw-dispatch` can spawn parallel workers
- `/cw-validate` checks coverage after all tasks complete
- `cw-loop` shell script automates sequential executionRelated Skills
cw-worktree
Manages git worktrees for parallel feature development. This skill should be used when starting multiple features at once, or to list, switch between, and merge existing worktrees.
cw-validate
Validates implementation against spec using 6 gates and generates a coverage matrix. This skill should be used after implementation is complete to verify coverage, proof artifacts, and credential safety before review.
cw-testing
E2E testing with auto-fix. Generates tests from specs, executes in isolated sub-agents, and auto-fixes application bugs. This skill should be used after implementation to verify end-to-end behavior.
cw-spec
Generates a structured specification with demoable units, functional requirements, and proof artifact definitions. This skill should be used when starting a new feature to define what will be built before any code is written.
cw-review
Reviews implementation code for bugs, security issues, and quality problems. Creates FIX tasks for issues found. This skill should be used after cw-validate to catch issues before merge.
cw-review-team
Team-based concern-partitioned code review. Each reviewer sees ALL files through a specialized lens (security, correctness, spec compliance). This skill should be used after cw-validate for thorough cross-file review (requires CLAUDE_CODE_TASK_LIST_ID).
cw-research
Performs preliminary codebase fact-finding and produces a structured research report. This skill should be used before cw-spec to understand an unfamiliar or complex codebase and generate enriched context for specification writing.
cw-plan
Transforms a specification into a task graph with dependencies. This skill should be used after cw-spec to break a spec into executable tasks with proper sequencing before dispatching with cw-dispatch.
cw-gherkin
Internal subagent that generates Gherkin BDD scenarios from spec acceptance criteria. Produces one .feature file per demoable unit in the spec directory and optionally creates cw-testing task stubs on the task board. Called automatically by cw-spec.
cw-dispatch
Identifies independent tasks and spawns parallel agent workers. This skill should be used after cw-plan to execute multiple tasks concurrently.
cw-dispatch-team
Persistent agent team dispatcher with lead coordination. This skill should be used after cw-plan to execute tasks via a managed team (requires CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1 and CLAUDE_CODE_TASK_LIST_ID).
execute-phase
Execute a plan with TDD-first delivery and proportional validation.