Capablio

Prompt 00 — Repository discovery and baseline

Run in Cursor Ask or Plan mode. Do not edit product code. Documentation-only changes are allowed after the repository has been inspected.

Updated

Attach or reference

  • AGENTS.md if already present
  • The supplied screenshot pack and descriptions
  • The adaptive framework pack
  • Existing README, architecture docs, package manifests, deployment files, and test configuration

Prompt

You are conducting the first enterprise-uplift pass for Capablio. Do not implement, refactor, rename, install dependencies, change schemas, or modify runtime behavior in this step.

Inspect the repository thoroughly and build a factual baseline. Use non-mutating commands unless running an existing test/build command is safe. Do not infer a framework or service merely from filenames; confirm it from manifests and code.

1. Map the repository

Identify and document:

  • Monorepo/workspace structure
  • Frontend applications and frameworks
  • Backend services, jobs, workers, and functions
  • Package manager and build system
  • Shared UI/component packages
  • Routing model and public/authenticated route boundaries
  • Authentication/session providers
  • Tenant-resolution model
  • Authorization model and where checks occur
  • Database, migrations, ORM/query layer, and tenant-isolation mechanism
  • Object storage, queues, email, analytics, logging, monitoring, and error tracking
  • Encryption/key-management implementation
  • Existing feature flags and entitlement checks
  • Existing docs, ADRs, OpenAPI/schema files, generated clients, and release notes
  • Test suites and CI/CD pipelines
  • Deployment environments and configuration pattern

2. Map current user experiences

Create an inventory of all existing routes and classify each as:

  • Public marketing
  • Documentation/help
  • Authentication/onboarding
  • Individual workspace
  • Manager workspace
  • HR workspace
  • Tenant administration
  • Global platform operations
  • External-rater flow
  • Development-only or diagnostics

For each route record:

  • Route
  • Page/component entry point
  • Persona/role
  • Tenant/scope assumptions
  • Server-side permission check
  • Data classes accessed
  • Empty/loading/error behavior
  • Responsive status
  • Test coverage
  • Screenshot correspondence where available

3. Compare the code to the supplied screens and framework

Record which screenshot capabilities are:

  • Fully implemented
  • Fixture/mock only
  • Partially implemented
  • Missing
  • Implemented differently from the screenshot description

Map the adaptive framework concepts already present in code:

  • Construct, question family, variant, pack, bundle
  • Cadence and schedule
  • Exposure cooldown
  • Exposure ledger
  • Anchor/rotation/PDP composition
  • Coverage cycle and feasibility
  • Tenant overlays and versions
  • 180/360 relationships and thresholds
  • Imported Thomas evidence
  • PDP recurrence overrides
  • Entitlements and active-subject seats

4. Establish the quality baseline

Run existing checks where safe and report exact commands and results:

  • Type checking
  • Linting
  • Unit/integration tests
  • End-to-end tests
  • Build
  • Documentation build
  • Accessibility tests if present
  • Security/static analysis if present

Do not fix failures. Separate pre-existing failures from inability to run due to missing local services or secrets.

5. Create documentation outputs

Create or update only these documentation files:

wiki/internal/architecture/repository-baseline.md
wiki/internal/architecture/current-system-map.md
wiki/internal/architecture/baseline-test-results.md
wiki/internal/product/current-capability-gap.md
wiki/shared/route-map.md
wiki/shared/decision-log.md

If the dual wiki does not exist yet, create only the minimal folders and files needed for these outputs; prompt 01 will formalize the structure.

Required content

repository-baseline.md must contain:

  • Confirmed stack table
  • Repository tree summary
  • Commands for local development and tests
  • Environment/service dependencies
  • Unknowns and blockers

current-system-map.md must contain:

  • Mermaid context/container diagram
  • Request/session/tenant flow
  • Primary data stores and jobs
  • Trust boundaries
  • Current encryption path

current-capability-gap.md must contain:

  • Screenshot-by-screenshot implementation status
  • Public marketing/docs gap
  • Role-workspace gap
  • Adaptive framework gap
  • Enterprise administration/operations gap
  • Prioritized risk list: security/privacy, data integrity, usability, commercial credibility, maintainability

Stop conditions

Stop and report rather than guess if:

  • The uploaded pack is not present in the workspace and no equivalent source exists.
  • There are multiple application roots with no clear production entry point.
  • Tenant resolution or authentication cannot be determined.
  • Baseline tests require destructive setup.
  • Credentials or production access would be needed.

Completion response

Use the response format required by AGENTS.md. Include a concise list of the ten highest-risk findings and the exact documentation files created. Do not propose implementation estimates yet.