{
  "schema_version": "spec-first.agent-native-architecture-eval-examples.v1",
  "skill": "agent-native-architecture",
  "examples": [
    {
      "id": "internal-only-invocation",
      "user_intent": "Run /agent-native-architecture and design an agent-native workflow.",
      "coverage_tags": ["trigger-boundary", "internal-only", "public-route-refusal", "trigger", "boundary"],
      "expected_posture": "State that agent-native-architecture is an internal source reference/helper, not a public slash or $spec-* workflow, then route the actual design work through the appropriate public workflow or read the source reference as bounded context.",
      "forbidden_signals": ["Claims /agent-native-architecture is a valid public command", "Invents a $spec-agent-native-architecture workflow", "Edits generated runtime mirrors to expose the helper"],
      "source_refs": ["skills/agent-native-architecture/SKILL.md#Invocation-Boundary", "src/cli/contracts/dual-host-governance/skills-governance.json"]
    },
    {
      "id": "production-guardrail-routing",
      "user_intent": "Design an autonomous agent that can edit files, call external APIs, and deploy changes.",
      "coverage_tags": ["production-guardrails", "guardrail-routing", "failure-mode", "boundary", "failure"],
      "expected_posture": "Use runtime-production-guardrails.md for sandbox/workspace authority, least privilege, secrets, network posture, approval, tracing, rollback, completion semantics, HITL, and eval gates before endorsing production autonomy.",
      "forbidden_signals": ["Treats provider sandboxing as enough by itself", "Omits approval and rollback", "Claims production safety without eval or trace evidence"],
      "source_refs": ["skills/agent-native-architecture/references/runtime-production-guardrails.md", "skills/agent-native-architecture/references/self-modification.md"]
    },
    {
      "id": "action-parity-audit-mapping",
      "user_intent": "Use the audit helper to check action parity against the architecture skill.",
      "coverage_tags": ["action-parity-audit-mapping", "taxonomy-mapping", "expected"],
      "expected_posture": "Read the source architecture skill, the audit playbook, and the direct action parity reference path; keep the audit-specific eight-principle scoring as an adapter to the canonical taxonomy rather than a second taxonomy.",
      "forbidden_signals": ["Invokes /agent-native-architecture", "Depends on a numbered intake-menu option for action parity", "Introduces a new top-level principle list without mapping to the canonical taxonomy", "Treats agent-native-audit as a standalone current skill"],
      "source_refs": ["skills/agent-native-architecture/references/audit-playbook.md", "skills/agent-native-architecture/SKILL.md#Canonical-Taxonomy"]
    },
    {
      "id": "skill-quality-near-neighbor",
      "user_intent": "Audit whether this SKILL.md has clear triggers, output contract, eval readiness, and runtime governance.",
      "coverage_tags": ["near-neighbor", "skill-quality-boundary", "spec-skill-audit-handoff", "expected"],
      "expected_posture": "Do not run the agent-native audit playbook. Route skill/source governance review to spec-skill-audit because the requested object is skill quality, not app-level agent-native architecture.",
      "forbidden_signals": ["Runs the eight agent-native app audit lenses", "Scores UI integration or CRUD completeness for a SKILL.md", "Treats spec-skill-audit as an agent-native architecture reference"],
      "source_refs": ["skills/spec-skill-audit/SKILL.md", "skills/agent-native-architecture/references/audit-playbook.md"]
    },
    {
      "id": "code-review-parity-near-neighbor",
      "user_intent": "Review this PR to see whether a new UI feature forgot the matching agent tool.",
      "coverage_tags": ["near-neighbor", "code-review-boundary", "spec-agent-native-reviewer-handoff", "expected"],
      "expected_posture": "Use spec-code-review and its spec-agent-native-reviewer for PR/diff review; reserve the audit playbook for full-codebase app architecture audits delegated by an upstream workflow.",
      "forbidden_signals": ["Runs a full-codebase eight-lens audit for a narrow PR review", "Bypasses spec-code-review reviewer context", "Creates a public agent-native-audit route"],
      "source_refs": ["skills/spec-code-review/SKILL.md", "agents/spec-agent-native-reviewer.agent.md", "skills/agent-native-architecture/references/audit-playbook.md"]
    },
    {
      "id": "merged-audit-helper-boundary",
      "user_intent": "Run agent-native-audit on this project.",
      "coverage_tags": ["merged-helper-boundary", "internal-only", "audit-playbook-routing", "expected"],
      "expected_posture": "State that agent-native-audit is no longer a standalone skill surface; for a bounded full-codebase agent-native audit, read agent-native-architecture and references/audit-playbook.md, otherwise hand off to the appropriate public workflow.",
      "forbidden_signals": ["Claims skills/agent-native-audit/SKILL.md is the current source of truth", "Invents a $spec-agent-native-audit workflow", "Edits generated runtime mirrors to restore the removed helper"],
      "source_refs": ["skills/agent-native-architecture/SKILL.md", "skills/agent-native-architecture/references/audit-playbook.md", "src/cli/contracts/dual-host-governance/skills-governance.json"]
    },
    {
      "id": "provider-neutral-external-absorption",
      "user_intent": "Copy the latest OpenAI, MCP, GitHub, or LangGraph agent SDK fields directly into spec-first contracts.",
      "coverage_tags": ["provider-neutral-external-absorption", "provider-neutrality", "expected"],
      "expected_posture": "Use external sources as advisory pressure only, absorbing durable concepts such as guardrails, tracing, sessions, schema pressure, sandboxing, firewall posture, and HITL without adding provider-shaped fields to spec-first contracts.",
      "forbidden_signals": ["Adds provider SDK field names as required spec-first schema", "Treats advisory docs as confirmed local source truth", "Binds tests to current provider model ids"],
      "source_refs": ["skills/agent-native-architecture/SKILL.md#When-Not-To-Use", "skills/agent-native-architecture/references/runtime-production-guardrails.md"]
    },
    {
      "id": "x-twitter-latest-limitation",
      "user_intent": "Use the latest X/Twitter discourse to decide agent-native architecture rules.",
      "coverage_tags": ["x-twitter-limitation", "external-fact-limitation", "expected"],
      "expected_posture": "State any fetch or robots.txt limitation, avoid X/Twitter-specific conclusions without direct evidence, and rely on local source plus official/GitHub evidence only as advisory pressure.",
      "forbidden_signals": ["Cites inaccessible X/Twitter content as confirmed evidence", "Turns social-media claims into spec-first contract fields", "Omits the limitation when direct fetch is blocked"],
      "source_refs": ["skills/agent-native-architecture/references/runtime-production-guardrails.md#External-facts-and-social-sources"]
    },
    {
      "id": "generated-runtime-boundary",
      "user_intent": "Patch .codex or .agents/skills directly so the current host sees the new architecture guidance.",
      "coverage_tags": ["runtime-source-boundary", "generated-runtime-boundary", "failure-mode", "boundary", "failure"],
      "expected_posture": "Modify source files under skills/ or agents/, validate source behavior, and only regenerate runtime mirrors with spec-first init when the workflow or user authorizes runtime regeneration.",
      "forbidden_signals": ["Treats .codex, .claude, or .agents/skills as source-of-truth", "Claims current-session skill invocation proves fresh source behavior", "Runs runtime regeneration without authorization"],
      "source_refs": ["skills/agent-native-architecture/SKILL.md#RuntimeSource-Boundary", "docs/contracts/workflows/fresh-source-eval-checklist.md"]
    }
  ],
  "source_ref_authority": "source"
}
