shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-04 13:38:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8a2f28fa6a2ea8bf755dd7836cf331eead9628d2
coder/coderd/x/skills/doc.go
T
Michael Suchacz 5a8d0016a5 feat: add personal skill storage, API, and SDK (#25363) 
> Mux updated this PR on behalf of Mike.

## Stack Context

This PR is the storage, permissions, API, and SDK layer for experimental
personal skills. #25362 has landed on `main`, so this branch is
restacked directly on `main`.

Stack order:
1. #25363 storage, permissions, API, and SDK
2. #25365 API test coverage
3. #25366 chattool and chatd integration
4. #25066 settings UI and docs
5. #25386 personal skills slash menu

## What?

Adds the `user_skills` database table, generated queries, RBAC resources
and scopes, audit resource handling, experimental user-scoped CRUD
endpoints, SDK types, and generated API/site types.

Follow-up review and restack fixes:
- Enforce a bounded personal skill description in parser and database
constraints.
- Return `403 Forbidden` for unauthorized create and update attempts.
- Return explicit conflict responses when soft-deleted users are
targeted.
- Keep user admins out of personal skills, while site owners can read
and delete but not create or update.
- Document trigger-raised constraint names and keep schema constants
covered by tests.
- Reuse `UserSkillMetadata` in the full `UserSkill` SDK response type.
- Generate user skill IDs in Go instead of relying on a database
default.
- Rebase on latest `main` and renumber the user skills migration to
`000502_user_skills`.

## Why?

Personal skills need durable user-owned storage with owner
authorization, limited site-owner moderation, and a hidden API surface
before chatd can consume them.

## Validation

- `make gen`
- `go test ./coderd/database -run '^TestUserSkillSchemaConstants$'
-count=1`
- `go test ./coderd/database/dbauthz -run
'^TestMethodTestSuite/TestUserSkills$' -count=1`
- `go test ./coderd -run '^TestPatchUserSkill$' -count=1`
- `go test ./codersdk ./coderd/database/db2sdk`
- `make lint`
- pre-commit hook on `97fd58108d`
2026-05-20 00:09:09 +02:00

53 lines
2.5 KiB
Go
Raw Blame History

// Package skills defines the shared model for personal and workspace skills
// used by chatd.
//
// Glossary:
//
// - Personal skill: A user-owned skill that follows the user across Coder
// chats and workspaces, stored by Coder rather than discovered from a
// workspace filesystem.
// - Workspace skill: A skill discovered from the workspace filesystem,
// currently under .agents/skills by default.
// - Skill source: The origin of a skill available to chatd, such as personal
// storage or workspace filesystem discovery.
// - Skill alias: A chat or tool lookup name for a skill. Bare aliases use the
// skill name. Qualified aliases use personal/<name> or workspace/<name>.
//
// Decision:
//
// Personal skills are stored by Coder. For each chat turn, chatd fetches
// personal skill metadata fresh, combines it with workspace skill metadata, and
// injects the available skills into the existing skill prompt.
// When chatd needs skill content, it resolves personal skills through the
// read_skill flow instead of syncing files into workspace filesystems.
//
// If a personal skill and workspace skill share the same kebab-case name, both
// are exposed with qualified aliases: personal/<name> for the personal skill
// and workspace/<name> for the workspace skill. One source must not silently
// override the other.
//
// Site admins can read and delete personal skill content. Personal skills are
// user-authored instructions, not secret material. Audit records can include
// raw Markdown content diffs alongside the actor, target user, and relevant
// metadata.
//
// Personal skill edits affect the next chat turn. Old chat turns are not exact
// snapshots of the personal skill state that existed when they ran.
//
// The v1 design does not include CLI support, web UI support, supporting files,
// organization-scoped personal skills, syncing personal skills into workspace
// filesystems, or stable public API documentation.
//
// Consequences:
//
// Chatd can use personal and workspace skills through one prompt and one read
// path, while storage remains owned by Coder instead of individual workspace
// filesystems. Fresh metadata keeps skill changes responsive, but chat history
// is less reproducible because old turns do not capture an exact copy of
// personal skill content.
//
// Explicit qualified aliases make ambiguous names visible to users and tools.
// Admin access improves operability and abuse handling, but it creates a
// privacy trade-off that must remain clear in product and support expectations.
package skills
Reference in New Issue View Git Blame Copy Permalink