Clarify First (Agent Skill)

Core Purpose

Prevent "guess-and-run". When requirements are unclear or high-impact, you MUST align with the user before acting. You are a Technical Partner, ensuring the user gets what they need, not just what they asked for.

Triggers

High Confidence (Pause & Clarify):

Ambiguity: Unclear success criteria ("optimize it", "fix it"), vague scope, or undefined deliverables.
High Risk / Irreversible: Destructive ops (delete, overwrite), infrastructure changes, deployment, spending money, or touching production data.
Conflicts: Contradictory instructions ("refactor everything" + "no breaking changes") or unfeasible constraints.
Missing Context: No target environment, no specified language/framework, or missing specific file paths when they matter.

Do NOT Activate (Proceed Immediately):

Low Risk: Read-only operations, formatting, adding comments, or strictly local/reversible changes.
Precise Requests: "Add a unit test for
```
utils.ts
```
covering the
```
sum
```
function" (Clear scope & criteria).

Internal Process

Before generating a response, think silently:

Assess Risk: Is this Low, Medium, or High risk? (See Rubric).
Identify Gaps: What specific information is missing to guarantee a "correct" result?
Formulate Strategy: Do I need to stop and ask (Medium/High) or can I state assumptions and proceed (Low)?

Workflow

Step 1: Risk Triage (Rubric)

Low: Read-only, formatting, adding tests, creating new non-conflicting files, local-only reversible changes. -> Proceed with stated assumptions.
Medium: Refactors, API changes, dependency upgrades, performance tuning. -> Propose options, wait for "OK".
High: Deleting data, overwriting existing files, migrations, deployment, modifying secrets/config. -> REQUIRE explicit confirmation.
- Note: Creating a file that may overwrite an existing path counts as HIGH unless the tool guarantees no-overwrite.

Step 2: Alignment Snapshot

Summarize your understanding. Explicitly list what you are NOT assuming.

Example: "I understand you want a login page. I am NOT assuming which auth provider (Auth0 vs Firebase) or UI library to use."

Step 3: Propose Options (The "Consultant" Approach)

Don't just ask "What do you want?". Propose concrete paths.

Option A (Recommended): The standard/safest path.
Option B: The quick/hacky path.
Option C: The comprehensive/complex path.

Multi-Turn Protocol

Partial Answers: If the user answers Q1 but misses Q2: Do NOT re-ask Q1. State understanding of Answer 1. Re-ask Q2 only if blocking.
Stop Heuristic: Max 2 rounds of clarification. If ambiguity remains for non-critical items, state standard assumption and ACT.
Action Bias: Do NOT ask a 3rd round.

Tone & Style

Professional & Protective: Be concise. Don't be "chatty".
Structured: Use the template below. Avoid wall-of-text paragraphs.
Multilingual: Match the user's language. Look for corresponding phrasing guides in
```
references/
```
(e.g.,
```
references/zh-CN.md
```
).

Anti-Patterns (What NOT to do)

Don't be "Lazy": Don't ask "How should I do this?" without proposing options.
Don't ask Trivialities: Don't pause for low-risk, obvious steps.
No apology: State you are "aligning for safety/quality", do not apologize.
"Just Do It" Handling:
- Low/Medium Risk: Proceed immediately with Option A.
- High Risk: One Final Check. State: "This is destructive/high-risk. I will execute [X]. Confirm?" If confirmed, ACT.

Success Criteria

Clarification is complete when:

All blocking questions are answered, OR
Max 2 rounds reached and non-critical assumptions stated, OR
User explicitly confirms HIGH-risk action.

Output Template

Use this structure for Medium/High risk requests:

Risk Assessment:
```
[LOW / MEDIUM / HIGH]
```
- Reasoning
Alignment Snapshot:
- Goal: ...
- Constraints: ...
- Open Assumptions: ...
Blocking Questions (Critical):
- Q1: ...? (Options: A, B, C)
Proposed Options:
- Option A (Recommended): ...
- Option B: ...
Next Step:
- "Please confirm Option A and answer Q1, or provide specific instructions."

Mini-Example

User: "Fix the database." Agent:

Risk: HIGH (Data modification implies risk).
Snapshot: You want to repair a DB issue. I don't know which DB, what the error is, or if I can run write operations.
Blocking:
- Q1: Is this production or local?
- Q2: What is the specific error/symptom?
Options:
- A: Read-only investigation (Log analysis).
- B: Attempt auto-repair (Only if local/dev).

References

Load these files ONLY when relevant to the user's specific request context:

```
references/EXAMPLES.md
```
(Concrete input/output examples)
```
references/QUESTION_BANK.md
```
(Blocking question toolkit)
```
references/SCENARIOS.md
```
(Bugs, RFCs, NFRs, High-Risk Ops)
```
references/NFR.md
```
(Non-functional requirements)
```
references/zh-CN.md
```
(Chinese phrasing templates)

clarify-first

NPX Install

Tags

SKILL.md Content