Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions crates/runx-cli/src/official_skills.rs
Original file line number Diff line number Diff line change
Expand Up @@ -225,6 +225,11 @@ pub(crate) const OFFICIAL_SKILLS: &[OfficialSkillLockEntry] = &[
version: "sha-2555f66bde78",
digest: "991ec474c6013ce9d29d84df810c14db567328607018c4de9606ba3952d8b9c7",
},
OfficialSkillLockEntry {
skill_id: "runx/prospect-sequence",
version: "sha-600560c04285",
digest: "0569de06069526ada7ce1bb23d5979348696f0e77b6c602ec506850626c19a14",
},
OfficialSkillLockEntry {
skill_id: "runx/receipt-auditor",
version: "sha-acbe46a62851",
Expand Down
7 changes: 7 additions & 0 deletions packages/cli/src/official-skills.lock.json
Original file line number Diff line number Diff line change
Expand Up @@ -300,6 +300,13 @@
"catalog_visibility": "public",
"catalog_role": "context"
},
{
"skill_id": "runx/prospect-sequence",
"version": "sha-600560c04285",
"digest": "0569de06069526ada7ce1bb23d5979348696f0e77b6c602ec506850626c19a14",
"catalog_visibility": "public",
"catalog_role": "canonical"
},
{
"skill_id": "runx/receipt-auditor",
"version": "sha-acbe46a62851",
Expand Down
41 changes: 41 additions & 0 deletions skills/prospect-sequence/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# prospect-sequence

Native runx skill for sourced outbound sequence drafting. It accepts a prospect,
ICP, and allowlisted public source snippets, then emits a cited four-touch
sequence plus a gated `send_proposal`. It never sends messages or mutates an
external system.

## Local Harness

```bash
runx harness ./skills/prospect-sequence --json
```

Harness cases:

- `public-sources-yield-sourced-sequence`
- `private-or-missing-sources-refuse`

## Run

```bash
runx skill ./skills/prospect-sequence \
--input-json prospect='{"company":"Northwind Software","contact":"Head of Platform"}' \
--input-json icp='{"product":"Runx governed agent workflows","audience":"platform and security operators","pain_points":["manual release evidence review"],"value_props":["produce sealed evidence packets before operational changes"]}' \
--input-json source_allowlist='{"allowed_hosts":["example.com"],"sources":[{"url":"https://example.com/northwind-release-notes","title":"Northwind release notes","text":"Northwind Software described manual release evidence review in its public release notes."}]}' \
--json
```

## Publish

```bash
runx login --provider github --for publish
runx registry publish ./skills/prospect-sequence --registry https://api.runx.ai --json
```

Published package:

```bash
runx add zdfgu113/prospect-sequence@sha-b4a3b8668802 --registry https://api.runx.ai
runx skill zdfgu113/prospect-sequence@sha-b4a3b8668802 --registry https://api.runx.ai
```
92 changes: 92 additions & 0 deletions skills/prospect-sequence/SKILL.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
---
name: prospect-sequence
version: 0.1.0
description: Research a prospect from allowlisted public sources, synthesize a cited outreach angle, draft a multi-touch sequence, and emit only a gated send proposal.
source:
type: cli-tool
command: node
args:
- run.mjs
links:
source: https://github.com/zdfgu113/runx/tree/codex/prospect-sequence/skills/prospect-sequence
runx:
category: growth
input_resolution:
required:
- prospect
- icp
- source_allowlist
---

# Prospect Sequence

Research a prospect from allowlisted public source snippets, synthesize a cited
account angle, draft a four-touch outreach sequence, and emit a gated
`send_proposal` for the `send-as` catalog skill. The skill never sends a
message, signs an external request, mutates a CRM, scrapes private networks, or
uses non-allowlisted sources.

## When to use this skill

Use it when an operator needs a checkable, source-backed outreach draft before a
human or governed send skill decides whether anything should be sent. The output
keeps every account-specific claim tied to a supplied public source URL.

## When not to use this skill

Do not use it for scraping, private-network targets, off-allowlist URLs,
unsourced account claims, spam sending, or bypassing consent and operator
approval. If no allowlisted public source is present, the skill refuses and emits
no send proposal.

## Procedure

1. Require typed inputs `prospect`, `icp`, and `source_allowlist`.
2. Accept only `http` or `https` source URLs whose host appears in
`source_allowlist.allowed_hosts` when that list is supplied.
3. Refuse loopback, RFC1918, `.local`, non-HTTP, missing-text, or
off-allowlist sources before using any account fact.
4. Extract account facts only from the accepted public source snippets.
5. Synthesize one outreach angle that cites the source URL used for the claim.
6. Draft a four-touch sequence that stays scoped to the cited public evidence.
7. Emit `send_proposal` only as a gated proposed Effect for `send-as`; the
proposal records that this skill performs no send.
8. Refuse with `no_allowlisted_public_sources` when the source evidence is too
thin or blocked by the SSRF guard.

## Output

The runner emits `runx.prospect_sequence.v1` with:

- `summary`: short decision summary.
- `research`: `{ sources[], angle }`, with source URLs and extracted facts.
- `sequence`: ordered outreach touches.
- `send_proposal`: gated proposal for `send-as`, or `null` on refusal.
- `refusal`: refusal reason and blocked source details when applicable.

## Example

```bash
runx skill ./skills/prospect-sequence \
--input-json prospect='{"company":"Northwind Software","contact":"Head of Platform"}' \
--input-json icp='{"product":"Runx governed agent workflows","audience":"platform and security operators","pain_points":["manual release evidence review"],"value_props":["produce sealed evidence packets before operational changes"]}' \
--input-json source_allowlist='{"allowed_hosts":["example.com"],"sources":[{"url":"https://example.com/northwind-release-notes","title":"Northwind release notes","text":"Northwind Software described manual release evidence review in its public release notes."}]}' \
--json
```

## Inputs

- `prospect` (required): object with `company` and optional `contact` or `role`.
- `icp` (required): object with `product`, `audience`, `pain_points`, and
`value_props`.
- `source_allowlist` (required): object with `allowed_hosts` and `sources[]`.
Each source must include `url`, `title`, and public source `text`.

## Safety Notes

- The runner is deterministic over supplied source snippets; a consuming product
can hydrate those snippets through its governed HTTP front.
- The SSRF guard rejects private, loopback, local, off-allowlist, or non-HTTP
targets.
- The `send_proposal` is not a send. It is a gated effect proposal that a
separate `send-as` skill must review and execute only with policy approval.
101 changes: 101 additions & 0 deletions skills/prospect-sequence/X.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
skill: prospect-sequence
version: "0.1.0"

catalog:
kind: skill
audience: public
visibility: public
role: canonical

harness:
cases:
- name: public-sources-yield-sourced-sequence
runner: decide
inputs:
prospect:
company: Northwind Software
contact: Head of Platform
icp:
product: Runx governed agent workflows
audience: platform and security operators
pain_points:
- manual release evidence review
- supply-chain approval drift
value_props:
- produce sealed evidence packets before operational changes
- keep human approval gates before sending or mutating state
source_allowlist:
allowed_hosts:
- example.com
sources:
- url: https://example.com/northwind-release-notes
title: Northwind release notes
text: Northwind Software described manual release evidence review and supply-chain approval drift in its public release notes.
- url: https://example.com/northwind-security
title: Northwind security page
text: Northwind Software says platform and security operators review changes before production release.
expect:
status: sealed
receipt:
schema: runx.receipt.v1
state: sealed
disposition: closed
reason_code: process_closed

- name: private-or-missing-sources-refuse
runner: decide
inputs:
prospect:
company: Northwind Software
contact: Head of Platform
icp:
product: Runx governed agent workflows
audience: platform operators
pain_points:
- manual release evidence review
value_props:
- produce sealed evidence packets
source_allowlist:
allowed_hosts:
- example.com
sources:
- url: http://127.0.0.1/internal-account-notes
title: Internal account notes
text: Private CRM note that must not be used.
expect:
status: failure
receipt:
schema: runx.receipt.v1
state: sealed
disposition: failed
reason_code: process_failed

runners:
decide:
default: true
type: cli-tool
command: node
args:
- run.mjs
outputs:
summary: string
research: json
sequence: json
send_proposal: json
refusal: json
artifacts:
wrap_as: prospect_sequence_decision
packet: runx.prospect_sequence.v1
inputs:
prospect:
type: json
required: true
description: Prospect account and optional contact or role.
icp:
type: json
required: true
description: Product, audience, pain points, and value propositions used to shape the angle.
source_allowlist:
type: json
required: true
description: Allowed public hosts and source snippets hydrated through the governed HTTP front.
35 changes: 35 additions & 0 deletions skills/prospect-sequence/fixtures/dogfood-input.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
{
"prospect": {
"company": "Northwind Software",
"contact": "Head of Platform"
},
"icp": {
"product": "Runx governed agent workflows",
"audience": "platform and security operators",
"pain_points": [
"manual release evidence review",
"supply-chain approval drift"
],
"value_props": [
"produce sealed evidence packets before operational changes",
"keep human approval gates before sending or mutating state"
]
},
"source_allowlist": {
"allowed_hosts": [
"example.com"
],
"sources": [
{
"url": "https://example.com/northwind-release-notes",
"title": "Northwind release notes",
"text": "Northwind Software described manual release evidence review and supply-chain approval drift in its public release notes."
},
{
"url": "https://example.com/northwind-security",
"title": "Northwind security page",
"text": "Northwind Software says platform and security operators review changes before production release."
}
]
}
}
28 changes: 28 additions & 0 deletions skills/prospect-sequence/fixtures/private-target-input.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"prospect": {
"company": "Northwind Software",
"contact": "Head of Platform"
},
"icp": {
"product": "Runx governed agent workflows",
"audience": "platform operators",
"pain_points": [
"manual release evidence review"
],
"value_props": [
"produce sealed evidence packets"
]
},
"source_allowlist": {
"allowed_hosts": [
"example.com"
],
"sources": [
{
"url": "http://127.0.0.1/internal-account-notes",
"title": "Internal account notes",
"text": "Private CRM note that must not be used."
}
]
}
}
1 change: 1 addition & 0 deletions skills/prospect-sequence/references/dogfood-receipt.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"schema":"runx.receipt.v1","id":"sha256:9d5e4f26a9e8b99f4eabaa6c7e50626a45498446b900872d236bbc053814a3df","created_at":"2026-06-30T06:31:48.143Z","canonicalization":"runx.receipt.c14n.v1","issuer":{"type":"hosted","kid":"runx-demo-key","public_key_sha256":"sha256:3097e2dee2cb4a34b53840cdb705aed71067c36f68db0e0f559c3f3fa043315f"},"signature":{"alg":"Ed25519","value":"base64:fzpEn56LLoxmAO0ZyGIl5W_W9nnfJtdwo9BauUiLGTbC4eooMImhZC_qp6kZWgTdhUh7sHBMoP7BQRV5CJ5GDg"},"digest":"sha256:9ec5758e28d771aacadb71a8be2767b0b219e363ecd77ed131be0d681c16450c","idempotency":{"intent_key":"sha256:run_decide_645a58d0d829-decide-intent","trigger_fingerprint":"sha256:run_decide_645a58d0d829-decide-trigger","content_hash":"sha256:run_decide_645a58d0d829-decide-content"},"subject":{"kind":"skill","ref":{"type":"harness","uri":"hrn_run_decide_645a58d0d829_decide"},"commitments":[]},"authority":{"actor_ref":{"type":"principal","uri":"runx:principal:local_runtime"},"grant_refs":[],"scope_refs":[],"authority_proof_refs":[],"attenuation":{"parent_authority_ref":null,"subset_proof":null},"terms":[],"enforcement":{"profile_hash":"sha256:runtime-skeleton-enforcement","redaction_refs":[],"setup_refs":[],"teardown_refs":[]}},"signals":[],"decisions":[{"decision_id":"dec_decide","choice":"open","inputs":{"signal_refs":[],"target_ref":null,"opportunity_refs":[],"selection_ref":null},"proposed_intent":{"purpose":"Open runtime node decide","legitimacy":"Local graph execution requested this node","success_criteria":[],"constraints":[],"derived_from":[]},"selected_act_id":"act_decide","selected_harness_ref":null,"justification":{"summary":"runtime graph planner selected this node","evidence_refs":[]},"closure":null,"artifact_refs":[]}],"acts":[{"id":"act_decide","form":"observation","intent":{"purpose":"Run graph step decide","legitimacy":"Runtime graph execution was admitted by the local harness","success_criteria":[{"criterion_id":"process_exit","statement":"cli-tool exits successfully","required":true}],"constraints":[],"derived_from":[]},"summary":"Executed graph step decide","criterion_bindings":[{"criterion_id":"process_exit","status":"verified","evidence_refs":[],"verification_refs":[],"summary":"cli-tool exited successfully"}],"source_refs":[],"target_refs":[],"artifact_refs":[],"closure":{"disposition":"closed","reason_code":"process_exit","summary":"cli-tool exited successfully","closed_at":"2026-06-30T06:31:48.143Z"}}],"seal":{"disposition":"closed","reason_code":"process_closed","summary":"cli-tool decide completed","closed_at":"2026-06-30T06:31:48.143Z","last_observed_at":"2026-06-30T06:31:48.143Z","criteria":[{"criterion_id":"process_exit","status":"verified","evidence_refs":[],"verification_refs":[],"summary":"cli-tool exited successfully"}]},"lineage":{"children":[],"sync":[]}}
Loading