snapsynapse
diff --git a/‎.github/workflows/verify.yml‎
Lines changed: 21 additions & 0 deletions b/‎.github/workflows/verify.yml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 161 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 161 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 39 additions & 0 deletions b/‎README.md‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎VERIFICATION.md‎
Lines changed: 112 additions & 0 deletions b/‎VERIFICATION.md‎
Lines changed: 112 additions & 0 deletions
@@ -0,0 +1,21 @@
+name: Verify
+
+on:
+  schedule:
+    - cron: '0 9 * * 1'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - name: Verify freshness
+        run: node scripts/verify.js
+        continue-on-error: true
@@ -0,0 +1,161 @@
+# Contributing
+
+This project follows a zero-dependency, config-driven approach. All domain-specific settings live in `project.yml`, and all scripts use only Node.js built-ins.
+
+## Adding Entities
+
+### 1. Create the Markdown File
+
+Create a `.md` file in the appropriate `data/examples/` subdirectory:
+
+| Entity Role | Directory | Example |
+|-------------|-----------|---------|
+| Primary | `data/examples/requirements/` | `data-encryption.md` |
+| Container | `data/examples/frameworks/` | `iso-27001.md` |
+| Authority | `data/examples/organizations/` | `iso.md` |
+
+Directory names are configured in `project.yml` under `entities.<role>.directory`.
+
+### 2. Add YAML Frontmatter
+
+Every entity file starts with YAML frontmatter between `---` delimiters. See existing files for the required fields. At minimum:
+
+**Primary entities:**
+```yaml
+---
+title: Data Encryption
+group: technical
+last_verified: 2025-01-15
+---
+```
+
+**Container entities:**
+```yaml
+---
+title: ISO 27001
+status: active
+authority: iso
+last_verified: 2025-01-15
+---
+```
+
+**Authority entities:**
+```yaml
+---
+title: International Organization for Standardization
+type: standards-body
+last_verified: 2025-01-15
+---
+```
+
+### 3. Add Mapping Entries
+
+For containers that reference primary entities, add entries to `data/examples/mapping/index.yml` (or the path configured in `project.yml` under `mapping.file`):
+
+```yaml
+- id: provision-id
+  regulation: framework-id
+  obligations:
+    - primary-id-1
+    - primary-id-2
+```
+
+### 4. Validate and Build
+
+```bash
+# Check cross-references
+node scripts/validate.js
+
+# Check staleness and completeness
+node scripts/verify.js
+
+# Build the site and JSON API
+node scripts/build.js
+```
+
+Fix any errors reported by `validate.js` before submitting.
+
+## Modifying the Ontology
+
+The entity model is defined in `project.yml` under `entities:`. Each role has:
+
+- `name` — singular display name
+- `plural` — plural display name
+- `directory` — subdirectory under `data/examples/`
+- Role-specific fields (groups, statuses, etc.)
+
+When changing entity names or directories:
+1. Update `project.yml`
+2. Rename the corresponding data directory
+3. Run `validate.js` to confirm references still resolve
+4. Run `build.js` to regenerate the site
+
+## Code Style
+
+- **Zero dependencies.** All scripts use only Node.js built-ins. Do not add npm packages.
+- Use the existing YAML parser (`parseYaml`) rather than importing a YAML library.
+- Keep functions pure where possible.
+- Use `'use strict'` at the top of every script.
+
+## Testing Changes Locally
+
+```bash
+# 1. Validate cross-references
+node scripts/validate.js
+
+# 2. Check entity freshness
+node scripts/verify.js
+
+# 3. Build the site
+node scripts/build.js
+
+# 4. Preview locally (any static file server works)
+npx serve docs
+# or
+python3 -m http.server -d docs 8000
+```
+
+Check the generated `docs/` directory for the HTML site and `docs/api/v1/` for the JSON API.
+
+## Pull Request Process
+
+1. Create a feature branch from `main`
+2. Make your changes (add entities, update config, fix bugs)
+3. Run `validate.js` and `verify.js` — ensure no errors
+4. Run `build.js` — ensure it completes without errors
+5. Commit the source files (`data/`, `project.yml`, `scripts/`). Generated output in `docs/` may or may not be committed depending on your deployment strategy.
+6. Open a PR against `main` with a clear description of what changed and why
+
+## Container File Format
+
+Container entity files have a specific structure with a timeline table and provision sections separated by `---`:
+
+```markdown
+---
+title: Example Framework
+status: active
+authority: org-id
+---
+
+## Timeline
+
+| Date | Event |
+|------|-------|
+| 2024-01-01 | Published |
+
+---
+
+## Provision Name
+
+| Property | Value |
+|----------|-------|
+| Category | example |
+
+### Requirements
+
+| Requirement | Description |
+|-------------|-------------|
+| req-id | Details here |
+```
+
+See existing container files for complete examples.
@@ -25,6 +25,9 @@ A template for building structured, version-controlled knowledge bases with an o
 - **Bridge pages** — SEO-targeted pages like "Does X require Y?"
 - **Dark/light theme** — with persistence
 - **Client-side search** — lazy-loaded, keyboard-navigable
+- **Sortable tables** — click any column header to sort
+- **MCP server** — AI agent access to your knowledge base
+- **Discovery files** — llms.txt, agents.json, RSS for machine consumption
 - **Zero dependencies** — Node.js built-ins only
 
 ## Project Structure
@@ -85,6 +88,33 @@ node scripts/validate.js   # Validate cross-references
 - **Bespoke static generation** — the build script _is_ the specification
 - **GitOps** — Git is the single source of truth
 
+## AI Agent Support
+
+Every Knowledge-as-Code site includes machine-readable discovery files:
+
+- **MCP Server** — `mcp-server.js` provides read-only access to all entities via Model Context Protocol. Tools are dynamically named from your `project.yml` config. Run with `node mcp-server.js` or add to your MCP client config via `mcp.json`.
+- **llms.txt** — Generated at `docs/llms.txt` with entity model, API endpoints, and entity listings for LLM context
+- **agents.json** — Machine-readable metadata at `docs/agents.json` for agent discovery
+- **RSS feed** — Recent updates at `docs/index.xml`
+- **JSON API** — Programmatic access at `docs/api/v1/`
+
+## Verification
+
+Knowledge as Code includes a verification scaffold for detecting stale data:
+
+- Add `last_verified: YYYY-MM-DD` to entity frontmatter
+- Run `node scripts/verify.js` to check for staleness
+- Configure threshold in `project.yml` under `verification.staleness_days`
+- See [VERIFICATION.md](VERIFICATION.md) for details on adding AI-assisted verification
+
+## Ecosystem
+
+Knowledge as Code is part of a broader set of open standards:
+
+- **[Graceful Boundaries](https://github.com/snapsynapse/graceful-boundaries)** — How services communicate operational limits to humans and agents
+- **[Siteline](https://siteline.snapsynapse.com)** — AI agent readiness scanner for websites
+- **[Knowledge as Code](https://knowledge-as-code.com)** — The pattern definition and community hub
+
 ## The Pattern
 
 Knowledge as Code has six defining properties:
@@ -102,6 +132,15 @@ Read the full pattern definition at [knowledge-as-code.com](https://knowledge-as
 
 Knowledge as Code was created by [Sam Rogers](https://sam-rogers.com) / [Snap Synapse](https://snapsynapse.com). See [ATTRIBUTION.md](ATTRIBUTION.md) for details.
 
+## Deploying
+
+When you use this template, update the following:
+
+1. Edit `project.yml` with your domain entities, colors, and site identity
+2. Replace example data in `data/examples/` with your own
+3. Update `docs/CNAME` with your custom domain (or remove it)
+4. Push to GitHub — Pages deploys automatically via the included workflow
+
 ## License
 
 MIT
@@ -0,0 +1,112 @@
+# Verification
+
+The Knowledge-as-Code template includes a verification system that detects stale entities, validates cross-reference integrity, and provides a foundation for AI-assisted content review.
+
+## How It Works
+
+The verification script (`scripts/verify.js`) performs two categories of checks:
+
+### Staleness Detection
+
+Each entity file can include a `last_verified` date in its YAML frontmatter. The script compares this date against a configurable threshold to identify entities that may contain outdated information.
+
+Entities are reported in three categories:
+- **Fresh** — verified within the staleness window
+- **Stale** — `last_verified` date exceeds the threshold
+- **Never verified** — no `last_verified` field present
+
+### Cross-Reference Checking
+
+The script validates that:
+- Every container has at least one mapping entry
+- Every mapping references valid primary entity IDs
+- Every mapping references valid container IDs
+
+## Setting `last_verified` in Entity Frontmatter
+
+Add a `last_verified` field with an ISO date to any entity's frontmatter:
+
+```yaml
+---
+title: Data Encryption
+group: technical
+last_verified: 2025-01-15
+---
+```
+
+When you review an entity and confirm its content is current, update this date. The verification script will then consider it fresh until the staleness threshold is exceeded.
+
+## Configuring the Staleness Threshold
+
+In `project.yml`, set the number of days before an entity is considered stale:
+
+```yaml
+verification:
+  staleness_days: 90
+```
+
+The default is 90 days. Adjust this based on how frequently your domain changes. Fast-moving regulatory environments may warrant 30 days; stable reference data might use 180.
+
+## Running Verification
+
+```bash
+node scripts/verify.js
+```
+
+The script exits with code 0 if no entities are stale, and code 1 if any stale entities are found. This makes it suitable for CI pipelines.
+
+## GitHub Actions Workflow
+
+The included workflow (`.github/workflows/verify.yml`) runs verification on a weekly schedule (Mondays at 9am UTC) and can be triggered manually via `workflow_dispatch`.
+
+The workflow uses `continue-on-error: true` so that stale entities produce warnings rather than blocking other CI processes. Remove this flag if you want stale entities to fail the pipeline.
+
+## AI-Assisted Verification
+
+The `scripts/verify.js` file includes a commented-out placeholder for model-based verification. This pattern sends entity content to an LLM API to check for:
+
+- Outdated facts or references
+- Broken or changed URLs
+- Superseded standards or regulations
+- Factual inaccuracies
+
+To enable AI verification:
+
+1. Set environment variables for your AI provider:
+   ```bash
+   export AI_API_URL="https://api.example.com/v1/completions"
+   export AI_API_KEY="your-key"
+   ```
+
+2. Uncomment the `aiVerify` function in `scripts/verify.js`
+
+3. Uncomment the loop that calls `aiVerify` on stale entities
+
+4. Make the `verify` function `async` and add `await` to the AI calls
+
+The placeholder uses Node.js built-in `fetch` (available in Node 18+). No additional dependencies are required.
+
+### Example AI Verification Pattern
+
+```javascript
+async function aiVerify(entity) {
+    const prompt = `Review this entity for accuracy:
+      Title: ${entity.title}
+      Content: ${entity._body}
+
+      Check for outdated facts, broken URLs, and superseded standards.
+      Respond with JSON: { "status": "current"|"needs_review", "issues": [] }`;
+
+    const response = await fetch(process.env.AI_API_URL, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${process.env.AI_API_KEY}`
+        },
+        body: JSON.stringify({ prompt, max_tokens: 500 })
+    });
+    return response.json();
+}
+```
+
+This can be integrated into the weekly GitHub Actions workflow by adding the API credentials as repository secrets and updating the workflow step to pass them as environment variables.