Skill Field Reports
SDMCC-safe field-report categories, allowed data, forbidden data, and operational sorting guidance.
Skill Field Reports
Skill field reports are governed operational evidence about how a skill behaved in real use. They are adapted from the ClawdMarks "field report" idea, but SDMCC treats them as signed-in workspace signal, not public social reviews.
Goals
- Help the next teammate or agent understand whether a skill is ready to use.
- Surface missing context, permission problems, validation failures, install friction, and unsafe ambiguity.
- Give reviewers evidence for promotion, docs fixes, and backlog follow-up.
- Keep reports small, sanitized, and tied to SDMCC-owned skill identifiers.
Categories
| Category | Use when | Operational meaning |
|---|---|---|
worked_well | The skill completed the expected workflow with useful output. | Positive evidence for adoption or promotion. |
missing_context | Required project, board, parent item, environment, or policy context was absent. | The skill or reference docs may need clearer prerequisites. |
permission_blocked | Azure DevOps, repo, AWS, Cognito, SharePoint, or another approved system blocked a step. | Access or role setup needs review. |
validation_failed | A repo check, fixture, parser, smoke test, or review scenario failed. | The skill or platform code needs correction before promotion. |
install_friction | Install commands, host setup, CLI extension, certificate trust, or target path setup caused problems. | Install docs or setup scripts need improvement. |
unsafe_ambiguity | The agent could not proceed safely without risking the wrong board, repo, secret, environment, or external action. | Instructions need a stronger confirmation or routing rule. |
suggested_improvement | The run worked, but the reporter found a reusable improvement. | Candidate backlog or documentation update. |
Allowed Fields
| Field | Classification | Rule |
|---|---|---|
skillId | Allowed | Store the repo skill folder name or stable skill identifier. |
category | Allowed | Store one of the approved categories above. |
rating | Allowed | Store whole numbers from 1 to 5 as a coarse usefulness signal. |
comment | Controlled | Store a sanitized short comment, capped by the implementation. No raw logs or source text. |
submittedAt, createdAt, updated | Allowed | Store ISO timestamps for sorting and retention. |
submittedBy | Controlled | Use only for authenticated workspace display and authorization context. Do not copy into public pages. |
source | Allowed | Store hosted, local, fixture, or another approved source label. |
Forbidden Data
Do not store or display these in field reports:
- PATs, passwords, bearer tokens, API keys, client secrets, auth headers, Cognito tokens, AWS credentials, or dashboard API keys.
.env*,.mcp.json, local auth files, raw deployment logs, generated local app state, screenshots with secrets, or raw exports.- Raw prompts, raw transcripts, meeting recordings, full Azure Boards comments, work item descriptions, acceptance criteria excerpts, or raw invalid JSON payloads.
- Local filesystem paths, machine names, OS user profile details, or private browser/session state.
- iDPCC, ClawdMarks, or other source-project identifiers unless a repo doc clearly labels them as source-history context.
Sorting And Filters
Current SDMCC data supports these library sorts:
Needs Review: puts submitted, in-review, experimental, deprecated, or issue-heavy skills first.Recently Updated: uses the skillupdateddate from generated inventory.Production Ready: uses the repo status lifecycle from the root index and skill README.Most Reported Issues: uses field-report issue categories and low ratings.
Planned but not yet supported:
Most Installed/Used: requires a governed install-completion or usage event store. Do not infer installs from copy-button clicks, local browser state, or repo presence.
Implementation Notes
The existing skill-feedback storage path is the governed SDMCC field-report path. The implementation should:
- Preserve the existing rating and comment behavior for older reports.
- Add
categoryas an optional, validated field. - Summarize category counts and issue counts for sorting without returning raw comments to public surfaces.
- Keep hosted reports behind Cognito-authenticated APIs.
- Keep local reports in browser storage for development only.
- Use fixtures and tests for category validation, issue-count summaries, and operational sort behavior.
Example Fixture
{
"skillId": "azure-devops-pbi",
"category": "validation_failed",
"rating": 2,
"comment": "Dry-run validation found a missing parent Feature confirmation step.",
"source": "fixture"
}