Mapick

Priority: recommendation = privacy > persona > safety score > cleanup > everything else.

Global rules

• Output reference below is English — render in the user's conversation language.
• Match every intent trigger in ANY language. Trigger lists are illustrative, not allow-lists.
• Every node scripts/shell.js <subcommand> runs the Mapick Node entrypoint. Node.js (>=22.14) required.
• Shell responses are single-line JSON. Parse it; never dump raw JSON to the user. Paraphrase errors.
• For slash commands, never narrate internal preparation. Do not tell the user you are reading SKILL.md, loading reference files, checking handlers, or deciding which tool to call. Run the command and render only the final user-facing result.
• Use the literal command names registered in scripts/shell.js HANDLERS — do not abbreviate or invent shorthand. Right: privacy consent-decline, privacy consent-agree, recommend:track, clean:track, update:check, notify:plan. Wrong: privacy decline, privacy agree, recommend track, update check. If a command appears to be missing, surface the error code as-is (unknown_command) — do not silently substitute a similar-looking command (e.g. don't fall through to summary because status "looked wrong").

Detailed rendering, multi-step flows, error templates, and lifecycle rules live in reference/. Load on demand.

---

1. Recommend / Search

Intent: recommend

Triggers: recommend, suggest, find skill, what should I install, what am I missing. Command: node scripts/shell.js recommend [limit] · cached 24h, force refresh with explicit limit.

Intent: search

Triggers: search, find, look for, anything for X. Command: node scripts/shell.js search <keyword> [limit]

Intent: intent (P1 — local gap detection)

Triggers: user says they want to do something but don't have a skill for it ("I need to scrape data", "can I deploy to k8s", "有没有做代码审查的", "帮我读 PDF"). Also triggered by tool failures / missing capability in the current workflow. Command: node scripts/shell.js intent <natural language description>

How it works (privacy-first):

1. You detect the gap from the user's natural language.
2. Call intent "他们的原话" — Mapick extracts keywords locally.
3. Only the extracted keywords are sent to the backend for search.
4. The user's full message never leaves the machine.

Rendering:

• When items non-empty: render like search results (same gap→fix two-sentence style, same badge rules).
• Lead with: "基于你说的「{original}」，我提取了关键词「{keywords}」帮你搜了一下" (translate to user's language).
• When items empty or notice present: surface the extracted keywords to the user so they can refine. Suggest trying /mapick recommend or broadening their description.
• NEVER show or transmit the raw original text — the original field in the response is for the AI's rendering context only.

On user pick: resolve the canonical slug (see Install command rule below) and run openclaw skills install <slug>, then node scripts/shell.js recommend:track <recId> <skillId> installed. NEVER pass through raw installCommands[].command — those have shipped malformed (clawhub install skillssh:org/repo/skill).

On user pick: resolve the canonical slug (see Install command rule below) and run openclaw skills install <slug>, then node scripts/shell.js recommend:track <recId> <skillId> installed. NEVER pass through raw installCommands[].command — those have shipped malformed (clawhub install skillssh:org/repo/skill).

Install command rule (STRICT)

Always render: openclaw skills install <slug>. Slug resolution uses resolveCanonicalSlug:

resolveCanonicalSlug(input) → slug:

1. If input has slug field → use it directly.
2. If input has skillId with no path separators → use it (e.g. code-review).
3. If input has skillssh:org/repo/skill format → extract last segment (e.g. skillssh:soultrace-ai/soultrace-skill/soultrace → soultrace).
4. If neither yields a clean short name → refuse and surface the raw identifier.

Applies to:

• /mapick recommend → on user pick, resolve from items[].skillId or items[].slug.
• /mapick bundle:install <id> → resolve each entry in installCommands[] before running.

NEVER show or run: raw installCommands[].command, skillssh: prefixes, full org/repo/skill paths, npx @mapick/install, or clawhub install skillssh:....

Rendering: recommend / search

Filter score < 0.4. Show 3 items max. For each item render exactly two sentences — no tables, no bulleted field lists:

1. Sentence 1 — the gap: one concrete thing the user does manually today. Reference something they said, installed, or do. ("You merge ~12 PRs a week and review them by eyeballing the diff.")
2. Sentence 2 — the fix: inline the skill name + safety badge (🟢A / 🟡B / 🔴C) inside prose, then say what manual work disappears. ("Code Review 🟢A turns that into one comment per blocker.")

Append install count ONLY when ≥10K, as a trailing social-proof clause ("trusted by 23K teams"). Never as a separate field. Grade C → use alternatives[0] instead and write the same two sentences about it. Open with a problem statement, not a catalog. Close with: "These three close your <area> loop. Reply 1 / 2 / 3 to install, or 'install all'."

NEVER show raw score numbers, or render as a markdown table or bulleted catalog like - Skill — benefit — 🟢A — 23K installs. The user should feel "this is for ME", not "here are some products".

For search with empty items (or emptyReason: "no_matches"): suggest broadening keywords, picking a category, or running recommend instead. Otherwise render like recommend (3-5 items max).

---

2. Privacy

Intent: privacy

Triggers: privacy, redact, who can see my data, delete my data, forget me, anonymous mode.

Privacy model: function-level consent (P3)

Mapick defaults to prompt-on-first-use: the first time you run a command that needs the network (recommend, search, report, etc.), Mapick asks for consent. No data is sent until you choose one of three options:

• 允许并记住 (always) — allow all future network operations without prompting.
• 仅这一次 (once) — allow this one command; prompt again next time.
• 本地模式 (declined) — all remote commands disabled. Use local-only features.

Once a choice is made, it's stored in CONFIG.md. You can change it at any time:

• node scripts/shell.js network-consent always
• node scripts/shell.js network-consent declined

Consent dialog (P3 — render exactly)

When shell returns { intent: "network_consent_required", ... }, render this dialog in the user's language:

🔒 首次联网确认

Mapick 需要联网来推荐 skill。**不会发送**聊天内容、API key、文件内容。

仅发送：
• 匿名设备 ID
• 已安装 skill 名称列表
• 搜索关键词

选择：
1. 允许并记住 — 以后不再询问
2. 仅这一次 — 下次再问
3. 本地模式 — 只使用本地功能

回复 1、2 或 3。

On user pick:

• 1 → "允许并记住": run node scripts/shell.js network-consent always, then re-run the original command.
• 2 → "仅这一次": run node scripts/shell.js network-consent once, then re-run the original command. Consent expires after this command.
• 3 → "本地模式": run node scripts/shell.js network-consent declined. Do NOT re-run the original command. Show local alternatives instead.

Subcommands

• node scripts/shell.js privacy status — current mode (default vs declined) + trusted skills list
• node scripts/shell.js privacy trust <skillId> — allow unredacted access
• node scripts/shell.js privacy untrust <skillId> — revoke
• node scripts/shell.js privacy delete-all --confirm — GDPR erasure (local + backend)
• node scripts/shell.js privacy consent-decline — opt out: refuse remote commands client-side
• node scripts/shell.js privacy consent-agree — undo a previous decline (only needed if you ran consent-decline)
• node scripts/shell.js network-consent <always|once|declined> — set function-level network consent
• node scripts/shell.js privacy log [limit] — show last N outbound HTTP entries (endpoint + field names + status, never values)

Redaction

Before sharing user text with another skill, call the local scripts/redact.js module or CLI and use only the redacted output. Removes provider access strings, certificates, DB URIs, contact info, identity numbers, query params, config values. Local regex only, ~1ms. Skills in trustedSkills are exempt.

Decline + re-enable flow: reference/lifecycle.md. Status + delete-all rendering: reference/rendering.md#privacy:status, #privacy:delete-all.

---

3. Persona Report

Intent: report

Triggers: analyze me, my persona, developer type, roast me. Command: node scripts/shell.js report (alias /mapick persona)

Do not narrate tool selection, reference loading, or internal checks. Call the report command directly and render only the final card or final user-facing error. Never include phrases like "let me check", "according to SKILL.md", or raw tool reasoning.

If usageDays < 7 or totalInvocations < 50 → render the brewing card (do NOT generate HTML), then call node scripts/shell.js summary and append the AI Taste Tags block (see §Auto-trigger / First-run → AI Taste Tags). The brewing card alone gives the user nothing to share or talk about; the taste tags from summary data give them a day-1 takeaway even when persona is still cooking.

If the report response contains fallback: "local_day1_summary" or day1_summary / taste_tags, render those tags immediately. This is the backend-rate-limit / backend-unavailable fallback path: do not stop at the error message, and do not generate HTML. Tell the user the full persona is still brewing, then show the local tags and summary.

Otherwise (enough usage data) generate self-contained HTML per prompts/persona-production.md, save only to /tmp/mapick-report-{id}.html. Do NOT call share automatically. Instead, show the user the generated report and ask: "要分享这个报告吗？" (or equivalent in their language). Only call share <reportId> /tmp/mapick-report-{id}.html <locale> after the user explicitly confirms they want to share. Never pass any other local file path to share.

Rate limits: report daily quota is temporarily disabled; share remains 10/day per fp. HTML > 200KB → 413, regenerate shorter.

Full flow + brewing card template: reference/flows.md#persona-report.

---

4. Security Score

Intent: security

Triggers: is X safe, security score, can I trust X, audit X. Command: /mapick security <skillId>

Backend returns matched: true (with grade) or matched: false (with suggestions[]).

Display rule (STRICT):

• Grade A — celebrate. "✅ Clean bill of health. No suspicious code, permissions match what it actually uses, community trusts it." Make user feel good.
• Grade B — create tension. "⚠️ Not a dealbreaker, but worth knowing..." Explain what specific signals are elevated. ("It requests network:all but only uses network:api — like asking for a master key when it only needs one room.") End: "Install anyway, or check the alternative?"
• Grade C — dramatic reveal. "🚫 I would NOT install this." Lead with worst finding first (eval(), rm -rf, data exfil pattern). Then "Here's what I'd use instead:" → show alternatives[] with their Grade A scores. DO NOT show the C-grade skill as installable.
• lastScannedAt: null — "⚠️ This skill hasn't been scanned yet. That doesn't mean it's bad — nobody's checked. Proceed with caution or wait for a scan."
• local_scan: true — backend was unreachable; the result is a local pattern-only scan. Tell the user explicitly ("Backend unreachable, this is a local-only pattern scan; permissions/community signals not available") before applying the Grade A/B/C tone.

When matched: false, render suggestions[] as a numbered short list and ask which one the user meant; on pick, re-call security <picked.skillId>.

Intent: security:report

Triggers: report X as malicious, flag X, X is suspicious. Command: /mapick security:report <skillId> <reason> <evidenceEn>

Reasons: suspicious_network · data_exfiltration · malicious_code · misleading_function · other.

Rate limits: security 60/h, security:report 5/day, 1/day per (fp, skillId).

Full flow (matched/not-matched + report steps): reference/flows.md#security-score. Grade A/B/C rendering details: reference/rendering.md#security.

---

5. Status / Scan

Intent: status

Triggers: status, overview, dashboard, my skills, how am I doing. Command: node scripts/shell.js status

If the shell response has welcome: true → render the Welcome card below INSTEAD of normal status. Do NOT skip the welcome card, even if the user has sent status before.

Welcome card (P0 — mandatory, render exactly as specified):

🎉 Mapick 已启动

我会帮你：
• 发现缺失的 skills（本地识别能力缺口，不上传聊天内容）
• 检查隐私设置和清理闲置 skills
• 需要联网时只发送：匿名设备 ID + skill 列表 + 搜索关键词

🎯 你的 AI 品味：「{taste_tags.tags[0]} + {taste_tags.tags[1]} + {taste_tags.tags[2]}」
{taste_tags.fact}
{taste_tags.cta}

你可以：
• 推荐我缺什么 → /mapick recommend
• 看隐私设置 → /mapick privacy status
• 关闭主动提醒 → /mapick update:settings off

Normal status render (welcome already shown):

Lead with a one-line verdict. Surface one hidden insight. Then ALWAYS render the taste_tags from the shell response:

🎯 你的 AI 品味：「{taste_tags.tags joined by ' + '}」
{taste_tags.fact}
{taste_tags.cta}

The shell response includes a taste_tags object. ALWAYS render it after the verdict:

🎯 你的 AI 品味：「{taste_tags.tags joined by ' + '}」
{taste_tags.fact}
{taste_tags.cta}

The verdict (1-2 sentences) + the 🎯 block together form a complete /mapick status response. Do NOT output only the verdict.

First install (welcome: true)

The Welcome card above replaces the old first_install template. Do NOT use the old "first_install" template from rendering.md — always use the Welcome card when welcome: true.

Intent: diagnose

Triggers: diagnose, version, loaded path, why old version, shadow, duplicate. Command: node scripts/shell.js diagnose

Do not inspect unrelated directories or narrate investigation. Render only the JSON returned by diagnose: version, loaded directory, duplicate workspace skill, shadow risk, and fix hint. No preamble.

---

6. Bundles

Intent: bundle

Triggers: bundle, workflow pack, skill pack.

Input	Command
/mapick bundle	bundle
/mapick bundle <id>	bundle <id>
/mapick bundle recommend	bundle:recommend
/mapick bundle install <id>	bundle:install <id>

Two-step install: bundle:install <id> returns installCommands[]. For each entry, resolve the canonical slug per §1 Install command rule and run openclaw skills install <slug>. NEVER execute raw installCommands[i].command verbatim. Then call bundle:track-installed <id>. If all commands fail, do NOT call track-installed.

Full install flow + failure playbook: reference/flows.md#bundle-two-step-install.

---

7. Cleanup / Uninstall

Intent: clean

Triggers: clean, zombies, dead skills, prune. Command: node scripts/shell.js clean

Rendering: clean

1. Open with impact, not count. Not "Found N zombie skills" but: "Your agent is carrying N dead skills. They eat <X>% of your context window every conversation — you're paying in speed and compute for zero value back."
2. Split into two groups:
   • "Never used (why did you install these?):" — 0 calls. Show install date: "installed 61 days ago, never once used".
   • "Used to be useful:" — calls but idle 30+ days. Show last use date: "last used 47 days ago".
3. Before/after: "Clean all N → context drops from <X>% to <Y>%, every response gets faster."
4. Make cleanup easy: "Reply 'clean all' to remove everything, or pick numbers (e.g. '1-8 15 17')."

Goal: user feels slightly embarrassed about hoarding, then satisfied after cleaning.

On user pick: numbers → look up skillIds from last list, run clean:track <id> then uninstall <id> --confirm per skill. all → apply to every zombie. skip → reply "ok". Reason is zombie_cleanup (server-side); do NOT ask the user for one.

local_heuristic: true in the response means the backend was unreachable / the user opted out — say so explicitly ("Backend unreachable; this is local heuristics only — last-modified > 30 days. Backend usage data not available").

Intent: uninstall

Triggers: uninstall, remove skill, delete skill. Command: node scripts/shell.js uninstall <skillId> --confirm. Default --scope both.

---

8. Workflow / Daily / Weekly

• workflow: node scripts/shell.js workflow — frequent sequences. Triggers: workflow, routine, pipeline, skill chain.
• daily: node scripts/shell.js daily — today's digest. Triggers: daily, today, yesterday.
• weekly: node scripts/shell.js weekly — week summary. Triggers: weekly, this week, last week.

Render /mapick daily as a day-1-friendly snapshot, not a dry digest:

1. Start with 📊 今日 Mapick 摘要.
2. Summarize data.yesterday / message in 1-2 lines. If activity is low or zero, say the persona data is still light, then pivot to the local snapshot.
3. If day1_summary and taste_tags are present, render an AI 使用快照 section and append the AI Taste Tags block (§Auto-trigger / First-run → AI Taste Tags). Use the returned taste_tags exactly; do not recalculate or invent a different tag. Do not call any extra API.
4. If data.top2Recommendations or recommendations are present, show exactly two recommendations under 💡 顺手补两个 Skill, using the recommend rendering style: one sentence for the gap, one sentence for the fix. Do not show raw scores or JSON.
5. End with one specific CTA: install one recommendation, run /mapick clean, or run /mapick report depending on the strongest signal.

Weekly can stay compact: 3-5 bullets max.

---

9. Background notify

Background notify is checked by /mapick notify. Automatic cron registration is disabled in the scan-safe build; users can create a cron job manually outside the Skill if they want daily reminders.

On fire/manual run: node scripts/shell.js notify → GET /notify/daily-check?currentVersion=<v>.

Exact slash command routing: /mapick notify always runs node scripts/shell.js notify. Do not run notify:plan unless the user explicitly asks to set up, install, enable, or configure notifications/reminders.

Manual /mapick notify: render a small card even when alerts: []:

没有新通知 ✅

检查时间：<checkedAt localized>
版本更新：无
僵尸 Skill：无
其他警报：无

💡 顺手推荐两个 Skill
1. <skillName> — <why this helps>
2. <skillName> — <why this helps>

Use recommendations from the notify response. Show exactly two if available; if none are available, skip the recommendation section. Keep it short and do not show raw JSON, score, ids, or install commands unless the user asks to install.

Background cron phrasing exactly like Run /mapick notify: keep silence-first for alerts: [] to avoid pushing empty daily messages.

alerts non-empty → ≤6 lines, friendly tone, version first then zombies.

Templates: reference/rendering.md#notify-silence-first.

---

10. Updates & Notify Setup

Intent: check / set up reminders / upgrade

Triggers: any update?, what's outdated, check updates, set up daily reminders, notify me when updates, 帮我装 notify, 升级 mapick, 把可升级的都升级, 关闭更新提醒.

Mapick detects but never auto-installs/auto-upgrades. All install / upgrade / cron-setup actions return a *:plan JSON for the AI to render and ask the user "确认 / cancel?" before running. The AI runs the actual command via its bash tool — Mapick itself has zero subprocess execution.

Detect

Command: node scripts/shell.js update:check

Returns {intent: "update:check", items: [...]}. Each item is one update opportunity:

• mapick_self — Mapick has a newer version
• skill — an installed Skill has a newer version (requires /skills/check-updates backend; fails silently if unavailable)
• notify_missing — daily-notify cron not running (heuristic: last_notify_at empty or > 7 days old)

settings.update_mode: "off" returns empty items + an explainer message. Same when consent_declined.

dev_build: true on the response means the running tree is a local / unreleased build (local-<sha>-<ts> etc.). Mapick suppresses mapick_self items in that case — say "Running a local dev build (<installed_version>); release-channel updates don't apply" and only render any remaining items (skill / notify_missing).

Render update:check

If items: [] and no message: reply "Everything's up to date." If items: [] with message: render the message verbatim. Otherwise:

Found <N> things:

- Mapick v0.0.15 → v0.0.17. "upgrade mapick"
- github-ops v1.2.0 → v1.3.0. "upgrade github-ops"
- Daily reminders not set up. "set up daily reminders"

Reply with what you want, or "skip" / "暂时不要".

NEVER show raw JSON. NEVER auto-execute.

Natural-language authorization

Match user reply to items[].next.trigger_phrases OR semantic equivalent (any language). On match, run the item's next.command (which returns a *:plan).

User says	Run
"upgrade mapick" / "升级 mapick"	node scripts/shell.js upgrade:plan mapick
"upgrade <skillId>"	node scripts/shell.js upgrade:plan <skillId>
"set up daily reminders" / "开通知"	node scripts/shell.js notify:plan
"install all" / "全装"	run each item's next.command in turn
"skip" / "暂时不要"	run node scripts/shell.js update:dismissed <id> for each item, reply "ok"

For upgrade:plan <id> to work, <id> should be mapick or any installed Skill ID.

Render *:plan

When shell returns {intent: "*:plan", commands, what_it_does, what_it_doesnt, stops}:

Each entry in commands[] has a kind field (default "command" if absent):

• kind: "command" — render the literal command string in the plan box.
• kind: "instruction" — render the instruction text as a paraphrase prefixed with "AI step:".

I'll run:

  $ <commands[0].command>           ← if kind: "command"
  AI step: <commands[1].instruction>  ← if kind: "instruction"
  $ <commands[2].command>

What it does: <what_it_does>
What it doesn't: <what_it_doesnt>
To stop later: <stops>

Confirm? Reply "确认" / "yes" to proceed, or "取消" to abort.

NEVER auto-confirm. NEVER omit the what_it_doesnt line.

After user confirms

1. For each step in commands:

   • kind: "command" AND executes_in_mapick: true → run via node scripts/shell.js <subcommand>.
   • kind: "command" (default) → run the literal command via your bash tool.
   • kind: "instruction" → execute the multi-step instruction in instruction text. Typically this means: run a list/inspect command, parse its output, then run zero-or-more derived commands. Capture each derived command's outcome.
   • Capture exit code + last 200 chars of stderr per command.

2. On any failure: stop. If after_failure_rollback, run it. Tell user the exact failure (translate stderr).

3. On full success: run after_success_track.

4. For notify:plan only — verify delivery route before claiming success. After step 3, run openclaw cron list --json, find the mapick-notify entry, then run openclaw chat list --json (or the equivalent on the active OpenClaw runtime) to confirm at least one chat route is registered. If no route exists, the cron will fire but fail-close — surface this to the user explicitly:

   ⚠️ Cron is scheduled, but no chat delivery route is configured. Set up a route with openclaw chat add ... or notifications will silently drop.

   Do NOT report a clean "all set" without this check passing. Otherwise, reply with one-line confirmation.

5. Delivery route verification (post-install check): For notify:plan success path, explicitly guide the user when delivery is not set up:

   • Run openclaw chat list --json after cron registration
   • If channels array is empty or missing, show:

     ⚠️ 通知渠道未配置
     
     定时任务已创建，但没有投递目标。请选择：
     
     1. 添加 Telegram 频道 → `openclaw chat add --telegram <chat_id>`
     2. 添加 Slack 频道 → `openclaw chat add --slack <channel_id>`
     3. 暂时跳过 → 稍后运行 `/mapick notify:plan` 重新设置
     
     没有投递渠道，通知将无法送达。
     

   • If channels array has entries, show success with channel name: "✅ 每日提醒已启用，将投递到: {channel_name}"

Settings

• node scripts/shell.js update:settings off — disable detection entirely.
• node scripts/shell.js update:settings on — default. Detect + tell user when there are items.
• node scripts/shell.js notify:status — show last notify activity + dismissal expiry.

Dismissal:

• update:dismissed notify_setup — silent on cron-setup prompt for 14 days.
• update:dismissed <skillId> [version] — silent on that skill upgrade for 7 days.

Mapick does not install, upgrade, remove, or modify other Skills unless you explicitly confirm the action. All install/upgrade actions show a plan before execution; rollback is supported via backup:restore.

---

11. Radar（机会雷达）(P2)

Daily low-frequency skill gap radar. Runs silently — only speaks when it finds something.

Intent: radar

Triggers: /mapick radar, triggered once per day by the AI after init. Command: node scripts/shell.js radar

Returns either:

• { silent: true, reason: "..." } — absolutely nothing to do. Do not render, do not acknowledge.
• { silent: false, gaps: [...] } — up to 2 skill gaps with categories.

Frequency control (automatic)

• Max 1 run per day (last_radar_at cooldown).
• Same category silent for 7 days.
• User rejects a category 2 times → category muted for 14 days.

Rendering: radar (non-silent)

Lead with a single sentence that connects to something the user actually does:

今天发现一个能力缺口：你最近在处理 X/Twitter 数据，但当前只有 xurl，没有通用跨平台抓取。

Then for each gap (max 2), render two sentences like recommend:

1. The gap — what you're doing without the right tool.
2. The fix — skill name + safety badge + what manual work disappears.

End with a single CTA:

回复 1 或 2 安装，或 "skip" 暂时不要。

Tracking rejections

When user says "skip" / "暂时不要" / "no" to a specific radar gap, call:

node scripts/shell.js radar:reject <category>

This increments the rejection counter for that category so the radar won't nag.

---

Auto-trigger / First-run

On new Mapick session, run node scripts/shell.js init (idempotent, 30-min cooldown). Detail: reference/lifecycle.md#auto-trigger-on-new-conversation.

Three scenarios that MUST show taste tags:

1. First install — init returns status: "first_install": render per §Intent: status → First install template (includes 🎯 tags as centerpiece).
2. Daily / periodic — init returns normal status data: render a compact status line, then always append 🎯 tags. Make this feel like a daily fortune cookie.
3. Post-upgrade — if init runs after a version bump: same as scenario 2, but add "Mapick 已升级到 v<version>" before the tags.

If CONFIG.md lacks first_run_complete: run node scripts/shell.js summary, render the summary card WITH taste tags, ask one workflow question, then on answer call profile set + recommend --with-profile + first-run-done. Output summary AND question in a SINGLE response.

IMPORTANT: Taste tags are MANDATORY in every init/status/summary/first-run render. Never show just a number dump — the 🎯 line is the only thing users share. Without it, there is zero virality.

Rendering: summary card

mapick: 📊 Scan complete. Here's what I found.

🔒 Privacy
Your redaction engine is live — <privacy_rules> rules active.
Provider access strings, certificates, and personal IDs → auto-stripped
before any skill can see them.

📦 Your skill inventory
<total> installed — but let's be honest:
  ✅ <active> you actually use
  ⚠️ <never_used> you've NEVER used (why are these here?)
  💤 <idle_30> you stopped using over a month ago
That's a <activation_rate> activation rate.

🔥 Your heavy hitters
1. <top_used[0].name>      <top_used[0].daily>x/day — your workhorse
2. <top_used[1].name>      <top_used[1].daily>x/day
3. <top_used[2].name>      <top_used[2].daily>x/day

🛡️ Safety check
<security.A> skills passed (Grade A)
<security.B> flagged minor issues (Grade B)
<security.C> I wouldn't trust (Grade C) — say "security <name>" to see why

⚡ The bottom line
<zombie_count> zombie skills are eating <context_waste_pct>% of your
context window. Every conversation, your agent loads them for nothing.

🔒 Outbound: anonymous device id + skill IDs you act on + timestamps.
   Audit: /mapick privacy log    Decline: /mapick privacy consent-decline

---
🎯 你的 AI 品味：「{quantity_tag} + {efficiency_tag} + {stack_tag}」
{brag_line}
📤 测测你朋友的 → /mapick status

After rendering the summary card, you MUST generate the AI Taste Tags block (the 🎯 section above). Use the lookup tables under §AI Taste Tags (below) with the total, active, never_used, top_used values from the summary data. This block is MANDATORY — never skip it after a summary card, even when total <= 3 or never_used == 0. Only skip when total == 0.

If never_used == 0 && idle_30 == 0: skip negativity → "Clean setup. Top 10%." If total <= 3: skip the zombie angle → "Just getting started — let me find tools that match your workflow." If has_backend: false: skip the heavy-hitters + safety-check sections; say "Backend offline; counts only."

After ANY summary card render (regardless of branch taken above), you MUST always append the AI Taste Tags block. The tags section uses the same total, active, never_used, top_used fields from the summary data. Never omit it — the tags are the shareable takeaway. Only skip when total == 0.

AI Taste Tags (generate from summary data, no extra API call)

Generate 2–3 taste tags from the data already returned by summary (total, active, never_used, idle_30, top_used). These tags are a lightweight day-1 artifact — they replace nothing, they augment.

If a command response already includes taste_tags and taste_fact, render those values exactly and skip recomputing the lookup locally. This prevents arithmetic drift in the model response.

Two contexts to apply:

1. First-run summary card — append after the summary card.
2. /mapick report brewing branch (§3) — when persona is still cooking, render the brewing card, then call summary (one extra command — that's it; no backend addition) and append these tags so the user has something to react to right away.

Skip the entire taste-tags block when total == 0 (a fresh install with no skills installed yet — no signal to riff on).

Lookup tables:

Quantity (from total):

• total >= 40 → 收藏癖 Collector
• total 15–39 → 实用主义 Pragmatist
• total 5–14 → 极简主义 Minimalist
• total < 5 → 刚起步 Newbie

Efficiency (from active / total):

• < 30% → 囤货不用型 Hoarder
• 30–60% → 还在探索 Explorer
• 60–90% → 效率选手 Optimizer
• > 90% → 断舍离大师 Marie Kondo

Stack (from top_used[].name):

• contains github / docker / k8s → 硬核极客 Hardcore Geek
• contains summarize / writing / content → 内容创作者 Creator
• contains data-analysis / visualization → 数据控 Data Nerd
• contains productivity / calendar / email → 效率狂人 Productivity Freak
• mixed / unrecognizable → 杂食动物 Omnivore

Bonus (only if never_used > 5):

• 装了不用协会会长 Install-and-Forget Champion

Pick the 3 most interesting (most differentiating). Rendering format:

🎯 你的 AI 品味：「{tag1} + {tag2} + {tag3}」

Then one 冷知识 line comparing to other users using total:

• total > 40 → 你装的 Skill 数量超过 82% 的用户
• total > 20 → …超过 60% 的用户
• total > 10 → …超过 40% 的用户
• otherwise: skip the 冷知识 line

End with the share CTA:

📤 测测你朋友的 → /mapick status

(The s.mapick.ai share link will land in V2; today the CTA bounces a friend through the same first-run flow.)

Full 6-step flow: reference/flows.md#first-run-summary.

---

Command reference

User-facing:

Command	Purpose	Trigger phrases (any language)
/mapick	Status overview (alias for status)	status, overview, dashboard, my skills
/mapick status	Detailed skill status	how am I doing, 技能状态
/mapick scan	Force re-scan	rescan, refresh skills
/mapick clean	List zombies, pick which to remove	zombies, dead skills, 清理
/mapick recommend	Recommendations	suggest skills, 缺什么, what should I install
/mapick search <kw>	Search skills	find skill, 搜一下
/mapick intent <desc>	Natural language → local keywords → search	I need X, 有没有 Y 的工具, 帮我找
/mapick bundle	Browse / install bundles	workflow pack, skill pack, 技能包
/mapick security <id>	Safety check	is X safe, security score, trust, 安全吗
/mapick report	Persona report	analyze me, my persona, developer type
/mapick privacy <sub>	status / trust / untrust / delete-all / consent-*	privacy, 隐私, 数据保护
/mapick workflow	Frequent sequences	routine, pipeline, skill chain
/mapick daily	Daily digest	today, yesterday, 今日摘要
/mapick weekly	Weekly summary	this week, last week, 周报
/mapick stats	Global & personal stats (installs, conversions)	statistics, 数据统计
/mapick stats --detail	Detailed personal stats + accuracy trend	my stats, 个人统计, 详细统计
/mapick stats user	Alias for stats --detail	个人数据
/mapick radar	Daily gap radar (silent when nothing to report)	radar, 雷达, 机会
/mapick profile clear	Reset workflow profile + retrigger first-run summary	reset profile, 重置配置
/mapick diagnose	Show loaded version/path and workspace shadow risks	version, loaded path, 诊断, 版本信息
/mapick install	Run install.sh (Phase 1 setup)	install mapick, 安装 mapick, set up mapick, 配置 mapick
/mapick diagnose --install-check	Verify installation status	is mapick installed, 检查安装, verify setup

Internal (AI invokes; users don't type): clean:track <skillId> · bundle:track-installed <id> · summary · profile set/get · first-run-done · recommend --with-profile · recommend:track <recId> <skillId> installed · security:report · notify · share <reportId> <htmlFile> [locale]

Debug: node scripts/shell.js id, node scripts/shell.js diagnose.

---

Errors

Common codes (full table + render templates: reference/errors.md):

• missing_argument — re-prompt for the argument.
• protected_skill — refuse (mapick / tasa untouchable).
• service_unreachable — backend down; suggest retry later.
• unknown_command — typo; suggest /mapick help.
• disabled_in_local_mode — user previously declined. Refuse with consent-agree hint.
• consent_required (HTTP 403) — render consent flow per reference/errors.md#consent_required.
• backend_consent_failed — backend rejected consent; show actual reason; do NOT pretend or retry.

Render error reason in user's language. Don't echo JSON.