Harden CommandTree testing, summaries, execution, and SEO (#19)

## TLDR

Adds fail-fast CommandTree test execution while broadening command
execution, AI summary, coverage, and website SEO hardening across the
branch.

## Details

### What Was Added

- New AI summary orchestration and state modules:
`src/summaryOrchestration.ts` and `src/state.ts`.
- Automatic Copilot model resolution for background summary generation,
with explicit interactive selection preserved for user commands.
- New tree actions for copying relative/full task paths and making files
executable from task context menus.
- Drag support for command-tree task rows using `text/uri-list`, plain
text paths, and CommandTree command IDs.
- Dockerfile task discovery and Docker Compose commands that run with an
explicit `-f` file path.
- Pure helper modules for DB lock artifact cleanup, markdown description
parsing, task helpers, and task parameter formatting.
- E2E/unit coverage for activation non-blocking behavior, AI model
selection, copy path, make executable, Docker execution, script drag,
sort order, summary tooltips, undefined-argument no-ops, markdown
parsing, task helpers, and DB lock recovery.
- Website audit skill, Codex skill symlinks, sitemap override, taxonomy
SEO handling, and expanded website SEO tests.

### What Was Changed/Deleted

- `make test` now runs fail-fast by using Mocha `--bail` for unit tests
and `vscode-test --bail` for VS Code-hosted tests, while excluding
`@exclude-ci` auth-gated tests from the main test target.
- `test-exclude-ci` is now an alias for `test`, keeping existing
workflows on the same fail-fast path.
- VS Code-hosted tests now include E2E, provider, and unit output under
the coverage run.
- Extension activation no longer blocks on initial discovery; discovery
and automatic summaries run in the background after activation.
- AI summaries now choose a concrete model automatically for background
runs instead of opening a picker, while manual model selection still
prompts and persists the user's choice.
- Command tree sorting now keeps folders before files, sorts labels
case-insensitively, and keeps private make/mise tasks muted and sorted
after public tasks without inserting divider rows.
- Make target discovery keeps target line numbers for navigation and
removes phony/help priority handling from task ordering.
- Task execution delegates parameter formatting to a production helper
instead of private duplicated test logic.
- DB lifecycle state moved into centralized app state, with lock
artifact operations moved into a testable pure helper.
- Markdown description extraction moved into a parser helper with direct
unit coverage.
- Website metadata, sitemap output, taxonomy page indexing, mobile text
wrapping, and docs/blog wording were adjusted for SEO and crawl hygiene.
- Dependency lockfiles, package overrides, ESLint config, PR template,
agent instructions, and coverage thresholds were updated.

### Spec/Doc Changes

- Updated `Agents.md`, `Claude.md`, and
`.github/PULL_REQUEST_TEMPLATE.md`.
- Added `.claude/skills/website-audit/SKILL.md` and `.codex/skills/*`
links for local skill access.
- Updated AI summaries docs/blog copy and mise task blog copy.
- Added sitemap/taxonomy behavior in the website Eleventy config.

### Breaking Changes

No extension runtime breaking changes. The intentional workflow change
is that `make test` is now fail-fast and excludes `@exclude-ci` tests by
default; auth-gated Copilot tests remain outside the default CI path.

## How Do The Automated Tests Prove It Works?

`make ci` passed in this session after the branch changes:

- Lint passed through ESLint and cspell.
- TypeScript compile passed.
- Unit tests passed with `118 passing`.
- VS Code-hosted tests passed with `372 passing`.
- Coverage completed at `93.11%` statements/lines, `88.33%` branches,
and `94.87%` functions, then ratcheted `coverage-thresholds.json`.

Specific tests added or updated in the diff prove the main behaviors:
`automatic selection picks a concrete model without prompting`,
`activate() returns while initial discovery is still in flight`,
copy-path E2E tests, Docker execution E2E tests, make-executable E2E
tests, script drag E2E tests, sort-order E2E tests, summary tooltip E2E
tests, undefined-argument no-op E2E tests, markdown description unit
tests, task helper unit tests, and DB lock recovery unit tests.

Author: MelbourneDeveloper

.claude/skills/upgrade-packages/SKILL.md

@@ -0,0 +1,181 @@
+---
+name: website-audit
+description: Audits a website for SEO, AI search performance, structured data, mobile usability, broken links, and social media cards. Fixes issues found. Use when the user mentions "audit website", "SEO", "fix search ranking", "AI search", "structured data", "social media cards", or "website performance".
+---
+<!-- agent-pmo:424c8f8 -->
+
+# Website Audit
+
+Performs a comprehensive website audit and fixes issues affecting search visibility and AI discoverability.
+
+Copy this checklist and track your progress:
+
+```
+Audit Progress:
+- [ ] Step 1: Read guidelines
+- [ ] Step 2: Audit AI search readiness
+- [ ] Step 3: Audit SEO and keywords
+- [ ] Step 4: Audit crawling and indexing
+- [ ] Step 5: Audit broken links and canonicalization
+- [ ] Step 6: Audit mobile usability
+- [ ] Step 7: Audit structured data
+- [ ] Step 8: Audit social media cards
+- [ ] Step 9: Audit For Unsubstantiated Claims
+- [ ] Step 10: Audit Design Compliance
+- [ ] Step 11: Test with Playwright
+- [ ] Step 12: Report findings
+```
+
+- Check the outputted HTML/CSS/JavaScript AFTER the website is generated by the static content generator.
+- Don't just check the static content before the website is generated.
+- Fix issues at the core where the static content templates are stored - not in the outputted HTML (e.g. _site)
+- Never manually edit the generated website content directly
+- ENSURE THE FOOTER HAS A copyright link to nimblesite.co
+
+## Step 1 — Read guidelines
+
+Fetch and read each of these before auditing. These are the authoritative references for every step that follows.
+
+- [Google's guidance on using generative AI content](https://developers.google.com/search/docs/fundamentals/using-gen-ai-content)
+- [Top ways to ensure content performs well in Google's AI experiences](https://developers.google.com/search/blog/2025/05/succeeding-in-ai-search)
+- [SEO Starter Guide](https://developers.google.com/search/docs/fundamentals/seo-starter-guide)
+
+If the repo has a business plan doc, take it into account
+
+Identify the website source files in the repo. Determine the framework (static site generator, Next.js, Hugo, etc.) so you know where to find templates, metadata, and content.
+
+## Step 2 — Audit AI search readiness
+
+Apply the guidance from the AI search article. Check:
+
+1. **Content quality** — Is content original, expert-level, and comprehensive? Flag thin or duplicated pages.
+2. **Clear structure** — Do pages use descriptive headings, lists, and concise answers to likely questions?
+3. **Entity clarity** — Are key terms, products, and concepts defined clearly so AI can extract them?
+4. **Freshness signals** — Are dates, update timestamps, and authorship present?
+
+Fix issues directly in the source files. For each fix, note what changed and why.
+
+## Step 3 — Audit SEO and keywords
+
+1. Search [Google Trends](https://trends.google.com/home) for trending keywords related to the website's content.
+2. Review each page's `<title>`, `<meta name="description">`, and `<h1>` tags.
+3. Check for keyword opportunities — can trending terms be naturally inserted into headings, descriptions, or body content?
+4. Verify each page has a unique, descriptive title (50-60 chars) and meta description (150-160 chars).
+5. Check image `alt` attributes describe the image content and include relevant keywords where natural.
+
+Apply the [SEO Starter Guide](https://developers.google.com/search/docs/fundamentals/seo-starter-guide) principles. Fix issues directly.
+
+## Step 4 — Audit crawling and indexing
+
+Reference: [Overview of crawling and indexing topics](https://developers.google.com/search/docs/crawling-indexing)
+
+1. **robots.txt** — Locate and review it. Verify it doesn't block important pages. Reference: [robots.txt spec](https://developers.google.com/search/docs/crawling-indexing/robots-txt)
+2. **Sitemap** — Locate the sitemap (or sitemap index). Verify all important pages are listed and no dead URLs are included. Reference: [Sitemap guidelines](https://developers.google.com/search/docs/crawling-indexing/sitemaps/large-sitemaps)
+3. **Meta robots tags** — Check for unintended `noindex` or `nofollow` directives on pages that should be indexed.
+
+Note: robots.txt and sitemaps are often auto-generated. If so, check the generator config rather than the output file.
+
+## Step 5 — Audit broken links and canonicalization
+
+Reference: [What is canonicalization](https://developers.google.com/search/docs/crawling-indexing/canonicalization)
+
+1. Check all internal links resolve to valid pages (no 404s).
+2. Verify `<link rel="canonical">` tags are present and point to the correct URL.
+3. Check for duplicate content accessible via multiple URLs (with/without trailing slash, www vs non-www).
+4. Verify redirects use 301 (permanent) not 302 (temporary) where appropriate.
+
+## Step 6 — Audit mobile usability
+
+Reference: [Mobile-first indexing best practices](https://developers.google.com/search/docs/crawling-indexing/mobile/mobile-sites-mobile-first-indexing)
+
+1. Verify the `<meta name="viewport">` tag is present and correctly configured.
+2. Check that content is identical between mobile and desktop (mobile-first indexing requires this).
+3. Verify touch targets are adequately sized (min 48x48px).
+4. Check font sizes are readable without zooming (min 16px body text).
+
+## Step 7 — Audit structured data
+
+Reference: [Structured data guidelines](https://developers.google.com/search/docs/appearance/structured-data/sd-policies)
+
+1. Check for existing JSON-LD `<script type="application/ld+json">` blocks.
+2. Verify the structured data matches the page content (no misleading markup).
+3. Add missing structured data where appropriate:
+   - **Organization/Person** on the homepage
+   - **Article/BlogPosting** on blog posts (with author, datePublished, dateModified)
+   - **BreadcrumbList** for navigation
+   - **FAQ** for pages with question/answer content
+4. Validate JSON-LD syntax is correct.
+
+## Step 8 — Audit social media cards
+
+Reference: [Implementing Social Media Preview Cards](https://documentation.platformos.com/use-cases/implementing-social-media-preview-cards)
+
+Check every page template includes:
+
+**Open Graph (Facebook/LinkedIn):**
+- `og:title`, `og:description`, `og:image`, `og:url`, `og:type`
+
+**Twitter Card:**
+- `twitter:card`, `twitter:title`, `twitter:description`, `twitter:image`
+
+Verify `og:image` dimensions are at least 1200x630px. Fix missing or incomplete tags.
+
+## Step 9 - Audit For Unsubstantiated Claims
+
+Ensure that all claims are backed up with a link to a reputable source. As an example, this claim isn't valid as content unless it links to an authority that found this through research
+
+> Research shows teams with strong DevEx perform 4-5x better across speed, quality, and engagement
+
+Search for the authoritative URL and add a link to the URL. If it is not available, change the claim to something that can be substatiated.
+
+## Step 10 — Audit Design Compliance
+
+Read the design system docs and view the design screens in the designsystem folder.
+
+## Step 11 — Test with Playwright
+
+Build and run the website locally using `make website-run` (or the project's equivalent dev server command).
+
+**Desktop tests (1280x720):**
+
+1. Navigate to the homepage — take a screenshot.
+2. Navigate to each major section — verify pages load without errors.
+3. Check the browser console for JavaScript errors.
+4. Verify all navigation links work.
+
+**Mobile tests (375x667, iPhone SE):**
+
+1. Resize the browser to mobile dimensions.
+2. Navigate to the homepage — take a screenshot.
+3. Verify the layout is responsive (no horizontal overflow, readable text).
+4. Test navigation menu (hamburger menu if applicable).
+
+If any page fails to load or has console errors, fix the issue and retest.
+
+## Step 12 — Report findings
+
+Summarize the audit results:
+
+```
+## Website Audit Report
+
+### Fixed
+- [List each issue fixed with file and line reference]
+
+### Warnings (manual review needed)
+- [Issues that need human judgment]
+
+### Passed
+- [Areas that passed audit with no issues]
+
+### Screenshots
+- [Reference Playwright screenshots taken]
+```
+
+## Rules
+
+- **Fix issues directly** — don't just report them. Only flag issues as warnings when they require human judgment (e.g., content tone, keyword selection).
+- **One step at a time** — complete each step before moving to the next.
+- **Preserve existing content** — improve structure and metadata without rewriting the author's voice.
+- **No keyword stuffing** — keywords must read naturally in context.
+- **Respect the framework** — edit templates/configs, not generated output files.

.claude/skills/website-audit/SKILL.md

@@ -0,0 +1 @@
+../../.claude/skills/ci-prep

.codex/skills/ci-prep

@@ -0,0 +1 @@
+../../.claude/skills/code-dedup

.codex/skills/code-dedup

@@ -0,0 +1 @@
+../../.claude/skills/fix-bug

.codex/skills/fix-bug

@@ -0,0 +1 @@
+../../.claude/skills/spec-check

.codex/skills/spec-check

@@ -0,0 +1 @@
+../../.claude/skills/submit-pr

.codex/skills/submit-pr

@@ -0,0 +1 @@
+../../.claude/skills/upgrade-packages

.codex/skills/upgrade-packages

@@ -0,0 +1 @@
+../../.claude/skills/website-audit

.codex/skills/website-audit

@@ -1,8 +1,10 @@
-# TLDR;
+<!-- agent-pmo:f481f8d -->
+## TLDR
+<!-- One sentence: what does this PR do? -->
 
+## Details
+<!-- New functionality, new files, new dependencies. What changed? -->
 
-# Details
-
-
-# How do the tests prove the change works
-
+## How Do The Automated Tests Prove It Works?
+<!-- Name specific tests or describe what the test output demonstrates. -->
+<!-- "Tests pass" is not acceptable. Be specific. -->