Skip to content

docs: fix skill naming and refresh getting-started#13

Open
recoupableorg wants to merge 2 commits into
mainfrom
docs/refresh-getting-started-and-readme
Open

docs: fix skill naming and refresh getting-started#13
recoupableorg wants to merge 2 commits into
mainfrom
docs/refresh-getting-started-and-readme

Conversation

@recoupableorg

@recoupableorg recoupableorg commented Apr 18, 2026

Copy link
Copy Markdown

Summary

Two doc fixes to the skills repo, grouped together since they're both user-facing onboarding content.

README

  • Fix broken skill links: chartmetricchart-metric, songwritingsong-writing (folders use kebab-case; links pointed to folders that don't exist)
  • Remove the brand-guidelines row — that skill doesn't live in this repo

skills/getting-started/SKILL.md

Reframes the skill around the actual user experience: no CLI install needed — everything is HTTP (REST or MCP). Notable changes:

  • Drops the npm install -g @recoupable/cli step
  • Adds a quick-reference header with base URL, MCP URL, and auth headers
  • Adds Path C for dashboard-based key creation at chat.recoupable.com/keys
  • Replaces recoup whoami verification with an explicit curl /api/accounts/id example and 200/401 behavior
  • Adds Python and JavaScript REST client examples alongside bash
  • Adds an Auth gotchas section covering x-api-key vs Bearer, HMAC hashing, and rotation
  • Updates the "What's next" table so every link matches an actual folder (music-industry-research instead of industry-research, adds artist-workspace)

Known tech debt (follow-up, not in this PR)

Some of the reference material in getting-started (auth headers, gotchas, language examples) duplicates what should live in docs/ (developers.recoupable.com). Consider moving that content to the docs submodule in a follow-up and having the skill link out instead.

Test plan

  • README renders correctly on GitHub — all skill links resolve to folders that exist
  • SKILL.md frontmatter still parses (agents load it on description match)
  • Path A curl command still returns a valid api_key against the live API
  • Path B verification flow still works end-to-end
  • curl /api/accounts/id with a valid key returns 200 + accountId

Made with Cursor

Summary by CodeRabbit

  • Documentation
    • Updated README skill link naming and organization
    • Revised getting started guide from CLI-first to HTTP-first setup approach (no CLI installation required)
    • Added REST and MCP connection details with authentication guidance
    • Expanded setup examples with Python and JavaScript REST client samples
    • Added authentication troubleshooting section

README:
- Fix broken skill links: chartmetric → chart-metric, songwriting → song-writing
- Remove brand-guidelines row (skill does not exist in this repo)

getting-started:
- Drop the CLI install step — everything is HTTP (REST + MCP)
- Add quick-reference header with base URL, MCP URL, and auth headers
- Add Path C for dashboard-based key creation at chat.recoupable.com/keys
- Replace `recoup whoami` verification with a curl /api/accounts/id example
- Add Python and JavaScript REST client examples alongside bash
- Add "Auth gotchas" section covering x-api-key vs Bearer, hashing, rotation
- Update "What's next" table to match actual folder names

Made-with: Cursor
@coderabbitai

coderabbitai Bot commented Apr 18, 2026

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

The README skill links table was updated to remove brand-guidelines and rename chartmetric to chart-metric and songwriting to song-writing with corresponding path adjustments. The skills/getting-started documentation was restructured from a three-step CLI-based setup to a two-step HTTP-first process, introducing explicit REST and MCP connection details and updating verification methods from CLI commands to REST API calls.

Changes

Cohort / File(s) Summary
README skill links
README.md
Removed brand-guidelines skill; renamed chartmetric to chart-metric and songwriting to song-writing in the skills table with corresponding path updates.
Getting started guide restructuring
skills/getting-started/SKILL.md
Converted setup from three-step CLI workflow to two-step HTTP-first process; replaced CLI verification (whoami) with REST API call to GET /api/accounts/id; added explicit auth headers, MCP connection details, and sample REST clients (Python, JavaScript); introduced auth gotchas section and updated next-steps table to reference music-industry-research and artist-workspace.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

Suggested reviewers

  • sweetmantech

Poem

🐰 Skill links hop and dance with grace,
From CLI chains to REST's embrace,
brand-guidelines took its bow,
While chart-metric shines out now,
Auth and endpoints clear the way—
HTTP's our startup day! 🚀

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the two main changes: fixing skill naming in README (chartmetric → chart-metric, songwriting → song-writing) and refreshing the getting-started documentation with HTTP-first approach.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/refresh-getting-started-and-readme

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Two corrections to Path A based on a live audit against prod and a
read of the canonical authentication.mdx + agents.mdx in the docs
worktree (feat/docs-design-overhaul-combined):

- Soften "always returns a key" → "skips email verification and
  returns a key on the first call". The signup handler routes
  pre-existing agent+ emails through the existing-account path, so
  the unconditional "always" was technically incorrect even though
  the date+RANDOM trick makes collision impossible in practice.
- Add a warning that agent+ emails create a brand-new sandboxed
  account that is NOT linked to the human's real email. This is the
  same warning that already lives in docs/agents.mdx — agents using
  agent+sid@recoupable.com would otherwise think they are working
  as Sid when they are actually in an isolated sandbox.

Verified live against https://recoup-api.vercel.app:
- /api/agents/signup with agent+ email returns api_key immediately
- /api/accounts/id returns {status, accountId} (200)
- Sending both x-api-key + Authorization returns 401 with the exact
  message documented in the skill
- /api/research?q=Drake&type=artists&beta=true returns ranked
  Chartmetric matches
- /api/research/profile?artist=Drake returns full profile
- /api/tasks returns 200
- /mcp endpoint accepts Bearer auth and responds to JSON-RPC
  initialize as recoup-mcp v0.0.1 with tools capability

Verified static against api/lib:
- HMAC-SHA256 hashing in lib/keys/hashApiKey.ts
- Org-account access semantics in lib/organizations/canAccessAccount.ts
  match the skill's "any account in your org" wording

Made-with: Cursor

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@skills/getting-started/SKILL.md`:
- Around line 155-162: Update the "What's next." table entry that currently
reads "songwriting" to use the canonical skill name "song-writing" so it matches
the repo/docs naming; locate the table rows (entries like
music-industry-research, content-creation, release-management, setup-sandbox,
streaming-growth, songwriting, artist-workspace) in SKILL.md and replace the
"songwriting" identifier with "song-writing" to ensure folder/skill name mapping
is consistent.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b7457932-7559-430d-b363-040c9fd83be7

📥 Commits

Reviewing files that changed from the base of the PR and between 4af90bc and 2ed072e.

📒 Files selected for processing (2)
  • README.md
  • skills/getting-started/SKILL.md

Comment on lines +155 to +162
| ----- | ------------ |
| music-industry-research | Deep artist analytics, people search, charts, competitive analysis, web intelligence |
| content-creation | Generate videos, images, captions from artist catalogs |
| industry-research | Deep artist analytics, people search, competitive analysis |
| release-management | Plan and execute release campaigns |
| setup-sandbox | Scaffold workspace for an account's orgs and artists |
| setup-sandbox | Scaffold the workspace for an account's orgs and artists |
| streaming-growth | Grow artists past streaming milestones |
| songwriting | Structured songwriting using the 7 C's method |
| artist-workspace | Manage artist directories — context, songs, brand, audience |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Use the canonical skill name consistently in “What’s next.”

Line 161 still says songwriting, while the repo/docs now use song-writing. Please align this entry to avoid confusion when users map names to folders/skills.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@skills/getting-started/SKILL.md` around lines 155 - 162, Update the "What's
next." table entry that currently reads "songwriting" to use the canonical skill
name "song-writing" so it matches the repo/docs naming; locate the table rows
(entries like music-industry-research, content-creation, release-management,
setup-sandbox, streaming-growth, songwriting, artist-workspace) in SKILL.md and
replace the "songwriting" identifier with "song-writing" to ensure folder/skill
name mapping is consistent.

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 1 file (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="skills/getting-started/SKILL.md">

<violation number="1" location="skills/getting-started/SKILL.md:30">
P3: This documentation claims `$(date +%s)` + `$RANDOM` “guarantees uniqueness,” but that combination only reduces collision risk and does not guarantee it.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.

```

The `agent+{unique}@recoupable.com` pattern always returns a key with no verification step. Combining `$(date +%s)` with `$RANDOM` guarantees unique addresses.
A new `agent+{unique}@recoupable.com` address skips email verification and returns a key on the first call. Combining `$(date +%s)` with `$RANDOM` guarantees uniqueness so you never collide with an existing account.

@cubic-dev-ai cubic-dev-ai Bot Apr 18, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P3: This documentation claims $(date +%s) + $RANDOM “guarantees uniqueness,” but that combination only reduces collision risk and does not guarantee it.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At skills/getting-started/SKILL.md, line 30:

<comment>This documentation claims `$(date +%s)` + `$RANDOM` “guarantees uniqueness,” but that combination only reduces collision risk and does not guarantee it.</comment>

<file context>
@@ -19,15 +19,17 @@ Two paths depending on who is doing this.

-The agent+{unique}@recoupable.com pattern always returns a key with no verification step. Combining $(date +%s) with $RANDOM guarantees a unique address.
+A new agent+{unique}@recoupable.com address skips email verification and returns a key on the first call. Combining $(date +%s) with $RANDOM guarantees uniqueness so you never collide with an existing account.
+
+> ⚠️ agent+ emails create a separate account. agent+sid@recoupable.com is not linked to sid@recoupable.com — it's a brand-new sandboxed account with no roster, no orgs, and no history. To work on behalf of an existing human, use Path B with their real email.
</file context>


</details>

```suggestion
A new `agent+{unique}@recoupable.com` address skips email verification and returns a key on the first call. Combining `$(date +%s)` with `$RANDOM` makes collisions unlikely in practice.
Fix with Cubic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants