What I hit
I'm using the windyroad marketplace plugins to ship a job-application deck (Astro site, deployed to Cloudflare Pages, downloadable as PDF). A factual error — claiming "Twenty-five years inside financial services" when the calendar span is actually 18 — shipped to production across ~8 commits without the risk-scorer gate firing once.
The error matters: a fact-checking recruiter who compares the deck claim to my LinkedIn finds an 8-year overstatement and reads the candidate as inflating credentials. That's a high-impact reputational risk on every active application.
What I'd expected
packages/risk-scorer/hooks/git-push-gate.sh and the external-comms scorer (packages/risk-scorer/agents/external-comms) to fire on the deck content edits, in the same way they fire on:
gh issue / PR / advisory drafts- npm publish content
.changeset/*.md bodies
Per the agent description: "Reviews drafts of external-facing prose..."
What actually happens
The hook does NOT consider decks/*/src/pages/*.astro, src/layouts/*.astro, or similar deck-content files as external-facing prose. They are, in the strictest sense, external-facing:
- The deck is published live on a public URL the candidate hands to recruiters and hiring managers
- It's downloadable as a PDF that lives on the candidate's name forever (LinkedIn, Drive, email archives)
- A QR code on the PDF leads to the live HTML
Factual claims in the deck are AT LEAST as load-bearing as factual claims in a GitHub PR description, arguably more so — a PR is read by maybe 10 internal people, the deck is read by hiring managers across multiple companies.
Suggested fix
Three options, in increasing order of effort:
Option A — extend the file-pattern scope
The simplest fix: extend the external-comms hook's matcher to cover content-edit patterns common in static sites:
**/pages/**/*.astro, **/pages/**/*.html, **/pages/**/*.jsx, **/pages/**/*.tsx**/content/**/*.md, **/content/**/*.mdx**/src/**/index.{astro,jsx,tsx} etc.
This catches Astro, Next, Remix, Eleventy, Hugo — anything where "the file with the visible prose" sits at a predictable path.
False-positive risk: low. Most edits to those files DO carry external-facing claims.
Option B — opt-in scope file
A .wr-risk-scorer-policy.yml (or similar) in the repo lists which paths the maintainer wants treated as external-comms scope. Defaults to today's behaviour; opt-in for static-site repos.
False-positive risk: zero. But requires maintainer awareness.
Option C — content-classifier
A pre-check that reads the modified file and decides whether it contains "external-facing prose" (visible body copy, headings, alt text) versus only code / config. Modeled on the type-classifier in /wr-itil:capture-problem Step 1.5.
False-positive risk: depends on the classifier. Most precise; most work.
Why this matters
The hook is doing the right job for the cases it covers. The implementation gap is that "external-facing prose" was scoped to PR / issue / npm / changeset surfaces — the surfaces the windyroad website repo uses — and missed the static-site surface that any candidate / OSS maintainer / personal-site builder uses to put their name in front of strangers.
I'm tracking this on my side as a local control (docs/CLAIMS.md source-of-truth ledger), but the proper fix is in the hook scope.
Related repo I'm working in
tompahoward/resume — Astro deck deployed to Cloudflare Pages, with the cover/closing/role-pitch content in decks/{cto-firesoft,open}/src/pages/index.astro. I'd be happy to share the exact file patterns that the gate misses if useful.
What I hit
I'm using the windyroad marketplace plugins to ship a job-application deck (Astro site, deployed to Cloudflare Pages, downloadable as PDF). A factual error — claiming "Twenty-five years inside financial services" when the calendar span is actually 18 — shipped to production across ~8 commits without the risk-scorer gate firing once.
The error matters: a fact-checking recruiter who compares the deck claim to my LinkedIn finds an 8-year overstatement and reads the candidate as inflating credentials. That's a high-impact reputational risk on every active application.
What I'd expected
packages/risk-scorer/hooks/git-push-gate.shand the external-comms scorer (packages/risk-scorer/agents/external-comms) to fire on the deck content edits, in the same way they fire on:gh issue / PR / advisorydrafts.changeset/*.mdbodiesPer the agent description: "Reviews drafts of external-facing prose..."
What actually happens
The hook does NOT consider
decks/*/src/pages/*.astro,src/layouts/*.astro, or similar deck-content files as external-facing prose. They are, in the strictest sense, external-facing:Factual claims in the deck are AT LEAST as load-bearing as factual claims in a GitHub PR description, arguably more so — a PR is read by maybe 10 internal people, the deck is read by hiring managers across multiple companies.
Suggested fix
Three options, in increasing order of effort:
Option A — extend the file-pattern scope
The simplest fix: extend the external-comms hook's matcher to cover content-edit patterns common in static sites:
**/pages/**/*.astro,**/pages/**/*.html,**/pages/**/*.jsx,**/pages/**/*.tsx**/content/**/*.md,**/content/**/*.mdx**/src/**/index.{astro,jsx,tsx}etc.This catches Astro, Next, Remix, Eleventy, Hugo — anything where "the file with the visible prose" sits at a predictable path.
False-positive risk: low. Most edits to those files DO carry external-facing claims.
Option B — opt-in scope file
A
.wr-risk-scorer-policy.yml(or similar) in the repo lists which paths the maintainer wants treated as external-comms scope. Defaults to today's behaviour; opt-in for static-site repos.False-positive risk: zero. But requires maintainer awareness.
Option C — content-classifier
A pre-check that reads the modified file and decides whether it contains "external-facing prose" (visible body copy, headings, alt text) versus only code / config. Modeled on the type-classifier in
/wr-itil:capture-problemStep 1.5.False-positive risk: depends on the classifier. Most precise; most work.
Why this matters
The hook is doing the right job for the cases it covers. The implementation gap is that "external-facing prose" was scoped to PR / issue / npm / changeset surfaces — the surfaces the windyroad website repo uses — and missed the static-site surface that any candidate / OSS maintainer / personal-site builder uses to put their name in front of strangers.
I'm tracking this on my side as a local control (
docs/CLAIMS.mdsource-of-truth ledger), but the proper fix is in the hook scope.Related repo I'm working in
tompahoward/resume— Astro deck deployed to Cloudflare Pages, with the cover/closing/role-pitch content indecks/{cto-firesoft,open}/src/pages/index.astro. I'd be happy to share the exact file patterns that the gate misses if useful.