TACE

**Expanded to include concrete endpoint payloads and response schemas.** - Documents required request bodies, query parameters, and responses for all endpoints. - Adds explicit contract for authentication payloads (nonce, verify, register). - Moves "environment" configuration to TACE_ENV and updates default base URL. - Clarifies catalog, ordering, subscription, and feedback request/response structures for integrators. - Maintains strict security and routing guidance for agent workflows.

**Expanded environment/configuration and detailed API guidance added in this release.** - Declared "curl" as a required binary and added optional environment variables (TACE_BASE_URL, TACE_SKILL_VERSION) to metadata. - Replaced general workflow descriptions with explicit API endpoint tables and full authentication storyline. - Documented all key operations: Auth, Catalog, Orders, Payments, Subscriptions, Waitlist, Feedback, and Realtime WebSockets. - Included agent operating loop and precise retry/error-handling procedures. - Clarified catalog rendering rules and product list requirements. - Provided relevant error codes and explicit description of registration, login, and session handling sequence.

- Simplified and clarified the skill contract for easier human readability. - Limited guidance to high-level workflow categories and core safety rules; removed endpoint specifications and detailed workflow steps. - Made all environment variables optional and removed them from metadata. - Consolidated and shortened safety, routing, and error-handling instructions. - Trimmed individual workflow sections to focus on intent and boundaries, not technical details or deprecated flows.

**Summary:** Security-focused contract refactor for TACE workflows. - Tightened global data-safety and request boundary rules; added explicit "Never" and "Always" sections. - Clarified routing and contract refresh procedures. - Updated workflow guidance and error handling for auth, discovery, orders, subscriptions, and webhook validation. - Explicitly deprecated merchant onboarding in contract scope (webhook callback only). - Improved product output requirements and idempotency expectations. - Removed shell command execution and dependency on external binaries.

Version 1.0.2 - Added explicit security posture section, clarifying that this skill is for workflow orchestration only and must never collect, store, or log sensitive authentication data. - Required that all signing for authentication must be performed locally (outside the skill); examples and docs must use masked placeholders for secrets. - Tightened safety rules across authentication flows: secrets, wallet keys, and JWT tokens must never be logged. - Updated auth session workflow and safety guidance to reinforce local signing and proper handling of wallet credentials. - No functional API or routing changes; all updates focus on stricter security and safe secret handling documentation.

**Big change: All sub-skill specifications now merged into a single unified skill file.** - Consolidated all previous sub-skill files (auth-session, catalog-discovery, orders-payments, subscriptions-waitlist, merchant-onboarding) into one unified `skill.md` contract. - Updated instruction and workflow details to cover all agent flows in a single document. - Revised skill endpoints, global rules, error handling, and data presentation contracts for clarity and consistency. - Deprecated merchant onboarding section—now handled externally, no longer in TACE. - Removed all individual sub-skill files; only the unified contract remains.

- Initial release of the TACE (Tender Agentic Commerce Engine) top-level skills controller. - Provides task-based routing to sub-skills for auth, catalog, orders, subscriptions, and merchants. - Documents skill endpoints for runtime and static skill contracts. - Specifies global agent rules for versioning, authentication, and error handling. - Outlines expected sub-skill files with their endpoint focuses and responsibilities. - Defines maintenance guidelines to ensure up-to-date skill routing and documentation.