feat(skills): add Enterprise Update Assistant (fixes #20505)

[Solventerritory]

Adds two new built-in skills to help enterprise teams customize and maintain Gemini CLI forks sustainably.

Layer 1: enterprise-fork-advisor

Guides organizations toward configuration-based customization to avoid unnecessary forks. Activated when users ask whether to fork, how to configure Gemini CLI for enterprise use, or how to migrate from a fork.

• SKILL.md: Decision framework mapping customization needs to the right mechanism (settings.json → extension → MCP → fork as last resort).
• references/customization-matrix.md: Full matrix covering auth, tool restrictions, custom tools, context/system prompt, UI, network, multi-team isolation, and policy enforcement.
• references/configuration-examples.md: Copy-paste JSON and TOML snippets for the most common enterprise configurations, including a complete gemini-extension.json manifest example.
• scripts/assess_fork_need.cjs: Analyzes git diff upstream/main..HEAD and categorizes each changed file into AVOIDABLE_VIA_CONFIG, AVOIDABLE_VIA_EXTENSION, AVOIDABLE_VIA_MCP, or REQUIRES_FORK, with per-file rationale and a summary recommendation.

Layer 2: upstream-sync

Helps enterprise teams that do maintain a fork stay current with upstream releases safely. Activated when users ask about syncing their fork, merging upstream changes, or resolving upstream conflicts.

• SKILL.md: Pre-flight checklist, step-by-step sync workflow, and a recurring cadence guide.
• references/conflict-categories.md: Risk tier definitions (LOW / MEDIUM / HIGH) with file-pattern heuristics and resolution approach for each tier, including special cases (security patches, breaking API changes, upstream reverts).
• references/merge-strategies.md: Concrete merge vs cherry-pick guidance, per-file-type resolution recipes (package-lock.json, settings.schema.json, client.ts, loopDetectionService.ts), and a fork health log template.
• scripts/analyze_upstream.cjs: Fetches upstream, counts commits behind, and produces a risk-categorized file report (pipeable to generate_merge_plan.cjs).
• scripts/generate_merge_plan.cjs: Reads the analysis report and outputs a numbered, risk-ordered merge plan with commands and notes for each step, gated by test runs between risk tiers.

No TypeScript changes — built-in skills are auto-discovered from the builtin/ directory by skillManager.ts.

Summary

Details

Related Issues

How to Validate

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces two new built-in skills, enterprise-fork-advisor and upstream-sync, designed to support enterprise teams in managing their Gemini CLI instances. The enterprise-fork-advisor aims to reduce the need for custom forks by guiding users towards configuration-based customization options. For teams that do maintain forks, the upstream-sync skill provides structured processes and tools to safely and efficiently integrate upstream changes, minimizing conflicts and ensuring stability.

Highlights

• New Enterprise Fork Advisor Skill: Introduced a new built-in skill to guide enterprises on customizing Gemini CLI without unnecessary forking, providing a decision framework and customization map.
• Automated Fork Assessment Script: Added a script (assess_fork_need.cjs) that analyzes existing forks and categorizes changed files based on whether they can be avoided via configuration, extensions, MCP, or genuinely require a fork.
• New Upstream Sync Skill: Implemented a new built-in skill to assist enterprise teams in safely synchronizing their Gemini CLI forks with upstream releases, including pre-flight checks and a structured workflow.
• Risk-Categorized Upstream Analysis: Provided a script (analyze_upstream.cjs) that fetches and analyzes upstream changes, categorizing files by risk (LOW, MEDIUM, HIGH) to inform the merge process.
• Step-by-Step Merge Plan Generation: Included a script (generate_merge_plan.cjs) that generates a detailed, risk-ordered merge plan with specific commands and notes, incorporating testing gates between risk tiers.
• Comprehensive Conflict Resolution Guidance: Added reference documentation for conflict categories and merge strategies, offering concrete techniques for resolving common conflict types during upstream synchronization.

Changelog

• packages/core/src/skills/builtin/enterprise-fork-advisor/SKILL.md
  • Added documentation for the enterprise-fork-advisor skill, outlining its purpose, decision framework, customization map, and migration path.
• packages/core/src/skills/builtin/enterprise-fork-advisor/references/configuration-examples.md
  • Added examples for common enterprise configurations using settings.json, extensions, system policies, and environment variables.
• packages/core/src/skills/builtin/enterprise-fork-advisor/references/customization-matrix.md
  • Added a detailed matrix mapping enterprise customization needs to Gemini CLI mechanisms, including when a fork is truly required.
• packages/core/src/skills/builtin/enterprise-fork-advisor/scripts/assess_fork_need.cjs
  • Added a Node.js script to analyze git diff and categorize changed files in a fork based on whether they are avoidable via configuration, extensions, MCP, or genuinely require a fork.
• packages/core/src/skills/builtin/upstream-sync/SKILL.md
  • Added documentation for the upstream-sync skill, detailing its pre-flight checklist, analysis, merge plan generation, execution steps, and recurring cadence.
• packages/core/src/skills/builtin/upstream-sync/references/conflict-categories.md
  • Added definitions for LOW, MEDIUM, and HIGH risk conflict categories with file patterns and resolution approaches for merging upstream changes.
• packages/core/src/skills/builtin/upstream-sync/references/merge-strategies.md
  • Added concrete merge strategies, step-by-step full upstream merge guidance, and resolution techniques for common conflict types like package-lock.json and settings.schema.json.
• packages/core/src/skills/builtin/upstream-sync/scripts/analyze_upstream.cjs
  • Added a Node.js script to fetch and analyze the difference between a fork and upstream, producing a risk-categorized report of changed files.
• packages/core/src/skills/builtin/upstream-sync/scripts/generate_merge_plan.cjs
  • Added a Node.js script to read the analysis report and generate a numbered, risk-ordered merge plan with commands and notes.

Activity

• The pull request was created by Solventerritory, introducing new features to assist enterprise users.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces two new skills, enterprise-fork-advisor and upstream-sync, designed to assist enterprise teams in managing forks of Gemini CLI. The changes include markdown documentation and Node.js scripts for these skills. My review found a critical issue in a TOML configuration example that would cause parsing errors, and a high-severity bug in a script that fails to handle file paths with spaces. I've provided suggestions to fix both issues.