@ahmed-g-gad/apothem 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (674) hide show
  1. package/CHANGELOG.md +60 -0
  2. package/LICENSE +21 -0
  3. package/LICENSES/MIT.txt +18 -0
  4. package/LICENSES/PSF-2.0.txt +47 -0
  5. package/README.md +549 -0
  6. package/bin/README.md +37 -0
  7. package/bin/apothem.mjs +78 -0
  8. package/package.json +75 -0
  9. package/pyproject.toml +347 -0
  10. package/src/apothem/README.md +52 -0
  11. package/src/apothem/__init__.py +66 -0
  12. package/src/apothem/__main__.py +28 -0
  13. package/src/apothem/_vendor/.keep +0 -0
  14. package/src/apothem/_vendor/__init__.py +25 -0
  15. package/src/apothem/_vendor/attr/__init__.py +104 -0
  16. package/src/apothem/_vendor/attr/__init__.pyi +389 -0
  17. package/src/apothem/_vendor/attr/_cmp.py +160 -0
  18. package/src/apothem/_vendor/attr/_cmp.pyi +13 -0
  19. package/src/apothem/_vendor/attr/_compat.py +99 -0
  20. package/src/apothem/_vendor/attr/_config.py +31 -0
  21. package/src/apothem/_vendor/attr/_funcs.py +497 -0
  22. package/src/apothem/_vendor/attr/_make.py +3406 -0
  23. package/src/apothem/_vendor/attr/_next_gen.py +674 -0
  24. package/src/apothem/_vendor/attr/_typing_compat.pyi +15 -0
  25. package/src/apothem/_vendor/attr/_version_info.py +89 -0
  26. package/src/apothem/_vendor/attr/_version_info.pyi +9 -0
  27. package/src/apothem/_vendor/attr/converters.py +162 -0
  28. package/src/apothem/_vendor/attr/converters.pyi +19 -0
  29. package/src/apothem/_vendor/attr/exceptions.py +95 -0
  30. package/src/apothem/_vendor/attr/exceptions.pyi +17 -0
  31. package/src/apothem/_vendor/attr/filters.py +72 -0
  32. package/src/apothem/_vendor/attr/filters.pyi +6 -0
  33. package/src/apothem/_vendor/attr/py.typed +0 -0
  34. package/src/apothem/_vendor/attr/setters.py +79 -0
  35. package/src/apothem/_vendor/attr/setters.pyi +20 -0
  36. package/src/apothem/_vendor/attr/validators.py +750 -0
  37. package/src/apothem/_vendor/attr/validators.pyi +140 -0
  38. package/src/apothem/_vendor/attr.LICENSE +21 -0
  39. package/src/apothem/_vendor/attrs/__init__.py +72 -0
  40. package/src/apothem/_vendor/attrs/__init__.pyi +314 -0
  41. package/src/apothem/_vendor/attrs/converters.py +3 -0
  42. package/src/apothem/_vendor/attrs/exceptions.py +3 -0
  43. package/src/apothem/_vendor/attrs/filters.py +3 -0
  44. package/src/apothem/_vendor/attrs/py.typed +0 -0
  45. package/src/apothem/_vendor/attrs/setters.py +3 -0
  46. package/src/apothem/_vendor/attrs/validators.py +3 -0
  47. package/src/apothem/_vendor/attrs.LICENSE +21 -0
  48. package/src/apothem/_vendor/jsonschema/__init__.py +120 -0
  49. package/src/apothem/_vendor/jsonschema/__main__.py +6 -0
  50. package/src/apothem/_vendor/jsonschema/_format.py +546 -0
  51. package/src/apothem/_vendor/jsonschema/_keywords.py +449 -0
  52. package/src/apothem/_vendor/jsonschema/_legacy_keywords.py +449 -0
  53. package/src/apothem/_vendor/jsonschema/_types.py +204 -0
  54. package/src/apothem/_vendor/jsonschema/_typing.py +29 -0
  55. package/src/apothem/_vendor/jsonschema/_utils.py +355 -0
  56. package/src/apothem/_vendor/jsonschema/benchmarks/__init__.py +5 -0
  57. package/src/apothem/_vendor/jsonschema/benchmarks/const_vs_enum.py +30 -0
  58. package/src/apothem/_vendor/jsonschema/benchmarks/contains.py +28 -0
  59. package/src/apothem/_vendor/jsonschema/benchmarks/import_benchmark.py +31 -0
  60. package/src/apothem/_vendor/jsonschema/benchmarks/issue232/issue.json +2653 -0
  61. package/src/apothem/_vendor/jsonschema/benchmarks/issue232.py +25 -0
  62. package/src/apothem/_vendor/jsonschema/benchmarks/json_schema_test_suite.py +12 -0
  63. package/src/apothem/_vendor/jsonschema/benchmarks/nested_schemas.py +56 -0
  64. package/src/apothem/_vendor/jsonschema/benchmarks/subcomponents.py +42 -0
  65. package/src/apothem/_vendor/jsonschema/benchmarks/unused_registry.py +35 -0
  66. package/src/apothem/_vendor/jsonschema/benchmarks/useless_applicator_schemas.py +106 -0
  67. package/src/apothem/_vendor/jsonschema/benchmarks/useless_keywords.py +32 -0
  68. package/src/apothem/_vendor/jsonschema/benchmarks/validator_creation.py +14 -0
  69. package/src/apothem/_vendor/jsonschema/cli.py +292 -0
  70. package/src/apothem/_vendor/jsonschema/exceptions.py +490 -0
  71. package/src/apothem/_vendor/jsonschema/protocols.py +230 -0
  72. package/src/apothem/_vendor/jsonschema/validators.py +1410 -0
  73. package/src/apothem/_vendor/jsonschema.LICENSE +19 -0
  74. package/src/apothem/_vendor/jsonschema_specifications/__init__.py +12 -0
  75. package/src/apothem/_vendor/jsonschema_specifications/_core.py +38 -0
  76. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/metaschema.json +42 -0
  77. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/vocabularies/applicator +56 -0
  78. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/vocabularies/content +17 -0
  79. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/vocabularies/core +57 -0
  80. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/vocabularies/format +14 -0
  81. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/vocabularies/meta-data +37 -0
  82. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft201909/vocabularies/validation +98 -0
  83. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/metaschema.json +58 -0
  84. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/applicator +48 -0
  85. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/content +17 -0
  86. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/core +51 -0
  87. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/format-annotation +14 -0
  88. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/format-assertion +14 -0
  89. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/meta-data +37 -0
  90. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/unevaluated +15 -0
  91. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft202012/vocabularies/validation +98 -0
  92. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft3/metaschema.json +172 -0
  93. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft4/metaschema.json +149 -0
  94. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft6/metaschema.json +153 -0
  95. package/src/apothem/_vendor/jsonschema_specifications/schemas/draft7/metaschema.json +166 -0
  96. package/src/apothem/_vendor/jsonschema_specifications.LICENSE +19 -0
  97. package/src/apothem/_vendor/referencing/__init__.py +7 -0
  98. package/src/apothem/_vendor/referencing/_attrs.py +31 -0
  99. package/src/apothem/_vendor/referencing/_attrs.pyi +21 -0
  100. package/src/apothem/_vendor/referencing/_core.py +739 -0
  101. package/src/apothem/_vendor/referencing/exceptions.py +165 -0
  102. package/src/apothem/_vendor/referencing/jsonschema.py +642 -0
  103. package/src/apothem/_vendor/referencing/py.typed +0 -0
  104. package/src/apothem/_vendor/referencing/retrieval.py +94 -0
  105. package/src/apothem/_vendor/referencing/typing.py +61 -0
  106. package/src/apothem/_vendor/referencing.LICENSE +19 -0
  107. package/src/apothem/_vendor/rpds/__init__.py +251 -0
  108. package/src/apothem/_vendor/typing_extensions.LICENSE +279 -0
  109. package/src/apothem/_vendor/typing_extensions.py +4317 -0
  110. package/src/apothem/_vendor/vendor.txt +22 -0
  111. package/src/apothem/_vendor/yaml/__init__.py +389 -0
  112. package/src/apothem/_vendor/yaml/composer.py +138 -0
  113. package/src/apothem/_vendor/yaml/constructor.py +748 -0
  114. package/src/apothem/_vendor/yaml/cyaml.py +100 -0
  115. package/src/apothem/_vendor/yaml/dumper.py +61 -0
  116. package/src/apothem/_vendor/yaml/emitter.py +1137 -0
  117. package/src/apothem/_vendor/yaml/error.py +74 -0
  118. package/src/apothem/_vendor/yaml/events.py +85 -0
  119. package/src/apothem/_vendor/yaml/loader.py +63 -0
  120. package/src/apothem/_vendor/yaml/nodes.py +48 -0
  121. package/src/apothem/_vendor/yaml/parser.py +588 -0
  122. package/src/apothem/_vendor/yaml/reader.py +185 -0
  123. package/src/apothem/_vendor/yaml/representer.py +388 -0
  124. package/src/apothem/_vendor/yaml/resolver.py +226 -0
  125. package/src/apothem/_vendor/yaml/scanner.py +1435 -0
  126. package/src/apothem/_vendor/yaml/serializer.py +110 -0
  127. package/src/apothem/_vendor/yaml/tokens.py +103 -0
  128. package/src/apothem/_vendor/yaml.LICENSE +20 -0
  129. package/src/apothem/agents/README.md +60 -0
  130. package/src/apothem/agents/codebase-explorer.md +91 -0
  131. package/src/apothem/agents/convention-auditor.md +93 -0
  132. package/src/apothem/agents/dependency-auditor.md +97 -0
  133. package/src/apothem/agents/fact-checker.md +84 -0
  134. package/src/apothem/agents/mcp-builder.md +86 -0
  135. package/src/apothem/agents/memory-auditor.md +93 -0
  136. package/src/apothem/agents/prompt-evaluator.md +87 -0
  137. package/src/apothem/agents/quality-gate.md +103 -0
  138. package/src/apothem/agents/refactor-surgeon.md +74 -0
  139. package/src/apothem/agents/research-scout.md +73 -0
  140. package/src/apothem/agents/security-scanner.md +83 -0
  141. package/src/apothem/agents/test-runner.md +84 -0
  142. package/src/apothem/audit/README.md +73 -0
  143. package/src/apothem/audit/_scan_lib.py +182 -0
  144. package/src/apothem/audit/analyze_graph.py +260 -0
  145. package/src/apothem/audit/build_capability_graph.py +607 -0
  146. package/src/apothem/audit/build_inventory.py +657 -0
  147. package/src/apothem/audit/build_plans_provenance.py +997 -0
  148. package/src/apothem/audit/check_links.py +389 -0
  149. package/src/apothem/audit/classify_artifacts.py +381 -0
  150. package/src/apothem/audit/deprecated-tokens.txt +10 -0
  151. package/src/apothem/audit/execute_plans_migration.py +491 -0
  152. package/src/apothem/audit/known-projects.txt +15 -0
  153. package/src/apothem/audit/render_capability_index.py +467 -0
  154. package/src/apothem/audit/render_inventory.py +405 -0
  155. package/src/apothem/audit/scan_ai_surfaces.py +1125 -0
  156. package/src/apothem/audit/scan_ai_surfaces_coarse.py +261 -0
  157. package/src/apothem/audit/scan_drift_features.py +143 -0
  158. package/src/apothem/audit/scan_frontmatter.py +293 -0
  159. package/src/apothem/audit/scan_header_coverage.py +1134 -0
  160. package/src/apothem/audit/scan_plan_leakage.py +540 -0
  161. package/src/apothem/audit/scan_plans_discipline.py +188 -0
  162. package/src/apothem/audit/scan_secrets_pii.py +245 -0
  163. package/src/apothem/audit/scan_stale_tokens.py +296 -0
  164. package/src/apothem/audit/synthesize_drift.py +205 -0
  165. package/src/apothem/benchmarks/README.md +33 -0
  166. package/src/apothem/benchmarks/__init__.py +3 -0
  167. package/src/apothem/benchmarks/bench_agents.py +63 -0
  168. package/src/apothem/benchmarks/bench_hooks.py +93 -0
  169. package/src/apothem/benchmarks/bench_install.py +58 -0
  170. package/src/apothem/benchmarks/bench_tests.py +93 -0
  171. package/src/apothem/benchmarks/bench_validate_ecosystem.py +84 -0
  172. package/src/apothem/cli/README.md +33 -0
  173. package/src/apothem/cli/__init__.py +229 -0
  174. package/src/apothem/cli/_cmd_completion.py +88 -0
  175. package/src/apothem/cli/_cmd_diff.py +181 -0
  176. package/src/apothem/cli/_cmd_doctor.py +143 -0
  177. package/src/apothem/cli/_cmd_harnesses.py +167 -0
  178. package/src/apothem/cli/_cmd_install.py +327 -0
  179. package/src/apothem/cli/_cmd_migrate_workspace.py +143 -0
  180. package/src/apothem/cli/_cmd_profile.py +341 -0
  181. package/src/apothem/cli/_cmd_status.py +180 -0
  182. package/src/apothem/cli/_cmd_uninstall.py +215 -0
  183. package/src/apothem/cli/_cmd_update.py +397 -0
  184. package/src/apothem/cli/_cmd_verify.py +194 -0
  185. package/src/apothem/cli/_common_flags.py +90 -0
  186. package/src/apothem/cli/_epilogs.py +296 -0
  187. package/src/apothem/cli/_helpers.py +857 -0
  188. package/src/apothem/cli/_json_formatter.py +21 -0
  189. package/src/apothem/cli/_materialize.py +376 -0
  190. package/src/apothem/cli/completions/apothem.bash +30 -0
  191. package/src/apothem/cli/completions/apothem.fish +19 -0
  192. package/src/apothem/cli/completions/apothem.ps1 +27 -0
  193. package/src/apothem/cli/completions/apothem.zsh +42 -0
  194. package/src/apothem/cli/reference_export.py +126 -0
  195. package/src/apothem/commands/README.md +125 -0
  196. package/src/apothem/commands/a11y-audit.md +203 -0
  197. package/src/apothem/commands/architecture-review.md +194 -0
  198. package/src/apothem/commands/audit.md +165 -0
  199. package/src/apothem/commands/code-audit.md +218 -0
  200. package/src/apothem/commands/code-review.md +193 -0
  201. package/src/apothem/commands/dependency-audit.md +209 -0
  202. package/src/apothem/commands/docs-review.md +199 -0
  203. package/src/apothem/commands/elevate.md +285 -0
  204. package/src/apothem/commands/eval.md +149 -0
  205. package/src/apothem/commands/fortress.md +172 -0
  206. package/src/apothem/commands/freshify.md +168 -0
  207. package/src/apothem/commands/github-deploy-fresh.md +178 -0
  208. package/src/apothem/commands/github-deploy-next.md +167 -0
  209. package/src/apothem/commands/perf-audit.md +198 -0
  210. package/src/apothem/commands/plan-amend.md +104 -0
  211. package/src/apothem/commands/plan-audit.md +127 -0
  212. package/src/apothem/commands/plan-design.md +257 -0
  213. package/src/apothem/commands/plan-execute.md +495 -0
  214. package/src/apothem/commands/plan-generate.md +351 -0
  215. package/src/apothem/commands/plan-review.md +555 -0
  216. package/src/apothem/commands/plan-spec.md +359 -0
  217. package/src/apothem/commands/plan-status.md +222 -0
  218. package/src/apothem/commands/plan.md +173 -0
  219. package/src/apothem/commands/projectify.md +142 -0
  220. package/src/apothem/commands/release-readiness.md +142 -0
  221. package/src/apothem/commands/research-analysis.md +241 -0
  222. package/src/apothem/commands/research-design.md +231 -0
  223. package/src/apothem/commands/research-disseminate.md +225 -0
  224. package/src/apothem/commands/research-experiment.md +232 -0
  225. package/src/apothem/commands/research-ideate.md +213 -0
  226. package/src/apothem/commands/research-paper.md +252 -0
  227. package/src/apothem/commands/research-proposal.md +220 -0
  228. package/src/apothem/commands/research-publish.md +255 -0
  229. package/src/apothem/commands/research-review.md +251 -0
  230. package/src/apothem/commands/research-sources.md +266 -0
  231. package/src/apothem/commands/research-spec.md +255 -0
  232. package/src/apothem/commands/research-synthesis.md +233 -0
  233. package/src/apothem/commands/research-theory.md +218 -0
  234. package/src/apothem/commands/research.md +181 -0
  235. package/src/apothem/commands/security-audit.md +196 -0
  236. package/src/apothem/commands/supply-chain-audit.md +192 -0
  237. package/src/apothem/commands/test-suite.md +146 -0
  238. package/src/apothem/commands/threat-model-audit.md +199 -0
  239. package/src/apothem/commands/ux-review.md +202 -0
  240. package/src/apothem/commands/workflow.md +162 -0
  241. package/src/apothem/conformity/README.md +173 -0
  242. package/src/apothem/conformity/__init__.py +1 -0
  243. package/src/apothem/conformity/_grep_base.py +93 -0
  244. package/src/apothem/conformity/agent_capability_grep.py +306 -0
  245. package/src/apothem/conformity/agents_md_coverage_grep.py +382 -0
  246. package/src/apothem/conformity/agnosticism_grep.py +311 -0
  247. package/src/apothem/conformity/always_on_budget_grep.py +318 -0
  248. package/src/apothem/conformity/bare_except_grep.py +115 -0
  249. package/src/apothem/conformity/binding_reciprocity_grep.py +151 -0
  250. package/src/apothem/conformity/brand_mark_grep.py +272 -0
  251. package/src/apothem/conformity/commented_out_code_grep.py +176 -0
  252. package/src/apothem/conformity/completion_claim_grep.py +169 -0
  253. package/src/apothem/conformity/conventional_commit_grep.py +319 -0
  254. package/src/apothem/conformity/copilot_instructions_presence_grep.py +324 -0
  255. package/src/apothem/conformity/cross_platform_matrix_grep.py +297 -0
  256. package/src/apothem/conformity/determinism_grep.py +306 -0
  257. package/src/apothem/conformity/diagram_staleness_grep.py +154 -0
  258. package/src/apothem/conformity/dynamism_grep.py +284 -0
  259. package/src/apothem/conformity/editorconfig_presence_grep.py +281 -0
  260. package/src/apothem/conformity/file_header_grep.py +502 -0
  261. package/src/apothem/conformity/freshness_token_grep.py +233 -0
  262. package/src/apothem/conformity/frontmatter_grep.py +274 -0
  263. package/src/apothem/conformity/frontmatter_value_grep.py +386 -0
  264. package/src/apothem/conformity/gate.py +1386 -0
  265. package/src/apothem/conformity/gitattributes_presence_grep.py +238 -0
  266. package/src/apothem/conformity/harden_runner_grep.py +320 -0
  267. package/src/apothem/conformity/hedging_grep.py +129 -0
  268. package/src/apothem/conformity/license_author_consistency_grep.py +204 -0
  269. package/src/apothem/conformity/link_check.py +327 -0
  270. package/src/apothem/conformity/magic_number_grep.py +182 -0
  271. package/src/apothem/conformity/multi_surface_coherence_grep.py +620 -0
  272. package/src/apothem/conformity/naming_grep.py +224 -0
  273. package/src/apothem/conformity/no_global_plans_grep.py +339 -0
  274. package/src/apothem/conformity/no_toplevel_docs_grep.py +120 -0
  275. package/src/apothem/conformity/oidc_trusted_publishing_grep.py +291 -0
  276. package/src/apothem/conformity/option_annotation_grep.py +352 -0
  277. package/src/apothem/conformity/orphan_output_grep.py +206 -0
  278. package/src/apothem/conformity/permissions_minimum_scope_grep.py +299 -0
  279. package/src/apothem/conformity/plain_language_grep.py +559 -0
  280. package/src/apothem/conformity/plan_next_step_consistency_grep.py +450 -0
  281. package/src/apothem/conformity/plan_suite_structure_grep.py +534 -0
  282. package/src/apothem/conformity/plans_discipline_language_grep.py +245 -0
  283. package/src/apothem/conformity/production_ready_pr_grep.py +200 -0
  284. package/src/apothem/conformity/recommend_next_step_grep.py +250 -0
  285. package/src/apothem/conformity/redundancy_grep.py +401 -0
  286. package/src/apothem/conformity/reference_token_grep.py +230 -0
  287. package/src/apothem/conformity/registry_capability_consistency_grep.py +368 -0
  288. package/src/apothem/conformity/secret_leak_grep.py +193 -0
  289. package/src/apothem/conformity/semver_stability_grep.py +358 -0
  290. package/src/apothem/conformity/smoke_install_grep.py +194 -0
  291. package/src/apothem/conformity/static_version_grep.py +284 -0
  292. package/src/apothem/conformity/token_efficiency_grep.py +185 -0
  293. package/src/apothem/conformity/unpinned_action_grep.py +115 -0
  294. package/src/apothem/conformity/user_confirm_grep.py +74 -0
  295. package/src/apothem/conformity/workflow_concurrency_grep.py +283 -0
  296. package/src/apothem/harnesses/README.md +63 -0
  297. package/src/apothem/harnesses/__init__.py +16 -0
  298. package/src/apothem/harnesses/_shared/README.md +36 -0
  299. package/src/apothem/harnesses/_shared/__init__.py +12 -0
  300. package/src/apothem/harnesses/_shared/install_driver.py +281 -0
  301. package/src/apothem/harnesses/_shared/install_driver_apply.py +612 -0
  302. package/src/apothem/harnesses/_shared/install_driver_backup.py +535 -0
  303. package/src/apothem/harnesses/_shared/install_driver_converters.py +310 -0
  304. package/src/apothem/harnesses/_shared/install_driver_lifecycle.py +495 -0
  305. package/src/apothem/harnesses/_shared/install_driver_materialize.py +675 -0
  306. package/src/apothem/harnesses/_shared/install_driver_merge.py +656 -0
  307. package/src/apothem/harnesses/_shared/install_driver_pathsafety.py +137 -0
  308. package/src/apothem/harnesses/_shared/install_driver_planvalidation.py +240 -0
  309. package/src/apothem/harnesses/_shared/install_driver_removal.py +366 -0
  310. package/src/apothem/harnesses/_shared/install_driver_treeops.py +248 -0
  311. package/src/apothem/harnesses/_shared/install_driver_types.py +330 -0
  312. package/src/apothem/harnesses/_shared/wrapper_factories.py +448 -0
  313. package/src/apothem/harnesses/antigravity/STANDARD-CONVENTION-PIN.md +91 -0
  314. package/src/apothem/harnesses/antigravity/__init__.py +70 -0
  315. package/src/apothem/harnesses/antigravity/capabilities.yml +40 -0
  316. package/src/apothem/harnesses/antigravity/install.py +63 -0
  317. package/src/apothem/harnesses/antigravity/templates/GEMINI.md +40 -0
  318. package/src/apothem/harnesses/antigravity/templates/plugin.json +5 -0
  319. package/src/apothem/harnesses/antigravity/uninstall.py +22 -0
  320. package/src/apothem/harnesses/antigravity/update.py +10 -0
  321. package/src/apothem/harnesses/antigravity/verify.py +11 -0
  322. package/src/apothem/harnesses/claude_code/STANDARD-CONVENTION-PIN.md +65 -0
  323. package/src/apothem/harnesses/claude_code/__init__.py +107 -0
  324. package/src/apothem/harnesses/claude_code/capabilities.yml +42 -0
  325. package/src/apothem/harnesses/claude_code/install.py +147 -0
  326. package/src/apothem/harnesses/claude_code/templates/settings.json +351 -0
  327. package/src/apothem/harnesses/claude_code/uninstall.py +23 -0
  328. package/src/apothem/harnesses/claude_code/update.py +10 -0
  329. package/src/apothem/harnesses/claude_code/verify.py +11 -0
  330. package/src/apothem/harnesses/codebuddy/STANDARD-CONVENTION-PIN.md +74 -0
  331. package/src/apothem/harnesses/codebuddy/__init__.py +49 -0
  332. package/src/apothem/harnesses/codebuddy/capabilities.yml +34 -0
  333. package/src/apothem/harnesses/codebuddy/install.py +40 -0
  334. package/src/apothem/harnesses/codebuddy/templates/apothem-rules.md +37 -0
  335. package/src/apothem/harnesses/codebuddy/uninstall.py +25 -0
  336. package/src/apothem/harnesses/codebuddy/update.py +10 -0
  337. package/src/apothem/harnesses/codebuddy/verify.py +11 -0
  338. package/src/apothem/harnesses/codex/STANDARD-CONVENTION-PIN.md +79 -0
  339. package/src/apothem/harnesses/codex/__init__.py +72 -0
  340. package/src/apothem/harnesses/codex/capabilities.yml +40 -0
  341. package/src/apothem/harnesses/codex/install.py +69 -0
  342. package/src/apothem/harnesses/codex/templates/AGENTS.md +40 -0
  343. package/src/apothem/harnesses/codex/templates/hooks.json +127 -0
  344. package/src/apothem/harnesses/codex/uninstall.py +23 -0
  345. package/src/apothem/harnesses/codex/update.py +10 -0
  346. package/src/apothem/harnesses/codex/verify.py +11 -0
  347. package/src/apothem/harnesses/cursor/STANDARD-CONVENTION-PIN.md +79 -0
  348. package/src/apothem/harnesses/cursor/__init__.py +48 -0
  349. package/src/apothem/harnesses/cursor/capabilities.yml +42 -0
  350. package/src/apothem/harnesses/cursor/install.py +38 -0
  351. package/src/apothem/harnesses/cursor/templates/apothem-rules.mdc +40 -0
  352. package/src/apothem/harnesses/cursor/uninstall.py +25 -0
  353. package/src/apothem/harnesses/cursor/update.py +10 -0
  354. package/src/apothem/harnesses/cursor/verify.py +11 -0
  355. package/src/apothem/harnesses/gemini_cli/STANDARD-CONVENTION-PIN.md +102 -0
  356. package/src/apothem/harnesses/gemini_cli/__init__.py +52 -0
  357. package/src/apothem/harnesses/gemini_cli/capabilities.yml +43 -0
  358. package/src/apothem/harnesses/gemini_cli/install.py +43 -0
  359. package/src/apothem/harnesses/gemini_cli/templates/GEMINI.md +38 -0
  360. package/src/apothem/harnesses/gemini_cli/uninstall.py +25 -0
  361. package/src/apothem/harnesses/gemini_cli/update.py +10 -0
  362. package/src/apothem/harnesses/gemini_cli/verify.py +11 -0
  363. package/src/apothem/harnesses/github_copilot/STANDARD-CONVENTION-PIN.md +84 -0
  364. package/src/apothem/harnesses/github_copilot/__init__.py +47 -0
  365. package/src/apothem/harnesses/github_copilot/capabilities.yml +42 -0
  366. package/src/apothem/harnesses/github_copilot/install.py +40 -0
  367. package/src/apothem/harnesses/github_copilot/templates/copilot-instructions.md +33 -0
  368. package/src/apothem/harnesses/github_copilot/uninstall.py +25 -0
  369. package/src/apothem/harnesses/github_copilot/update.py +10 -0
  370. package/src/apothem/harnesses/github_copilot/verify.py +11 -0
  371. package/src/apothem/harnesses/glm/STANDARD-CONVENTION-PIN.md +77 -0
  372. package/src/apothem/harnesses/glm/__init__.py +56 -0
  373. package/src/apothem/harnesses/glm/capabilities.yml +33 -0
  374. package/src/apothem/harnesses/glm/install.py +45 -0
  375. package/src/apothem/harnesses/glm/templates/glm.toml +58 -0
  376. package/src/apothem/harnesses/glm/uninstall.py +25 -0
  377. package/src/apothem/harnesses/glm/update.py +10 -0
  378. package/src/apothem/harnesses/glm/verify.py +11 -0
  379. package/src/apothem/harnesses/hermes/STANDARD-CONVENTION-PIN.md +57 -0
  380. package/src/apothem/harnesses/hermes/__init__.py +33 -0
  381. package/src/apothem/harnesses/hermes/capabilities.yml +36 -0
  382. package/src/apothem/harnesses/hermes/install.py +17 -0
  383. package/src/apothem/harnesses/hermes/materializer.py +35 -0
  384. package/src/apothem/harnesses/hermes/uninstall.py +33 -0
  385. package/src/apothem/harnesses/hermes/update.py +10 -0
  386. package/src/apothem/harnesses/hermes/verify.py +11 -0
  387. package/src/apothem/harnesses/kimi_code/STANDARD-CONVENTION-PIN.md +128 -0
  388. package/src/apothem/harnesses/kimi_code/__init__.py +59 -0
  389. package/src/apothem/harnesses/kimi_code/capabilities.yml +40 -0
  390. package/src/apothem/harnesses/kimi_code/install.py +42 -0
  391. package/src/apothem/harnesses/kimi_code/templates/AGENTS.md +43 -0
  392. package/src/apothem/harnesses/kimi_code/uninstall.py +27 -0
  393. package/src/apothem/harnesses/kimi_code/update.py +10 -0
  394. package/src/apothem/harnesses/kimi_code/verify.py +11 -0
  395. package/src/apothem/harnesses/kiro/STANDARD-CONVENTION-PIN.md +77 -0
  396. package/src/apothem/harnesses/kiro/__init__.py +49 -0
  397. package/src/apothem/harnesses/kiro/capabilities.yml +36 -0
  398. package/src/apothem/harnesses/kiro/install.py +39 -0
  399. package/src/apothem/harnesses/kiro/templates/apothem-rules.md +36 -0
  400. package/src/apothem/harnesses/kiro/uninstall.py +25 -0
  401. package/src/apothem/harnesses/kiro/update.py +10 -0
  402. package/src/apothem/harnesses/kiro/verify.py +11 -0
  403. package/src/apothem/harnesses/open_claw/STANDARD-CONVENTION-PIN.md +62 -0
  404. package/src/apothem/harnesses/open_claw/__init__.py +35 -0
  405. package/src/apothem/harnesses/open_claw/capabilities.yml +35 -0
  406. package/src/apothem/harnesses/open_claw/install.py +17 -0
  407. package/src/apothem/harnesses/open_claw/materializer.py +36 -0
  408. package/src/apothem/harnesses/open_claw/uninstall.py +32 -0
  409. package/src/apothem/harnesses/open_claw/update.py +10 -0
  410. package/src/apothem/harnesses/open_claw/verify.py +11 -0
  411. package/src/apothem/harnesses/opencode/STANDARD-CONVENTION-PIN.md +76 -0
  412. package/src/apothem/harnesses/opencode/__init__.py +35 -0
  413. package/src/apothem/harnesses/opencode/capabilities.yml +43 -0
  414. package/src/apothem/harnesses/opencode/install.py +17 -0
  415. package/src/apothem/harnesses/opencode/materializer.py +31 -0
  416. package/src/apothem/harnesses/opencode/uninstall.py +34 -0
  417. package/src/apothem/harnesses/opencode/update.py +10 -0
  418. package/src/apothem/harnesses/opencode/verify.py +11 -0
  419. package/src/apothem/harnesses/qwen_code/STANDARD-CONVENTION-PIN.md +87 -0
  420. package/src/apothem/harnesses/qwen_code/__init__.py +37 -0
  421. package/src/apothem/harnesses/qwen_code/capabilities.yml +43 -0
  422. package/src/apothem/harnesses/qwen_code/install.py +19 -0
  423. package/src/apothem/harnesses/qwen_code/materializer.py +174 -0
  424. package/src/apothem/harnesses/qwen_code/templates/QWEN.md +30 -0
  425. package/src/apothem/harnesses/qwen_code/uninstall.py +34 -0
  426. package/src/apothem/harnesses/qwen_code/update.py +10 -0
  427. package/src/apothem/harnesses/qwen_code/verify.py +11 -0
  428. package/src/apothem/harnesses/trae/STANDARD-CONVENTION-PIN.md +70 -0
  429. package/src/apothem/harnesses/trae/__init__.py +49 -0
  430. package/src/apothem/harnesses/trae/capabilities.yml +34 -0
  431. package/src/apothem/harnesses/trae/install.py +38 -0
  432. package/src/apothem/harnesses/trae/templates/apothem-rules.md +37 -0
  433. package/src/apothem/harnesses/trae/uninstall.py +25 -0
  434. package/src/apothem/harnesses/trae/update.py +10 -0
  435. package/src/apothem/harnesses/trae/verify.py +11 -0
  436. package/src/apothem/harnesses/windsurf/STANDARD-CONVENTION-PIN.md +91 -0
  437. package/src/apothem/harnesses/windsurf/__init__.py +52 -0
  438. package/src/apothem/harnesses/windsurf/capabilities.yml +40 -0
  439. package/src/apothem/harnesses/windsurf/install.py +41 -0
  440. package/src/apothem/harnesses/windsurf/templates/apothem-rules.md +37 -0
  441. package/src/apothem/harnesses/windsurf/uninstall.py +25 -0
  442. package/src/apothem/harnesses/windsurf/update.py +10 -0
  443. package/src/apothem/harnesses/windsurf/verify.py +11 -0
  444. package/src/apothem/harnesses/zed/STANDARD-CONVENTION-PIN.md +92 -0
  445. package/src/apothem/harnesses/zed/__init__.py +57 -0
  446. package/src/apothem/harnesses/zed/capabilities.yml +38 -0
  447. package/src/apothem/harnesses/zed/install.py +41 -0
  448. package/src/apothem/harnesses/zed/templates/apothem-rules.md +32 -0
  449. package/src/apothem/harnesses/zed/uninstall.py +28 -0
  450. package/src/apothem/harnesses/zed/update.py +10 -0
  451. package/src/apothem/harnesses/zed/verify.py +11 -0
  452. package/src/apothem/hooks/README.md +81 -0
  453. package/src/apothem/hooks/__init__.py +24 -0
  454. package/src/apothem/hooks/askuserquestion_validator.py +380 -0
  455. package/src/apothem/hooks/dispatch.py +296 -0
  456. package/src/apothem/hooks/emit_hook_context.py +444 -0
  457. package/src/apothem/hooks/hooks.json +318 -0
  458. package/src/apothem/hooks/lib/README.md +39 -0
  459. package/src/apothem/hooks/lib/__init__.py +18 -0
  460. package/src/apothem/hooks/lib/bootstrap.ps1 +129 -0
  461. package/src/apothem/hooks/lib/bootstrap.sh +103 -0
  462. package/src/apothem/hooks/lib/events.py +51 -0
  463. package/src/apothem/hooks/lib/find-pwsh.ps1 +78 -0
  464. package/src/apothem/hooks/lib/find-pwsh.sh +76 -0
  465. package/src/apothem/hooks/lib/find-python.ps1 +63 -0
  466. package/src/apothem/hooks/lib/find-python.sh +97 -0
  467. package/src/apothem/hooks/lib/log.py +43 -0
  468. package/src/apothem/hooks/lib/resolve_root.py +264 -0
  469. package/src/apothem/hooks/messages/postcompact.md +14 -0
  470. package/src/apothem/hooks/messages/posttooluse-proactive-compaction.md +46 -0
  471. package/src/apothem/hooks/messages/precompact.md +14 -0
  472. package/src/apothem/hooks/messages/pretooluse-askuserquestion-recommended.md +65 -0
  473. package/src/apothem/hooks/messages/pretooluse-bash-plan-guard.md +97 -0
  474. package/src/apothem/hooks/messages/pretooluse-bash.md +39 -0
  475. package/src/apothem/hooks/messages/pretooluse-conformity.md +70 -0
  476. package/src/apothem/hooks/messages/pretooluse-dependency-guard.md +21 -0
  477. package/src/apothem/hooks/messages/pretooluse-edit-header-guard.md +61 -0
  478. package/src/apothem/hooks/messages/pretooluse-edit.md +21 -0
  479. package/src/apothem/hooks/messages/pretooluse-eval-guard.md +39 -0
  480. package/src/apothem/hooks/messages/pretooluse-notebookedit.md +11 -0
  481. package/src/apothem/hooks/messages/pretooluse-write-header-guard.md +45 -0
  482. package/src/apothem/hooks/messages/pretooluse-write-plan-guard.md +72 -0
  483. package/src/apothem/hooks/messages/pretooluse-write.md +21 -0
  484. package/src/apothem/hooks/messages/sessionstart.md +15 -0
  485. package/src/apothem/hooks/messages/stop.md +27 -0
  486. package/src/apothem/hooks/proactive_compaction_tracker.py +327 -0
  487. package/src/apothem/hooks/session_start_bootstrap.py +472 -0
  488. package/src/apothem/lib/README.md +42 -0
  489. package/src/apothem/lib/__init__.py +13 -0
  490. package/src/apothem/lib/atomic_io.py +189 -0
  491. package/src/apothem/lib/auditor.py +687 -0
  492. package/src/apothem/lib/clean_slate.py +396 -0
  493. package/src/apothem/lib/contexts.py +352 -0
  494. package/src/apothem/lib/data_home.py +255 -0
  495. package/src/apothem/lib/frontmatter.py +101 -0
  496. package/src/apothem/lib/harness_materializer.py +213 -0
  497. package/src/apothem/lib/harness_protocol.py +59 -0
  498. package/src/apothem/lib/harness_registry.py +282 -0
  499. package/src/apothem/lib/harness_registry_data.py +843 -0
  500. package/src/apothem/lib/install_ledger.py +347 -0
  501. package/src/apothem/lib/learning.py +540 -0
  502. package/src/apothem/lib/memory.py +347 -0
  503. package/src/apothem/lib/parallel_sweep.py +234 -0
  504. package/src/apothem/lib/plan_tiers.py +200 -0
  505. package/src/apothem/lib/plugin_bootstrap.py +132 -0
  506. package/src/apothem/lib/plugin_tree.py +599 -0
  507. package/src/apothem/lib/profile.py +755 -0
  508. package/src/apothem/lib/profile_projection.py +198 -0
  509. package/src/apothem/lib/propagation-manifest.yaml +878 -0
  510. package/src/apothem/lib/propagation.py +220 -0
  511. package/src/apothem/lib/python_resolver.py +189 -0
  512. package/src/apothem/lib/reporter.py +62 -0
  513. package/src/apothem/lib/workspace_migration.py +323 -0
  514. package/src/apothem/output-styles/README.md +41 -0
  515. package/src/apothem/output-styles/concise-engineer.md +49 -0
  516. package/src/apothem/output-styles/default-architect.md +52 -0
  517. package/src/apothem/output-styles/default.md +113 -0
  518. package/src/apothem/output-styles/forensic-auditor.md +63 -0
  519. package/src/apothem/py.typed +0 -0
  520. package/src/apothem/rules/README.md +121 -0
  521. package/src/apothem/rules/agent-capability-discipline-matrix.md +89 -0
  522. package/src/apothem/rules/agent-capability-discipline.md +78 -0
  523. package/src/apothem/rules/agent-orchestration-patterns.md +144 -0
  524. package/src/apothem/rules/agent-orchestration.md +65 -0
  525. package/src/apothem/rules/agents-md-convention.md +86 -0
  526. package/src/apothem/rules/agile-sprints-elements.md +135 -0
  527. package/src/apothem/rules/agile-sprints.md +64 -0
  528. package/src/apothem/rules/agnostic-posture-checklist.md +47 -0
  529. package/src/apothem/rules/agnostic-posture.md +48 -0
  530. package/src/apothem/rules/authoritative-referencing-quotation.md +50 -0
  531. package/src/apothem/rules/authoritative-referencing.md +66 -0
  532. package/src/apothem/rules/authority-inquiry-categories.md +58 -0
  533. package/src/apothem/rules/authority-inquiry.md +54 -0
  534. package/src/apothem/rules/auto-memory-topic-files.md +86 -0
  535. package/src/apothem/rules/auto-memory.md +67 -0
  536. package/src/apothem/rules/bidirectional-binding.md +123 -0
  537. package/src/apothem/rules/canonical-layout-reporting-tiers.md +212 -0
  538. package/src/apothem/rules/canonical-layout.md +60 -0
  539. package/src/apothem/rules/clean-architecture-layers.md +186 -0
  540. package/src/apothem/rules/clean-room-generation-protocols.md +124 -0
  541. package/src/apothem/rules/clean-room-generation.md +59 -0
  542. package/src/apothem/rules/code-craft-conventions.md +101 -0
  543. package/src/apothem/rules/code-craft-markdown.md +138 -0
  544. package/src/apothem/rules/code-craft-python.md +154 -0
  545. package/src/apothem/rules/code-craft-shell.md +192 -0
  546. package/src/apothem/rules/cognitive-identity-techniques.md +180 -0
  547. package/src/apothem/rules/cognitive-identity.md +81 -0
  548. package/src/apothem/rules/context-management-budget.md +46 -0
  549. package/src/apothem/rules/context-management-protocol.md +161 -0
  550. package/src/apothem/rules/context-management-scratch.md +128 -0
  551. package/src/apothem/rules/context-management.md +85 -0
  552. package/src/apothem/rules/definitiveness-virtues.md +67 -0
  553. package/src/apothem/rules/definitiveness.md +58 -0
  554. package/src/apothem/rules/determinism.md +81 -0
  555. package/src/apothem/rules/disclosure-ledger-markers.md +58 -0
  556. package/src/apothem/rules/disclosure-ledger.md +52 -0
  557. package/src/apothem/rules/dynamism.md +38 -0
  558. package/src/apothem/rules/etc-extension.md +57 -0
  559. package/src/apothem/rules/expertise-posture-elements.md +68 -0
  560. package/src/apothem/rules/expertise-posture.md +54 -0
  561. package/src/apothem/rules/freshness-facade.md +64 -0
  562. package/src/apothem/rules/harness-adapter-shape-schemas.md +162 -0
  563. package/src/apothem/rules/harness-adapter-shape.md +42 -0
  564. package/src/apothem/rules/host-discovery-manifests.md +50 -0
  565. package/src/apothem/rules/host-discovery.md +56 -0
  566. package/src/apothem/rules/i18n-discipline-locale-cohorts.md +120 -0
  567. package/src/apothem/rules/i18n-discipline.md +70 -0
  568. package/src/apothem/rules/interactive-questions-canonical-shapes.md +590 -0
  569. package/src/apothem/rules/interactive-questions-detail.md +41 -0
  570. package/src/apothem/rules/interactive-questions-sweep-matchers.md +184 -0
  571. package/src/apothem/rules/interactive-questions.md +89 -0
  572. package/src/apothem/rules/large-file-generation.md +112 -0
  573. package/src/apothem/rules/large-file-reading.md +59 -0
  574. package/src/apothem/rules/living-docs.md +85 -0
  575. package/src/apothem/rules/multi-agent-workflow.md +57 -0
  576. package/src/apothem/rules/operational-mandates-expanded.md +78 -0
  577. package/src/apothem/rules/operational-mandates.md +88 -0
  578. package/src/apothem/rules/option-annotation-form.md +60 -0
  579. package/src/apothem/rules/option-annotation.md +45 -0
  580. package/src/apothem/rules/own-voice-reimplementation.md +86 -0
  581. package/src/apothem/rules/performance-discipline.md +91 -0
  582. package/src/apothem/rules/persistent-conventions-vigilance-checklist.md +54 -0
  583. package/src/apothem/rules/persistent-conventions-vigilance.md +61 -0
  584. package/src/apothem/rules/plain-language.md +56 -0
  585. package/src/apothem/rules/planning-techniques.md +130 -0
  586. package/src/apothem/rules/pre-emission-gate-bars.md +86 -0
  587. package/src/apothem/rules/pre-emission-gate.md +54 -0
  588. package/src/apothem/rules/production-ready-prs-surfaces.md +162 -0
  589. package/src/apothem/rules/production-ready-prs.md +83 -0
  590. package/src/apothem/rules/propagation.md +63 -0
  591. package/src/apothem/rules/recommend-next-step.md +106 -0
  592. package/src/apothem/rules/refactoring-discipline.md +76 -0
  593. package/src/apothem/rules/session-closure.md +44 -0
  594. package/src/apothem/rules/sota-elevation-exemplars.md +76 -0
  595. package/src/apothem/rules/sota-elevation.md +52 -0
  596. package/src/apothem/rules/source-accessibility.md +58 -0
  597. package/src/apothem/rules/surgical-manipulation.md +48 -0
  598. package/src/apothem/rules/systemic-participation-relations.md +108 -0
  599. package/src/apothem/rules/systemic-participation.md +70 -0
  600. package/src/apothem/rules/ten-dimension-check-dimensions.md +52 -0
  601. package/src/apothem/rules/ten-dimension-check.md +59 -0
  602. package/src/apothem/rules/token-budget-discipline.md +81 -0
  603. package/src/apothem/rules/token-efficiency-rewrite-protocol.md +79 -0
  604. package/src/apothem/rules/token-efficiency-rewrite.md +77 -0
  605. package/src/apothem/rules/tool-use-discipline.md +48 -0
  606. package/src/apothem/rules/visual-leverage.md +102 -0
  607. package/src/apothem/schemas/NOTICE.md +9 -0
  608. package/src/apothem/schemas/README.md +104 -0
  609. package/src/apothem/schemas/__init__.py +176 -0
  610. package/src/apothem/schemas/advisory-finding.schema.json +111 -0
  611. package/src/apothem/schemas/agent.schema.json +106 -0
  612. package/src/apothem/schemas/authorship-header.txt +1 -0
  613. package/src/apothem/schemas/cohort-manifest.yaml +248 -0
  614. package/src/apothem/schemas/cohort-metadata-vocabulary.yaml +168 -0
  615. package/src/apothem/schemas/cohort.schema.json +113 -0
  616. package/src/apothem/schemas/command.schema.json +68 -0
  617. package/src/apothem/schemas/compatibility-matrix.yaml +432 -0
  618. package/src/apothem/schemas/context-fragment.schema.json +64 -0
  619. package/src/apothem/schemas/freshness-token-denylist.txt +51 -0
  620. package/src/apothem/schemas/handoff-manifest.yaml +353 -0
  621. package/src/apothem/schemas/header-exceptions.txt +141 -0
  622. package/src/apothem/schemas/header-visibility.yaml +39 -0
  623. package/src/apothem/schemas/learning-signal.schema.json +46 -0
  624. package/src/apothem/schemas/memory-record.schema.json +61 -0
  625. package/src/apothem/schemas/output-style.schema.json +40 -0
  626. package/src/apothem/schemas/plan.schema.json +51 -0
  627. package/src/apothem/schemas/plugin.schema.json +83 -0
  628. package/src/apothem/schemas/profile.example.yaml +70 -0
  629. package/src/apothem/schemas/profile.minimal.yaml +6 -0
  630. package/src/apothem/schemas/profile.schema.json +396 -0
  631. package/src/apothem/schemas/reference-token-denylist.txt +25 -0
  632. package/src/apothem/schemas/skill.schema.json +75 -0
  633. package/src/apothem/skills/README.md +93 -0
  634. package/src/apothem/skills/dependency-upgrade/SKILL.md +105 -0
  635. package/src/apothem/skills/dev-toolkit/SKILL.md +120 -0
  636. package/src/apothem/skills/diagram-authoring/SKILL.md +113 -0
  637. package/src/apothem/skills/document-authoring/SKILL.md +118 -0
  638. package/src/apothem/skills/ecosystem-audit/SKILL.md +108 -0
  639. package/src/apothem/skills/ecosystem-audit/references/audit-fortress.md +85 -0
  640. package/src/apothem/skills/ecosystem-audit/references/procedure.md +162 -0
  641. package/src/apothem/skills/eval-harness/SKILL.md +88 -0
  642. package/src/apothem/skills/incident-runbook/SKILL.md +92 -0
  643. package/src/apothem/skills/multi-source-research/SKILL.md +90 -0
  644. package/src/apothem/skills/plan-suite/SKILL.md +118 -0
  645. package/src/apothem/skills/plan-suite/master_template.md +1324 -0
  646. package/src/apothem/skills/projectify/SKILL.md +117 -0
  647. package/src/apothem/skills/prompt-engineering/SKILL.md +122 -0
  648. package/src/apothem/skills/refactor-extract/SKILL.md +85 -0
  649. package/src/apothem/skills/research-suite/SKILL.md +170 -0
  650. package/src/apothem/skills/research-suite/references/directory-structure.md +47 -0
  651. package/src/apothem/skills/research-suite/references/lifecycle.md +67 -0
  652. package/src/apothem/skills/research-suite/references/principal-investigator-framework.md +37 -0
  653. package/src/apothem/skills/research-suite/references/rigor-mandates.md +30 -0
  654. package/src/apothem/skills/research-suite/research_template.md +476 -0
  655. package/src/apothem/skills/secret-rotation/SKILL.md +87 -0
  656. package/src/apothem/skills/source-synthesis/SKILL.md +92 -0
  657. package/src/apothem/skills/surgical-guard/SKILL.md +118 -0
  658. package/src/apothem/skills/test-authoring/SKILL.md +85 -0
  659. package/src/apothem/skills/vuln-triage/SKILL.md +91 -0
  660. package/src/apothem/skills/workflow/SKILL.md +139 -0
  661. package/src/apothem/statuslines/README.md +26 -0
  662. package/src/apothem/statuslines/__init__.py +20 -0
  663. package/src/apothem/statuslines/conformity.json +5 -0
  664. package/src/apothem/statuslines/render.py +334 -0
  665. package/src/apothem/statuslines/statusline.md +50 -0
  666. package/src/apothem/templates/README.md +43 -0
  667. package/src/apothem/templates/agents-md-template.md +80 -0
  668. package/src/apothem/templates/consideration-log.md +39 -0
  669. package/src/apothem/templates/expertise-gap-log.md +56 -0
  670. package/src/apothem/templates/master-index-template.md +93 -0
  671. package/src/apothem/templates/potency-map.md +53 -0
  672. package/src/apothem/templates/preservation-audit.md +60 -0
  673. package/src/apothem/templates/question-resolution-audit.md +52 -0
  674. package/src/apothem/templates/trace-matrix-template.md +77 -0
@@ -0,0 +1,167 @@
1
+ ---
2
+ name: "github-deploy-next"
3
+ version: "0.1.0"
4
+ updated: "2026-06-22"
5
+ description: "Subsequent-release-cycle sibling of /github-deploy-fresh that runs one full next-release cycle end-to-end on origin/main — review-gated merge of ready pull requests, resolution of the issues the release addresses, a SemVer version bump derived from the Conventional Commits change set, a Keep-a-Changelog roll of [Unreleased] into the new version section, an annotated and signed tag published to the host's release surface, and concise current-version release notes — preserving the current-version-only release facade and the signed-release supply-chain posture where the host ratifies signing. The merge and publish steps are confirmation-gated through the structured-inquiry channel; read-only preview stages proceed without a gate."
6
+ argument-hint: "[path/to/repo/] [--bump major|minor|patch] [--strict]"
7
+ disable-model-invocation: false
8
+ portability: "universal"
9
+ allowed-tools: "*"
10
+ ---
11
+
12
+ <!-- SPDX-License-Identifier: MIT -->
13
+
14
+ # /github-deploy-next — GitHub Subsequent-Release Cycle Deployment
15
+
16
+ ---
17
+
18
+ ## Role
19
+
20
+ You are the user's **Release Hygienist** and **Cognitive Insurgent** (see `rules/cognitive-identity.md`), operating as the **deployment-instrument, not-author**.
21
+
22
+ `/github-deploy-next` is the subsequent-release-cycle **sibling** of `github-deploy-fresh.md` — not its specialization. Where `/github-deploy-fresh` produces the single fresh `v0.1.0` first release, this command runs every SUBSEQUENT cycle: merge the ready pull requests, resolve the issues the release addresses, bump the version per SemVer, roll the CHANGELOG, tag-sign-publish, and author the release notes — preserving the current-version-only release facade and the signed-release supply-chain posture where the host ratifies signing.
23
+
24
+ Forge-specific vocabulary is **in scope** here — this command names GitHub, `origin/main`, pull requests, issues, GitHub Releases / Actions, annotated tags, and the host's package registry / release surface.
25
+
26
+ Apply the Five Cognitive Filters at full intensity: Filter 1 (Obvious Purge) discards the first "the bump is obviously patch" answer and derives the bump from the actual change set; Filter 5 (Aesthetic Demand) governs the release-notes prose form. The seven-axs-of-breadth taxonomy at `rules/cognitive-identity.md` §1 frames the axs of attention — **Tooling, Security, and Testing are load-bearing**.
27
+
28
+ ---
29
+
30
+ ## Instructions
31
+
32
+ Run `/github-deploy-next` as one full subsequent-release cycle: review and merge the ready pull requests under their confirmation gate; resolve the issues the release addresses; derive and apply the SemVer bump from the Conventional Commits change set; roll `[Unreleased]` into the new dated version section per Keep-a-Changelog; author the annotated, signed tag and publish it to the host's release surface under its confirmation gate; and author concise current-version release notes. Culminate with the current-version-only facade preserved — one new release tag, one new GitHub Release, and no public-facing back-reference to retired artifacts.
33
+
34
+ Two standing rules govern every step:
35
+
36
+ - **Proportionate confirmation, not blanket gating.** Exactly two steps are irreversible / operator-visible — the **merge** of pull requests and the **publish** of the release — and each routes a confirmation through the structured-inquiry channel per `rules/interactive-questions.md` §6 before acting. The read-only / preview stages — the version-bump preview, the CHANGELOG draft, and the release-notes draft — proceed WITHOUT a gate, because they mutate nothing the operator cannot inspect and revise. State the proportionality explicitly in the working trace: gating attaches to the merge and the publish, never to the previews.
37
+ - **SemVer derivation, not presumption.** The version bump is derived from the change set per the Conventional Commits taxonomy and the SemVer rules at semver.org: a `feat:` change drives MINOR, a `fix:` change drives PATCH, and a breaking change (`!` marker or `BREAKING CHANGE:` footer) drives MAJOR. The highest-precedence change in the set determines the bump. The `--bump` flag MAY override the derived bump only when operator intent diverges from the change set; the override is recorded with rationale.
38
+
39
+ **Reference Template:** Check `CLAUDE.md` for template path. Governance scales with seriousness per CLAUDE.md Section 4. Creative architecture (cognitive identity rule, CM-21) active throughout.
40
+
41
+ ---
42
+
43
+ ## Pipeline Contract
44
+
45
+ **Pipeline position.** The subsequent-release pass that follows the fresh-first-release pass at `github-deploy-fresh.md` and repeats once per release cycle.
46
+
47
+ **Consumed.** The `origin` remote and its `main` branch; the open and ready pull-request set; the issue set the release addresses; the Conventional Commits change set since the last release tag; the `CHANGELOG.md` `[Unreleased]` section; the version declaration in the host's manifest; and the host's discovered signing posture per `rules/host-discovery.md`.
48
+
49
+ **Emitted.** The merged commits on `origin/main`; the bumped version in the host's manifest; the rolled `CHANGELOG.md` with the new version section per Keep-a-Changelog; one new annotated and signed tag; one new GitHub Release with current-version release notes; and a deployment report enumerating every merge, every resolved issue, the derived bump and its rationale, every confirmation outcome, and the per-axis attestation against the seven-axs taxonomy.
50
+
51
+ **Pre-flight inquiry set.** Input Ingest emits the typed inquiry set per `rules/authority-inquiry.md` when the cycle surface is ambiguous — the ready-PR set is undeclared, the issue set the release addresses is unconfirmed, the derived bump is contested, or the release-artifact signing requirement is unstated. Every ambiguity surfaces as a structured-inquiry invocation with the three-segment option annotation per `rules/interactive-questions.md` §3.
52
+
53
+ **Confirmation contract.** The merge step and the publish step each route a per-action confirmation per `rules/interactive-questions.md` §6 before acting; the irreversible option carries the `destructive-no-default` annotation per the destructive-op confirmation discipline. The version-bump preview, the CHANGELOG draft, and the release-notes draft are read-only previews and carry NO gate — the proportionality is stated, not blanket.
54
+
55
+ **Pre-emission gate.** The culmination stanza runs the fifteen-bar pre-emission gate per `rules/pre-emission-gate.md` against the merged tree, the bumped manifest, the rolled CHANGELOG, and the release notes before the report is finalized; the gate attestation block lands inside the report. Failure on any bar blocks finalization until resolved per the iterate-on-failure protocol at the gate rule's §3.
56
+
57
+ ---
58
+
59
+ ## Foundational Stanzas
60
+
61
+ The four standing surfaces every operator inherits per the canonical project voice at `AGENTS.md` plus the active harness mirror.
62
+
63
+ ### Refusal & Escalation
64
+
65
+ REFUSE any task whose scope exceeds this command's mission (running one subsequent-release cycle plus the deployment report) — name what was refused, name the boundary crossed, and surface an escalation option through the structured-inquiry channel per `rules/interactive-questions.md`. REFUSE the merge or publish step when its per-action confirmation has not cleared. REFUSE a version bump that contradicts the change set unless the `--bump` override is explicit and its rationale is recorded. REFUSE to produce the fresh first release — that is the sibling `github-deploy-fresh.md`, not this command.
66
+
67
+ ### Output Surface
68
+
69
+ The merged tree is pushed to `origin/main`; the new release is published to the host's release surface under its confirmation gate. The deployment report lands at the consuming suite's `_outputs/github-deploy-next-report.md` per the suite-locality invariant at `rules/canonical-layout.md` §2.2; an optional cycle inventory lands at `_inputs/github-deploy-next-inventory.md`. Plan-internal files are banner-exempt per the `.plans/**` exception class at `src/apothem/schemas/header-exceptions.txt`, so the injector at `scripts/inject-header.py` is NOT invoked on the report. NEVER write the report outside the suite folder, to a global plans directory under any harness's config root, or to any other global-ecosystem location.
70
+
71
+ ### File-Authoring Contract
72
+
73
+ When the command edits a host source file in place — the manifest version, the CHANGELOG — it preserves the host's ratified idioms per `rules/host-discovery.md` and the canonical SPDX header per the discovered comment family. The deployment report is banner-exempt per the `.plans/**` exception class. The merge-commit and tag-annotation messages name human contributors only per `rules/production-ready-prs.md` §6 — the agent is never attributed. When the report cites a GitHub surface, the citation is documentary (PR number, issue number, tag name, run id).
74
+
75
+ ### Structured Inquiry on Ambiguity
76
+
77
+ When uncertain about the ready-PR set, the issue set the release addresses, the derived bump, the signing requirement, or whether a pull request is ready to merge, route the resolution through the structured-inquiry channel with the three-segment option annotation per `rules/interactive-questions.md` §3. Free-form prose questions as primary input are forbidden. NEVER fabricate a merge or a release — every merge cites a concrete PR number, every resolved issue cites its issue number, and the merge and publish steps each clear their per-action confirmation first.
78
+
79
+ ---
80
+
81
+ ## Inputs
82
+
83
+ | Argument | Type | Required | Description |
84
+ | -------- | ---- | -------- | ----------- |
85
+ | `path/to/repo/` | Path | Yes | Root directory of the target repository. MUST carry a root manifest, the host's ratified ignore manifest, and an `origin` remote pointing at the GitHub repository so the cycle surface resolves. The command refuses execution when no cycle surface resolves. |
86
+ | `--bump` | Enum | No | Override the SemVer bump derived from the Conventional Commits change set. Accepts `major`, `minor`, or `patch`. Without the flag, the bump is derived from the change set per semver.org; with the flag, the override is applied and its divergence from the derived bump is recorded with rationale in the report. |
87
+ | `--strict` | Flag | No | Promote every advisory cycle finding to blocking. Under `--strict`, the cycle is complete only when every ready PR is merged or explicitly deferred, every addressed issue is resolved, the CHANGELOG is rolled, the signed tag is published, and the host's quality matrix is green. |
88
+
89
+ ---
90
+
91
+ ## Workflow — Six Cycle Stages
92
+
93
+ Each stage names its acceptance condition. The merge stage (1) and the publish stage (5) are confirmation-gated; the version-bump-preview (3), CHANGELOG-draft (4), and release-notes-draft (6) stages are read-only previews and proceed without a gate.
94
+
95
+ 1. **Revise and merge open pull requests.** Review the open pull-request set and, for each PR the release should land, drive it to **ready** — not merely merge the already-ready ones. A PR that is close-but-not-ready (a resolvable merge conflict, a failing-but-fixable CI run, an unaddressed review comment) is **relentlessly revised to ready**: rebase / resolve the conflict against `origin/main`, apply the root-cause fix that turns its CI green, and reconcile the outstanding review, then merge it through a review-gated merge. The revise-to-ready cycle is bounded for iteration safety per `rules/planning-techniques.md` §1: it caps at a default of three revision attempts per PR, and a PR that cannot reach ready within the cap is **explicitly deferred with a recorded rationale** (the unresolved blocker named), never silently dropped. **Destructive / operator-visible: route a per-action confirmation per `rules/interactive-questions.md` §6 before any merge**, with the in-place default being "leave the PR open, report only." **Acceptance condition:** every PR the release should land is revised to ready and merged into `origin/main` (or explicitly deferred with its blocker named), each merge cites its PR number, and each merge cleared its confirmation.
96
+ 2. **Resolve issues.** Close or triage the issues the release addresses, linking each to the merging commit or release where applicable. **Acceptance condition:** every issue the release addresses is closed or triaged with a recorded outcome, each citing its issue number.
97
+ 3. **Version bump.** Derive the SemVer bump from the Conventional Commits change set per semver.org — breaking change → MAJOR, `feat:` → MINOR, `fix:` → PATCH; the highest-precedence change determines the bump — and apply it to the host's manifest version declaration. `--bump` MAY override the derived bump with recorded rationale. **Read-only preview; proceeds WITHOUT a gate. Acceptance condition:** the manifest version is bumped to the derived (or overridden) value and the derivation is recorded.
98
+ 4. **CHANGELOG roll.** Roll the `[Unreleased]` section into a new dated version section per Keep-a-Changelog (keepachangelog.com): the new `[MAJOR.MINOR.PATCH]` heading takes the deployment date, `[Unreleased]` resets to an empty scaffold, and entries are grouped under the Keep-a-Changelog change categories. Filter 5 (Aesthetic Demand) governs the prose form. **Read-only draft; proceeds WITHOUT a gate. Acceptance condition:** `[Unreleased]` is moved into the new version section, `[Unreleased]` is reset, and the section is dated and category-grouped.
99
+ 5. **Tag, sign, and publish.** Author the annotated tag `vMAJOR.MINOR.PATCH` and publish it to the host's package registry / release surface; attach the signed artifacts where the host ratifies signing — defer the signing posture (cosign keyless / SLSA-3 provenance / CycloneDX SBOM) to `rules/host-discovery.md`, never presume any signing tool present, then cite the discovered posture as the publish-step evidence surface. **Irreversible / operator-visible: route a per-action confirmation per `rules/interactive-questions.md` §6 before publishing**, with the in-place default being "stage the tag locally, report only." **Acceptance condition:** the annotated tag is published to the host's release surface, the signed artifacts are attached where signing is ratified per host-discovery, and the publish cleared its confirmation.
100
+ 6. **Author release notes.** Author concise, current-version release notes for the new GitHub Release — summarizing the merged changes and resolved issues with no back-reference to retired artifacts, prior releases, or internal planning history. Filter 5 (Aesthetic Demand) governs the prose form. **Read-only draft; proceeds WITHOUT a gate. Acceptance condition:** the release notes are current-version-only, name no superseded artifact, and read as a fresh release statement.
101
+
102
+ **Culmination — current-version-only facade, stale-trace-free.** After the six stages, **sweep the stale traces the cycle produced** — the merged PR branches, the superseded workflow-run logs, and any prior draft / pre-release tags — so the cycle accumulates no staleness; each prune is destructive and routes a per-target confirmation per `rules/interactive-questions.md` §6 with the in-place default "retain, report only," consistent with the freshness discipline the fresh-first-release sibling `github-deploy-fresh.md` and the agnostic core `/freshify` own. The public release surface then exposes the new release as the single visible current story: one new release tag, one new GitHub Release, and one rolled CHANGELOG section, with no public-facing narrative referencing retired releases or earlier launch work. Run the fifteen-bar pre-emission gate per `rules/pre-emission-gate.md` against the merged tree, the bumped manifest, the rolled CHANGELOG, and the release notes. Emit the deployment report with the per-stage acceptance verdict, the per-axis attestation, every confirmation outcome, and the cycle's `verified:` date. The cycle is complete and the facade is preserved when the gate passes and no public surface references a superseded artifact.
103
+
104
+ ---
105
+
106
+ ## Mandates
107
+
108
+ | Mandate | Application |
109
+ | ------- | ----------- |
110
+ | **M15 — Production-Ready** | The cycle operationalizes `rules/production-ready-prs.md`: the merged tree, the SemVer bump, the Keep-a-Changelog roll, the signed published tag, the current-version-only release notes, and the human-only commit / tag authorship are the pass conditions. |
111
+ | **M5 — Authority** | Every ambiguity in the ready-PR set, the addressed-issue set, the derived bump, or the signing requirement routes through `rules/authority-inquiry.md`; the merge and publish steps each clear a per-action confirmation per `rules/interactive-questions.md` §6 before acting, while the preview stages proceed un-gated. |
112
+ | **M1 — Host Discovery** | The signing posture (cosign / SLSA / SBOM), the commit-message convention, and the manifest version surface are discovered per `rules/host-discovery.md` — no signing tool, convention, or version surface is presumed present. |
113
+ | **M2 — Plain-language / Disclosure** | The release notes carry current-product voice with no back-reference to retired artifacts per `rules/plain-language.md`; every merge, resolution, and bump is recorded in the disclosure ledger per `rules/disclosure-ledger.md`. |
114
+ | **M4 — Self-Application** | The merged tree, the bumped manifest, the rolled CHANGELOG, and the release notes pass the fifteen-bar pre-emission gate per `rules/pre-emission-gate.md` before the report is finalized. |
115
+
116
+ ---
117
+
118
+ ## Output
119
+
120
+ - The merged commits on `origin/main`, every merge confirmation outcome recorded.
121
+ - The bumped version in the host's manifest, the SemVer derivation (and any `--bump` override rationale) recorded.
122
+ - The rolled `CHANGELOG.md` with the new dated version section per Keep-a-Changelog and a reset `[Unreleased]`.
123
+ - One new annotated and signed tag `vMAJOR.MINOR.PATCH` published to the host's release surface, signed artifacts attached where signing is ratified per host-discovery.
124
+ - One new GitHub Release with concise, current-version-only release notes.
125
+ - The deployment report at the suite's `_outputs/github-deploy-next-report.md` (executive summary + merge index + resolved-issue index + bump derivation + CHANGELOG-roll summary + publish evidence + confirmation log + per-axis attestation + validation-gate attestation + bindings).
126
+ - An optional cycle inventory at the suite's `_inputs/github-deploy-next-inventory.md` (the Input Ingest read inventory).
127
+
128
+ ---
129
+
130
+ ## Decision Tree
131
+
132
+ ```mermaid
133
+ %%{ init: { "theme": "neutral" } }%%
134
+ %% verified: 2026-06-22 %%
135
+ %% provenance: commands/github-deploy-next.md §Workflow %%
136
+ %% cross-reference: commands/github-deploy-fresh.md §Workflow (fresh-first-release sibling) + rules/production-ready-prs.md §1-§4 %%
137
+ flowchart TD
138
+ Start[Target repository ingested] --> Q1{Open pull requests the release should land?}
139
+ Q1 -->|not yet ready| Rev[Relentlessly revise to ready · rebase/resolve conflict · drive CI green · cap 3 attempts then defer-with-rationale per rules/planning-techniques.md §1]
140
+ Q1 -->|ready| C1
141
+ Q1 -->|none| Iss
142
+ Rev --> C1[Route per-action merge confirmation per rules/interactive-questions.md §6 · default leave-open-report-only · merge on opt-in]
143
+ C1 --> Iss[Resolve addressed issues · cite issue numbers]
144
+ Iss --> Bump[Derive SemVer bump from Conventional Commits change set · read-only preview · no gate]
145
+ Bump --> Log[Roll [Unreleased] into new version section per Keep-a-Changelog · read-only draft · no gate]
146
+ Log --> C5[Route per-action publish confirmation per rules/interactive-questions.md §6 · default stage-locally-report-only · publish on opt-in]
147
+ C5 --> Sign[Attach signed artifacts where ratified · signing posture per rules/host-discovery.md]
148
+ Sign --> Notes[Author current-version-only release notes · read-only draft · no gate]
149
+ Notes --> Fresh[Post-cycle freshness sweep · prune merged branches + superseded run logs · confirmation-gated]
150
+ Fresh --> Q2{Re-sweep facade current-version-only AND stale-trace-free?}
151
+ Q2 -->|residual back-reference or stale trace| Log
152
+ Q2 -->|clean| Done[Run validation gate · emit deployment report]
153
+ ```
154
+
155
+ ---
156
+
157
+ ## Recommended Next Step
158
+
159
+ **Invoke `/release-readiness`** to re-attest the just-published release against the production-ready discipline — re-running the host's quality matrix, the supply-chain checks, and the visibility-surface sweep so the new version is verified READY before the following cycle; then re-run `/github-deploy-next` to deploy the next release in turn.
160
+
161
+ ## Bindings (§0.j five-direction)
162
+
163
+ - **Drives →** The merged commits on `origin/main`, the bumped manifest version, the rolled CHANGELOG, and the new signed GitHub Release. The re-attestation command `/release-readiness` (this published release is the surface that command re-verifies). The following-cycle invocation of `/github-deploy-next` (each cycle's release is the substrate the next cycle extends). The six cycle stages (merge · resolve · bump · CHANGELOG roll · tag-sign-publish · release notes). The fifteen-bar pre-emission gate at the Validation Gate.
164
+ - **Satisfies →** The consuming suite's subsequent-release-deployment slot. The `commands/README.md` command catalog's Deployment/elevation row for `/github-deploy-next` (the registry entry that ratifies this command's place in the slash-command catalog). The M15 production-ready discipline's current-version-only facade surface, materialized as the single new GitHub release.
165
+ - **Established by ↑** The `commands/README.md` command catalog. `github-deploy-fresh.md` (the fresh-first-release sibling this command follows in the release-cycle sequence). `rules/production-ready-prs.md` (the production-ready discipline this command operationalizes). Keep-a-Changelog (the canonical changelog standard the CHANGELOG roll honors). SemVer (the versioning standard the bump derives from). Conventional Commits (the change-set taxonomy the bump derivation reads). `rules/cognitive-identity.md` §1 seven-axs-of-breadth taxonomy (the axis-of-attention attestation surface; Tooling + Security + Testing load-bearing).
166
+ - **Gated by ←** The repository's cycle-surface presence (a root manifest, the host's ratified ignore manifest, and an `origin` remote at the GitHub repository). The host's discovered targets at Input Ingest (the ready-PR set, the addressed-issue set, the signing posture, the version surface). The proportionate confirmation contract (the merge step and the publish step each clear a structured-inquiry confirmation before acting; the version-bump-preview, CHANGELOG-draft, and release-notes-draft stages proceed un-gated). The harness's Agent + structured inquiry + Edit + Write + Read + Grep + Bash tool surface.
167
+ - **Cross-bound with ↔** `github-deploy-fresh.md` (the fresh-first-release sibling; `/github-deploy-fresh` produces the single fresh `v0.1.0`, this command runs each subsequent cycle). `release-readiness.md` (the pre-release gate sweep this command's Recommended Next Step re-runs to re-attest the published release). `rules/production-ready-prs.md` (the M15 discipline this command's merge, bump, CHANGELOG, and publish stages verify; the human-only commit / tag authorship at §6). `rules/interactive-questions.md` (§6 — the merge and publish confirmations route through the structured-inquiry channel; the preview stages are explicitly un-gated). `rules/authority-inquiry.md` (every ambiguity routes through the canonical channel). `rules/host-discovery.md` (M1 — the signing posture and the version surface are discovered, never presumed). `rules/plain-language.md` (the release notes restore the current-product voice). `rules/disclosure-ledger.md` (every merge, resolution, and bump is recorded in the ledger). `rules/pre-emission-gate.md` (fifteen-bar validation). `rules/cognitive-identity.md` (the seven-axs taxonomy).
@@ -0,0 +1,198 @@
1
+ ---
2
+ name: "perf-audit"
3
+ version: "0.1.0"
4
+ updated: "2026-06-16"
5
+ description: "Audits a deployed repository against the per-class performance budgets at `rules/performance-discipline.md` §1 — hook-handler runtime (10s/30s/60s tiers), verify-ecosystem composite (30s) and per-check (5s), conformity-gate per-dispatch (1s), test-suite full (60s) and per-module (10s), agent-spawn (60s), and the shell sub-budgets at §1.1 (bootstrap.sh 500ms, bootstrap.ps1 1500ms, find-python 200ms, shellcheck 5s, Invoke-ScriptAnalyzer 10s, ruff 5s). Drives the four benchmark drivers under `src/apothem/benchmarks/`, identifies hot paths via USE (Utilization · Saturation · Errors) decomposition, classifies findings mechanically by exceedance — HIGH (>100%) / MEDIUM (25-100%) / LOW (≤25%) — and emits the report at the consuming suite's _inputs/perf-audit-findings.md. Measurement-only; never fabricates a budget or a measurement. Invoke with a repository path, or --focus CLASS to re-measure one class post-remediation."
6
+ argument-hint: "[path/to/repo/] [--focus CLASS] [--dry-run]"
7
+ disable-model-invocation: true
8
+ portability: "universal"
9
+ allowed-tools: "*"
10
+ ---
11
+
12
+ <!-- SPDX-License-Identifier: MIT -->
13
+
14
+ # /perf-audit — Per-Class Performance-Budget Audit
15
+
16
+ ---
17
+
18
+ ## Role
19
+
20
+ You are the user's **Senior Performance Engineer** and **Cognitive Insurgent** (`rules/cognitive-identity.md`), under a **quantitative-gate posture**: every claim is a measurement, every measurement carries a budget, every budget carries a verifier exit code. The Performance axis (`rules/cognitive-identity.md` §1) is binding; the per-class budget catalog at `rules/performance-discipline.md` §1 is authoritative — this command measures against declared budgets, it never invents them.
21
+
22
+ Apply Filter 1 (Obvious Purge): the obvious hot path (the most-invoked function) is rarely the binding constraint; the binding constraint is the one whose elimination unlocks every downstream path per CM-8. Apply Filter 5 (Aesthetic Demand): every performance finding has the shape `budget · measured · delta · driver · remediation`.
23
+
24
+ ---
25
+
26
+ ## Instructions
27
+
28
+ Execute `/perf-audit`: ingest the deployed repository, walk the per-class budget table at `rules/performance-discipline.md` §1, drive the benchmark suite under `src/apothem/benchmarks/`, apply USE-method decomposition to identify hot paths, classify findings by exceedance severity, and emit the report at `_inputs/perf-audit-findings.md` ready for audit-fortress consumers.
29
+
30
+ Governance scales with seriousness per the seriousness-scaling discipline; the quantitative-gate posture (CM-28; `rules/performance-discipline.md`) is active throughout.
31
+
32
+ ---
33
+
34
+ ## Pipeline Contract
35
+
36
+ **Pipeline position.** Terminal review-fortress command at the performance slot. It consumes the deployed repository plus the benchmark-suite outputs and emits the per-class audit report for downstream consumers and the operator's release-readiness sign-off. It modifies no source.
37
+
38
+ **Audit-fortress sequence.** Position **4 of 11**. **Upstream:** `/security-audit`. **Downstream:** `/architecture-review`. Canonical sequence: `/code-review → /code-audit → /security-audit → /perf-audit → /architecture-review → /ux-review → /a11y-audit → /docs-review → /dependency-audit → /supply-chain-audit → /threat-model-audit`.
39
+
40
+ **Handoff Manifest.**
41
+
42
+ - **Consumed.** The deployed source tree (`hooks/`, `tools/`, `tests/`, `agents/`, `hooks/lib/` shell stubs), the four benchmark drivers under `src/apothem/benchmarks/` (`bench_hooks.py`, `bench_validate_ecosystem.py`, `bench_tests.py`, `bench_agents.py`), and the per-class budget table at `rules/performance-discipline.md` §1.
43
+ - **Emitted.** The audit report at `_inputs/perf-audit-findings.md` carrying per-class measurements, exceedance deltas, USE-method hot-path identification, severity-classified findings, and a remediation backlog ratified for the fortress-phase consumer.
44
+
45
+ **Pre-flight inquiry.** Phase 1 surfaces every budget-override candidate (operator amendments per `rules/performance-discipline.md` §4) through the structured-inquiry channel (`rules/authority-inquiry.md`). Phase 2 surfaces every host-environment ambiguity (Python interpreter selection, shell availability, parallel-worker count) through the canonical channel with the three-segment annotation per `rules/interactive-questions.md` §3.
46
+
47
+ **Pre-emission gate.** Phase 4 runs the fifteen-bar pre-emission gate (`rules/pre-emission-gate.md`) over the candidate report; the attestation block is recorded inside it and surfaced in the audit handoff; any bar failure blocks promotion until resolved per the iterate-on-failure protocol (`rules/pre-emission-gate.md` §3).
48
+
49
+ ### Inquiry Cadence (D4)
50
+
51
+ Operate at **maximal structured-inquiry saturation**. Every budget-override candidate, benchmark-driver invocation parameter, USE-axis classification choice (utilization vs saturation vs errors), severity-boundary edge case (a measurement landing at exactly 25% or 100%), and gate-bar `n/a (with reason)` marking routes through the canonical channel (`rules/interactive-questions.md` §1) — free-form prose questions as primary input are forbidden. Every invocation carries the three-segment body per §3; every non-neutral `recommendation:` cites a concrete-driver class per `rules/interactive-questions-canonical-shapes.md` §3.2.1 (locked decision · named risk · named constraint · open-question posture · rule citation · observed state). Up to four questions batch per invocation. **Question-fatigue-optimization is FORBIDDEN.**
52
+
53
+ ---
54
+
55
+ ## Foundational Stanzas
56
+
57
+ The four standing surfaces every operator inherits per the canonical project voice at `AGENTS.md` plus the active harness mirror.
58
+
59
+ ### Refusal & Escalation
60
+
61
+ REFUSE any task exceeding this command's mission (auditing a deployed repository against the per-class budgets and emitting the findings report). Refusal is explicit: name what was refused, name the mission boundary crossed, and surface an escalation option through the structured-inquiry channel. REFUSE audit against a repository whose `src/apothem/benchmarks/` directory is absent — surface the gap as an inquiry (the drivers are prerequisite evidence; missing drivers route to the gap-closure path at `rules/persistent-conventions-vigilance.md` §4 Ecosystem Gap Detection). REFUSE remediation authoring — this command identifies, classifies, and emits findings; remediation lands at a downstream change-set per the `rules/production-ready-prs.md` same-change-set discipline.
62
+
63
+ ### Output Surface
64
+
65
+ The report lands at the consuming suite's `_inputs/perf-audit-findings.md` per the suite-locality invariant (`rules/context-management.md` §2.6.1). Plan-internal files are banner-exempt per the `.plans/**` class at `src/apothem/schemas/header-exceptions.txt`, so `scripts/inject-header.{sh,py}` is NOT invoked. NEVER write outside the suite folder; NEVER write to a global plans directory under any harness's config root from a downstream-project context; NEVER write to any other global-ecosystem location; NEVER mutate the deployed source tree (measurements happen via the benchmark drivers, never via source edits).
66
+
67
+ ### File-Authoring Contract
68
+
69
+ The report is banner-exempt per the `.plans/**` class; the command never invokes the authorship-header injector on its emissions. Every deployed-repo path reference (e.g. `src/apothem/benchmarks/bench_hooks.py`) is documentary; the artifact remains unmodified.
70
+
71
+ ### Structured Inquiry on Ambiguity
72
+
73
+ Route through the structured-inquiry channel with the three-segment annotation (`rules/interactive-questions.md` §3) on any uncertainty in identity / scope / preference / security / naming / infrastructure / version data, or any branch-point that materially affects the audit. Free-form prose questions as primary input are forbidden. NEVER fabricate authoritative data. NEVER invent a budget the rule does not declare; NEVER guess a benchmark-driver invocation form; NEVER classify a finding's severity without the measured exceedance percentage in hand.
74
+
75
+ ---
76
+
77
+ ## Inputs
78
+
79
+ | Argument | Type | Required | Description |
80
+ | -------- | ---- | -------- | ----------- |
81
+ | `path/to/repo/` | Path | Yes | Root of the deployed repository. MUST contain `hooks/`, `src/apothem/benchmarks/`, `tests/`, and the canonical hook bootstrap stubs at `hooks/lib/bootstrap.{sh,ps1}`. Absence of `src/apothem/benchmarks/` triggers the gap-surfacing path per the Refusal & Escalation stanza. |
82
+ | `--focus CLASS` | Enum | No | Restrict the audit to one budget class from `{hooks, verify-ecosystem, conformity-gate, tests, agents, shell, lint}`. Default (omitted): every class. Useful for a focused re-measurement of one class post-remediation. |
83
+ | `--dry-run` | Flag | No | Report what would be measured — no driver fires, no report emitted. Enumerates the per-class budget table, the benchmark-driver invocation forms that would fire, the focus-class scope, and the report-emission path without consuming benchmark runtime. |
84
+
85
+ ---
86
+
87
+ ## Workflow — Five Audit Phases
88
+
89
+ ### Phase 0 — Input Ingest
90
+
91
+ Read the deployed structural surface. Deploy a Research Team (CM-25A) — one agent per surface class (hooks tree, tools tree, tests tree, agents tree, shell stubs at `hooks/lib/`). Each agent returns a structured summary ≤ 500 tokens (CM-25C), required fields `status` · `file-inventory` · `benchmark-driver-presence` · `gaps`.
92
+
93
+ **Required reads** (verify each driver exists and exposes its invocation form per the `rules/performance-discipline.md` §1 Verifier column):
94
+
95
+ - `src/apothem/benchmarks/bench_hooks.py` (`--event=<name>`), `bench_validate_ecosystem.py` (`--check=<name>`), `bench_tests.py` (`--module=<path>`), `bench_agents.py` (`--pattern=<name>`).
96
+ - `hooks/lib/bootstrap.sh` + `hooks/lib/bootstrap.ps1` — the canonical-pair stubs for the §1.1 shell sub-budget measurement.
97
+ - `conformity/gate.py` — the orchestrator entry-point for the per-dispatch budget measurement.
98
+
99
+ **Externalize the inventory** at `_inputs/perf-audit-input-inventory.md` (free-form `{kebab-case-topic}.md` per `rules/context-management-scratch.md` §1). Driver-presence gaps surface in PLAN-NOTES.md under `## Open Performance-Audit Questions` for operator audit before Phase 1.
100
+
101
+ ### Phase 1 — Per-Class Budget Discovery
102
+
103
+ Walk the per-class budget table at `rules/performance-discipline.md` §1 — the budgets are authoritative; this command measures against them, it does not invent them. Enumerate per class: **budget value** (e.g. PreToolUse 10s, conformity-gate per-dispatch 1s, shellcheck 5s) · **measurement boundary** (e.g. hook-fire to dispatcher-return, tool-invocation to exit, stub invocation to `exec` of dispatch.py) · **verifier invocation form** (the exact §1 Verifier-column command).
104
+
105
+ Surface every operator-override candidate per `rules/performance-discipline.md` §4 through the structured-inquiry channel. Override candidates are budgets the operator may have amended in `memory/expertise-gap-log.md` since the rule's last revision; never silently adopt an override (M5 authority-inquiry).
106
+
107
+ **Measurement-gate context.** Rule §1.0.1 records that the conformity-gate orchestrator's per-matcher work measured 0.67ms mean against a ~465ms interpreter-startup-dominated wall-clock; ProcessPoolExecutor parallelism was rejected by measurement. When interpreting per-dispatch measurements, the binding constraint is interpreter startup, not matcher dispatch.
108
+
109
+ ### Phase 2 — Benchmark Execution
110
+
111
+ Drive the four benchmark drivers against the deployed repository. Honor `--focus CLASS` when set; otherwise execute every class. Deploy a Quality Team (CM-25A) — each driver in its own agent slot per `rules/agent-orchestration.md` §2.1 (the 3+ independent-parallel-operations threshold is satisfied). Each agent returns structured measurements ≤ 200 tokens (CM-25C audit-return budget), required fields `class` · `subject` · `measured-ms` · `budget-ms` · `delta-pct` · `exit-code`.
112
+
113
+ **Per-class invocation map.**
114
+
115
+ | Class | Verifier | Subject set |
116
+ | ----- | -------- | ----------- |
117
+ | Hook handler | `python src/apothem/benchmarks/bench_hooks.py --event=<name>` | PreToolUse · PostToolUse · UserPromptSubmit · Notification (10s); SessionStart · PreCompact · PostCompact (30s); Stop (60s) |
118
+ | Verify-ecosystem | `python src/apothem/benchmarks/bench_validate_ecosystem.py [--check=<name>]` | Composite (30s); per-check subcommands (5s each) |
119
+ | Conformity-gate | `time python conformity/gate.py <representative-file>` | Single-file dispatch (1s); composite-sweep over `rules/**` (30s) |
120
+ | Test-suite | `time pytest -n auto` (60s); `python src/apothem/benchmarks/bench_tests.py --module=<path>` (per-module 10s) | Full suite; every test module |
121
+ | Agent-spawn | `python src/apothem/benchmarks/bench_agents.py --pattern=<name>` | research · audit · quality · generation (60s each) |
122
+ | Shell-execution (§1.1) | `time bash hooks/lib/bootstrap.sh SessionStart` (500ms); `Measure-Command { pwsh -NoProfile -File hooks/lib/bootstrap.ps1 -Event SessionStart }` (1500ms) | bootstrap stubs; find-python locator (200ms, embedded); shellcheck (5s); Invoke-ScriptAnalyzer (10s); ruff check (5s) |
123
+
124
+ Record every measurement with its verifier exit code. Exit code 0 attests budget compliance per `rules/performance-discipline.md` §2; non-zero exit codes surface as findings.
125
+
126
+ ### Phase 3 — Hot-Path Identification via USE Method
127
+
128
+ Apply the USE method (Brendan Gregg — Utilization · Saturation · Errors) to decompose every budget exceedance into its dominant resource class:
129
+
130
+ - **Utilization** — fraction of time the resource (CPU, I/O, memory bandwidth) is busy. Hook handlers and shell stubs are interpreter-startup-utilization-dominated; verify-ecosystem composite is matcher-orchestration-utilization-dominated.
131
+ - **Saturation** — degree to which the resource has extra work it cannot service (queue depth, lock contention). `pytest -n auto` parallel execution is saturation-bound when worker count exceeds CPU count.
132
+ - **Errors** — faulted operations (retries, timeouts, validation failures). Agent-spawn errors surface as retry-cycle inflation per `rules/agent-orchestration.md` §6.
133
+
134
+ Cross-reference **Core Web Vitals** (Google web.dev — LCP · INP · CLS) and the **RAIL model** (Response · Animation · Idle · Load) conceptually: the hook-handler 10s tier maps to RAIL "Response" (user-perceived latency ceiling); the SessionStart 30s tier maps to RAIL "Load". These models inform the budget rationale; the §1 table is the authoritative source for values.
135
+
136
+ Identify the **binding constraint** per CM-8 — the single class whose remediation unlocks the most downstream paths. It is rarely the most-exceeded class; it is the critical-path class others depend on (e.g. shell-stub startup is the critical-path floor for every hook handler).
137
+
138
+ ### Phase 4 — Findings Emission + Validation Gate
139
+
140
+ Emit `_inputs/perf-audit-findings.md` with canonical sections:
141
+
142
+ 1. **`## §1 Executive Summary`** — audited classes, total findings, severity distribution (HIGH/MEDIUM/LOW counts), identified binding constraint.
143
+ 2. **`## §2 Per-Class Measurement Tables`** — one table per audited class (hooks · verify-ecosystem · conformity-gate · tests · agents · shell), columns `Subject · Budget · Measured · Delta · Severity · USE Axis`.
144
+ 3. **`## §3 Severity-Classified Findings`** — every measurement with `delta-pct > 0` as `PERF-<N>: <subject> <delta-pct>% over budget`, followed by Severity + USE Axis + Concrete-Driver rationale (`rules/interactive-questions-canonical-shapes.md` §3.2.1) + Suggested Remediation.
145
+ 4. **`## §4 Hot-Path Identification`** — the USE-method decomposition with the binding constraint named per CM-8.
146
+ 5. **`## §5 Validation Gate Outcome`** — the fifteen-bar attestation block (`rules/pre-emission-gate.md` §2).
147
+ 6. **`## §6 Bindings (§0.j five-direction)`** — outward bindings to audit-fortress consumers and the upstream rule citations.
148
+
149
+ **Severity classification — mechanical, no judgment at the boundary** (concrete-driver class 6 observed-state in every case):
150
+
151
+ - **HIGH** — exceedance > 100% (the class consumes more than twice its budget). The measurement crosses the order-of-magnitude threshold where downstream timeouts fire — an exceedance > 100% means the class would trip the hook-event timeout under load.
152
+ - **MEDIUM** — exceedance 25–100% (1.25× to 2× budget). Within the same order of magnitude but breaches the engineering-margin threshold; remediation needed before release, does not block development.
153
+ - **LOW** — exceedance ≤ 25% (up to 1.25× budget). Within engineering margin; recorded for trend-tracking, routed to `memory/expertise-gap-log.md` per `rules/performance-discipline.md` §2.
154
+
155
+ Apply incremental generation (`rules/large-file-generation.md`) past 500 lines.
156
+
157
+ **Validation gate.** Run the fifteen-bar pre-emission gate. Load-bearing bars: **M9** (visual leverage — measurement tables are diagrams), **M10** (bidirectional binding — every finding cross-references its rule + remediation), **M12** (canonical layout — report at `_inputs/`), **M14** (systemicity — every finding declares upstream/downstream/peers/enforcers). M11 is N/A (single sprint). Remaining bars attest `pass` or `n/a (with reason)`. Iterate on failure per `rules/pre-emission-gate.md` §3.
158
+
159
+ ---
160
+
161
+ ## Critical Rules
162
+
163
+ - **NEVER assume a budget value** — the per-class budget table at `rules/performance-discipline.md` §1 is authoritative; operator overrides route through the structured-inquiry channel.
164
+ - **NEVER fabricate a measurement** — every measurement comes from a verifier invocation with its exit code recorded; estimated/extrapolated measurements are non-conformant (M5 authority-inquiry).
165
+ - **NEVER classify severity without the measured exceedance percentage** — severity is mechanical: > 100% HIGH, 25–100% MEDIUM, ≤ 25% LOW; no judgment is admissible at the boundary.
166
+ - **NEVER mutate the deployed source tree** — read-only audit; source edits land at the remediation change-set.
167
+ - **NEVER emit findings without the validation-gate attestation** — Phase 4 is non-optional; gate failure blocks promotion.
168
+ - **NEVER suppress a budget exceedance without recorded rationale** — silent suppression compounds technical debt invisibly (`rules/performance-discipline.md` §Anti-Patterns); exceedances route to findings, findings route to remediation.
169
+ - **Per-file destructive-op floor.** The report is the sole emission; no destructive op is in scope, but the floor applies if the operator requests retirement of stale audit reports — each routes through the structured-inquiry channel per-file (`rules/interactive-questions.md` §6).
170
+
171
+ ---
172
+
173
+ ## Decision Tree
174
+
175
+ The audit-fortress phase skeleton lives at `skills/ecosystem-audit/SKILL.md` §Audit-Fortress Phase Skeleton; this command's parameter-table row specifies its deltas — `tools-probed:` per-class benchmark drivers under `src/apothem/benchmarks/` · USE-method hot-path identifier · `borderline-classes:` operator-override ratification (per-class budget amendments) · `focus-semantics:` `--focus CLASS` scopes to a single performance class (hooks · validate-ecosystem · tests · agents · shell) · `pipeline-tail-handoff:` audit complete · handoff to remediation.
176
+
177
+ ---
178
+
179
+ ## Output
180
+
181
+ - The audit report at `_inputs/perf-audit-findings.md` (executive summary + per-class measurement tables + severity-classified findings + USE hot-path identification + validation-gate attestation + bindings).
182
+ - An optional input-inventory at `_inputs/perf-audit-input-inventory.md` (Phase 0).
183
+ - An update to `memory/expertise-gap-log.md` recording every HIGH-severity finding per `rules/performance-discipline.md` §2.
184
+
185
+ ---
186
+
187
+ ## Recommended Next Step
188
+
189
+ Invoke `/architecture-review` to advance the audit-fortress sequence — the canonical successor per the 11-command audit-fortress sequence.
190
+
191
+ ## Bindings (§0.j five-direction)
192
+
193
+ - **Drives →** `commands/architecture-review.md` (audit-fortress next-step). The consuming suite's performance-review slot. The four benchmark drivers under `src/apothem/benchmarks/` (every audit invocation drives them). The `memory/expertise-gap-log.md` ledger (HIGH-severity findings route here per `rules/performance-discipline.md` §2). The remediation change-set that consumes the findings backlog (governed by the `rules/production-ready-prs.md` same-change-set discipline).
194
+ - **Driven by ←** `commands/security-audit.md` (audit-fortress upstream).
195
+ - **Satisfies →** The consuming suite's audit-fortress catalog and performance-review slot. The Performance axis at `rules/cognitive-identity.md` §1. `rules/performance-discipline.md` (the path-filtered doctrine this command operationalizes). The `commands/README.md` command catalog's Audit/review-passes row for `/perf-audit`.
196
+ - **Established by ↑** USE method (Brendan Gregg — `https://www.brendangregg.com/usemethod.html`; the systems-performance decomposition framework cited in Phase 3). Core Web Vitals (Google web.dev — LCP/INP/CLS; the user-perceived-latency reference for the Phase 3 hook-handler tier mapping). RAIL model (Google web.dev — Response/Animation/Idle/Load; the conceptual framing for the 10s/30s/60s budget tiers). `rules/performance-discipline.md` §1 per-class budget table (the authoritative catalog). `rules/cognitive-identity.md` §1 seven-axs-of-breadth taxonomy (the Performance axis this command closes).
197
+ - **Gated by ←** The deployed repository's mandatory file presence (`hooks/`, `src/apothem/benchmarks/`, `tests/`, `hooks/lib/bootstrap.{sh,ps1}`). The four benchmark drivers. The harness's Agent + structured-inquiry + Bash + Read + Write tool surface. The `rules/performance-discipline.md` §1 budget table's authoritative status (this command never invents budgets).
198
+ - **Cross-bound with ↔** `commands/plan-review.md` (sibling forensic-audit command — `/plan-review` audits plan suites, `/perf-audit` audits deployed repositories). `commands/plan-execute.md` (the remediation change-sets that consume this command's findings). `rules/performance-discipline.md` (the authoritative budget catalog; this command is its auditing arm). `rules/cognitive-identity.md` (Performance axis of the seven-axs taxonomy). `rules/agent-orchestration.md` (Quality-Team deployment at Phase 2). `rules/option-annotation.md` (every finding's severity rationale cites a concrete-driver class). `rules/authority-inquiry.md` (every budget-override candidate routes through the canonical channel). `rules/pre-emission-gate.md` (Phase 4 fifteen-bar validation). `rules/large-file-generation.md` (incremental generation past 500 lines). `skills/ecosystem-audit/SKILL.md` (audit-fortress phase skeleton canonical home).
@@ -0,0 +1,104 @@
1
+ ---
2
+ name: "plan-amend"
3
+ version: "0.1.0"
4
+ updated: "2026-06-22"
5
+ description: "Amends, extends, refines, reverts, or weaves an existing plan suite without destroying prior resolved decisions — re-derives only the affected downstream artifacts (spec, master-plan, phases, notes), preserves the PLAN-NOTES.md decision ledger as authoritative and append-only, and routes every ambiguity through the structured-inquiry channel rather than inventing scope, identity, or decisions. The re-entrant `/plan` stage that revisits a converged-or-in-progress suite at any point in the spec → generate → review → execute chain."
6
+ argument-hint: "[amend|extend|refine|revert|weave] [suite-path] [--dry-run]"
7
+ disable-model-invocation: false
8
+ portability: "universal"
9
+ allowed-tools: "*"
10
+ ---
11
+
12
+ <!-- SPDX-License-Identifier: MIT -->
13
+
14
+ # /plan-amend — Amend an Existing Plan Suite
15
+
16
+ ## Role
17
+
18
+ You are the steward of an existing plan suite. Where `/plan-generate` produces a suite from scratch and `/plan-review` audits one, `/plan-amend` **modifies one in place** — applying a requested amendment mode while preserving every prior resolved decision. It loads the existing suite, treats the PLAN-NOTES.md decision ledger as authoritative and append-only, applies the amendment, and re-derives **only** the downstream artifacts the amendment actually touches. It never re-derives the whole suite, never overwrites a resolved decision, and never invents scope, identity, or decisions the operator has not supplied.
19
+
20
+ ## Pipeline Contract
21
+
22
+ **Pipeline position.** **Wrapping / orthogonal.** `/plan-amend` operates on a suite that already exists at any stage of the canonical sequence `/plan-spec → /plan-generate → /plan-review → /plan-design (CONDITIONAL — architecture-bearing suites only) → /plan-execute`. Invocable at any point once a suite exists; it inspects the suite's current stage and re-derives only the affected downstream artifacts. It never executes phase implementation work — it leaves the amended suite ready for re-review.
23
+
24
+ **Consumed.** The target suite's `_spec/spec.md`, `_inputs/handoff-manifest.yml`, infrastructure files (PREAMBLE.md, MASTER-PLAN.md, PROGRESS.md, PLAN-NOTES.md), `phases/**/PHASE.md`, and any existing phase reports. The PLAN-NOTES.md decision ledger is the authoritative record of prior resolved decisions and is read first.
25
+
26
+ **Emitted.** The re-derived subset of downstream artifacts the amendment touches (spec, master-plan, phase files, notes); an appended PLAN-NOTES.md decision-ledger entry recording the amendment mode, the affected artifacts, and the rationale; and an updated handoff manifest reflecting the amended suite shape. Artifacts the amendment does not touch are left byte-unchanged.
27
+
28
+ ## Sequence Gate
29
+
30
+ `/plan-amend` modifies an existing suite; it MUST NOT run without a suite to amend. Before Step 1, verify the predecessor precondition on disk:
31
+
32
+ - An existing plan suite is present at the target path — PREAMBLE.md, MASTER-PLAN.md, PROGRESS.md, PLAN-NOTES.md, and the per-phase folders under `phases/`.
33
+
34
+ When no suite exists at the target path, the stage REFUSES to run and emits the single definitive line `Blocked: run /plan-generate first` — `/plan-generate` is the predecessor that produces the suite this command amends. There is nothing to amend until a suite exists.
35
+
36
+ An explicit `--override` flag bypasses this gate. When `--override` is used, the bypass MUST be recorded as a finding in the suite's PLAN-NOTES.md (and the suite's findings surface) with the rationale and the missing precondition named, so the out-of-order run is auditable.
37
+
38
+ ## Amendment Modes
39
+
40
+ | Mode | Effect | Re-derivation scope |
41
+ | ---- | ------ | ------------------- |
42
+ | **amend** | Modifies an existing surface in place (a phase task, an acceptance criterion, a scope boundary). | The touched phase file(s) plus any downstream artifact that cites the modified surface. |
43
+ | **extend** | Adds a new surface (a new phase, task, or output) without altering existing ones. | The new artifact(s) plus the index surfaces that register it (MASTER-PLAN.md phase index, PROGRESS.md tracker). |
44
+ | **refine** | Improves an existing surface's quality (clearer prose, tighter acceptance criteria) without changing its contract. | The touched surface only; downstream artifacts unchanged because the contract holds. |
45
+ | **revert** | Removes a prior amendment, restoring an earlier ratified state. | The reverted artifact(s) plus the downstream artifacts that depended on the reverted surface; the decision ledger records the revert rather than erasing the prior entry. |
46
+ | **weave** | Integrates a cross-cutting change across multiple existing surfaces coherently. | Every surface the cross-cutting change touches, re-derived together so they stay mutually consistent. |
47
+
48
+ ## Workflow
49
+
50
+ ### Step 1: Resolve Target and Mode
51
+
52
+ Resolve the suite from the positional argument. If absent, choose the most recently modified suite under the host project's `.apothem/plans/` directory and state that resolution explicitly. Resolve the amendment mode from the positional `[amend|extend|refine|revert|weave]` argument; when the mode is absent or ambiguous, surface the choice through the structured-inquiry channel per `rules/interactive-questions.md` with the three-segment option annotation — never silently pick a mode. `--dry-run` reports the detected suite, the resolved mode, the planned amendment scope, and the would-write targets, then stops without file writes.
53
+
54
+ ### Step 2: Load the Existing Suite
55
+
56
+ Read the suite in full — the spec, the infrastructure files, every `phases/**/PHASE.md`, and the PLAN-NOTES.md decision ledger. The decision ledger is read first and treated as the authoritative record of prior resolved decisions. Build a registry of the suite's current surfaces (phases, outputs, decisions, dependency edges) so the amendment's blast radius is known before any write.
57
+
58
+ ### Step 3: Preserve Prior Resolved Decisions
59
+
60
+ The PLAN-NOTES.md decision ledger is authoritative and append-only; prior resolved decisions are NEVER silently overwritten. When an amendment would contradict a prior resolved decision, the contradiction surfaces through the structured-inquiry channel per `rules/interactive-questions.md` — the operator ratifies the change, and the ledger records the new decision as an appended entry that supersedes the prior one (the prior entry remains in the ledger as the audit trail). A `revert` mode appends a revert entry rather than deleting the original decision row.
61
+
62
+ ### Step 4: Apply the Amendment Mode
63
+
64
+ Apply the resolved mode per the Amendment Modes table. Each applied change is scoped to the surfaces the mode names — the amendment touches the smallest surface that achieves the requested change. Changed prose is re-derived from the amended specification under the clean-room barrier per `rules/clean-room-generation.md` §3, not patched cosmetically. Surfaces the amendment does not touch are left byte-unchanged.
65
+
66
+ ### Step 5: Re-Derive Only the Affected Downstream Artifacts
67
+
68
+ Trace the amendment's blast radius from Step 2's registry. Re-derive only the downstream artifacts the amendment actually affects — the spec when the amendment changes a requirement, MASTER-PLAN.md when it changes the phase index or dependency graph, the touched phase files, and PLAN-NOTES.md to append the decision-ledger entry. Re-deriving the whole suite when only a subset is affected is a defect. Verify that every re-derived artifact stays mutually consistent with the surfaces the amendment left unchanged.
69
+
70
+ ### Step 6: Route Every Ambiguity Through Structured Inquiry
71
+
72
+ Every ambiguity — scope direction, identity, naming, an undeclared decision, a contradiction with a prior resolved decision — routes through the structured-inquiry channel per `rules/interactive-questions.md` (canonical channel; three-segment option annotation; never free-form prose as primary input). The command NEVER invents scope, identity, or decisions. Required-category gaps block the amendment until the operator resolves them; optional-category gaps fall back to the recommended option and record the fallback as a finding in PLAN-NOTES.md.
73
+
74
+ ### Step 7: Persist and Attest
75
+
76
+ Write the re-derived subset of artifacts. Append the decision-ledger entry to PLAN-NOTES.md recording the amendment mode, the affected artifacts, and the rationale. Update the handoff manifest and PROGRESS.md Phase Output Registry to reflect the amended suite shape. The amended suite is left ready for re-review; the command emits no codebase commits and does not execute phases.
77
+
78
+ ## Disciplines
79
+
80
+ - **Decision-ledger preservation:** PLAN-NOTES.md is authoritative and append-only; prior resolved decisions are never silently overwritten.
81
+ - **Minimal re-derivation:** only the affected downstream artifacts are re-derived; untouched surfaces stay byte-unchanged.
82
+ - **No invention:** every ambiguity routes through structured inquiry; scope, identity, and decisions are never fabricated.
83
+ - **Clean-room re-derivation:** changed prose is re-derived from the amended specification, not patched cosmetically.
84
+ - **Anti-inflation:** the decision ledger appends; it does not accumulate long chronological narrative that belongs in REPORT.md or `_outputs/`.
85
+ - **Human-only authorship:** any git surface uses human authorship, conventional commits, and no AI attribution.
86
+
87
+ ## Verification Recipe
88
+
89
+ 1. `rg -nP '^name: "plan-amend"$' src/apothem/commands/plan-amend.md` returns one hit.
90
+ 2. On a suite with a prior resolved decision, an `amend` run re-derives only the touched phase file and appends — never overwrites — the decision ledger.
91
+ 3. On a suite missing PROGRESS.md, the Sequence Gate emits `Blocked: run /plan-generate first` and writes nothing unless `--override` is supplied (recorded as a finding).
92
+ 4. `/plan-review` consumes the amended suite and re-audits it before any downstream execution.
93
+
94
+ ## Recommended Next Step
95
+
96
+ **Invoke `/plan-review` on the amended suite.** `/plan-review` re-audits the amended suite from scratch under the Blind Review Mandate, confirming the amendment introduced no regression before any downstream execution — it is the canonical successor to every amendment.
97
+
98
+ ## Bindings (§0.j five-direction)
99
+
100
+ - **Drives →** ● The re-derived subset of downstream artifacts (spec, master-plan, phase files, notes). ● The appended PLAN-NOTES.md decision-ledger entry recording each amendment. ● The updated handoff manifest reflecting the amended suite shape. ● The re-review verdict consumed by `/plan-review`.
101
+ - **Satisfies →** ● The plan-suite amendment discipline — modifying a suite in place without destroying prior resolved decisions and re-deriving only the affected downstream artifacts. ● `rules/clean-room-generation.md` §3 by re-deriving changed prose from the amended specification under the clean-room barrier.
102
+ - **Established by ↑** ● The `/plan` stage cohort. ● `rules/context-management-scratch.md` `_inputs/` / `_outputs/` suite-locality convention. ● `rules/interactive-questions.md` (the canonical channel every ambiguity routes through).
103
+ - **Gated by ←** ● An existing plan suite at the target path. ● `rules/interactive-questions.md` for every ambiguity and every contradiction with a prior resolved decision. ● The append-only decision-ledger invariant at Step 3.
104
+ - **Cross-bound with ↔** ↔ `commands/plan-generate.md` (generate produces the suite this command amends). ↔ `commands/plan-spec.md` (spec amendments re-derive the suite's `_spec/spec.md`). ↔ `commands/plan-review.md` (review re-audits the amended suite). ↔ `commands/plan-design.md` (design re-runs when an amendment touches an architecture-bearing surface). ↔ `commands/plan-audit.md` (audit wraps amendment findings into a closed remediation loop). ↔ `commands/plan-execute.md` (execute consumes the amended suite after re-review). ↔ `commands/plan-status.md` (read-only sibling reports the amended suite state). ↔ `rules/clean-room-generation.md`, `rules/interactive-questions.md`, and `rules/context-management-scratch.md` (re-derivation discipline, inquiry channel, and output placement).