npm - @atlashub/smartstack-cli - Versions diffs - 3.17.0 → 3.18.0 - Mend

@atlashub/smartstack-cli 3.17.0 → 3.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@atlashub/smartstack-cli",
-  "version": "3.17.0",
+  "version": "3.18.0",
   "description": "SmartStack Claude Code automation toolkit - GitFlow, EF Core migrations, prompts and more",
   "author": {
     "name": "SmartStack",

package/templates/skills/business-analyse/SKILL.md CHANGED Viewed

@@ -209,7 +209,7 @@ When step-00 detects that the description matches an existing application:
 | 04c  | `steps/step-04c-decide.md`        | Opus   | Final approval, write consolidation, proceed to handoff |
 | 05a  | `steps/step-05a-handoff.md`       | Sonnet | Handoff: file mapping (7 categories), BR-to-code mapping, API summary, write handoff |
 | 05b  | `steps/step-05b-deploy.md`        | Sonnet | Deploy: prd.json, progress.txt, manifest, ba-interactive.html |
-| 05c  | `steps/step-05c-ralph-readiness.md` | Sonnet | Ralph readiness validation gate (optional but recommended) |
+| 05c  | `steps/step-05c-ralph-readiness.md` | Opus | ULTRATHINK quality review + ralph readiness gate (MANDATORY) |
 | 06   | `steps/step-06-review.md`         | Opus   | Apply review corrections, create new version, regenerate all artifacts |
 </step_files>
@@ -252,10 +252,10 @@ Load ONLY relevant categories based on feature type:
 | -------- | ----------------------------------- | ------------ |
 | schema   | `schemas/feature-schema.json`       | All steps    |
 | spec     | `templates/tpl-frd.md`              | 02           |
-| handoff  | `templates/tpl-handoff.md`          | 04           |
+| handoff  | `templates/tpl-handoff.md`          | 05a          |
 | suggestions | `patterns/suggestion-catalog.md` | 01           |
-| interactive | `html/ba-interactive.html`        | 03d (incremental), 05d (final deploy)  |
-| mapping    | `references/html-data-mapping.md`  | 03d, 05d (FEATURE_DATA + EMBEDDED_ARTIFACTS mapping) |
+| interactive | `html/ba-interactive.html`        | 03d (incremental), 05b (final deploy)  |
+| mapping    | `references/html-data-mapping.md`  | 03d, 05b (FEATURE_DATA + EMBEDDED_ARTIFACTS mapping) |
 </template_files>

package/templates/skills/business-analyse/steps/step-00-init.md CHANGED Viewed

@@ -374,12 +374,30 @@ If initialization was interrupted:
 1. Check `.business-analyse/config.json` for currentFeature
 2. If feature ID exists, search for feature.json in `docs/business/`
-3. If found, check `metadata.workflow.lastCompletedStep`:
-   - If `"step-04-consolidation"` AND status = `"consolidated"`:
-     → Resume directly at `step-05a-handoff.md` (skip steps 00-04)
-     → Display: "Resuming from consolidation — proceeding to handoff..."
+3. If found, check status and `metadata.workflow.lastCompletedStep`:
+   **Status-based resume routing (check in this order):**
+   - If status = `"handed-off"` AND `ba-interactive.html` missing:
+     → Resume at `step-05b-deploy.md` (deploy artifacts + HTML)
+     → Display: "Handoff complete but HTML/artifacts missing — deploying..."
    - If status = `"handed-off"` AND `.ralph/prd-*.json` files missing:
      → Resume at `step-05b-deploy.md` (only deploy artifacts needed)
-     → Display: "Handoff complete but artifacts missing — deploying..."
+     → Display: "Handoff complete but PRD files missing — deploying..."
+   - If status = `"consolidated"` OR lastCompletedStep = `"step-04-consolidation"`:
+     → Resume directly at `step-05a-handoff.md` (skip steps 00-04)
+     → Display: "Resuming from consolidation — proceeding to handoff..."
+   - If status = `"specified"` AND `metadata.workflow.allModulesSpecified === true`:
+     → Resume at `step-04a-collect.md` (consolidation phase)
+     → Display: "All modules specified — resuming at consolidation..."
+   - If status = `"specified"` AND `metadata.workflow.completedModules.length > 0` AND `metadata.workflow.completedModules.length < metadata.workflow.moduleOrder.length`:
+     → Resume at `step-03a1-setup.md` (continue specifying remaining modules)
+     → Display: "Resuming module specification ({completedCount}/{totalCount})..."
    - Otherwise: offer to resume from last completed step
 4. If not found, create fresh feature.json

package/templates/skills/business-analyse/steps/step-03d-validate.md CHANGED Viewed

@@ -165,6 +165,24 @@ ELSE:
 ---
+### 9g. Anti-Premature-Completion Guard (MANDATORY)
+> **CRITICAL — NEVER say "the analysis is complete" or "ready for /ralph-loop" at this point.**
+> Step-03d is the END of SPECIFICATION, NOT the end of the BA workflow.
+> Steps 04a → 04b → 04c (consolidation) + 05a → 05b → 05c (handoff) are STILL REQUIRED.
+> Without handoff, /ralph-loop will generate an INCOMPLETE PRD (no frontend, no tests).
+**FORBIDDEN phrases in step-03d output:**
+- "L'analyse métier est complète" / "The business analysis is complete"
+- "Prêt pour /ralph-loop" / "Ready for /ralph-loop"
+- "Vous pouvez maintenant lancer /ralph-loop"
+- Any variation suggesting the BA is finished or /ralph-loop can be invoked
+**REQUIRED phrasing:**
+- "Module {name} spécifié. {Remaining} modules restants." (if more modules)
+- "Tous les modules spécifiés. Passage à la consolidation (étapes 04a-04c)..." (if last module)
+- NEVER mention /ralph-loop — only step-05c (ralph readiness) validates the handoff
 ### 10. Module Summary with Roles & Permissions
 Display comprehensive summary:
@@ -286,8 +304,23 @@ IF currentModuleIndex < moduleOrder.length:
   Load: steps/step-03a1-setup.md
 IF currentModuleIndex >= moduleOrder.length:
-  Display: "═══ Tous les modules spécifiés! Passage à la consolidation... ═══"
+  Display: "═══ Tous les modules spécifiés! Passage à la consolidation (04a→04c) puis handoff (05a→05c)... ═══"
+  Display: "⚠ NE PAS lancer /ralph-loop — la consolidation et le handoff sont encore nécessaires."
   ba-writer.updateStatus({feature_id}, "specified")
+  // CHECKPOINT: Save progress BEFORE transition (protects against context exhaustion)
+  ba-writer.enrichSection({
+    featureId: {feature_id},
+    section: "metadata.workflow",
+    data: {
+      lastCompletedStep: "step-03d-validate",
+      allModulesSpecified: true
+    }
+  })
+  // MANDATORY TRANSITION — DO NOT STOP HERE
+  // If context is near exhaustion, the checkpoint above ensures the user
+  // can resume with /business-analyse and it will route to step-04a automatically.
   Load: steps/step-04a-collect.md
 ```

package/templates/skills/business-analyse/steps/step-05b-deploy.md CHANGED Viewed

@@ -360,10 +360,9 @@ Effort:    {total_days} days ({total_hours} hours)
   1. Ouvrir ba-interactive.html dans le navigateur
   2. Partager avec les stakeholders pour validation
   3. Si retours --> relancer /business-analyse pour une nouvelle itération
-  4. Validation de la compatibilité ralph-loop (recommandé):
+  4. Validation qualité ULTRATHINK (automatique):
-     Continuez à step-05c-ralph-readiness.md pour valider
-     la complétude et l'intégrité avant développement
+     → Lancement automatique de step-05c-ralph-readiness.md...
   5. Une fois validé, lancer le développement:
@@ -376,16 +375,19 @@ Effort:    {total_days} days ({total_hours} hours)
 ## NEXT STEP
-**RECOMMENDED:** Load `steps/step-05c-ralph-readiness.md` to run validation gate before /ralph-loop.
+**MANDATORY:** Load `steps/step-05c-ralph-readiness.md` — ULTRATHINK quality review & readiness gate.
+> **This step is NON-NEGOTIABLE.** The BA skill MUST run step-05c before completing.
+> DO NOT skip this step. DO NOT display a "done" message without running step-05c first.
 This validation ensures:
-- All module handoffs are complete
+- ULTRATHINK deep quality review of the entire BA output
+- All module handoffs are complete and content is coherent
 - PRD files are structurally valid
 - Cross-module references are resolvable
+- Specification quality meets production standards
 - No blocking issues before development
-User can skip validation and proceed directly to /ralph-loop, but validation is strongly recommended to catch issues early.
 ---
 ## MODE SUPPORT & TROUBLESHOOTING

package/templates/skills/business-analyse/steps/step-05c-ralph-readiness.md CHANGED Viewed

@@ -1,16 +1,17 @@
 ---
 name: step-05c-ralph-readiness
-description: Validation gate before ralph-loop - verify completeness, integrity, and readiness
-model: sonnet
+description: ULTRATHINK quality review + validation gate before ralph-loop
+model: opus
 next_step: null
 ---
 > **Context files:** `_shared.md`
-# Step 5c: Ralph Readiness Check
+# Step 5c: ULTRATHINK Quality Review & Ralph Readiness Check
 ## MANDATORY EXECUTION RULES
+- **ALWAYS** use ULTRATHINK mode for the quality review (section 0b)
 - **ALWAYS** run ALL validation checks (NEVER skip)
 - **BLOCKING RULE:** If ANY check fails → STOP, DO NOT proceed to ralph-loop
 - **ALWAYS** provide actionable fix instructions for failures
@@ -19,7 +20,7 @@ next_step: null
 ## YOUR TASK
-Perform comprehensive validation to ensure the business analysis is ready for implementation via /ralph-loop. This is a **BLOCKING** gate - all checks must pass before development can proceed.
+Perform a deep ULTRATHINK quality review of the entire business analysis output, then run comprehensive structural validation to ensure readiness for /ralph-loop. This is a **BLOCKING** gate — all checks must pass before development can proceed.
 ---
@@ -31,9 +32,177 @@ Display validation banner:
 ```
 ═══════════════════════════════════════════════════════════════
-  RALPH READINESS CHECK - {application_name}
+  ULTRATHINK QUALITY REVIEW & RALPH READINESS CHECK
+  {application_name}
 ═══════════════════════════════════════════════════════════════
-Validating business analysis completeness before development...
+Phase 1: Deep quality review (ULTRATHINK)...
+Phase 2: Structural validation (8 checks)...
+```
+---
+### 0b. ULTRATHINK Deep Quality Review (MANDATORY)
+> **This section MUST be executed in ULTRATHINK mode.**
+> Take the time to deeply analyze the ENTIRE business analysis output.
+> This is the last chance to catch quality issues before development begins.
+**Objective:** Perform a thorough, deep-thinking review of the business analysis quality — not just structural checks, but semantic coherence, completeness, and production-readiness.
+**Process:**
+1. **Read ALL module feature.json files** (master + each module)
+2. **Activate ULTRATHINK** and analyze the following 6 dimensions:
+#### Dimension 1: Specification Coherence
+```
+For EACH module:
+  - Do use cases (UCs) tell a coherent story?
+  - Are functional requirements (FRs) logically derived from UCs?
+  - Do business rules (BRs) cover all edge cases mentioned in UCs?
+  - Are gherkin scenarios testing the RIGHT behaviors (not trivial CRUD)?
+  - Do entity relationships make domain sense?
+Flag: Orphan FRs (not linked to any UC), UCs with no FR coverage,
+      BRs that don't map to any entity/field
+```
+#### Dimension 2: Permission & Security Model
+```
+For EACH module:
+  - Is the permission hierarchy logical? (admin > manager > contributor > viewer)
+  - Are there actions that should be restricted but aren't?
+  - Do API endpoints all have permissions assigned?
+  - Are there over-permissive roles? (e.g., contributor with delete access)
+  - Cross-module: can a user in Module A access data in Module B through indirect routes?
+Flag: Endpoints without permissions, roles with excessive access,
+      missing permission paths
+```
+#### Dimension 3: Data Model Integrity
+```
+For EACH module:
+  - Are all entity relationships bidirectional where needed?
+  - Are FK references correct (target entity exists, correct field type)?
+  - Are there missing audit fields (CreatedAt, UpdatedAt, CreatedBy)?
+  - Do lifecycle states cover all business scenarios?
+  - Are cascade delete/update rules safe? (no orphan risk)
+Cross-module:
+  - Are shared entity references correct?
+  - Is the dependency graph honest? (no hidden dependencies)
+Flag: Missing relationships, unsafe cascades, missing audit fields,
+      hidden cross-module dependencies
+```
+#### Dimension 4: UI/UX Completeness
+```
+For EACH module:
+  - Does every section have at least one wireframe?
+  - Do wireframes cover ALL use cases? (no UC without UI representation)
+  - Are navigation entries correct and complete?
+  - Do wireframe actions map to real API endpoints?
+  - Are form fields aligned with entity attributes?
+  - Are validation rules defined for all user-input fields?
+Flag: UCs with no wireframe, wireframes with unmapped actions,
+      missing form validations, navigation gaps
+```
+#### Dimension 5: i18n & Messages Quality
+```
+For EACH module:
+  - Are all user-facing strings covered by i18n keys?
+  - Are error messages specific enough? (not generic "Error occurred")
+  - Do validation messages reference the field name?
+  - Are success/confirmation messages present for all write operations?
+  - Are there missing translations in any language?
+Flag: Generic error messages, missing field-specific validations,
+      incomplete language coverage
+```
+#### Dimension 6: Implementation Feasibility
+```
+For EACH module:
+  - Is the handoff.filesToCreate list realistic? (no missing files, no impossible paths)
+  - Do brToCodeMapping entries have enough detail for generation?
+  - Are API endpoint paths following REST conventions?
+  - Are DTO structures aligned with entity attributes?
+  - Is the seed data sufficient for testing all use cases?
+  - Are there any features that would require infrastructure not in the stack?
+Flag: Unrealistic file counts, vague BR mappings, non-RESTful routes,
+      missing seed data for critical test scenarios
+```
+3. **Produce Quality Verdict:**
+```
+═══════════════════════════════════════════════════════════════
+  ULTRATHINK QUALITY REVIEW - RESULTS
+═══════════════════════════════════════════════════════════════
+| Dimension | Score | Issues |
+|-----------|-------|--------|
+| Specification Coherence | A/B/C/D | {count} issues |
+| Permission & Security | A/B/C/D | {count} issues |
+| Data Model Integrity | A/B/C/D | {count} issues |
+| UI/UX Completeness | A/B/C/D | {count} issues |
+| i18n & Messages | A/B/C/D | {count} issues |
+| Implementation Feasibility | A/B/C/D | {count} issues |
+Overall Quality: {A/B/C/D}
+  A = Production-ready (0 critical, ≤3 warnings)
+  B = Good (0 critical, >3 warnings)
+  C = Needs fixes (1-2 critical issues)
+  D = Major rework needed (>2 critical issues)
+```
+4. **Display Issues (if any):**
+```
+Critical Issues (MUST fix before /ralph-loop):
+  ✗ [Dimension] Issue description
+    → Fix: Specific action to resolve
+Warnings (SHOULD fix, not blocking):
+  ⚠ [Dimension] Issue description
+    → Recommendation: How to improve
+Suggestions (nice-to-have):
+  ℹ [Dimension] Suggestion
+```
+5. **Decision:**
+```
+IF overall quality = D:
+  BLOCKING ERROR: Major quality issues detected
+  → Return to appropriate step to fix critical issues
+  → DO NOT proceed to structural validation
+IF overall quality = C:
+  Ask via AskUserQuestion:
+    question: "Des problèmes de qualité ont été détectés. Comment souhaitez-vous procéder ?"
+    header: "Qualité"
+    options:
+      - label: "Corriger les problèmes critiques"
+        description: "Retourner aux étapes concernées pour corriger"
+      - label: "Continuer malgré les problèmes"
+        description: "Accepter les risques et poursuivre la validation structurelle"
+IF overall quality = A or B:
+  Display: "✓ Quality review passed — proceeding to structural validation..."
+  → Continue to section 1
 ```
 ---
@@ -394,10 +563,11 @@ Progress Tracker Validation:
 **Process:**
-1. Aggregate all validation results
+1. Aggregate all validation results (quality review + 7 structural checks)
 2. Calculate readiness score:
    ```
    passedChecks / totalChecks * 100
+   Quality gate: overall quality must be A or B
    ```
 3. Display final report:
@@ -407,17 +577,23 @@ Progress Tracker Validation:
   RALPH READINESS CHECK - COMPLETE
 ═══════════════════════════════════════════════════════════════
-Validation Summary:
-  ✓ Module status validation: PASS (5/5 modules)
-  ✓ PRD files validation: PASS (5/5 files)
-  ✓ Dependency graph validation: PASS (4 edges)
-  ✓ Cross-module references validation: PASS (4 references)
-  ✓ Handoff completeness check: PASS (5/5 modules)
-  ⚠ i18n keys validation: WARNING (1 missing translation)
+ULTRATHINK Quality Review:
+  Quality Score: {A/B} — {Production-ready / Good}
+  Dimensions: {6/6 reviewed}
+  Critical issues: {0}
+  Warnings: {count}
+Structural Validation Summary:
+  ✓ Module status validation: PASS ({n}/{n} modules)
+  ✓ PRD files validation: PASS ({n}/{n} files)
+  ✓ Dependency graph validation: PASS ({n} edges)
+  ✓ Cross-module references validation: PASS ({n} references)
+  ✓ Handoff completeness check: PASS ({n}/{n} modules)
+  ⚠ i18n keys validation: WARNING ({n} missing translation)
   ✓ Master feature validation: PASS
   ✓ Progress tracker validation: PASS
-Readiness Score: 100% (7/7 critical checks passed, 1 warning)
+Readiness Score: 100% (8/8 checks passed, {n} warnings)
 ═══════════════════════════════════════════════════════════════
@@ -425,7 +601,7 @@ Status: READY FOR DEVELOPMENT ✓
 Next Steps:
   1. Address warnings (recommended but not blocking):
-     - Add missing DE translation for "timeEntry.validation.overlapping" in TimeTracking module
+     - {list warnings from quality review + structural checks}
   2. Review progress tracker: .ralph/progress.txt
@@ -434,14 +610,14 @@ Next Steps:
      /ralph-loop -r
   4. Ralph-loop will:
-     - Process modules in topological order: [Projects, TimeTracking, LeaveManagement, AbsenceManagement, Reporting]
-     - Generate 183 files across 7 layers
-     - Execute 247 tasks tracked in progress.txt
+     - Process modules in topological order: [{module list}]
+     - Generate {n} files across 7 layers
+     - Execute {n} tasks tracked in progress.txt
 ═══════════════════════════════════════════════════════════════
 ```
-**IF readiness score < 100% (critical checks failed):**
+**IF readiness score < 100% OR quality = C/D (critical checks failed):**
 ```
 ═══════════════════════════════════════════════════════════════
@@ -450,21 +626,24 @@ Next Steps:
 Status: NOT READY FOR DEVELOPMENT ✗
-Critical Issues Found:
-  ✗ Module status validation: FAIL (1/5 modules incomplete)
-    - Reporting module status is "specified", must be "handed-off"
-    - Fix: Return to step-05a-handoff.md for Reporting module
+{IF quality = C/D:}
+Quality Issues Found:
+  ✗ ULTRATHINK quality review: {C/D} — {Needs fixes / Major rework}
+    - {List critical quality issues from section 0b}
+    - Fix: Return to appropriate step (see quality review details above)
-  ✗ PRD files validation: FAIL (1/5 files invalid)
-    - prd-Reporting.json has wrong structure (filesToCreate at root level)
-    - Fix: Re-run ss derive-prd --feature docs/business/HumanResources/Reporting/business-analyse/v1.0/feature.json --output .ralph/prd-Reporting.json
+{IF structural checks failed:}
+Structural Issues Found:
+  ✗ {check name}: FAIL ({details})
+    - {specific issue}
+    - Fix: {specific action}
 Required Actions:
   1. Fix all critical issues listed above
   2. Re-run validation: load step-05c-ralph-readiness.md
-  3. Only proceed to /ralph-loop when all critical checks pass
+  3. Only proceed to /ralph-loop when all checks pass AND quality ≥ B
-DO NOT PROCEED TO /ralph-loop UNTIL ALL CRITICAL CHECKS PASS
+DO NOT PROCEED TO /ralph-loop UNTIL ALL CHECKS PASS
 ═══════════════════════════════════════════════════════════════
 ```
@@ -474,22 +653,25 @@ DO NOT PROCEED TO /ralph-loop UNTIL ALL CRITICAL CHECKS PASS
 Before displaying final report, VERIFY:
-1. **ALL validation checks executed** (never skip)
-2. **Results clearly marked** (PASS/FAIL/WARNING)
-3. **Actionable fixes provided** for all failures
-4. **Readiness score calculated** correctly
-5. **Next steps displayed** with exact commands
-6. **Blocking errors prevent progression** (no false positives)
+1. **ULTRATHINK quality review executed** (6 dimensions analyzed)
+2. **Quality verdict displayed** with scores per dimension
+3. **ALL 8 structural validation checks executed** (never skip)
+4. **Results clearly marked** (PASS/FAIL/WARNING)
+5. **Actionable fixes provided** for all failures
+6. **Readiness score calculated** correctly
+7. **Next steps displayed** with exact commands
+8. **Blocking errors prevent progression** (no false positives)
 ---
 ## SUCCESS CRITERIA
-- All 7 critical validation checks executed
+- ULTRATHINK quality review completed with overall score A or B
+- All 8 critical validation checks executed (quality review + 7 structural)
 - Clear PASS/FAIL/WARNING status for each check
 - Readiness score displayed (100% = all critical checks passed)
 - Actionable fix instructions for all failures
-- User can proceed to /ralph-loop only if readiness score = 100%
+- User can proceed to /ralph-loop only if readiness score = 100% AND quality ≥ B
 - Warnings documented but not blocking
 ---
@@ -498,6 +680,7 @@ Before displaying final report, VERIFY:
 **Why this gate matters:**
+- **ULTRATHINK catches semantic issues** that structural checks miss (orphan UCs, incoherent permissions, missing UI flows)
 - Prevents incomplete handoffs from reaching development
 - Catches structural issues early (PRD validation)
 - Verifies cross-module integrity before code generation
@@ -506,8 +689,7 @@ Before displaying final report, VERIFY:
 **When to run this gate:**
-- Automatically at end of step-05b-deploy.md (recommended)
-- Manually before /ralph-loop if user wants to verify
+- **Automatically at end of step-05b-deploy.md (MANDATORY)**
 - After fixing any handoff issues to re-validate
 **What happens if checks fail:**
@@ -515,4 +697,4 @@ Before displaying final report, VERIFY:
 - Development is BLOCKED until issues are fixed
 - User returns to appropriate step to fix issues
 - Re-run validation after fixes
-- Only proceed when all critical checks pass
+- Only proceed when all critical checks pass AND quality review passes

package/templates/skills/ralph-loop/SKILL.md CHANGED Viewed

@@ -95,8 +95,41 @@ LOAD → GENERATE → COMPILE → TEST → [FAIL?] → FIX → RE-TEST → [PASS
 - `scaffold_tests` — test generation
 </mcp_requirements>
+<execution_guarantee>
+## EXECUTION GUARANTEE — READ THIS FIRST
+**Ralph-loop executes ALL tasks from start to finish. No exceptions.**
+When the user invokes `/ralph-loop`, they are giving you the instruction to:
+1. Initialize the loop (step-00)
+2. Load ALL tasks (step-01)
+3. Execute the FIRST task (step-02)
+4. Commit (step-03)
+5. Enter the COMPACT LOOP (step-04 → compact-loop.md)
+6. **Execute ALL remaining tasks autonomously** (compact loop repeats)
+7. Generate the final report (step-05)
+**You MUST NOT:**
+- Stop after the first task to "ask for confirmation"
+- Set `max_iterations = 1` or any reduced value
+- Ask the user to choose between supervised/autonomous mode
+- Ask the user to choose a completion promise
+- Wait for user input between iterations
+- Delegate the loop to sub-agents (except team mode)
+**The ONLY valid stop conditions are:**
+- ALL tasks completed (→ step-05 report)
+- `max_iterations` reached (user set via `-m N`)
+- Dead-end (all remaining blocked/failed)
+- User Ctrl+C
+**If you stop for any other reason, you have VIOLATED this guarantee.**
+</execution_guarantee>
 <entry_point>
-**FIRST ACTION:** Load `steps/step-00-init.md`
+**FIRST ACTION:** Load `steps/step-00-init.md` — then execute ALL steps through to step-05 without stopping.
 </entry_point>
 <step_files>
@@ -134,6 +167,13 @@ LOAD → GENERATE → COMPILE → TEST → [FAIL?] → FIX → RE-TEST → [PASS
 <execution_rules>
+### NON-NEGOTIABLE — Autonomous Full Execution
+- **EXECUTE ALL TASKS** — from first to last, no user interaction, no pause, no confirmation
+- **NEVER ask the user** — no mode selection, no completion promise choice, no "shall I continue?"
+- **NEVER stop after first task** — the first task is just the beginning, NOT the end
+- **NEVER set max_iterations = 1** — unless the user explicitly passed `-m 1`
+### Loop Mechanics
 - **Single module:** Main agent runs compact loop (NEVER delegate to sub-agent)
 - **Multi-module (2+):** Team lead + module workers via TeamCreate (see references/team-orchestration.md)
 - **Load step files ONCE** — after first iteration, use compact-loop.md

package/templates/skills/ralph-loop/references/category-rules.md CHANGED Viewed

@@ -141,13 +141,86 @@ Rules:
 - DTOs separate from domain entities
 - Service interfaces in Application, implementations in Infrastructure
-**Tenant isolation (BLOCKING):**
+**Tenant isolation (BLOCKING — SECURITY CRITICAL):**
+> **ROOT CAUSE (test-v4-005):** Services were generated WITHOUT TenantId filtering,
+> creating cross-tenant data leakage on ALL 70+ CRUD endpoints.
+> This is an OWASP A01 (Broken Access Control) vulnerability.
 - ALL queries on tenant entities MUST include `.Where(x => x.TenantId == _currentUser.TenantId)`
 - ALL entity creation MUST pass `_currentUser.TenantId` as first parameter to `Entity.Create(tenantId, ...)`
 - NEVER use `new Entity { }` without `TenantId =` — always prefer factory method `Entity.Create()`
 - NEVER use `Guid.Empty` as a placeholder for userId, tenantId, or any business identifier
 - Service constructor MUST inject `ICurrentUserService _currentUser` to access TenantId
+**MANDATORY Service Template (use as skeleton for ALL services):**
+```csharp
+public class {Entity}Service : I{Entity}Service
+{
+    private readonly IExtensionsDbContext _db;
+    private readonly ICurrentUserService _currentUser;
+    public {Entity}Service(IExtensionsDbContext db, ICurrentUserService currentUser)
+    {
+        _db = db;
+        _currentUser = currentUser;
+    }
+    public async Task<PagedResult<{Entity}Response>> GetAllAsync(/* filters */, CancellationToken ct)
+    {
+        var tenantId = _currentUser.TenantId;
+        var query = _db.{Entities}
+            .Where(x => x.TenantId == tenantId)  // ← MANDATORY tenant filter
+            .AsQueryable();
+        // ... apply filters, pagination, projection to Response DTO
+    }
+    public async Task<{Entity}Response?> GetByIdAsync(Guid id, CancellationToken ct)
+    {
+        var tenantId = _currentUser.TenantId;
+        var entity = await _db.{Entities}
+            .Where(x => x.TenantId == tenantId)  // ← MANDATORY tenant filter
+            .FirstOrDefaultAsync(x => x.Id == id, ct);
+        // ...
+    }
+    public async Task<{Entity}Response> CreateAsync(Create{Entity}Dto dto, CancellationToken ct)
+    {
+        var entity = {Entity}.Create(_currentUser.TenantId, /* dto fields */);
+        // ← TenantId as FIRST parameter
+        _db.{Entities}.Add(entity);
+        await _db.SaveChangesAsync(ct);
+        return MapToResponse(entity);
+    }
+    public async Task<{Entity}Response> UpdateAsync(Guid id, Update{Entity}Dto dto, CancellationToken ct)
+    {
+        var entity = await _db.{Entities}
+            .Where(x => x.TenantId == _currentUser.TenantId)  // ← MANDATORY
+            .FirstOrDefaultAsync(x => x.Id == id, ct)
+            ?? throw new NotFoundException(nameof({Entity}), id);
+        // ... update fields
+    }
+    public async Task DeleteAsync(Guid id, CancellationToken ct)
+    {
+        var entity = await _db.{Entities}
+            .Where(x => x.TenantId == _currentUser.TenantId)  // ← MANDATORY
+            .FirstOrDefaultAsync(x => x.Id == id, ct)
+            ?? throw new NotFoundException(nameof({Entity}), id);
+        // ...
+    }
+    private static {Entity}Response MapToResponse({Entity} entity) => new()
+    {
+        // Map entity fields to response DTO
+    };
+}
+```
+**POST-CHECK after writing ANY service:** Grep the file for `TenantId`. If 0 occurrences → FAIL, rewrite with tenant filtering.
 **Lifecycle-aware services:**
 - Services operating on entities with a `lifeCycle` (status field) MUST validate entity state before mutations
 - Example: `if (entity.Status == EmployeeStatus.Terminated) throw new BusinessException("Cannot update terminated employee")`
@@ -161,6 +234,22 @@ Rules:
 - DependencyInjection.cs MUST NOT be empty or contain only TODO comments
 - After writing validators, VERIFY DI registration exists — if missing, add it immediately
+**POST-CHECK after writing validators:**
+```bash
+# Count Create validators vs Update validators
+CREATE_COUNT=$(find . -path "*/Validators/*" -name "Create*Validator.cs" | wc -l)
+UPDATE_COUNT=$(find . -path "*/Validators/*" -name "Update*Validator.cs" | wc -l)
+if [ "$CREATE_COUNT" -ne "$UPDATE_COUNT" ]; then
+  echo "VALIDATOR MISMATCH: $CREATE_COUNT Create vs $UPDATE_COUNT Update → MUST be equal"
+  # List missing UpdateValidators and CREATE them
+fi
+```
+**Mapper pattern (DRY):**
+- Each service MUST include a `private static {Entity}Response MapToResponse({Entity} entity)` method
+- For complex mappings with related entities, use an extension method in `Application/Mappings/{Module}Mappings.cs`
+- NEVER duplicate mapping logic between GetAll, GetById, Create, Update — always call MapToResponse
 **FORBIDDEN:**
 - Empty DependencyInjection.cs with `// TODO` placeholder
 - CreateValidator without matching UpdateValidator
@@ -169,6 +258,7 @@ Rules:
 - `new Entity { }` without TenantId assignment
 - `Guid.Empty` as a business value in services or controllers
 - Entity.Create() without tenantId as first parameter
+- Duplicated mapping logic (entity→response) in multiple methods
 ---
@@ -280,9 +370,13 @@ useXxx with raw axios inside hooks           → hooks MUST use the shared apiCl
 **MCP:** `scaffold_tests`, `analyze_test_coverage`
+> **CRITICAL:** Test generation is a MANDATORY category. If the PRD has no test tasks,
+> the category completeness check (step-01 section 4b) will inject a guardrail task.
+> Test projects MUST be created as the FIRST action in this category — before generating any test files.
 **Execution sequence:**
-1. **Ensure test projects exist:**
+1. **Ensure test projects exist (FIRST — before any test generation):**
    ```bash
    # Unit test project
    UNIT_TEST_PROJECT="tests/${PROJECT_NAME}.Tests.Unit"

package/templates/skills/ralph-loop/references/compact-loop.md CHANGED Viewed

@@ -1,8 +1,15 @@
 # Compact Loop — Inline Execution
 > **Loaded by:** step-04 section 5 (after first full iteration)
-> **Purpose:** Execute all subsequent iterations inline without re-reading step files.
-> **Rule:** NEVER stop the loop. NEVER wait for user input. NEVER re-read step files.
+> **Purpose:** Execute ALL remaining tasks autonomously without stopping.
+> **EXECUTION GUARANTEE:** This loop runs until ALL tasks are done, max iterations, or dead-end.
+> **ABSOLUTE RULES:**
+> - NEVER stop the loop
+> - NEVER wait for user input
+> - NEVER ask for confirmation
+> - NEVER re-read step files
+> - NEVER pause between iterations
+> - Execute A → B → C → D → back to step-04 section 1 → repeat
 ---
@@ -208,10 +215,49 @@ Batch: {batch.length} [{firstCategory}] → {batch.map(t => `[${t.id}] ${t.descr
 ## C. Commit Batch
+### C1. Update PRD Status (MANDATORY — BEFORE git commit)
+> **CRITICAL:** PRD status MUST be updated BEFORE committing.
+> In test-v4-005, the compact loop executed 44 tasks but NEVER updated prd.json status.
+> This broke ALL downstream guardrails (module completeness check never triggered).
+```javascript
+const now = new Date().toISOString();
+const COMMIT_HASH_PENDING = 'pending-commit'; // Updated after git commit
+for (const task of batch) {
+  if (task.status !== 'failed') task.status = 'completed';
+  task.completed_at = now;
+  task.iteration = prd.config.current_iteration;
+  task.commit_hash = COMMIT_HASH_PENDING;
+}
+prd.config.current_iteration++;
+prd.updated_at = now;
+writeJSON('.ralph/prd.json', prd);
+```
+### C2. Update Progress File (MANDATORY)
+```javascript
+const completed = prd.tasks.filter(t => t.status === 'completed').length;
+const total = prd.tasks.length;
+const moduleName = prd.project?.module || 'unknown';
+// Append to progress.txt (NOT overwrite)
+appendFile('.ralph/progress.txt',
+  `Iteration ${prd.config.current_iteration - 1}: ${batch.map(t => t.id).join('/')} COMPLETED — ` +
+  `${batch[0].category} (${batch.length} tasks). ${completed}/${total} done.\n` +
+  `  Files: ${batch.reduce((acc, t) => acc + (t.files_changed?.created?.length || 0), 0)} created\n`
+);
+```
+### C3. Git Commit
 ```bash
 # Stage all changed files from batch
 git add {all_files_from_batch}
-git add .ralph/prd.json
+git add .ralph/prd.json .ralph/progress.txt
+[ -f .ralph/modules-queue.json ] && git add .ralph/modules-queue.json
 git commit -m "$(cat <<'EOF'
 feat({scope}): [{category}] {batch.length} tasks — {short summary}
@@ -227,44 +273,59 @@ EOF
 COMMIT_HASH=$(git rev-parse --short HEAD)
 ```
-**Finalize tasks in prd.json:**
+### C4. Finalize PRD with Commit Hash
 ```javascript
-const now = new Date().toISOString();
+// Update commit hash now that we have the real one
 for (const task of batch) {
-  if (task.status !== 'failed') task.status = 'completed';
-  task.completed_at = now;
-  task.iteration = prd.config.current_iteration;
-  task.commit_hash = COMMIT_HASH;
+  if (task.commit_hash === 'pending-commit') task.commit_hash = COMMIT_HASH;
 }
 prd.history.push({
-  iteration: prd.config.current_iteration,
+  iteration: prd.config.current_iteration - 1,
   task_ids: batch.map(t => t.id),
   action: 'batch-completed',
   timestamp: now,
   commit_hash: COMMIT_HASH,
   notes: "{summary}"
 });
-prd.config.current_iteration++;
-prd.updated_at = now;
 writeJSON('.ralph/prd.json', prd);
 ```
-**Commit progress:**
-```bash
-git add .ralph/prd.json .ralph/progress.txt
-[ -f .ralph/modules-queue.json ] && git add .ralph/modules-queue.json
-git commit -m "chore(ralph): progress — iteration {iteration}"
+### C5. PRD Sync Verification (HARD CHECK)
+> **MANDATORY:** Verify prd.json reflects reality before looping back.
+```javascript
+const prdCheck = readJSON('.ralph/prd.json');
+const batchIds = batch.map(t => t.id);
+const actuallyCompleted = prdCheck.tasks.filter(t => batchIds.includes(t.id) && t.status === 'completed');
+if (actuallyCompleted.length !== batch.filter(t => t.status !== 'failed').length) {
+  console.error('PRD SYNC ERROR: Tasks executed but not marked completed in prd.json');
+  console.error(`Expected: ${batch.filter(t => t.status !== 'failed').length} completed, Got: ${actuallyCompleted.length}`);
+  // Force re-write
+  for (const task of batch) {
+    const prdTask = prdCheck.tasks.find(t => t.id === task.id);
+    if (prdTask && task.status === 'completed') prdTask.status = 'completed';
+    if (prdTask) prdTask.commit_hash = COMMIT_HASH;
+  }
+  writeJSON('.ralph/prd.json', prdCheck);
+  console.log('PRD SYNC REPAIRED');
+}
 ```
 ---
-## D. Loop Back
+## D. Loop Back (MANDATORY — NO PAUSE)
 **IMMEDIATELY return to step-04 section 1 (Read Current State).**
-DO NOT stop. DO NOT wait for user. DO NOT re-read step files.
-The only exit conditions:
-- ALL tasks complete (all modules if multi-module)
-- Max iterations reached
-- Dead-end (all remaining blocked/failed)
-- User Ctrl+C
+DO NOT stop. DO NOT wait for user. DO NOT ask "should I continue?". DO NOT re-read step files.
+DO NOT display a summary and pause. DO NOT output partial results and wait.
+**Go directly to step-04 section 1. NOW.**
+The ONLY exit conditions (enforced by step-04 sections 2-4):
+- ALL tasks complete (all modules if multi-module) → step-05
+- Max iterations reached → step-05
+- Dead-end (all remaining blocked/failed) → step-05
+- User Ctrl+C (external interrupt)

package/templates/skills/ralph-loop/steps/step-00-init.md CHANGED Viewed

@@ -8,9 +8,12 @@ next_step: steps/step-01-task.md
 ## MANDATORY RULES:
+- **FULLY AUTONOMOUS** — execute ALL tasks without stopping or asking the user
 - NEVER skip MCP verification
 - ALWAYS parse ALL flags before any action
 - ONLY check resume if -r flag is set
+- **NEVER ask the user** to choose a mode, confirm execution, or select options
+- **NEVER set max_iterations = 1** — unless the user explicitly passed `-m 1`
 - CONTEXT BUDGET: Keep output COMPACT
 - **NEVER DELEGATE** the main Ralph loop to a sub-agent (single module)
 - **Multi-module (2+ modules):** Use Agent Teams for parallel execution
@@ -48,69 +51,36 @@ mcp__context7__resolve-library-id: libraryName: "test"  → {mcp_context7} = tru
 If ANY fails: show error, suggest `smartstack check-mcp`, STOP.
-## 3. Human-in-the-Loop Checkpoint (RECOMMENDED)
+## 3. Execution Mode (FULLY AUTONOMOUS)
-> **Best Practice:** Commencer en mode supervisé avant le mode autonome complet.
+> **CRITICAL:** Ralph-loop is FULLY AUTONOMOUS by default.
+> It executes ALL tasks from start to finish WITHOUT stopping.
+> The user launched `/ralph-loop` — this IS the instruction to execute everything.
-### Why HITL First?
+**DO NOT** ask the user to confirm, choose a mode, or approve execution.
+**DO NOT** set `max_iterations = 1` or any reduced value.
+**DO NOT** stop after the first task to "check quality".
-Ralph-loop est puissant mais peut diverger si :
-- Les requirements sont ambigus
-- Les tests sont lents (>30s)
-- Le code généré ne compile pas immédiatement
-**Stratégie recommandée :**
-1. **Première itération supervisée** - Lancer manuellement la première tâche pour vérifier :
-   - La qualité du code généré
-   - Le temps d'exécution des tests
-   - La clarté des messages d'erreur
-2. **Mode autonome limité** - Si première itération OK, relancer avec `--max-iterations 5-10`
-3. **Mode autonome complet** - Une fois confiant, augmenter à `--max-iterations 50`
-### Checkpoint Prompt (Optional)
-Si vous détectez que c'est la première utilisation de ralph-loop sur ce projet (pas de `.ralph/logs/`), proposer :
+The loop runs autonomously until:
+- ALL tasks are completed (success)
+- `max_iterations` is reached (user explicitly set via `-m N`)
+- Dead-end detected (all remaining tasks blocked/failed)
+- User Ctrl+C (external interrupt)
 ```javascript
-if (!dirExists('.ralph/logs') && !resume_mode) {
-  AskUserQuestion({
-    questions: [{
-      question: "Premier usage de ralph-loop détecté. Démarrer en mode supervisé ou autonome ?",
-      header: "Mode",
-      multiSelect: false,
-      options: [
-        { label: "Supervisé (recommandé)", description: "Exécuter 1 tâche, puis demander confirmation" },
-        { label: "Autonome limité", description: "Max 10 itérations automatiques" },
-        { label: "Autonome complet", description: "Jusqu'à 50 itérations (mode AFK)" }
-      ]
-    }]
-  });
-  if (answer === "Supervisé") {
-    max_iterations = 1;
-    console.log("Mode supervisé : 1 tâche sera exécutée. Relancez avec -r pour continuer.");
-  } else if (answer === "Autonome limité") {
-    max_iterations = Math.min(max_iterations, 10);
-  }
-}
+// NO user prompt. NO mode selection. JUST EXECUTE.
+// max_iterations is already set from flags (default: 50).
+// If user wants fewer iterations, they use -m N explicitly.
+console.log(`Mode: AUTONOMOUS | Max iterations: ${max_iterations}`);
 ```
-### Feedback Speed Warning
-⚠️ **IMPORTANT :** Si vos tests prennent >30 secondes, ralph-loop peut devenir inefficace.
+### Speed Warning (informational only — does NOT block)
+If tests are slow (>30s detected in previous logs), display a one-line warning but **continue execution**:
 ```
-Temps test recommandés :
-  - Unitaires : <5s
-  - Intégration : <15s
-  - E2E : <30s (à exécuter en dehors du loop)
+⚠ Slow tests detected. Consider disabling E2E during ralph-loop.
 ```
-Si tests lents détectés (via logs), avertir l'utilisateur et suggérer de désactiver tests E2E pendant le loop.
 ## 4. Resume Mode
 If `{resume_mode} = true`:
@@ -213,9 +183,15 @@ if (PRD_COUNT > 1) {
 }
 ```
-## 5. Completion Promise
+## 5. Completion Promise (auto-set)
-If `{completion_promise}` is null: ask user to choose (COMPLETE, ALL TESTS PASS, DONE, or custom).
+```javascript
+// Auto-set if not provided — NEVER ask the user
+if (!completion_promise) {
+  completion_promise = "COMPLETE";
+}
+// The promise is output ONLY when ALL tasks are done. No user interaction needed.
+```
 ## 6. Collect Metadata

package/templates/skills/ralph-loop/steps/step-01-task.md CHANGED Viewed

@@ -94,11 +94,62 @@ If `.ralph/prd.json` exists:
 2. **v3 FAST PATH:** If `$version === "3.0.0"` AND `tasks[]` exists:
    - Inject runtime fields if missing (status, config, feature, created, updated_at, history)
    - Write back to `.ralph/prd.json`
+   - **Run CATEGORY COMPLETENESS CHECK (section 4b) before proceeding**
    - Skip directly to section 5 (find next task)
 3. **v2 legacy:** If `$version === "2.0.0"` → find next eligible task (section 5), skip to section 5
 4. **FORMAT A (deprecated):** If `.project && .requirements && !.$version` → run `transformPrdJsonToRalphV2()` → section 5
-If `.ralph/prd.json` does not exist: continue to section 2.
+If `.ralph/prd.json` does not exist: continue to section 1b.
+### 1b. BA Handoff Quality Gate (BLOCKING)
+> **CRITICAL:** Before generating ANY tasks, verify the BA handoff is complete.
+> A missing handoff means no frontend files, no test plan, no BR-to-code mapping.
+> Generating tasks without handoff produces an INCOMPLETE PRD (backend-only).
+```javascript
+// Find the source feature.json for the current module
+const sourceFeatureJson = prd?.metadata?.sourceFeatureJson
+  || findFile('docs/business/**/business-analyse/**/feature.json');
+if (sourceFeatureJson) {
+  const feature = readJSON(sourceFeatureJson);
+  const handoff = feature.handoff || {};
+  // CHECK 1: Handoff status must be "handed-off"
+  if (handoff.status !== 'handed-off') {
+    console.error(`
+╔══════════════════════════════════════════════════════════════╗
+║  BLOCKING: BA HANDOFF INCOMPLETE                            ║
+║                                                              ║
+║  feature.json handoff.status = "${handoff.status || 'missing'}"
+║  Expected: "handed-off"                                      ║
+║                                                              ║
+║  The /business-analyse did not complete steps 04a→05c.       ║
+║  Without handoff, the PRD will be MISSING:                   ║
+║    - Frontend tasks (pages, components, routes)              ║
+║    - Test tasks (unit, integration, security)                ║
+║    - BR-to-code mappings                                     ║
+║    - API endpoint summary                                    ║
+║                                                              ║
+║  ACTION: Run /business-analyse to complete the handoff,      ║
+║  then re-run /ralph-loop.                                    ║
+╚══════════════════════════════════════════════════════════════╝`);
+    STOP;
+  }
+  // CHECK 2: filesToCreate must have all 7 categories
+  const filesToCreate = handoff.filesToCreate || {};
+  const requiredCategories = ['domain', 'application', 'infrastructure', 'api', 'frontend', 'seedData', 'tests'];
+  const missingInHandoff = requiredCategories.filter(c => !filesToCreate[c] || filesToCreate[c].length === 0);
+  if (missingInHandoff.length > 0) {
+    console.warn(`⚠ Handoff has empty categories: ${missingInHandoff.join(', ')}`);
+    console.warn('PRD generation may produce incomplete tasks. Consider re-running /business-analyse step-05a.');
+    // WARNING only — allow proceeding if handoff.status is correct
+  }
+}
+```
 ## 2. Analyze Task Description
@@ -128,6 +179,56 @@ Initialize `.ralph/progress.txt`:
 - Dependency references are valid (exist, no forward/circular)
 - Task count 3-30
+### 4b. Category Completeness Check (BLOCKING)
+> **CRITICAL:** The PRD MUST contain tasks for ALL required categories.
+> A PRD with only backend categories (domain, infrastructure, application, api) is INCOMPLETE.
+> This check prevents the "no frontend generated" failure mode.
+```javascript
+const REQUIRED_CATEGORIES = ['domain', 'infrastructure', 'application', 'api', 'frontend', 'test'];
+const presentCategories = new Set(prd.tasks.map(t => t.category));
+const missingCategories = REQUIRED_CATEGORIES.filter(c => !presentCategories.has(c));
+if (missingCategories.length > 0) {
+  console.warn(`⚠ PRD MISSING CATEGORIES: ${missingCategories.join(', ')}`);
+  // AUTO-INJECT guardrail tasks for missing categories
+  let maxIdNum = Math.max(...prd.tasks.map(t => {
+    const num = parseInt(t.id.replace(/[^0-9]/g, ''), 10);
+    return isNaN(num) ? 0 : num;
+  }));
+  const prefix = prd.tasks[0]?.id?.replace(/[0-9]+$/, '') || 'GUARD-';
+  const lastBackendTask = prd.tasks.filter(t => t.category === 'api').pop()?.id || prd.tasks[prd.tasks.length - 1]?.id;
+  for (const cat of missingCategories) {
+    maxIdNum++;
+    const taskId = `${prefix}${String(maxIdNum).padStart(3, '0')}`;
+    const guardrailTask = {
+      id: taskId,
+      description: `[GUARDRAIL] Generate ${cat} layer for ${prd.project?.module || 'module'}`,
+      status: 'pending',
+      category: cat,
+      dependencies: cat === 'test' ? [lastBackendTask] : (cat === 'frontend' ? [lastBackendTask] : []),
+      acceptance_criteria: [
+        cat === 'frontend' ? 'React pages created via MCP scaffold_api_client + scaffold_routes, wired to App.tsx' :
+        cat === 'test' ? 'Unit + Integration test projects created, scaffold_tests MCP called, dotnet test passes' :
+        `${cat} layer fully implemented per category-rules.md`
+      ],
+      started_at: null, completed_at: null, iteration: null,
+      commit_hash: null, files_changed: [], validation: null, error: null
+    };
+    prd.tasks.push(guardrailTask);
+    console.log(`  → Injected guardrail: [${taskId}] ${cat}`);
+  }
+  writeJSON('.ralph/prd.json', prd);
+  console.log(`PRD updated: ${prd.tasks.length} tasks (${missingCategories.length} guardrails added)`);
+}
+```
+**Why this matters:** In test-v4-005, the PRD was generated with only backend categories (domain, infrastructure, application, api, seedData, validation). The frontend and test categories were entirely absent, resulting in 0 frontend pages and 0 tests generated across 3 modules.
 ## 5. Find Current Task
 ```javascript

package/templates/skills/ralph-loop/steps/step-04-check.md CHANGED Viewed

@@ -71,6 +71,68 @@ if [ -f "web/package.json" ] || [ -f "package.json" ]; then
 fi
 ```
+### 1.7. Category Completeness Check (RUNS EVERY ITERATION)
+> **CRITICAL:** This check runs REGARDLESS of allDone status.
+> In test-v4-005, allDone was never true (PRD status not updated), so the
+> module completeness check in section 3b never triggered, and missing
+> frontend/test categories were never detected.
+```javascript
+const presentCategories = new Set(prd.tasks.map(t => t.category));
+const REQUIRED_CATEGORIES = ['domain', 'infrastructure', 'application', 'api', 'frontend', 'test'];
+const missingFromPrd = REQUIRED_CATEGORIES.filter(c => !presentCategories.has(c));
+if (missingFromPrd.length > 0) {
+  console.warn(`⚠ PRD MISSING CATEGORIES: ${missingFromPrd.join(', ')}`);
+  // Inject guardrail tasks for missing categories
+  let maxIdNum = Math.max(...prd.tasks.map(t => parseInt(t.id.replace(/[^0-9]/g, ''), 10) || 0));
+  const prefix = prd.tasks[0]?.id?.replace(/[0-9]+$/, '') || 'GUARD-';
+  const lastApiTask = prd.tasks.filter(t => t.category === 'api').pop()?.id;
+  for (const cat of missingFromPrd) {
+    maxIdNum++;
+    const taskId = `${prefix}${String(maxIdNum).padStart(3, '0')}`;
+    prd.tasks.push({
+      id: taskId,
+      description: `[GUARDRAIL] Generate missing ${cat} layer for ${prd.project?.module || 'module'}`,
+      status: 'pending', category: cat,
+      dependencies: lastApiTask ? [lastApiTask] : [],
+      acceptance_criteria: [
+        cat === 'frontend' ? 'React pages + routes wired to App.tsx (standard + tenant blocks)' :
+        cat === 'test' ? 'Unit + integration test projects with passing dotnet test' :
+        `${cat} layer complete`
+      ],
+      started_at: null, completed_at: null, iteration: null,
+      commit_hash: null, files_changed: [], validation: null, error: null
+    });
+    console.log(`  → Injected [${taskId}] ${cat} guardrail`);
+  }
+  writeJSON('.ralph/prd.json', prd);
+  // Re-count after injection
+  const newPending = prd.tasks.filter(t => t.status === 'pending').length;
+  console.log(`PRD updated: +${missingFromPrd.length} guardrails, ${newPending} pending tasks`);
+}
+// Also check: artifact existence for categories with completed tasks
+const completedCats = new Set(prd.tasks.filter(t => t.status === 'completed').map(t => t.category));
+const artifactChecks = {
+  'frontend': () => glob.sync('**/src/pages/**/*.tsx').length > 0,
+  'test': () => glob.sync('tests/**/*Tests.cs').length > 0,
+  'api': () => glob.sync('src/*/Controllers/**/*Controller.cs').length > 0
+};
+for (const [cat, check] of Object.entries(artifactChecks)) {
+  if (completedCats.has(cat) && !check()) {
+    console.warn(`ARTIFACT MISSING: ${cat} tasks marked completed but no files found — resetting`);
+    prd.tasks.filter(t => t.category === cat && t.status === 'completed')
+      .forEach(t => { t.status = 'pending'; t.error = 'Artifacts missing — re-execute'; t.completed_at = null; });
+    writeJSON('.ralph/prd.json', prd);
+  }
+}
+```
 ## 2. Check Iteration Limit
 If `current_iteration > max_iterations`:
@@ -82,6 +144,13 @@ Set `prd.status = 'partial'` → step-05.
 ## 3. Check All Tasks Complete
+**Re-read state after section 1.7 (categories may have been injected):**
+```javascript
+const tasksCompletedNow = prd.tasks.filter(t => t.status === 'completed').length;
+const tasksTotalNow = prd.tasks.length;
+const allDone = (tasksCompletedNow + prd.tasks.filter(t => t.status === 'skipped').length) === tasksTotalNow;
+```
 If `allDone`:
 ### 3a. Team Mode (multi-module with Agent Teams)
@@ -107,42 +176,15 @@ if (fileExists(queuePath)) {
   const queue = readJSON(queuePath);
   const currentModule = queue.modules[queue.currentIndex];
-  // MODULE COMPLETENESS CHECK: verify all expected layers AND their artifacts
+  // MODULE COMPLETENESS CHECK (lightweight — heavy check already done in section 1.7)
+  // Verify all expected layers have completed tasks
   const completedCats = new Set(prd.tasks.filter(t => t.status === 'completed').map(t => t.category));
   const expected = ['domain', 'infrastructure', 'application', 'api', 'frontend', 'test'];
   const missing = expected.filter(c => !completedCats.has(c));
-  // ARTIFACT EXISTENCE CHECK: categories with completed tasks must have real files
-  const artifactChecks = {
-    'infrastructure': () => fs.existsSync('src/*/Persistence/Migrations') && fs.readdirSync('src/*/Persistence/Migrations').length > 0,
-    'test': () => fs.existsSync(`tests/${projectName}.Tests.Unit`) && glob.sync('tests/**/*Tests.cs').length > 0,
-    'api': () => glob.sync('src/*/Controllers/**/*Controller.cs').length > 0,
-    'frontend': () => glob.sync('**/src/pages/**/*.tsx').length > 0
-  };
-  for (const [cat, check] of Object.entries(artifactChecks)) {
-    if (completedCats.has(cat) && !check()) {
-      // Tasks marked completed but artifacts missing — reset to pending
-      prd.tasks.filter(t => t.category === cat && t.status === 'completed')
-        .forEach(t => { t.status = 'pending'; t.error = 'Artifacts missing — re-execute'; t.completed_at = null; });
-      missing.push(cat);
-      console.log(`ARTIFACT RESET: ${cat} tasks reset to pending (no files found)`);
-    }
-  }
   if (missing.length > 0) {
-    // Inject guardrail tasks for missing layers
-    let maxId = Math.max(...prd.tasks.map(t => t.id));
-    for (const cat of missing) {
-      maxId++;
-      prd.tasks.push({
-        id: maxId, description: `[${cat}] GUARDRAIL: Generate missing ${cat} for ${currentModule.code}`,
-        status: 'pending', category: cat, dependencies: [],
-        acceptance_criteria: `${cat} layer fully implemented`, started_at: null, completed_at: null,
-        iteration: null, commit_hash: null, files_changed: { created: [], modified: [] },
-        validation: null, error: null, module: currentModule.code
-      });
-    }
-    writeJSON('.ralph/prd.json', prd);
+    // Section 1.7 should have injected guardrails already — fall through to compact loop
+    console.log(`Module ${currentModule.code}: missing categories ${missing.join(', ')} — continuing loop`);
     // Fall through to section 5 (compact loop)
   } else {
     // Module complete — advance
@@ -198,28 +240,33 @@ DEAD-END: {completed} done, {failed} failed, {blocked} blocked
 ```
 Set `prd.status = 'failed'` → step-05.
-## 5. Compact Loop (CRITICAL)
+## 5. Compact Loop (MANDATORY — EXECUTE IMMEDIATELY)
-> **MANDATORY:** After first full iteration, ALL subsequent iterations use this inline loop.
-> DO NOT stop. DO NOT wait for user. DO NOT re-read step files.
-> **Read `references/compact-loop.md` and execute inline.**
+> **THIS IS NOT OPTIONAL.** If there are pending tasks, you MUST enter the compact loop NOW.
+> DO NOT stop. DO NOT wait for user. DO NOT ask for confirmation. DO NOT re-read step files.
+> **Read `references/compact-loop.md` and execute ALL sections inline.**
+> **Stopping here is a VIOLATION of the execution guarantee.**
 If `hasPending && iteration < max`:
 1. Read `references/compact-loop.md`
-2. Execute sections A → B → C → D inline
-3. Return to section 1 of THIS step
+2. Execute sections A → B → C → D inline (find tasks → execute batch → commit → loop back)
+3. **IMMEDIATELY** return to section 1 of THIS step (do NOT pause)
+4. Repeat until ALL tasks are complete, max iterations reached, or dead-end
 ---
-## CRITICAL RULES:
+## CRITICAL RULES — EXECUTION GUARANTEE:
 - **NEVER** output completion promise unless ALL tasks done (all modules if multi)
 - **NEVER** delegate the loop to sub-agents (except team mode for multi-module)
-- **NEVER** stop between iterations
+- **NEVER** stop between iterations — this is the CORE PROMISE of ralph-loop
+- **NEVER** ask the user "should I continue?" or "is this OK?" — JUST CONTINUE
+- **NEVER** pause to show intermediate results and wait for feedback
 - **BATCH** same-category tasks (max 5)
 - **MODULE COMPLETENESS:** All layers must have completed tasks before advancing
-- Only valid stop: all complete, max iterations, dead-end, or user Ctrl+C
+- **Only valid stop conditions:** all complete, max iterations, dead-end, or user Ctrl+C
+- **If you stop for any other reason, you have VIOLATED the execution guarantee.**
 ---