@friedbotstudio/create-baseline 0.1.0

package/obj/template/.claude/hooks/track_guard.sh

@@ -0,0 +1,127 @@
+#!/usr/bin/env bash
+# Track Guard — PreToolUse(Write|Edit|MultiEdit)
+#
+# Enforces workflow phase ordering at the Write boundary. Reads the active
+# workflow from .claude/state/workflow.json (written by /triage). When Claude
+# tries to create/edit an artifact for phase N, all prior phases up to N-1
+# must either (a) have their artifact present or (b) be listed in the
+# triage `exceptions` array.
+#
+# Phase order + artifact globs come from .workflow.phases / .workflow.artifacts
+# in .claude/project.json.
+
+# shellcheck source=./lib/common.sh
+. "${BASH_SOURCE[0]%/*}/lib/common.sh"
+read_payload
+
+TOOL="$(payload_get .tool_name)"
+case "$TOOL" in
+  Write|Edit|MultiEdit) ;;
+  *) emit_allow ;;
+esac
+
+FILE="$(payload_get .tool_input.file_path)"
+[ -n "$FILE" ] || emit_allow
+rel="${FILE#$CLAUDE_PROJECT_ROOT/}"
+
+WORKFLOW_STATE="$STATE_DIR/workflow.json"
+# If no active workflow, nothing to enforce — triage hasn't run yet, which
+# is fine for quickfix / ad-hoc work.
+[ -f "$WORKFLOW_STATE" ] || emit_allow
+
+# Delegate phase ordering logic to python for clarity.
+python3 - "$rel" "$WORKFLOW_STATE" "$PROJECT_JSON" <<'PY'
+import json, sys, os, fnmatch, re
+rel, workflow_state, project_json = sys.argv[1], sys.argv[2], sys.argv[3]
+
+def glob_match(path, pat):
+    if fnmatch.fnmatchcase(path, pat):
+        return True
+    if '**' in pat:
+        rx = re.escape(pat).replace(r'\*\*', '.*').replace(r'\*', '[^/]*').replace(r'\?', '.')
+        return bool(re.fullmatch(rx, path))
+    return False
+
+try:
+    ws = json.load(open(workflow_state))
+except Exception:
+    sys.exit(0)  # malformed → don't block
+try:
+    pj = json.load(open(project_json))
+except Exception:
+    sys.exit(0)
+
+phases = pj.get("workflow", {}).get("phases") or []
+artifacts = pj.get("workflow", {}).get("artifacts") or {}
+exceptions = set(ws.get("exceptions") or [])
+entry = ws.get("entry_phase")
+
+# Find which phase this file belongs to.
+file_phase = None
+for ph in phases:
+    pat = artifacts.get(ph)
+    if pat and glob_match(rel, pat):
+        file_phase = ph
+        break
+
+if file_phase is None:
+    sys.exit(0)  # file is not a workflow artifact → allow
+
+# Find index of file_phase and entry_phase.
+try:
+    file_idx = phases.index(file_phase)
+except ValueError:
+    sys.exit(0)
+entry_idx = phases.index(entry) if entry in phases else 0
+
+# Only enforce ordering from the entry phase onward.
+missing = []
+project_root = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(workflow_state))))
+# project_root = repo root (workflow_state is .claude/state/workflow.json)
+for i in range(entry_idx, file_idx):
+    ph = phases[i]
+    if ph in exceptions:
+        continue
+    pat = artifacts.get(ph)
+    if not pat:
+        # phase has no artifact (e.g. tdd/simplify) — consider it satisfied
+        # only if workflow_state.completed includes it.
+        if ph in (ws.get("completed") or []):
+            continue
+        missing.append(ph)
+        continue
+    # Look for any file matching the artifact glob under project_root.
+    found = False
+    for root, _dirs, files in os.walk(project_root):
+        # skip heavy dirs
+        parts = root.replace(project_root, '', 1).lstrip('/').split('/')
+        if parts and parts[0] in ('.git', 'node_modules', '.config', '.claude'):
+            if ph != 'review':  # review artifacts live under .claude/state/
+                continue
+        for f in files:
+            candidate = os.path.relpath(os.path.join(root, f), project_root)
+            if glob_match(candidate, pat):
+                found = True
+                break
+        if found:
+            break
+    if not found:
+        missing.append(ph)
+
+if missing:
+    msg = (
+        f"Track Guard: cannot write '{rel}' (phase '{file_phase}') — "
+        f"prior phases not completed: {', '.join(missing)}. "
+        f"Either produce those artifacts first, or inject exceptions via /triage."
+    )
+    print(json.dumps({
+        "hookSpecificOutput": {
+            "hookEventName": "PreToolUse",
+            "permissionDecision": "deny",
+            "permissionDecisionReason": msg,
+        }
+    }))
+PY
+
+# If python printed a block decision, exit 0 (decision is in stdout).
+exit 0

package/obj/template/.claude/hooks/verify_pass_guard.sh

@@ -0,0 +1,88 @@
+#!/usr/bin/env bash
+# Verify Pass Guard — PreToolUse(Write|Edit|MultiEdit)
+#
+# Belt-and-braces backstop for the `verify` skill. Operates at the Write tool
+# boundary: even if the skill's verdict is bypassed, Claude physically cannot
+# persist a "PASS" line to a verification artifact when the most recent test
+# output contradicts it.
+#
+# Triggers only when the target file is a verification artifact (paths under
+# docs/verify/** or filename matches *verify* / *verification*), and the
+# content being written contains a PASS line (VERIFY: PASS, STATUS: PASS,
+# RESULT: PASS, or a line that is just "PASS").
+#
+# Truth source: .claude/state/last_test_result (written by test_runner.sh
+# and the `verify` skill). Contains one line: PASS|FAIL.
+
+# shellcheck source=./lib/common.sh
+. "${BASH_SOURCE[0]%/*}/lib/common.sh"
+read_payload
+
+TOOL="$(payload_get .tool_name)"
+case "$TOOL" in
+  Write|Edit|MultiEdit) ;;
+  *) emit_allow ;;
+esac
+
+FILE="$(payload_get .tool_input.file_path)"
+[ -n "$FILE" ] || emit_allow
+rel="${FILE#$CLAUDE_PROJECT_ROOT/}"
+
+# Is this a verification artifact?
+is_verify=0
+case "$rel" in
+  docs/verify/*|docs/verification/*) is_verify=1 ;;
+esac
+base="$(basename "$rel")"
+case "$base" in
+  *verify*|*verification*|*VERIFY*) is_verify=1 ;;
+esac
+[ "$is_verify" -eq 1 ] || emit_allow
+
+# Collect proposed content: Write.content, Edit.new_string, MultiEdit.edits[].new_string.
+content=""
+case "$TOOL" in
+  Write) content="$(payload_get .tool_input.content)" ;;
+  Edit)  content="$(payload_get .tool_input.new_string)" ;;
+  MultiEdit)
+    content="$(python3 -c '
+import json, os
+raw = os.environ.get("HOOK_PAYLOAD","")
+d = json.loads(raw) if raw else {}
+edits = (d.get("tool_input") or {}).get("edits") or []
+print("\n".join(e.get("new_string","") for e in edits))
+')"
+    ;;
+esac
+
+# Look for a PASS claim in the proposed content.
+if ! python3 -c "
+import re,sys
+c = sys.argv[1]
+lines = c.splitlines()
+for ln in lines:
+    s = ln.strip()
+    if re.fullmatch(r'PASS', s):
+        sys.exit(0)
+    if re.match(r'(VERIFY|STATUS|RESULT|VERDICT)\s*[:=]\s*PASS\b', s, re.I):
+        sys.exit(0)
+sys.exit(1)
+" "$content"; then
+  emit_allow
+fi
+
+# A PASS claim is being written. Check the truth source.
+TRUTH="$STATE_DIR/last_test_result"
+if [ ! -f "$TRUTH" ]; then
+  log_line verify_pass_guard "BLOCKED no truth source for PASS claim in $rel"
+  emit_block "Verify Pass Guard: cannot persist a PASS line — no test evidence exists at .claude/state/last_test_result. Run the tests (or invoke the \`verify\` skill) to produce a verdict before claiming PASS."
+fi
+
+verdict="$(head -1 "$TRUTH" | tr -d '[:space:]')"
+if [ "$verdict" != "PASS" ]; then
+  log_line verify_pass_guard "BLOCKED verdict=$verdict claim=PASS file=$rel"
+  emit_block "Verify Pass Guard: cannot persist a PASS line — the latest test verdict is '$verdict' (see .claude/state/last_test_result). Fix the failing tests first; do not edit the verification artifact to claim PASS."
+fi
+
+log_line verify_pass_guard "ALLOWED verdict=PASS file=$rel"
+emit_allow

package/obj/template/.claude/memory/README.md

@@ -0,0 +1,108 @@
+# Project memory
+
+Persistent project knowledge that travels with the repo. Loaded into Claude's context at session start (via the `memory_session_start.sh` hook) and updated as a byproduct of phase skills doing their normal work, plus auto-extracted candidates from the `memory_stop.sh` hook (curated via `/memory-flush`).
+
+## Files
+
+| File | Owners | Holds |
+|---|---|---|
+| `landmarks.md` | `scout` | Where things live: `path:line — role` |
+| `libraries.md` | `research` | Validated library APIs by `<lib>@<version>` |
+| `decisions.md` | `spec`, `rca` | Architectural choices with rationale; rejected approaches |
+| `landmines.md` | `security`, `integrate`, `scout` | Gotchas: "do not edit X without also editing Y" |
+| `conventions.md` | `scenario`, `implement` | Repo-specific test/code idioms (fixture patterns, naming, layout) |
+| `pending-questions.md` | any phase | Open questions the current session couldn't resolve |
+| `_pending.md` | `memory_stop.sh` (writes), `/memory-flush` (clears) | Auto-extracted candidates awaiting curation. **Content gitignored**; the file structure is committed. |
+| `_resume.md` | `memory_pre_compact.sh` + `memory_stop.sh` (write), `memory_session_start.sh` (reads), `harness` (reads) | **Continuity** snapshot — last completed phase, next phase due, in-flight files, recent user prompts. Refreshed every turn-end and again before compaction. Re-injected at every session start (compact / clear / resume / startup). **Gitignored** — pure session state, not project knowledge. |
+
+## Source provenance (mandatory for feedback-derived entries)
+
+Every entry MUST carry a `source:` field declaring how the rule was learned. Allowed values:
+
+| `source:` | Meaning | `verbatim:` requirement |
+|---|---|---|
+| `user-instruction` | The user stated a rule or directive in conversation | **Required** |
+| `user-feedback` | The user corrected behavior or affirmed a non-obvious approach | **Required** |
+| `incident` | Recovered from an actual failure or near-miss in this session | Recommended (incident-report quote) |
+| `inferred-from-code` | Derived by reading the codebase | Not applicable |
+| `library-pinned` | Came from a `context7` lookup | Not applicable (cited URL/version is the source) |
+| `unrecorded` | Pre-schema-bump entry whose source was lost | Quality flag — curator must clear at next touch |
+
+For `source: user-instruction` and `source: user-feedback`, the entry MUST include a `verbatim:` blockquote of the user's actual words. The verbatim is the canonical truth; the body of the entry is Claude's interpretation. **When verbatim and interpretation conflict, verbatim wins** — `CLAUDE.md` Article IX clause 6.
+
+The verbatim is not a summary, not a paraphrase, and not in Claude's voice. It is the user's words. If the original turn is no longer available, the entry's source is `unrecorded` and the curator MUST flag it for the user to confirm or restate at the next opportunity.
+
+`/memory-flush` SHALL reject any candidate promotion to a canonical file when `source` is `user-instruction` or `user-feedback` and `verbatim:` is missing or empty.
+
+## Per-entry shape (canonical files)
+
+```markdown
+## <stable key>
+
+> verbatim (user, <ISO date>):
+> <user's exact words, attributed — required when source ∈ {user-instruction, user-feedback}>
+
+- source: <user-instruction|user-feedback|incident|inferred-from-code|library-pinned|unrecorded>
+- <field>: <value>
+- verified-at: <commit SHA short>
+- last-touched: <ISO date>
+- caveat: <optional>
+```
+
+The **stable key** is the entry's primary key for deduplication. New entries with the same key replace; different keys append. The verbatim block is intentionally a markdown blockquote (`> ...`) so it survives plain-text grep and renders distinctly when the file is read.
+
+Multiple verbatim blocks are allowed (and encouraged) when the user clarifies or refines an instruction across turns — each new clarification gets its own `> verbatim (user, <ISO date>):` block; older blocks are kept for provenance.
+
+| File | Stable key |
+|---|---|
+| `landmarks.md` | `path:line` |
+| `libraries.md` | `<lib>@<version>` |
+| `decisions.md` | short slug (e.g., `auth-jwt-vs-session`) |
+| `landmines.md` | `path:line` or short description slug |
+| `conventions.md` | short slug |
+| `pending-questions.md` | auto-numbered `Q-NNN` |
+
+## Self-healing rules
+
+**Memory accelerates triage; it never authorizes a skip.** Every skill that *cites* a memory entry must first re-verify it (file exists, symbol still at named line, library version still pinned). On verification failure, the skill **corrects or deletes the entry in the same run** before proceeding. Drift self-heals because every read is also a check.
+
+## Bounding rules
+
+- Each canonical file has `size-cap: <N>` in frontmatter (default 500 lines). When a skill writes and exceeds, it must prune the oldest unverified entries in the same write. Working-set discipline.
+- Decay: entries unverified for ≥30 commits (git) OR ≥30 days since `last-touched:` (non-git fallback) are marked `stale`. The next phase that touches them either re-verifies or deletes.
+
+## Closure fields
+
+Two optional, register-specific closure fields cause `/memory-flush` Step 0 to delete the entry block on its next run:
+
+| File | Field | Semantics |
+|---|---|---|
+| `pending-questions.md` | `resolved-at: <ISO date>` | The question has been answered; entry is closed. |
+| `landmarks.md`, `libraries.md`, `decisions.md`, `landmines.md`, `conventions.md` | `superseded-at: <ISO date>` | The fact is no longer true; entry is closed. |
+
+**Per-file invariant**: on `pending-questions.md`, `superseded-at:` MUST NOT appear; on the other five canonical files, `resolved-at:` MUST NOT appear. Mutually exclusive at the file level. Not enforced by audit — documented invariant only. The `/memory-flush` Step 0a sweep flags violations in its report rather than deleting.
+
+**Body-prose signals.** Three regexes, case-insensitive, line-anchored:
+
+- R1: `^(\s*-\s*)?\*\*?Resolution\s+(path\s+taken|by|date)\b`
+- R2: `^Superseded\s+(by|at|on)\b`
+- R3: `^Resolved\s+(by|on|at)\b`
+
+A match without a corresponding structured closure field causes `/memory-flush` Step 0b to surface a once-per-entry `Close <key> from <file>? (y / n / skip)` prompt.
+
+**Closure short-circuits decay (AC-005).** `memory_session_start.sh` excludes any entry carrying a closure field from the stale count. `stale` ≠ `closed`: a stale entry is *unverified*; closure is a separate, deliberate signal that the entry is no longer load-bearing.
+
+## How memory gets updated
+
+Two paths:
+
+1. **Phase skills, as a byproduct.** Each skill that produces a workflow artifact also writes any new entries for its owned file. No separate "update memory" task — the same tool call as the artifact write.
+2. **Stop hook auto-extraction.** `memory_stop.sh` reads the just-completed turn's transcript, extracts touched paths / cited library APIs / verbalized decisions, and appends candidates to `_pending.md`. Claude reviews via `/memory-flush` and commits keepers to canonical files.
+
+## Read order on session start
+
+`memory_session_start.sh` hook prints a compact index (number of entries per file, count of stale entries, count of pending candidates), then appends the body of `_resume.md` if a recent snapshot exists, with a framing line that depends on the session source (`compact` / `clear` / `resume` / `startup`). Canonical files load on first relevant skill invocation.
+
+## Continuity vs knowledge
+
+Six canonical files plus `_pending.md` hold **project knowledge** — facts about the codebase that survive multiple sessions and get re-verified on every cite. `_resume.md` is different: it's a **continuity snapshot** describing the *current session* — what we just touched, what the user just asked, what phase we're on. It's overwritten each turn and gitignored. The split keeps long-term knowledge clean of session-state noise.

package/obj/template/.claude/memory/_pending.md

@@ -0,0 +1,15 @@
+---
+owners: [memory_stop.sh writes; /memory-flush clears]
+category: auto-extracted candidates awaiting curation
+verifies-against: none
+---
+
+# Pending memory candidates
+
+Auto-extracted by `memory_stop.sh` at end of each turn. Run `/memory-flush` to review and commit keepers to the canonical files.
+
+**Content of this file is gitignored.** The file itself (with this header) is committed; everything below the `---` separator below is per-session and not staged.
+
+---
+
+<!-- candidates appended below this line -->

package/obj/template/.claude/memory/_resume.md

@@ -0,0 +1,12 @@
+---
+name: resume
+type: continuity
+last-updated: never
+trigger: stop
+---
+
+# Resume snapshot
+
+## No prior session
+
+This file is overwritten by `memory_stop.sh` at end of each turn and by `memory_pre_compact.sh` before context compaction. The SessionStart hook reads it on the next session start.

package/obj/template/.claude/memory/conventions.md

@@ -0,0 +1,26 @@
+---
+owners: [scenario, implement]
+category: repo-specific test and code conventions
+size-cap: 500
+key: short slug
+verifies-against: codebase
+---
+
+# Conventions
+
+Repo-specific patterns the `scenario` and `implement` skills should match. Fixture locations, helper idioms, naming, file layout quirks. Not generic best practices — specific facts about *this* codebase.
+
+Each entry's stable key is a short slug.
+
+Per-entry shape:
+
+```markdown
+## <short-slug>
+
+- Convention: <pattern, rule, or idiom this repo follows>
+- Why: <reason — historical, tooling-driven, performance, etc.>
+- Verified-at: <commit SHA short>
+- Last-touched: <ISO date>
+```
+
+---

package/obj/template/.claude/memory/decisions.md

@@ -0,0 +1,29 @@
+---
+owners: [spec, rca]
+category: architectural decisions
+size-cap: 500
+key: short slug
+verifies-against: spec/rca artifact
+---
+
+# Architectural decisions
+
+Why this repo took the path it took. Includes rejected alternatives so a future session doesn't re-litigate.
+
+Each entry's stable key is a short slug (e.g., `auth-jwt-vs-session`, `worktree-isolation`).
+
+Per-entry shape:
+
+```markdown
+## <short-slug>
+
+- Decision: <what was chosen>
+- Rationale: <why — the constraint or evidence that decided it>
+- Rejected alternatives:
+  - <alt 1> → <why rejected>
+  - <alt 2> → <why rejected>
+- Source: <spec slug / rca slug / conversation>
+- Verified-at: <commit SHA short>
+```
+
+---

package/obj/template/.claude/memory/landmarks.md

@@ -0,0 +1,26 @@
+---
+owners: [scout]
+category: codebase landmarks
+size-cap: 500
+key: path:line
+verifies-against: git
+---
+
+# Codebase landmarks
+
+Where things live in this repo. The `scout` skill cites these and re-verifies before use; failed verifications are corrected or deleted in the same run.
+
+Each entry's stable key is `path:line`.
+
+Per-entry shape:
+
+```markdown
+## <path:line>
+
+- Role: <what lives here, why it matters>
+- Verified-at: <commit SHA short>
+- Last-touched: <ISO date>
+- Caveat: <optional — gotcha, neighbour file that must change with this one, etc.>
+```
+
+---

package/obj/template/.claude/memory/landmines.md

@@ -0,0 +1,27 @@
+---
+owners: [security, integrate, scout]
+category: gotchas and recurring true positives
+size-cap: 500
+key: path:line or short slug
+verifies-against: git
+---
+
+# Landmines
+
+Things that have bitten before and will bite again. "Editing X without also editing Y breaks Z." Recurring true positives from security review. Version skew traps.
+
+Each entry's stable key is `path:line` or a short slug.
+
+Per-entry shape:
+
+```markdown
+## <path:line or slug>
+
+- Path: <file/symbol involved>
+- Trap: <what goes wrong, plain language>
+- Mitigation: <what to check / do instead>
+- Verified-at: <commit SHA short>
+- Last-touched: <ISO date>
+```
+
+---

package/obj/template/.claude/memory/libraries.md

@@ -0,0 +1,27 @@
+---
+owners: [research]
+category: validated library APIs
+size-cap: 500
+key: lib@version
+verifies-against: lockfile + context7
+---
+
+# Validated library APIs
+
+Library APIs the team has confirmed via `context7` MCP against the version present in this repo's lockfile. Saves a context7 round-trip when a stable choice is referenced again.
+
+Each entry's stable key is `<lib>@<version>`. If the lockfile bumps, re-verify and update the version.
+
+Per-entry shape:
+
+```markdown
+## <lib>@<version>
+
+- Role: <what this lib is used for in this repo>
+- API: <key symbols / canonical call shape>
+- Verified-at: <commit SHA short>
+- Last-touched: <ISO date>
+- Caveat: <optional — version pin reason, breaking-change notes>
+```
+
+---

package/obj/template/.claude/memory/pending-questions.md

@@ -0,0 +1,28 @@
+---
+owners: [any phase]
+category: cross-session open questions
+size-cap: 500
+key: Q-NNN
+verifies-against: none
+---
+
+# Pending questions
+
+Questions the current session couldn't resolve. Surfaced at next session start so context isn't lost across yields.
+
+Each entry's stable key is auto-numbered `Q-NNN`.
+
+Per-entry shape:
+
+```markdown
+## Q-NNN
+
+- Question: <what's open>
+- Raised in: <date / phase / conversation>
+- Blocker for: <what work is gated on this>
+- Options considered: <a> / <b> / <c>
+- Verified-at: <commit SHA short>
+- Last-touched: <ISO date>
+```
+
+---