@harness-engineering/cli 1.26.1 → 1.27.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/agents/skills/claude-code/cleanup-dead-code/SKILL.md +3 -1
  2. package/dist/agents/skills/claude-code/detect-doc-drift/SKILL.md +3 -1
  3. package/dist/agents/skills/claude-code/harness-architecture-advisor/SKILL.md +4 -0
  4. package/dist/agents/skills/claude-code/harness-autopilot/SKILL.md +55 -24
  5. package/dist/agents/skills/claude-code/harness-brainstorming/SKILL.md +16 -5
  6. package/dist/agents/skills/claude-code/harness-code-review/SKILL.md +21 -6
  7. package/dist/agents/skills/claude-code/harness-codebase-cleanup/SKILL.md +2 -0
  8. package/dist/agents/skills/claude-code/harness-debugging/SKILL.md +13 -1
  9. package/dist/agents/skills/claude-code/harness-dependency-health/SKILL.md +4 -0
  10. package/dist/agents/skills/claude-code/harness-execution/SKILL.md +16 -6
  11. package/dist/agents/skills/claude-code/harness-impact-analysis/SKILL.md +2 -0
  12. package/dist/agents/skills/claude-code/harness-integration/SKILL.md +560 -0
  13. package/dist/agents/skills/claude-code/harness-integration/skill.yaml +65 -0
  14. package/dist/agents/skills/claude-code/harness-integrity/SKILL.md +2 -0
  15. package/dist/agents/skills/claude-code/harness-onboarding/SKILL.md +4 -0
  16. package/dist/agents/skills/claude-code/harness-perf/SKILL.md +9 -7
  17. package/dist/agents/skills/claude-code/harness-planning/SKILL.md +77 -10
  18. package/dist/agents/skills/claude-code/harness-refactoring/SKILL.md +13 -4
  19. package/dist/agents/skills/claude-code/harness-security-scan/SKILL.md +3 -1
  20. package/dist/agents/skills/claude-code/harness-soundness-review/SKILL.md +4 -0
  21. package/dist/agents/skills/claude-code/harness-tdd/SKILL.md +5 -2
  22. package/dist/agents/skills/claude-code/harness-verification/SKILL.md +4 -0
  23. package/dist/agents/skills/codex/cleanup-dead-code/SKILL.md +3 -1
  24. package/dist/agents/skills/codex/detect-doc-drift/SKILL.md +3 -1
  25. package/dist/agents/skills/codex/harness-architecture-advisor/SKILL.md +4 -0
  26. package/dist/agents/skills/codex/harness-autopilot/SKILL.md +55 -24
  27. package/dist/agents/skills/codex/harness-brainstorming/SKILL.md +16 -5
  28. package/dist/agents/skills/codex/harness-code-review/SKILL.md +21 -6
  29. package/dist/agents/skills/codex/harness-codebase-cleanup/SKILL.md +2 -0
  30. package/dist/agents/skills/codex/harness-debugging/SKILL.md +13 -1
  31. package/dist/agents/skills/codex/harness-dependency-health/SKILL.md +4 -0
  32. package/dist/agents/skills/codex/harness-execution/SKILL.md +16 -6
  33. package/dist/agents/skills/codex/harness-impact-analysis/SKILL.md +2 -0
  34. package/dist/agents/skills/codex/harness-integration/SKILL.md +560 -0
  35. package/dist/agents/skills/codex/harness-integration/skill.yaml +65 -0
  36. package/dist/agents/skills/codex/harness-integrity/SKILL.md +2 -0
  37. package/dist/agents/skills/codex/harness-onboarding/SKILL.md +4 -0
  38. package/dist/agents/skills/codex/harness-perf/SKILL.md +9 -7
  39. package/dist/agents/skills/codex/harness-planning/SKILL.md +77 -10
  40. package/dist/agents/skills/codex/harness-refactoring/SKILL.md +13 -4
  41. package/dist/agents/skills/codex/harness-security-scan/SKILL.md +3 -1
  42. package/dist/agents/skills/codex/harness-soundness-review/SKILL.md +4 -0
  43. package/dist/agents/skills/codex/harness-tdd/SKILL.md +5 -2
  44. package/dist/agents/skills/codex/harness-verification/SKILL.md +4 -0
  45. package/dist/agents/skills/cursor/cleanup-dead-code/SKILL.md +3 -1
  46. package/dist/agents/skills/cursor/detect-doc-drift/SKILL.md +3 -1
  47. package/dist/agents/skills/cursor/harness-architecture-advisor/SKILL.md +4 -0
  48. package/dist/agents/skills/cursor/harness-autopilot/SKILL.md +55 -24
  49. package/dist/agents/skills/cursor/harness-brainstorming/SKILL.md +16 -5
  50. package/dist/agents/skills/cursor/harness-code-review/SKILL.md +21 -6
  51. package/dist/agents/skills/cursor/harness-codebase-cleanup/SKILL.md +2 -0
  52. package/dist/agents/skills/cursor/harness-debugging/SKILL.md +13 -1
  53. package/dist/agents/skills/cursor/harness-dependency-health/SKILL.md +4 -0
  54. package/dist/agents/skills/cursor/harness-execution/SKILL.md +16 -6
  55. package/dist/agents/skills/cursor/harness-impact-analysis/SKILL.md +2 -0
  56. package/dist/agents/skills/cursor/harness-integration/SKILL.md +560 -0
  57. package/dist/agents/skills/cursor/harness-integration/skill.yaml +65 -0
  58. package/dist/agents/skills/cursor/harness-integrity/SKILL.md +2 -0
  59. package/dist/agents/skills/cursor/harness-onboarding/SKILL.md +4 -0
  60. package/dist/agents/skills/cursor/harness-perf/SKILL.md +9 -7
  61. package/dist/agents/skills/cursor/harness-planning/SKILL.md +77 -10
  62. package/dist/agents/skills/cursor/harness-refactoring/SKILL.md +13 -4
  63. package/dist/agents/skills/cursor/harness-security-scan/SKILL.md +3 -1
  64. package/dist/agents/skills/cursor/harness-soundness-review/SKILL.md +4 -0
  65. package/dist/agents/skills/cursor/harness-tdd/SKILL.md +5 -2
  66. package/dist/agents/skills/cursor/harness-verification/SKILL.md +4 -0
  67. package/dist/agents/skills/gemini-cli/cleanup-dead-code/SKILL.md +3 -1
  68. package/dist/agents/skills/gemini-cli/detect-doc-drift/SKILL.md +3 -1
  69. package/dist/agents/skills/gemini-cli/harness-architecture-advisor/SKILL.md +4 -0
  70. package/dist/agents/skills/gemini-cli/harness-autopilot/SKILL.md +55 -24
  71. package/dist/agents/skills/gemini-cli/harness-brainstorming/SKILL.md +16 -5
  72. package/dist/agents/skills/gemini-cli/harness-code-review/SKILL.md +21 -6
  73. package/dist/agents/skills/gemini-cli/harness-codebase-cleanup/SKILL.md +2 -0
  74. package/dist/agents/skills/gemini-cli/harness-debugging/SKILL.md +13 -1
  75. package/dist/agents/skills/gemini-cli/harness-dependency-health/SKILL.md +4 -0
  76. package/dist/agents/skills/gemini-cli/harness-execution/SKILL.md +16 -6
  77. package/dist/agents/skills/gemini-cli/harness-impact-analysis/SKILL.md +2 -0
  78. package/dist/agents/skills/gemini-cli/harness-integration/SKILL.md +560 -0
  79. package/dist/agents/skills/gemini-cli/harness-integration/skill.yaml +65 -0
  80. package/dist/agents/skills/gemini-cli/harness-integrity/SKILL.md +2 -0
  81. package/dist/agents/skills/gemini-cli/harness-onboarding/SKILL.md +4 -0
  82. package/dist/agents/skills/gemini-cli/harness-perf/SKILL.md +9 -7
  83. package/dist/agents/skills/gemini-cli/harness-planning/SKILL.md +77 -10
  84. package/dist/agents/skills/gemini-cli/harness-refactoring/SKILL.md +13 -4
  85. package/dist/agents/skills/gemini-cli/harness-security-scan/SKILL.md +3 -1
  86. package/dist/agents/skills/gemini-cli/harness-soundness-review/SKILL.md +4 -0
  87. package/dist/agents/skills/gemini-cli/harness-tdd/SKILL.md +5 -2
  88. package/dist/agents/skills/gemini-cli/harness-verification/SKILL.md +4 -0
  89. package/dist/{agents-md-VI3HLR7E.js → agents-md-2RN666DE.js} +3 -3
  90. package/dist/{architecture-ZDDKEVID.js → architecture-ZR33YKJB.js} +4 -4
  91. package/dist/{assess-project-Y6W7YDUA.js → assess-project-LLWWEQEV.js} +1 -1
  92. package/dist/bin/harness-mcp.js +17 -16
  93. package/dist/bin/harness.js +27 -26
  94. package/dist/{business-knowledge-6RHYJOB3.js → business-knowledge-EISPR7FU.js} +1 -1
  95. package/dist/{check-phase-gate-CXR3VM22.js → check-phase-gate-ZVG56NT2.js} +4 -4
  96. package/dist/chunk-27AJKSQY.js +107 -0
  97. package/dist/{chunk-DBIX3X4H.js → chunk-2FOLD76X.js} +2 -2
  98. package/dist/{chunk-3AMQYWGT.js → chunk-3AJW7VQ3.js} +2 -2
  99. package/dist/{chunk-FUND5WJR.js → chunk-3XMOWLK3.js} +2 -2
  100. package/dist/{chunk-OLW7BJ5N.js → chunk-776JFSPK.js} +1 -1
  101. package/dist/{chunk-VKS3F46M.js → chunk-A4ETL34H.js} +7 -2
  102. package/dist/{chunk-JV4Y2U5F.js → chunk-BO4AJZRE.js} +1 -1
  103. package/dist/{chunk-WZ7UHPT3.js → chunk-BZZNYHRY.js} +9 -9
  104. package/dist/{chunk-ZN6ROTYP.js → chunk-C7RPQWBG.js} +1 -1
  105. package/dist/{chunk-RAVD7QLY.js → chunk-CJYNZMOP.js} +8 -8
  106. package/dist/{chunk-PNNFCVW4.js → chunk-EGRQHLDM.js} +5 -5
  107. package/dist/{chunk-2BPPS6YQ.js → chunk-EHTUWULH.js} +458 -363
  108. package/dist/{chunk-N6B6RKQQ.js → chunk-EICASBYP.js} +1 -1
  109. package/dist/{chunk-K56DTX7G.js → chunk-F3Y64VNF.js} +6 -6
  110. package/dist/{chunk-ORNEK65Y.js → chunk-FUS4OOGC.js} +1 -1
  111. package/dist/{chunk-2FPUPRCY.js → chunk-GAIOIINV.js} +594 -127
  112. package/dist/{chunk-YC4EYIER.js → chunk-IBTHD2UA.js} +132 -77
  113. package/dist/{chunk-RC5ZY3EV.js → chunk-IOW3MW2K.js} +2 -2
  114. package/dist/{chunk-B66LRB5M.js → chunk-L3Y7L4EG.js} +1 -1
  115. package/dist/{chunk-BK4DJIIY.js → chunk-MGPVA2EM.js} +27 -4
  116. package/dist/{chunk-NY7DTZ6K.js → chunk-Q5DKIL46.js} +3 -3
  117. package/dist/{chunk-TY2ESLVL.js → chunk-SDDQPMZK.js} +1 -1
  118. package/dist/{chunk-7GY6WNEI.js → chunk-SDPHFDQS.js} +1 -1
  119. package/dist/{chunk-56A6OXVA.js → chunk-T7UZOJF4.js} +9 -9
  120. package/dist/{chunk-AMRC4FU2.js → chunk-VCC47EXU.js} +109 -57
  121. package/dist/{chunk-Q3ZLVMQM.js → chunk-XKU37HGH.js} +10 -1
  122. package/dist/{chunk-TSVYBDDE.js → chunk-YZH4I4JO.js} +1 -1
  123. package/dist/{ci-workflow-EW37KVPS.js → ci-workflow-JFOL4YWW.js} +3 -3
  124. package/dist/{dist-NCNAXUFD.js → dist-BZS2XRLG.js} +5 -1
  125. package/dist/{dist-CJDGASPP.js → dist-CPKL5Y2R.js} +2 -2
  126. package/dist/{docs-4XI2FQW2.js → docs-FUTRJQHA.js} +4 -4
  127. package/dist/{engine-4L4CDTHU.js → engine-FB3HCNVT.js} +3 -3
  128. package/dist/{entropy-PBYSIQYS.js → entropy-FIEE4YDA.js} +3 -3
  129. package/dist/{feedback-OTIFW5MK.js → feedback-7EC4T6XG.js} +1 -1
  130. package/dist/{generate-agent-definitions-CZGUXIIN.js → generate-agent-definitions-FOSFADNR.js} +4 -4
  131. package/dist/{graph-loader-RDXSEBD7.js → graph-loader-QEI7SYOQ.js} +1 -1
  132. package/dist/hooks/adoption-tracker.js +36 -8
  133. package/dist/hooks/sentinel-pre.js +3 -2
  134. package/dist/hooks/telemetry-reporter.js +34 -15
  135. package/dist/index-builder-3AOQ3ZII.js +13 -0
  136. package/dist/index.d.ts +15 -0
  137. package/dist/index.js +29 -28
  138. package/dist/{loader-UZOXCWFC.js → loader-HXUOBTYA.js} +3 -3
  139. package/dist/{mcp-GWVVV6LH.js → mcp-NUG4BMKJ.js} +17 -16
  140. package/dist/{performance-5UQPP3XX.js → performance-TYXBCTR7.js} +4 -4
  141. package/dist/{review-pipeline-65V4EO6O.js → review-pipeline-B4WPU6BQ.js} +3 -3
  142. package/dist/{runtime-PXX7HNB3.js → runtime-HQQNOARD.js} +3 -3
  143. package/dist/{scan-WM7XDUF7.js → scan-M4EGDAQ2.js} +1 -1
  144. package/dist/{security-CAYDRZIZ.js → security-25VFLIAO.js} +1 -1
  145. package/dist/templates/orchestrator/harness.orchestrator.md +18 -8
  146. package/dist/{validate-CWGXR7QM.js → validate-EAVGKZQB.js} +4 -4
  147. package/dist/{validate-cross-check-BKCNLZYG.js → validate-cross-check-SPL3H4O5.js} +3 -3
  148. package/package.json +13 -5
  149. package/dist/hooks/profiles.ts +0 -48
@@ -26,7 +26,9 @@
26
26
 
27
27
  2. **Run `harness cleanup --type dead-code --json`** for machine-readable output focused specifically on unused code.
28
28
 
29
- 3. **Review the report summary.** Note the total count and distribution. A few dead exports are normal; dozens suggest accumulated entropy from incomplete refactorings.
29
+ 3. **Check for stale constraints.** Run `detect_stale_constraints` to identify architectural constraints referencing removed code that should also be cleaned up.
30
+
31
+ 4. **Review the report summary.** Note the total count and distribution. A few dead exports are normal; dozens suggest accumulated entropy from incomplete refactorings.
30
32
 
31
33
  ### Graph-Enhanced Context (when available)
32
34
 
@@ -20,7 +20,9 @@
20
20
 
21
21
  2. **Run `harness cleanup --type drift`** for a deeper analysis that cross-references code changes against documentation references.
22
22
 
23
- 3. **Optionally, run `git diff` against a baseline** (last release, last sprint, etc.) to identify which code files changed. This helps prioritize — docs for recently changed files are most likely to be drifted.
23
+ 3. **Check for stale constraints.** Run `detect_stale_constraints` alongside drift detection to find architectural constraints that no longer match the codebase.
24
+
25
+ 4. **Optionally, run `git diff` against a baseline** (last release, last sprint, etc.) to identify which code files changed. This helps prioritize — docs for recently changed files are most likely to be drifted.
24
26
 
25
27
  ### Graph-Enhanced Context (when available)
26
28
 
@@ -53,6 +53,10 @@ Store answers in: .harness/architecture/<topic>/discovery.md
53
53
 
54
54
  Read the codebase to understand the current state. Do not propose solutions yet — gather facts.
55
55
 
56
+ #### Step 0: Discover Constraints and Trends
57
+
58
+ Run `detect_constraint_emergence` to discover implicit architectural patterns that should be formalized as constraints. Run `detect_stale_constraints` to identify constraints that no longer apply or need updating. Check `get_decay_trends` to understand how architectural health has evolved and which areas are degrading fastest. Run `predict_failures` to forecast which constraints are most likely to be violated based on current trends.
59
+
56
60
  #### Step 1: Map Existing Patterns
57
61
 
58
62
  Search for how the codebase currently handles similar concerns:
@@ -12,12 +12,13 @@
12
12
 
13
13
  ## Persona Agents
14
14
 
15
- | Skill | `subagent_type` | State(s) |
16
- | -------------------- | ----------------------- | -------------------- |
17
- | harness-planning | `harness-planner` | PLAN |
18
- | harness-execution | `harness-task-executor` | EXECUTE |
19
- | harness-verification | `harness-verifier` | VERIFY |
20
- | harness-code-review | `harness-code-reviewer` | REVIEW, FINAL_REVIEW |
15
+ | Skill | `subagent_type` | State(s) |
16
+ | ----------------------- | ----------------------- | -------------------- |
17
+ | harness-planning | `harness-planner` | PLAN |
18
+ | harness-execution | `harness-task-executor` | EXECUTE |
19
+ | harness-verification | `harness-verifier` | VERIFY |
20
+ | **harness-integration** | **`harness-verifier`** | **INTEGRATE** |
21
+ | harness-code-review | `harness-code-reviewer` | REVIEW, FINAL_REVIEW |
21
22
 
22
23
  **Iron Law:** Autopilot delegates, never reimplements. If writing plan/execute/verify/review logic, STOP — delegate via `subagent_type`. Always use dedicated persona agents, never general-purpose agents.
23
24
 
@@ -31,15 +32,16 @@ Set at INIT (`--fast` / `--thorough`); persists for session. Default: `standard`
31
32
  | APPROVE_PLAN | Auto-approve, skip signals | Signal-based | Force human review |
32
33
  | EXECUTE | Skip scratchpad | Scratchpad >500 words | Verbose scratchpad |
33
34
  | VERIFY | `harness validate` only | Full pipeline | Expanded checks |
35
+ | INTEGRATE | WIRE only, auto-approve | Full tier-appropriate | Full + human ADR review |
34
36
 
35
37
  ## State Machine
36
38
 
37
39
  ```
38
- INIT → ASSESS → PLAN → APPROVE_PLAN → EXECUTE → VERIFY → REVIEW → PHASE_COMPLETE
39
-
40
- [next phase?]
41
- │ │
42
- ASSESS FINAL_REVIEW → DONE
40
+ INIT → ASSESS → PLAN → APPROVE_PLAN → EXECUTE → VERIFY → INTEGRATE → REVIEW → PHASE_COMPLETE
41
+
42
+ [next phase?]
43
+ │ │
44
+ ASSESS FINAL_REVIEW → DONE
43
45
  ```
44
46
 
45
47
  ---
@@ -51,7 +53,7 @@ INIT → ASSESS → PLAN → APPROVE_PLAN → EXECUTE → VERIFY → REVIEW →
51
53
  3. Check for existing state: read `{sessionDir}/autopilot-state.json`. If present and not DONE: report "Resuming from `{currentState}`, phase {N}: {name}." Apply schema migration if `schemaVersion < 5` (backfill missing fields). Jump to recorded state.
52
54
  4. Fresh start: read spec, parse `## Implementation Order` for phases (`### Phase N: Name` + `<!-- complexity: low|medium|high -->`, default: `medium`). Capture `startingCommit` via `git rev-parse HEAD`. Write `autopilot-state.json` (schemaVersion: 5, currentState: "ASSESS", currentPhase: 0).
53
55
  5. Flags: `--fast` → `rigorLevel: "fast"`. `--thorough` → `rigorLevel: "thorough"`. `--review-plans` → `reviewPlans: true`. Both flags together → reject with error.
54
- 6. Call `gather_context({ path, skill: "harness-autopilot", session: slug, include: ["state", "learnings", "handoff", "validation"] })`.
56
+ 6. Call `gather_context({ path, skill: "harness-autopilot", session: slug, include: ["state", "learnings", "handoff", "graph", "businessKnowledge", "sessions", "validation"] })`.
55
57
  7. → ASSESS.
56
58
 
57
59
  ---
@@ -60,10 +62,15 @@ INIT → ASSESS → PLAN → APPROVE_PLAN → EXECUTE → VERIFY → REVIEW →
60
62
 
61
63
  1. Read current phase at `currentPhase`.
62
64
  2. If `planPath` set and file exists: → APPROVE_PLAN.
63
- 3. Complexity routing:
65
+ 3. **Intelligence-enhanced complexity assessment.** Before routing by complexity, refine the annotation with signals from available tools:
66
+ - Run `predict_failures` on the phase domain to check if constraints are trending toward violation — high failure probability suggests upgrading complexity.
67
+ - Run `compute_blast_radius` on files the phase is likely to touch — large blast radius (>15 affected modules) suggests upgrading to `high`.
68
+ - If the orchestrator is running, request intelligence analysis via `POST /api/analyze` with the phase title/description to get CML complexity scores and PESL simulation results. Use CML `structuralComplexity > 0.7` or PESL `riskScore > 0.6` as triggers to upgrade complexity routing.
69
+ - If no orchestrator, the MCP tool signals above are sufficient.
70
+ 4. Complexity routing:
64
71
  - `low`/`medium`: auto-plan via harness-planner → PLAN.
65
72
  - `high`: pause. Instruct: "Run `/harness:planning` interactively, then re-invoke `/harness:autopilot`." Wait for re-invocation.
66
- 4. Update `currentState: "PLAN"`.
73
+ 5. Update `currentState: "PLAN"`.
67
74
 
68
75
  ---
69
76
 
@@ -93,6 +100,7 @@ On return: read `planPath` from `{sessionDir}/handoff.json`. Complexity override
93
100
  - `phase.complexityOverride !== null`
94
101
  - Handoff `concerns` non-empty
95
102
  - Task count > 15
103
+ - Knowledge gaps: `harness knowledge-pipeline --domain <phase-domain>` reports `totalGaps > 0` and `--fix` was not run during planning
96
104
  5. **Auto-approve:** emit report (mode, complexity, concerns, task count). Record decision with signal snapshot in `decisions[]`. → EXECUTE.
97
105
  6. **Pause:** show triggered signals. Ask "Approve? (yes / revise / skip phase / stop)." Record decision. Route accordingly.
98
106
 
@@ -120,13 +128,34 @@ prompt: "Phase {N}: {name}. Plan: {planPath}. Session: {sessionSlug}. Rigor: {ri
120
128
 
121
129
  ### VERIFY
122
130
 
123
- - `"fast"`: run `harness validate`. Pass → REVIEW. Fail → surface to user.
131
+ - `"fast"`: run `harness validate`. Pass → INTEGRATE. Fail → surface to user.
124
132
  - `"standard"`/`"thorough"`: dispatch harness-verifier:
125
133
  ```
126
134
  subagent_type: "harness-verifier"
127
135
  prompt: "Phase {N}: {name}. Session: {sessionSlug}. Rigor: {rigorLevel}. Verify and report pass/fail with findings."
128
136
  ```
129
- Pass → REVIEW. Fail → ask "fix / skip verification / stop." `fix`: re-enter EXECUTE (retry budget resets).
137
+ Pass → INTEGRATE. Fail → ask "fix / skip verification / stop." `fix`: re-enter EXECUTE (retry budget resets).
138
+
139
+ ---
140
+
141
+ ### INTEGRATE
142
+
143
+ 1. Resolve tier: `max(plan.integrationTier, derived-from-execution)`. If tier escalated: notify human with "Tier escalated from `{planned}` to `{derived}`: {reason}."
144
+ 2. Dispatch harness-integration skill:
145
+ ```
146
+ subagent_type: "harness-verifier"
147
+ prompt: "Phase {N}: {name}. Session: {sessionSlug}. Tier: {tier}.
148
+ Plan: {planPath}. Verify integration per harness-integration skill."
149
+ ```
150
+ 3. **Rigor interaction:**
151
+ - `"fast"`: WIRE sub-phase only, auto-approve, no ADR drafting.
152
+ - `"standard"`: Full tier-appropriate checks (WIRE + MATERIALIZE + UPDATE per tier).
153
+ - `"thorough"`: Full checks + human reviews every ADR draft + force knowledge graph verification.
154
+ 4. Pass → REVIEW.
155
+ 5. Fail → report incomplete items. Ask "fix / skip integration / stop":
156
+ - **fix:** re-enter EXECUTE with integration-specific fix tasks, then re-VERIFY, re-INTEGRATE. Retry budget resets.
157
+ - **skip:** record decision in `decisions[]`, proceed to REVIEW (human override).
158
+ - **stop:** save state and exit.
130
159
 
131
160
  ---
132
161
 
@@ -145,8 +174,8 @@ Persist findings to `{sessionDir}/phase-{N}-review.json`. No blocking → PHASE_
145
174
 
146
175
  ### PHASE_COMPLETE
147
176
 
148
- 1. Present summary: name, tasks completed, retries used, verification result, review findings count, elapsed time.
149
- 2. Record in `history[]`: phase index, name, startedAt, completedAt, tasksCompleted, retriesUsed, verificationPassed, reviewFindings.
177
+ 1. Present summary: name, tasks completed, retries used, verification result, integration report (`{sessionDir}/phase-{N}-integration.json`), review findings count, elapsed time.
178
+ 2. Record in `history[]`: phase index, name, startedAt, completedAt, tasksCompleted, retriesUsed, verificationPassed, integrationPassed, reviewFindings.
150
179
  3. Mark phase `complete` in state. Clear scratchpad: `clearScratchpad({ session, phase, projectPath })`.
151
180
  4. Sync roadmap: `manage_roadmap sync apply:true` (skip if no roadmap; never `force_sync: true`).
152
181
  5. Write session summary: `writeSessionSummary(projectPath, sessionSlug, { session, lastActive, skill: "harness-autopilot", phase, status, spec, plan, keyContext, nextStep })`.
@@ -188,9 +217,11 @@ Persist findings to `{sessionDir}/phase-{N}-review.json`. No blocking → PHASE_
188
217
  2. **ASSESS** — Route by complexity: low/medium auto-plans, high pauses for interactive planning.
189
218
  3. **PLAN → APPROVE** — Dispatch harness-planner, check approval signals, auto-approve or pause.
190
219
  4. **EXECUTE** — Dispatch harness-task-executor with plan path, handle checkpoints and retries (max 3).
191
- 5. **VERIFY → REVIEW** — Dispatch harness-verifier and harness-code-reviewer, fix blocking findings.
192
- 6. **PHASE_COMPLETE** — Summarize, sync roadmap, loop to ASSESS for next phase or proceed to FINAL_REVIEW.
193
- 7. **FINAL_REVIEW → DONE** — Cross-phase review, offer PR creation, write final handoff.
220
+ 5. **VERIFY** — Dispatch harness-verifier, confirm code correctness and wiring.
221
+ 6. **INTEGRATE** — Resolve integration tier, dispatch harness-integration, verify system wiring, knowledge materialization, and documentation per tier.
222
+ 7. **REVIEW** — Dispatch harness-code-reviewer, fix blocking findings.
223
+ 8. **PHASE_COMPLETE** — Summarize (including integration report), sync roadmap, loop to ASSESS for next phase or proceed to FINAL_REVIEW.
224
+ 9. **FINAL_REVIEW → DONE** — Cross-phase review, offer PR creation, write final handoff.
194
225
 
195
226
  ---
196
227
 
@@ -205,9 +236,9 @@ Persist findings to `{sessionDir}/phase-{N}-review.json`. No blocking → PHASE_
205
236
 
206
237
  ## Gates
207
238
 
208
- - **No reimplementing delegated skills.** Writing planning/execution/verification/review logic → STOP. Delegate via `subagent_type`.
239
+ - **No reimplementing delegated skills.** Writing planning/execution/verification/review/integration logic → STOP. Delegate via `subagent_type`.
209
240
  - **No executing without plan approval.** Every plan passes APPROVE_PLAN. No exceptions.
210
- - **No skipping VERIFY or REVIEW.** Human can override findings; steps cannot be skipped.
241
+ - **No skipping VERIFY, INTEGRATE, or REVIEW.** Human can override findings; steps cannot be skipped. INTEGRATE may be skipped only via explicit "skip" choice with decision recorded in `decisions[]`.
211
242
  - **No infinite retries.** EXECUTE budget: 3 attempts. FINAL_REVIEW: 3 cycles. If exhausted, stop and surface.
212
243
  - **No modifying state files manually.** If corrupted, start fresh.
213
244
 
@@ -231,7 +262,7 @@ Persist findings to `{sessionDir}/phase-{N}-review.json`. No blocking → PHASE_
231
262
 
232
263
  ## Success Criteria
233
264
 
234
- - All phases in the spec are executed in order with plan → execute → verify → review per phase
265
+ - All phases in the spec are executed in order with plan → execute → verify → integrate → review per phase
235
266
  - Every plan approval is recorded in `decisions[]` (auto or manual)
236
267
  - Retry budget (3 attempts) is enforced — exhausted retries surface to user, never silently continue
237
268
  - FINAL_REVIEW runs on `startingCommit..HEAD` diff and catches cross-phase coherence issues
@@ -35,10 +35,11 @@ When no arguments are provided (standalone invocation), the skill operates exact
35
35
 
36
36
  ### Phase 1: EXPLORE -- Gather Context
37
37
 
38
- 1. **Read the existing codebase.** Understand architecture, constraints, and conventions. Check AGENTS.md, existing specs in `docs/`, and relevant source files.
39
- 2. **Identify the problem boundary.** What exactly needs solving? What is out of scope? Write both down.
40
- 3. **Check for prior art.** Has this been partially solved elsewhere? Are there patterns to follow or deliberately break?
41
- 4. **Assess scope.** If the problem spans >3 major subsystems or >2 weeks to implement, decompose into sub-projects first.
38
+ 1. **Load project context.** Call `gather_context({ path: "<project-root>", intent: "<feature description>", skill: "harness-brainstorming", session: "<session-slug-if-known>", include: ["graph", "businessKnowledge", "sessions", "validation"] })`. The `graph` context surfaces `business_fact` nodes relevant to the feature domain. The `businessKnowledge` context loads documented domain knowledge from `docs/knowledge/`. Use both to ground exploration in verified facts rather than assumptions.
39
+ 2. **Read the existing codebase.** Understand architecture, constraints, and conventions. Check AGENTS.md, existing specs in `docs/`, and relevant source files.
40
+ 3. **Identify the problem boundary.** What exactly needs solving? What is out of scope? Write both down. Cross-reference `businessKnowledge` domains if documented business rules constrain the problem, note them.
41
+ 4. **Check for prior art.** Has this been partially solved elsewhere? Are there patterns to follow or deliberately break?
42
+ 5. **Assess scope.** If the problem spans >3 major subsystems or >2 weeks to implement, decompose into sub-projects first.
42
43
 
43
44
  ---
44
45
 
@@ -107,9 +108,19 @@ These flow into `handoff.json` `contextKeywords` field. Select keywords that hel
107
108
  - Overview and goals
108
109
  - Decisions made (with rationale from brainstorming)
109
110
  - Technical design (data structures, APIs, file layout)
111
+ - Integration points (entry points, registrations, docs, decisions, knowledge impact)
110
112
  - Success criteria (observable, testable outcomes)
111
113
  - Implementation order (high-level phases, not detailed tasks)
112
114
 
115
+ The **Integration Points** section is required in every spec. It defines how the feature connects to the existing system. Populate it with five subsections:
116
+ - **Entry Points** -- Which system entry points does this feature touch or create? (e.g., new CLI command, new MCP tool, new skill, new API route, new barrel export)
117
+ - **Registrations Required** -- What registrations are needed for the feature to be discoverable? (e.g., barrel export regeneration, skill tier assignment, route registration)
118
+ - **Documentation Updates** -- What docs need updating to reflect the new capability? (e.g., AGENTS.md section, API docs, README, guides)
119
+ - **Architectural Decisions** -- What decisions warrant ADRs? List the decision and a one-line rationale. Only for medium/large tier changes -- omit for small changes.
120
+ - **Knowledge Impact** -- What domain concepts, patterns, or relationships should enter the knowledge graph?
121
+
122
+ If the feature is a small change (bug fix, config tweak, < 3 files), the section may contain only Entry Points and Registrations Required with "None" for the others. The section must still be present.
123
+
113
124
  2. **Run soundness review.** Invoke `harness-soundness-review --mode spec` against the draft. Do not write to `docs/` until the review converges with no remaining issues.
114
125
 
115
126
  3. **Write the spec** to `docs/changes/<feature>/proposal.md`.
@@ -308,7 +319,7 @@ Apply when output includes specific behavioral expectations.
308
319
 
309
320
  ## Success Criteria
310
321
 
311
- - Spec exists in `docs/` with all required sections (overview, decisions, technical design, success criteria, implementation order)
322
+ - Spec exists in `docs/` with all required sections (overview, decisions, technical design, integration points, success criteria, implementation order)
312
323
  - Human explicitly approved before any implementation
313
324
  - YAGNI applied: no speculative features in the spec
314
325
  - 2-3 approaches presented with honest tradeoffs before decision
@@ -123,6 +123,10 @@ After review, consider suggesting `.harness/review-learnings.md` creation if you
123
123
 
124
124
  ## Pipeline Phases
125
125
 
126
+ ### Pre-Pipeline: Self-Review Baseline
127
+
128
+ Generate a self-review checklist via `create_self_review` to establish baseline expectations before deeper analysis. This checklist feeds into Phase 4 subagents as an additional input.
129
+
126
130
  ### Phase 1: GATE
127
131
 
128
132
  **Tier:** fast | **Mode:** CI only (`--ci`). Skip when invoked manually.
@@ -154,10 +158,11 @@ Run mechanical checks to establish an exclusion boundary. Issues caught here are
154
158
  **Checks:**
155
159
 
156
160
  1. **Harness validation:** `assess_project({ path, checks: ["validate", "deps", "docs"], mode: "detailed" })` — runs checks in parallel.
157
- 2. **Security scan:** `run_security_scan` on changed files. Record findings with rule ID, file, line.
158
- 3. **Type checking:** Run `tsc --noEmit`. Record errors.
159
- 4. **Linting:** Run linter. Record violations.
160
- 5. **Tests:** Run test suite. Record failures.
161
+ 2. **Diff analysis:** Run `analyze_diff` to get a structured breakdown of changes by file, category, and risk level.
162
+ 3. **Security scan:** `run_security_scan` on changed files. Record findings with rule ID, file, line.
163
+ 4. **Type checking:** Run `tsc --noEmit`. Record errors.
164
+ 5. **Linting:** Run linter. Record violations.
165
+ 6. **Tests:** Run test suite. Record failures.
161
166
 
162
167
  **Output:** Set of mechanical findings (file, line, tool, message) forming the exclusion list for Phase 5.
163
168
 
@@ -197,6 +202,8 @@ Determine change type to shape review focus:
197
202
  | **Security** | Security paths + data flow via `query_graph` | Changed files + files with auth/crypto/SQL/shell patterns |
198
203
  | **Architecture** | Layer boundaries + imports via `query_graph`/`get_impact` | Changed files + `harness check-deps` output |
199
204
 
205
+ Run `compute_blast_radius` on changed files to identify downstream modules that may be affected and should be included in context bundles.
206
+
200
207
  #### 1:1 Context Ratio Rule
201
208
 
202
209
  - **Small diffs (<20 lines):** 3:1 context-to-diff ratio.
@@ -342,7 +349,9 @@ Invokes `harness-security-review` in changed-files mode as the security fan-out
342
349
 
343
350
  2. **Stack-adaptive:** Node.js (prototype pollution, ReDoS, path traversal), React (XSS, dangerouslySetInnerHTML), Go (race conditions, integer overflow, unsafe pointer), Python (pickle, SSTI, command injection)
344
351
 
345
- 3. **CWE/OWASP references:** All findings include `cweId`, `owaspCategory`, `remediation`.
352
+ 3. **Security posture alignment:** Check `get_security_trends` to see if the changes align with or diverge from the project's security posture trajectory.
353
+
354
+ 4. **CWE/OWASP references:** All findings include `cweId`, `owaspCategory`, `remediation`.
346
355
 
347
356
  Confirmed vulnerabilities are always `severity: 'critical'`.
348
357
 
@@ -383,7 +392,8 @@ Reviews architectural violations, dependency direction, and design pattern compl
383
392
 
384
393
  1. **Mechanical exclusion:** Discard AI findings where same file + line range already flagged by Phase 2.
385
394
  2. **Graph reachability (if available):** Verify claimed dependency paths via `query_graph`. Discard findings with invalid reachability claims.
386
- 3. **Import-chain heuristic (fallback):** Follow imports 2 levels deep. If claimed impact unreachable within 2 hops, downgrade to `suggestion`.
395
+ 3. **Stale constraint check:** Run `detect_stale_constraints` to check if architectural constraints are still valid after the reviewed changes. Findings referencing invalidated constraints are downgraded.
396
+ 4. **Import-chain heuristic (fallback):** Follow imports 2 levels deep. If claimed impact unreachable within 2 hops, downgrade to `suggestion`.
387
397
 
388
398
  **Exit:** Validated finding set. Continue to Phase 6.
389
399
 
@@ -595,6 +605,11 @@ compliance|naming|suggestion|Names follow project conventions (check AGENTS.md o
595
605
  ## Harness Integration
596
606
 
597
607
  - **`assess_project`** — Phase 2: run validate/deps/docs in parallel. Failures are Critical and stop pipeline.
608
+ - **`analyze_diff`** — Phase 2: structured breakdown of changes by file, category, and risk level.
609
+ - **`create_self_review`** — Pre-pipeline: generate a self-review checklist as baseline expectations.
610
+ - **`compute_blast_radius`** — Phase 3/5: run on changed files to identify downstream modules that may be affected by the changes.
611
+ - **`detect_stale_constraints`** — Phase 5: check if architectural constraints are still valid after the reviewed changes.
612
+ - **`get_security_trends`** — Phase 4 (Security Agent): check if changes align with or diverge from the project's security posture trajectory.
598
613
  - **`gather_context`** — Phase 3: parallel context assembly. Session parameter scopes to session directory.
599
614
  - **`harness cleanup`** — Optional Phase 2 check for entropy in changed files.
600
615
  - **Graph queries** — Phase 3 (dependency context) and Phase 5 (reachability verification). Graceful fallback.
@@ -34,6 +34,8 @@
34
34
  3. **Compute top 10% threshold.** Sort all files by commit count. The file at the 90th percentile defines the threshold. Files above this threshold are "high churn."
35
35
  4. **Store as HotspotContext** for use in Phase 3 (CLASSIFY).
36
36
 
37
+ Run `detect_stale_constraints` to find architectural constraints referencing removed or restructured code. Run `detect_anomalies` to identify structural irregularities that should be addressed during cleanup.
38
+
37
39
  ### Phase 2: DETECT -- Run Both Concerns in Parallel
38
40
 
39
41
  1. **Dead code detection** (skip if `--architecture-only`):
@@ -110,7 +110,11 @@ git diff HEAD~5
110
110
 
111
111
  What changed recently? Many bugs are caused by the most recent change. Compare the failing state to the last known working state.
112
112
 
113
- #### Step 5: Trace Data Flow Backward
113
+ #### Step 5: Explore Code Structure
114
+
115
+ Use `code_outline` to get a structural overview of suspect modules (functions, classes, exports) without reading full source. Use `code_search` to locate symbol usages, error strings, or patterns across the codebase. Use `code_unfold` to expand a specific symbol to its full implementation with dependency context. These tools let you navigate efficiently without reading entire files.
116
+
117
+ #### Step 6: Trace Data Flow Backward
114
118
 
115
119
  Start at the error location and trace backward:
116
120
 
@@ -149,6 +153,10 @@ Look for:
149
153
  - Documentation or comments that describe expected behavior
150
154
  ```
151
155
 
156
+ #### Step 1b: Run Anomaly Detection
157
+
158
+ Run `detect_anomalies` to identify structural irregularities (orphaned files, missing tests, unusual coupling) that may relate to the bug. Anomalies near the failure site often point to the root cause.
159
+
152
160
  #### Step 2: Read Reference Implementations Completely
153
161
 
154
162
  When you find a working example, read it in its entirety. Do not cherry-pick lines. Understand:
@@ -306,6 +314,10 @@ Update the session status to `resolved`.
306
314
  - **`harness validate`** — Run in Phase 4 VERIFY after applying the fix. Confirms the fix does not break project-wide constraints.
307
315
  - **`harness check-deps`** — Run in Phase 4 VERIFY. Confirms the fix does not introduce dependency violations.
308
316
  - **`harness state learn`** — Run after resolution to capture learnings for future sessions.
317
+ - **`code_outline`** — Use in Phase 1 INVESTIGATE to get a structural overview of suspect modules without reading full source.
318
+ - **`code_search`** — Use in Phase 1 INVESTIGATE to locate symbol usages, error strings, or patterns across the codebase.
319
+ - **`code_unfold`** — Use in Phase 1 INVESTIGATE to expand a specific symbol to its full implementation with dependency context.
320
+ - **`detect_anomalies`** — Run in Phase 2 ANALYZE to identify structural irregularities (orphaned files, missing tests, unusual coupling) near the failure site.
309
321
  - **Debug session files** — Stored in `.harness/debug/active/` (in progress) and `.harness/debug/resolved/` (completed). These persist across context resets.
310
322
 
311
323
  ## Success Criteria
@@ -79,6 +79,8 @@ When no graph is available, use static analysis to approximate structural metric
79
79
 
80
80
  > Fallback completeness: ~60% — cannot compute transitive depth beyond what import parsing reveals; coupling metrics are approximate.
81
81
 
82
+ 6. **Detect structural anomalies**: Run `detect_anomalies` to identify structural irregularities (orphaned modules, unusual coupling patterns) that indicate dependency health issues.
83
+
82
84
  ### Phase 2: SCORE — Calculate Health Score
83
85
 
84
86
  Compute a weighted health score (0-100):
@@ -93,6 +95,8 @@ Compute a weighted health score (0-100):
93
95
 
94
96
  **Grades**: A (90-100), B (75-89), C (60-74), D (40-59), F (<40)
95
97
 
98
+ Check `get_decay_trends` to see how dependency health metrics have changed over time and whether current trends are improving or degrading.
99
+
96
100
  ### Phase 3: RECOMMEND — Generate Recommendations
97
101
 
98
102
  For each problem found, generate a specific, actionable recommendation:
@@ -45,25 +45,29 @@ When no arguments are provided (standalone invocation), discover plan from `docs
45
45
  intent: "Execute plan tasks starting from current position",
46
46
  skill: "harness-execution",
47
47
  session: "<session-slug-if-known>",
48
- include: ["state", "learnings", "handoff", "validation"]
48
+ include: ["state", "learnings", "handoff", "graph", "businessKnowledge", "sessions", "validation"]
49
49
  })
50
50
  ```
51
51
 
52
- If session slug is known, include `session` to scope reads/writes to `.harness/sessions/<slug>/`. If unknown, omit it — falls back to `.harness/`. Returns `state` (current position, null = fresh start), `learnings` (prior insights — do not ignore), `handoff` (context from previous skill), `validation` (project health). Failed constituents return null with errors in `meta.errors`.
52
+ If session slug is known, include `session` to scope reads/writes to `.harness/sessions/<slug>/`. If unknown, omit it — falls back to `.harness/`. Returns `state` (current position, null = fresh start), `learnings` (prior insights — do not ignore), `handoff` (context from previous skill), `graph` (business_fact nodes and module dependencies), `businessKnowledge` (documented domain knowledge from `docs/knowledge/`), `validation` (project health). Use graph and businessKnowledge context to inform implementation decisions — especially when tasks reference domain rules or business logic. Failed constituents return null with errors in `meta.errors`.
53
53
 
54
- 3. **Load session summary for cold start.** If resuming (session slug known):
54
+ 3. **Review prior decisions and questions.** Check `decisions` and `openQuestions` from the planning session (loaded via `sessions` in gather_context). Resolved questions provide context for task execution. Open questions may require escalation before proceeding.
55
+
56
+ 4. **Load session summary for cold start.** If resuming (session slug known):
55
57
  - Call `listActiveSessions()` to read the session index.
56
58
  - Call `loadSessionSummary()` for the target session.
57
59
  - If ambiguous, present the index and ask which session to resume.
58
60
 
59
- 4. **Check for known dead ends.** Review `learnings` tagged `[outcome:failure]`. Warn if any match current plan approaches.
61
+ 5. **Check for known dead ends.** Review `learnings` tagged `[outcome:failure]`. Warn if any match current plan approaches.
60
62
 
61
- 5. **Verify prerequisites** for the current task:
63
+ 6. **Verify prerequisites** for the current task:
62
64
  - Dependency tasks marked complete in state?
63
65
  - Referenced files exist?
64
66
  - Test suite passes? Run `harness validate` for clean baseline.
65
67
 
66
- 6. **If prerequisites fail,** do not proceed. Report what is missing and which task is blocked.
68
+ 6b. **Knowledge health check.** If `docs/knowledge/` exists and the knowledge graph is available, run the knowledge pipeline in detect-only mode for domains touched by the current plan. If contradictions exist (severity: critical), treat as a blocker — knowledge must be reconciled before implementation. If gaps exist, surface as a warning but do not block execution.
69
+
70
+ 7. **If prerequisites fail,** do not proceed. Report what is missing and which task is blocked.
67
71
 
68
72
  ### Graph-Enhanced Context (when available)
69
73
 
@@ -71,6 +75,8 @@ When a knowledge graph exists at `.harness/graph/`:
71
75
 
72
76
  - `query_graph` — check file overlap between tasks for conflict detection
73
77
  - `get_impact` — understand blast radius before executing a task
78
+ - `compute_blast_radius` — before executing tasks that touch shared modules, simulate failure propagation to anticipate side effects
79
+ - `predict_failures` — before risky tasks (large blast radius, many file touches), check which constraints are trending toward violation
74
80
 
75
81
  Fall back to file-based commands if no graph is available.
76
82
 
@@ -102,6 +108,8 @@ For each task, starting from current position:
102
108
  - For `reference` tier skills (type: `knowledge`): load the skill's SKILL.md content as supplementary context. Cap at 3 reference skills per task to manage context budget.
103
109
  - Use the skill content to inform implementation decisions but follow the plan's exact instructions as written. Skill context provides background knowledge, not overriding instructions.
104
110
 
111
+ 1c. **Auto-inject knowledge skills.** If the plan was produced with skill recommendations (`docs/changes/<feature>/SKILLS.md`), run `recommend_skills` for the current task domain. If the response includes `autoInjectKnowledge` entries, load those knowledge skills as supplementary context alongside any explicitly annotated skills. This ensures domain-specific business rules, API patterns, and framework conventions are available during implementation without manual annotation on every task.
112
+
105
113
  2. **Follow instructions exactly.** The plan contains exact file paths, code, and commands. Execute as written.
106
114
 
107
115
  3. **TDD rhythm:**
@@ -238,6 +246,8 @@ All session-scoped files use `{sessionDir}/` when session is known, otherwise `.
238
246
 
239
247
  **Graph Refresh:** If `.harness/graph/` exists, run `harness scan [path]` after code changes. Skipping causes stale graph query results.
240
248
 
249
+ 1b. **Knowledge reconciliation.** After code changes committed and graph refreshed, run the knowledge pipeline in extract-only mode to stage any new business signals discovered in the code (validation rules, API contracts, test descriptions) for future materialization. This keeps the knowledge graph current with what was actually implemented. Skip if no `docs/knowledge/` directory exists.
250
+
241
251
  2. **Append tagged learnings** to `learnings.md`. Tag every entry:
242
252
 
243
253
  ```markdown
@@ -41,6 +41,8 @@ enable full analysis)" and use fallback strategies for all subsequent steps.
41
41
 
42
42
  ### Phase 2: ANALYZE — Query Graph for Impact
43
43
 
44
+ Run `compute_blast_radius` on target files to simulate failure propagation and identify all downstream modules affected. Run `predict_failures` to forecast which architectural constraints are most at risk from the proposed changes.
45
+
44
46
  For each changed file:
45
47
 
46
48
  1. **Direct dependents**: Use `get_impact` MCP tool to find all files that import or call the changed file.