@hegemonart/get-design-done 1.0.7 → 1.14.1

package/connections/pencil-dev.md

@@ -0,0 +1,88 @@
+# pencil.dev — Connection Specification
+
+This file is the connection specification for pencil.dev within the get-design-done pipeline. pencil.dev uses git-tracked `.pen` files as its source of truth — no MCP server is required. See `connections/connections.md` for the full connection index and capability matrix.
+
+---
+
+## Setup
+
+### Prerequisites
+- pencil.dev VS Code or Cursor extension installed from the marketplace
+- One or more `.pen` files in the project (typically at project root or in `src/`)
+
+### Verification
+
+Run in the project directory:
+```bash
+find . -name "*.pen" -not -path "*/node_modules/*" | head -5
+```
+One or more results = pencil.dev is in use.
+
+No MCP server install needed — the pipeline reads and writes `.pen` files directly via standard file tools.
+
+---
+
+## Probe Pattern
+
+pencil.dev does not use MCP tools. Probe is file-based.
+
+```bash
+PEN_FILES=$(find . -name "*.pen" -not -path "*/node_modules/*" 2>/dev/null)
+if [ -n "$PEN_FILES" ]; then
+  echo "pencil-dev: available"
+else
+  echo "pencil-dev: not_configured"
+fi
+```
+
+Write result to STATE.md `<connections>`: `pencil-dev: available` or `pencil-dev: not_configured`.
+
+---
+
+## .pen File Format
+
+`.pen` files are YAML-front-matter component specs:
+
+```yaml
+---
+component: Button
+variant: primary
+state: default
+design-tokens:
+  bg: brand-primary-500
+  text: white
+  radius: 6px
+  padding: "8px 16px"
+---
+
+Notes: Primary CTA button. Use for the main action in any modal or form.
+```
+
+- `component` — component name (must match the implementation filename)
+- `variant` — variant label (matches Storybook story name where applicable)
+- `state` — `default | hover | focus | disabled | error`
+- `design-tokens` — key/value map of token names to values (CSS variables or literal values)
+- Body prose — optional implementation notes
+
+`.pen` files are **git-tracked source of truth**. Commits to `.pen` files must be atomic — spec and implementation changes committed together when possible.
+
+---
+
+## Pipeline Integration
+
+| Stage | What pencil.dev provides |
+|-------|--------------------------|
+| explore | `.pen` file discovery; synthesizer merges `.pen` declarations with code grep results |
+| verify | Spec-vs-implementation diff: `.pen` declared token values vs. actual token values in code |
+| design | `design-pencil-writer` agent: annotate + roundtrip modes; atomic git commits on `.pen` writes |
+
+**Architectural advantage:** Both the design spec (`.pen` file) and implementation (source code) are version-controlled. Pre-merge diff verification is uniquely strong compared to tools where the design lives outside git.
+
+---
+
+## Fallback Behavior
+
+When `pencil-dev: not_configured`:
+- All pencil.dev steps are skipped silently.
+- A one-line diagnostic is printed: `pencil.dev not configured — no .pen files found.`
+- Pipeline continues normally.

package/connections/pinterest.md

@@ -123,7 +123,6 @@ refero: not_configured
 preview: available
 storybook: not_configured
 chromatic: not_configured
-figma_writer: not_configured
 graphify: not_configured
 pinterest: available
 claude_design: not_configured

package/hooks/budget-enforcer.js

@@ -32,6 +32,7 @@ const { spawn } = require('child_process');
 const BUDGET_PATH = path.join(process.cwd(), '.design', 'budget.json');
 const MANIFEST_PATH = path.join(process.cwd(), '.design', 'cache-manifest.json');
 const TELEMETRY_PATH = path.join(process.cwd(), '.design', 'telemetry', 'costs.jsonl');
+const PHASE_TOTALS_PATH = path.join(process.cwd(), '.design', 'telemetry', 'phase-totals.json');
 const STATE_PATH = path.join(process.cwd(), '.design', 'STATE.md');
 
 // ---- budget.json loader with defaults per D-12 ----
@@ -49,8 +50,18 @@ function loadBudget() {
   catch { return defaults; }
 }
 
-// ---- cumulative phase spend from telemetry (D-02 per_phase_cap_usd check) ----
+// ---- cumulative phase spend (WR-02) ----
+// Reads from the lightweight phase-totals.json written by aggregate-agent-metrics.js
+// instead of replaying the full costs.jsonl on every hook invocation.
+// Falls back to 0 when the file doesn't exist yet (early in a session).
 function currentPhaseSpend(phase) {
+  if (fs.existsSync(PHASE_TOTALS_PATH)) {
+    try {
+      const data = JSON.parse(fs.readFileSync(PHASE_TOTALS_PATH, 'utf8'));
+      return Number(data.totals?.[phase] || 0);
+    } catch { /* fall through */ }
+  }
+  // Fallback: replay JSONL when phase-totals.json not yet written (first spawn of session).
   if (!fs.existsSync(TELEMETRY_PATH)) return 0;
   const lines = fs.readFileSync(TELEMETRY_PATH, 'utf8').split(/\r?\n/).filter(Boolean);
   let sum = 0;
@@ -118,7 +129,7 @@ function spawnAggregator() {
       cwd: process.cwd(),
       detached: true,
       stdio: 'ignore',
-      env: process.env,
+      env: { PATH: process.env.PATH },  // IN-02: minimal env; aggregator needs no secrets
     });
     child.unref();
   } catch {

package/hooks/gdd-read-injection-scanner.js

@@ -6,16 +6,11 @@
  */
 
 const readline = require('readline');
+const path = require('path');
+const { INJECTION_PATTERNS: RAW_PATTERNS } = require(path.join(__dirname, '..', 'scripts', 'injection-patterns.cjs'));
 
-const INJECTION_PATTERNS = [
-  /ignore\s+(all\s+)?(previous|prior|above)\s+instructions?/i,
-  /disregard\s+(all\s+)?(previous|prior|above)\s+instructions?/i,
-  /you\s+are\s+now\s+a\s+different/i,
-  /system\s*:\s*you\s+are/i,
-  /<\s*\/?\s*(system|assistant|human)\s*>/i,
-  /\[INST\]/i,
-  /###\s*instruction/i,
-];
+// The hook needs bare RegExp objects; extract them from the shared {name,re} entries.
+const INJECTION_PATTERNS = RAW_PATTERNS.map(p => p.re);
 
 async function main() {
   const rl = readline.createInterface({ input: process.stdin });

package/hooks/hooks.json

@@ -8,6 +8,14 @@
             "command": "bash \"${CLAUDE_PLUGIN_ROOT}/scripts/bootstrap.sh\""
           }
         ]
+      },
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/update-check.sh\""
+          }
+        ]
       }
     ],
     "PreToolUse": [

package/hooks/update-check.sh

@@ -0,0 +1,251 @@
+#!/usr/bin/env bash
+# get-design-done — update check (Phase 13.3)
+# SessionStart hook. Silent-on-failure by policy (D-04): exits 0 on every error path.
+# 24h-cached unauthenticated GET of /releases/latest. Renders .design/update-available.md
+# only when a newer version exists AND it is not dismissed AND stage-guard allows.
+
+set -u  # intentionally no -e: we want to fall through to exit 0
+
+PLUGIN_ROOT="${CLAUDE_PLUGIN_ROOT:-$(cd "$(dirname "$0")/.." && pwd)}"
+PLUGIN_ROOT="${PLUGIN_ROOT//\\//}"  # Windows → POSIX slashes
+
+DESIGN_DIR="$(pwd)/.design"
+CACHE="${DESIGN_DIR}/update-cache.json"
+BANNER="${DESIGN_DIR}/update-available.md"
+CONFIG="${DESIGN_DIR}/config.json"
+STATE="${DESIGN_DIR}/STATE.md"
+CACHE_TTL_SECONDS=86400  # 24h
+
+# Silent logger — writes nothing by default. Set GDD_UPDATE_DEBUG=1 to enable stderr.
+log() {
+  if [ "${GDD_UPDATE_DEBUG:-0}" = "1" ]; then
+    printf '[gdd update-check] %s\n' "$*" >&2
+  fi
+}
+
+# Ensure .design/ exists (bootstrap normally creates it; belt+suspenders).
+mkdir -p "${DESIGN_DIR}" 2>/dev/null || exit 0
+
+# ---- Read current plugin version (no jq) ----
+PLUGIN_JSON="${PLUGIN_ROOT}/.claude-plugin/plugin.json"
+
+read_current_tag() {
+  [ -f "${PLUGIN_JSON}" ] || return 1
+  grep -E '^[[:space:]]*"version"[[:space:]]*:' "${PLUGIN_JSON}" | head -n1 | \
+    sed -E 's/.*"version"[[:space:]]*:[[:space:]]*"([^"]+)".*/\1/'
+}
+
+# ---- Semver normalizer: "v1.0.7" -> "1 0 7 0"; "v1.0.7.3" -> "1 0 7 3" ----
+normalize_semver() {
+  local t="${1#v}"
+  # strip any -pre/-beta suffix after first hyphen (unauth'd API rarely surfaces these, best-effort)
+  t="${t%%-*}"
+  # Replace dots with spaces; pad to 4 segments
+  # shellcheck disable=SC2086
+  set -- $(printf '%s' "${t}" | tr '.' ' ')
+  local a="${1:-0}" b="${2:-0}" c="${3:-0}" d="${4:-0}"
+  # Sanitize to digits only (POSIX: tr -cd 0-9 — BSD+GNU safe)
+  a="$(printf '%s' "$a" | tr -cd '0-9')"; a="${a:-0}"
+  b="$(printf '%s' "$b" | tr -cd '0-9')"; b="${b:-0}"
+  c="$(printf '%s' "$c" | tr -cd '0-9')"; c="${c:-0}"
+  d="$(printf '%s' "$d" | tr -cd '0-9')"; d="${d:-0}"
+  printf '%s %s %s %s' "$a" "$b" "$c" "$d"
+}
+
+# ---- Classify delta: compare 4-segment tuples ----
+# Args: current_tag latest_tag
+# Prints: "newer|same|older|invalid" + "major|minor|patch|off-cadence|none"
+classify_delta() {
+  local cur lat
+  cur="$(normalize_semver "$1")" || { printf 'invalid none'; return; }
+  lat="$(normalize_semver "$2")" || { printf 'invalid none'; return; }
+  # shellcheck disable=SC2086
+  set -- $cur; local ca="$1" cb="$2" cc="$3" cd="$4"
+  # shellcheck disable=SC2086
+  set -- $lat; local la="$1" lb="$2" lc="$3" ld="$4"
+
+  # Per-segment integer compare (lexicographic per segment by numeric value)
+  if   [ "$la" -gt "$ca" ]; then printf 'newer major'; return
+  elif [ "$la" -lt "$ca" ]; then printf 'older major'; return
+  fi
+  if   [ "$lb" -gt "$cb" ]; then printf 'newer minor'; return
+  elif [ "$lb" -lt "$cb" ]; then printf 'older minor'; return
+  fi
+  if   [ "$lc" -gt "$cc" ]; then printf 'newer patch'; return
+  elif [ "$lc" -lt "$cc" ]; then printf 'older patch'; return
+  fi
+  if   [ "$ld" -gt "$cd" ]; then printf 'newer off-cadence'; return
+  elif [ "$ld" -lt "$cd" ]; then printf 'older off-cadence'; return
+  fi
+  printf 'same none'
+}
+
+# ---- Cache freshness check: returns 0 if fresh (<24h old), 1 if stale or missing ----
+is_cache_fresh() {
+  [ -f "${CACHE}" ] || return 1
+  local now mtime age
+  now="$(date +%s)"
+  # BSD date -r on macOS; GNU stat -c on Linux; fall back to perl then python.
+  if mtime="$(date -r "${CACHE}" +%s 2>/dev/null)"; then :
+  elif mtime="$(stat -c %Y "${CACHE}" 2>/dev/null)"; then :
+  elif mtime="$(perl -e 'print((stat shift)[9])' "${CACHE}" 2>/dev/null)"; then :
+  else return 1
+  fi
+  [ -n "${mtime:-}" ] || return 1
+  age=$((now - mtime))
+  [ "${age}" -lt "${CACHE_TTL_SECONDS}" ]
+}
+
+# ---- Fetch latest release. Writes raw body to stdout on success, nothing on failure. ----
+fetch_latest() {
+  command -v curl >/dev/null 2>&1 || { log "no curl"; return 1; }
+  local url="https://api.github.com/repos/hegemonart/get-design-done/releases/latest"
+  curl -sf --max-time 3 -H 'Accept: application/vnd.github+json' "${url}" 2>/dev/null || return 1
+}
+
+# ---- Extract fields from the release JSON (no jq). Robust to whitespace; fails soft. ----
+extract_tag() {
+  grep -E '"tag_name"[[:space:]]*:' | head -n1 | sed -E 's/.*"tag_name"[[:space:]]*:[[:space:]]*"([^"]+)".*/\1/'
+}
+# Body extraction: python3-only. If python3 is absent, we intentionally return empty
+# (D-04 silent-on-failure posture). No awk/sed fallback — JSON string decoding in pure
+# bash is fragile and untested; empty excerpt is the correct degraded state.
+extract_body() {
+  command -v python3 >/dev/null 2>&1 || return 0
+  python3 -c 'import json,sys
+try:
+  d=json.load(sys.stdin)
+  b=d.get("body","") or ""
+  print(b[:500])
+except Exception:
+  pass' 2>/dev/null
+}
+
+# ---- Read .design/STATE.md stage field. Returns "brief"|"explore"|"plan"|"design"|"verify"|"" ----
+# Schema source: reference/STATE-TEMPLATE.md — `stage:` lives in both the frontmatter
+# and the <position> block with identical values per the write contract. We take the
+# first occurrence (head -n1), which is the frontmatter line.
+read_state_stage() {
+  [ -f "${STATE}" ] || { printf ''; return; }
+  grep -E '^stage:' "${STATE}" 2>/dev/null | head -n1 | sed -E 's/^stage:[[:space:]]*"?([^"[:space:]]+)"?.*/\1/'
+}
+
+# ---- Read .design/config.json for update_dismissed. Returns tag or empty. ----
+read_dismissed() {
+  [ -f "${CONFIG}" ] || { printf ''; return; }
+  grep -E '"update_dismissed"[[:space:]]*:' "${CONFIG}" 2>/dev/null | head -n1 | \
+    sed -E 's/.*"update_dismissed"[[:space:]]*:[[:space:]]*"([^"]+)".*/\1/'
+}
+
+# ---- Main control flow ----
+# MANDATORY sourcing guard: wrap the entire main flow so that `source update-check.sh`
+# (used by unit tests and interactive debugging) loads the function definitions without
+# executing steps 1-6 and exiting the sourcing shell. This is non-negotiable — the
+# semver self-test acceptance criterion sources this script.
+if [ "${BASH_SOURCE[0]}" = "$0" ]; then
+
+  CURRENT_TAG="$(read_current_tag)" || { log "no plugin.json"; exit 0; }
+  [ -n "${CURRENT_TAG:-}" ] || { log "no current version parsed"; exit 0; }
+  # Normalize to "vX.Y.Z" shape for display (plugin.json stores bare "1.0.7")
+  DISPLAY_CURRENT="v${CURRENT_TAG#v}"
+
+  # Optional --refresh forces a fresh fetch (called by plan 13.3-04's /gdd:check-update --refresh).
+  FORCE_REFRESH=0
+  for arg in "$@"; do
+    case "$arg" in
+      --refresh) FORCE_REFRESH=1 ;;
+    esac
+  done
+
+  # 1. Populate cache if missing/stale or forced.
+  if [ "${FORCE_REFRESH}" -eq 1 ] || ! is_cache_fresh; then
+    RAW="$(fetch_latest)" || RAW=""
+    if [ -n "${RAW}" ]; then
+      LATEST_TAG="$(printf '%s' "${RAW}" | extract_tag)"
+      BODY_EXCERPT="$(printf '%s' "${RAW}" | extract_body)"
+      # Strip control chars defensively (T-13.3-03)
+      BODY_EXCERPT="$(printf '%s' "${BODY_EXCERPT}" | tr -d '\000-\010\013\014\016-\037')"
+      # Strip double-quotes so the JSON round-trip sed read-back cannot be injected via a
+      # crafted release body. Body is display-only — losing quotes is acceptable.
+      BODY_EXCERPT="$(printf '%s' "${BODY_EXCERPT}" | tr -d '"')"
+      # Validate LATEST_TAG is a safe semver string before trusting it (CR-02).
+      if ! printf '%s' "${LATEST_TAG}" | grep -qE '^v?[0-9]+\.[0-9]+(\.[0-9]+)*$'; then
+        log "LATEST_TAG '${LATEST_TAG}' failed semver safety check — aborting cache write"
+        LATEST_TAG=""
+      fi
+      if [ -n "${LATEST_TAG}" ]; then
+        read -r DELTA_STATE DELTA_KIND <<EOF
+$(classify_delta "${DISPLAY_CURRENT}" "${LATEST_TAG}")
+EOF
+        IS_NEWER=false
+        [ "${DELTA_STATE}" = "newer" ] && IS_NEWER=true
+        CHECKED_AT="$(date +%s)"
+        # Write cache atomically (write-to-tmp + rename) — T-13.3-04 mitigation
+        TMP="${CACHE}.tmp.$$"
+        {
+          printf '{\n'
+          printf '  "checked_at": %s,\n' "${CHECKED_AT}"
+          printf '  "current_tag": "%s",\n' "${DISPLAY_CURRENT}"
+          printf '  "latest_tag": "%s",\n' "${LATEST_TAG}"
+          printf '  "delta": "%s",\n' "${DELTA_KIND}"
+          printf '  "is_newer": %s,\n' "${IS_NEWER}"
+          # Escape the body for JSON — backslashes first, then quotes, then newlines.
+          ESC="$(printf '%s' "${BODY_EXCERPT}" | sed -e 's/\\/\\\\/g' -e 's/"/\\"/g' | awk '{printf "%s\\n", $0}')"
+          printf '  "changelog_excerpt": "%s"\n' "${ESC}"
+          printf '}\n'
+        } > "${TMP}" 2>/dev/null && mv "${TMP}" "${CACHE}" 2>/dev/null || rm -f "${TMP}" 2>/dev/null
+      fi
+    fi
+  fi
+
+  # 2. Read cache (whether freshly written or still valid).
+  [ -f "${CACHE}" ] || exit 0  # no cache, nothing to do — silent exit
+
+  C_LATEST="$(grep -E '"latest_tag"' "${CACHE}" 2>/dev/null | head -n1 | sed -E 's/.*"latest_tag"[[:space:]]*:[[:space:]]*"([^"]+)".*/\1/')"
+  C_DELTA="$(grep -E '"delta"' "${CACHE}" 2>/dev/null | head -n1 | sed -E 's/.*"delta"[[:space:]]*:[[:space:]]*"([^"]+)".*/\1/')"
+  # Allowlist-gate C_DELTA before it reaches any shell context (WR-04).
+  case "${C_DELTA:-}" in
+    major|minor|patch|off-cadence|none) : ;;
+    *) C_DELTA="unknown" ;;
+  esac
+  C_NEWER="$(grep -E '"is_newer"' "${CACHE}" 2>/dev/null | head -n1 | sed -E 's/.*"is_newer"[[:space:]]*:[[:space:]]*(true|false).*/\1/')"
+  C_BODY="$(grep -E '"changelog_excerpt"' "${CACHE}" 2>/dev/null | head -n1 | sed -E 's/.*"changelog_excerpt"[[:space:]]*:[[:space:]]*"(.*)".*/\1/' | sed -E 's/\\n/\n/g')"
+
+  # 3. Gate: if cache says not newer, remove any stale banner and exit.
+  if [ "${C_NEWER:-false}" != "true" ]; then
+    rm -f "${BANNER}" 2>/dev/null
+    exit 0
+  fi
+
+  # 4. Dismissal gate (D-13): if user already dismissed this exact tag, suppress.
+  DISMISSED="$(read_dismissed)"
+  if [ -n "${DISMISSED}" ] && [ "${DISMISSED}" = "${C_LATEST}" ]; then
+    rm -f "${BANNER}" 2>/dev/null
+    exit 0
+  fi
+
+  # 5. State-machine guard (D-11/D-12): suppress during plan|design|verify.
+  STAGE="$(read_state_stage)"
+  case "${STAGE}" in
+    plan|design|verify)
+      rm -f "${BANNER}" 2>/dev/null
+      exit 0
+      ;;
+  esac
+
+  # 6. All gates passed — render the banner atomically.
+  TMP="${BANNER}.tmp.$$"
+  {
+    printf '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n'
+    printf ' 📦 Plugin update: %s → %s (%s)\n' "${DISPLAY_CURRENT}" "${C_LATEST}" "${C_DELTA}"
+    if [ -n "${C_BODY}" ]; then
+      printf '%s\n' "${C_BODY}"
+    fi
+    printf ' Install: /gdd:update   Dismiss: /gdd:check-update --dismiss\n'
+    printf '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n'
+  } > "${TMP}" 2>/dev/null && mv "${TMP}" "${BANNER}" 2>/dev/null || rm -f "${TMP}" 2>/dev/null
+
+  exit 0
+fi
+# When sourced (BASH_SOURCE != $0), fall through with function definitions loaded
+# and without side effects. Sourcing callers must invoke functions explicitly.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hegemonart/get-design-done",
-  "version": "1.0.7",
+  "version": "1.14.1",
   "description": "A Claude Code plugin for systematic design improvement",
   "author": "Hegemon",
   "homepage": "https://github.com/hegemonart/get-design-done",

package/reference/ai-native-tool-interface.md

@@ -0,0 +1,102 @@
+# AI-Native Design Tool Interface — Capability Contract
+
+This file defines the capability-based contract that AI-native design tools must implement to integrate with the get-design-done pipeline. Two sub-categories are defined: **canvas** and **component-generator**. Future tools implement one sub-category and plug in via the same probe/read/write or probe/generate/adopt surface.
+
+---
+
+## Sub-Categories
+
+### Canvas Tools
+
+Canvas tools treat the design canvas as both source AND destination. They expose a bidirectional read+write surface.
+
+**Contract:**
+
+```
+probe()  → { available | unavailable | not_configured }
+
+read(selection) → {
+  jsx:        string,      // React JSX of component tree
+  styles:     object,      // computed CSS styles
+  screenshot: base64_png,  // visual snapshot
+  metadata:   object       // component name, bounds, id
+}
+
+write(proposal) → { confirmed | rejected }
+```
+
+**Implementations:**
+- `connections/paper-design.md` — MCP-based; 24-tool server; budget: 100 calls/week (free)
+- `connections/pencil-dev.md` — file-based; `.pen` YAML spec files; git-tracked; no MCP
+
+**Pipeline stages:** `explore` (read) + `verify` (screenshot) + `design` (write via writer agent)
+
+---
+
+### Component Generators
+
+Component generators produce UI component code from a natural-language description and an optional design-system target. They expose a generative one-way (or roundtrip) surface.
+
+**Contract:**
+
+```
+probe() → { available | unavailable | not_configured }
+
+generate(description: string, ds: "shadcn"|"tailwind"|"mantine"|"chakra") → {
+  code:        string,   // component source code
+  preview_url: string,   // hosted preview URL
+  variants:    array,    // multiple generated variations
+  component_id: string   // for adopt/annotate operations
+}
+
+adopt(variant: object) → { confirmed | rejected }
+```
+
+**Implementations:**
+- `connections/21st-dev.md` — Magic MCP; `npx @21st-dev/magic@latest init`; marketplace prior-art gate
+- `connections/magic-patterns.md` — Claude connector (`mcp__magic_patterns*`) + API key fallback; DS-aware generation
+
+**Pipeline stages:** `explore` (prior-art gate for 21st.dev) + `design` (generate + adopt)
+
+---
+
+## Shared Probe Pattern
+
+All AI-native tools use the three-value status schema from `connections/connections.md`:
+
+| Status | Meaning |
+|--------|---------|
+| `available` | Tool confirmed present and responsive |
+| `unavailable` | Tool present but errored (rate-limited, auth failure) |
+| `not_configured` | ToolSearch returned empty or no .pen files found |
+
+STATE.md format: `<tool-name>: <status>` in the `<connections>` block.
+
+---
+
+## Extending with Future Tools
+
+To add a new AI-native design tool:
+
+1. Determine sub-category: **canvas** (bidirectional design source) or **component-generator** (code generator).
+2. Create `connections/<tool-name>.md` following the frozen template in `connections/figma.md`.
+3. Implement `probe()` using ToolSearch or file-based check. Write status to STATE.md.
+4. For **canvas**: expose `read()` and `write()` surfaces via the corresponding agent.
+5. For **component-generator**: implement `generate()` and `adopt()` in `agents/design-component-generator.md` as a new `<!-- impl: <tool> -->` section.
+6. Add a row to `connections/connections.md` capability matrix with `canvas` or `generator` column marked.
+7. Append to `test-fixture/baselines/current/connection-list.txt` in sorted order.
+
+---
+
+## Candidate Tools (Backlog)
+
+| Tool | Sub-category | Priority | Notes |
+|------|-------------|----------|-------|
+| Subframe | canvas | high | MCP-based; production-ready components; check for `mcp__subframe*` |
+| v0.dev | generator | high | Vercel product; generates shadcn/tailwind; check for `mcp__v0*` |
+| Galileo AI | generator | medium | Enterprise DS generation; API key required |
+| Builder.io Visual Copilot | canvas + generator | medium | Figma plugin + code export; check for `mcp__builder*` |
+| Locofy | generator | low | Figma→React/Next.js; Figma plugin-based |
+| Anima | canvas | low | Figma→React; Figma plugin-based |
+| Plasmic | generator | medium | Headless CMS + visual builder; `mcp__plasmic*` |
+| TeleportHQ | generator | low | Code export + collaboration |

package/reference/authority-feeds.md

@@ -0,0 +1,72 @@
+# Authority Feeds — Whitelist
+
+> **Scope:** Curated whitelist of **design authorities** — sources that ship specs, guidelines, or named-practitioner curation. Consumed by `agents/design-authority-watcher.md` at runtime. Rejected kinds are listed explicitly below and enforced by `scripts/tests/test-authority-rejected-kinds.sh`.
+>
+> **Anti-slop thesis:** No Dribbble. No Behance. No LinkedIn. No generic trending aggregators. See `.planning/PROJECT.md` and `.planning/phases/13.2-external-authority-watcher/13.2-CONTEXT.md` §D-08.
+
+**Last reviewed:** 2026-04-19
+**Feed count:** 26 (updated each time a feed is added or removed)
+
+---
+
+## Spec sources (4-5 feeds)
+
+- **[WAI-ARIA Authoring Practices Guide](https://www.w3.org/WAI/ARIA/apg/)** — `kind: spec-source` · `url: https://github.com/w3c/aria-practices/releases.atom` · `cadence-hint: monthly` · *Normative accessibility patterns from the W3C ARIA working group; release-tagged on each APG update.*
+- **[Material Design 3](https://m3.material.io/)** — `kind: spec-source` · `url: https://github.com/material-components/material-web/releases.atom` · `cadence-hint: weekly` · *Google's design system release notes; new tokens and components land here first.*
+- **[Apple Human Interface Guidelines](https://developer.apple.com/design/human-interface-guidelines/)** — `kind: spec-source` · `url: https://developer.apple.com/news/releases/rss/releases.rss` · `cadence-hint: irregular` · *Apple developer release feed — HIG updates ship alongside SDK announcements.*
+- **[Fluent 2 Design System](https://fluent2.microsoft.design/)** — `kind: spec-source` · `url: https://github.com/microsoft/fluentui/releases.atom` · `cadence-hint: weekly` · *Microsoft's cross-platform design system; normative component API and token changes.*
+- **[W3C Design Tokens Community Group](https://www.w3.org/community/design-tokens/)** — `kind: spec-source` · `url: https://github.com/design-tokens/community-group/commits/main.atom` · `cadence-hint: monthly` · *Draft tokens format spec; commit feed surfaces spec edits before formal publication.*
+
+## Component systems (6-8 feeds)
+
+- **[Radix UI](https://www.radix-ui.com/)** — `kind: component-system` · `url: https://github.com/radix-ui/primitives/releases.atom` · `cadence-hint: weekly` · *Unstyled accessible primitives; release notes document ARIA behavior changes.*
+- **[shadcn/ui](https://ui.shadcn.com/)** — `kind: component-system` · `url: https://github.com/shadcn-ui/ui/releases.atom` · `cadence-hint: weekly` · *Copy-paste component library built on Radix + Tailwind; release notes map to new patterns.*
+- **[Shopify Polaris](https://polaris.shopify.com/)** — `kind: component-system` · `url: https://github.com/Shopify/polaris/releases.atom` · `cadence-hint: weekly` · *Shopify admin design system; commerce-tuned component patterns.*
+- **[IBM Carbon](https://carbondesignsystem.com/)** — `kind: component-system` · `url: https://github.com/carbon-design-system/carbon/releases.atom` · `cadence-hint: weekly` · *IBM's enterprise design system; strong on data-dense patterns and accessibility.*
+- **[GitHub Primer](https://primer.style/)** — `kind: component-system` · `url: https://github.com/primer/react/releases.atom` · `cadence-hint: weekly` · *GitHub's design system; opinionated developer-tool patterns.*
+- **[Atlassian Design System](https://atlassian.design/)** — `kind: component-system` · `url: https://github.com/atlassian/design-system/releases.atom` · `cadence-hint: weekly` · *Jira/Confluence design system; strong on collaboration and editor patterns.*
+- **[Ant Design](https://ant.design/)** — `kind: component-system` · `url: https://github.com/ant-design/ant-design/releases.atom` · `cadence-hint: weekly` · *Enterprise React component library with deep form and table patterns.*
+- **[Mantine](https://mantine.dev/)** — `kind: component-system` · `url: https://github.com/mantinedev/mantine/releases.atom` · `cadence-hint: weekly` · *React components with hooks-first architecture; strong accessibility defaults.*
+
+## Research institutions (2-3 feeds)
+
+- **[Nielsen Norman Group Articles](https://www.nngroup.com/articles/)** — `kind: research` · `url: https://www.nngroup.com/feed/rss/` · `cadence-hint: weekly` · *UX research articles from the Nielsen Norman Group; heuristic updates and usability findings ship here.*
+- **[Laws of UX](https://lawsofux.com/)** — `kind: research` · `url: https://github.com/jonyablonski/laws-of-ux/releases.atom` · `cadence-hint: monthly` · *Jon Yablonski's curated catalogue of psychology-rooted UX principles; release feed tracks new laws and revisions.*
+- **[Baymard Institute](https://baymard.com/)** — `kind: research` · `url: https://baymard.com/blog/rss` · `cadence-hint: monthly` · *E-commerce UX research with empirical benchmarks; public surface of their large-scale usability studies.*
+
+## Named practitioners (10-12 feeds)
+
+- **[Adam Wathan](https://adamwathan.me/)** — `kind: named-practitioner` · `url: https://adamwathan.me/feed.xml` · `cadence-hint: monthly` · *Tailwind creator; utility-first CSS, component API design, refactoring patterns.*
+- **[Ryan Mulligan](https://ryanmulligan.dev/)** — `kind: named-practitioner` · `url: https://ryanmulligan.dev/feed.xml` · `cadence-hint: monthly` · *CSS craft at spec-adjacent depth; cascade layers, container queries, color functions.*
+- **[Rachel Andrew](https://rachelandrew.co.uk/)** — `kind: named-practitioner` · `url: https://rachelandrew.co.uk/feed/atom` · `cadence-hint: monthly` · *CSS Working Group member; grid, layout, and evolving layout-engine features.*
+- **[Josh W. Comeau](https://www.joshwcomeau.com/)** — `kind: named-practitioner` · `url: https://www.joshwcomeau.com/rss.xml` · `cadence-hint: monthly` · *Interactive explainers on CSS, animation, and React rendering; durable reference-quality deep dives.*
+- **[Ahmad Shadeed](https://ishadeed.com/)** — `kind: named-practitioner` · `url: https://ishadeed.com/rss.xml` · `cadence-hint: monthly` · *CSS layout and component articles grounded in real interface patterns.*
+- **[Sara Soueidan](https://www.sarasoueidan.com/)** — `kind: named-practitioner` · `url: https://www.sarasoueidan.com/feed.xml` · `cadence-hint: quarterly` · *SVG, accessibility, and inclusive design with spec-level rigor.*
+- **[Lea Verou](https://lea.verou.me/)** — `kind: named-practitioner` · `url: https://lea.verou.me/feed/atom` · `cadence-hint: quarterly` · *CSS Working Group invited expert; writes about the spec surface before it ships.*
+- **[Scott Jehl](https://scottjehl.com/)** — `kind: named-practitioner` · `url: https://scottjehl.com/feed/` · `cadence-hint: monthly` · *Progressive enhancement and web performance; long-form durable analysis.*
+- **[Heydon Pickering](https://heydonworks.com/)** — `kind: named-practitioner` · `url: https://heydonworks.com/feed.xml` · `cadence-hint: irregular` · *Accessibility-first component design; Inclusive Components author.*
+- **[Una Kravets](https://una.im/)** — `kind: named-practitioner` · `url: https://una.im/feed.xml` · `cadence-hint: monthly` · *Chrome DevRel on CSS; surfaces and explains new platform capabilities.*
+
+## User-added Are.na channels (user-extensible)
+
+Are.na channels are user-curated reference collections. Add your own channel by appending an entry to this section following the schema shown in the commented template below. The watcher fetches `https://api.are.na/v2/channels/<slug>/contents` and treats each block addition as a new entry.
+
+<!--
+- **[My Design Refs](https://are.na/my-handle/my-design-refs)** — `kind: arena` · `url: https://api.are.na/v2/channels/my-design-refs/contents` · `cadence-hint: irregular` · *Personal channel of pattern references.*
+-->
+
+## Rejected kinds
+
+The following hosts and feed kinds are **explicitly rejected** from this whitelist. This list is enforced by `scripts/tests/test-authority-rejected-kinds.sh` — any merge that adds a matching URL fails CI.
+
+- **dribbble.com** — visual-trend aggregator; no normative content, no named-practitioner curation.
+- **behance.net** — portfolio aggregator; same category.
+- **linkedin.com** — social feed; signal-to-noise ratio incompatible with the plugin's anti-slop thesis.
+- **medium.com/topic/\*** — generic topic feeds; named Medium authors may appear as `named-practitioner` entries, but topic-level feeds are rejected wholesale.
+- **"trending"-style aggregators** (e.g., product-hunt daily digests, "top 10 UI" roundups) — curatorial output indistinguishable from advertising.
+
+Rationale: the whitelist is restricted to sources that ship specs, guidelines, or named-practitioner curation (PROJECT.md, ROADMAP.md SC 8, CONTEXT.md D-08).
+
+---
+
+**How to propose a new feed:** open a PR that adds an entry to the appropriate `## <kind>` section. Are.na channel additions go in the Are.na section and do not require approval beyond CI-green. All other additions are reviewed against the anti-slop thesis.

package/reference/schemas/authority-snapshot.schema.json

@@ -0,0 +1,42 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "https://raw.githubusercontent.com/hegemonart/get-design-done/main/reference/schemas/authority-snapshot.schema.json",
+  "title": "AuthoritySnapshot",
+  "description": "Structure of .design/authority-snapshot.json produced by agents/design-authority-watcher.md. See .planning/phases/13.2-external-authority-watcher/13.2-CONTEXT.md §D-12.",
+  "type": "object",
+  "additionalProperties": false,
+  "required": ["version", "generated_at", "feeds"],
+  "properties": {
+    "version": { "const": 1 },
+    "generated_at": { "type": "string", "format": "date-time" },
+    "feeds": {
+      "type": "object",
+      "additionalProperties": { "$ref": "#/definitions/feedState" }
+    }
+  },
+  "definitions": {
+    "feedState": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["last_fetched_at", "entries"],
+      "properties": {
+        "last_fetched_at": { "type": "string", "format": "date-time" },
+        "etag": { "type": "string" },
+        "entries": {
+          "type": "array",
+          "maxItems": 200,
+          "items": { "$ref": "#/definitions/entry" }
+        }
+      }
+    },
+    "entry": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["id", "hash"],
+      "properties": {
+        "id": { "type": "string", "minLength": 1 },
+        "hash": { "type": "string", "pattern": "^[0-9a-f]{64}$" }
+      }
+    }
+  }
+}