@ijfw/memory-server 1.5.0 → 1.5.1

package/src/server.js

@@ -41,6 +41,11 @@ import { maybeRerankWithVectors } from './search-hybrid.js';
 import { crossProjectSearch } from './cross-project-search.js';
 // R2-E -- single source of truth for markdown/HTML/control-char defanger.
 import { sanitizeContent } from './sanitizer.js';
+// v1.5.1 R4-H3 — secret redaction on the direct ijfw_store write path.
+// The redactor is already wired into FTS5 ingest + auto-memorize; the
+// direct MCP store was the one bypass, so a secret pasted into an
+// ijfw_store call could land in .ijfw/memory/*.md cleartext.
+import { redactSecrets } from './redactor.js';
 // H5.5 / H5.6 — ingest-time fact extraction + semantic dedup. Closes
 // memory-engine.md competitor gaps (mem0/Zep extract facts; Graphiti dedups).
 // Both are pure-JS, zero-LLM, deterministic.
@@ -591,23 +596,6 @@ function readGlobalKnowledge() {
   ).join('\n\n');
 }
 
-function getSessionCount() {
-  try {
-    if (!existsSync(SESSIONS_DIR)) return 0;
-    return readdirSync(SESSIONS_DIR).filter(f => f.endsWith('.md')).length;
-  } catch {
-    return 0;
-  }
-}
-
-function getDecisionCount() {
-  const journal = readOr(join(MEMORY_DIR, 'project-journal.md'));
-  if (!journal) return 0;
-  // Match only journal entry lines (we now prefix with - [timestamp]) -- not
-  // arbitrary list bullets that might appear in seeded content.
-  return (journal.match(/^- \[\d{4}-\d{2}-\d{2}T/gm) || []).length;
-}
-
 function getRecentJournalEntries(count = 5) {
   const journal = readOr(join(MEMORY_DIR, 'project-journal.md'));
   if (!journal) return '';
@@ -991,7 +979,7 @@ const TOOLS = [
   },
   {
     name: 'ijfw_memory_search',
-    description: 'Keyword search across memory sources. Up to 20 results. Scope defaults to current project; pass scope:"all" to search across every IJFW project ever opened on this machine (results tagged [project:<name>]). Pass scope:"sandbox" to retrieve sandboxed ijfw_run output -- include label to get the full output of a specific run, or omit label to list all available sandbox entries.',
+    description: 'Keyword search across memory sources. Up to 20 results. Scope defaults to current project; pass scope:"all" to search across every IJFW project ever opened on this machine (results tagged [project:<name>]). Pass scope:"sandbox" to retrieve sandboxed ijfw_run output -- include label to get the full output of a specific run, or omit label to list all available sandbox entries. The query field also accepts colon-namespaced commands: "compute:<query>" hits the per-project FTS5 index, "graph:<query>" routes through the knowledge-graph search.',
     inputSchema: {
       type: 'object',
       properties: {
@@ -1050,8 +1038,8 @@ const TOOLS = [
     inputSchema: {
       type: 'object',
       properties: {
-        period: { type: 'string', enum: ['today', '7d', '30d', 'all'], description: 'Time window (default 7d).' },
-        metric: { type: 'string', enum: ['tokens', 'cost', 'sessions', 'routing'], description: 'Which metric to render (default tokens).' }
+        period: { type: 'string', enum: ['today', '7d', '30d', 'all'], default: '7d', description: 'Time window (default 7d).' },
+        metric: { type: 'string', enum: ['tokens', 'cost', 'sessions', 'routing'], default: 'tokens', description: 'Which metric to render (default tokens).' }
       },
       required: []
     }
@@ -1072,7 +1060,7 @@ const TOOLS = [
   UPDATE_APPLY_TOOL,
   {
     name: 'ijfw_run',
-    description: 'Run a shell command. For commands likely to produce large output (builds, test suites, grep -r, log tails), use this instead of Bash -- full output is sandboxed to disk and a smart summary is returned to context. For git/nav/quick ops, use Bash directly.',
+    description: 'Run a shell command. For commands likely to produce large output (builds, test suites, grep -r, log tails), use this instead of Bash -- full output is sandboxed to disk and a smart summary is returned to context. For git/nav/quick ops, use Bash directly. Also accepts colon-namespaced commands instead of a shell line: "compute:python", "compute:js", "index:<source>", "detect:project_type".',
     inputSchema: {
       type: 'object',
       properties: {
@@ -1088,10 +1076,10 @@ const TOOLS = [
     // Absorbs the retired ijfw_subagent_post_done tool (post-done IS a state
     // transition → reachable as the `subagent.post-done` verb). All 20 frozen
     // verbs from STATE-SDK-CONTRACT §7 are reachable through this one tool,
-    // keeping the MCP cap at 12/12. The same `query(verb, payload, ctx)` core
+    // keeping the MCP cap at 13/13. The same `query(verb, payload, ctx)` core
     // is also exposed as a JS import and a CLI colon-namespace (`ijfw state:<verb>`).
     name: 'ijfw_state',
-    description: 'State-SDK verb facade — invoke any of the 20 frozen verbs (workflow.*, wave.*, phase.*, subagent.*, event.emit, telemetry.record, roster.*, extension.set-active, decision.add, blocker.*, state.replay, state.validate) over the canonical physical state files. Single MCP face for the state-SDK; subagent.post-done is the verb that absorbed the retired ijfw_subagent_post_done tool. Returns the verb result with `ok` + `verbId` + verb-specific fields (see STATE-SDK-CONTRACT §7).',
+    description: 'State-SDK verb facade — invoke any of the 20 frozen verbs over the canonical physical state files. The 20 verbs: workflow.get, workflow.set-phase, wave.get, wave.advance, wave.record-task, phase.plan-check, phase.complete, subagent.dispatch, subagent.checkpoint, subagent.post-done, event.emit, telemetry.record, roster.synthesize, roster.record, extension.set-active, decision.add, blocker.add, blocker.resolve, state.replay, state.validate. Single MCP face for the state-SDK; subagent.post-done is the verb that absorbed the retired ijfw_subagent_post_done tool. Returns the verb result with `ok` + `verbId` + verb-specific fields (see STATE-SDK-CONTRACT §7).',
     inputSchema: {
       type: 'object',
       properties: {
@@ -1110,15 +1098,16 @@ const TOOLS = [
     // (codex/gemini/claude by default) in parallel; if verdicts diverge,
     // re-runs with a CYCLE_SUMMARY of the disagreement until consensus or
     // maxIterations (default 3).  Stall breaker halts on byte-identical
-    // iterations.  Fills the 12th tool-cap slot.
+    // iterations.  Slot 12 of the 13/13 tool cap.
     name: 'ijfw_cross_audit_converge',
     description: 'Multi-lens Trident audit with consensus convergence loop. Dispatches codex/gemini/claude in parallel against a commit range, detects verdict divergence, and re-runs with a cycle summary until consensus or maxIterations. Returns {verdict, iterations, findings, divergence?, stalled?}. Verdict: PASS / CONDITIONAL / FAIL / consensus_failed / UNREACHABLE.',
     inputSchema: {
       type: 'object',
       properties: {
         commitRange:   { type: 'string',  description: 'Git commit range to audit (e.g. "HEAD~1..HEAD", "main..feature/x"). Required.' },
-        maxIterations: { type: 'number',  description: 'Max convergence iterations (default 3). 1 → single-shot (fallback mode).' },
+        maxIterations: { type: 'number',  minimum: 1, maximum: 10, description: 'Max convergence iterations (default 3, capped at 10). 1 → single-shot (fallback mode).' },
         lenses:        { type: 'array',   items: { type: 'string' }, description: 'Lens ids to dispatch (default ["codex","gemini","claude"]).' },
+        autoFix:       { type: 'boolean', description: 'v1.5.1 (T27) — opt-in consensus auto-fix. When true, after a non-PASS convergence the consensus code-fixer AUTOMATICALLY MODIFIES CODE: it runs an atomic per-finding fix loop (one revertable git commit per fix) over HIGH findings that 2+ lenses agreed on. SAFETY BOUNDS: the fixer can only write files inside the audited project root (path-containment guard refuses out-of-root paths) and touches at most 10 distinct files per run (change cap — beyond it it stops and reports rather than mass-rewriting). Logic bugs are deferred to humans, never auto-patched. Results surface on result.autoFix without changing the verdict. Default false — the audit is read-only unless you explicitly opt in.' },
       },
       required: ['commitRange'],
     },
@@ -1272,6 +1261,69 @@ function handleRecall({ context_hint, detail_level = 'standard', from_project })
   return { text: results.map(r => `[${r.source}] ${r.content}`).join('\n') };
 }
 
+// v1.5.1 R4-H2 — wire the v1.5.0 memory-moat to the real write path.
+//
+// M1 (Obsidian wikilink/tag/meta indexing -> memory_links/_tags/_meta) and
+// M2 (A-Mem auto-linking) only fire inside memory/fts5.js#indexEntry. But the
+// production memory writers never called indexEntry: handleStore wrote the
+// markdown journal only, and search.js#autoIndex did a raw INSERT. So the
+// memory-moat's flagship — "memory that learns about you" — ran ONLY in the
+// benchmark harness. This helper routes a real ijfw_store through indexEntry,
+// which in one atomic INSERT also fires M1 (synchronous, idempotent) + M2
+// (fire-and-forget, env-gated via IJFW_AUTOLINK_OFF, budget-capped).
+//
+// Best-effort + fire-and-forget: handleStore stays synchronous and a missing
+// driver / unmigrated schema / DB error never breaks the markdown-or-JSONL
+// store path. The journal markdown remains the source of truth (hot tier);
+// the FTS5 row is the warm-tier mirror. Dedup safety: handleStore previously
+// did NO DB INSERT at all, so this is a NEW row, not a duplicate of an
+// existing write. search.js#autoIndex only batch-rebuilds when the FTS table
+// is empty (rowCount === 0) — it will skip an already-populated table — so a
+// store followed by a search cannot double-index the same entry.
+async function indexStoredEntryToFts5({ body, source, sessionId }) {
+  if (typeof body !== 'string' || body.length === 0) return null;
+  const fts5Mod = await import('./memory/fts5.js');
+  const root = process.env.IJFW_PROJECT_DIR || PROJECT_DIR;
+  const db = await fts5Mod.openDb(root);
+  try {
+    // indexEntry runs the ingest scrub gate + M1 indexObsidianRelations +
+    // M2 autoLink internally. body is already sanitised + redacted by the
+    // handleStore caller; the scrub gate re-running over already-clean text
+    // is idempotent.
+    const inserted = fts5Mod.indexEntry(db, {
+      body,
+      source: source || 'memory_store',
+      session_id: sessionId || null,
+    });
+    // indexEntry dispatches M2 autoLink + the D2 graph auto-index as
+    // fire-and-forget promises that still hold the db handle. We own the
+    // handle here, so we MUST let those settle before closing the db —
+    // otherwise autoLink races into a "database connection is not open"
+    // error. Capture the promise references SYNCHRONOUSLY right after
+    // indexEntry returns (no await in between) so an interleaved store
+    // can't overwrite the module-level statics before we read them. Both
+    // promises swallow their own failures, so awaiting them never rejects.
+    // This keeps M2 wired on the real store path without changing
+    // handleStore's fire-and-forget contract (the caller already treats
+    // this whole function as fire-and-forget).
+    const autoLinkP = fts5Mod.indexEntry.__lastAutoLinkPromise;
+    const autoIndexP = typeof fts5Mod.__getLastAutoIndexPromise === 'function'
+      ? fts5Mod.__getLastAutoIndexPromise()
+      : null;
+    try { await autoLinkP; } catch { /* swallowed by indexEntry */ }
+    try { await autoIndexP; } catch { /* swallowed by indexEntry */ }
+    return inserted;
+  } finally {
+    try { fts5Mod.closeDb(db); } catch { /* best-effort */ }
+  }
+}
+
+// Diagnostic hook for tests — holds the most recent FTS5/M1/M2 indexing
+// promise fired by handleStore so end-to-end tests can await deterministic
+// completion before asserting on memory_links / memory_tags. Production
+// callers do not read this.
+handleStore.__lastIndexPromise = null;
+
 function handleStore({ content, type, tags = [], summary, why, how_to_apply }) {
   // --- Input Validation ---
   if (!content || typeof content !== 'string') {
@@ -1304,13 +1356,22 @@ function handleStore({ content, type, tags = [], summary, why, how_to_apply }) {
 
   // Sanitize ALL text fields -- never store raw user/agent text in markdown
   // that gets re-injected into a future LLM context.
-  const safeContent = sanitizeContent(content);
+  //
+  // v1.5.1 R4-H3 — secret redaction. sanitizeContent strips prompt-injection
+  // control chars but does NOT scrub secret-shaped tokens (API keys, OAuth
+  // secrets). Without this, a secret pasted into a direct ijfw_store call
+  // lands in .ijfw/memory/*.md cleartext and re-injects into every future
+  // recall. The redactor is already wired into the FTS5 ingest path
+  // (memory/fts5.js#indexEntry) and the auto-memorize path; this closes the
+  // direct MCP store as the one remaining bypass. Redact AFTER sanitize so
+  // the redaction labels ([REDACTED:*]) are never themselves scrubbed.
+  const safeContent = redactSecrets(sanitizeContent(content));
   if (!safeContent) {
     return { text: 'content was empty after sanitisation (only control/format chars).', isError: true };
   }
-  const safeSummary = summary ? sanitizeContent(summary).substring(0, 120) : '';
-  const safeWhy = why ? sanitizeContent(why) : '';
-  const safeHow = how_to_apply ? sanitizeContent(how_to_apply) : '';
+  const safeSummary = summary ? redactSecrets(sanitizeContent(summary)).substring(0, 120) : '';
+  const safeWhy = why ? redactSecrets(sanitizeContent(why)) : '';
+  const safeHow = how_to_apply ? redactSecrets(sanitizeContent(how_to_apply)) : '';
 
   const tagStr = tags.length > 0 ? ` [${tags.join(', ')}]` : '';
   const journalEntry = `**${type}**${tagStr}: ${safeSummary || safeContent.substring(0, 200)}`;
@@ -1345,6 +1406,27 @@ function handleStore({ content, type, tags = [], summary, why, how_to_apply }) {
     return { text: `Memory journal is not writable (${journalResult.code}) -- check .ijfw/ directory permissions and retry.`, isError: true };
   }
 
+  // v1.5.1 R4-H2 — mirror the stored entry into the FTS5 warm tier, which
+  // also fires M1 (Obsidian indexing) + M2 (A-Mem auto-linking). Index the
+  // full content (already sanitised + redacted above) so [[wikilinks]],
+  // #tags and [key:: value] metadata land in memory_links/_tags/_meta and
+  // the auto-linker sees the real body. Fire-and-forget: handleStore stays
+  // synchronous and a DB failure never breaks the markdown store. The
+  // promise is exposed for tests that need deterministic completion.
+  try {
+    handleStore.__lastIndexPromise = indexStoredEntryToFts5({
+      body: safeContent,
+      source: `memory_store:${type}`,
+      sessionId: null,
+    }).catch((e) => {
+      try { console.error('[ijfw memory] FTS5/M1/M2 index failed:', e?.message || e); } catch { /* never throw */ }
+      return null;
+    });
+  } catch (e) {
+    handleStore.__lastIndexPromise = null;
+    try { console.error('[ijfw memory] FTS5 index dispatch failed:', e?.message || e); } catch { /* never throw */ }
+  }
+
   // H5.5 — Fact extraction AFTER successful append. Best-effort: a failure
   // here is logged in the return text but does NOT poison the store result.
   // Memory-id ties facts.jsonl rows back to their journal entry.
@@ -1848,32 +1930,6 @@ function handleMetrics({ period = '7d', metric = 'tokens' } = {}) {
   return { text: out.join('\n') };
 }
 
-function handleStatus() {
-  const sessionCount = getSessionCount();
-  const decisionCount = getDecisionCount();
-  const hasKnowledge = existsSync(join(MEMORY_DIR, 'knowledge.md'));
-  const hasHandoff = existsSync(join(MEMORY_DIR, 'handoff.md'));
-  const hasGlobal = readGlobalKnowledge().trim().length > 0;
-
-  const parts = [];
-  if (hasKnowledge) {
-    const kb = readKnowledgeBase();
-    const kbLines = kb.split('\n').filter(l => l.trim().startsWith('**')).length;
-    parts.push(`Knowledge: ${kbLines} entries`);
-  }
-  if (sessionCount > 0 || decisionCount > 0) {
-    parts.push(`History: ${sessionCount} sessions, ${decisionCount} decisions`);
-  }
-  if (hasHandoff) {
-    const handoff = readHandoff();
-    const statusLine = handoff.split('\n').find(l => l.trim().length > 0 && !l.startsWith('<!--') && !l.startsWith('#'));
-    if (statusLine) parts.push(`Last: ${statusLine.trim().substring(0, 150)}`);
-  }
-  if (hasGlobal) parts.push('Project preferences loaded');
-
-  return { text: parts.join('\n') || 'Fresh project -- no memory yet.' };
-}
-
 // --- MCP Protocol Handler (JSON-RPC 2.0 over stdio) ---
 
 function createResponse(id, result) {
@@ -1999,9 +2055,74 @@ function handleMessage(msg) {
                 lenses: Array.isArray(a.lenses) && a.lenses.length > 0 ? a.lenses : undefined,
                 dispatch: defaultConvergeDispatch,
                 projectRoot: process.cwd(),
+                // v1.5.1 R4-H4 — opt-in consensus auto-fix (T27). Threaded
+                // from the tool schema so the code-fixer can genuinely fire;
+                // default false so the audit stays non-mutating unless the
+                // caller explicitly asks for it.
+                autoFix: a.autoFix === true,
               });
               const isErr = r.verdict === 'consensus_failed' || r.verdict === 'FAIL' || r.verdict === 'UNREACHABLE';
-              result = { text: JSON.stringify(r, null, 2), isError: isErr };
+              // v1.5.1 W2.D — emit a canonical gate-result block through the
+              // gate-result-formatter so this Trident-as-a-service surface is
+              // consistent with the Trident gate (dispatch.js) and preflight
+              // gates. appendGateResult guarantees the fenced block is the
+              // LAST content emitted and is idempotent. Failure to format the
+              // block must NOT clobber the verdict payload — observability,
+              // not correctness.
+              let convergeText = JSON.stringify(r, null, 2);
+              try {
+                const { emitGateResult } = await import('./gate-result.js');
+                const { appendGateResult } = await import('./gate-result-formatter.js');
+                // Map the converge verdict onto a schema-valid gate status.
+                const VERDICT_TO_STATUS = {
+                  PASS: 'PASS',
+                  CONDITIONAL: 'CONDITIONAL',
+                  WARN: 'WARN',
+                  FLAG: 'FLAG',
+                  FAIL: 'FAIL',
+                  consensus_failed: 'FAIL',
+                  UNREACHABLE: 'FAIL',
+                  INCONCLUSIVE: 'FLAG',
+                };
+                const gateStatus = VERDICT_TO_STATUS[r.verdict] || 'FLAG';
+                const block = await emitGateResult(
+                  {
+                    gate: 'cross-audit',
+                    status: gateStatus,
+                    lenses: [],
+                    affected_artifacts: [],
+                    accounting: {
+                      duration_ms:
+                        typeof r.duration_ms === 'number' ? r.duration_ms : 0,
+                      lenses_invoked: Array.isArray(a.lenses)
+                        ? a.lenses.length
+                        : 0,
+                      cost_usd: null,
+                    },
+                    remediation: [],
+                  },
+                  { projectRoot: process.cwd() },
+                );
+                // emitGateResult returns the fenced block as a string; the
+                // formatter validates it back into an object before append.
+                const parsed = JSON.parse(
+                  block.replace(/^```gate-result\n/, '').replace(/\n```$/, ''),
+                );
+                convergeText = appendGateResult(convergeText, parsed);
+              } catch (gateErr) {
+                try {
+                  const msg =
+                    gateErr && gateErr.message
+                      ? gateErr.message
+                      : String(gateErr);
+                  process.stderr.write(
+                    `ijfw: cross_audit_converge gate-result emit failed: ${msg}\n`,
+                  );
+                } catch {
+                  /* never crash the tool on a logging-channel failure */
+                }
+              }
+              result = { text: convergeText, isError: isErr };
             } catch (err) {
               result = { text: JSON.stringify({ error: err && err.message ? err.message : String(err) }), isError: true };
             }
@@ -2038,9 +2159,6 @@ function handleMessage(msg) {
             result = await handleSearch(searchArgs);
             break;
           }
-          case 'ijfw_memory_status':
-            result = handleStatus();
-            break;
           case 'ijfw_memory_prelude':
             result = await handlePrelude(args || {});
             break;
@@ -2153,6 +2271,27 @@ function handleMessage(msg) {
   }
 }
 
+// --- B17 WebSocket revocation client (dynamic-import gate) ---
+// extension-registry-ws.js is dormant by default. Its docstring contract:
+// "Imported via `await import(...)` ONLY when `process.env.IJFW_REGISTRY_WS_URL`
+// is set at startup." Firing the gate here at MCP startup keeps the module out
+// of the import graph entirely unless the operator opts in via the env var, so
+// MCP startup never opens a socket for the common (unset) case. Best-effort:
+// a failed WS bind must never block the stdio transport.
+if (process.env.IJFW_REGISTRY_WS_URL || process.env.IJFW_REGISTRY_WS_SOURCE) {
+  (async () => {
+    try {
+      const { initWsClient } = await import('./extension-registry-ws.js');
+      const res = await initWsClient();
+      if (!res.ok) {
+        process.stderr.write(`IJFW: WS revocation client not started: ${res.error}\n`);
+      }
+    } catch (err) {
+      process.stderr.write(`IJFW: WS revocation client init failed: ${err && err.message ? err.message : err}\n`);
+    }
+  })();
+}
+
 // --- stdio Transport ---
 const rl = createInterface({ input: process.stdin, terminal: false });
 

package/src/swarm-config.js

@@ -53,20 +53,24 @@ const V150_SPECIALISTS = [
   RELEASE_ENG, DOC_WRITER, ACCESSIBILITY_ENG,
 ];
 
-// F-FUN-3 (audit-MED-teams-#6): non-software domain specialists. Mirrors
-// the fixture role definitions so we don't duplicate prompts; the IDs here
-// are the *bench* names the swarm config tracks. Selecting a non-software
-// archetype yields a bench tailored to the domain (book gets story-architect,
-// not accessibility-eng). Software remains the default to preserve back-compat.
-const STORY_ARCHITECT     = { id: 'story-architect',    role: 'Plot + structure architecture', agent_type: 'ijfw-story-architect',    since: '1.5.0' };
-const CONTINUITY_EDITOR   = { id: 'continuity-editor',  role: 'Timeline + voice continuity',   agent_type: 'ijfw-continuity-editor',  since: '1.5.0' };
-const PROSE_STYLIST       = { id: 'prose-stylist',      role: 'Sentence-level voice + pacing', agent_type: 'ijfw-prose-stylist',      since: '1.5.0' };
-
-const CAMPAIGN_STRATEGIST = { id: 'campaign-strategist', role: 'Audience + funnel strategy',   agent_type: 'ijfw-campaign-strategist', since: '1.5.0' };
-const COPY_EDITOR         = { id: 'copy-editor',         role: 'Channel-aware copy editing',   agent_type: 'ijfw-copy-editor',         since: '1.5.0' };
-
-const RESEARCH_LEAD       = { id: 'research-lead',       role: 'Methodology + literature review', agent_type: 'ijfw-research-lead',    since: '1.5.0' };
-const DATA_ANALYST        = { id: 'data-analyst',        role: 'Quantitative analysis',         agent_type: 'ijfw-data-analyst',        since: '1.5.0' };
+// v1.5.1 W1.5.D — non-software domain specialists, aligned with T26
+// domain-templates (the canonical agent-id spec per ADR
+// .planning/1.5.1/decisions/W1.5-canonical-source.md). Every `agent_type`
+// here MUST resolve to a real `claude/agents/<id>.md` file on disk; the 5
+// phantom constants that previously lived here (STORY_ARCHITECT,
+// CONTINUITY_EDITOR, PROSE_STYLIST, COPY_EDITOR, DATA_ANALYST) were deleted
+// because no markdown shipped for them.
+const NARRATIVE_CONTINUITY_CHECKER = { id: 'narrative-continuity-checker', role: 'Timeline + voice continuity',     agent_type: 'ijfw-narrative-continuity-checker', since: '1.5.0' };
+const LINE_EDITOR                  = { id: 'line-editor',                  role: 'Sentence-level voice + pacing',   agent_type: 'ijfw-line-editor',                  since: '1.5.0' };
+const LORE_KEEPER                  = { id: 'lore-keeper',                  role: 'World/canon consistency',         agent_type: 'ijfw-lore-keeper',                  since: '1.5.0' };
+const CAMPAIGN_STRATEGIST          = { id: 'campaign-strategist',          role: 'Audience + funnel strategy',      agent_type: 'ijfw-campaign-strategist',          since: '1.5.0' };
+const COPY_REVIEWER                = { id: 'copy-reviewer',                role: 'Channel-aware copy editing',      agent_type: 'ijfw-copy-reviewer',                since: '1.5.0' };
+const DESIGN_CRITIC                = { id: 'design-critic',                role: 'Usability + design heuristics',   agent_type: 'ijfw-design-critic',                since: '1.5.0' };
+const ACCESSIBILITY_REVIEWER       = { id: 'accessibility-reviewer',       role: 'WCAG + a11y audit',               agent_type: 'ijfw-accessibility-reviewer',       since: '1.5.0' };
+const RESEARCH_LEAD                = { id: 'research-lead',                role: 'Methodology + literature review', agent_type: 'ijfw-research-lead',                since: '1.5.1' };
+const METHOD_REVIEWER              = { id: 'method-reviewer',              role: 'Method + bias audit',             agent_type: 'ijfw-method-reviewer',              since: '1.5.1' };
+const STRATEGY_LEAD                = { id: 'strategy-lead',                role: 'Strategy + decision quality',     agent_type: 'ijfw-strategy-lead',                since: '1.5.1' };
+const RISK_REVIEWER                = { id: 'risk-reviewer',                role: 'Feasibility + downside audit',    agent_type: 'ijfw-risk-reviewer',                since: '1.5.1' };
 
 // Per-archetype bench definitions. Keys here track the project_archetypes
 // vocabulary used by team/generator.js so a brief-detected archetype maps
@@ -76,9 +80,12 @@ const TYPED_BENCH    = [...BASE, TESTS_SPECIALIST, TYPES_SPECIALIST, DOC_VERIFIE
 const GO_RUST_BENCH  = [...BASE, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR, ...V150_SPECIALISTS];
 const OTHER_BENCH    = [...BASE, DOC_VERIFIER, PATTERN_MAPPER, SECURITY_AUDITOR, INTEGRATION_CHECKER, NYQUIST_AUDITOR, ...V150_SPECIALISTS];
 
-const BOOK_BENCH      = [STORY_ARCHITECT, CONTINUITY_EDITOR, PROSE_STYLIST, DOC_VERIFIER, NYQUIST_AUDITOR];
-const CONTENT_BENCH   = [CAMPAIGN_STRATEGIST, COPY_EDITOR, DOC_VERIFIER, NYQUIST_AUDITOR];
-const RESEARCH_BENCH  = [RESEARCH_LEAD, DATA_ANALYST, DOC_VERIFIER, NYQUIST_AUDITOR];
+const BOOK_BENCH     = [NARRATIVE_CONTINUITY_CHECKER, LINE_EDITOR, LORE_KEEPER, DOC_VERIFIER, NYQUIST_AUDITOR];
+const CONTENT_BENCH  = [CAMPAIGN_STRATEGIST, COPY_REVIEWER, DOC_VERIFIER, NYQUIST_AUDITOR];
+const DESIGN_BENCH   = [DESIGN_CRITIC, ACCESSIBILITY_REVIEWER, DOC_VERIFIER, NYQUIST_AUDITOR];
+const RESEARCH_BENCH = [RESEARCH_LEAD, METHOD_REVIEWER, DOC_VERIFIER, NYQUIST_AUDITOR];
+const BUSINESS_BENCH = [STRATEGY_LEAD, RISK_REVIEWER, DOC_VERIFIER, NYQUIST_AUDITOR];
+const MIXED_BENCH    = [...BASE, DOC_VERIFIER, DESIGN_CRITIC, CAMPAIGN_STRATEGIST, NYQUIST_AUDITOR];
 
 export const DEFAULT_SPECIALISTS = {
   // Language-keyed defaults (preserved for back-compat with v1.4.x callers
@@ -89,16 +96,17 @@ export const DEFAULT_SPECIALISTS = {
   go:     GO_RUST_BENCH,
   rust:   GO_RUST_BENCH,
   other:  OTHER_BENCH,
-  // Archetype-keyed defaults (new in v1.5.0 audit-MED-teams-#6) -- selected
-  // when the caller hands in a project archetype from the team detector.
+  // Archetype-keyed defaults (new in v1.5.0 audit-MED-teams-#6; bench
+  // mis-mappings fixed in v1.5.1 W1.5.D so every agent_type resolves to a
+  // real claude/agents/<id>.md file on disk).
   software:  SOFTWARE_BENCH,
   book:      BOOK_BENCH,
   content:   CONTENT_BENCH,
   marketing: CONTENT_BENCH,
   research:  RESEARCH_BENCH,
-  design:    CONTENT_BENCH,
-  business:  SOFTWARE_BENCH,
-  mixed:     SOFTWARE_BENCH,
+  design:    DESIGN_BENCH,       // v1.5.1 W1.5.D: was CONTENT_BENCH (mis-mapped)
+  business:  BUSINESS_BENCH,     // v1.5.1 W1.5.D: was SOFTWARE_BENCH (mis-mapped)
+  mixed:     MIXED_BENCH,        // v1.5.1 W1.5.D: was SOFTWARE_BENCH (mis-mapped)
 };
 
 // F-FUN-3: helper -- pick the right bench for a (language, archetype) pair.

package/src/team/domain-templates/business.json

@@ -3,7 +3,10 @@
   "domain": "business",
   "display_name": "Business / Strategy",
   "description": "Business plans, strategy memos, GTM plans, investor decks, OKRs, and operational roadmaps.",
-  "agent_ids": [],
+  "agent_ids": [
+    "ijfw-strategy-lead",
+    "ijfw-risk-reviewer"
+  ],
   "agent_id_source": "domain-specialist",
   "workflow_phases": ["diagnose", "plan", "decide", "review"],
   "brief_fields": [

package/src/team/domain-templates/research.json

@@ -3,7 +3,10 @@
   "domain": "research",
   "display_name": "Research / Analysis",
   "description": "Academic papers, whitepapers, literature reviews, studies, and investigative analysis.",
-  "agent_ids": [],
+  "agent_ids": [
+    "ijfw-research-lead",
+    "ijfw-method-reviewer"
+  ],
   "agent_id_source": "domain-specialist",
   "workflow_phases": ["question", "collect", "synthesize", "review"],
   "brief_fields": [