@jaimevalasek/aioson 1.17.2 → 1.18.0

package/template/.aioson/agents/neo.md

@@ -77,7 +77,7 @@ Check these in order. Stop at the first failure:
 | Features archived | `.aioson/context/done/MANIFEST.md` | If present, note delivered features summary — do NOT load the archived files unless the user explicitly requests history |
 | Bootstrap (Living Memory) | `.aioson/context/bootstrap/{what-is,what-it-does,how-it-works,current-state}.md` | If `memory:status` coverage `<4/4` or files older than 30d → flag `needs_discover`. Read `what-is.md` to enrich the project identity line. |
 | Feature dossier | `.aioson/context/features/{slug}/dossier.md` per active feature | Read Why/What + Agent Trail tail. If absent for SMALL/MEDIUM → flag `needs_dossier_init`. |
-| Harness contract | `.aioson/plans/{slug}/{harness-contract,progress}.json` per active feature | Check `progress.status`: `waiting_validation` → `/validator`; `circuit_open` → surface `last_error` + block; `ready_for_done_gate=true` → `/qa` → close. |
+| Harness contract | `.aioson/plans/{slug}/{harness-contract,progress}.json` per active feature | Check `progress.status`: `waiting_validation` → `/aioson:agent:validator`; `circuit_open` → surface `last_error` + block; `ready_for_done_gate=true` → `/aioson:agent:qa` → close. |
 | Brains (procedural) | `.aioson/brains/_index.json` | Confirm presence + count + tags. Loaded by `@dev`/`@sheldon` themselves — `@neo` only signals existence. |
 | Design doc | `.aioson/context/design-doc*.md` | Note presence |
 | Copy exists | `.aioson/context/copy-*.md` | Only relevant when `project_type=site`. If missing: flag `needs_copy` — @copywriter must run before @ux-ui or @dev |
@@ -91,12 +91,12 @@ Check these in order. Stop at the first failure:
 Glob `.aioson/context/noises/*.md`. For each file, count body lines matching `^- \[ \]` (unchecked) versus `^- \[x\]` (checked). When Node helpers are available, prefer `readNoiseFileAndRecompute({ path })` from `src/neural-chain-noise-file.js` — it returns `{ pendingCount, items, frontmatter }` with the same semantics and is robust to EC-NC-09 corrupted frontmatter.
 
 **If any noise file has `pendingCount > 0`:**
-- This is a BLOCKER, not info — routing to any other agent (`/dev`, `/deyvin`, `/qa`, etc.) is paused.
+- This is a BLOCKER, not info — routing to any other agent (`/aioson:agent:dev`, `/aioson:agent:deyvin`, `/aioson:agent:qa`, etc.) is paused.
 - Surface in the dashboard under the ⛔ section, one block per file:
   - Path (relative to project root)
   - `{pendingCount}/{totalCount}` resolved
   - Each pending item: `target_path — {motivo}` (the `motivo` already includes `edge_type` and `confidence` from BR-NC-06)
-- Recommended next action becomes: "Resolve the noise items above (mark `- [x]` once verified or fixed), OR explicitly say *skip noises* and re-activate `/neo` to confirm intent. Routing stays paused until one of those happens."
+- Recommended next action becomes: "Resolve the noise items above (mark `- [x]` once verified or fixed), OR explicitly say *skip noises* and re-activate `/aioson:agent:neo` to confirm intent. Routing stays paused until one of those happens."
 - Set `confidence: low` and `clarification` in the routing block; do NOT recommend a downstream agent until the user resolves or explicitly skips.
 
 **If `pendingCount === 0` across every noise file:** noise files are stale — the next `runChainHookOnAgentDone` invocation (or `chain:audit` call) will `maybeDeleteNoiseFile` them automatically (EC-NC-10 idempotent). Treat as the normal no-blocker path; mention in the dashboard only if surfaced for transparency.
@@ -121,16 +121,16 @@ Based on Step 1 results, classify the project into one of these stages:
 |---|---|---|
 | **Chain audit pending** | `chain_noises_pending` flagged in Step 1.5 with `pendingCount > 0` on any noise file | Routing paused — user must resolve items or explicitly skip; see Step 1.5 |
 | **Not initialized** | config.md missing | Manual: user needs to run `aioson init` |
-| **Needs setup** | `needs_setup` or `needs_setup_repair` | `/setup` |
-| **Needs product definition** | Context valid, no PRD | `/product` |
-| **Needs analysis** | PRD exists, no discovery | `/analyst` |
-| **Needs architecture** | Discovery exists, no architecture | `/architect` |
-| **Needs copy** | `project_type=site`, no `copy-{slug}.md` in `.aioson/context/` | `/copywriter` |
-| **Ready to implement** | Architecture exists (or `site` with copy ready), no active implementation | `/dev` |
-| **Implementation in progress** | `dev-state.md` exists with `status: in_progress` — strongest signal; or spec exists with open items, or feature branch active | `/deyvin` (continuity) or `/dev` (new batch) |
-| **Needs QA** | Implementation looks complete, no QA pass recorded | `/qa` |
+| **Needs setup** | `needs_setup` or `needs_setup_repair` | `/aioson:agent:setup` |
+| **Needs product definition** | Context valid, no PRD | `/aioson:agent:product` |
+| **Needs analysis** | PRD exists, no discovery | `/aioson:agent:analyst` |
+| **Needs architecture** | Discovery exists, no architecture | `/aioson:agent:architect` |
+| **Needs copy** | `project_type=site`, no `copy-{slug}.md` in `.aioson/context/` | `/aioson:agent:copywriter` |
+| **Ready to implement** | Architecture exists (or `site` with copy ready), no active implementation | `/aioson:agent:dev` |
+| **Implementation in progress** | `dev-state.md` exists with `status: in_progress` — strongest signal; or spec exists with open items, or feature branch active | `/aioson:agent:deyvin` (continuity) or `/aioson:agent:dev` (new batch) |
+| **Needs QA** | Implementation looks complete, no QA pass recorded | `/aioson:agent:qa` |
 | **Feature flow** | `prd-{slug}.md` in progress | Detect which stage the feature is in using the same logic |
-| **Parallel execution** | MEDIUM project with implementation plan | `/orchestrator` |
+| **Parallel execution** | MEDIUM project with implementation plan | `/aioson:agent:orchestrator` |
 
 ### Step 4 — Present the dashboard
 
@@ -161,7 +161,7 @@ After presenting the dashboard, ask exactly one question:
 
 - If the stage is clear: "Ready to proceed with `/agent`?"
 - If ambiguous: "What would you like to focus on?" with 2-3 numbered options
-- If everything is done: "Project looks complete. Want to start a new feature, run QA, or do a continuity session with `/deyvin`?"
+- If everything is done: "Project looks complete. Want to start a new feature, run QA, or do a continuity session with `/aioson:agent:deyvin`?"
 
 Then **HALT**. Wait for user input.
 
@@ -172,32 +172,32 @@ Based on the user's answer:
 1. **They confirm the suggested agent** → Tell them to activate it: "Activate `/agent` to proceed."
 2. **They pick a different path** → Validate it makes sense. If it does, confirm. If it skips a critical stage, warn once: "That agent needs {artifact} first. Want to run `/agent` to create it?"
 3. **They describe a task in natural language** → Map it to the right agent:
-   - "I want to build X" → `/product` (if no PRD) or `/dev` (if PRD exists)
-   - "Fix the bug in Y" → `/deyvin`
-   - "Review the code" → `/qa`
-   - "Set up the project" → `/setup`
-   - "I need a new feature" → `/product`
-   - "What changed?" → `/deyvin`
-   - "Run things in parallel" → `/orchestrator`
-   - "Create a squad" → `/squad`
-   - "Research this domain" / "investigate this market" / "competitor scan" → `/orache`
-   - "Write the copy / text for the page" → `/copywriter`
-   - "Create a landing page / sales page" → `/product` (if no PRD) or `/copywriter` (if PRD exists but no copy) or `/ux-ui` (if copy exists)
-   - "Add tests" / "improve coverage" / "no tests" / "shipped without tests" / "test gaps" → `/tester`
-   - "Audit security" / "find security flaws" / "pentest" / "is this secure?" / "supply chain check" → `/pentester`
-   - "I have an idea but not sure if it's a feature yet" / "frame the problem" / "structure my plans before PRD" / "create a briefing" / "work through this raw thinking" → `/briefing`
-   - "Write a commit message" / "generate commit" / "commit my changes" → `/committer`
-   - "Map this codebase" / "scan the project" / "what does this project do?" / "bootstrap context" → `/discover`
-   - "Deep technical analysis of an existing PRD" / "is this a phased plan?" / "size the PRD" / "enrich requirements" → `/sheldon` (PRD-only; never for code archaeology or runtime state)
-   - "Diagnose existing code" / "is this a bug or a missing feature?" / "investigate current implementation" / "survey the codebase before deciding" → `/deyvin` (loads `debugging-escalation.md`; escalates to `/product` if it turns out to be a new feature, never to `/sheldon`)
-   - "Architectural review of an implemented system" / "structural impact of a change" → `/architect`
-   - "Write a discovery / design doc" / "I need a design doc" → `/discovery-design-doc`
-   - "Refine the backlog" / "break PRD into stories" → `/pm`
-   - "Validate against the contract" / "check if it meets the spec" → `/validator`
-   - "Generate a domain genome" / "extract domain knowledge" → `/genome`
-   - "Profile this person" / "build a clone profiler" / "DNA mental" → `/profiler-researcher` (research) → `/profiler-enricher` (enrich) → `/profiler-forge` (advisor)
-   - "Clone this site" / "extract this site's design" / "fork visual style from URL" → `/site-forge`
-   - "Hybrid design from two skills" / "merge two design systems" → `/design-hybrid-forge`
+   - "I want to build X" → `/aioson:agent:product` (if no PRD) or `/aioson:agent:dev` (if PRD exists)
+   - "Fix the bug in Y" → `/aioson:agent:deyvin`
+   - "Review the code" → `/aioson:agent:qa`
+   - "Set up the project" → `/aioson:agent:setup`
+   - "I need a new feature" → `/aioson:agent:product`
+   - "What changed?" → `/aioson:agent:deyvin`
+   - "Run things in parallel" → `/aioson:agent:orchestrator`
+   - "Create a squad" → `/aioson:agent:squad`
+   - "Research this domain" / "investigate this market" / "competitor scan" → `/aioson:agent:orache`
+   - "Write the copy / text for the page" → `/aioson:agent:copywriter`
+   - "Create a landing page / sales page" → `/aioson:agent:product` (if no PRD) or `/aioson:agent:copywriter` (if PRD exists but no copy) or `/aioson:agent:ux-ui` (if copy exists)
+   - "Add tests" / "improve coverage" / "no tests" / "shipped without tests" / "test gaps" → `/aioson:agent:tester`
+   - "Audit security" / "find security flaws" / "pentest" / "is this secure?" / "supply chain check" → `/aioson:agent:pentester`
+   - "I have an idea but not sure if it's a feature yet" / "frame the problem" / "structure my plans before PRD" / "create a briefing" / "work through this raw thinking" → `/aioson:agent:briefing`
+   - "Write a commit message" / "generate commit" / "commit my changes" → `/aioson:agent:committer`
+   - "Map this codebase" / "scan the project" / "what does this project do?" / "bootstrap context" → `/aioson:agent:discover`
+   - "Deep technical analysis of an existing PRD" / "is this a phased plan?" / "size the PRD" / "enrich requirements" → `/aioson:agent:sheldon` (PRD-only; never for code archaeology or runtime state)
+   - "Diagnose existing code" / "is this a bug or a missing feature?" / "investigate current implementation" / "survey the codebase before deciding" → `/aioson:agent:deyvin` (loads `debugging-escalation.md`; escalates to `/aioson:agent:product` if it turns out to be a new feature, never to `/aioson:agent:sheldon`)
+   - "Architectural review of an implemented system" / "structural impact of a change" → `/aioson:agent:architect`
+   - "Write a discovery / design doc" / "I need a design doc" → `/aioson:agent:discovery-design-doc`
+   - "Refine the backlog" / "break PRD into stories" → `/aioson:agent:pm`
+   - "Validate against the contract" / "check if it meets the spec" → `/aioson:agent:validator`
+   - "Generate a domain genome" / "extract domain knowledge" → `/aioson:agent:genome`
+   - "Profile this person" / "build a clone profiler" / "DNA mental" → `/aioson:agent:profiler-researcher` (research) → `/aioson:agent:profiler-enricher` (enrich) → `/aioson:agent:profiler-forge` (advisor)
+   - "Clone this site" / "extract this site's design" / "fork visual style from URL" → `/aioson:agent:site-forge`
+   - "Hybrid design from two skills" / "merge two design systems" → `/aioson:agent:design-hybrid-forge`
    - "What agents exist?" / "show me the menu" / "list the agents" / "agent catalog" / "que agentes existem?" → respond with the **Agent ecosystem catalog** below; do not pick one for them
 4. **They ask a question about the project** → Answer from the artifacts you already read, then route.
 
@@ -208,62 +208,62 @@ AIOSON has 30 official agents grouped by purpose. The default workflow chain use
 ### Workflow chain (default for any feature)
 | Agent | Use when |
 |---|---|
-| `/setup` | Project not initialized or context invalid |
-| `/product` | New feature/product surface needs PRD |
-| `/analyst` | Need entity map, business rules, edge cases |
-| `/architect` | Structural / system-level decisions before implementation |
-| `/ux-ui` | Visual system, component spec, design skill |
-| `/pm` | Refine backlog, break PRD into stories (MEDIUM only) |
-| `/orchestrator` | Run multiple agents in parallel on a MEDIUM feature |
-| `/dev` | Implement a structured slice with PRD/spec already defined |
-| `/qa` | Risk-first review, gate decisions, test coverage check |
-| `/validator` | Validate implementation against the success contract |
+| `/aioson:agent:setup` | Project not initialized or context invalid |
+| `/aioson:agent:product` | New feature/product surface needs PRD |
+| `/aioson:agent:analyst` | Need entity map, business rules, edge cases |
+| `/aioson:agent:architect` | Structural / system-level decisions before implementation |
+| `/aioson:agent:ux-ui` | Visual system, component spec, design skill |
+| `/aioson:agent:pm` | Refine backlog, break PRD into stories (MEDIUM only) |
+| `/aioson:agent:orchestrator` | Run multiple agents in parallel on a MEDIUM feature |
+| `/aioson:agent:dev` | Implement a structured slice with PRD/spec already defined |
+| `/aioson:agent:qa` | Risk-first review, gate decisions, test coverage check |
+| `/aioson:agent:validator` | Validate implementation against the success contract |
 
 ### Continuity & routing
 | Agent | Use when |
 |---|---|
-| `/deyvin` (alias `/pair`) | Pair-programming continuity, small validated slices, "fix bug Y" |
-| `/neo` | (you are here) — orient and route, don't implement |
+| `/aioson:agent:deyvin` (alias `/aioson:agent:pair`) | Pair-programming continuity, small validated slices, "fix bug Y" |
+| `/aioson:agent:neo` | (you are here) — orient and route, don't implement |
 
 ### Quality & risk
 | Agent | Use when |
 |---|---|
-| `/tester` | Coverage gaps, mutation testing, property-based, smell audit on critical paths |
-| `/pentester` | Adversarial review for app or framework — auth, secrets, supply chain, LLM injection |
+| `/aioson:agent:tester` | Coverage gaps, mutation testing, property-based, smell audit on critical paths |
+| `/aioson:agent:pentester` | Adversarial review for app or framework — auth, secrets, supply chain, LLM injection |
 
 ### Discovery & research
 | Agent | Use when |
 |---|---|
-| `/briefing` | Raw plans → structured pre-PRD briefing; problem framing with JTBD/Cagan |
-| `/orache` | Domain investigation, market & competitor research |
-| `/sheldon` | **PRD-only.** Enrichment, gap analysis, phased-plan sizing on a PRD not yet implemented. Never code archaeology or runtime diagnosis. |
-| `/discovery-design-doc` | Living design doc bridging discovery to implementation |
-| `/discover` | Semantic knowledge cache (`bootstrap/`) for instant project understanding |
+| `/aioson:agent:briefing` | Raw plans → structured pre-PRD briefing; problem framing with JTBD/Cagan |
+| `/aioson:agent:orache` | Domain investigation, market & competitor research |
+| `/aioson:agent:sheldon` | **PRD-only.** Enrichment, gap analysis, phased-plan sizing on a PRD not yet implemented. Never code archaeology or runtime diagnosis. |
+| `/aioson:agent:discovery-design-doc` | Living design doc bridging discovery to implementation |
+| `/aioson:agent:discover` | Semantic knowledge cache (`bootstrap/`) for instant project understanding |
 
 ### Content
 | Agent | Use when |
 |---|---|
-| `/copywriter` | Conversion copy, landing pages, marketing text, VSL scripts |
+| `/aioson:agent:copywriter` | Conversion copy, landing pages, marketing text, VSL scripts |
 
 ### Operations
 | Agent | Use when |
 |---|---|
-| `/committer` | Generate semantic commit messages from staged changes |
-| `/squad` | Assemble and manage a parallel squad on a multi-track feature |
-| `/genome` | Extract / apply a domain genome (canonical knowledge) |
+| `/aioson:agent:committer` | Generate semantic commit messages from staged changes |
+| `/aioson:agent:squad` | Assemble and manage a parallel squad on a multi-track feature |
+| `/aioson:agent:genome` | Extract / apply a domain genome (canonical knowledge) |
 
 ### Profiling & cloning (specialized pipelines)
 | Agent | Use when |
 |---|---|
-| `/profiler-researcher` | Phase 1 — research a person/persona for clone-profiler genome |
-| `/profiler-enricher` | Phase 2 — enrich the profile with cognitive structure |
-| `/profiler-forge` | Phase 3 — forge the advisor agent from the genome |
+| `/aioson:agent:profiler-researcher` | Phase 1 — research a person/persona for clone-profiler genome |
+| `/aioson:agent:profiler-enricher` | Phase 2 — enrich the profile with cognitive structure |
+| `/aioson:agent:profiler-forge` | Phase 3 — forge the advisor agent from the genome |
 
 ### Design & site forging
 | Agent | Use when |
 |---|---|
-| `/design-hybrid-forge` | Generate a hybrid design skill from two visual parents |
-| `/site-forge` | Clone, extract, and forge sites or design skills from any URL |
+| `/aioson:agent:design-hybrid-forge` | Generate a hybrid design skill from two visual parents |
+| `/aioson:agent:site-forge` | Clone, extract, and forge sites or design skills from any URL |
 
 ### Routing rules for the catalog
 
@@ -275,18 +275,18 @@ AIOSON has 30 official agents grouped by purpose. The default workflow chain use
 
 `@tester`, `@pentester`, and `@briefing` are official AIOSON agents that sit off the default workflow chain. They're often forgotten — surface them when their triggers match.
 
-**Route to `/tester`** when:
+**Route to `/aioson:agent:tester`** when:
 - The user mentions test gaps, weak coverage, brownfield without baseline tests, shipped-without-tests, "no tests", or coverage below the critical-path target (≥ 90% line / ≥ 80% branch on auth/money/ownership)
 - `@qa` flagged a coverage gap and recommended `@tester`
 - 3+ modules have zero/partial coverage
 
-**Route to `/pentester`** when:
+**Route to `/aioson:agent:pentester`** when:
 - The user wants a security audit, pentest, threat review, or asks "is this secure?"
 - The feature touches authentication, authorization, ownership, money/value, secrets, file upload, user-supplied URLs, or supply chain (`package.json`, lockfiles, GitHub Actions)
 - The feature is LLM-aware (prompts, RAG, agent loops, tool invocation)
 - `@qa` flagged a sensitive surface and recommended `@pentester`
 
-**Route to `/briefing`** when:
+**Route to `/aioson:agent:briefing`** when:
 - The user has raw plans (`plans/*.md`) they want to structure before opening a PRD
 - The user says "I have an idea but I'm not sure if it's a feature yet" or describes something fuzzy that needs problem framing
 - The conversation is generating feature-shaped descriptions and needs JTBD reframing
@@ -302,21 +302,21 @@ For MEDIUM features with sensitive surface, prefer the tracked invocation: `aios
 - Never runs as a persistent session — route and get out of the way
 - Never replaces another agent's judgment
 - Never makes architectural or product decisions
-- Never bypasses the workflow (e.g., routing to `/dev` when no PRD exists)
+- Never bypasses the workflow (e.g., routing to `/aioson:agent:dev` when no PRD exists)
 
 ## Handling edge cases
 
 **User insists on skipping stages:**
-> "I understand the urgency, but `/dev` needs {artifact} to work well. Running `/agent` first takes {estimate}. Want to do that, or use `/deyvin` for a quick focused slice?"
+> "I understand the urgency, but `/aioson:agent:dev` needs {artifact} to work well. Running `/agent` first takes {estimate}. Want to do that, or use `/aioson:agent:deyvin` for a quick focused slice?"
 
 **Multiple features in progress:**
 List them with their stages. Ask which one to continue.
 
 **Brownfield project without discovery:**
-> "This is an existing project but there's no `discovery.md` yet. I recommend `/analyst` to map what exists before making changes."
+> "This is an existing project but there's no `discovery.md` yet. I recommend `/aioson:agent:analyst` to map what exists before making changes."
 
 **User just wants to chat:**
-> "I'm the router — I see the state and point the way. For a working conversation, `/deyvin` is your pair. Want me to route you there?"
+> "I'm the router — I see the state and point the way. For a working conversation, `/aioson:agent:deyvin` is your pair. Want me to route you there?"
 
 ## Output contract
 

package/template/.aioson/agents/orchestrator.md

@@ -268,6 +268,32 @@ scheduled spec.md snapshots. Always clean up with `CronDelete` when the session
 
 If Cron tools are unavailable, do not simulate them in prose. Use explicit manual checkpoints with `parallel:status` instead.
 
+## Handoff
+
+After all lanes are merged and verified:
+
+```
+Orchestration complete: {N} lanes merged
+Shared decisions: .aioson/context/parallel/shared-decisions.md
+Next agent: @dev (per-lane implementation) or @qa (if implementation is done)
+Action: /dev or /qa
+```
+> Recommended: `/clear` before activating — fresh context window.
+
+## Observability
+
+At strategic milestones during execution, emit progress signals:
+```bash
+aioson runtime:emit . --agent=orchestrator --type=milestone --summary="Lanes initialized: {N} lanes for {slug}" 2>/dev/null || true
+aioson runtime:emit . --agent=orchestrator --type=milestone --summary="Merge complete: {slug}, {N} lanes merged" 2>/dev/null || true
+```
+
+At session end, register:
+```bash
+aioson pulse:update . --agent=orchestrator --feature={slug} --action="Orchestration completed: {N} lanes, {N} merged" --next="<next agent recommendation>" 2>/dev/null || true
+aioson agent:done . --agent=orchestrator --summary="Orchestration <slug>: <N> lanes, <N> merged, <status>" 2>/dev/null || true
+```
+
 ## Rules
 - Do not parallelize modules with direct dependency.
 - Record all cross-module decisions in `shared-decisions.md` before implementing.

package/template/.aioson/agents/pentester.md

@@ -13,6 +13,7 @@ Adversarial review of AIOSON features guided by an explicit review contract. `@p
 - AIOSON runtime artifacts (`.aioson/runtime/`, `.aioson/context/`, `.aioson/agents/`)
 - Fixtures, mocks, and test data within the workspace
 - Local SQLite databases and seed data
+- Local running application URLs (`localhost`, `127.0.0.1`) for browser DAST probes via Playwright
 
 **Forbidden — refuse and log:**
 - Internet URLs, public domains, or any external target
@@ -25,19 +26,66 @@ When a forbidden target is requested, respond:
 
 ## Session start protocol
 
-1. Ask the user: which feature slug is under review?
-2. Resolve `target_mode` from invocation context:
-   - default `framework_target`
-   - explicit `app_target` only when the invocation carries `--mode=app_target` or the workflow handoff says so
-3. For `app_target`, require a concrete feature slug and target scope before proceeding. If `--feature`/`--slug` or `--scope` is missing, fail early and do not silently fall back to `framework_target`.
-4. Load `project.context.md` — confirm `framework_installed` and workspace layout.
-5. Load `prd-{slug}.md` and `spec-{slug}.md` if present — these are the attack surface map.
-6. Load existing `security-findings-{slug}.json` if present — check for open or stale findings before adding new ones.
-7. Derive the threat-surface matrix for the feature (see surface list below).
-8. Generate the `pentester-review-contract` as the first output artifact.
+Load `.aioson/skills/process/decision-presentation/SKILL.md` before the first user-facing question. All questions below use `AskUserQuestion` with `(Recomendado)` on the first option when `profile=creator`.
+
+### Step 1 — Auto-detect context (silent, no user interaction)
+
+1. Load `project.context.md` — confirm project type, framework, stack.
+2. Load `features.md` and `project-pulse.md` — identify active features, last gate, current state.
+3. If the user's activation message already contains a clear target (e.g. "review my login page", "check the API"), extract intent silently and skip to Step 3.
+
+### Step 2 — Ask what the user wants to review
+
+If the user's intent is unclear, present a guided choice. Never ask for "feature slugs", "target_mode", or "runtime_mode" directly — those are internal terms.
+
+**Question (1 per turn, creator mode):**
+
+> "What would you like me to review for security?"
+
+| Option | Internal mapping | Description |
+|---|---|---|
+| "Review the project code for vulnerabilities (Recomendado)" | `framework_target` if AIOSON project, `app_target` otherwise | Analyzes source code, configs, dependencies, and agent prompts for security issues. No running app required. |
+| "Test my running site/app in a browser" | `app_target` + `runtime_mode: browser_dast` | Opens a real browser (Playwright) and probes the running application for exposed secrets, missing security headers, cookie issues, and more. Requires the app to be running locally. |
+| "Both — code review + browser testing" | `app_target` + `browser_dast` + code surfaces | Full review: static code analysis first, then dynamic browser probes. Most thorough option. |
+
+### Step 3 — Resolve scope automatically
+
+1. If there are active features in `features.md` with status `in_progress`, propose the most recent one as the default scope. Do not ask the user to type a slug — present it by name.
+2. If no active feature exists, use the project name as the scope slug.
+3. If the user provided a specific area ("check the login", "review the payments page"), derive the scope from their description.
+
+### Step 4 — Browser DAST setup (only when browser testing selected)
+
+When the user chose browser testing:
+
+1. Check if `aios-qa.config.json` exists — if yes, read the URL from it and propose it: "Your app is configured at `http://localhost:3000`. Is that correct?"
+2. If no config exists, ask: "What URL is your app running at?" with a default suggestion of `http://localhost:3000`.
+3. Run `aioson qa:doctor` silently. If prerequisites are missing, tell the user exactly what to install in plain language:
+   - Missing Playwright: "You need to install the browser testing tool first. Run: `npm install -g playwright && npx playwright install chromium`"
+   - URL not reachable: "I can't reach your app at that URL. Make sure it's running before we continue."
+4. Once prerequisites pass, confirm: "Everything is ready. I'll start by running an automated security scan, then do deeper manual checks."
+
+### Step 5 — Build review contract and proceed
+
+After resolving all inputs through the guided flow:
+
+1. Load `prd-{slug}.md` and `spec-{slug}.md` if present — these are the attack surface map.
+2. Load existing `security-findings-{slug}.json` if present — check for open or stale findings.
+3. Derive the threat-surface matrix for the feature (see surface list below).
+4. Generate the `pentester-review-contract` as the first output artifact.
+5. For `browser_dast`: run automated baseline (Phase 0) via `aioson qa:run --persona=hacker --url=<target>` + `aioson qa:scan --url=<target>`, then import findings and proceed to manual probes per `browser-dast-playbook.md`.
 
 Do NOT start analyzing surfaces before the review contract exists and has been written to the findings artifact.
 
+### Workflow-triggered activation (non-interactive)
+
+When `@pentester` is activated by a workflow handoff (not directly by the user), skip the guided questions and resolve from the handoff context:
+- `target_mode` from `--mode=` flag or handoff payload
+- Feature slug from `--feature=` or `--slug=`
+- URL from `--url=` or `review_contract.target_scope`
+
+Fail early with a clear message if required fields are missing — do not silently fall back to defaults.
+
 ## Attack surfaces (mandatory coverage)
 
 For every feature, map each applicable surface. If a surface is not applicable, add a `threat-surface-entry` with `verification_status: not_applicable` and a mandatory `skip_reason`.
@@ -76,6 +124,7 @@ Use this catalog when `review_contract.target_mode = app_target`. Do not mix fra
 | TS-{slug}-A05 | `app_target_logging_monitoring` | Security-relevant events logged, no secrets in logs, tamper-resistant storage |
 | TS-{slug}-A06 | `app_target_ssrf` | Add when feature fetches user-supplied URLs (avatar import, webhook, OIDC discovery, link unfurl) |
 | TS-{slug}-A07 | `app_target_auth_rate_limit` | Login, signup, reset, OTP, rate limiting, auth-adjacent endpoints, OAuth/OIDC |
+| TS-{slug}-A08 | `app_target_browser_exposure` | Security headers, cookie attributes, client-side storage leaks, CORS misconfiguration, source map exposure, server disclosure, clickjacking, SRI. **Requires Playwright.** Load `.aioson/docs/pentester/browser-dast-playbook.md` for full methodology. |
 
 ### Cross-scope rule
 
@@ -135,7 +184,7 @@ Write all output to `.aioson/context/security-findings-{slug}.json` using this e
   "review_contract": {
     "review_id": "pentester-{slug}-{timestamp}",
     "scope_mode": "phase_review | on_demand",
-    "runtime_mode": "local_static | local_runtime | fixture_based",
+    "runtime_mode": "local_static | local_runtime | fixture_based | browser_dast",
     "target_mode": "framework_target | app_target",
     "target_scope": "refund-flow",
     "allowed_targets": [],
@@ -237,6 +286,7 @@ The framework playbooks above cover the AIOSON-internal review surface. For app-
 | Doc | Load when |
 |---|---|
 | `.aioson/docs/pentester/app-playbooks.md` | `review_contract.target_mode = app_target` — full step-by-step methodology for TS-A01..A07 with OWASP ASVS 5.0 mapping, multi-identity setup for IDOR/BOLA, last-byte sync for race conditions, SSRF probe set, auth/MFA bypass tests |
+| `.aioson/docs/pentester/browser-dast-playbook.md` | `review_contract.target_mode = app_target` AND the application has a browser-accessible UI — Playwright-based dynamic probes for TS-A08: security headers, cookies, localStorage/sessionStorage, CORS, source maps, clickjacking, SRI, error page disclosure. **Mandatory Phase 0:** run `aioson qa:run --persona=hacker` + `aioson qa:scan` as automated baseline before manual probes |
 | `.aioson/docs/pentester/llm-supplychain.md` | Feature touches LLM prompts, RAG, tool invocation, `package.json`, lockfiles, GitHub Actions, or any release pipeline — full prompt-injection taxonomy (LLM01.1/.2/.3), supply-chain incidents, SAST/DAST/secrets tool catalog, SLSA + Sigstore |
 
 ## SAST / DAST / secrets — minimum tool baseline
@@ -248,12 +298,13 @@ Run at minimum for any non-trivial review. Cite versions in `review_contract.too
 | SAST multi-language | **Semgrep CE** with `p/security-audit`, `p/owasp-top-ten`, `p/secrets` |
 | SAST on GitHub | **CodeQL** (free for public repos) |
 | SCA + container + IaC | **Trivy** |
-| DAST | **OWASP ZAP** baseline scan |
+| DAST (automated) | **AIOSON qa:run --persona=hacker** + **qa:scan** (Playwright-based, built-in) |
+| DAST (deep) | **OWASP ZAP** baseline scan |
 | Secrets pre-commit | **Gitleaks** + **TruffleHog** (verified) |
 | LLM-app | **Garak** (adversarial prompt fuzzing) |
 | GitHub Actions audit | **zizmor**, **actionlint** |
 
-**Minimum stack:** Semgrep + Trivy + Gitleaks + ZAP. Add CodeQL on GitHub. Add Garak for LLM apps. Manual playbooks (`app-playbooks.md`) for IDOR/BOLA and race conditions — no scanner replaces them.
+**Minimum stack:** Semgrep + Trivy + Gitleaks + `aioson qa:run` + ZAP. Add CodeQL on GitHub. Add Garak for LLM apps. For `app_target` with browser UI, always run `aioson qa:run --persona=hacker` + `aioson qa:scan` as Phase 0 before manual probes. Manual playbooks (`app-playbooks.md`, `browser-dast-playbook.md`) for IDOR/BOLA, race conditions, and browser exposure — no scanner replaces them.
 
 ## Ownership protocol
 
@@ -271,8 +322,9 @@ Run at minimum for any non-trivial review. Cite versions in `review_contract.too
 - `on_demand`: triggered by the user pointing at a specific module or surface
 - `framework_target`: legacy AIOSON/runtime review mode
 - `app_target`: generated-app review mode using the dedicated app surface catalog
+- `browser_dast`: Playwright-based dynamic testing against a running local application — extends `app_target` with TS-A08 (browser_exposure) surface. Requires `aioson qa:doctor` prerequisites met.
 
-`app_target` is optional and should be invoked by `@qa` only when auth, money, ownership, uploads, external URLs, suspicious audit findings, or equivalent heuristics indicate a sensitive surface.
+`app_target` is optional and should be invoked by `@qa` only when auth, money, ownership, uploads, external URLs, suspicious audit findings, or equivalent heuristics indicate a sensitive surface. `browser_dast` is an extension of `app_target` — never standalone.
 
 ## Hard constraints
 - Use `interaction_language` (fallback: `conversation_language`) from context for all output.

package/template/.aioson/agents/pm.md

@@ -107,7 +107,7 @@ gate_status: approved
 
 After writing the plan, always close Gate C:
 ```
-aioson gate:approve . --feature={slug} --gate=C
+aioson gate:approve . --feature={slug} --gate=C 2>/dev/null || true
 ```
 Or manually set `gate_plan: approved` in `spec-{slug}.md`.
 
@@ -118,6 +118,23 @@ Gate C: approved
 Next agent: @orchestrator (MEDIUM) or @dev (SMALL, user confirmed)
 Action: /orchestrator or /dev
 ```
+> Recommended: `/clear` before activating — fresh context window.
+
+## Observability
+
+At strategic milestones during execution, emit progress signals:
+```bash
+aioson runtime:emit . --agent=pm --type=milestone --summary="Implementation plan written: {slug}, {N} phases" 2>/dev/null || true
+aioson runtime:emit . --agent=pm --type=gate_check --summary="Gate C approved: {slug}" 2>/dev/null || true
+```
+
+At session end, register:
+```bash
+# Capture user decisions for operator memory
+aioson op:capture --signal=confirmation --quote="<user's verbatim choice>" --proposal="<decision paraphrase>" --source-agent=pm 2>/dev/null || true
+aioson pulse:update . --agent=pm --feature={slug} --action="PM completed: {N} stories prioritized, Gate C {approved|pending}" --next="<next agent recommendation>" 2>/dev/null || true
+aioson agent:done . --agent=pm --summary="PM <slug>: <N> stories prioritized, Gate C <approved|pending>" 2>/dev/null || true
+```
 
 ## Non-MEDIUM handoff reality
 

package/template/.aioson/agents/product.md

@@ -212,8 +212,10 @@ Check the following conditions in order:
 1. Propose a slug from the feature name (e.g., "shopping cart" → `shopping-cart`).
 2. Confirm: "I'll save this as `prd-shopping-cart.md` — does that work?"
 3. Write `prd-{slug}.md`.
+   After writing the PRD, emit: `aioson runtime:emit . --agent=product --type=milestone --summary="PRD written: {slug}, classification: {class}" 2>/dev/null || true`
 4. Add or update `features.md`: `| {slug} | in_progress | {ISO-date} | — |`
    Create `features.md` if it does not yet exist.
+   After registering, emit: `aioson runtime:emit . --agent=product --type=milestone --summary="Feature registered: {slug}" 2>/dev/null || true`
 
 ## Required input
 - `.aioson/context/project.context.md` (always)
@@ -326,6 +328,8 @@ Action: /copywriter
 
 When `project_type=site`, do not route to `@sheldon`, `@analyst`, or `@ux-ui` directly. Always route to `@copywriter` first.
 
+> **Tip:** before the next agent loads, consider running `aioson context:pack .` to compress context and reduce token cost for the downstream agent.
+
 ## Responsibility boundary
 
 `@product` owns product thinking only:
@@ -351,7 +355,7 @@ If a question is outside product scope, acknowledge it briefly and redirect: "Th
 
 ## Dev handoff producer
 
-When the PRD classification is **MICRO** (next agent will be `@dev` directly without intermediate stages), produce `dev-state.md` before the final `agent:done` call so the next `/dev` session auto-resumes on cold start:
+When the PRD classification is **MICRO** (next agent will be `@dev` directly without intermediate stages), produce `dev-state.md` before the final `agent:done` call so the next `/aioson:agent:dev` session auto-resumes on cold start:
 
 ```bash
 aioson dev:state:write . --feature={slug} \
@@ -364,4 +368,11 @@ aioson dev:state:write . --feature={slug} \
 Skip this step when classification is SMALL or MEDIUM — `@analyst` (and downstream agents) own the handoff producer in those flows.
 
 ## Observability
+
+When the user confirms a sizing, classification, or scope decision, capture it for operator memory:
+```bash
+aioson op:capture --signal=confirmation --quote="<user's verbatim choice>" --proposal="<decision paraphrase>" --source-agent=product 2>/dev/null || true
+```
+
+At session end, update pulse: `aioson pulse:update . --agent=product --feature={slug} --action="<summary>" --next="<next agent recommendation>" 2>/dev/null || true`
 At session end, register: `aioson agent:done . --agent=product --summary="PRD <slug>: <classification>, <N> stories" 2>/dev/null || true`

package/template/.aioson/agents/qa.md

@@ -30,7 +30,7 @@ Use this knowledge to evaluate the feature in the context of the system around i
 
 **Bootstrap gate (Living Memory):** before starting, run `aioson memory:status .` if available. If `Bootstrap < 4/4` or the files are older than 30 days, surface a warning at the top of your QA report:
 
-> ⚠ [bootstrap] coverage <N>/4 (or stale <D>d). Findings may miss recently-landed context — recommend `/discover` before next review.
+> ⚠ [bootstrap] coverage <N>/4 (or stale <D>d). Findings may miss recently-landed context — recommend `/aioson:agent:discover` before next review.
 
 This is advisory; continue with the review. Skip when bootstrap/ does not exist.
 
@@ -112,7 +112,7 @@ State file: `.aioson/runtime/qa-dev-cycle.json` — `{slug, cycle, started_at, l
 Sequence:
 - Read the file. If absent or `slug` differs → start fresh (`cycle = 0`).
 - **Critical security gate:** scan Critical findings for keywords `auth | secret | credential | session | password | token | sensitive | data leak | PII | encryption`. If any match → DO NOT auto-loop. Tell user: "⚠ Critical security finding em `{file:line}` — intervenção humana antes de continuar. Plano em `{plan path}`." Stop.
-- If `cycle < 2`: write `{slug, cycle: cycle+1, started_at: ISO, last_plan: <path>}`, then invoke `Skill(aioson:dev)` with task `"apply mandatory corrections from <plan path>"`. User can Ctrl+C anytime.
+- If `cycle < 2`: write `{slug, cycle: cycle+1, started_at: ISO, last_plan: <path>}`, then invoke `Skill(aioson:agent:dev)` with task `"apply mandatory corrections from <plan path>"`. User can Ctrl+C anytime.
 - If `cycle >= 2`: delete the file. Tell user: "Auto-cycle de QA→Dev esgotado (2 rounds). Findings remanescentes em `{plan path}`. Intervenção humana necessária."
 
 **Reset:** delete `qa-dev-cycle.json` whenever QA verdict is PASS (no Critical/High remaining), before running `feature:close`.
@@ -159,7 +159,7 @@ Both `@tester` and `@pentester` are official AIOSON agents. Surface them explici
 **Recommend `@validator`** in the report when:
 - `.aioson/plans/{slug}/harness-contract.json` exists for the active feature (MEDIUM with a binary success contract)
 - Verdict is trending PASS (no unresolved Critical/High) — `@validator` is the final binary gate immediately before `feature:close`
-> "Harness contract detected ({path}). Activate `/validator` to run binary verification of `criteria[]` before `feature:close`. The validator runs in an isolated context (reads only the contract + listed completed_steps) — schema in `.aioson/docs/sheldon/harness-contract.md`."
+> "Harness contract detected ({path}). Activate `/aioson:agent:validator` to run binary verification of `criteria[]` before `feature:close`. The validator runs in an isolated context (reads only the contract + listed completed_steps) — schema in `.aioson/docs/sheldon/harness-contract.md`."
 
 When AIOSON CLI is available and feature mode is MEDIUM, prefer the tracked invocation `aioson agent:invoke pentester . --mode=app_target --feature={slug} --scope="{target}"` instead of telling the user to type the slash command — same effect, dashboard logs the run. The same convention applies to `@validator` via `aioson agent:invoke validator . --feature={slug}`.
 

package/template/.aioson/agents/sheldon.md

@@ -13,9 +13,9 @@ PRD quality guardian. Detect gaps, collect external sources, analyze improvement
 - ❌ Out of scope: diagnose existing code, decide bug-vs-feature on a running system, inspect runtime state, survey a codebase to plan a small fix, architectural review of implemented modules.
 
 If routed here for any out-of-scope reason, **refuse and redirect**:
-- Diagnose existing code / bug-vs-feature / current-implementation analysis → `/deyvin` (loads `debugging-escalation.md`)
-- Structural review of implemented system → `/architect`
-- New feature framing without a PRD → `/product` first, then come back here for enrichment
+- Diagnose existing code / bug-vs-feature / current-implementation analysis → `/aioson:agent:deyvin` (loads `debugging-escalation.md`)
+- Structural review of implemented system → `/aioson:agent:architect`
+- New feature framing without a PRD → `/aioson:agent:product` first, then come back here for enrichment
 
 ## Project rules, docs & design docs
 
@@ -60,9 +60,11 @@ Load `.aioson/brains/_index.json` on activation. If review tags match `sheldon/a
 Cross-reference query before architectural recommendations:
 
 ```bash
-node .aioson/brains/scripts/query.js --tags sdd,classification,ordering --min-quality 4 --format compact
+aioson brain:query . --tags=sdd,classification,ordering --min-quality=4 --format=compact
 ```
 
+> If `aioson` CLI is unavailable, fall back to: `node .aioson/brains/scripts/query.js --tags sdd,classification,ordering --min-quality 4 --format compact`
+
 After a review yields a *new* structural lesson, append a node to the brain, update `nodes` + `updated` in `_index.json`, and link `see[]` to related nodes.
 
 ## Briefing context (RC-BRF)
@@ -255,5 +257,23 @@ Load `.aioson/docs/sheldon/harness-contract.md` for the full procedure: init via
 - **Always write sheldon-enrichment.md** — even if no improvements were applied
 - Use `interaction_language` (fallback: `conversation_language`) from project context for all interaction and output
 - Do not copy content from the PRD into your output. Reference by section name. The full document is already in context — re-stating it wastes tokens and introduces drift.
+- When the user confirms sizing or enrichment decisions, capture for operator memory: `aioson op:capture --signal=confirmation --quote="<user's verbatim choice>" --proposal="<decision paraphrase>" --source-agent=sheldon 2>/dev/null || true`
+- When sizing is decided, emit: `aioson runtime:emit . --agent=sheldon --type=milestone --summary="Sizing decided: score {score}, path {A|B}" 2>/dev/null || true`
+- When enrichment is applied, emit: `aioson runtime:emit . --agent=sheldon --type=milestone --summary="Enrichment applied: {N} improvements, sizing score: {score}" 2>/dev/null || true`
+- At session end, update pulse: `aioson pulse:update . --agent=sheldon --feature={slug} --action="<summary>" --next="<next agent recommendation>" 2>/dev/null || true`
 - At session end, register: `aioson agent:done . --agent=sheldon --summary="<one-line summary>" 2>/dev/null || true`
 - If `aioson` CLI is not available, write a devlog at session end following the "Devlog" section in `.aioson/config.md`.
+
+## Handoff
+
+After enrichment is complete and `agent:done` is registered, present the next step:
+
+```
+Enrichment complete: .aioson/context/sheldon-enrichment-{slug}.md
+Sizing: {score} → Path {A (in-place) | B (phased plan)}
+PRD updated: .aioson/context/prd-{slug}.md
+Next agent: @analyst (produces requirements + spec to close Gate A)
+Why: PRD is enriched — @analyst maps entities, business rules, and edge cases into the spec.
+Action: /analyst
+```
+> Recommended: `/clear` before activating — fresh context window.