@kennethsolomon/shipkit 3.0.6 → 3.1.0

package/skills/sk:setup-claude/templates/CLAUDE.md.template

@@ -34,7 +34,7 @@
 ## Workflow — Follow This Order
 <!-- LOCK -->
 
-**Flow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → Finish
+**Flow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → E2E Tests → Finish → Sync Features
 
 Progress is tracked in `tasks/workflow-status.md`. This file persists across conversations.
 
@@ -42,55 +42,61 @@ Progress is tracked in `tasks/workflow-status.md`. This file persists across con
 |---|------|---------|------|-------|
 | 1 | Read Todo | read `tasks/todo.md` | required | no |
 | 2 | Read Lessons | read `tasks/lessons.md` | required | no |
-| 3 | Explore | `/brainstorm` | required | no |
-| 4 | Design | `/frontend-design` or `/api-design` | optional (confirm to skip) | no |
-| 5 | Accessibility | `/accessibility` | optional (confirm to skip) | no |
-| 6 | Plan | `/write-plan` | required | no |
-| 7 | Branch | `/branch` | required | no |
-| 8 | Migrate | `/schema-migrate` | optional (confirm to skip) | no |
-| 9 | Write Tests | `/write-tests` | required | no |
-| 10 | Implement | `/execute-plan` | required | no |
-| 11 | Commit | `/smart-commit` | required | no |
-| 12 | Lint | `/lint` | required | yes — must be clean |
-| 13 | Commit | `/smart-commit` | conditional (skip if lint was clean) | no |
-| 14 | Verify Tests | `/test` | required | yes — 100% coverage required |
-| 15 | Commit | `/smart-commit` | conditional (skip if tests passed clean) | no |
-| 16 | Security | `/security-check` | required | yes — must reach 0 issues |
-| 17 | Commit | `/smart-commit` | conditional (skip if security was clean) | no |
-| 18 | Performance | `/perf` | optional (confirm to skip) | yes — loop until critical/high = 0 |
-| 19 | Commit | `/smart-commit` | conditional (skip if perf was clean) | no |
-| 20 | Review | `/review` | required | yes — must reach 0 issues |
-| 21 | Commit | `/smart-commit` | conditional (skip if review was clean) | no |
-| 22 | Update | `/update-task` | required | no |
-| 23 | Finalize | `/finish-feature` | required | no |
-| 24 | Release | `/release` | optional (confirm to skip) | no |
+| 3 | Explore | `/sk:brainstorm` | required | no |
+| 4 | Design | `/sk:frontend-design` or `/sk:api-design` | optional (confirm to skip) | no |
+| 5 | Accessibility | `/sk:accessibility` | optional (confirm to skip) | no |
+| 6 | Plan | `/sk:write-plan` | required | no |
+| 7 | Branch | `/sk:branch` | required | no |
+| 8 | Migrate | `/sk:schema-migrate` | optional (confirm to skip) | no |
+| 9 | Write Tests | `/sk:write-tests` | required | no |
+| 10 | Implement | `/sk:execute-plan` | required | no |
+| 11 | Commit | `/sk:smart-commit` | required | no |
+| 12 | Lint + Dep Audit | `/sk:lint` | required | yes — must be clean |
+| 13 | Commit | `/sk:smart-commit` | conditional (skip if lint was clean) | no |
+| 14 | Verify Tests | `/sk:test` | required | yes — 100% coverage required |
+| 15 | Commit | `/sk:smart-commit` | conditional (skip if tests passed clean) | no |
+| 16 | Security | `/sk:security-check` | required | yes — must reach 0 issues |
+| 17 | Commit | `/sk:smart-commit` | conditional (skip if security was clean) | no |
+| 18 | Performance | `/sk:perf` | optional (confirm to skip) | yes — loop until critical/high = 0 |
+| 19 | Commit | `/sk:smart-commit` | conditional (skip if perf was clean) | no |
+| 20 | Review + Simplify | `/sk:review` | required | yes — must reach 0 issues |
+| 21 | Commit | `/sk:smart-commit` | conditional (skip if review was clean) | no |
+| 22 | E2E Tests | `/sk:e2e` | required | yes — all scenarios must pass |
+| 23 | Commit | `/sk:smart-commit` | conditional (skip if E2E was clean) | no |
+| 24 | Update | `/sk:update-task` | required | no |
+| 25 | Finalize | `/sk:finish-feature` | required | no |
+| 26 | Sync Features | `/sk:features` | required | no |
+| 27 | Release | `/sk:release` | optional (confirm to skip) | no |
 
 ### Step Details
 
 1.  **Read** `tasks/todo.md` — pick the next incomplete task
 2.  **Read** `tasks/lessons.md` — review past corrections before writing code
-3.  **Explore** — run `/brainstorm` to clarify requirements, constraints, and approach. No code in this step.
-4.  **Design** — run `/frontend-design` for UI mockup or `/api-design` for API contracts. No code — design only. Skip if pure backend with no UI and no new API. After `/frontend-design`, the skill prompts to create a Pencil visual mockup (saved to `docs/design/`). Requires Pencil app open and Pencil MCP connected.
-5.  **Accessibility** — run `/accessibility` to audit the design spec for WCAG 2.1 AA compliance. Produces `tasks/accessibility-findings.md`. Skip if backend-only with no frontend.
-6.  **Plan** — run `/write-plan` to write a decision-complete plan into `tasks/todo.md` using brainstorm + design outputs. No code in this step.
-7.  **Branch** — run `/branch` to create a feature branch auto-named from the current task.
-8.  **Migrate** — run `/schema-migrate` for database changes. Skip if no schema changes needed.
-9.  **Write Tests** — run `/write-tests` (TDD red phase). Write failing tests for all planned code. If modifying existing behavior, update existing tests first. Tests SHOULD fail — no implementation yet.
-10. **Implement** — run `/execute-plan` to execute `tasks/todo.md` checkboxes in small batches, making the failing tests pass (TDD green phase). Log progress to `tasks/progress.md`.
-11. **Commit** — run `/smart-commit` to commit tests + implementation
-12. **Lint** — run `/lint` — auto-detects and runs all project linters. Fix all issues immediately, then re-run until clean. Do not ask to re-run — fix and re-run automatically.
-13. **Commit** — run `/smart-commit` if lint required fixes. Auto-skip if lint was clean.
-14. **Verify Tests** — run `/test` — auto-detects and runs all project test suites. **100% test coverage required.** Fix failures immediately, then re-run. Do not ask to re-run — fix and re-run automatically.
-15. **Commit** — run `/smart-commit` if test fixes were needed. Auto-skip if tests passed first try.
-16. **Security** — run `/security-check`. Must reach 0 issues across all severities. Fix issues immediately, commit, then re-run. Loop until clean.
-17. **Commit** — run `/smart-commit` if security required fixes. Auto-skip if clean.
-18. **Performance** — run `/perf` to audit for performance issues. Produces `tasks/perf-findings.md`. Fix critical/high findings, commit, then re-run. Loop until critical/high = 0. Skip if confirmed with user.
-19. **Commit** — run `/smart-commit` if perf required fixes. Auto-skip if clean.
-20. **Review** — run `/review`. Must reach 0 issues including nitpicks. Fix issues immediately, commit, then re-run. Loop until clean.
-21. **Commit** — run `/smart-commit` if review required fixes. Auto-skip if clean.
-22. **Update** — run `/update-task` to mark the task done in `tasks/todo.md` and log completion to `tasks/progress.md`.
-23. **Finalize** — run `/finish-feature` for changelog + PR
-24. **Release** — run `/release` if deploying. Skip if not ready.
+3.  **Explore** — run `/sk:brainstorm` to clarify requirements, constraints, and approach. No code in this step.
+4.  **Design** — run `/sk:frontend-design` for UI mockup or `/sk:api-design` for API contracts. No code — design only. Skip if pure backend with no UI and no new API. After the design summary, the skill asks if you want a Pencil visual mockup — answer `y` only if you have the Pencil app open and Pencil MCP connected. Use `/sk:frontend-design --pencil` to jump directly to the Pencil phase.
+5.  **Accessibility** — run `/sk:accessibility` to audit the design spec for WCAG 2.1 AA compliance. Produces `tasks/accessibility-findings.md`. Skip if backend-only with no frontend.
+6.  **Plan** — run `/sk:write-plan` to write a decision-complete plan into `tasks/todo.md` using brainstorm + design outputs. No code in this step.
+7.  **Branch** — run `/sk:branch` to create a feature branch auto-named from the current task.
+8.  **Migrate** — run `/sk:schema-migrate` for database changes. Skip if no schema changes needed.
+9.  **Write Tests** — run `/sk:write-tests` (TDD red phase). Write failing tests for all planned code. If modifying existing behavior, update existing tests first. Tests SHOULD fail — no implementation yet.
+10. **Implement** — run `/sk:execute-plan` to execute `tasks/todo.md` checkboxes in small batches, making the failing tests pass (TDD green phase). Log progress to `tasks/progress.md`.
+11. **Commit** — run `/sk:smart-commit` to commit tests + implementation
+12. **Lint + Dep Audit** — run `/sk:lint` — auto-detects and runs all project linters plus dependency vulnerability audits. Fix all issues immediately, then re-run until clean. Do not ask to re-run — fix and re-run automatically.
+13. **Commit** — run `/sk:smart-commit` if lint required fixes. Auto-skip if lint was clean.
+14. **Verify Tests** — run `/sk:test` — auto-detects and runs all project test suites. **100% test coverage required.** Fix failures immediately, then re-run. Do not ask to re-run — fix and re-run automatically.
+15. **Commit** — run `/sk:smart-commit` if test fixes were needed. Auto-skip if tests passed first try.
+16. **Security** — run `/sk:security-check`. Must reach 0 issues across all severities. Fix issues immediately, commit, then re-run. Loop until clean.
+17. **Commit** — run `/sk:smart-commit` if security required fixes. Auto-skip if clean.
+18. **Performance** — run `/sk:perf` to audit for performance issues. Produces `tasks/perf-findings.md`. Fix critical/high findings, commit, then re-run. Loop until critical/high = 0. Skip if confirmed with user.
+19. **Commit** — run `/sk:smart-commit` if perf required fixes. Auto-skip if clean.
+20. **Review + Simplify** — run `/sk:review`. First runs a simplify pre-pass on changed files, then performs full multi-dimensional review. Must reach 0 issues including nitpicks. Fix issues immediately, commit, then re-run. Loop until clean.
+21. **Commit** — run `/sk:smart-commit` if review required fixes. Auto-skip if clean.
+22. **E2E Tests** — run `/sk:e2e`. Verifies the complete, reviewed, secure implementation works end-to-end from a user's perspective using agent-browser. All scenarios must pass. Cannot be skipped.
+23. **Commit** — run `/sk:smart-commit` if E2E required fixes. Auto-skip if E2E was clean.
+24. **Update** — run `/sk:update-task` to mark the task done in `tasks/todo.md` and log completion to `tasks/progress.md`.
+25. **Finalize** — run `/sk:finish-feature` for changelog + PR
+26. **Sync Features** — run `/sk:features` to sync `docs/sk:features/` specs with what was actually shipped.
+27. **Release** — run `/sk:release` if deploying. Skip if not ready.
 
 ### Workflow Tracker Rules
 
@@ -103,21 +109,22 @@ Progress is tracked in `tasks/workflow-status.md`. This file persists across con
    - Add relevant Notes (e.g., "clean on attempt 2", "backend-only, no UI")
    - Move `>> next <<` to the next pending step
 
-3. **Optional steps** (4, 5, 7, 18, 24): Ask the user "Skip [step]?" and require explicit confirmation. Record the reason in Notes.
+3. **Optional steps** (4, 5, 8, 18, 27): Ask the user "Skip [step]?" and require explicit confirmation. Record the reason in Notes.
 
-4. **Conditional commits** (13, 15, 17, 19, 21): Auto-skip if no changes were made. Record reason (e.g., "lint was clean", "tests passed first try").
+4. **Conditional commits** (13, 15, 17, 19, 21, 23): Auto-skip if no changes were made. Record reason (e.g., "lint was clean", "tests passed first try").
 
-5. **Loop steps are HARD GATES** (12, 14, 16, 20): These steps BLOCK all forward progress until they pass clean. Fix issues immediately and re-run. Do NOT ask the user to re-run — fix and re-run automatically. Track attempt number in Notes (e.g., "clean on attempt 3").
+5. **Loop steps are HARD GATES** (12, 14, 16, 20, 22): These steps BLOCK all forward progress until they pass clean. Fix issues immediately and re-run. Do NOT ask the user to re-run — fix and re-run automatically. Track attempt number in Notes (e.g., "clean on attempt 3").
    - **Step 12 (Lint)**: All detected linting tools must pass — every single one.
    - **Step 14 (Verify Tests)**: All detected test suites (BE + FE) must pass with 100% coverage on new code.
    - **Step 16 (Security)**: 0 issues across all severities.
    - **Step 20 (Review)**: 0 issues including nitpicks.
+   - **Step 22 (E2E Tests)**: All scenarios must pass. 0 failures allowed.
    - **Step 18 (Performance)**: Optional gate — if run, loop until critical/high findings = 0. Can be skipped with explicit confirmation.
    - **DO NOT mark these steps as `done` until every check passes.** If even one tool fails, the step is NOT done. Never proceed to the next step with errors remaining.
 
-6. **Never skip steps without confirmation.** Steps cannot run out of order. Hard gate steps (12, 14, 16, 20) can NEVER be skipped. Optional gate step (18) requires explicit confirmation to skip.
+6. **Never skip steps without confirmation.** Steps cannot run out of order. Hard gate steps (12, 14, 16, 20, 22) can NEVER be skipped. Optional gate step (18) requires explicit confirmation to skip.
 
-7. **Requirements change mid-workflow?** Stop the current step and run `/change` immediately. It will classify the scope (behavior tweak / new requirements / scope shift) and tell you exactly where to re-enter the workflow. Never continue implementing stale requirements.
+7. **Requirements change mid-workflow?** Stop the current step and run `/sk:change` immediately. It will classify the scope (behavior tweak / new requirements / scope shift) and tell you exactly where to re-enter the workflow. Never continue implementing stale requirements.
 
 7. **Never auto-advance.** When one step completes, stop and tell the user which step is next. Do not proceed automatically.
 
@@ -133,6 +140,22 @@ Next step: [#] [Name] — run `[command]`
 
 This tells the user exactly what happened and what to do next. Never finish a step silently.
 
+### Fix & Retest Protocol
+
+**Applies to steps 12, 14, 16, 18, 20, 22 — any step that can produce code changes.**
+
+When any of these steps require a fix, classify the fix before committing:
+
+**a. Format/style/config/wording change** → commit and re-run the gate. No test update needed.
+
+**b. Logic change** (new branch, modified condition, new data path, query change, new function, changed algorithm, API change) → trigger protocol:
+1. Update or add failing unit tests for the new behavior
+2. Re-run `/sk:test` — must pass at 100% coverage
+3. Commit (tests + fix together in one commit)
+4. Re-run the current gate from scratch
+
+**Exception:** Lint formatter auto-fixes (Prettier, Pint, gofmt, cargo fmt) are never logic changes — bypass protocol automatically.
+
 ### Tracker Reset
 
 - When starting a new task, check if `tasks/workflow-status.md` has any `done` or `skipped` steps. If yes, ask: "Existing workflow detected. Start fresh and reset tracker?"
@@ -140,52 +163,65 @@ This tells the user exactly what happened and what to do next. Never finish a st
 
 ### Bug Fix Flow
 
-When fixing a bug (not building a feature), use `/debug` as the entry point. This sets up a shorter workflow:
+When fixing a bug (not building a feature), use `/sk:debug` as the entry point. This sets up a shorter workflow:
 
 | # | Step | Command |
 |---|------|---------|
-| 1 | Debug | `/debug` |
-| 2 | Branch | `/branch` |
-| 3 | Write Tests | `/write-tests` (regression test) |
+| 1 | Debug | `/sk:debug` |
+| 2 | Branch | `/sk:branch` |
+| 3 | Write Tests | `/sk:write-tests` (regression test) |
 | 4 | Fix | implement the fix |
-| 5 | Commit | `/smart-commit` |
-| 6 | Lint | `/lint` |
-| 7 | Commit | `/smart-commit` (skip if clean) |
-| 8 | Verify Tests | `/test` |
-| 9 | Commit | `/smart-commit` (skip if clean) |
-| 10 | Security | `/security-check` |
-| 11 | Commit | `/smart-commit` (skip if clean) |
-| 12 | Review | `/review` |
-| 13 | Commit | `/smart-commit` (skip if clean) |
-| 14 | Update | `/update-task` |
-| 15 | Finalize | `/finish-feature` |
-
-Start with `/debug` to investigate, then follow the abbreviated flow.
+| 5 | Commit | `/sk:smart-commit` |
+| 6 | Lint | `/sk:lint` |
+| 7 | Commit | `/sk:smart-commit` (skip if clean) |
+| 8 | Verify Tests | `/sk:test` |
+| 9 | Commit | `/sk:smart-commit` (skip if clean) |
+| 10 | Security | `/sk:security-check` |
+| 11 | Commit | `/sk:smart-commit` (skip if clean) |
+| 12 | Review | `/sk:review` |
+| 13 | Commit | `/sk:smart-commit` (skip if clean) |
+| 14 | Update | `/sk:update-task` |
+| 15 | Finalize | `/sk:finish-feature` |
+
+Start with `/sk:debug` to investigate, then follow the abbreviated flow.
 
 ### Hotfix Flow
 
-For production emergencies that need to ship immediately, use `/hotfix`. Skips brainstorm, design, and write-tests. Quality gates still apply.
+For production emergencies that need to ship immediately, use `/sk:hotfix`. Skips brainstorm, design, and write-tests. Quality gates still apply.
 
 | # | Step | Command |
 |---|------|---------|
-| 1 | Investigate | `/debug` |
-| 2 | Branch | `/branch` |
+| 1 | Investigate | `/sk:debug` |
+| 2 | Branch | `/sk:branch` |
 | 3 | Fix | implement directly |
 | 4 | Smoke Test | run existing tests |
-| 5 | Commit | `/smart-commit` |
-| 6 | Lint | `/lint` |
-| 7 | Commit | `/smart-commit` (skip if clean) |
-| 8 | Verify Tests | `/test` |
-| 9 | Commit | `/smart-commit` (skip if clean) |
-| 10 | Security | `/security-check` |
-| 11 | Commit | `/smart-commit` (skip if clean) |
-| 12 | Review | `/review` |
-| 13 | Commit | `/smart-commit` (skip if clean) |
-| 14 | Update | `/update-task` |
-| 15 | Finalize | `/finish-feature` |
+| 5 | Commit | `/sk:smart-commit` |
+| 6 | Lint | `/sk:lint` |
+| 7 | Commit | `/sk:smart-commit` (skip if clean) |
+| 8 | Verify Tests | `/sk:test` |
+| 9 | Commit | `/sk:smart-commit` (skip if clean) |
+| 10 | Security | `/sk:security-check` |
+| 11 | Commit | `/sk:smart-commit` (skip if clean) |
+| 12 | Review | `/sk:review` |
+| 13 | Commit | `/sk:smart-commit` (skip if clean) |
+| 14 | Update | `/sk:update-task` |
+| 15 | Finalize | `/sk:finish-feature` |
 
 After merging: add a regression test and a lessons.md entry.
 
+### Requirement Change Flow
+
+When requirements change mid-workflow, run `/sk:change` to avoid implementing the wrong behavior:
+
+| # | Step | Command |
+|---|------|---------|
+| 1 | Assess | `/sk:change` — classify scope (Tier 1/2/3) |
+| 2 | Tier 1 (test update only) | update tests → re-enter at step 9 |
+| 3 | Tier 2 (plan revision) | revise plan → re-enter at step 6 |
+| 4 | Tier 3 (re-brainstorm) | re-enter at step 3 |
+
+Never update tests or implementation based on a changed requirement without going through `/sk:change` first.
+
 ## Sub-Agent Patterns
 <!-- BEGIN:sub-agent-patterns -->
 
@@ -281,9 +317,9 @@ Tests are written **before** implementation (step 9) and verified **after** (ste
 
 ### TDD Flow
 
-1. `/write-tests` — write failing tests based on the plan (RED)
-2. `/execute-plan` — implement code to make tests pass (GREEN)
-3. `/test` — verify all tests pass with 100% coverage (VERIFY)
+1. `/sk:write-tests` — write failing tests based on the plan (RED)
+2. `/sk:execute-plan` — implement code to make tests pass (GREEN)
+3. `/sk:test` — verify all tests pass with 100% coverage (VERIFY)
 
 Every new function, endpoint, component, and module needs tests. No code proceeds past step 13 without 100% coverage on new code.
 
@@ -299,3 +335,32 @@ Never retry the same failing approach.
 ## Architectural Change Log
 
 Create entries in: `[ARCH_CHANGELOG_DIR]`
+
+## Commands
+
+| Command | Purpose |
+|---------|---------|
+| `/sk:brainstorm` | Explore requirements and design |
+| `/sk:frontend-design` | UI mockup before implementation. Prompts to create Pencil visual mockup |
+| `/sk:api-design` | Design API contracts (endpoints, payloads, auth, errors) before implementation |
+| `/sk:accessibility` | WCAG 2.1 AA audit — runs after design, before implementation |
+| `/sk:write-plan` | Write decision-complete plan into `tasks/todo.md` |
+| `/sk:branch` | Create feature branch auto-named from current task |
+| `/sk:write-tests` | TDD: Write failing tests before implementation |
+| `/sk:execute-plan` | Execute `tasks/todo.md` checkboxes in batches |
+| `/sk:smart-commit` | Conventional commit with approval |
+| `/sk:lint` | Auto-detect and run all project linters + dependency audits |
+| `/sk:test` | Auto-detect and run all project test suites |
+| `/sk:debug` | Investigate and debug issues (bug fix entry point) |
+| `/sk:security-check` | OWASP security audit on changed files |
+| `/sk:perf` | Performance audit — bundle, N+1, Core Web Vitals, memory |
+| `/sk:review` | Self-review with simplify pre-pass + multi-dimensional review |
+| `/sk:e2e` | E2E behavioral verification using agent-browser (final quality gate) |
+| `/sk:hotfix` | Emergency fix workflow — skip design/TDD, quality gates enforced |
+| `/sk:change` | Handle mid-workflow requirement changes — re-enter at correct step |
+| `/sk:update-task` | Mark task done and log completion |
+| `/sk:finish-feature` | Changelog + PR creation |
+| `/sk:features` | Sync feature specs with shipped implementation |
+| `/sk:release` | Version bump + changelog + tag |
+| `/sk:status` | Show workflow + task status |
+| `/sk:setup-optimizer` | Diagnose + update workflow + enrich CLAUDE.md |

package/skills/sk:setup-claude/templates/commands/brainstorm.md.template

@@ -6,14 +6,14 @@ description: "Start with design questions before writing code."
 
 # /brainstorm
 
-**Workflow:** Read → **Explore** → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → Finalize → Release
+**Workflow:** Read → **Explore** → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → E2E Tests → Finish → Sync Features
 
 Explore design and clarify requirements **before** any code is written.
 
 ## Hard Rules
 
 - **DO NOT write, edit, or generate any code.** No files, no snippets, no pseudo-implementations.
-- **DO NOT create a plan.** That is `/write-plan`'s job.
+- **DO NOT create a plan.** That is `/sk:write-plan`'s job.
 - **DO NOT run build/test/lint commands.** You are in design mode only.
 - You may **read** existing code to understand the current state, but nothing more.
 
@@ -65,10 +65,10 @@ Explore design and clarify requirements **before** any code is written.
 
 ## When Done
 
-1. Update `tasks/workflow-status.md`: set step 1 (`/brainstorm`) to `done`, move `>> next <<` to the next pending step.
+1. Update `tasks/workflow-status.md`: set step 1 (`/sk:brainstorm`) to `done`, move `>> next <<` to the next pending step.
 2. Print the full workflow status dashboard table.
 3. Tell the user:
    > "Brainstorming complete. Findings saved to `tasks/findings.md`."
-4. If step 2 (`/frontend-design`) is next, ask: "Step 2 is `/frontend-design` (optional). Run it or skip?"
+4. If step 2 (`/sk:frontend-design`) is next, ask: "Step 2 is `/sk:frontend-design` (optional). Run it or skip?"
 
 **Do not proceed to planning or implementation yourself.** The user must explicitly invoke the next step.

package/skills/sk:setup-claude/templates/commands/execute-plan.md.template

@@ -6,7 +6,7 @@ description: "Execute tasks/todo.md checkboxes in small batches; log to tasks/pr
 
 # /execute-plan
 
-**Workflow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → **Implement** → Lint → Verify Tests → Security → Performance → Review → Finalize → Release
+**Workflow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → **Implement** → Lint → Verify Tests → Security → Performance → Review → E2E Tests → Finish → Sync Features
 
 Execute the plan in `tasks/todo.md` in small batches with clear checkpoints.
 
@@ -33,7 +33,7 @@ Execute the plan in `tasks/todo.md` in small batches with clear checkpoints.
    - verification results
    - what's next
    - After all items in this batch pass verification, the code is ready to stage.
-     Run `/commit` after any passed batch, or accumulate and commit at plan completion.
+     Run `/sk:smart-commit` after any passed batch, or accumulate and commit at plan completion.
      Never combine more than one logical unit of work in a single commit.
 4. Stop and wait for user feedback before continuing.
 

package/skills/sk:setup-claude/templates/commands/finish-feature.md.template

@@ -2,11 +2,11 @@
 
 # Finish Feature Command
 
-**Workflow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → **Finalize** → Release
+**Workflow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → E2E Tests → **Finish** → Sync Features
 
 Finalize a feature/bug-fix branch: changelog, arch log, security gate, verification, and PR creation.
 
-This is the **last step before `/release`**. It auto-commits documentation changes (changelog, arch log) so you don't need to loop back to `/commit` for docs-only work.
+This is the **last step before `/sk:release`**. It auto-commits documentation changes (changelog, arch log) so you don't need to loop back to `/sk:smart-commit` for docs-only work.
 
 ## Before You Start
 
@@ -16,7 +16,7 @@ before marking the feature done. This is the last gate before merge — catch re
 mistakes here rather than in review.
 
 If `tasks/security-findings.md` exists, read it. Check that any Critical or High
-severity findings from the most recent `/security-check` audit have been addressed.
+severity findings from the most recent `/sk:security-check` audit have been addressed.
 If unresolved Critical/High findings remain, warn the user before proceeding.
 
 ## Steps
@@ -69,7 +69,7 @@ If unresolved Critical/High findings remain, warn the user before proceeding.
         - Migration/Compatibility: Any breaking changes?
       - Verify the auto-filled sections (Summary, Type, What Changed, Impact)
 
-   c) **Auto-commit the arch log** (no need to go back to `/commit`):
+   c) **Auto-commit the arch log** (no need to go back to `/sk:smart-commit`):
       ```bash
       git add .claude/docs/architectural_change_log/
       git commit -m "docs: add architectural changelog entry"
@@ -79,7 +79,7 @@ If unresolved Critical/High findings remain, warn the user before proceeding.
 
 5. **Verification** (with Test Checklist for Reviewers)
 
-   Tests should have been created during `/execute-plan`. Verify:
+   Tests should have been created during `/sk:execute-plan`. Verify:
 
    a) **Automated Tests**
       - Execute: `[TEST_COMMAND]`
@@ -108,7 +108,7 @@ If unresolved Critical/High findings remain, warn the user before proceeding.
       - Follows [LANGUAGE] conventions and style guide (see `CLAUDE.md`)
 
 6. **Security Gate**
-   - Read `tasks/security-findings.md`. If it doesn't exist or has no audit for this branch, recommend: "Run `/security-check` before creating a PR."
+   - Read `tasks/security-findings.md`. If it doesn't exist or has no audit for this branch, recommend: "Run `/sk:security-check` before creating a PR."
    - If the most recent audit has unresolved Critical or High findings, list them and ask the user to confirm they've been addressed before proceeding.
 
 7. **Create Pull Request**
@@ -126,7 +126,7 @@ If unresolved Critical/High findings remain, warn the user before proceeding.
 
    c) **Generate PR title and body:**
       - Title: Short, imperative, under 70 characters
-      - Body: Summary of changes, review findings (if any from `/review`), test status
+      - Body: Summary of changes, review findings (if any from `/sk:review`), test status
 
    d) **Create PR:**
    ```bash
@@ -152,4 +152,4 @@ EOF
 
 ## When Done
 
-> "Feature finalized and PR created! Run `/release` when ready to tag and publish."
+> "Feature finalized and PR created! Run `/sk:release` when ready to tag and publish."

package/skills/sk:setup-claude/templates/commands/security-check.md.template

@@ -6,7 +6,7 @@ description: "Audit changed code for security best practices, production-grade q
 
 # /security-check
 
-**Workflow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → **Security** → Performance → Review → Finalize → Release
+**Workflow:** Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → **Security** → Performance → Review → E2E Tests → Finish → Sync Features
 
 Audit code for security vulnerabilities, production-grade quality, and industry gold-standard compliance.
 
@@ -164,9 +164,9 @@ Tell the user:
 > "Security audit complete. Findings saved to `tasks/security-findings.md`.
 > - **Critical:** N | **High:** N | **Medium:** N | **Low:** N
 >
-> Review the findings, then run `/finish-feature` when ready to finalize."
+> Review the findings, then run `/sk:finish-feature` when ready to finalize."
 
 If there are Critical or High findings:
-> "There are critical/high findings that should be addressed before merging. Fix them, then re-run `/security-check` to verify."
+> "There are critical/high findings that should be addressed before merging. Fix them, then re-run `/sk:security-check` to verify."
 
 **Do not auto-fix.** The user decides what to address.

package/skills/sk:setup-claude/templates/commands/write-plan.md.template

@@ -6,7 +6,7 @@ description: "Write a decision-complete plan into tasks/todo.md (no code yet)."
 
 # /write-plan
 
-**Workflow:** Read → Explore → Design → Accessibility → **Plan** → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → Finalize → Release
+**Workflow:** Read → Explore → Design → Accessibility → **Plan** → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → E2E Tests → Finish → Sync Features
 
 Create a decision-complete plan **before** writing code.
 

package/skills/sk:setup-claude/templates/tasks/workflow-status.md.template

@@ -7,25 +7,28 @@
 |---|------|--------|-------|
 | 1 | Read Todo | >> next << | |
 | 2 | Read Lessons | not yet | |
-| 3 | Explore (`/brainstorm`) | not yet | |
-| 4 | Design (`/frontend-design` or `/api-design`) | not yet | optional |
-| 5 | Accessibility (`/accessibility`) | not yet | optional |
-| 6 | Plan (`/write-plan`) | not yet | |
-| 7 | Branch (`/branch`) | not yet | |
-| 8 | Migrate (`/schema-migrate`) | not yet | optional |
-| 9 | Write Tests (`/write-tests`) | not yet | |
-| 10 | Implement (`/execute-plan`) | not yet | |
-| 11 | Commit (`/smart-commit`) | not yet | |
-| 12 | **Lint** (`/lint`) | not yet | HARD GATE — loop until clean |
-| 13 | Commit (`/smart-commit`) | not yet | conditional |
-| 14 | **Verify Tests** (`/test`) | not yet | HARD GATE — 100% coverage |
-| 15 | Commit (`/smart-commit`) | not yet | conditional |
-| 16 | **Security** (`/security-check`) | not yet | HARD GATE — 0 issues |
-| 17 | Commit (`/smart-commit`) | not yet | conditional |
-| 18 | Performance (`/perf`) | not yet | optional gate |
-| 19 | Commit (`/smart-commit`) | not yet | conditional |
-| 20 | **Review** (`/review`) | not yet | HARD GATE — 0 issues |
-| 21 | Commit (`/smart-commit`) | not yet | conditional |
-| 22 | Update (`/update-task`) | not yet | |
-| 23 | Finalize (`/finish-feature`) | not yet | |
-| 24 | Release (`/release`) | not yet | optional |
+| 3 | Explore (`/sk:brainstorm`) | not yet | |
+| 4 | Design (`/sk:frontend-design` or `/sk:api-design`) | not yet | optional |
+| 5 | Accessibility (`/sk:accessibility`) | not yet | optional |
+| 6 | Plan (`/sk:write-plan`) | not yet | |
+| 7 | Branch (`/sk:branch`) | not yet | |
+| 8 | Migrate (`/sk:schema-migrate`) | not yet | optional |
+| 9 | Write Tests (`/sk:write-tests`) | not yet | |
+| 10 | Implement (`/sk:execute-plan`) | not yet | |
+| 11 | Commit (`/sk:smart-commit`) | not yet | |
+| 12 | **Lint + Dep Audit** (`/sk:lint`) | not yet | HARD GATE — loop until clean |
+| 13 | Commit (`/sk:smart-commit`) | not yet | conditional |
+| 14 | **Verify Tests** (`/sk:test`) | not yet | HARD GATE — 100% coverage |
+| 15 | Commit (`/sk:smart-commit`) | not yet | conditional |
+| 16 | **Security** (`/sk:security-check`) | not yet | HARD GATE — 0 issues |
+| 17 | Commit (`/sk:smart-commit`) | not yet | conditional |
+| 18 | Performance (`/sk:perf`) | not yet | optional gate |
+| 19 | Commit (`/sk:smart-commit`) | not yet | conditional |
+| 20 | **Review + Simplify** (`/sk:review`) | not yet | HARD GATE — 0 issues |
+| 21 | Commit (`/sk:smart-commit`) | not yet | conditional |
+| 22 | **E2E** (`/sk:e2e`) | not yet | HARD GATE — all E2E scenarios must pass |
+| 23 | Commit (`/sk:smart-commit`) | not yet | conditional — skip if E2E was clean |
+| 24 | Update (`/sk:update-task`) | not yet | |
+| 25 | Finalize (`/sk:finish-feature`) | not yet | |
+| 26 | Sync Features (`/sk:features`) | not yet | required — sync feature specs after ship |
+| 27 | Release (`/sk:release`) | not yet | optional |

package/skills/sk:setup-optimizer/SKILL.md

@@ -43,7 +43,7 @@ Before making any changes, runs a diagnostic pass on the existing CLAUDE.md:
 - **Stale content** — detects outdated info (stale model/route counts, removed dependencies, old command names like `/laravel-lint` instead of `/sk:lint`)
 - **Inconsistencies** — compares documented vs actual project state (directories, scripts, workflows)
 - **Section completeness** — flags sections that exist but are empty or have only placeholder text
-- **Outdated workflow** — checks if the workflow matches the current 24-step TDD flow with hard gates
+- **Outdated workflow** — checks if the workflow matches the current 27-step TDD flow with hard gates
 
 Reports findings before proceeding. If issues are found, they inform subsequent steps.
 
@@ -51,15 +51,15 @@ Reports findings before proceeding. If issues are found, they inform subsequent
 
 If the workflow section is outdated or missing, replace it with the latest version:
 
-**Current workflow (24 steps, TDD with hard gates):**
+**Current workflow (27 steps, TDD with hard gates):**
 ```
-Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → Finish
+Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → E2E Tests → Finish → Sync Features
 ```
 
 **What gets updated:**
-- Workflow table (24 steps with correct commands: `/sk:write-tests`, `/sk:lint`, `/sk:test`, `/sk:accessibility`, `/sk:perf`)
+- Workflow table (27 steps with correct commands: `/sk:write-tests`, `/sk:lint`, `/sk:test`, `/sk:accessibility`, `/sk:perf`, `/sk:e2e`)
 - Step details (TDD red/green/verify descriptions)
-- Tracker rules (hard gates at 12, 14, 16, 20; optional steps 4, 5, 7, 18, 24)
+- Tracker rules (hard gates at 12, 14, 16, 20, 22; optional steps 4, 5, 8, 18, 27)
 - Step completion summary rule (NON-NEGOTIABLE)
 - Bug fix flow section
 - Sub-Agent Patterns section (if missing)
@@ -67,6 +67,8 @@ Read → Explore → Design → Accessibility → Plan → Branch → Migrate
 - Lessons Capture section (if missing)
 - Testing TDD section (if missing)
 - 3-Strike Protocol (if missing)
+- Fix & Retest Protocol section (if missing)
+- Requirement Change Flow section (if missing)
 
 **What gets preserved:**
 - Everything marked with `<!-- LOCK -->` is never touched

package/skills/sk:test/SKILL.md

@@ -154,6 +154,23 @@ All detected suites pass with 100% coverage on new code. Both lines of the repor
 
 ---
 
+## Fix & Retest Protocol
+
+When a test failure requires an implementation fix, classify the fix before committing:
+
+**a. Bug fix — same behavior contract** (the code was wrong, the test expectation was right) → fix the implementation, re-run `/sk:test`. No test update needed.
+
+**b. Logic change** (new behavior, changed data contract, modified function signature, new code path) → trigger protocol:
+1. Update or add failing unit tests to reflect the new behavior (RED first)
+2. Fix the implementation to make the updated tests pass (GREEN)
+3. Re-run `/sk:test` — must pass at 100% coverage
+4. Commit (tests + fix together in one commit)
+5. Re-run the gate that triggered this fix (Security, Performance, Review, or E2E)
+
+**Why this matters:** quality gates (Security, Performance, Review, E2E) run after tests pass. If those gates require logic fixes, tests can become stale. This protocol ensures tests always reflect the actual implementation.
+
+---
+
 ## Model Routing
 
 Read `.shipkit/config.json` from the project root if it exists.