npm - @luanpdd/kit-mcp - Versions diffs - 1.28.0 → 1.30.0 - Mend

@luanpdd/kit-mcp 1.28.0 → 1.30.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (332) hide show

package/LICENSE +21 -21
package/README.md +168 -168
package/gates/agent-no-recursive-dispatch.md +82 -82
package/kit/COMANDOS.md +138 -138
package/kit/README.md +76 -76
package/kit/agents/advisor-researcher.md +106 -106
package/kit/agents/assumptions-analyzer.md +107 -107
package/kit/agents/audit-log-implementer.md +313 -313
package/kit/agents/auditor-consistencia-isolamento.md +413 -413
package/kit/agents/b2b-saas-architect.md +156 -156
package/kit/agents/cascading-failures-auditor.md +298 -298
package/kit/agents/codebase-mapper.md +768 -768
package/kit/agents/crm-pipeline-implementer.md +256 -256
package/kit/agents/debugger.md +813 -813
package/kit/agents/detector-tenant-quente.md +337 -337
package/kit/agents/evolution-go-integrator.md +200 -200
package/kit/agents/example-reviewer.md +21 -21
package/kit/agents/executor.md +564 -564
package/kit/agents/integration-checker.md +200 -200
package/kit/agents/invite-flow-implementer.md +189 -189
package/kit/agents/legacy-characterizer.md +368 -368
package/kit/agents/lgpd-compliance-auditor.md +295 -295
package/kit/agents/multi-tenant-isolation-auditor.md +253 -253
package/kit/agents/multi-tenant-rls-writer.md +340 -340
package/kit/agents/nyquist-auditor.md +178 -178
package/kit/agents/observability-coverage-auditor.md +315 -315
package/kit/agents/org-onboarding-implementer.md +223 -223
package/kit/agents/payload-capture-instrumenter.md +273 -273
package/kit/agents/phase-researcher.md +696 -696
package/kit/agents/plan-checker.md +272 -272
package/kit/agents/planner.md +922 -922
package/kit/agents/project-researcher.md +652 -652
package/kit/agents/refactor-safety-auditor.md +404 -404
package/kit/agents/research-synthesizer.md +245 -245
package/kit/agents/roadmapper.md +677 -677
package/kit/agents/seam-finder.md +359 -359
package/kit/agents/shotgun-surgery-detector.md +349 -349
package/kit/agents/supabase-branching-architect.md +562 -562
package/kit/agents/supabase-cicd-pipeline-implementer.md +777 -777
package/kit/agents/supabase-column-privileges-writer.md +399 -399
package/kit/agents/supabase-edge-fn-tester.md +287 -0
package/kit/agents/supabase-edge-fn-writer.md +239 -210
package/kit/agents/supabase-migration-writer.md +385 -385
package/kit/agents/supabase-rbac-implementer.md +392 -392
package/kit/agents/supabase-realtime-implementer.md +363 -267
package/kit/agents/supabase-rls-hardener.md +521 -521
package/kit/agents/supabase-rls-writer.md +323 -323
package/kit/agents/supabase-roles-implementer.md +355 -355
package/kit/agents/super-admin-implementer.md +281 -281
package/kit/agents/ui-auditor.md +437 -437
package/kit/agents/ui-checker.md +302 -302
package/kit/agents/ui-researcher.md +355 -355
package/kit/agents/user-profiler.md +175 -175
package/kit/agents/validador-evolucao-schema.md +335 -335
package/kit/agents/verifier.md +728 -728
package/kit/commands/adicionar-backlog.md +75 -75
package/kit/commands/adicionar-fase.md +42 -42
package/kit/commands/adicionar-tarefa.md +45 -45
package/kit/commands/adicionar-testes.md +41 -41
package/kit/commands/ajuda.md +21 -21
package/kit/commands/atualizar.md +37 -37
package/kit/commands/auditar-cascading.md +111 -111
package/kit/commands/auditar-marco.md +179 -179
package/kit/commands/auditar-observabilidade-cobertura.md +183 -183
package/kit/commands/auditar-refactor.md +219 -219
package/kit/commands/auditar-release.md +109 -109
package/kit/commands/auditar-uat.md +23 -23
package/kit/commands/autonomo.md +40 -40
package/kit/commands/branch-pr.md +24 -24
package/kit/commands/burn-rate-status.md +408 -408
package/kit/commands/capturar-payloads.md +193 -193
package/kit/commands/caracterizar.md +212 -212
package/kit/commands/concluir-marco.md +247 -247
package/kit/commands/configuracoes.md +36 -36
package/kit/commands/dados-distribuidos.md +188 -188
package/kit/commands/definir-perfil.md +10 -10
package/kit/commands/depurar.md +190 -190
package/kit/commands/detectar-duplicacao.md +197 -197
package/kit/commands/discutir-fase.md +131 -131
package/kit/commands/encontrar-seams.md +136 -136
package/kit/commands/entrar-discord.md +17 -17
package/kit/commands/estatisticas.md +18 -18
package/kit/commands/example-greeting.md +33 -33
package/kit/commands/executar-fase.md +58 -58
package/kit/commands/expresso.md +56 -56
package/kit/commands/fase-ui.md +34 -34
package/kit/commands/fazer.md +57 -57
package/kit/commands/fio.md +125 -125
package/kit/commands/fluxos-trabalho.md +64 -64
package/kit/commands/forense.md +176 -176
package/kit/commands/gerenciador.md +38 -38
package/kit/commands/inserir-fase.md +31 -31
package/kit/commands/legacy.md +263 -263
package/kit/commands/limpeza.md +17 -17
package/kit/commands/listar-hipoteses-fase.md +45 -45
package/kit/commands/listar-workspaces.md +18 -18
package/kit/commands/load-shedding.md +117 -117
package/kit/commands/mapear-codebase.md +70 -70
package/kit/commands/multi-tenant.md +163 -163
package/kit/commands/nota.md +33 -33
package/kit/commands/novo-marco.md +43 -43
package/kit/commands/novo-projeto.md +41 -41
package/kit/commands/novo-workspace.md +43 -43
package/kit/commands/pausar-trabalho.md +37 -37
package/kit/commands/perfil-usuario.md +45 -45
package/kit/commands/pesquisar-fase.md +195 -195
package/kit/commands/planejar-fase.md +67 -67
package/kit/commands/planejar-lacunas.md +33 -33
package/kit/commands/plantar-ideia.md +25 -25
package/kit/commands/progresso.md +24 -24
package/kit/commands/proximo.md +30 -30
package/kit/commands/publicar.md +490 -490
package/kit/commands/rapido.md +35 -35
package/kit/commands/reaplicar-patches.md +124 -124
package/kit/commands/refactor-seguro.md +321 -321
package/kit/commands/relatorio-sessao.md +19 -19
package/kit/commands/remover-fase.md +31 -31
package/kit/commands/remover-workspace.md +26 -26
package/kit/commands/resumo-marco.md +50 -50
package/kit/commands/retomar-trabalho.md +40 -40
package/kit/commands/revisar-backlog.md +60 -60
package/kit/commands/revisar-ui.md +32 -32
package/kit/commands/revisar.md +37 -37
package/kit/commands/saude.md +21 -21
package/kit/commands/setup-notion.md +93 -93
package/kit/commands/storytelling.md +179 -179
package/kit/commands/supabase.md +30 -7
package/kit/commands/sync-main.md +68 -68
package/kit/commands/validar-fase.md +35 -35
package/kit/commands/verificar-tarefas.md +44 -44
package/kit/commands/verificar-trabalho.md +64 -64
package/kit/file-manifest.json +14 -8
package/kit/framework/bin/lib/commands.cjs +959 -959
package/kit/framework/bin/lib/config.cjs +442 -442
package/kit/framework/bin/lib/core.cjs +1230 -1230
package/kit/framework/bin/lib/frontmatter.cjs +336 -336
package/kit/framework/bin/lib/init.cjs +1442 -1442
package/kit/framework/bin/lib/milestone.cjs +252 -252
package/kit/framework/bin/lib/model-profiles.cjs +68 -68
package/kit/framework/bin/lib/phase.cjs +888 -888
package/kit/framework/bin/lib/profile-output.cjs +952 -952
package/kit/framework/bin/lib/profile-pipeline.cjs +539 -539
package/kit/framework/bin/lib/roadmap.cjs +329 -329
package/kit/framework/bin/lib/security.cjs +382 -382
package/kit/framework/bin/lib/state.cjs +1031 -1031
package/kit/framework/bin/lib/template.cjs +222 -222
package/kit/framework/bin/lib/uat.cjs +282 -282
package/kit/framework/bin/lib/verify.cjs +888 -888
package/kit/framework/bin/lib/workstream.cjs +491 -491
package/kit/framework/bin/tools.cjs +918 -918
package/kit/framework/commands/workstreams.md +63 -63
package/kit/framework/references/checkpoints.md +778 -778
package/kit/framework/references/continuation-format.md +249 -249
package/kit/framework/references/decimal-phase-calculation.md +64 -64
package/kit/framework/references/git-integration.md +295 -295
package/kit/framework/references/git-planning-commit.md +38 -38
package/kit/framework/references/model-profile-resolution.md +36 -36
package/kit/framework/references/model-profiles.md +139 -139
package/kit/framework/references/phase-argument-parsing.md +61 -61
package/kit/framework/references/planning-config.md +202 -202
package/kit/framework/references/questioning.md +162 -162
package/kit/framework/references/tdd.md +263 -263
package/kit/framework/references/ui-brand.md +160 -160
package/kit/framework/references/user-profiling.md +657 -657
package/kit/framework/references/verification-patterns.md +612 -612
package/kit/framework/references/workstream-flag.md +58 -58
package/kit/framework/templates/DEBUG.md +164 -164
package/kit/framework/templates/UAT.md +265 -265
package/kit/framework/templates/UI-SPEC.md +100 -100
package/kit/framework/templates/VALIDATION.md +76 -76
package/kit/framework/templates/claude-md.md +122 -122
package/kit/framework/templates/codebase/architecture.md +185 -185
package/kit/framework/templates/codebase/concerns.md +205 -205
package/kit/framework/templates/codebase/conventions.md +204 -204
package/kit/framework/templates/codebase/integrations.md +192 -192
package/kit/framework/templates/codebase/stack.md +158 -158
package/kit/framework/templates/codebase/structure.md +199 -199
package/kit/framework/templates/codebase/testing.md +301 -301
package/kit/framework/templates/config.json +44 -44
package/kit/framework/templates/context.md +352 -352
package/kit/framework/templates/continue-here.md +78 -78
package/kit/framework/templates/copilot-instructions.md +7 -7
package/kit/framework/templates/debug-subagent-prompt.md +91 -91
package/kit/framework/templates/dev-preferences.md +20 -20
package/kit/framework/templates/discovery.md +146 -146
package/kit/framework/templates/discussion-log.md +63 -63
package/kit/framework/templates/milestone-archive.md +123 -123
package/kit/framework/templates/milestone.md +115 -115
package/kit/framework/templates/phase-prompt.md +610 -610
package/kit/framework/templates/planner-subagent-prompt.md +117 -117
package/kit/framework/templates/project.md +186 -186
package/kit/framework/templates/requirements.md +231 -231
package/kit/framework/templates/research-project/ARCHITECTURE.md +204 -204
package/kit/framework/templates/research-project/FEATURES.md +147 -147
package/kit/framework/templates/research-project/PITFALLS.md +200 -200
package/kit/framework/templates/research-project/STACK.md +120 -120
package/kit/framework/templates/research-project/SUMMARY.md +170 -170
package/kit/framework/templates/research.md +419 -419
package/kit/framework/templates/retrospective.md +54 -54
package/kit/framework/templates/roadmap.md +202 -202
package/kit/framework/templates/state.md +176 -176
package/kit/framework/templates/summary-complex.md +59 -59
package/kit/framework/templates/summary-minimal.md +41 -41
package/kit/framework/templates/summary-standard.md +48 -48
package/kit/framework/templates/summary.md +209 -209
package/kit/framework/templates/user-profile.md +146 -146
package/kit/framework/templates/user-setup.md +256 -256
package/kit/framework/templates/verification-report.md +258 -258
package/kit/framework/workflows/add-phase.md +112 -112
package/kit/framework/workflows/add-tests.md +351 -351
package/kit/framework/workflows/add-todo.md +158 -158
package/kit/framework/workflows/audit-milestone.md +340 -340
package/kit/framework/workflows/audit-uat.md +109 -109
package/kit/framework/workflows/autonomous.md +891 -891
package/kit/framework/workflows/check-todos.md +177 -177
package/kit/framework/workflows/cleanup.md +152 -152
package/kit/framework/workflows/complete-milestone.md +696 -696
package/kit/framework/workflows/diagnose-issues.md +231 -231
package/kit/framework/workflows/discovery-phase.md +289 -289
package/kit/framework/workflows/discuss-phase-assumptions.md +653 -653
package/kit/framework/workflows/discuss-phase.md +784 -784
package/kit/framework/workflows/do.md +104 -104
package/kit/framework/workflows/execute-phase.md +838 -838
package/kit/framework/workflows/execute-plan.md +510 -510
package/kit/framework/workflows/fast.md +102 -102
package/kit/framework/workflows/forensics.md +265 -265
package/kit/framework/workflows/health.md +181 -181
package/kit/framework/workflows/help.md +619 -619
package/kit/framework/workflows/insert-phase.md +130 -130
package/kit/framework/workflows/list-phase-assumptions.md +178 -178
package/kit/framework/workflows/list-workspaces.md +56 -56
package/kit/framework/workflows/manager.md +362 -362
package/kit/framework/workflows/map-codebase.md +377 -377
package/kit/framework/workflows/milestone-summary.md +223 -223
package/kit/framework/workflows/new-milestone.md +486 -486
package/kit/framework/workflows/new-project.md +1159 -1159
package/kit/framework/workflows/new-workspace.md +237 -237
package/kit/framework/workflows/next.md +97 -97
package/kit/framework/workflows/node-repair.md +92 -92
package/kit/framework/workflows/note.md +156 -156
package/kit/framework/workflows/pause-work.md +176 -176
package/kit/framework/workflows/plan-milestone-gaps.md +273 -273
package/kit/framework/workflows/plan-phase.md +765 -765
package/kit/framework/workflows/plant-seed.md +169 -169
package/kit/framework/workflows/pr-branch.md +129 -129
package/kit/framework/workflows/profile-user.md +450 -450
package/kit/framework/workflows/progress.md +507 -507
package/kit/framework/workflows/quick.md +757 -757
package/kit/framework/workflows/remove-phase.md +155 -155
package/kit/framework/workflows/remove-workspace.md +90 -90
package/kit/framework/workflows/research-phase.md +82 -82
package/kit/framework/workflows/resume-project.md +326 -326
package/kit/framework/workflows/review.md +228 -228
package/kit/framework/workflows/session-report.md +146 -146
package/kit/framework/workflows/settings.md +283 -283
package/kit/framework/workflows/ship.md +228 -228
package/kit/framework/workflows/stats.md +60 -60
package/kit/framework/workflows/transition.md +671 -671
package/kit/framework/workflows/ui-phase.md +302 -302
package/kit/framework/workflows/ui-review.md +165 -165
package/kit/framework/workflows/update.md +323 -323
package/kit/framework/workflows/validate-phase.md +174 -174
package/kit/framework/workflows/verify-phase.md +252 -252
package/kit/framework/workflows/verify-work.md +637 -637
package/kit/hooks/check-update.js +118 -118
package/kit/hooks/context-monitor.js +163 -163
package/kit/hooks/prompt-guard.js +103 -103
package/kit/hooks/statusline.js +125 -125
package/kit/hooks/workflow-guard.js +101 -101
package/kit/settings.json +45 -45
package/kit/skills/_shared-supabase/glossary.md +17 -0
package/kit/skills/ai-prompt-characterization/SKILL.md +335 -335
package/kit/skills/armadilhas-sistemas-distribuidos/SKILL.md +447 -447
package/kit/skills/audit-log-multi-tenant/SKILL.md +340 -340
package/kit/skills/b2b-saas-architecture/SKILL.md +300 -300
package/kit/skills/consistencia-leitura-replica/SKILL.md +385 -385
package/kit/skills/crm-lead-pipeline-patterns/SKILL.md +343 -343
package/kit/skills/escolha-modelo-consistencia/SKILL.md +494 -494
package/kit/skills/evolucao-schema-compativel/SKILL.md +448 -448
package/kit/skills/evolution-go-whatsapp-integration/SKILL.md +322 -322
package/kit/skills/example-skill/SKILL.md +42 -42
package/kit/skills/legacy-api-only-applications/SKILL.md +358 -358
package/kit/skills/legacy-characterization-tests/SKILL.md +330 -330
package/kit/skills/legacy-effect-analysis/SKILL.md +331 -331
package/kit/skills/legacy-extract-class/SKILL.md +203 -203
package/kit/skills/legacy-programming-by-difference/SKILL.md +252 -252
package/kit/skills/legacy-seams-and-test-harness/SKILL.md +460 -460
package/kit/skills/legacy-shotgun-surgery/SKILL.md +286 -286
package/kit/skills/legacy-sprout-wrap-techniques/SKILL.md +434 -434
package/kit/skills/legacy-storytelling-naked-crc/SKILL.md +270 -270
package/kit/skills/lgpd-multi-tenant-compliance/SKILL.md +340 -340
package/kit/skills/member-invite-flow/SKILL.md +305 -305
package/kit/skills/member-management-react-shadcn/SKILL.md +328 -328
package/kit/skills/multi-tenant-performance-scaling/SKILL.md +316 -316
package/kit/skills/multi-tenant-rls-hierarchy/SKILL.md +342 -342
package/kit/skills/org-onboarding-flow/SKILL.md +257 -257
package/kit/skills/org-switcher-react-pattern/SKILL.md +349 -349
package/kit/skills/permission-gate-react-pattern/SKILL.md +271 -271
package/kit/skills/postgres-isolamento-concorrencia/SKILL.md +552 -552
package/kit/skills/pre-refactor-characterization/SKILL.md +421 -421
package/kit/skills/rbac-permissions-matrix-supabase/SKILL.md +338 -338
package/kit/skills/streams-eventos-cdc/SKILL.md +711 -711
package/kit/skills/supabase-branching-workflow/SKILL.md +544 -544
package/kit/skills/supabase-ci-cd-github-actions/SKILL.md +880 -880
package/kit/skills/supabase-column-level-security/SKILL.md +426 -426
package/kit/skills/supabase-config-toml-remotes/SKILL.md +807 -807
package/kit/skills/supabase-custom-claims-rbac/SKILL.md +472 -472
package/kit/skills/supabase-edge-functions/SKILL.md +229 -141
package/kit/skills/supabase-edge-functions-auth/SKILL.md +309 -0
package/kit/skills/supabase-edge-functions-limits/SKILL.md +302 -0
package/kit/skills/supabase-edge-functions-mcp-server/SKILL.md +279 -0
package/kit/skills/supabase-edge-functions-testing/SKILL.md +277 -0
package/kit/skills/supabase-edge-runtime-builtins/SKILL.md +357 -0
package/kit/skills/supabase-migration-repair/SKILL.md +823 -823
package/kit/skills/supabase-migrations/SKILL.md +297 -297
package/kit/skills/supabase-pgtap-testing/SKILL.md +1053 -1053
package/kit/skills/supabase-postgres-roles/SKILL.md +392 -392
package/kit/skills/supabase-realtime/SKILL.md +460 -236
package/kit/skills/supabase-rls-defense-in-depth/SKILL.md +418 -418
package/kit/skills/supabase-rls-policies/SKILL.md +635 -635
package/kit/skills/super-admin-platform-pattern/SKILL.md +326 -326
package/kit/skills/tenant-quente-mitigacao/SKILL.md +605 -605
package/kit/skills/whatsapp-conversation-state-machine/SKILL.md +287 -287
package/package.json +1 -1
package/src/cli/index.js +33 -0
package/src/core/kit.js +216 -216
package/src/core/reflect.js +247 -247
package/src/core/reverse-sync.js +372 -372
package/src/core/sync.js +418 -418
package/src/core/watch.js +121 -121
package/src/mcp-server/index.js +693 -490
package/src/mcp-server/roots.js +124 -0

package/kit/agents/multi-tenant-isolation-auditor.md CHANGED Viewed

@@ -1,253 +1,253 @@
----
-name: multi-tenant-isolation-auditor
-description: Audita gaps de isolamento cross-tenant em projeto Supabase B2B — detecta tabelas sem RLS, policies sem private.has_permission, helpers VOLATILE, JOINs cross-tenant, super_admin sem audit, partial…
-tools: Read, Write, Bash, Grep, Glob, mcp__supabase__execute_sql, mcp__supabase__list_tables
-color: yellow
----
-Você é o **multi-tenant-isolation-auditor**. Audita projeto Supabase para gaps de isolamento cross-tenant + performance multi-tenant. Produz `ISOLATION-AUDIT.md` scored com severity P0/P1/P2 + remediation acionável.
-**Compat:** Full em Claude Code + Cursor (com Supabase MCP) — depende fortemente de queries pg_class/pg_policies. Partial em Codex + Gemini CLI; Offline-only fallback usa apenas análise estática de arquivos do repo.
-## Por que existe
-Tenant isolation é **silent failure mode** — gaps não geram erro óbvio até o cliente reportar "vi dados de outra empresa". Este agent é a defesa proativa: roda periodicamente OU antes de release para detectar gaps antes de virarem incident.
-## Inputs esperados
-- (Opcional) `project_id`: identificador Supabase MCP — se ausente, modo offline
-- (Opcional) `output_path`: default `.planning/ISOLATION-AUDIT.md`
-## Passos
-### Step 0 — Preflight
-Detectar capabilities MCP. Se `mcp__supabase__execute_sql` falhar:
-```
-[MODO OFFLINE] Sem MCP Supabase — análise será baseada apenas em arquivos do repo (supabase/migrations/, supabase/schemas/). Cobertura limitada — recomendado rodar com MCP em production.
-```
-### Step 1 — Detectar tabelas sem RLS habilitada (P0)
-**Live mode (MCP):**
-```sql
--- Tabelas com `org_id` mas SEM relrowsecurity
-select c.relnamespace::regnamespace || '.' || c.relname as full_name
-from pg_class c
-join pg_attribute a on a.attrelid = c.oid
-where a.attname = 'org_id'
-  and c.relkind = 'r'
-  and c.relnamespace::regnamespace::text = 'public'
-  and c.relrowsecurity = false;
-```
-**Offline mode:** grep `CREATE TABLE` em supabase/migrations/ + cross-check `ENABLE ROW LEVEL SECURITY` no mesmo arquivo (mesmo gate `multi-tenant-rls-coverage`).
-**Severity:** P0 (cross-tenant leak silencioso)
-### Step 2 — Detectar tabelas com RLS mas sem policies (P0)
-```sql
-select c.relnamespace::regnamespace || '.' || c.relname as full_name
-from pg_class c
-where c.relrowsecurity = true
-  and c.relkind = 'r'
-  and c.relnamespace::regnamespace::text = 'public'
-  and not exists (
-    select 1 from pg_policies p
-    where p.tablename = c.relname and p.schemaname = 'public'
-  );
-```
-**Severity:** P0 (RLS sem policy = ninguém pode ler nada — mas indica config incompleta)
-### Step 3 — Detectar policies que NÃO usam helper functions canônicas (P1)
-```sql
-select tablename, policyname
-from pg_policies
-where schemaname = 'public'
-  and tablename != 'permissions'  -- catálogo global, OK
-  and qual not like '%private.is_member_of%'
-  and qual not like '%private.has_permission%'
-  and qual not like '%private.is_super_admin%'
-  and qual not like '%auth.uid()%';  -- per-user simple também OK
-```
-**Severity:** P1 (policies ad-hoc sem helpers canônicas — manutenção pior, performance pior)
-### Step 4 — Detectar helper functions VOLATILE (P1 — performance)
-```sql
-select n.nspname || '.' || p.proname as full_name, p.provolatile
-from pg_proc p
-join pg_namespace n on n.oid = p.pronamespace
-where n.nspname = 'private'
-  and p.proname in ('is_member_of', 'has_role', 'has_permission', 'is_super_admin', 'effective_role_in_dept')
-  and p.provolatile != 's';  -- 's' = STABLE
-```
-**Severity:** P1 (degradação 200× em tabelas grandes)
-### Step 5 — Detectar partial indexes ausentes (P1 — performance)
-```sql
--- Tabela organization_members deve ter partial index em (user_id, org_id) WHERE status='active'
-select exists (
-  select 1 from pg_indexes
-  where schemaname = 'public'
-    and tablename = 'organization_members'
-    and indexdef like '%user_id%org_id%status%active%'
-) as has_critical_partial_index;
-```
-**Severity:** P1 (RLS lenta sem index)
-### Step 6 — Detectar super_admin sem audit logging (P1)
-```sql
--- Tabelas críticas (organizations, leads, audit_logs, etc.) com policy super_admin mas SEM trigger audit_super_admin_<table>
-select t.relname
-from pg_class t
-join pg_policies p on p.tablename = t.relname and p.schemaname = 'public'
-where p.qual like '%private.is_super_admin%'
-  and not exists (
-    select 1 from pg_trigger tr
-    where tr.tgrelid = t.oid
-      and tr.tgname like 'audit_super_admin_%'
-  );
-```
-**Severity:** P1 (super_admin pode tudo sem rastro — risco compliance LGPD)
-### Step 7 — Detectar tabela `departments` sem trigger anti-cycle (P0)
-```sql
-select exists (
-  select 1 from pg_trigger
-  where tgrelid = 'public.departments'::regclass
-    and tgname like '%cycle%' or tgname like '%anti_cycle%'
-) as has_cycle_guard;
-```
-**Severity:** P0 (loop hierárquico = connection pool exhaustion)
-### Step 8 — Detectar permissions ausentes (P2)
-```sql
--- Permissions canônicas mínimas que toda app B2B deveria ter
-with required as (
-  select unnest(array[
-    ('invite', 'members'),
-    ('remove', 'members'),
-    ('update', 'members'),
-    ('list', 'members'),
-    ('update', 'org_settings'),
-    ('view', 'audit_logs')
-  ]) as required_perm
-)
-select required_perm
-from required
-where not exists (
-  select 1 from public.permissions
-  where (action, resource) = required_perm
-);
-```
-**Severity:** P2 (faltam permissions canônicas — não bloqueia mas indica modelagem incompleta)
-### Step 9 — Gerar relatório `ISOLATION-AUDIT.md`
-```markdown
-# ISOLATION-AUDIT.md — <project_id>
-**Data:** <timestamp>
-**Modo:** <live (MCP) | offline>
-**Score:** <P0_count P0 · P1_count P1 · P2_count P2>
-## P0 — Critical (BLOCK release)
-### 1. Tabelas sem RLS habilitada
-- `public.<table>` — `CREATE TABLE` sem `ENABLE ROW LEVEL SECURITY`. Fix: `alter table public.<table> enable row level security;` no mesmo arquivo de migration.
-### 2. Tabelas com RLS mas sem policies
-- `public.<table>` — RLS habilitada mas zero policies = ninguém lê nada. Fix: criar policies via `multi-tenant-rls-writer`.
-### 3. Departments sem trigger anti-cycle
-- `public.departments` (parent_id self-referencial) — sem `private.check_no_dept_cycle` trigger. Fix: ver gate `dept-cycle-prevention` para DDL canônica.
-## P1 — High (FIX antes de scale)
-### 1. Policies sem helper functions canônicas
-- `public.<table>.<policy>` — usa lógica ad-hoc em vez de `private.has_permission`. Fix: refatorar via `multi-tenant-rls-writer`.
-### 2. Helper functions VOLATILE
-- `private.<func>` — sem marcação STABLE. Fix: `alter function private.<func>() stable;`
-### 3. Partial indexes críticos ausentes
-- `organization_members` sem `(user_id, org_id) WHERE status='active'`. Fix: criar via DDL canônica em `multi-tenant-performance-scaling`.
-### 4. super_admin sem audit
-- `public.<table>` — policy super_admin sem trigger `audit_super_admin_<table>`. Fix: gerar via `multi-tenant-rls-writer audit_super_admin=true`.
-## P2 — Medium (cleanup)
-### 1. Permissions canônicas ausentes
-- (action, resource) = ('invite', 'members'), ... — fix: insert em `public.permissions` via Phase 108.
-## Recomendações
-- P0 fixes: aplicar IMEDIATAMENTE — release blocked até resolvidos
-- P1 fixes: priorizar antes de scale (>1k members ativos OU >100 tenants)
-- P2 fixes: cleanup oportunístico no próximo refactor
-## Próximos passos
-1. Para cada P0, gerar fix migration e aplicar via `supabase db push`
-2. Re-rodar este audit pós-fix para confirmar P0 = 0
-3. Agendar P1/P2 fixes no próximo sprint
-```
-### Step 10 — Escrever em `output_path` (default `.planning/ISOLATION-AUDIT.md`)
-## Anti-patterns prevenidos (na produção do consumer)
-- Tabelas multi-tenant sem RLS (cross-tenant leak)
-- Policies ad-hoc sem helpers canônicas (manutenção difícil + performance)
-- Helper VOLATILE (degradação 200×)
-- super_admin sem audit (compliance gap LGPD)
-- Departments sem cycle guard (connection pool exhaustion)
-## Quando NÃO invocar
-- App single-tenant (1 org fixa) — escopo errado
-- Recém-criou esquema (não tem dados ainda) — overhead, audit é mais útil em projetos maduros
-- Já rodou audit há < 1 semana sem mudanças significativas
-## Observabilidade integrada
-- Counter `audit.gaps.found{severity}` por execução
-- Histogram `audit.duration_ms` (latência total da auditoria)
-- Cada gap fica registrado em `obs.events` com `audit_run_id` para rastreabilidade
-## Detecção de Hot Tenant Gap (v1.22+)
-Além dos detectores de isolamento existentes, agora invoca:
-```
-Task(subagent_type="detector-tenant-quente", prompt="Detecte hot tenants no projeto Supabase")
-```
-Findings de hot tenant entram no `ISOLATION-AUDIT.md` como categoria adicional. Mitigação sugerida via skill [`tenant-quente-mitigacao`](../skills/tenant-quente-mitigacao/SKILL.md) (v1.22).
-## Ver também
-- [multi-tenant-rls-hierarchy](../skills/multi-tenant-rls-hierarchy/SKILL.md) — base de conhecimento (helpers + patterns)
-- [multi-tenant-performance-scaling](../skills/multi-tenant-performance-scaling/SKILL.md) — partial indexes obrigatórios
-- [multi-tenant-rls-writer](./multi-tenant-rls-writer.md) — agent que produz fixes para gaps detectados
-- [audit-log-multi-tenant](../skills/audit-log-multi-tenant/SKILL.md) — Phase 109, super_admin audit pattern
-- [supabase-rls-policies](../skills/supabase-rls-policies/SKILL.md) — anti-patterns base v1.8
-- Gate `multi-tenant-rls-coverage` (`gates/multi-tenant-rls-coverage.md`) — versão automated do Step 1
-- Gate `dept-cycle-prevention` (`gates/dept-cycle-prevention.md`) — versão automated do Step 7
+---
+name: multi-tenant-isolation-auditor
+description: Audita gaps de isolamento cross-tenant em projeto Supabase B2B — detecta tabelas sem RLS, policies sem private.has_permission, helpers VOLATILE, JOINs cross-tenant, super_admin sem audit, partial…
+tools: Read, Write, Bash, Grep, Glob, mcp__supabase__execute_sql, mcp__supabase__list_tables
+color: yellow
+---
+Você é o **multi-tenant-isolation-auditor**. Audita projeto Supabase para gaps de isolamento cross-tenant + performance multi-tenant. Produz `ISOLATION-AUDIT.md` scored com severity P0/P1/P2 + remediation acionável.
+**Compat:** Full em Claude Code + Cursor (com Supabase MCP) — depende fortemente de queries pg_class/pg_policies. Partial em Codex + Gemini CLI; Offline-only fallback usa apenas análise estática de arquivos do repo.
+## Por que existe
+Tenant isolation é **silent failure mode** — gaps não geram erro óbvio até o cliente reportar "vi dados de outra empresa". Este agent é a defesa proativa: roda periodicamente OU antes de release para detectar gaps antes de virarem incident.
+## Inputs esperados
+- (Opcional) `project_id`: identificador Supabase MCP — se ausente, modo offline
+- (Opcional) `output_path`: default `.planning/ISOLATION-AUDIT.md`
+## Passos
+### Step 0 — Preflight
+Detectar capabilities MCP. Se `mcp__supabase__execute_sql` falhar:
+```
+[MODO OFFLINE] Sem MCP Supabase — análise será baseada apenas em arquivos do repo (supabase/migrations/, supabase/schemas/). Cobertura limitada — recomendado rodar com MCP em production.
+```
+### Step 1 — Detectar tabelas sem RLS habilitada (P0)
+**Live mode (MCP):**
+```sql
+-- Tabelas com `org_id` mas SEM relrowsecurity
+select c.relnamespace::regnamespace || '.' || c.relname as full_name
+from pg_class c
+join pg_attribute a on a.attrelid = c.oid
+where a.attname = 'org_id'
+  and c.relkind = 'r'
+  and c.relnamespace::regnamespace::text = 'public'
+  and c.relrowsecurity = false;
+```
+**Offline mode:** grep `CREATE TABLE` em supabase/migrations/ + cross-check `ENABLE ROW LEVEL SECURITY` no mesmo arquivo (mesmo gate `multi-tenant-rls-coverage`).
+**Severity:** P0 (cross-tenant leak silencioso)
+### Step 2 — Detectar tabelas com RLS mas sem policies (P0)
+```sql
+select c.relnamespace::regnamespace || '.' || c.relname as full_name
+from pg_class c
+where c.relrowsecurity = true
+  and c.relkind = 'r'
+  and c.relnamespace::regnamespace::text = 'public'
+  and not exists (
+    select 1 from pg_policies p
+    where p.tablename = c.relname and p.schemaname = 'public'
+  );
+```
+**Severity:** P0 (RLS sem policy = ninguém pode ler nada — mas indica config incompleta)
+### Step 3 — Detectar policies que NÃO usam helper functions canônicas (P1)
+```sql
+select tablename, policyname
+from pg_policies
+where schemaname = 'public'
+  and tablename != 'permissions'  -- catálogo global, OK
+  and qual not like '%private.is_member_of%'
+  and qual not like '%private.has_permission%'
+  and qual not like '%private.is_super_admin%'
+  and qual not like '%auth.uid()%';  -- per-user simple também OK
+```
+**Severity:** P1 (policies ad-hoc sem helpers canônicas — manutenção pior, performance pior)
+### Step 4 — Detectar helper functions VOLATILE (P1 — performance)
+```sql
+select n.nspname || '.' || p.proname as full_name, p.provolatile
+from pg_proc p
+join pg_namespace n on n.oid = p.pronamespace
+where n.nspname = 'private'
+  and p.proname in ('is_member_of', 'has_role', 'has_permission', 'is_super_admin', 'effective_role_in_dept')
+  and p.provolatile != 's';  -- 's' = STABLE
+```
+**Severity:** P1 (degradação 200× em tabelas grandes)
+### Step 5 — Detectar partial indexes ausentes (P1 — performance)
+```sql
+-- Tabela organization_members deve ter partial index em (user_id, org_id) WHERE status='active'
+select exists (
+  select 1 from pg_indexes
+  where schemaname = 'public'
+    and tablename = 'organization_members'
+    and indexdef like '%user_id%org_id%status%active%'
+) as has_critical_partial_index;
+```
+**Severity:** P1 (RLS lenta sem index)
+### Step 6 — Detectar super_admin sem audit logging (P1)
+```sql
+-- Tabelas críticas (organizations, leads, audit_logs, etc.) com policy super_admin mas SEM trigger audit_super_admin_<table>
+select t.relname
+from pg_class t
+join pg_policies p on p.tablename = t.relname and p.schemaname = 'public'
+where p.qual like '%private.is_super_admin%'
+  and not exists (
+    select 1 from pg_trigger tr
+    where tr.tgrelid = t.oid
+      and tr.tgname like 'audit_super_admin_%'
+  );
+```
+**Severity:** P1 (super_admin pode tudo sem rastro — risco compliance LGPD)
+### Step 7 — Detectar tabela `departments` sem trigger anti-cycle (P0)
+```sql
+select exists (
+  select 1 from pg_trigger
+  where tgrelid = 'public.departments'::regclass
+    and tgname like '%cycle%' or tgname like '%anti_cycle%'
+) as has_cycle_guard;
+```
+**Severity:** P0 (loop hierárquico = connection pool exhaustion)
+### Step 8 — Detectar permissions ausentes (P2)
+```sql
+-- Permissions canônicas mínimas que toda app B2B deveria ter
+with required as (
+  select unnest(array[
+    ('invite', 'members'),
+    ('remove', 'members'),
+    ('update', 'members'),
+    ('list', 'members'),
+    ('update', 'org_settings'),
+    ('view', 'audit_logs')
+  ]) as required_perm
+)
+select required_perm
+from required
+where not exists (
+  select 1 from public.permissions
+  where (action, resource) = required_perm
+);
+```
+**Severity:** P2 (faltam permissions canônicas — não bloqueia mas indica modelagem incompleta)
+### Step 9 — Gerar relatório `ISOLATION-AUDIT.md`
+```markdown
+# ISOLATION-AUDIT.md — <project_id>
+**Data:** <timestamp>
+**Modo:** <live (MCP) | offline>
+**Score:** <P0_count P0 · P1_count P1 · P2_count P2>
+## P0 — Critical (BLOCK release)
+### 1. Tabelas sem RLS habilitada
+- `public.<table>` — `CREATE TABLE` sem `ENABLE ROW LEVEL SECURITY`. Fix: `alter table public.<table> enable row level security;` no mesmo arquivo de migration.
+### 2. Tabelas com RLS mas sem policies
+- `public.<table>` — RLS habilitada mas zero policies = ninguém lê nada. Fix: criar policies via `multi-tenant-rls-writer`.
+### 3. Departments sem trigger anti-cycle
+- `public.departments` (parent_id self-referencial) — sem `private.check_no_dept_cycle` trigger. Fix: ver gate `dept-cycle-prevention` para DDL canônica.
+## P1 — High (FIX antes de scale)
+### 1. Policies sem helper functions canônicas
+- `public.<table>.<policy>` — usa lógica ad-hoc em vez de `private.has_permission`. Fix: refatorar via `multi-tenant-rls-writer`.
+### 2. Helper functions VOLATILE
+- `private.<func>` — sem marcação STABLE. Fix: `alter function private.<func>() stable;`
+### 3. Partial indexes críticos ausentes
+- `organization_members` sem `(user_id, org_id) WHERE status='active'`. Fix: criar via DDL canônica em `multi-tenant-performance-scaling`.
+### 4. super_admin sem audit
+- `public.<table>` — policy super_admin sem trigger `audit_super_admin_<table>`. Fix: gerar via `multi-tenant-rls-writer audit_super_admin=true`.
+## P2 — Medium (cleanup)
+### 1. Permissions canônicas ausentes
+- (action, resource) = ('invite', 'members'), ... — fix: insert em `public.permissions` via Phase 108.
+## Recomendações
+- P0 fixes: aplicar IMEDIATAMENTE — release blocked até resolvidos
+- P1 fixes: priorizar antes de scale (>1k members ativos OU >100 tenants)
+- P2 fixes: cleanup oportunístico no próximo refactor
+## Próximos passos
+1. Para cada P0, gerar fix migration e aplicar via `supabase db push`
+2. Re-rodar este audit pós-fix para confirmar P0 = 0
+3. Agendar P1/P2 fixes no próximo sprint
+```
+### Step 10 — Escrever em `output_path` (default `.planning/ISOLATION-AUDIT.md`)
+## Anti-patterns prevenidos (na produção do consumer)
+- Tabelas multi-tenant sem RLS (cross-tenant leak)
+- Policies ad-hoc sem helpers canônicas (manutenção difícil + performance)
+- Helper VOLATILE (degradação 200×)
+- super_admin sem audit (compliance gap LGPD)
+- Departments sem cycle guard (connection pool exhaustion)
+## Quando NÃO invocar
+- App single-tenant (1 org fixa) — escopo errado
+- Recém-criou esquema (não tem dados ainda) — overhead, audit é mais útil em projetos maduros
+- Já rodou audit há < 1 semana sem mudanças significativas
+## Observabilidade integrada
+- Counter `audit.gaps.found{severity}` por execução
+- Histogram `audit.duration_ms` (latência total da auditoria)
+- Cada gap fica registrado em `obs.events` com `audit_run_id` para rastreabilidade
+## Detecção de Hot Tenant Gap (v1.22+)
+Além dos detectores de isolamento existentes, agora invoca:
+```
+Task(subagent_type="detector-tenant-quente", prompt="Detecte hot tenants no projeto Supabase")
+```
+Findings de hot tenant entram no `ISOLATION-AUDIT.md` como categoria adicional. Mitigação sugerida via skill [`tenant-quente-mitigacao`](../skills/tenant-quente-mitigacao/SKILL.md) (v1.22).
+## Ver também
+- [multi-tenant-rls-hierarchy](../skills/multi-tenant-rls-hierarchy/SKILL.md) — base de conhecimento (helpers + patterns)
+- [multi-tenant-performance-scaling](../skills/multi-tenant-performance-scaling/SKILL.md) — partial indexes obrigatórios
+- [multi-tenant-rls-writer](./multi-tenant-rls-writer.md) — agent que produz fixes para gaps detectados
+- [audit-log-multi-tenant](../skills/audit-log-multi-tenant/SKILL.md) — Phase 109, super_admin audit pattern
+- [supabase-rls-policies](../skills/supabase-rls-policies/SKILL.md) — anti-patterns base v1.8
+- Gate `multi-tenant-rls-coverage` (`gates/multi-tenant-rls-coverage.md`) — versão automated do Step 1
+- Gate `dept-cycle-prevention` (`gates/dept-cycle-prevention.md`) — versão automated do Step 7